summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* meta: move some text from oe-setup-builddir to conf-notes.txtMing Liu2017-08-232-7/+5
| | | | | | | | | | | | | | This allows the end users to be able to override the entire notes showing on the shell console. For instance, Our company uses a external conf-notes.txt, and we run bitbake with some extra variables, looks like: F=xxx D=xxx M=xxx bitbake <target>, so we want to show exactly these texts on the shell console, that's why we need this change. (From OE-Core rev: 80bc8282df58dfeaae8f2f71ed2617d718e29f8b) Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: include proxy on pip3 installationLeonardo Sandoval2017-08-231-1/+5
| | | | | | | | | | | | | | | | | Otherwise, we get timeouts, leading to errors: pip._vendor.requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='pypi.python.org', port=443): Max retries exceeded with url: /pypi/pip/json (Caused by ConnectTimeoutError(<pip._vendor.requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x7ff741bb3ef0>, 'Connection to pypi.python.org timed out. (connect timeout=5)')) WARNING: TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/temp/run.do_populate_poky_src.185123:1 exit 1 from 'pip3 install --user -I -U -v -r TOPDIR/tmp/work/qemux86-poky-linux/build-appliance-image/15.0.0-r0/rootfs/home/builder/poky/bitbake/toaster-requirements.txt' DEBUG: Python function do_image finished Complete log at [1] [1] http://errors.yoctoproject.org/Errors/Build/43393/ (From OE-Core rev: 8291156c30e54a05ad455dda2b8540a570bb0f4a) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/path.py: copyhardlinktree: don't overwrite existing symlinksIoan-Adrian Ratiu2017-08-231-1/+1
| | | | | | | | | | | | | | | | | | | Before GNU tar 1.24, only the archive creation command had the '-h' argument to preserve and follow symlinks. After >= 1.24 via commit 14efeb9f956e38d7be (tar: --dereference consistency) the capability to preserve symlinks was also added to the archive extraction command. -h is default at archive creation but is not default at extraction, meaning that it will replace symlinks with directories even if the original filesystem directory tree and archive contains them. Add -h to the copyhardlinktree extraction step so the build can support symlinks in variables like ${DEPLOY_DIR_IPK/RPM/DEB}. (From OE-Core rev: c1b73fe26540c38086e259be6eb313e0826dceed) Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel.bbclass: external toolchain fixJuro Bystricky2017-08-231-5/+2
| | | | | | | | | | Refactor get_cc_option so it is simpler and also does not fail when using external toolchain. (From OE-Core rev: d4564ee59df907d1e01a3610ac88a35f9a78c1ce) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python2.7: improve reproducibilityJuro Bystricky2017-08-232-0/+35
| | | | | | | | | | | | | | | | The compiled .pyc files contain time stamp corresponding to the compile time. This prevents binary reproducibility. This patch allows to achieve binary reproducibility by overriding the build time stamp by the value exported via SOURCE_DATE_EPOCH. Patch by Bernhard M. Wiedemann, backported from https://github.com/python/cpython/pull/296 [YOCTO#11241] (From OE-Core rev: 2a044f1e4f5c63e11e631b31f741c7aabfa6f601) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.10: CVE & misc fixesBruce Ashfield2017-08-233-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Updating the 4.10 SRCREVs to import the following changes: 65370fa249e2 drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() 530ec12a0cb0 ACPICA: Namespace: fix operand cache leak b1098b5bbded char: lp: fix possible integer overflow in lp_setup() 56ee0c7811e5 dccp/tcp: do not inherit mc_list from parent 9f6cbd022bba nfsd: encoders mustn't use unitialized values in error cases 084036ebc243 nfsd: fix undefined behavior in nfsd4_layout_verify 973f780eeaa6 xen-blkback: don't leak stack data via response ring 20c4b5015fea brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() 1dff0f28b490 ipx: call ipxitf_put() in ioctl error path d666a8e60a45 mm: fix new crash in unmapped_area_topdown() 73d059ba1a17 mm: larger stack guard gap, between vmas Which address the following CVEs: CVE-2017-8890 CVE-2017-1000363 CVE-2017-11472 CVE-2017-7346 CVE-2017-1000380 CVE-2017-7541 CVE-2017-10911 (From OE-Core rev: 6cfd520ea050aa449f0ac7ee0b2c647d14d588ad) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-yocto: ensure that only valid BSPs are builtBruce Ashfield2017-08-232-1/+4
| | | | | | | | | | | | | | | | | | | | | There was a bug in the search routines responsible for locating BSP definitions which returned a valid match if only the ktype matched. This meant that someone looking for "qemux86foo" (which is an invalid definition) would potentially end up building "qemuarm" and be none the wiser (until it didn't boot). With this fix to the tools search routine, and improved return code testing, we will now stop the build and report and error to the user. [YOCTO: #11878] (From OE-Core rev: 44aea7b87307795fe4e089c51d45afccaa2f6525) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: bump default version to 4.12Bruce Ashfield2017-08-232-2/+2
| | | | | | | | | | | Not all the qemu machines carry default kernel specifications. While we could drop these references, we'll bump them to 4.12 to pick up the latest and remove them in future commits. (From OE-Core rev: c58df63d88a07d3275e7337f7d284b0a50db82cc) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-headers: update to 4.12Bruce Ashfield2017-08-232-3/+3
| | | | | | | | | | | | The fall 2017 kernel will have 4.12 as the reference kernel, so we update the libc-headers to match. Build tested against glibc and muslc systems. (From OE-Core rev: 4b5cce1c691e991c80d255a4900220068ff6f062) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: remove 4.1 recipesBruce Ashfield2017-08-233-101/+0
| | | | | | | | | | We have 4.4 and 4.9 as LTS kernels, the 4.1 variants are no longer needed and are dropped. (From OE-Core rev: 1a25cea311cbebb2af0c1a0b964208281e6026de) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: introduce 4.12 recipesBruce Ashfield2017-08-233-0/+107
| | | | | | | | | | | | | | | The 4.12 kernel will be the default/reference for the fall 2017 release. These recipes represent the introduction of 4.12.7 + related kernel meta data. Existing functionality has been validated against this new kernel version, and older versions will be removed in separate commits. (From OE-Core rev: 4e5044bcea68f3bac3596507f0828d3cbe869df1) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto: add usb-net configs by defaultBruce Ashfield2017-08-2312-12/+12
| | | | | | | | | | | As requested by QA to enable testing of linux-yocto images out of the box, we enable usb-net drivers for the various platforms in all kernel versions. (From OE-Core rev: 5322eef31c8b63ead49b2f13312d3356a016ff64) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/4.1: fix fsl-ls10xx sdhciBruce Ashfield2017-08-233-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mmc: sdhci: fix two compile errors | CC drivers/mmc/host/sdhci.o | drivers/mmc/host/sdhci.c: In function 'sdhci_execute_tuning': | drivers/mmc/host/sdhci.c:1990:4: error: implicit | declaration of function 'sdhci_do_reset' | [-Werror=implicit-function-declaration] | sdhci_do_reset(host, SDHCI_RESET_CMD); | ^ | drivers/mmc/host/sdhci.c:2006:7: error: 'struct | mmc_command' has no member named 'busy_timeout' | cmd.busy_timeout = 50; | ^ In function sdhci_execute_tuning, replace sdhci_do_reset with sdhci_reset, replace busy_timeout with cmd_timeout_ms. Commit a629a90ba0 adds eMMC DDR mode support for t2080qds and modified some data structures and function name. Later commit a2080cc280 just backport upstream commit 61e53bd004 without aligning the current source tree thus cause these build errors. Fix them. Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> (From OE-Core rev: 538d2f0857f09ca86026d5771ea7c3fb74c0f857) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-yocto: configuration updates: x86 featuresBruce Ashfield2017-08-236-6/+6
| | | | | | | | | | | | | | | | | | | Integrating the following kernel configuration changes: f7fbd4185e5 features/qat: additional configurations, CONFIG_CRYPTO_RSA and CONFIG_CRYPTO_DH 50c62581d283 features/netfilter: additional configurations d67e4ed89556 features/x2apic: add X2APIC feature 7889b28c5300 features/vfio: add VFIO feature dc4ec998757e features/numa: Add NUMA feature c88c18de4ca8 features/mtd: add MTD feature 9035571d32ee features/iommu: add IOMMU feature 6f3b16136f55 features/intel-txt: add intel-txt feature 4936a5f508f0 common-pc-wifi: Enable SDIO for BroadCom BRCMFMAC (From OE-Core rev: 59d294f119dc91d9ec47b0a8381d3addc86a6e3a) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: CVE-2017-9727, -9835, -11714Joe Slater2017-08-234-0/+224
| | | | | | | | | | | CVE-2017-9727: make bounds check in gx_ttfReader__Read more robust CVE-2017-9835: bounds check the array allocations methods CVE-2017-11714: prevent trying to reloc a freed object (From OE-Core rev: 2eae91f9fa1cfdd3f0e6111956c8f193fd0db69f) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix several CVEs by adding bounds checkingJoe Slater2017-08-235-0/+143
| | | | | | | | | | | | CVE-2017-9611 CVE-2017-9612 CVE-2017-9739 CVE-2017-9726 (From OE-Core rev: 3e5d80c84f4c141bc3f3193d1db899b0e56993cf) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: fix build on gcc where _FORTIFY_SOURCE is definedMartin Jansa2017-08-232-0/+40
| | | | | | | | | | | | | | | | | | | | * e.g. with gentoo gcc-7.1 they define _FORTIFY_SOURCE by default with: https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo/src/patchsets/gcc/7.1.0/gentoo/10_all_default-fortify-source.patch?view=markup which results in following error while building grub-efi-native: ./config-util.h:1504:48: error: this use of "defined" may not be portable [-Werror=expansion-to-defined] || (defined _FORTIFY_SOURCE && 0 < _FORTIFY_SOURCE \ ^~~~~~~~~~~~~~~ this part comes from gnulib and it's used only for Apple and BSD, so we can ignore it, but we cannot add -Wno-error=expansion-to-defined because this warning was introduced only in gcc-7 and older gcc will fail with: cc1: error: -Werror=expansion-to-defined: no option -Wexpansion-to-defined use #pragma to work around this (From OE-Core rev: f5302b0ad2942f7705d46c33949ebc1c5ddf3f58) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fixesYi Zhao2017-08-235-0/+404
| | | | | | | | | | | | | | | | | | | | | | | | | Fix CVE-2017-9147, CVE-2017-9936, CVE-2017-10668, CVE-2017-11335 References: https://nvd.nist.gov/vuln/detail/CVE-2017-9147 https://nvd.nist.gov/vuln/detail/CVE-2017-9936 https://nvd.nist.gov/vuln/detail/CVE-2017-10668 https://nvd.nist.gov/vuln/detail/CVE-2017-11335 Patches from: CVE-2017-9147: https://github.com/vadz/libtiff/commit/4d4fa0b68ae9ae038959ee4f69ebe288ec892f06 CVE-2017-9936: https://github.com/vadz/libtiff/commit/fe8d7165956b88df4837034a9161dc5fd20cf67a CVE-2017-10688: https://github.com/vadz/libtiff/commit/6173a57d39e04d68b139f8c1aa499a24dbe74ba1 CVE-2017-11355: https://github.com/vadz/libtiff/commit/69bfeec247899776b1b396651adb47436e5f1556 (From OE-Core rev: 5c89539edb17d01ffe82a1b2e7d092816003ecf3) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* machine-sdk: oldest kernel for x86/x86_64 is 3.2.0 nowRuslan Bilovol2017-08-233-3/+0
| | | | | | | | | | | | | | | | | With glibc upgrade to 2.26 release (commit d6a0bc57fa07 "glibc: Upgrade to 2.26 final release") it's not possible to build x86/x86_64 SDK for kernels lower than 3.2.0 (see glibc commit 139ace95756a "Require Linux kernel 3.2 or later on x86 / x86_64.") Thus drop SDK_OLDEST_KERNEL overrides from machine-specific conf files, so default version 3.2.0 from conf/bitbake.conf will be picked up. (From OE-Core rev: 0724896f7a2092abf2f3bafa9fac96c5210d39a5) Signed-off-by: Ruslan Bilovol <rbilovol@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libcheck: fix file-rdeps QA issueMartin Jansa2017-08-231-1/+0
| | | | | | | | | | * Fixes: ERROR: nativesdk-libcheck-0.10.0-r0 do_package_qa: QA Issue: /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/checkmk contained in package nativesdk-libcheck requires /usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/usr/bin/gawk, but no providers found in RDEPENDS_nativesdk-libcheck? [file-rdeps] (From OE-Core rev: 71c29b53f1a44430306eeda96dc43cf7d002afe5) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs: fix build with glibc-2.26Martin Jansa2017-08-232-0/+33
| | | | | | | (From OE-Core rev: 34b79a0e8b4d872ce0e104611be5e0e08cff8581) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apt: Upgrade to 1.2.24Aníbal Limón2017-08-238-20/+182
| | | | | | | | | | | | | | | | | | | | | | | Add new patches for enable builds on hosts that has GCC version minor than 5 because doesn't support std::array and std::put_time, those patches could be removed after get rid of Debian8 and Centos7 support. - gcc_4.x_Revert-avoid-changing-the-global-LC_TIME-for-Release.patch - gcc_4.x_Revert-use-de-localed-std-put_time-instead-rolling-o.patch - gcc_4.x_apt-pkg-contrib-strutl.cc-Include-array-header.patch The LIC_FILES_CHKSUM changed because the license file now has style changes in the text remains GPLv2+. The patch Revert-always-run-dpkg-configure-a-at-the-end-of-our was updated because now the precision fields use floating point numbers. (From OE-Core rev: da99ae14c3a5719b317ff71b8f778a7c987f6158) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dpkg: Upgrade to 1.18.24Aníbal Limón2017-08-237-74/+89
| | | | | | | | | | | | | | | | | | | | | | | | | Patches rebased due to don't apply, no major changes, - 0002-Adapt-to-linux-wrs-kernel-version-which-has-characte.patch - arch_pm.patch - noman.patch Patches related to move ostable/triplettable insida data/ostable and data/tupletable instead also needs to comply the new format of the tables for arch detection. - 0006-add-musleabi-to-known-target-tripets.patch - add_armeb_triplet_entry.patch And finally a patch to avoid usage --clamp-mtime in tar needs to be modified because the dpkg-deb internal API changed. - 0007-dpkg-deb-build.c-Remove-usage-of-clamp-mtime-in-tar.patch (From OE-Core rev: dc1ae641435999095e8759812b096fec1f28c90d) Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* strace: 4.17 -> 4.18Robert Yang2017-08-234-65/+33
| | | | | | | | | | | | | | - Updated update-gawk-paths.patch. - Updated Makefile-ptest.patch - Removed 0008-replace-struct-ucontext-with-ucontext_t.patch which is already in the source. - The LIC_FILES_CHKSUM is changed because the years have been updated, the contents are the same. (From OE-Core rev: 111e4a8642160c8441e447da32a4ef52995bbe99) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* e2fsprogs: 1.43.4 -> 1.43.5Robert Yang2017-08-233-388/+1
| | | | | | | | | | | Removed the following 2 patches which are already in the source: - 0001-e2fsck-exit-with-exit-status-0-if-no-errors-were-fix.patch - e2fsprogs-1.43-sysmacros.patch (From OE-Core rev: ce0efa2e38611428aff6d39d52ce29f8a6571813) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tcl: 8.6.6 -> 0.8.7Robert Yang2017-08-231-2/+2
| | | | | | | (From OE-Core rev: c73d1ceaa6643b3713e95154ba2a53eb304257a7) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libbsd: 0.8.5 -> 0.8.6Robert Yang2017-08-231-2/+2
| | | | | | | (From OE-Core rev: 8c53a8c87c509da68d1f423ecd11f6b11186acd1) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: 2.13.2 -> 2.13.3Robert Yang2017-08-232-11/+11
| | | | | | | (From OE-Core rev: 544d522ff0eb8d57753eb5c237743d2310866fec) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-module-split: rrecommend kernel-image instead of rdependMartin Hundebøll2017-08-231-1/+6
| | | | | | | | | | | | | | | | Hard depending on the kernel makes it impossible to install kernel modules without getting the kernel image installed too. This is inconvenient in e.g. initramdisks, where the kernel is loaded from outside the initramdisk. Making the kernel modules rrecommend kernel-image-<version> instead of rdepending on it, makes it possible to install kernel modules without the kernel image by setting "kernel-image" in BAD_RECOMMENDATIONS. (From OE-Core rev: 5dd7ddb66a6846d9bb59dc7833e8318992d0e645) Signed-off-by: Martin Hundebøll <mnhu@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Fix for CVE-2017-12865Sona Sarmadi2017-08-232-0/+88
| | | | | | | | | | | | | dnsproxy: Fix crash on malformed DNS response If the response query string is malformed, we might access memory pass the end of "name" variable in parse_response(). [YOCTO #11959] (From OE-Core rev: fb3e30e45eea2042fdb0b667cbc2c79ae3f5a1a9) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: 2.1.20 -> 2.1.23Hongxu Jia2017-08-236-42/+90
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. COPYING.LIB: Rename to COPYING.LGPL3. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1 2. Rebase patches: - pkgconfig.patch -> 0001 - use-pkgconfig-instead-of-npth-config.patch -> 0002 - dirmngr-uses-libgpg-error.patch -> 0003 - autogen.sh-fix-find-version-for-beta-checking.patch -> 0004 3. Fix gpg2 not found ... dnf -vy makecache |Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature verification error: gpgme_engine_check_version() error: Invalid crypto engine. ... The upstream install gpg by default and no gpg2 ... commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b Author: Werner Koch <wk@gnupg.org> Date: Sat Aug 5 14:39:32 2017 +0200 gpg: Install gpg by default under the name gpg. ... Add --enable-gpg-is-gpg2 to revert it. (From OE-Core rev: f62d844424670967d2d40cd2afc96f5fc597bf1d) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdk-pixbuf: fix ptest RDEPENDS for multilib buildWenzong Fan2017-08-231-1/+1
| | | | | | | | | | Don't hardcode the package name, it could be gdk-pixbuf or lib32-gdk-pixbuf. (From OE-Core rev: 92a299a550b5b9c68c0285fdeb3d4c9defa0dede) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: allow plugins to set LICENSE and LIC_FILES_CHKSUMPaul Eggleton2017-08-232-80/+79
| | | | | | | | | | | | | | | | | | | | | We were being a bit prescriptive in setting LICENSE and LIC_FILES_CHKSUM. We can't always trust what's in the metadata accompanying some source which plugins will almost always be pulling from, however we do want to allow plugins to set the LICENSE and LIC_FILES_CHKSUM values. Merge what we find in our license file scan with what the plugin sends back. Additionally, plugins can now add a "license" item to the handled list in order to inhibit the normal LICENSE / LIC_FILES_CHKSUM handling if they have already taken care of it completely. Thanks to Mark Horn <mark.d.horn@intel.com> for prompting, testing and fixing this patch. (From OE-Core rev: 1df60b09f7a60427795ec828c9c7180e4e52f98c) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: allow plugins to set PN / PV more easilyPaul Eggleton2017-08-231-7/+9
| | | | | | | | | | | | | Previously if we were able to auto-determine the name from the URL, that took precedence over any name that might be set in extravalues by a plugin. Some plugins might be able to get a better idea of the name and thus we should move defaulting of the name further down after the plugins have had a chance to set it. (From OE-Core rev: 3bb979c13463705c4db6c59034661c4cd8100756) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: import: new plugin to import the devtool workspaceLeonardo Sandoval2017-08-232-0/+180
| | | | | | | | | | | | | | | | Takes a tar archive created by 'devtool export' and imports (untars) it into the workspace. Currently the whole tar archive is imported, there is no way to limit what is imported. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510 [YOCTO #10510] (From OE-Core rev: 2de8ba89ef10fefcc97246dfeb4b8d1e48ee8232) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: append md5sum only if not already presentLeonardo Sandoval2017-08-231-2/+5
| | | | | | | | | | | In case the proposed md5sum to be appended to the .devtool_md5 file is already present, do not append it. (From OE-Core rev: f958c5cba3b0d24ca696b2b707857009c9a7b5b8) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: export: new plugin to export the devtool workspaceLeonardo Sandoval2017-08-231-0/+119
| | | | | | | | | | | | | | | | | | By default, exports the whole workspace (all recipes) including the source code. User can also limit what is exported with --included/--excluded flags. As a result of this operation, a tar archive containing only workspace metadata and its corresponding source code is created, which can be properly imported with 'devtool import'. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510 [YOCTO #10510] (From OE-Core rev: f9bc3b5101b554a72298266519dbdd1497f262a6) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: upgrade: enable branch checking when revision is providedChang Rebecca Swee Fun2017-08-231-5/+22
| | | | | | | | | | | | | | | | | When devtool upgrade is run on a recipe with revision specified that is not on master branch, and branch isn't set by --srcbranch or -B, then we should get the correct branch and append the branch to the URL. If the revision was found on multiple branches, we will display error to inform user to provide a correct branch and exit. [YOCTO #11484] (From OE-Core rev: 29ced7387a92aed17b7fe93b1654790a981734c1) Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: create: replacing PV in SRCURIStanley Phoong2017-08-231-1/+3
| | | | | | | | | | | | | During recipe creation, it seems that the automation for replacing ${PV} at the SRCURI for tag, (e.g mbed-tls-${PV}) is causing some issue due to PV assuming it's a git source. A fix is implemented in this patch to resolve this issue. (From OE-Core rev: 9d3ec76c1b7dd75d904f5ff47297de0fb65b21c2) Signed-off-by: Stanley Phoong <stanley.cheong.kwan.phoong@intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: create: handle git URLs specifying only a tagStanley Phoong2017-08-231-1/+22
| | | | | | | | | | | | | If a git URL is passed to recipetool create with a tag=, recipetool should handle it assuming that the tag is valid. [YOCTO #11393] (From OE-Core rev: 3afdcbdc9a3e65bc925ec61717784ffec67d529d) Signed-off-by: Stanley Phoong <stanley.cheong.kwan.phoong@intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: create: being able to set branch when revision is providedChang Rebecca Swee Fun2017-08-231-0/+48
| | | | | | | | | | | | | | | | | | | | | This change is to improve the buildability of the recipe created by recipetool and devtool. When recipetool create is run on a git URL and a revision specified that is not on master, and "branch=" isn't already in the URL, then we should get the correct branch and append the branch to the URL. If the revision was found on multiple branches and 'master' is not in the list, we will display error to inform user to provide a correct branch and exit. [YOCTO #11389] (From OE-Core rev: ecca596b75cfda2f798a0bdde75f4f774e23a95b) Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: create: disable PREMIRRORS and MIRRORS by defaultChang Rebecca Swee Fun2017-08-232-1/+9
| | | | | | | | | | | | | | | When creating new recipes, we are almost certainly fetching a new source rather that something that has already been fetched. I have disable PREMIRRORS and MIRRORS settings in the recipe that created by devtool while leaving an option for users to enable them manually if needed. Since devtool already has this options, we need to ensure that recipetool is able to handle the options passed from devtool. (From OE-Core rev: 091cee2bdc2378a3425a4ef8558d03e6f9c021ff) Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: process: Ensure we call select() to know which fds to readRichard Purdie2017-08-221-1/+1
| | | | | | | | | | | | | | | | | | | There is an interesting bug in the current code where a sync command is not seen until the current async command completes, by which time the UI may have shut down. The reason is that if there are idle commands, we may not end up sleeping in the select call at all, partiularly under heavy load like parsing. Fix this by calling select with a zero timeout so that we see active fds and know to read from them. This fixes various problems toaster was having with the recent server changes. [YOCTO #11898] (Bitbake rev: bbcce58e824b2793abf50efa52db158ae16e23e4) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool/copy_buildsystem: adds meta-skeleton layer in the eSDK installation.Juan M Cruz Alcaraz2017-08-191-0/+12
| | | | | | | | | | | | | | | The eSDK installation requires the meta-skeleton layer. The build system might use the meta-skeleton recipes as layout to create custom recipes. An example is the recipetool script that uses the meta-skeleton kernel recipe when creating a custom kernel recipe. [YOCTO #11102] (From OE-Core rev: 5c9ef0734d23909b5694ed43cdbb205c2ba9ca95) Signed-off-by: Juan M Cruz Alcaraz <juan.m.cruz.alcaraz@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* initramfs-framework/setup-live: also boot live image if root=/dev/ram0California Sullivan2017-08-191-1/+1
| | | | | | | | | | | | | | | | | | Our grub and syslinux bootloaders both define root=/dev/ram0 for live images by default. Kernel docs show that root=/dev/ram0 is just a sentinel value for the kernel to mount the initrd as root, which then mounts and switches to the real root. This is exactly what our scripts do, so just check for root=/dev/ram0 as well. See: https://www.kernel.org/doc/html/v4.11/admin-guide/initrd.html#operation This fixes the issue where the new initramfs-framework scripts would not boot live images that use grub or syslinux bootloaders. (From OE-Core rev: a30f8f60017d566d845ee5d3a8cfc338017211b0) Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: rename back to openssl and make it the default via PREFERRED_VERSIONAlexander Kanavin2017-08-1934-11/+5
| | | | | | | | | | | | | | | | openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed back to openssl10. This does not always work: http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html but for many recipes it does. (From OE-Core rev: 5585103c195104e85ed7ac1455bef91b2e88a04d) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* prelink: Change the behavior to avoid checking USER_CLASSESMark Hatle2017-08-191-3/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | The behavior before this change was to check USER_CLASSES and adjust the install script to return either exit 0 (don't do anything) or exit 1 (run on first boot). This enabled a user to include the prelink package without enablign the image-prelink bbclass and get a first boot prelink. Checking USER_CLASSES is not desired, as an image should be able to simply inherit the image-prelink and get the same type of behavior. Modifying the recipe based on the inclusion of a class is a bad idea as it makes this style work more difficult. So we move to a more defined strategy based on exist uses. (That we know of...) If we ae doing a cross install, we want to avoid prelinking. Prelinking during a cross install should be handled by the image-prelink bbclass. If the user desires this to run on the target at first boot they will need to create a custom boot script. [YOCTO #11169] (From OE-Core rev: e31c9d32072b9cf62c0e9e55b4d421849d3d489b) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu conf: replace deprecated option with new optionChen Qi2017-08-194-4/+4
| | | | | | | | | | | | Replace the deprecated '-usbdevice' option with '-device usb-xx' option. This would fix runqemu boot error like below. '-usbdevice' is deprecated, please use '-device usb-...' instead (From OE-Core rev: 2f1f3480d344f8521e01f456d2dcd6c4e989ec59) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: backport patches to fix boot failureChen Qi2017-08-193-0/+214
| | | | | | | | | | | Backport two patches to fix the following error when booting qemu. Failed to unlock byte 100 (From OE-Core rev: 91eee8b08cd52f49bb1c8f8c680607b3f3a52d24) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix CVE-2017-922{6-9}Joe Slater2017-08-195-0/+170
| | | | | | | | | | | | CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value (From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>