| Age | Commit message (Collapse) | Author | Files |
|---|
|
Make sure the recipe version matches what we're
actually shipping, so that tools like cve-check
can do the right thing.
Rather than fetching version 3.2.48 and applying all
patches up to and including version 3.2.57, we just
fetch the latter in the first place.
(From OE-Core rev: 614ac87f2832c5359f371439559be88d6106cd6b)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
1. Filter the extra white space in intl.right
When the sub-test unicode2.sub of intl.tests executed, it produced
compact results without extra white space, compared to intl.right,
it failed.
So we need to filter the extra white space in intl.right.
Import this patch for intl.right from bash devel branch:
http://git.savannah.gnu.org/cgit/bash.git/log/?h=devel
Commit is:
85ec0778f9d778e1820fb8c0e3e996f2d1103b45
2. Change intl.right correspond to the unicode3.sub's output
In sub-test unicode3.sub of intl.tests have this:
printf %q "$payload"
The payload variable was assigned by ASCII characters, when using
'%q' format strings, it means print the associated argument shell-quoted.
When the strings contain the non-alpha && non-digit && non-punctuation &&
non-ISO 646 character(7-bit), it would output like this: " $'...', ANSI-C
style quoted string. We can check the bash source code at:
http://git.savannah.gnu.org/cgit/bash.git/tree/builtins/printf.def#n557
http://git.savannah.gnu.org/cgit/bash.git/tree/lib/sh/strtrans.c#n331
So we need to change the intl.right contain the correct output of unicode3.sub.
Import parts of this patch for intl.right from bash devel branch:
http://git.savannah.gnu.org/cgit/bash.git/log/?h=devel
Commit is:
74b8cbb41398b4453d8ba04d0cdd1b25f9dcb9e3
3. Add the sanity check for locales
When run the intl.tests, we need the following locales:
en_US & fr_FR & de_DE
So add the locales check for the intl.tests in run-ptest.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If security_flags.inc is included then bash 3.2.48 fails to build:
| ../bash-3.2.48/print_cmd.c:1152:3: error: format not a string literal and no format arguments [-Werror=format-security]
| cprintf (indentation_string);
Backport a patch from upstream to solve this.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Fix the following QA warning:
WARNING: bash-4.3.30-r0 do_package_qa: QA Issue: bash rdepends on libiconv,
but it isn't a build dependency, missing libiconv in DEPENDS
or PACKAGECONFIG? [build-deps]
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. redirect the stderr output of the command exec with -l option to
/dev/null.
Because when we run command exec with -l option in builtins.tests,
it is a login shell, so it would read the file /etc/profile, that
file executes the /usr/bin/resize which added by commit:
cc6360f4c4d97e0000f9d3545f381224ee99ce7d
The /usr/bin/resize is produced by busybox that source code resize.c
contains:
fprintf(stderr, ESC"7" ESC"[r" ESC"[999;999H" ESC"[6n");
In the end, it outputs an escape sequence to the stderr, so when we
compare the test output file /tmp/xx with builtins.right, it failed.
we need to redirect the stderr output to the /dev/null to solve the
problem.
2. ensure the target system contains the locales "en_US.UTF-8".
Because when run the run-builtins, it executes the source5.sub file
that contain:
LC_ALL=en_US.UTF-8
such as add the following to the local.conf:
IMAGE_LINGUAS_append = " en-us"
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Script bashbug and Makefile for ptest contain build related paths
which cause fail to pass buldpaths QA check.
Remove such paths from these 2 files.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Add user 'test' to fix the failure of 'the test suite should not
be run as root'(run-execscript and run-test)
Backport test case from git://git.sv.gnu.org/bash.git to fix run-execscript
and run-heredoc
Still failed cases:
FAIL: run-intl
FAIL: run-lastpipe
FAIL: run-trap
YOCTO: 5698
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Bash is failing trying to allocate memory [1] using the custom
memory allocator if we disable it the issue is fixed.
The major distributions also disabled by default [2], so we
don't have a good reason to use it.
The underlying issue is due to bash’s malloc using brk() calls
to allocate memory, which fail when address randomization is
enabled in kernel. sbrk() based custom allocators are obsolete.
There may be some performance impact of this however correctness
is more important.
[YOCTO #8452]
[1] https://bugzilla.yoctoproject.org/show_bug.cgi?id=8452#c0
[2] https://bugzilla.yoctoproject.org/show_bug.cgi?id=8452#c5
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If srcdir is not set, we get below error while running ptest for bash
on qemu target,
-- snip --
root@qemux86:/usr/lib/bash/ptest# ./run-ptest
/bin/sh: line 0: cd: /home/ajay/Downloads/poky-fido-13.0.0/build/tmp/work/i586-poky-linux/bash/4.3-r1/bash-4.3/tests: No such file or directory
Makefile:879: recipe for target 'runtest' failed
make: *** [runtest] Error 1
root@qemux86:/usr/lib/bash/ptest# vi run-ptest
root@qemux86:/usr/lib/bash/ptest#
-- CUT --
So, set srcdir to current directory, where tests binaries exist.
[YOCTO #8145]
Signed-off-by: Ajay M <ajay.gju@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Building the host tool 'mkbuiltins' will fail if the target CFLAGS
contains an option which isn't supported by the host's gcc. To prevent
the issue, define LDFLAGS_FOR_BUILD based on CFLAGS_FOR_BUILD instead
of CFLAGS.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove patch001 -> patch030 since they are already in source, add
patch031 -> patch039
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
If NON_INTERACTIVE_LOGIN_SHELLS is defined, all login shells read the
startup files, even if they are not interactive.
This is the behaviour of other major distros like Ubuntu and Fedora.
We also need to set it so that when executing `su -l xxx -c env' command,
/etc/profile is parsed.
[YOCTO #5359]
[YOCTO #7137]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It's Makefile has the two rules:
$(BUILTINS_LIBRARY): $(BUILTIN_DEFS) $(BUILTIN_C_SRC) config.h ${BASHINCDIR}/memalloc.h version.h
@(cd $(DEFDIR) && $(MAKE) $(MFLAGS) DEBUG=${DEBUG} libbuiltins.a ) || exit 1
${DEFDIR}/builtext.h: $(BUILTIN_DEFS)
@(cd $(DEFDIR) && $(MAKE) $(MFLAGS) builtext.h ) || exit 1
which causes parallel issues:
mkbuiltins.o: file not recognized: File truncated
collect2: ld returned 1 exit status
I don't have any good ideas to fix the problem, so disable parallel
build for it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
I used a for loop to build these packages more than 520 times, these
recipes never failed.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
It works well now, and bump the PR to avoid:
x86_64-poky-linux-ar: shmatch.o: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Disable autoheader by setting EXTRA_AUTORECONF to --exclude=autoheader instead
of setting AUTOHEADER to true.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
* /usr/bin/bashbug
Signed-off-by: Shiqun Lin <Shiqun.Lin@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
|
|
Update both bash 3.2.48 (to 57), and bash 4.3 (to 30) to fix the remaining
'shellshock' security issues, CVE-2014-6278.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We upgrade bash_4.3 to patch revision 29, and bash_3.2.48 to 56.
There are numerous community bug fixes included with this set, but the key
items are:
bash32-052 CVE-2014-6271 9/24/2014
bash32-053 CVE-2014-7169 9/26/2014
bash32-054 exported function namespace change 9/27/2014
bash32-055 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash32-056 CVE-2014-6277 10/2/2014
bash43-025 CVE-2014-6271 9/24/2014
bash43-026 CVE-2014-7169 9/26/2014
bash43-027 exported function namespace change 9/27/2014
bash43-028 CVE-2014-7186/CVE-2014-7187 10/1/2014
bash43-029 CVE-2014-6277 10/2/2014
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix
code execution via specially-crafted environment
Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2014-6271 aka ShellShock.
"GNU Bash through 4.3 processes trailing strings after function definitions in
the values of environment variables, which allows remote attackers to execute
arbitrary code via a crafted environment."
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The class itself currently does nothing. The idea is to mark all recipes that
make use of the texinfo utilities. In the future, this class could be used to
suppress the generation/formatting of documentation for performance,
explicitly track dependencies on these utilities, and eliminate Yocto's
current dependency on the host system's texinfo utilities.
Signed-off-by: Max Eliaser <max.eliaser@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The bash-4.2-patches is obsolete.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch goes through the OE-Core recipes and marks those which use autotools
but don't support a separate build directory (${S} != ${B}). A new class,
autotools-brokensep is used for this purpose.
This doesn't introduce any change in behaviour in its own right.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
1 Add base-files to RDEPENDS.
2 Use ${base_bindir} in regex to match bash path.
3 Add pkg_postrm to remove the entry from /etc/shells that added by
pkg_postinst.
Signed-off-by: Ming Liu <ming.liu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
bash: reference acl*.m4 from ${S}.
The build directory had been moved to ${WORKDIR}/build,
so we should reference acl*.m4 from ${S}.
Otherwise, the following configure error will be caught.
| cat: aclocal.m4: No such file or directory
| ERROR: Function failed: do_configure (log file is located at ...)
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
ptest support was already added for v4.2 but for the distros
using GPLv2 version of bash (3.2.48) this update is required.
Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
The bash Makefile defines a dependency on itself and tries to run configure,
causing error messages when running ptest on target:
make: *** No rule to make target `configure.in', needed by `configure'.
make: *** No rule to make target `aclocal.m4', needed by `configure'.
make: *** No rule to make target `config.h.in', needed by `configure'.
make: *** No rule to make target `Makefile.in', needed by `Makefile'.
make: Failed to remake makefile `Makefile'.
This patch edits out this dependency in the Makefile installed for ptest,
to get rid of these messages.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Björn Stenberg <bjst@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Same patch for non-gplv3 version:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=1fd9a16d2a4594a4e9179dc7353ac51ce32eb712
[YOCTO #3646]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Björn Stenberg <bjst@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
On hosts with FORTIFY_SOURCES, stringize support is required, as it's used by
the macros to wrap functions (e.g. read and open in unistd.h). Those wrappers
use the STRING() macro from unistd.h. A header in the bash sources overrides
the unistd.h macro to 'x' when HAVE_STRINGIZE is not defined, causing the
wrappers to generate calls to 'xread' and 'xopen', which do not exist,
resulting in a failure to link.
Assume we have stringize support when cross-compiling, which works around the
issue.
It may be best for upstream to either give up on supporting compilers without
stringize support, or to not define STRING() at all when FORTIFY_SOURCES is
defined, letting the unistd.h one be used, instead.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bash-3.2.48 did not provide the linking from sh to bash, making it unusable.
Moving the license part out of the bash.inc file, and into bash_4.2.bb file makes
us able to use that file also for bash_3.2.48.bb, which makes maintaining both
at the same time a lot easier.
Signed-off-by: Martin Ertsaas <mertsas@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As discussed on the mailing lists, using a suffix to package names is
hard and has lead to many recipes having to do PKGSUFFIX games. Its
looking extremely hard to scale nativesdk much further without hacking
many recipes.
By comparison, using a prefix like multilib does works much better and
doesn't involve "hacking" as many recipes. This change converts nativesdk
to use a prefix using the existing multilib infrastructure.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Change the installation process so we have bashbug in ${bindir} and
bash at ${base_bindir}.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The packaging changes to ncurses could break package feeds,
so bump the PR on everythong that DEPENDS on ncurses.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
This ensures bug 487 (missing job control functionality) really gets fixed.
[YOCTO #487]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
