| Age | Commit message (Collapse) | Author | Files |
|---|
|
We're on the margin of the 4GB size limit for certain image types with
this configuration. This is a temporary workaround to avoid total
failures whilst we figure out better ways to save space. On such a
large image, the standard 1.3 is large and 1.2 is reasonable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Skip members whose names contain "..".
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6321
Upstream patch:
http://git.savannah.gnu.org/cgit/tar.git/commit/?id=7340f67b9860ea0531c1450e5aa261c50f671
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1. Upgrade ltp from 20160126 to 20170116.
2. Delete some patches because these have been integrated in upstream.
0001-ltp-Don-t-link-against-libfl.patch
0006-sendfile-Use-off64_t-instead-of-__off64_t.patch
0007-replace-SIGCLD-with-SIGCHLD.patch
0009-Guard-error.h-with-__GLIBC__.patch
0012-fsstress.c-Replace-__int64_t-with-int64_t.patch
0013-include-fcntl.h-for-getting-O_-definitions.patch
0014-hyperthreading-Include-sys-types.h-for-pid_t-definit.patch
0015-mincore01-Rename-PAGESIZE-to-pagesize.patch
0016-ustat-Change-header-from-ustat.h-to-sys-ustat.h.patch
0017-replace-sigval_t-with-union-sigval.patch
0019-tomoyo-Replace-canonicalize_file_name-with-realpath.patch
0022-include-sys-types.h.patch
0029-trace_shed-Fix-build-with-musl.patch
0031-vma03-fix-page-size-offset-as-per-page-size-alignmen.patch
0032-regen.sh-Include-asm-unistd.h-explicitly.patch
0037-containers-netns_netlink-Avoid-segmentation-fault.patch
0038-run-posix-option-group-test-replace-CWD-qith-PWD.patch
0040-containers-userns05-use-unsigned-int-for-ns-id.patch
3. Add new patch based on Khem Raj's 0007-replace-SIGCLD-with-SIGCHLD.patch
0001-add-_GNU_SOURCE-to-pec_listener.c.patch
4. Add new patches fix building errors with musl:
0006-fix-PATH_MAX-undeclared-when-building-with-musl.patch
0007-fix-__WORDSIZE-undeclared-when-building-with-musl.patch
0009-fix-redefinition-of-struct-msgbuf-error-building-wit.patch
Add new patch fix building errors, when the distro is poky-lsb
0012-fix-faccessat01.c-build-fails-with-security-flags.patch
5. Modify some patches because the upstream contains changes, those patches
maybe failed when they apply to the new version of ltp.
0011-Rename-sigset-variable-to-sigset1.patch
0027-sysconf01-Use-_SC_2_C_VERSION-conditionally.patch
0030-lib-Use-PTHREAD_MUTEX_RECURSIVE-in-place-of-PTHREAD_.patch
0035-fix-test_proc_kill-hang.patch
6. Rename and modify this patch.
fcntl-fix-the-time-def-to-use-time_t.patch to
0039-fcntl-fix-the-time-def-to-use-time_t.patch
7. The new version of ltp add the checking for ksh and csh, we doesn't support
ksh and csh in oe-core, so remove the checking files when the system executes
do_install function.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Revert to the upstream server, now that we can handle .lz files.
License checksum changes are due to copyright years.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
ed tarballs are now available only in .lz format, which saves them
an amazing 30 kilobytes over gz.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport the patches for CVE-2014-9913 CVE-2016-9844
CVE-2016-9844:
Buffer overflow in the zi_short function in zipinfo.c in Info-Zip
UnZip 6.0 allows remote attackers to cause a denial of service
(crash) via a large compression method value in the central
directory file header.
CVE-2014-9913:
Buffer overflow in the list_files function in list.c in Info-Zip
UnZip 6.0 allows remote attackers to cause a denial of service
(crash) via vectors related to the compression method.
Patches come from:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/archivers/unzip/ or
https://release.debian.org/proposed-updates/stable_diffs/unzip_6.0-16+deb8u3.debdiff
Bug-Debian: https://bugs.debian.org/847486
Bug-Ubuntu: https://launchpad.net/bugs/1643750
(LOCAL REV: NOT UPSTREAM) --send to oe-core on 20170222
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The license checksum for doc/LICENSE is changed. It's a small change.
'2015' is changed to '2017'. Nothing else is changed. So the licenses
remain the same.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Manipulating stderr after freopen() fails as done by upstream
does not work with musl. The replacement is Unix specific
and uses open()/dup2().
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without this patch, linking fails with a missing implementation of
yy_scan_string. This looks like a regression in flex, because 2.6.0 generated
different code that called PrParser_scan_string
resp. DtParser_scan_string.
Working around that in acpica until this is better understood or fixed
in flex is the easiest solution for now.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
qemu support for UEFI in OE-core depends on OVMF, which needs the iasl
tools provided by this recipe. There's also an iasl recipe in
meta-luv, but than can and will be replaced by this one, thus reducing
overall maintenance work.
Copied from meta-openembedded rev fa65be9ba (current master).
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
|
|
1.6.0 -> 1.6.1
Refreshed the following patches:
a) 0001-configure-Add-option-to-enable-disable-libnfnetlink.patch
b) 0002-configure.ac-only-check-conntrack-when-libnfnetlink-enabled.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
These set of patches backported from upstream, which fixes the issues in
extracting hardlinks over softlinks while etracting packages by opkg.
Signed-off-by: Amarnath Valluri <amarnath.valluri@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Busybox implementation only supports head -1 option if ENABLE_INCLUDE_SUSv2
or ENABLE_FEATURE_FANCY_HEAD configuration options are enabled. Also the -and
option for find is only supported if ENABLE_DESKTOP configuration option is
enabled. These configuration options are not enabled in several builds, which is
why this patch is needed.
[YOCTO #11041]
Signed-off-by: Athanasios Oikonomou <athoik@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Otherwise, the filename is v${PV}.tar.gz which isn't straightforward.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
When DEPENDS=bzip2 becomes bzip2-native in libarchive-native,
the dependency ends up getting ignored because bzip2-native
is in ASSUME_PROVIDED.
But we need the library and thus have to depend on
bzip2-replacement-native, otherwise the build proceeds
without it despite the explicit --with-bz2lib.
(From OE-Core rev: 7ae1c93ab6df46dc88b0ffaa52778738849ff38d)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: d6d3346a2e465c1fc0e8e0896d8c6e7e1c49ee32)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 18033505a540a05d52cf98781f763215925e72a6)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
They are required by nativesdk-cve-check-tool.
(From OE-Core rev: 7252c6f1b4b9a63e3bac79c6eba1b66ab85e21b9)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
I discovered that we were not running autoreconf (and cannot due to the
unconvential file structure upstream), so manually run autoconf and move the
generated configure to the right place as we do already for gnu-configize.
Update no-x.patch (now that it is actually being used) so that it doesn't break
the build.
Patch out the use of INST_LIB_DIR in slsh/Makefile.in as this is the *target*
path, so is inappropriate to link to. This means we can remove the custom
do_install() which was working around the problem.
Remove all rpath patches (now overwritten by autoconf) and replace
with just passing RPATH='' via oe_runmake.
Remove the library search path patches (now overwritten by autoconf) and replace
with passing explicit pointers to the sysroot in the options.
[ YOCTO #10969 ]
(From OE-Core rev: 48fe39b09fbac973ba188938ab2a080f71ee8d68)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This fixes musl build issues and avoids autobuilder failures.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
popd in bash might allow local users to bypass the restricted shell
and cause a use-after-free via a crafted address.
Porting patch from <https://ftp.gnu.org/pub/gnu/bash/bash-4.4-patches/
bash44-006> to solve CVE-2016-9401.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Drop obsolete patch
- 0001-Avoid-use-of-glibc-sys-cdefs.h-header.patch
Drop backport patches:
- 0001-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch
- cve-2015-7236.patch
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
watchdog-keepalive is a simplified version of the watchdog daemon
and can't be installed along with watchdog daemon, we need to
choose which daemon install.
Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport a patch to fix userns05 case:
<<<test_output>>>
user_namespace5 1 TFAIL : userns05.c:95: userns:parent should be not equal to cpid2
user_namespace5 1 TFAIL : userns05.c:95: userns:parent should be not equal to cpid2
user_namespace5 0 TINFO : Child process returned TPASS
user_namespace5 0 TINFO : Child process returned TPASS
user_namespace5 0 TINFO : Child process returned TFAIL
incrementing stop
Rename the previous patch to add a number prefix
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Andreas Horsthemke <andhorsthemke@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
(using a new class)
Absolute path symlinks are a bit of a pain for sstate and the native versions
of these recipes currently contain broken symlinks as a result. There are
only a small number of problematic recipes, at least in OE-Core, namely the
three here.
Rather than trying to make sstate handle this magically, which turns out to
be a harder problem than you'd first realise, simply make the symlinks relative
early in the process and avoid all the problems.
The alternative is adding new complexity to sstate which we could really
do without as without the complexity, you can't always tell where the
absolute symlink is relative to (due to prefixes used for native sstate).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Busybox may offer a bash applet. If enabled, the alternatives mechanism
avoids breaking logins if bash gets deinstalled while /bin/bash is configured
as a login shell.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Opkg only depends on libsolv proper, splitting libsolv-ext pkg-config
reduces opkg dependencies.
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
With recipe specific sysroots, the gzip-replacement-native dance/class
is obsolete, simplify the code accordingly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upstream has removed a number of releases from the canonical download site,
including the 1.9 release we were using.
We shoud upgrade to the latest release but as new releases are only compressed
using lzip that means adding lzip-native to oe-core, so this is a suitable
short-term fix.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pwconv and grpconv are used in the postinstall script.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
|
Some recipe might use time, e.g.
http://git.yoctoproject.org/cgit/cgit.cgi/meta-swupd/tree/classes/swupd-image.bbclass?id=531a8e636ca891c34f2596eb7f6365a11d4b29a7#n481
Time is a bash built-in, or a separate utility (typically
in /usr/bin/), but not everybody uses bash, or has
GNU time installed by default.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
3.4 -> 4.0
Removed the following upstreamed or backported patches:
a) 0001-Fix-some-type-comparison-problems.patch
b) 0001-Fix-typo-in-comparision.patch
c) 0001-mdadm.h-bswap-is-already-defined-in-uclibc.patch
d) 0001-raid6check-Fix-if-else-indentation.patch
e) 0001-util.c-include-poll.h-instead-of-sys-poll.h.patch
f) mdadm-3.2.2_fix_for_x32.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
0001-byacc-do-not-reorder-CC-and-CFLAGS.patch is added to fix the problem
of byacc dropping options from $CC.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
It was noticed that syslogd and klogd were no longer running on system
startup, meaning no /var/log/messages etc.. It appears as though
sysklogd has never been updated to follow the expected logging
requirement for systemd as described here:
https://www.freedesktop.org/wiki/Software/systemd/syslog/
As such no service was started and no logging present. Using the above
guidelines we create two new service files syslogd.service and
klogd.service. We make use of tmpfiles.d in order to ensure the
xconsole device node exists and do other minor recipe cleanup to
ensure peaceful coexistence with sysvinit and systemd implementations.
The systemd documentation also asks that for a logger which is not
rsyslog that we also enable 'ForwardToSyslog=' in journald.conf, but
this is already the case so no action is required.
With this change in place syslogd and klogd are started at system
startup and the expected logs are available.
Unfortunately I was not able to find any work done on this upstream or
in other distros so this is my best effort at making this work.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Remove "-e MAKEFLAGS=" from EXTRA_OEMAKE to fix:
ERROR: hdparm-9.50-r0 do_package: QA Issue: File '/sbin/hdparm.hdparm' from hdparm was already stripped, this will prevent future debugging! [already-stripped]
ERROR: hdparm-9.50-r0 do_package: Fatal QA errors found, failing task.
The "-e MAKEFLAGS=" would cause submake can't get vars from environment,
The git log said that it was added for fixing a QA warning, but
everything is OK after remove it now.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
We need to use the correct time() definition with time_t rather than a long,
since long is 32-bit on x32.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
If the file is expected to exist, then we should always be using require
so that if it doesn't we get an error rather than some other more
obscure failure later on.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This group pulls in libglu, which needs virtual/libgl, whose providers require
opengl in DISTRO_FEATURES.
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
