summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* bitbake: toaster: do not fail on optional 'custom.xml' fileDavid Reyna2018-05-291-1/+4
| | | | | | | | | | | | Explicitly capture and ignore errors when trying to load the optional 'custom.xml' fixture file. [YOCTO #12554] (Bitbake rev: 5b26fc8e332daaed092cdbafea3f0b8e11e5e7ae) Signed-off-by: David Reyna <David.Reyna@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: Toaster: fix shutdown and extra threadsDavid Reyna2018-05-291-2/+2
| | | | | | | | | | | | | Fix typo in shutdown code to kill threads when "kill -0" is not enough. Use the '--noreload' flag for 'runserver' so that there are no extra and unaccounted threads. [YOCTO #12555] (Bitbake rev: 14079cb1fd497799548c677962d89c02a6d2bf92) Signed-off-by: David Reyna <David.Reyna@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to rocko head revisionyocto-2.4.3rocko-18.0.3Richard Purdie2018-05-231-1/+1
| | | | | | (From OE-Core rev: 0d70ca998b3bdc18db6a5644f4ed8797fd0e7ddd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky: Bump version to 2.4.3Richard Purdie2018-05-231-1/+1
| | | | | | (From meta-yocto rev: 52883b21ee64c04db23a6fb3f32b33c39d54b324) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta-yocto-bsp: bump to the latest v4.12 stable kernel for the non-x86 BSPsKevin Hao2018-05-231-6/+6
| | | | | | | | | | | (From meta-yocto rev: 08884dc6ed749da5e7f73c9045a56d2dd53827bb) (From meta-yocto rev: 5de52cf4a74f6d87f7f62f322f8f39f3f4f0a136) Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: update genericx86* SRCREVs for 4.12Anuj Mittal2018-05-231-4/+4
| | | | | | | | | | | | | Bump to stable kernel release 4.12.21. (From meta-yocto rev: de49fbc8dda014ab26294ff97955d545dd09123c) (From meta-yocto rev: c0fee7423ae9321a2f0d28036abee62bef6360ea) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libnl: fix CVE-2017-0553Andre McCurdy2018-05-232-0/+45
| | | | | | | | | | | | | | | | | | | | | | | An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0553 Backport fix from upstream libnl 3.3.0 release: https://github.com/thom311/libnl/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb http://lists.infradead.org/pipermail/libnl/2017-May/002313.html (From OE-Core rev: f452fbc5d2ffb9c1417079574bed0dfcdc44787a) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: Abstract out termlibKhem Raj2018-05-231-1/+2
| | | | | | | | | | | | | | | | termlib needs to be disabled on some targets e.g. mingw this change paves the way for doing that. Functionally it does not change anything for other platforms (From OE-Core rev: 88f33e1e5ba4f85093f60a296cba3ee1c1341c43) (From OE-Core rev: 82fc84b059367917690336d279cd8cab679d63ed) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix deletion of /usr/lib/terminfoKoen Kooi2018-05-231-1/+4
| | | | | | | | | | | | | | Ncurses doesn't honour ${libdir} for terminfo, so try more options to remove it. (From OE-Core rev: 17fd322e925cf492b22c75e296d5fee31e3511db) (From OE-Core rev: 3d07d4a1e8a7324437e2f37ffcafbb032a086008) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: fix do_install failure when base_libdir has more than one levelKoen Kooi2018-05-231-1/+1
| | | | | | | | | | | | | | Other sections of the .inc already use mkdir -p, so use it here as well. (From OE-Core rev: 62434e5021b99391a0c129a40bf943465a19e7ce) (From OE-Core rev: f7538ee974d5bb07be193a3c8e31a05087bcc990) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ncurses: 6.0+20170715 -> 6.0+20171125Hongxu Jia2018-05-232-543/+1
| | | | | | | | | | | | | | | | | | | | - Drop backported CVE fix includes cves: CVE-2017-10684 CVE-2017-10685 CVE-2017-11112 CVE-2017-11113 (From OE-Core rev: 382e861b8c89c65b3538c706361767eff78d4a5a) (From OE-Core rev: 6e7b9c78aca121301e9c92ed9cdb65f1a7613ee0) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.py: use single quotes for path passed to file in is_elf()Andre McCurdy2018-05-081-2/+1
| | | | | | | | | | | | | | Align package.py is_elf() with recent changes in package.bbclass isELF(): http://git.openembedded.org/openembedded-core/commit/?id=7877761534b0c2492da6289e9f2269d41b6ed464 (From OE-Core rev: 5fcb57ffd67384b3487d0a1b83a1f13d52a15eb7) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit ab056c7f6065f310be4dd256ceb45f85ff981f69) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: Add '-b' option to file call in isELFMark Hatle2018-05-082-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The isELF function works by running: result = file <pathname> if 'ELF' in result By default 'file' will prepend the result with the path name of the file that is being checked. This usually works fine, such as: $ file /home/foo/openembedded-core/meta/classes/package.bbclass /home/foo/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines However, if the path includes 'ELF', ELF will end up in the result, and then the check will return positive. $ file /home/ELF/openembedded-core/meta/classes/package.bbclass /home/ELF/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines This will then result in the isELF coming back true, and possibly causing the checks that use isELF, such as the 'is it already stripped' check, to do the incorrect thing. Adding the '-b' option to file will result in the path being omitted in the result: $ file /home/ELF/openembedded-core/meta/classes/package.bbclass Python script, ASCII text executable, with very long lines (From OE-Core rev: b6d5729a0f0e6f2c8b36d425a18e9e2ed26f5de0) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 5a324e9b2cf6378f8eaa4e394f9cb36d4e2680ac) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: use single quotes for path passed to file in isELF()Andre McCurdy2018-05-081-1/+1
| | | | | | | | | | | | | | | | | | | Apparently there are recipes in the wild which generate files with filenames containing '$' characters - which cause errors during packaging. Instead of adding another special case to escape '$' characters when constructing the command passed to oe.utils.getstatusoutput(), switch to using single quotes to quote the path - and therefore make isELF() consistent with the way filenames and paths are quoted by every other caller of oe.utils.getstatusoutput() in oe-core. (From OE-Core rev: 080f0ee910684beb8bc263d5a45d3aa39b6ee647) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 7877761534b0c2492da6289e9f2269d41b6ed464) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "package.bbclass: Add '-b' option to file call in isELF"Andre McCurdy2018-05-082-2/+2
| | | | | | | | | | | | | | | | This reverts commit 46ddc11a8be79515b4ab9f9f7568c3d624ac72fe. The change is good in master but became subtly broken during the backport to rocko. Either the path passed to file should be quoted using double quotes (with any " chars in the path being escaped) or the path should be quoted using single quotes (and then any " chars in the path should NOT be escaped). Escaping " chars and using single quotes will cause problems for filenames containing " chars. (From OE-Core rev: 534a4e6775e5b4030619b20ae1f6a319adadccf5) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Update to 2.4.4Armin Kuster2018-05-071-2/+2
| | | | | | | | | | | | | | | | | | | | The dot releases are maint only. 2.4.4 included: CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir 2.4.3 includes: CVE-2017-17405: Command injection vulnerability in Net::FTP (From OE-Core rev: 7003a36ef3f686af97798ff6f4bc7b3473f937de) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix typo in gmp PACKAGECONFIG optionAndre McCurdy2018-05-071-1/+1
| | | | | | | | | | | | (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) (From OE-Core rev: 02fe324eb6913b27961e8e30c5510c89733dd011) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: remove spurious db build dependencyRoss Burton2018-05-071-1/+1
| | | | | | | | | | | | | The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) (From OE-Core rev: f18fe9f116bd6697ded5d93eeccdfea7c3215d7b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.2Leonardo Sandoval2018-05-072-90/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) (From OE-Core rev: 59fed1c288bc8d5549fffccedcc24ae9f4f32dac) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub/grub-efi: fix conflictHongxu Jia2018-05-073-13/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While installing grub and grub-efi, there are conflict files in ${sysconfdir} ${datadir} ${bindir} ${sbindir}. - Since all of the conflicted files are tools which is common for grub and grub-efi, we split them (except grub-editenv) to grub-common in grub. - The package grub-common runtime depends grub-editenv - The package grub-editenv runtime provides grub-efi-editenv - Remove SYSROOT_DIRS_BLACKLIST - The recipe grub-efi does not generate the duplicated files and use runtime depends grub-common to instead Debian and Fedora do the similar thing. Debian use a common package grub-common for both of pc bios and efi, and use package grub-pc-bin for pc bios, grub-efi-amd64-bin for efi. Both of grub-pc-bin and grub-efi-amd64-bin requires grub-common. https://packages.debian.org/sid/grub-common https://packages.debian.org/jessie/grub-pc-bin https://packages.debian.org/jessie/grub-efi-amd64-bin Fedora use a common package grub2-tools for both of pc bios and efi, and use package grub2 for pc bios, grub2-efi-modules for efi. Both of grub2 and grub2-efi-modules requires grub2-tools. https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-tools-2.02-0.34.fc24.x86_64.html https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-2.02-0.34.fc24.x86_64.html https://www.rpmfind.net/linux/RPM/fedora/devel/rawhide/x86_64/g/grub2-efi-modules-2.02-0.34.fc24.x86_64.html [YOCTO #11639] (From OE-Core rev: 60c360c0561f1ff5ff2135c4557f5992f9485617) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/test-dependencies.sh: removeMartin Jansa2018-05-071-286/+0
| | | | | | | | | | | | | | | | | | * with RSS used in pyro this script isn't very useful anymore * RSS makes sure that the dependencies are almost always deterministic the only case known to me where dependencies are different based on what was already built in TMPDIR are runtime dependencies resolved by shlibs code in package.bbclass (which is using global pkgdata, not specific to given recipe and its RSS) as described here: https://bugzilla.yoctoproject.org/show_bug.cgi?id=9217#c4 but for this case it's not worth running complete test-dependencies.sh runs (From OE-Core rev: 522005e722ceb1d1447826e6d7a36d43e49d0450) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "waf.bbclass: explicitly pass bindir and libdir if supported"Martin Jansa2018-05-071-16/+1
| | | | | | | | | | | | | | | * this doesn't work correctly as discussed in: http://lists.openembedded.org/pipermail/openembedded-commits/2018-January/218460.html * some of the issues were fixed in master since then but not all, so revert it until it's completely resolved This reverts commit eac21f981337bfaddb2d67161a1ff049158041ce. (From OE-Core rev: 74c26c2f63121d92d50b0cca4d3288b8d196b777) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: Security fix CVE-2017-12883Armin Kuster2018-05-032-0/+45
| | | | | | | | | Affects: Perl < 5.24.3-rc1 and 5.26.x before 5.26.1-RC1 (From OE-Core rev: d20917f3ce9ac45fb9562d1cabf7ddc212b1d07a) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perl: add patch to solve libcrypt incompatibilityCharles-Antoine Couret2018-05-033-0/+30
| | | | | | | | | | | | | Add Perl's patch submitted to upstream to be compiled along with glibc with libcrypt split. (From OE-Core rev: 79703d83790a2973fefdb0e12e125b5f17e98cdf) (From OE-Core rev: 53eef48621b19a1b88c042f9ee5eeb84d9746c64) Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@essensium.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rsync: update to 3.1.3Yi Zhao2018-05-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | (From OE-Core rev: ded47001bec3fbbcbcdbe358a32c14ed0322d431) Updating is safer than backporting the CVE fixes. Included CVE: CVE-2017-16548 CVE-2017-15994 CVE-2017-17434 CVE-2017-17434 CVE-2018-5764 plus many bugfixes (From OE-Core rev: 3f244c68defd45d89107ff58a95c8d4462faeaed) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mpfr: Update SRC_URI to use gnuArmin Kuster2018-05-031-1/+1
| | | | | | | | | | | | ERROR: mpfr-native-3.1.5-r0 do_checkuri: Fetcher failure for URL: 'http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz'. URL http://www.mpfr.org/mpfr-3.1.5/mpfr-3.1.5.tar.xz doesn't work ERROR: mpfr-native-3.1.5-r0 do_checkuri: Function failed: do_checkuri Found gnu has the same copy (From OE-Core rev: ee3de1e4963ae56515be3a56b473f25ace286511) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Set the dynamic linker to use at compile timeRichard Purdie2018-05-031-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Its possible some dynamic runtime library in the dependency chain may come from sstate and link to libraries which need the libc from uninative. If we don't do this and binaries are run at do_install time they would fail to find the symbols from the later libc. Examples: cmake-native do_install: bin/cmake: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.25' not found (required by TOPDIR/tmp/work/x86_64-linux/cmake-native/3.10.3-r0/recipe-sysroot-native/usr/lib/libexpat.so.1) dbus-native do_install: tmp/work/x86_64-linux/dbus-native/1.12.2-r0/build/bus/.libs/lt-dbus-daemon: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.25' not found (required by /home/pokybuild/yocto-autobuilder/yocto-worker/nightly-x32/build/build/tmp/work/x86_64-linux/dbus-native/1.12.2-r0/recipe-sysroot-native/usr/lib/libexpat.so.1) This issue is resolved when the interpreter is changed at sstate unpack time but this isn't soon enough to avoid issues at compile/install time. By specifing which dynamic linker/loader to use at compile time, this race window is removed entirely. (From OE-Core rev: 35867ee035030ab76fc9ccdb0eb1c3f80126301c) (From OE-Core rev: cead3c4925d39f8adc328007d8a8c1b23cc72842) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Add allow-shlib-undefined to BUILD_LDFLAGS and drop other workaroundsRichard Purdie2018-05-036-48/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have a problem when for example, a glibc 2.27 based system builds some library like libpopt-native and puts it into sstate then it is reused on a pre glibc-2.27 system to build something which depends on popt like rpm-native. This results in an error like: recipe-sysroot-native/usr/lib/libpopt.so: undefined reference to `glob@GLIBC_2.27' In the past we've had this problem with new symbols like getrandom and getentropy, here its with a more complex symbol where there is an old version and a newer version. We've looked into various options, basically we cannot link against our uninative libc/ld.so since we don't have the right headers or compiler link libraries. The compiler doesn't allow you to switch in a new set either, even if we did want to ship them. Shipping a complete compiler, dev headers and libs also isn't an option. On the other hand if we follow the ld man page, it does say: """ The reasons for allowing undefined symbol references in shared libraries specified at link time are that: - A shared library specified at link time may not be the same as the one that is available at load time, so the symbol might actually be resolvable at load time. """ which is exactly this case. By the time the binary runs, it will use our uninative loader and libc and the symbol will be available. Therefore we basically have a choice, we get weird intermittent bugs, we drop uninative entirely, or we pass this option. If we pass the option, we can drop the other workarounds too. (From OE-Core rev: 75a62ede393bf6b4972390ef5290d50add19341a) (From OE-Core rev: d18bf7fa8e80d6cfaf3fdbe1ab06eec84b954432) (From OE-Core rev: 4545f5436a5a106154680825ecb1cb60437faa91) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Clean up for Rocko context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Set and export TZ envvar to UTCRichard Purdie2018-05-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We just ran into an issue where tar failed to build on one server setup but built everywhere else just fine. It was running makeinfo to regenerate some docs files and makeinfo was too old for the host it was running on. There was no dependency on makeinfo-native as it was not meant to be regenerating the docs. It was being regenerated as a date from a timestamp used in the docs was different in Asian timezones than in the other timezones our builds were being tested in. I added an entry to https://wiki.yoctoproject.org/wiki/TipsAndTricks/ about how this was debugged. As such, lets default to setting and exporting TZ to 'UTC' as was already pioneered by the reproducibile builds work. This makes the builds deterministic. [YOCTO #12665] (From OE-Core rev: 2a90ae7a3286724ff9e3615c4dbf56038f703810) (From OE-Core rev: e31f31f81efe4b60938b724bece2a03c7c74a68d) (From OE-Core rev: 2c72aa56e6065100582cb17f281c4c11521712e6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Drop simple.bbclass changes] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Update to version 1.9 (fedora28 compatible)Richard Purdie2018-05-031-3/+3
| | | | | | | | | | | | | | This includes the libxcrypt change which allows uninative to work on fedora28. (From OE-Core rev: 4b27ab6487a54b42a52aa16e98ea4d19fa62b5ae) (From OE-Core rev: 0685eb697f1dfa3b858b6e594cbd8e6070b4fbb8) (From OE-Core rev: 2b462bdc2b9bad40425769ece380e46b52cca095) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package.bbclass: Add '-b' option to file call in isELFMark Hatle2018-05-032-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The isELF function works by running: result = file <pathname> if 'ELF' in result By default 'file' will prepend the result with the path name of the file that is being checked. This usually works fine, such as: $ file /home/foo/openembedded-core/meta/classes/package.bbclass /home/foo/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines However, if the path includes 'ELF', ELF will end up in the result, and then the check will return positive. $ file /home/ELF/openembedded-core/meta/classes/package.bbclass /home/ELF/openembedded-core/meta/classes/package.bbclass: Python script, ASCII text executable, with very long lines This will then result in the isELF coming back true, and possibly causing the checks that use isELF, such as the 'is it already stripped' check, to do the incorrect thing. Adding the '-b' option to file will result in the path being omitted in the result: $ file /home/ELF/openembedded-core/meta/classes/package.bbclass Python script, ASCII text executable, with very long lines (From OE-Core rev: 5a324e9b2cf6378f8eaa4e394f9cb36d4e2680ac) (From OE-Core rev: 46ddc11a8be79515b4ab9f9f7568c3d624ac72fe) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [fixup for Rocko] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-1000156Jackie Huang2018-05-033-0/+255
| | | | | | | | | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-1000156 * upstream tracking: https://savannah.gnu.org/bugs/index.php?53566 * Fix arbitrary command execution in ed-style patches: - src/pch.c (do_ed_script): Write ed script to a temporary file instead of piping it to ed: this will cause ed to abort on invalid commands instead of rejecting them and carrying on. - tests/ed-style: New test case. - tests/Makefile.am (TESTS): Add test case. (From OE-Core rev: 6b6ae212837a07aaefd2b675b5b527fbce2a4270) (From OE-Core rev: 413c54e0698589b17976e88fa7ab76e5dbac51aa) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch: fix CVE-2018-6951Jackie Huang2018-05-032-1/+38
| | | | | | | | | | | | | | | | | | | | * CVE detail: https://nvd.nist.gov/vuln/detail/CVE-2018-6951 * upstream tracking: http://savannah.gnu.org/bugs/?53132 * Fix segfault with mangled rename patch - src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). (From OE-Core rev: cdf74e1c67698b2d44a7460ff7d365d6da7b7b96) (From OE-Core rev: e628af83e8d00ed3e3db318b323a9f5e48d35aae) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patch:2.7.5 -> 2.7.6Huang Qiyu2018-05-031-2/+2
| | | | | | | | | | | | | | Upgrade patch from 2.7.5 to 2.7.6. (From OE-Core rev: e5dcd58e5b2ef0b8e2bbe90e9bb1cede4e76bf75) (From OE-Core rev: 6ecaabfff944773a09096a9ce293842c7c00b3a1) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Security Advisory - CVE-2017-3144Yue Tao2018-05-032-0/+75
| | | | | | | | | | | | | | | | | | | | | | | Fix CVE-2017-3144 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3144 https://kb.isc.org/article/AA-01541 Patch from: https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=5097bc0559f592683faac1f67bf350e1bddf6ed4 (From OE-Core rev: bcbe9025560dee658c0ead566384e1a8647cebf9) (From OE-Core rev: cf029db42a6bb96203d2d6bb64a62e6eeec9be8d) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gio-module-cache.bbclass: pass in ${libexecdir}Alexander Kanavin2018-05-031-0/+1
| | | | | | | | | | | | | | When it was something else than /usr/libexec (e.g. when installing native SDK packages), things broke down. (From OE-Core rev: d99e819a6cbde6d1116c434ddba4c5f8eca7e6d8) (From OE-Core rev: 1c8c163bfb736518f66276eca5765c493b8cc787) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: add variables to the whitelist so that it does not re-triger ↵Cuero Bugot2018-05-031-0/+3
| | | | | | | | | | | | | | | | | | | | recipe parsing When uninative is activated (poky's default) internal datastore variables are modified (NATIVELSBSTRING and SSTATEPOSTUNPACKFUNCS) to enable uninative support. This is happening after parsing is done at the beginning of the build. On the next bitbake call the recipe would be parsed if the two variables above were not added to the parsing whitelist BB_HASHCONFIG_WHITELIST. The fix is to add these two variables to the recipe parsing whitelist BB_HASHCONFIG_WHITELIST, this is done at recipe parsing time, only when uninative.bbclass is used. (From OE-Core rev: 75bb95ada98ef129d2fa48568f27dddb078c852c) (From OE-Core rev: ca52b8e4f32063234815493746c4059392862af8) Signed-off-by: Cuero Bugot <cbugot@sierrawireless.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager.py: Skip gpgcheck while using dnf on targetManjukumar Matha2018-05-031-1/+1
| | | | | | | | | | | | | | | | | By default, RPM_SIGN_PACKAGES is not defined. Add gpgcheck=0 to oe-remote-repo.repo file, otherwise dnf will complain during install operation on target Note, RPM_SIGN_PACKAGES is set only when you inherit sign_rpm explicitly (From OE-Core rev: 002a71eaa7606828c399972d8fd35e19e7b71929) (From OE-Core rev: 21ca5428fa320aa4c925fe8a1a141c7df863fa84) Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcre-ptest: skip locale testJuro Bystricky2018-05-031-0/+4
| | | | | | | | | | | | | | | | | | If a fr_FR locale is found, it is automatically tested. The test will fail if the locale is UTF-8, as the test blindly assumes (and expects) a non-UTF fr_FR locale. The remedy is to skip the test. [YOCTO #12215] (From OE-Core rev: 4cedddb83623c79980b354642dfeaf78218ca4b7) (From OE-Core rev: ebb6c4f6a2bb6a6be4b3c4f8b7095bad529c62ea) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update 1.1.0g -> 1.1.0hAlexander Kanavin2018-05-033-143/+4
| | | | | | | | | | | | | | | | | | | | | | Please see this security advisory: https://www.openssl.org/news/secadv/20180327.txt Remove 0001-Remove-test-that-requires-running-as-non-root.patch (issue fixed upstream) Remove 0001-aes-asm-aes-armv4-bsaes-armv7-.pl-make-it-work-with-.patch (backport) License-Update: copyright years (From OE-Core rev: 96d5e9c186fb83f1b5d9b38ace0b1222c3c04c54) (From OE-Core rev: a4f7a637d9a2c738f217c67394a98f6081149022) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update 1.0.2n -> 1.0.2oAlexander Kanavin2018-05-0333-3/+3
| | | | | | | | | | | | | | | | | Please see this security advisory: https://www.openssl.org/news/secadv/20180327.txt License-Update: copyright years (From OE-Core rev: 13542282e34c078296c46a98721b31ed9a69a980) (From OE-Core rev: 9460cdd9227edcca425b919d5b9061d1da55528b) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix libdir logic to allow multiarch style pathsKoen Kooi2018-05-032-2/+4
| | | | | | | | | | | | | | The recipes were using 'basename' to turn '/usr/lib' into 'lib', which breaks when libdir is '/usr/lib/tuple', leading to libraries ending up in '/usr/tuple', which isn't in FILES_*. Change the logic to use sed to strip the prefix instead. (From OE-Core rev: e58d5521c7bae8daafdac85754545be176550a02) (From OE-Core rev: 373763d4f6668c3e324edf8d699c8c15d0267278) Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop openssl-1.0.2a-x32-asm.patchAlexander Kanavin2018-05-032-47/+0
| | | | | | | | | | | | | | | | | The patch was applied in a completely incorrect spot (due to fuzz), no one noticed or complained. Meanwhile upstream says the issue has been resolved differently: https://rt.openssl.org/Ticket/Display.html?id=3759&user=guest&pass=guest (From OE-Core rev: 325e516b59e677dc8e2c5756589fa8037b3e9392) (From OE-Core rev: d7f682f592538073eefd24bf06c32e8e2e685f05) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: refresh patchesRoss Burton2018-05-032-12/+12
| | | | | | | | | | | | | | | | | | | | | | | | | The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. (From OE-Core rev: 7baba7a19c5610a63ccbfd6a2238667772b32118) (From OE-Core rev: 95b5ec1d6d614ebd1ea3a57bbbcef33b08966265) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_rpm: set _builddir to B not SRichard Purdie2018-05-031-1/+1
| | | | | | | | | | | | | | | | | Recipes which use a shared workdir (e.g. gcc-runtine and libgcc) can race over temporary files causing interesting build failures. Using B instead of S avoids this problem. [YOCTO #12605] (From OE-Core rev: d6c13a5ff441f7076eb327c0d0b747bd7603db0f) (From OE-Core rev: 9c72ddb605f1f4fc98fa427e37b5ba8c8758c6cd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.12: intel-socfpga, intel-pmc-core and ish support for ↵Bruce Ashfield2018-05-033-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CoffeeLake board Integrating a series of mainline backports to allow better 4.12 support for the coffeelake board: 97e710ef0545 driver: clk: socfpga: remove unused variable 2852089a6b7f x86/cpu: Add Cannonlake to Intel family 1af96090b1f4 ACPI / LPIT: Export lpit_read_residency_count_address() 1e85b644ad5e ACPI / LPIT: Add Low Power Idle Table (LPIT) support 3b931f776349 platform/x86: intel_pmc_core: Special case for Coffeelake 5666379331a9 platform/x86: intel_pmc_core: Add CannonLake PCH support de9e9e9518ee platform/x86: intel_pmc_core: Read base address from LPIT f422abd33358 platform/x86: intel_pmc_core: Remove unused header file ec1ca0048923 platform/x86: intel_pmc_core: Convert to ICPU macro f894e2c0cfff platform/x86: intel_pmc_core: Substitute PCI with CPUID enumeration ce7b50cc047d platform/x86: intel_pmc_core: Refactor debugfs entries c9ca0426c9c8 platform/x86: intel_pmc_core: Fix file permission warnings 17294194d03c platform/x86: intel_pmc_core: Change driver to a module 7f142e82c8f0 platform/x86: intel_pmc_core: Fix kernel doc for pmc_dev d095df17ddf4 platform/x86: intel_pmc_core: Remove unused variable cdfd431ccc3d platform/x86: intel_pmc_core: Remove unused EXPORTED API c54edf864c58 platform/x86: intel_pmc_core: Make the driver PCH family agnostic 5302f0bfbaed HID: intel-ish-hid: Enable Cannon Lake and Coffee Lake laptop/desktop 7e5cc39c3f61 HID: intel-ish-hid: Enable Gemini Lake ish driver b00e0e88689f HID: intel-ish-hid: Enable Cannon Lake ish driver (From OE-Core rev: 0b53601c0e8a87e336dadd6854c19cdb2e1f6b55) (From OE-Core rev: 61e6adc8dfb8aa63628a2e96f9d5f7ab62307c59) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/meta: improve wifi driver granularityBruce Ashfield2018-05-033-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrating the following commit for the 4.12+ kernels: Author: Nathan Rossi <nathan@nathanrossi.com> Date: Wed Mar 21 00:10:02 2018 +1000 features/wifi: Add WiFi driver fragments for various vendors/interfaces This change adds WiFi driver configuration fragments. The fragments are split into vendor and interface files to allow for easy selection of drivers for specific interface types (USB, PCI, SDIO) which is useful for BSPs with specific interfaces. The specific vendor/interface config fragments can be included by specific BSPs in its .scc files. However .scc files (wifi-*.scc) are provided to allow enabling interface specific or all interfaces drivers via KERNEL_FEATURES or inclusion via other .scc files. And wifi-common.scc is provided to enable the base config options required for all WiFi drivers, which is done to ensure correct configuration for default no config setups (e.g. linux-yocto-tiny). This patch only enables a limited set of drivers, which is based on what the common-pc-wifi.cfg fragment sets as well as some additional drivers, that primarily appear in USB WiFi devices. Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> This gives us a much better granularity of drivers and a good baseline for future improvements. The 4.12 fragments are also slightly re-organized on top of this commit to avoid patch failures when including the new frags. (From OE-Core rev: c24d6863768a64b2c1632d5202790689a1164694) (From OE-Core rev: 9e1bc0e552d7609428cb71bda7d2b6b726146c21) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Removed upsupported kernels] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.12: add ssl and utils native dependenciesBruce Ashfield2018-05-031-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Via the -stable updates, and other configuration changes the 4.12 kernel has the same dependency on openssl headers as 4.14+. So we add the same DEPENDS line that we already have in newer kernels to avoid the following error: | HOSTCC scripts/sign-file | build/tmp/work-shared/qemux86-64/kernel-source/scripts/sign-file.c:25:30: fatal error: openssl/opensslv.h: No such file or directory | compilation terminated. | scripts/Makefile.host:107: recipe for target 'scripts/sign-file' failed | make[3]: *** [scripts/sign-file] Error 1 | make[3]: *** Waiting for unfinished jobs.... (From OE-Core rev: 80f6840baecb8b161f6443f3dd1af4e70b5e5221) (From OE-Core rev: 8660345a665ef74828036c89257bc23246243c40) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.12: update to v4.12.21Bruce Ashfield2018-05-033-16/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Integrating Paul Gortmaker's stable update to 4.12, this includes CVE fixes for meltdown and spectre: 3bb926457832 Linux 4.12.21 76781f72ce64 lguest: disable it vs. removing it. 6ab3176bb365 x86/speculation: Fix typo IBRS_ATT, which should be IBRS_ALL efa97ecdf026 x86/pti: Mark constant arrays as __initconst a4d9aaf35e28 x86/spectre: Simplify spectre_v2 command line parsing 1dbde4da259a x86/retpoline: Avoid retpolines for built-in __init functions 7f3a7b69b0f7 x86/paravirt: Remove 'noreplace-paravirt' cmdline option ebeddfbee13f x86/speculation: Use Indirect Branch Prediction Barrier in context switch 7e0a7c84eb35 x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel bf0c4c3f38f6 x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable" f4d4ccfdf361 x86/spectre: Report get_user mitigation for spectre_v1 12f20abacd8b nl80211: Sanitize array index in parse_txq_params 7686c72bfd9c vfs, fdtable: Prevent bounds-check bypass via speculative execution a3d62741fc9b x86/syscall: Sanitize syscall table de-references under speculation 0b99c598274c x86/get_user: Use pointer masking to limit speculation bf532304a22f x86/uaccess: Use __uaccess_begin_nospec() and uaccess_try_nospec 04584b001618 x86/usercopy: Replace open coded stac/clac with __uaccess_{begin, end} 5a64c3ccd99d x86: Introduce __uaccess_begin_nospec() and uaccess_try_nospec 9bbc24f34f03 x86: Introduce barrier_nospec b55fd06d6fe0 x86: Implement array_index_mask_nospec 79a2efa3e0f5 array_index_nospec: Sanitize speculative array de-references e9046d054bb9 Documentation: Document array_index_nospec 0078d6b103f9 x86/asm: Move 'status' from thread_struct to thread_info 46afe23798a3 x86/entry/64: Push extra regs right away 4213246ab7a8 x86/entry/64: Remove the SYSCALL64 fast path 026a59b9de37 x86/spectre: Check CONFIG_RETPOLINE in command line parser a345c5f7a1b6 x86/mm: Fix overlap of i386 CPU_ENTRY_AREA with FIX_BTMAP 999e3eca6861 x86/speculation: Simplify indirect_branch_prediction_barrier() c7acab78a24c x86/retpoline: Simplify vmexit_fill_RSB() be5c3f1101f7 x86/cpufeatures: Clean up Spectre v2 related CPUID flags 7addf309d0e0 x86/cpu/bugs: Make retpoline module warning conditional b7c17f71e9cc x86/bugs: Drop one "mitigation" from dmesg af16629cc1da x86/nospec: Fix header guards names ebfadec0c9dc x86/alternative: Print unadorned pointers 2e4bcf1ccaa9 x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support 332de1ac4373 x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes 79a2a1ba23e7 x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown d29069565618 x86/msr: Add definitions for new speculation control MSRs 114a7b0f431c x86/cpufeatures: Add AMD feature bits for Speculation Control 2d5755e9daac x86/cpufeatures: Add Intel feature bits for Speculation Control 3f5d9b428f05 x86/cpufeatures: Add CPUID_7_EDX CPUID leaf 2f1b883356ca module/retpoline: Warn about missing retpoline in module 8c935f65cf6a KVM: VMX: Make indirect call speculation safe 79c0d980e610 KVM: x86: Make indirect calls in emulator speculation safe 956ca31407ab x86/retpoline: Remove the esp/rsp thunk de8cd92003c6 x86/mm/64: Fix vmapped stack syncing on very-large-memory 4-level systems f2846896cd75 x86/microcode: Fix again accessing initrd after having been freed badb7498ab69 x86/retpoline: Optimize inline assembler for vmexit_fill_RSB 750d9c97cede x86/pti: Document fix wrong index 8d759c94307d kprobes/x86: Disable optimizing on the function jumps to indirect thunk 59a3c4dc0ab9 kprobes/x86: Blacklist indirect thunk functions for kprobes 2eef7eab7aea retpoline: Introduce start/end markers of indirect thunk a37c55916910 x86/mce: Make machine check speculation protected 3aab76cd9d88 x86/tsc: Fix erroneous TSC rate on Skylake Xeon b129f5955cd5 x86/tsc: Future-proof native_calibrate_tsc() 7639b8268579 x86/mm/pkeys: Fix fill_sig_info_pkey b19a92bb0f18 x86/cpufeature: Move processor tracing out of scattered features eb5a1177e60b x86/retpoline: Add LFENCE to the retpoline/RSB filling RSB macros ed114eb7be88 x86/retpoline: Fill RSB on context switch for affected CPUs 70d519c9f97c x86/kasan: Panic if there is not enough memory to boot 01e21b5f7c9c x86/retpoline: Remove compile time warning 8ca1b5f8a9f4 x86,perf: Disable intel_bts when PTI 6f037d7eaeaa security/Kconfig: Correct the Documentation reference for PTI b8c74586d251 x86/pti: Fix !PCID and sanitize defines 8e24a4722756 selftests/x86: Add test_vsyscall c3d9420f23cf x86/retpoline: Fill return stack buffer on vmexit dd182d455654 x86/retpoline/irq32: Convert assembler indirect jumps d592a8a2c5f5 x86/retpoline/checksum32: Convert assembler indirect jumps 0f3df59f16d3 x86/retpoline/xen: Convert Xen hypercall indirect jumps c0459b479a22 x86/retpoline/ftrace: Convert ftrace assembler indirect jumps 11edfaeadbd1 x86/retpoline/entry: Convert entry assembler indirect jumps bf4c91a3b74f x86/retpoline/crypto: Convert crypto assembler indirect jumps 2b243b8623a5 x86/spectre: Add boot time option to select Spectre v2 mitigation 8ab0d792e81c x86/retpoline: Add initial retpoline support f2f4c0853dba x86/pti: Make unpoison of pgd for trusted boot work for real 7495fd5400e6 x86/alternatives: Fix optimize_nops() checking 8b932f131e26 sysfs/cpu: Fix typos in vulnerability documentation 299b4adfed2e x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC 32996f3a0a81 x86/cpu/AMD: Make LFENCE a serializing instruction 10ffc3c2b2f7 x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() 9e1201731d4b x86/tboot: Unbreak tboot with PTI enabled 728d879e5c6b x86/cpu: Implement CPU vulnerabilites sysfs functions aeba317a23de sysfs/cpu: Add vulnerability folder 83e59b5d52bf x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] f7845c2cbd6e x86/Documentation: Add PTI description 16331e2c3b06 x86/pti: Unbreak EFI old_memmap 5723b0260415 kdump: Write the correct address of mem_section into vmcoreinfo 50d02826dfc0 mm/sparse.c: wrong allocation for mem_section d3cbfb481af2 mm/sparsemem: Fix ARM64 boot crash when CONFIG_SPARSEMEM_EXTREME=y (From OE-Core rev: 607b443f2abb915d4d12d6483b26030734983288) (From OE-Core rev: f10c5251dcb545e633f01b680ffee6e8cf75852d) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mirrors.bbclass: change Debian anonscm to salsaMikko Rapeli2018-05-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Debian anonscm service in Alioth is shutdown and thus fetching sources fails. https://wiki.debian.org/Alioth "Alioth is broken, and there is nobody around to fix it. Don't ask the remaining people who give it life support to implement fixes and changes. It is being replaced by a cocktail of ?GitLab (see Salsa), read-only repos and keep-alive mechanisms. See below for more information." https://wiki.debian.org/Salsa "What is Salsa? Salsa is the name of a collaborative development server for Debian based on the gitlab software. Salsa is supposed to provide the necessary tools for package maintainers, packaging teams and other Debian related individuals and groups for collaborative development. What is the status of Salsa? After various discussions about the future of Alioth, the Alioth Sprint in August 2017 gave birth to the initial setup of the the upcoming Salsa service. The productive weekend resulted in a working prototype and was launched as a beta in December 2017. It left its beta status in January 2018." (From OE-Core rev: 08ff7b42d8b7d06ef61255185c95e900ada8769b) (From OE-Core rev: 407de0c37ba21aff49b9fd43ee74ea4af28d19d4) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>