| Age | Commit message (Collapse) | Author | Files |
|---|
|
We need to make sure that our fixed vapigen.m4 is used instead.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Now that gobject-introspection is supported, generation of .vapi
files for develeloping Vala code against gobject-based libraries
should be supported as well.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As we provide the full introspection support, we need to remove
the stubs from this package that conflict with it.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is to stop GLib linking to GConf and other modules (e.g gnutls).
If for example gconf is installed in the sysroot then GLib will use it by
default for the GSettings backend. This will pull a lot more libraries into the
scanner processes and expands the potential for runtime issues since dependencies
may be missing of change since they're not in the dependency chain.
Use an invalid modules directory so we avoid loading any modules or the
libraries they link against which the system may be in the process of rebuilding.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The recipe has comments that explain what is going on and why.
Also, there are patches necessary to make it work in Yocto cross-compilation environment;
they will be submitted upstream.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
directory as SDK script.
If SDK will be extracted in the same folder as sdk shar script.
The shar_relocate will substitute SDK.sh script SDKPATH with extract destination path.
After that operation no one will be able use this sdk script as paths in it will be different.
To fix this we need to filter out sdk script and relocate_sdk scripts from SDKPATH substitution
Signed-off-by: Krzysztof Zawadzki <krzysztof.zawadzki@nokia.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The variable in question should have been called ecc->p. The patch has been updated
so that the compilation of the nettle recipe would complete successfully. The backport
originated from this commit https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
Signed-off-by: ngutzmann <nathangutzmann@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
This helps with building valgrind for non-glibc systems
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
GNU make segfaults when run in a chroot environment because
of a known bug in GNU make 4.1. See [1] for details.
Works if /dev/pts is mounted before chroot.
[1] http://savannah.gnu.org/bugs/?43434
[YOCTO #9067]
Reported-by: Alexander Larsson <alexl@redhat.com>
Signed-off-by: Anuj Mittal <anujx.mittal@intel.com>
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Disable libitm as it is not supported on MicroBlaze.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signing package feeds will default to ascii armored signatures (ASC) the
other option being binary (BIN). This is for both rpm and ipk backends.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Create gpg signed ipk package feeds using the gpg backend if configured
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Store the ascii armored pubkey generated using gpg_sign.export_pubkey()
in its own package.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add support for multiple types of signatures (binary or ascii)
in export_pubkey(). There is no change in behaviour for the function,
the previous implicit default is the new parameter "armor" default.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Starting from v2.1 passing passwords directly to gpg does not work
anymore [1], instead a loopback interface must be used otherwise
gpg >2.1 will error out with:
"gpg: signing failed: Inappropriate ioctl for device"
gpg <2.1 does not work with the new --pinentry-mode arg and gives an
invalid option error, so we detect what is the running version of gpg
and pass it accordingly.
[1] https://wiki.archlinux.org/index.php/GnuPG#Unattended_passphrase
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Implement ipk signing inside the sign_ipk bbclass using the gpg_sign
module and configure signing similar to how rpm does it. sign_ipk uses
gpg_sign's detach_sign because its functionality is identical to package
feed signing.
IPK signing process is a bit different from rpm:
- Signatures are stored outside ipk files; opkg connects to a feed
server and downloads them to verify a package.
- Signatures are of two types (both supported by opkg): binary or
ascii armoured. By default we sign using ascii armoured.
- Public keys are stored on targets to verify ipks using the
opkg-keyrings recipe.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The resolved support requires that gcrypt is enabled. PACKAGECONFIG doesn't
support dependencies, so add a comment.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Currently the recipe files are hardcoded and if the recipe
change the version, the test will fail.
This will change from using a harcoded file to look for the
file using bitbake-layers. Now, just the recipe name must
be specified.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Currently when using a git version the check for the stamp, using regex,
will fail because of plus sign in the version.
With this change the version is escaped before adding it to the regex.
Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Set UPSTREAM_CHECK_URI to the below listed URL:
http://www.mirrorservice.org/sites/lsof.itap.purdue.edu/pub/tools/unix/lsof
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Provide UPSTREAM_CHECK_URI to perform checkpkg task.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We were previously ignoring pkgs that came in from a setscene like from
an sstate mirror). With this patch we can use pkgs than come from sstate
for image customisation as well.
Also remove unused variable.
[YOCTO #9137]
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Michael Wood <michael.g.wood@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Poky jethro has libgomp ( GNU OpenMP ) license marked as GPL-3.0,
where's in fact the correct is GPL-3.0 with GCC Library Runtime Exception
Signed-off-by: Helio Chissini de Castro <helio.castro@bmw-carit.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Integrating the following patches for improved galileo support:
66009f8977a6 adc1x8s102: support ACPI-based enumeration.
903003b78c13 staging:iio: add support for ADC1x8s102.
cd83f4095b23 spi-pxa2xx: fixed ACPI-based enumeration of SPI devices.
c4efe23b7f93 pca9685: PCA9685 PWM and GPIO multi-function device.
81e166ec0a35 gpio: pca953x: provide GPIO base based on _UID
4086f8c34956 acpi: added a custom DSDT file.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
|
(From OE-Core master rev: 7474c7dbf98c1a068bfd9b14627b604da5d79b67)
minor tweak to get x86_64/ecc-384-modp.asm to apply
(From OE-Core rev: d1903e264ab62d34daeb652c89c6fb67e7c9b42d)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core master rev: f62eb452244c3124cc88ef01c14116dac43f377a)
hand applied changes for ecc-256.c
(From OE-Core rev: cb03397ac97bfa99df6b72c80e1e03214e059e6e)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
By default qemu builds a complete list of directories within the user
emulation sysroot (-L option). The OE sysroot directory is large and
this is confusing, for example it indexes all pkgdata. In particular this
confuses strace of qemu binaries with tons of irrelevant paths.
This patch stops the code indexing up front and instead only indexes
things if/as/when it needs to. This drastically reduces the files it
reads and reduces memory usage and cleans up strace.
It would also avoid the infinite directory traversal bug in [YOCTO #6996]
although the code could still be vulnerable if it parsed those specific
paths.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Executables built with -fpie have the ELF type DYN rather than EXEC
which makes them difficult to distinguish from shared libraries.
Currently when building the list of executables we omit these binaries
so they might fail to run on the resultant rootfs due to missing
symbols. One of these is systemd which builds -fpie unconditionally, so
mklibs breaks images containing systemd.
Modify the search to catch all executable files that are ELF and have an
interpreter set. Omit libc and libpthread as special cases because they
have an interpreter and are directly executable but treating them as
such is antithetical to the pupose of mklibs.
Signed-off-by: Tyler Hall <tylerwhall@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Based as security reason, the system must limit users to
simultaneous system logins, or a site-defined number.
To avoid overwriting the /etc/security/limits.conf file after
upgrading this rpm package, we will define the file as
CONFFILES of package libpam-runtime.
Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Packages should not depend on themselves, otherwise it could lead to
circular dependencies on the package manager.
I have added a line on the proposed bash script that should add this
check on future versions.
Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A previous fix for a python dep issue was not merged to the CVS version.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The libitm is not supported on nios2, so disable it.
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Ley Foon Tan <lftan@altera.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Ross Burton <ross.burton@intel.com>
Cc: Thomas Chou <thomas@wytron.com.tw>
Cc: Walter Goossens <waltergoossens@home.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 8b81bb56c69aabdea984352f8e267a9783c0bdbc was accidentally merged.
The DL_DIR piece was simply incorrect and should be removed.
The patch commit message should have mentioned that the changes were
to update populate_sdk_ext after the changes to uninative now the
download is placed into a specific directory in DL_DIR. We also
need to specify the uninative tarball checksum.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rather than rolling all of an npm module's dependencies into the same
package, split them into one module per package, setting the SUMMARY and
PKGV values from the package.json file for each package. Additionally,
mark each package with the appropriate license using the license
scanning we already do, falling back to the license stated in the
package.json file for the module if unknown. All of this is mostly in
aid of ensuring all modules and their licenses now show up in the
manifests for the image.
Additionally we set the main LICENSE value more concretely once we've
calculated the per-package licenses, since we have more information at
that point.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
do_shared_workdir is not a proper sstate task, it always reruns if
needed, so special-case it in warnings when checking locked sigs.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previous, two things were wrong:
1) lib_basename was set from STAGING_LIBDIR only if prefix parameter was empty or missing
2) if prefix was not empty, lib_basename reverted to sys.lib, even if STAGING_LIBDIR
should've overriden it
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In python 3.4 python-config was rewritten in shell, ironically
to support cross-compilation:
https://bugs.python.org/issue16235
This new shell version is broken in several ways, and doesn't
have our oe-specific tweaks. Let's revert to the old script,
which is still provided.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The class had qemu_run_binary() which was not suitable for gobject-introspection,
as it required the name of the binary to run.
qemu_wrapper_cmdline() returns just the command line string needed to run
binaries, and does not require the binary name.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Popt may be internal or external to rpm. Either way the rpm libraries
will link properly with or without -lpopt.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Note the upstream submission in the patches.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
Allow the user to set the specific digest and non-repudiable signature
algorithms. This should be done on a distribution wide basis.
See recipe for exact instructions, but values are now set using:
RPM_FILE_DIGEST_ALGO (default 1 - md5)
RPM_SELF_SIGN_ALGO (default DSA)
Also, change the PACKAGECONFIG to define the default crypto engine for
RPM5. Not just the available crypto engines. If a crypto engine is not
selected, the system will default to the internal beecrypt version.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
RPM interally has support to build and work with the stack protector.
This is disabled by default in the RPM package, and the proper settings
should be specified in the security_flags. Using the default setting of
stack-protector-strong causes linking problems due to issues with libtool
selecting the wrong GCC objections to link against.
Falling back to the RPM values of stack-protector will permit linking to
work properly, and some level of protection.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
meta/lib/oe/package_manager.py was also updated. This ensures that any
diagnostic messages are ignored from the output of rpmresolve.
The patches have been split into bug fixes (things that belong upstream)
and local changes that are OE specific.
The following patches are obsolete and have been removed:
rpm-remove-sykcparse-decl.patch
fstack-protector-configure-check.patch
rpm-disable-Wno-override-init.patch
rpm-lua-fix-print.patch
rpm-rpmpgp-fix.patch
verify-fix-broken-logic-for-ghost-avoidance-Mark-Hat.patch
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
The recent split/factoring between production and development
kernel configurations, EXPERT, EMBEDDED and DEBUG_KERNEL are no longer
selected for all kernel types. This means that ftrace is no longer
selected by default in in standard BSPs, causing breakage in things
that relied on it.
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
