Age | Commit message (Collapse) | Author | Files |
|
Backport patches to fix CVE-2016-7423 and CVE-2016-7908 of qemu.
(From OE-Core rev: 1f4c303fd64a4bc05882de01676f241f0df6da78)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
It is reported in qemu community that VM always exits with:
| 2016-10-17T07:33:40.393592Z qemu-kvm: Virtqueue size exceede
when VM is suspend and resume. Solution from the maintainer of virtio
is to merge following 3 commits:
http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6
http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c6
http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91e
The first 2 commits have been merged in qemu 2.7.0. Then apply the
third one.
(From OE-Core rev: db5b9254fbbc30e50b50c7c8cd1f04dcc965cd52)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Remove backported gcc5-port.patch
Remove 11_mips-link-tool.patch as there is nothing in the target file
(or the entire source tree) that resembles anything contained in the patch.
(From OE-Core rev: 221093e850fbc3c154e9069f1958384b59ba3f70)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
rpm2cpio is in ${PN}-common, but rpm2cpio.real is in ${PN}. This seperation
is really weird. Put them both in ${PN}-common.
(From OE-Core rev: 8a0af7e4ae8ba8ce0c7fd2a9f6ab7cc070f47af0)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
test.regrtest depends on most of python modules so require all of them.
[YOCTO #10522]
(From OE-Core rev: a8dc4bc039d1c01a78fdc1f727cbfc6f2feffe93)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes segfaults when doing partial linking and generaring binary objects
/tmp/binu/ld/ld-new -r -b binary -o etc_certs_ui_ca_pem.o etc_certs_ui_ca_pem
0 elf32_arm_count_additional_relocs (sec=0x79bf40) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:18210
1 0x000000000047635a in bfd_elf_final_link (abfd=abfd@entry=0x783250, info=info@entry=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elflink.c:11224
2 0x000000000044df7b in elf32_arm_final_link (abfd=0x783250, info=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:12131
3 0x0000000000418917 in ldwrite () at /mnt/a/work/oe/binutils-gdb/ld/ldwrite.c:577
4 0x000000000040365f in main (argc=<optimized out>, argv=<optimized out>) at /mnt/a/work/oe/binutils-gdb/ld/ldmain.c:433
gold works ok. The patch is already applied in master binutils
(From OE-Core rev: 00d1913520f1572fa7def865e57852c7f25b0ec4)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This error is visible when using clang but not when using gcc
this has been reported and fixed upstream.
llvm bug https://llvm.org/bugs/show_bug.cgi?id=29017
binutils bug https://sourceware.org/bugzilla/show_bug.cgi?id=20648
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This patch fixes an extramely rare race condition in creation of rpmdb
temporary directory. The "rpmdb-more-verbose-error-logging" patch is
still left in place, just for the case.
[YOCTO #9416]
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Patch taken from Binutils Bugzilla:
https://sourceware.org/bugzilla/show_bug.cgi?id=20649
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The previous string manipulations would result in the wrong string being used
for machines such as intel-corei7-64 as the sysroot was split at the first
hyphen (so would result in corei7 instead of corei7-64).
Change the logic so that it looks for processor-distro-os and uses the whole of
the processor field.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The other CMAKE_FIND_ROOT_PATH_MODE_* variables were already set to ONLY, but
PACKAGE was left out. Fix this so that cmake doesn't look on the host for cmake
modules when it should only be looking in the target sysroot.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fix a heap-based buffer overflow in yy_get_next_buffer()
(CVE-2016-6354).
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Flex has moved to github, update UPSTREAM_CHECK_URI.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
fixes checkuri AB failure.
V2] change to snaphot instead of ubuntu
ERROR: mklibs-native-0.1.41-r0 do_checkuri: Fetcher failure for URL: 'http://ftp.de.debian.org/debian/pool/main/m/mklibs/mklibs_0.1.41.tar.xz'. URL http://ftp.de.debian.org/debian/pool/main/m/mklibs/mklibs_0.1.41.tar.xz doesn't work
ERROR: mklibs-native-0.1.41-r0 do_checkuri: Function failed: do_checkuri
[ Yocto #10391]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Using the following setup (as specified in yocto sample code):
MACHINE = "qemux86-64"
require conf/multilib.conf
MULTILIBS = "multilib:libx32"
DEFAULTTUNE_virtclass-multilib-libx32 = "x86-64-x32"
We fail to compile simple CPP programs because CPP cannot
find relevant header files, looking for them in a non-existing place.
To fix this, we create a symlink of the name CPP expects and point it to
the corresponding existing directory.
[YOCTO#10354]
[YOCTO#10380]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch fixes broken "32" symlinks for multilib settings:
MACHINE = "qemuarm64"
require conf/multilib.conf
MULTILIBS = "multilib:lib32"
DEFAULTTUNE_virtclass-multilib-lib32 = "armv7a"
and
MACHINE = "qemux86-64"
require conf/multilib.conf
MULTILIBS = "multilib:libx32"
DEFAULTTUNE_virtclass-multilib-libx32 = "x86-64-x32"
[YOCTO#8642]
[YOCTO#10380]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add support for MIPS Release 6 ISA
Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
renameat calls under pseudo were losing extended attributes.
Backport the fix for this from pseudo upstream.
[YOCTO '10349]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
xmlto requires xsltproc to work correctly, it was being included
for the target, but may have been finding host contamination.
[YOCTO #10366]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This sets a good example and avoids unnecessarily contributing to
perceived complexity and cargo culting.
Motivating quote below:
< kergoth> the *original* intent was for the function/task to error via
whatever appropriate means, bb.fatal, whatever, and
funcfailed was what you'd catch if you were calling
exec_func/exec_task. that is, it's what those functions
raise, not what metadata functions should be raising
< kergoth> it didn't end up being used that way
< kergoth> but there's really never a reason to raise it yourself
FuncFailed.__init__ takes a 'name' argument rather than a 'msg'
argument, which also shows that the original purpose got lost.
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We don't autoreconf/libtoolize binutils as it has very strict requirements, so
extend our patching of the stock libtool to include two fixes to RPATH
behaviour, as part of the solution to ensure that native binaries don't have
RPATHs pointing at the host system's /usr/lib.
This generally doesn't cause a problem but it can cause some binaries (such as
ar) to abort on startup:
./x86_64-pokysdk-linux-ar: relocation error: /usr/lib/libc.so.6: symbol
_dl_starting_up, version GLIBC_PRIVATE not defined in file ld-linux.so.2 with
link time reference
The situation here is that ar is built and as it links to the host libc/loader
has an RPATH for /usr/lib. If tmp is wiped and then binutils is installed from
sstate relocation occurs and the loader changed to the sysroot, but there
remains a RPATH for /usr/lib. This means that the sysroot loader is used with
the host libc, which can be incompatible. By telling libtool that the host
library paths are in the default search path, and ensuring that all default
search paths are not added as RPATHs by libtool, the result is a binary that
links to what it should be linking to and nothing else.
[ YOCTO #9287 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was a clear typo in a function name, correct it.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
gcc-cross target recipes should not depend on SDK_SYS but started to
after recent changes. Remove the dependency to stop this (its caused
by shared code in do_install). The compiler names contain SDK_SYS
so changes would be correctly handled via other means.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When the client spawns a pseudo server, it starts out sending diagnostics
to stderr. This can be spammy in some cases with races during startup;
everything resolves, but we get scary-looking diagnostics. So shove
those into a log file.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Nicer for embedded devices which may have smaller stack limitations.
Signed-off-by: Kyle Russell <bkylerussell@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Arm is unusual in that we force it to "linux-gnueabi" and "linux" doesn't
build. This was causing problems for multilib configurations which were assuming
"linux" was the default compiler rather than linux-gnueabi.
This change does two things, ensures symlinks are generated for linux-gnueabi
and also adapts the libgcc code to account for the difference on arm.
It still needs to immediately expand/save TARGET_VENDOR but we defer
deciding what TARGET_OS should be until we know TARGET_ARCH (which the
multilib code may change).
[YOCTO #8642]
Note that sanity tests of a 32 bit arm multilib still break due to issues
with the kernel headers on a mixed bit system. This looks to be a general
headers issue for the platform though and a different type of bug.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We add a patch to report the progress, and at the same time
inform bitbake that progress can be extracted via the simple
'percent' progress handler.
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This will allow us to easily incorporate progress support
via bb.process.run()
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If we don't do this, the sstate checksums vary for dpkg-native depending
on which MACHINE is set and this is clearly incorrect. It leads
to dpkg-native rebuilding far too often.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This dependency was manually added in 3dec9ad1cd6a ("perl: module
overload rdpends on overloading") but was (mistakenly?) removed by
06d43a90acbe ("perl: 5.20.0 -> 5.22.0"). Restore it.
Signed-off-by: Nathan Lynch <nathan_lynch@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is obviously meant to be RDEPENDS.
Signed-off-by: Nathan Lynch <nathan_lynch@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When changing SDKMACHINE, we may encounter an error forcing us to wipe the TMP folder.
Since only SDK_ARCH is captured in the PN of the crosssdk recipes, changes to SDK_OS
result in conflicts. Eventually we hit the error:
ERROR: ...: The recipe <...> is trying to install files into a shared area when those files already exist.
The build has stopped as continuing in this scenario WILL break things
This patchset addresses the problem by SDK_SYS as the recipe name suffix instead
of SDK_ARCH.
[YOCTO #9281]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix CVE-2016-1238 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/cee96d52c39b1e7b36e1c62d38bcd8d86e9a41ab
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix CVE-2016-1000110 from python upstream:
for python2.7
https://hg.python.org/cpython/rev/ba915d561667/
for python3
https://hg.python.org/cpython/rev/a0ac52ed8f79
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Currently, prelink doesn't work unless base_libdir/libdir match
its hardcoded values. This patch manipulates those paths so that
they match the values set in the variables and handles multilib
configurations too. The manipulations only happen in the target
case, if needed.
[YOCTO #10282]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In a heavily loaded container, the child process might not started
before the parent process had terminated. The child process attempts to
signal the parent with SIGUSR1. If the parent had terminated, the
parent becomes PID 1, which is generally init. When it signaled pid 1,
it caused the docker mini-init to terminate.
This doesn't happen in a traditional system, as systemd/sysvinit is
protected to only root users can signal it.
[YOCTO #10324]
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These tools are relics of an earlier time when the Zaurus devices were
reference platforms - these days they are no longer needed. It seems
amazing that they survived earlier purges.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Explicitly set CMAKE_LIBRARY_PATH so that find_library() looks in the native
sysroot before the host.
Also pass --verbose to configure which sets CMAKE_VERBOSE_MAKEFILE for detailed
compile logs.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport patch to fix CVE-2015-8607 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/0b6f93036de171c12ba95d415e264d9cf7f4e1fd
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport patch to fix CVE-2016-6185 from perl upstream:
http://perl5.git.perl.org/perl.git/commitdiff/08e3451d7
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This adds the correct support for initfini-array which replaces .init
and .fini with .init-array and .fini-array. There is no appreciable
size difference with this change.
The change is needed since configure will not correctly detect support
when building cross-compilers.
Signed-off-by: Haitao Huang <haitao.huang@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By default cmake will auto-detect if a library is present on the host and if it
isn't present will use an internal fork. For some libraries using the internal
fork is preferable as it can be built with less dependencies, but for others
we're either already building it or the impact of building it is comparable to
internal build.
Continue to use the internal fork of libarchive as our libarchive-native has a
large number of build dependencies. Using the internal libarchive means that
system bzip2 and zlib must be used.
Explicitly use the internal fork of jsoncpp as we don't have this in oe-core.
Explicitly depend on curl-native, expat-native, and xz-native to ensure these
dependencies are not floating. curl-native is a non-trivial dependency but is
comparable to building the internal fork, so there's no reason to build it
twice.
Change bzip2-native to bzip2-replacement-native as bzip2-native is
ASSUME_PROVIDED.
[ YOCTO #9639 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The intention here was "everything but jsoncpp is system provided" so use the
convenience option to ensure this remains true in the future.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
40 character paths work OK for device nodes in /dev but not for
device nodes created in a chroot, LXC container, etc.
Since the 'path' array is already a 4k buffer, the sscanf 40
character limit seems to be a typo or historical mis-merge. Update
the sscanf limit and bring the code in sync with the Buildroot
version:
https://git.buildroot.net/buildroot/commit/?id=8876b6751e0bc19a3754290061808f0f8420708e
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
cve-check-tool is a program for public CVEs checking.
This tool also seek to determine if a vulnerability has
been addressed by a patch.
The recipe also includes the do_populate_cve_db task
that will populate the database used by the tool.
[YOCTO #7515]
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
cmake doesn't use autotools, the functions get replaced by either cmake.bbclass
(target) or the recipe itself (native) leaving just lots of superfluous
dependencies.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If you bump the PR of sgml-common and openjade-native but not sgml-
common-native, you will see a failure as files were removed from the
sysroot but still referenced by the sgml docbook catalog.
To properly handle this, the clean function needs to run at sstate
removal time, the problem is that this sstate removal can happen when
the metadata isn't present, so the correct removal commands are
unknown.
To avoid this, we need to write the commands into a "postrm" script
when we install the files, this can then be executed at sstate removal
time.
[YOCTO #8273]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Remove patch maxsize.patch already applied upstream.
* Add patch Skip-empty-section-fixes-66.patch to prevent errors like:
/
|ERROR: go-cross-1.6.2-r0 do_populate_sysroot_setscene: '('patchelf-uninative',
|'--set-interpreter', '/home/user/src/prj/build/tmp/sysroots-uninative/
|x86_64-linux/lib/ld-linux-x86-64.so.2', '/home/user/src/prj/build/tmp/
|work/x86_64-linux/go-cross/1.6.2-r0/sstate-install-populate_sysroot/x86_64-
|linux/usr/bin/aarch64-prj-linux/go')'
|failed with exit code 1 and the following output:
|cannot find section .rela.dyn
\
* Add patch handle-read-only-files.patch to fix error when building
eSKD, the following error appears on task do_testsdkext
/
|ERROR: db-native-6.0.30-r1 do_populate_sysroot_setscene: '('patchelf-uninative',
|'--set-interpreter', 'src/fsl-community-bsp/build/tmp/work/qemuarm-poky-linux-
|gnueabi/core-image-minimal/1.0-r0/testsdkext/tc/tmp/sysroots-uninative/
|x86_64-linux/lib/ld-linux-x86-64.so.2', 'src/fsl-community-bsp/build/tmp/work/
|qemuarm-poky-linux-gnueabi/core-image-minimal/1.0-r0/testsdkext/tc/tmp/work/
|x86_64-linux/db-native/6.0.30-r1/sstate-install-populate_sysroot/x86_64-linux/
|usr/bin/db_tuner')' failed with exit code 1 and the following output:
|b'open: Permission denied\n
\
* Add patch Increase-maxSize-to-64MB.patch to fix error described
bellow, the same issue is discussed here:
- https://github.com/NixOS/patchelf/issues/47
/
|ERROR: qemu-native-2.5.0-r1 do_populate_sysroot_setscene: '('patchelf-uninative',
|'--set-interpreter', '../build/tmp/sysroots-uninative/x86_64-linux/lib/
|ld-linux-x86-64.so.2', '../build/tmp/work/x86_64-linux/qemu-native/2.5.0-r1/
|sstate-install-populate_sysroot/x86_64-linux/usr/bin/qemu-mips64')'
|failed with exit code 1 and the following output:
|warning: working around a Linux kernel bug by creating a hole of 36032512
|bytes in ‘../build/tmp/work/x86_64-linux/qemu-native/2.5.0-r1/
|sstate-install-populate_sysroot/x86_64-linux/usr/bin/qemu-mips64’
|maximum file size exceeded
\
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|