summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* gstreamer1.0-plugins-base: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: dedd38b6d864aacb79007b624fe69bdeec20e98d) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0: upgrade 1.16.1 -> 1.16.2Anuj Mittal2020-06-021-2/+2
| | | | | | | | | (From OE-Core rev: ebd7c24aa0fd5718b23af047090bd8ddf6e80d37) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gstreamer1.0-python: add a patch to fix python 3.8 buildsAlexander Kanavin2020-06-022-1/+27
| | | | | | | | | (From OE-Core rev: 1d047307e11d59eb9ac0affb308407488e1853e4) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wireless-regdb: Upgrade 2019.06.03 -> 2020.04.29Adrian Bunk2020-06-021-2/+1
| | | | | | | | | | | (From OE-Core rev: 5b71a3f3d1bca6b52f53b97971131a6771618420) (From OE-Core rev: 91686105f34f578458a5db1b8a40f15ca27a7944) Signed-off-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2020-1752Zhixiong Chi2020-06-022-0/+67
| | | | | | | | | | | | Backport the CVE patch from upstream: git://sourceware.org/git/glibc.git commit ddc650e9b3dc916eab417ce9f79e67337b05035c (From OE-Core rev: 50b04216e47b1bf0da8170c7fd62d18a07d10152) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstatesig: Optimise get_taskhash for hashequivRichard Purdie2020-06-021-2/+11
| | | | | | | | | | | | | | | | With hashequiv the get_taskhash function is called much more regularly and contains expensive operations. This these don't change based upon hash in a given build, improve the caching within the function to reduce overhead. (From OE-Core rev: de98cfe3cde4b8d5f4b163b5fba3f129651ef06a) (From OE-Core rev: 4c7e12ee42ff6ab228c2d8aa23a8153ff0debd4b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript : fix CVE-2019-10216Lee Chee Yang2020-06-022-0/+54
| | | | | | | | (From OE-Core rev: 4620180a073b721dbc91d14ab64285187bec4cb7) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-11869Lee Chee Yang2020-06-022-0/+98
| | | | | | | | (From OE-Core rev: 5ada35d14598505448c16a52e8fe129e72f1ed0b) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2020-8492Trevor Gamblin2020-06-022-0/+249
| | | | | | | | | | | | | | | | CVE: CVE-2020-8492 (From OE-Core rev: c9ee462bb606b34ab31cfb90f84a5302d15135cf) (From OE-Core rev: 5c8662e6ff870da917ed5efa02179d6da4addba9) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5811ed9140fab64da59d0d2ad6e6b0fec8341a20) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* targetcontrol: Fix leaking log handlerRichard Purdie2020-06-021-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | We had a mystery failure on the autobuilder where runqemu appeared to be failing as a logfile directory no longer existed. The key to reproducing was running a runqemu where the image was deleted (as devtool does), then running another runqemu test. E.g.: 'oe-selftest -r devtool.DevtoolExtractTests.test_devtool_deploy_target wic.Wic2.test_qemu_efi' This then tries to write to the logfile from the first test, the image directory was deleted and we get strange failures. The fix is to remove the logging handler when qemu is stopped. (From OE-Core rev: 924b020eacf111b4fd4d731b363084e254a3422d) (From OE-Core rev: 6893eb741c4cd4849e2fde1f86d9911b6c89db5b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b335fa867805f612154ae92c5a1e727d3fb29ca) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/qemurunner: Clean up failure handlingRichard Purdie2020-06-021-3/+8
| | | | | | | | | | | | | | | | | | | | | | If you fail to setup the tap devices, runqemu will error quickly however stdout/stderr are not shown to the user, instead a SystemExit traceback is shown. This could explain some long since unexplained failures on the autobuilder. Rework the error handling so SystemExit isn't used and the standard log failure messages can be shown. The code could likely ultimatley need some restructuring to work effectively. (From OE-Core rev: 83b8e66b66aa9848ed9c8761a21cb47c6443d0c6) (From OE-Core rev: 19120fce4f55f6a2903812ed9461273a85cb3544) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e820c86fb9ddfadea0c27f29e14b985ee3178320) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Documentation: Prepared for 3.0.3 releaseakuster2020-05-179-37/+72
| | | | | | | (From yocto-docs rev: 9d522e747d2715aa0b2fe4c81cacc34bfad3e1a3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resulttool/resultutils: Fix unicode error handlingRichard Purdie2020-05-151-4/+1
| | | | | | | | | | | | | | | | | | | | | | This error handling didn't work as expected since upon failure it would inject bytestreams back into the code leading to tracebacks. Instead, ignore the decode errors. Fixes: Traceback (most recent call last): File "/home/pokybuild/yocto-worker/a-full/build/scripts/resulttool", line 78, in <module> sys.exit(main()) File "/home/pokybuild/yocto-worker/a-full/build/scripts/resulttool", line 72, in main ret = args.func(args, logger) File "/home/pokybuild/yocto-worker/a-full/build/scripts/lib/resulttool/store.py", line 70, in store resultutils.save_resultsdata(results, tempdir, ptestlogs=True) File "/home/pokybuild/yocto-worker/a-full/build/scripts/lib/resulttool/resultutils.py", line 178, in save_resultsdata f.write(sectionlog) TypeError: write() argument must be str, not bytes (From OE-Core rev: b63955977ebbf9fba291faa1b30c8dba9bd52869) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to zeus head revisionzeus-22.0.3yocto-3.0.3Richard Purdie2020-05-141-1/+1
| | | | | | (From OE-Core rev: 9bab7c1a29a58ba7f97e253e4e0ac167b77d0e65) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* poky.conf: Bump version for 3.0.3 zeus releaseRichard Purdie2020-05-141-1/+1
| | | | | | (From meta-yocto rev: 2d2dc20359ca75203f2194415b53731ad8ff0066) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1f -> 1.1.1gJan Luebbe2020-05-071-1/+1
| | | | | | | | | | This also fixes CVE-2020-1967. (From OE-Core rev: 26b13f59385c1ed871aee7653c3ee7241affca38) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: Fix CVE-2020-1712wenlin.kang@windriver.com2020-05-072-0/+521
| | | | | | | | | | Fix CVE-2020-1712 (From OE-Core rev: 0d0c87e6c6082e1ac9d60d6131f889c53c25a9cc) Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.12 -> 3.6.13Wang Mingyu2020-05-071-2/+2
| | | | | | | | | | | | | (From OE-Core rev: 5cc0f0dcf1f41bc148b034b3f7abef756a328cd3) (From OE-Core rev: 7e51108dc8d3fbb63b7da9728a3790c587ee36f8) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ includes the fix for CVE-2020-11501 ] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.11.1 -> 3.6.12Alexander Kanavin2020-05-071-2/+2
| | | | | | | | | | | | (From OE-Core rev: 8652c95ceb505dd7386166842486c833ea5a7ee7) (From OE-Core rev: 7a657beeb1ff65111481501e72092b8af021c3eb) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.8 -> 3.6.11.1Alex Kiernan2020-05-072-42/+2
| | | | | | | | | | | | | | | | | Drop patch from 81485be19b18 ("gnutls: don't use HOSTTOOLS_DIR/bash as a shell on target") as upstream now honours POSIX_SHELL when set as the primary target shell. (From OE-Core rev: bc487ced3be40569157fb40c99bfa68871f74744) (From OE-Core rev: f4f933297a77f99783f9a5fb571503e1f45ad259) Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu/slirp: fix CVE-2020-7211Chee Yang Lee2020-05-072-0/+47
| | | | | | | | | | | | | | | | | fix CVE-2020-7211 for qemu slirp submodule see : https://www.openwall.com/lists/oss-security/2020/01/17/2 https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 (From OE-Core rev: 31362d739834377ac4ab880029c3e3dda0cd7698) (From OE-Core rev: c68323151b9bafb5f52dda6a4bd11712feff2e83) Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2020-7039Changqing Li2020-05-074-0/+170
| | | | | | | | | | | | (From OE-Core rev: 5ea3d9d83ed695827634e3216664c13fcff6d48a) (From OE-Core rev: b7b96bd938cf4167b4abeebb68d35ba74ce0d3c6) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: Upgrade 2.7.17 -> 2.17.18Adrian Bunk2020-05-073-3/+3
| | | | | | | | | | LICENSE checksum changed due to 2019 -> 2020 update. (From OE-Core rev: b15db3ce3af3460b7f9ae1e186e453a79a056511) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: upgrade 2.2.17 -> 2.2.19Wang Mingyu2020-05-071-2/+2
| | | | | | | | | | | | | | (From OE-Core rev: 287de363f80a2f9919b942a1349f58575e8b91d8) (From OE-Core rev: e0ca79be7d7a5574daea9866d20fdbc668defedc) Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ includes the fix for CVE-2019-14855 ] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Add PACKAGECONFIG for glusterfshaiqing2020-05-071-0/+1
| | | | | | | | (From OE-Core rev: b249fddf46b1e1ebeedf3c599acdadd93e6d046a) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: clean DB if temporary file existLee Chee Yang2020-05-071-1/+8
| | | | | | | | | | | | | | | | | | | | | when do_populate_cve_db forced stop at certain point, the DB execution are stoped however the temporary database file (DB-JOURNAL) are not removed. This db-journal file indicates that DB is incomplete and set DB in readonly mode. So when db-journal exist, remove both DB and the db-journal and build the DB again from scratch. [YOCTO #13682] (From OE-Core rev: 70713df25b8ae27a21e53b0b9234567d7053800a) (From OE-Core rev: 3f3bdb014cb6d87ee2e22db3c76b99ca6085787a) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Security Advisory - git - CVE-2020-11008Li Zhou2020-05-0713-0/+1667
| | | | | | | | | | | | | | | | | Backport the 1st -- 9th patches listed by <https://github.com/git/git/compare/v2.17.4...v2.17.5> to solve CVE-2020-11008. Also backport the 2nd -- 4th patches listed by <https://github.com/git/git/compare/v2.17.3...v2.17.4> for CVE-2020-5260 (not necessary, and only the 1st patch is necessary for this CVE), because some of the above 9 patches are based on them. (From OE-Core rev: 63c7f76912f097cdfb95296778c42887b7336925) Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Security Advisory - git - CVE-2020-5260Li Zhou2020-05-072-1/+68
| | | | | | | | | | | Backport patch from <https://github.com/git/git/commit/ 9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b> to solve CVE-2020-5260. (From OE-Core rev: e4c3adbaae41147f921dde638b25911d1f5422e1) Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2020-1751Zhixiong Chi2020-05-072-0/+71
| | | | | | | | | | | | Backport the CVE patch from upstream: git://sourceware.org/git/glibc.git commit d93769405996dfc11d216ddbe415946617b5a494 (From OE-Core rev: 807d416cb8b01de4dbb96236653bb47447018ad0) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apt-native: don't let dpkg overwrite files by defaultJan Luebbe2020-05-071-1/+1
| | | | | | | | | | | | | | | | | | | With --force-overwrite (implied by --force-all), dpkg will not abort when a package overwrites files from different packages. As this can also lead to "The following package disappeared from your system as all files have been overwritten by other packages: <package>" and subsequently broken dependencies, this makes the simple case of conflicting files hard to debug. Instead of finding all possibly required force options, only disable overwrite for now. (From OE-Core rev: b57b311cfaabbcd08ce51760abcd64cf23e1435b) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* prservice.py: fix do_package with newer Python in Ubuntu 20.04Martin Jansa2020-05-071-0/+4
| | | | | | | | | | | | | | | | | | * with Ubuntu 20.04 which is using python 3.8 I'm seeing a lot of errors like: ERROR: libxml2-2.9.10-r0 do_package: Can NOT get PRAUTO, exception No module named '_sysconfigdata' not sure what caused this from python 3.8, but this seems to work * PRserv is enabled with: PRSERV_HOST = "localhost:0" (From OE-Core rev: 4b26eaf7152fb712aba47a0c746333578f58ee8d) (From OE-Core rev: c314c6695acca9ea68e38359fb03a94afa37bb2b) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c23d6f77994698e71d9a011cddec1237158b15ca) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: Replace stime() API with clock_settimeKhem Raj2020-05-072-0/+62
| | | | | | | | | (From OE-Core rev: e69b89575e5ccec243658e09936908dd9e5d45ef) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-native: Should not search the system for headers/libraries.Jeremy Puhlman2020-05-072-0/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | The specific issue here is rpc/rpc.h, but its likely more general. /usr/include is searched for rpc/rpc.h and if it exists on the system, it changes behavior. If you are using the extended buildtools tarball on a machine that has /usr/include/rpc/rpc.h, it will decide that is good enough and not continue to search. nis fails to build because /usr/include and /usr/lib are not part of the include/link paths for the buildtools tarball compiler(nor should they be). This makes it so python3-native will not build if you are using the extended buildtools tarball, but from a larger issue perspective it is building in likely different ways depending on what machine it is building on. libtirpc is already a depend so we shouldn't need the hosts rpc/rcp.h. (From OE-Core rev: f37dfc7907ae7bac08d40468ddde2e5b8bba030c) (From OE-Core rev: db8bef336849570dd99900b173c44cc47b208058) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 400743867de587579dee85388c30190f353f80c8) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1fAlexander Kanavin2020-04-291-1/+1
| | | | | | | | | | | | | | This also un-breaks python3 ptest which got broken with 1.1.1e update. (From OE-Core rev: bd3e0d724004a346921a25defa6d812d48d6108a) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b4ddf5b9d8cd769b7026663f93c8bc69b55d8cbf) [AK: bugfix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1d -> 1.1.1eAdrian Bunk2020-04-292-761/+1
| | | | | | | | | | | | | Backported patch removed. (From OE-Core rev: 683818289ced6cd3c70860b5c97de2e89169096b) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 710bc0f8544f54750c8fb7b8affa243932927a24) [AK: bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: recommend cryptodev-module for corresponding PACKAGECONFIGDenys Dmytriyenko2020-04-291-1/+1
| | | | | | | | | | (From OE-Core rev: 285957cba45a15c90ceb062a55c957e81486a031) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 57fcf9b517fe95e871122946cb99fe7fa9fd2e26) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Use alternatives to avoid manpage conflictOvidiu Panait2020-04-291-1/+5
| | | | | | | | | | | | | | | | | | Fix the following manpage conflicts: * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man1/tftp.1 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package inetutils-doc wants to install file /usr/share/man/man8/tftpd.8 But that file is already provided by package * tftp-hpa-doc * check_data_file_clashes: Package netkit-telnet-doc wants to install file /usr/share/man/man8/telnetd.8 But that file is already provided by package * inetutils-doc (From OE-Core rev: 1c2a1f29aa720d376bc7f88edfcb1ccecc35f6c2) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fc14bfd60ad86094f65ebefbd10dbddc112d2698) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wic: align layer plugin pathLee Chee Yang2020-04-292-6/+8
| | | | | | | | | | | | | | | | | | | wic look for external layer source plugin under scripts/lib/ while other tools look for lib/. allow wic to check for source plugin at both scripts/lib/ and lib/ to align with other tools while avoid breaking any existing source plugin in external layer. [YOCTO #13056] (From OE-Core rev: 8351cb19e8a83157143b1df61cd9bbb71282e9fc) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 986baff26bd96a6265f5fe2d631818fff9f66374) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pseudo: Ensure we use our own libsqliteRichard Purdie2020-04-291-0/+2
| | | | | | | | | | | | | | | | | | | | | | pseudo-native is special in that bitbake ends up executing it from the sysroot-components directory before we have any workdirs for the bitbake fakeroot worker. Since we switched to dynamically linking sqlite, it means sqlite from the host system may be found, we really want the version in sysroot-components. Trying to run tasks to create some special environment for pseudo is hard and error prone. The simplest fix is to add an RPATH to the binary so that it can correctly find the sqlite we want. Unfortunately passing $ORIGIN into make doesn't work so well with shell quoting so we have to fix that during do_install. [YOCTO #13814] (From OE-Core rev: 2cbb3a663a3d3b2dcf8c12c26843d6087789ded0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3937ca9e2dfabb1ce9bce1d536b60b1e2a43739b) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: CPE version '-' as all versionLee Chee Yang2020-04-292-2/+2
| | | | | | | | | | | | | | | | | | | | | CPE version could be '-' to mean no version info. Current cve_check treat it as not valid and does not report these CVE but some of these could be a valid vulnerabilities. Since non-valid CVE can be whitelisted, so treat '-' as all version and report all these CVE to capture possible vulnerabilities. Non-valid CVE to be whitelisted separately. [YOCTO #13617] (From OE-Core rev: 1e8e188514584f9f972c0eb733c10a61853ec3d0) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c69ee3594079589d27c10db32bc288566ebde9ef) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernelsrc.bbclass: Fix externalsrc supportPaul Barker2020-04-171-1/+1
| | | | | | | | | | | | | | | | | | When the externalsrc class is used the tasks listed in SRCTREECOVEREDTASKS are deleted to prevent them being executed. If externalsrc is used for the kernel then this will include virtual/kernel:do_patch. We can depend on do_shared_workdir instead as this will survive when externalsrc is used. (From OE-Core rev: 5ac98c776f9b77804a0ee812f47f3ecf593e432f) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2c17d35cc7b9c5e01fd5829858d2f0234e7ac8d6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf: Fix externalsrc supportPaul Barker2020-04-171-1/+1
| | | | | | | | | | | | | | | | | | When the externalsrc class is used the tasks listed in SRCTREECOVEREDTASKS are deleted to prevent them being executed. If externalsrc is used for the kernel then this will include virtual/kernel:do_patch. We can depend on do_shared_workdir instead as this will survive when externalsrc is used. (From OE-Core rev: c30d6b98b739f1ee9c2ebb937e739453899b513d) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit eab605bab94552046ec4adae5debe026cc03bb4c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-yocto.bbclass: Support config fragments with externalsrcPaul Barker2020-04-171-1/+2
| | | | | | | | | | | | | | | | | | | | The merging of config fragments is performend in the do_kernel_configme task and so config fragments will not be supported when this task is removed from the dependency tree. kernel-yocto adds additional tasks which may modify the source directory to SRCTREECOVEREDTASKS so that they are removed when using externalsrc. However, do_kernel_configme should be safe to use, the only modification to the source tree is the potential creation of the '.kernel-meta' directory and the '.metadir' file. (From OE-Core rev: b7ae0fa668be008e46982190553d0738a5465efe) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44f04c039a4d61dd18666e42b9b9865cbc3ada9e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: don't try to rm /var/lib/opkgJan Luebbe2020-04-171-2/+1
| | | | | | | | | | | | | | | | As opkglibdir starts with a /, os.path.join will ignore self.target_rootfs, leading to an attempt to remove /var/lib/opkg. This only fails if it exists on the host, explaining why this remained undiscovered for long. (From OE-Core rev: 71711f5f20fc3744be4c9188a75606f60d524ff9) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fc974977cea389f54e7fc7de7b1c8fd3d8bafe58) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: avoid installing provided packages via aptJan Luebbe2020-04-171-2/+12
| | | | | | | | | | | | | | | | | | | | If there already is a package providing (and conflicting against) packages what should be installed, apt will try remove the conflicting package (target-sdk-provides-dummy) and any that depend on it (like apt and dpkg). This usually fails because of the protection of essential packages. In that case, no -dev/-dbg packages are installed to the SDK. Avoid this problem by checking which packages are already provided and removing them from the list to be installed. Also sort the list to make it easier to read when debugging. (From OE-Core rev: 978eeeb7c975441e5b05253a63b9d954af2b903b) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 3ffb339dd55f8ca7c952fd3390608510f772e19f) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: collect provided package names when using debsJan Luebbe2020-04-171-2/+8
| | | | | | | | | | | | | This is needed for a later change to avoid installing packages which are already provided by an installed package. (From OE-Core rev: 1bedfdf58d3ebd06126aa45c7bdc84e66c750725) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ad72dfaaa2caf2c39d033dc1682f0bbbbe45dbbd) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: fix handling of last packageJan Luebbe2020-04-171-7/+1
| | | | | | | | | | | | | | | | | In commit 7d214b34e11dc57316ed5c1c7747c4601286f6d2, only the code in the for loop was modified to store the pkgarch value. The code used if there was no empty line at the end was not modified. Instead of fixing the duplicated code, remove it and just make sure that a final empty line is processed. (From OE-Core rev: 7dba11373af742d4e4924e14e8fd386d53ffddbd) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a7b93c695b23d015607b179d98526b9b14c03d45) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: make sure to not remove packages in apt installJan Luebbe2020-04-171-1/+1
| | | | | | | | | | | | | | | apt install can decide to remove already installed packages if there are conflicts. Avoid this by explicitly specifying --no-remove. This will then cause a "E: Packages need to be removed but remove is disabled." message. (From OE-Core rev: 15790fa224f405652e8ccc93c01dee04a7259246) Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9605a488b55042add012e9aeef13ab3f4e70e6e5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: on upgrade save busybox if it is the last shellJeremy Puhlman2020-04-171-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | During a busybox upgrade on a ipk based system, it is possible that busybox is the only shell in the system. During the uninstall the alternative for /bin/sh is removed and everything after that goes down hill. * Add a check to verify if busybox is the shell, and save it to the busyboxrm directory created in tmp. Then add an alternative for /bin/sh that points to that busybox at the lowest priority. * Add PATH to the busyboxrm directory using shell(as during an upgrade busybox and its links are missing). * When install over remove extra busybox if present. deb and rpm are uneffected by the bug because they both drag in bash, however neither upgrade seemed to have issue with the changes. [YOCTO 13850] (From OE-Core rev: 443d1c8c7fb5a69c03c813f3e90758e0add7df4b) Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a9d2af8f5b3da8239cf00a52883ca596a19ea23a) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: fix CVE-2020-6750haiqing2020-04-172-0/+742
| | | | | | | | | | | | | | | GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. (From OE-Core rev: 29ed9fc7341cc3db716115aef1a6910fdb893145) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>