| Age | Commit message (Collapse) | Author | Files |
|---|
|
fix global-buffer-overflow in htmlParseTryOrFinish (HTMLparser.c:5403)
https://bugzilla.gnome.org/show_bug.cgi?id=775200
Here is the reproduce steps on ubuntu 16.04, use clang with "-fsanitize=address"
...
export CC="clang"
export CFLAGS="-fsanitize=address"
./configure --disable-shared
make clean all -j
wget https://bugzilla.gnome.org/attachment.cgi?id=340871 -O poc
./xmllint --html --push poc
==2785==ERROR: AddressSanitizer: global-buffer-overflow on address
0x000000a0de21 at pc 0x0000006a7f6e bp 0x7ffdfe940c10 sp 0x7ffdfe940c08
READ of size 1 at 0x000000a0de21 thread T0 #0 0x6a7f6d
(/home/jiahongxu/Downloads/libxml2-2.9.4/xmllint+0x6a7f6d) #1 0x6a7356
(/home/jiahongxu/Downloads/libxml2-2.9.4/xmllint+0x6a7356) #2 0x4f4504
(/home/jiahongxu/Downloads/libxml2-2.9.4/xmllint+0x4f4504) #3 0x4f045e
(/home/jiahongxu/Downloads/libxml2-2.9.4/xmllint+0x4f045e) #4 0x7f81977d682f
(/lib/x86_64-linux-gnu/libc.so.6+0x2082f) #5 0x419ad8
(/home/jiahongxu/Downloads/libxml2-2.9.4/xmllint+0x419ad8)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678
Patch from:
https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Fix hardcoded path for ptest script which would cause failure on
mulitilib:
ls: cannot access '/usr/lib/e2fsprogs/ptest/test/[a-zA-Z]_*': No such file or directory
./test_script: line 54: /usr/lib/e2fsprogs/ptest/test/test_post: No such file or directory
* Add missing '$' for shell variable reference
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix do_configure to be able to regenerate configure files
Use cross libtool as installed by OE, as done in normal autotooled recipes
These changes help in invoking the libtool with proper tags for C
and C++ compiler and linker invocation and not use same tag across all
different invocations
Fixes errors like
libtool: compile: unable to infer tagged configuration
libtool: compile: specify a tag with `--tag'
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We were relying on running ca-certificates from the -native version. This
meant the host and target path layouts had to match which might not be true,
it certainly isn't true for the sdk builds.
There was a dependency on run-parts which wasn't represented (we can get it
from busybox or debianutils).
Since this is an allarch script, call the script directly, making sure debianutils
and openssl are available as postinst rootfs time to resolve the issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This silences warnings generated after pkg-conf was added as an alternative
pkgconfig provider.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Whilst this should work we see failures in testsdkext at the moment when
this is set. Add this to the blacklist for now until we can fix these issues
meaning we can at least test BB_SERVER_TIMEOUT in other scenarios.
Bug 119733 has been opened to track this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We want to provide python libs by default, and some other
popular Linux distributions like redhat/fedora does the same.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
commit 44aea7b873 [kernel-yocto: ensure that only valid BSPs are built]
introduced a new check to ensure that a valid BSP definition was found,
rather than building something that 'closely' matched the current
MACHINE.
This check breaks valid configurations which do not have a bsp
definition but are otherwise completely configured machines.
To allow both elements to co-exist (and not add warnings or errors
to otherwise valid builds), we first check to see if an empty bsp
definition was found, but then check to see if a defconfig was
provided.
If a defconfig has been provided, that is a sign that the board
configuration is complete and we should continue the build without
otherwise bothering the user.
Tested on meta-raspberrypi and linux-yocto*
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove all host build references from the acl-ptest package.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove all host build references from the attr-ptest package.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When bootparam_root was empty the if statement would resolve into
invalid syntax instead of short circuiting after the -z, causing a boot
failure.
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Disable gobject-introspection on armv7a and armv7ve
to avoid do_compile failure:
| qemu: uncaught target signal 11 (Segmentation fault) - core dumped
| Segmentation fault
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This can avoid UnicodeDecodeError error.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch was a temporal workaround needed with 4.1 kernels.
Remove it.
Signed-off-by: Jose Alarcon <jose.alarcon@ge.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A gpg command, e.g, called by get_gpg_version(), may trigger such a warning:
gpg: WARNING: unsafe ownership on homedir '/home/user/.gnupg'
This sort of warning is harmless so it can be depressed through specifying
--no-permission-warning.
Signed-off-by: Jia Zhang <lans.zhang2008@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Only build with the vulkan distro flag is set. (References to this flag
were found in the mesa recipe.)
In addition, only set the RRECOMEMND to mesa, if 'opengl' flag is set. Mesa
required opengl distro flag to build.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The ptest log will be saved to buildhistory/ptest, we can easily get
the regression result between builds by:
$ git show HEAD ptest/pass.fail.skip.*
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It's very important to add IMAGE_CLASSES += "testimage" in local.conf firstly,
otherwise the var like TEST_LOG_DIR (defined in testimage.bbclass) will not be
in testdata.json.
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This makes the user easier to know how to make commit in buildhistory.
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There might be wild strings when read from target (especially when
reading ptest results), replace the errors to avoid breaking the test.
Fixed: (Not always happen)
$ bitbake core-image-sato -ctestimage
[snip]
status, output = self.target.run('ptest-runner', 0)
File "/buildarea/lyang1/poky/meta/lib/oeqa/core/target/ssh.py", line 84, in run
status, output = self._run(sshCmd, processTimeout, True)
File "/buildarea/lyang1/poky/meta/lib/oeqa/core/target/ssh.py", line 55, in _run
status, output = SSHCall(command, self.logger, timeout)
File "/buildarea/lyang1/poky/meta/lib/oeqa/core/target/ssh.py", line 258, in SSHCall
run()
File "/buildarea/lyang1/poky/meta/lib/oeqa/core/target/ssh.py", line 236, in run
output = process.communicate()[0].decode("utf-8")
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xc3 in position 4906: invalid continuation byte
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The section might be None or '', so use "if section" for it.
Fixed:
File "/buildarea/lyang1/poky/meta/lib/oeqa/utils/logparser.py", line 113, in log_as_files
prefix += section
TypeError: Can't convert 'NoneType' object to str implicitly
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It works now.
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The packages' test cases maybe skipped, check and save them.
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some test cases maybe skipped, let's parse it.
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Make it work with current oeqa
* Skip the test if ptest is not in DISTRO_FEATURES
* Skip the test if ptest-pkgs is not in IMAGE_FEATURES
* The logs are saved to:
testimage/ptest_log -> testimage/ptest_log.<datetime>
* This provides data that could be used to detect regressions in ptest results
[YOCTO #11547]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bmap-tools has run-time dependency on "python-mmp" which is missing in
the RDEPENDS. "bmaptool" command in the target will fail without this
patch.
Signed-off-by: Binghua Guan <freebendy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libva-utils depends on libva which requires opengl in
DISTRO_FEATURES.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes error "Exception: NameError: name 'errno' is not defined"
during build-sysroots.bb:do_build_target_sysroot
Signed-off-by: Marko, Peter <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The IDE driver in the kernel is fragile and in 4.12 is causing backtraces.
To unblock 4.12 kernel merging use the virtio CD driver instead to mount
iso images which should be faster and more stable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
THe newner kernels have ope firmware support enabled which leads to warnings
during boot on mips. These aren't interesting and we should ignore them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* this recipe is intentionally empty, but useful for BSP layers to
provide machine specific systemd services in this MACHINE_ARCH
package.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
sushell is required by systemd service debug-shell
when selinux is enabled.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* sushell is required by systemd service debug-shell
when selinux is enabled, but it doesn't make sense
to make systemd depend on initscripts, so split sushell
into sub package initscripts-sushell.
* The bash dependency has been removed by:
'''
4917e36a77bd6821b45db52caa43939d344d92f6
initscripts: Fix regression for requiring /bin/bash
'''
so remove bash from RDEPENDS when selinux is enabled.
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
ibt-firmware was not packaged separately and was part of big linux-firmware
package. Packaging allows to install it separately, according to requirements.
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Package iwlwifi-3160-[10-17] firmware from iwlwifi-misc to seperate packages,
so it is possible to install only required firmare package.
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Add statistic summary for run-ptest
* Ensure the script can be run anywhere
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
pkgconf is a better replacement for pkg-config. Fedora 26 replaces the
system pkg-config implementation with pkgconf because it "provides better
support for handling .pc files and a stable library ABI/API for integrating
into applications." and is actively maintained, unlike pkg-config.
pkgconf aims to offer many improvements over pkg-config such as faster/more
efficient dependency resolver which "allows for the user to more conservatively
link their binaries -- which may be helpful in some environments, such as when
prelink(1) is being used.
pkgconf also aims to provide a more complete implementation of pkg-config.
The features most likely to benefit the Yocto Project build system are the
faster/more efficient dependency resolution and linker flag optimisation.
Move pkgconf recipe to oe-core from meta-pkgconf:
https://github.com/kergoth/meta-kergoth-wip/tree/master/meta-pkgconf
Links:
1. http://pkgconf.org
2. https://fedoraproject.org/wiki/Changes/pkgconf_as_system_pkg-config_implementation
3. https://bugzilla.yoctoproject.org/show_bug.cgi?id=11308
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This allows the end users to be able to override the entire notes
showing on the shell console. For instance, Our company uses a
external conf-notes.txt, and we run bitbake with some extra variables,
looks like: F=xxx D=xxx M=xxx bitbake <target>, so we want to show
exactly these texts on the shell console, that's why we need this
change.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Otherwise, we get timeouts, leading to errors:
pip._vendor.requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /pypi/pip/json (Caused by ConnectTimeoutError(<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7ff741bb3ef0>, 'Connection to pypi.python.org timed out. (connect timeout=5)'))
WARNING: TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/temp/run.do_populate_poky_src.185123:1 exit 1 from 'pip3 install --user -I -U -v -r TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/rootfs/home/builder/poky/bitbake/toaster-requirements.txt'
DEBUG: Python function do_image finished
Complete log at [1]
[1] http://errors.yoctoproject.org/Errors/Build/43393/
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Before GNU tar 1.24, only the archive creation command had the '-h'
argument to preserve and follow symlinks. After >= 1.24 via commit
14efeb9f956e38d7be (tar: --dereference consistency) the capability to
preserve symlinks was also added to the archive extraction command.
-h is default at archive creation but is not default at extraction,
meaning that it will replace symlinks with directories even if the
original filesystem directory tree and archive contains them.
Add -h to the copyhardlinktree extraction step so the build can
support symlinks in variables like ${DEPLOY_DIR_IPK/RPM/DEB}.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Refactor get_cc_option so it is simpler and also does not fail
when using external toolchain.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The compiled .pyc files contain time stamp corresponding to the compile time.
This prevents binary reproducibility. This patch allows to achieve binary
reproducibility by overriding the build time stamp by the value
exported via SOURCE_DATE_EPOCH.
Patch by Bernhard M. Wiedemann, backported from https://github.com/python/cpython/pull/296
[YOCTO#11241]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Updating the 4.10 SRCREVs to import the following changes:
65370fa249e2 drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
530ec12a0cb0 ACPICA: Namespace: fix operand cache leak
b1098b5bbded char: lp: fix possible integer overflow in lp_setup()
56ee0c7811e5 dccp/tcp: do not inherit mc_list from parent
9f6cbd022bba nfsd: encoders mustn't use unitialized values in error cases
084036ebc243 nfsd: fix undefined behavior in nfsd4_layout_verify
973f780eeaa6 xen-blkback: don't leak stack data via response ring
20c4b5015fea brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
1dff0f28b490 ipx: call ipxitf_put() in ioctl error path
d666a8e60a45 mm: fix new crash in unmapped_area_topdown()
73d059ba1a17 mm: larger stack guard gap, between vmas
Which address the following CVEs:
CVE-2017-8890
CVE-2017-1000363
CVE-2017-11472
CVE-2017-7346
CVE-2017-1000380
CVE-2017-7541
CVE-2017-10911
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was a bug in the search routines responsible for locating
BSP definitions which returned a valid match if only the ktype
matched.
This meant that someone looking for "qemux86foo" (which is an
invalid definition) would potentially end up building "qemuarm"
and be none the wiser (until it didn't boot).
With this fix to the tools search routine, and improved return
code testing, we will now stop the build and report and error to
the user.
[YOCTO: #11878]
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Not all the qemu machines carry default kernel specifications.
While we could drop these references, we'll bump them to 4.12
to pick up the latest and remove them in future commits.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The fall 2017 kernel will have 4.12 as the reference kernel, so
we update the libc-headers to match.
Build tested against glibc and muslc systems.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We have 4.4 and 4.9 as LTS kernels, the 4.1 variants are no longer
needed and are dropped.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
