summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* perl: remove plan9 related stuff in perl-ptest packageChen Qi2016-11-231-1/+2
| | | | | | | | | | Remove plan9 related stuff as they are useless for linux systems. (From OE-Core rev: f0f11d868bbf02ffc8352e77c075de0577c2746e) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix protocol minor version fall-backYi Zhao2016-11-232-0/+56
| | | | | | | | | | | | | | | | | | | Mount nfs directory would fail if no specific nfsvers: mount -t nfs IP:/foo/bar/ /mnt/ mount.nfs: an incorrect mount option was specified mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if the kernel doesn't understand the requested NFS version. Unfortunately if the requested minor is not known to the kernel it returns -EINVAL. Backport patch from nfs-utils-1.3.4 to fix this issue. (From OE-Core rev: 332596628697d28ae6e8c2271c9658aaf5e54796) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-7055Yi Zhao2016-11-232-0/+44
| | | | | | | | | | | | | | | | | | | There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. External References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055 https://www.openssl.org/news/secadv/20161110.txt Patch from: https://github.com/openssl/openssl/commit/57c4b9f6a2f800b41ce2836986fe33640f6c3f8a (From OE-Core rev: 07cfa9e2bceb07f3baf40681f8c57f4d3da0aee5) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* parselogs: Whitelist NUC6 firmware load error message on genericx86-64California Sullivan2016-11-231-0/+1
| | | | | | | | | | | | | This was already whitelisted, but the 4.8 kernel changed the error message, causing it to get caught by parselogs again. Fixes [YOCTO #10494]. (From OE-Core rev: e1bad14231115f3b1a2bf844ef5b2022c648b55d) Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* OpenSSL: CVE-2004-2761 replace MD5 hash algorithmT.O. Radzy Radzykewycz2016-11-231-0/+69
| | | | | | | | | | | | | | | | | | | | | | | Use SHA256 as default digest for OpenSSL instead of MD5. CVE: CVE-2004-2761 The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. Upstream-Status: Backport Backport from OpenSSL 2.0 to OpenSSL 1.0.2 Commit f8547f62c212837dbf44fb7e2755e5774a59a57b Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (From OE-Core rev: f924428cf0c22a0b62769f8f31f11f173f25014f) Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/lsb: better handle missing fieldsJoshua Lock2016-11-231-8/+5
| | | | | | | | | | | | | | | | | | Some rolling release distros, such as Arch Linux, don't include a VERSION_ID field in their os-release file. Change release_dict_osr() to better handle this optional field being absent. Further improve the resilience of the release_dict_*() methods by always returning a dict and using dict.get() in distro_identifier() to supply a default, empty string, value when then key is missing. (From OE-Core rev: e36066dcc3b56cac1c695370ea178b566c0ebfd6) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts: Specify the stats to take into accountLeonardo Sandoval2016-11-231-17/+82
| | | | | | | | | | | | | | | | | | | | | | | | | There are many more stats on buildstats that 'Elapsed time', so make the script more flexible to support all stats. Some cmd line examples: $ buildstats.sh -s 'utime' Buildstats' data covers proc's stats in different areas, including CPU times, IO, program system resources and child program system resources. In order to print values on each of these sets from command line, one can use the following: $ buildstats.sh -H -s 'TIME' | less $ buildstats.sh -H -s 'IO' | less and 'RUSAGE' and 'CHILD_RUSAGE' for program and program's child system resources. (From OE-Core rev: 81479b191287ccbf4cf94fa2d0ad46813091bca1) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* buildstats: Place 'Elapsed Time' stat into a single lineLeonardo Sandoval2016-11-231-2/+2
| | | | | | | | | | | All lines except one (the one containing the 'Elapsed Time') follows the format 'stat: value'. Fix that so post parsing the stats is simpler. (From OE-Core rev: 47dfd172754440a7ab28eb1b59d9bd484cdad22a) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: modify: support recipes with only local files as sourcePaul Eggleton2016-11-232-0/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The hello-mod recipe is unusual in that it has only local files in SRC_URI and builds these out of ${WORKDIR}. When you use devtool modify on it, devtool puts all of those files in an "oe-local-files" subdirectory of the source tree, which is not ${S} (or ${B}) any more and thus building the recipe afterwards fails. It's a bit of a hack, but symlink the files in oe-local-files into the source tree (and commit the symlinks with an ignored commit so that the repo is clean) to work around the problem. We only do this at time of extraction, so any files added to or removed from oe-local-files after that won't be handled, but I think there's a limit to how far we should go to support these kinds of recipes - ultimately they are anomalies. I initially tried a hacky workaround where I set effectively set B = "${WORKDIR}" and that allowed it to build, but other things such as the LIC_FILES_CHKSUM checks still broke because they expected to find files in ${S}. Another hack where I set the sourcetree to point to the oe-local-files subdirectory works for hello-mod but not for makedevs since whilst that is similar, unlike hello-mod it does in fact have files in the source tree (since it has a patch that adds COPYING) and thus the same issue occurred. Also tweak one of the tests that tries devtool modify / update-recipe on the makedevs recipe to try building it since that would have caught this issue. Fixes [YOCTO #10616]. (From OE-Core rev: 857c06d6a1d161bf5a01311d07758bd4241929a3) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* licenses.conf: Fix variable name in comments (FOSS_NO_COPYRIGHT)Olof Johansson2016-11-231-3/+2
| | | | | | | | | | | | | | | A FOSSology related variable was renamed from FOSS_COPRYIGHT to FOSS_NO_COPYRIGHT, but the comment block describing the variable in licenses.conf was missed. Besides fixing this, this change also removes a redundant comment about where the variable is defined (it's right there! ;-)). (From OE-Core rev: 5f08d4ea1b4ddf04d7f1d8aa38c0dac9b1af44bc) Signed-off-by: Olof Johansson <olofjn@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* webkitgtk: move recommends on ca-certificates from epiphany to webkitgtk.Carlos Alberto Lopez Perez2016-11-232-2/+3
| | | | | | | | | | | | | | | | | | | | * The webkitgtk package should recommend the ca-certificates one, because any program usign webkit (and not only epiphany) would expect that the CAs certificates are available and that https validation works as expected. * For example, webkitgtk includes a MiniBrowser program that would fail to proper verify https sites if the ca-certificate package is not installed * Instead of making each one of the webkitgtk consumers care about the certificate package, do this in webkit itself. (From OE-Core rev: fe694f9713595fc5f83c47111f03fc8a0a222f14) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipetool: add postinst to .deb importStephano Cetola2016-11-231-3/+32
| | | | | | | | | | | | | | The .deb import feature did not import postinst, postrm, preinst, or prerm functions. This change checks to see if those files exist, and if so, adds the appropriate functions. [ YOCTO #10421 ] (From OE-Core rev: ebb73aa6ad920bfd6a23f8c20105d6bcf07dd3d5) Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rpm: fix multilib macro installationChen Qi2016-11-231-2/+6
| | | | | | | | | | | | | | | | | | For now, the rpm macro for multilib is not installed correctly. For example, in x86-64 lib32 situation, the macro is installed under tmp/work/x86-pokymllib32-linux/rpm/5.4.16-r0/image/usr/lib/rpm/poky/i686-linux/. The directory is even not under WORKDIR. And it will of course not be packaged. We need to save necessary values before updating the localdata and restore them so that the macros could be installed into the correct directory. (From OE-Core rev: 40e92de46489bdab0af48fedc46c0d153355f15c) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-selftest: enforce en_US.UTF-8 localeMaciej Borzecki2016-11-231-0/+3
| | | | | | | | | | | Replicate bitbake and eforce en_US.UTF-8 locale so that ouptut of locale-aware tools remains stable. (From OE-Core rev: 17cd2cb99d3610fd77595ff116b2168188c250cd) Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devshell: list commands when throwing NoSupportedTerminalsStephano Cetola2016-11-232-4/+17
| | | | | | | | | | | | | | | When attempting to run devshell, if no terminal is available, the error being thrown was not very specific. This adds a list of commands that failed, informing the user of what they can install to fix the error. [ YOCTO #10472] (From OE-Core rev: c077f4aab2fc956408d4ad45c4e2e2ea6e480624) Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: systemd should not depend on systemd-containerMax Krummenacher2016-11-231-0/+1
| | | | | | | | | | | | | | | Currently systemd depends on systemd-container due to a dangling symlink deployed with systemd. Move the symlink to systemd-container. | DEBUG: systemd contains dangling link /lib/systemd/system/systemd-machined.service | DEBUG: target found in systemd-container (From OE-Core rev: e12912ac7484654c201d167831b302a821e14972) Signed-off-by: Max Krummenacher <max.krummenacher@toradex.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity.bbclass: fix check_connectivity() for BB_NO_NETWORK = "0"Robert Yang2016-11-231-5/+9
| | | | | | | | | | | | | | | The old code: network_enabled = not d.getVar('BB_NO_NETWORK', True) It is True only when BB_NO_NETWORK is not set (None), but BB_NO_NETWORK = "0" should also be True while "1" means no network, "0" means need network in a normal case. (From OE-Core rev: 3d8db6cb992f96023a0486f64fe6b0f1ead04184) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity.bbclass:check_connectivity(): print more error messagesRobert Yang2016-11-231-1/+4
| | | | | | | | | | | | | | | | This can help fix the problem when the error happens. Now the error message is: Fetcher failure for URL: 'https://www.example.com/'. URL https://www.example.com/ doesn't work. Please ensure your host's network is configured correctly, or set BB_NO_NETWORK = "1" to disable network access if all required sources are on local disk. (From OE-Core rev: 0b31a03c59efea3a8742762772e39dcbd6f8ed25) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testsdk.bbclass: print which file is not foundRobert Yang2016-11-231-3/+3
| | | | | | | | | | This is helpful when debug. (From OE-Core rev: eef945787b5717bbb5d3bbddc446d4da86e3eb62) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_ext.bbclass: use weak assignment for TOOLCHAINEXT_OUTPUTNAMERobert Yang2016-11-231-1/+1
| | | | | | | | | | | | | | | The TOOLCHAINEXT_OUTPUTNAME is different from TOOLCHAIN_OUTPUTNAME, it is used for eSDK only, so that it doesn't mix with SDK, use "?=" for it so that other conf file can define it. If we don't use "?=" here, then we need use forcevariable to redfine it: TOOLCHAINEXT_OUTPUTNAME_forcevariable = "foo" (From OE-Core rev: 933539a07af3f1cca79e49b0ea92cb7699095f96) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib: remove obsolete gi-exclude patchRoss Burton2016-11-232-60/+0
| | | | | | | | | | This patch has been superseded by 2907b1 in gobject-introspection, which we're now shipping. (From OE-Core rev: f5c11a40008801aef5ab8df10ee837ad23c24b8d) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sysvinit-inittab: make TERM=vt102 on serial consolesAndré Draszik2016-11-232-2/+2
| | | | | | | | | | | | | | | | This makes more sense than the default TERM=linux (as set by the linux kernel). In addition, when using busybox init, it tries to achieve the same (in a different way). Both agetty, and busybox getty support the terminal type as the last argument. (From OE-Core rev: a23004f32dda9310c7efc29720fa9c3027a7c329) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opkg-utils: clear update-alternatives database on uninstallAndré Draszik2016-11-231-0/+5
| | | | | | | | | | | | | | | | | | | | When uninstalling update-alternatives, it doesn't seem to make much sense to keep the update-alternatives database around. In particular when removing packaging data, e.g. due to read-only rootfs, update-alternatives is removed from the target file system. Leaving its database around serves no purpose in that case as there is no way to use it afterwards anyway. This frees close to 700KB of (uncompressed) space in a busybox based environment. (From OE-Core rev: b24a63d71b517af701dfedbc7f7b541d25af708f) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-selftest: devtool: test that updating a file with subdir= worksPaul Eggleton2016-11-234-0/+33
| | | | | | | | | | | | | | | | | | | | If you have a file:// entry in SRC_URI with a subdir= parameter that makes it extract into the source tree, then when you update that file in oe-local-files and run devtool update-recipe then you want the original file to be updated. This was made to work by OE-Core commit 9069fef5dad5a873c8a8f720f7bcbc7625556309 together with 31f1bbad248c36a8c86dde4ff57ce42efc664082, however until now there was no oe-selftest test to verify it. Note that in order to succeed this test also requires the fix "lib/oe/recipeutils: ignore archives by default in get_recipe_local_files()" since the test recipe uses a local tarball. (From OE-Core rev: 936eba3e1059d1dcd5e58c1ce76870fff7b11b3c) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/recipeutils: ignore archives by default in get_recipe_local_files()Paul Eggleton2016-11-231-2/+14
| | | | | | | | | | | | | | | By default, have get_recipe_local_files() not return any archive files. This prevents a local tarball from being erroneously removed from SRC_URI if you run "devtool modify" on a recipe followed by "devtool update-recipe". It doesn't actually help you to directly update the contents of such tarballs, but at least now it won't break the recipe. (From OE-Core rev: e9c418d4704c1bed4c5880e176e5288485f4f5a6) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: update-recipe: support replacing remote patchesPaul Eggleton2016-11-231-2/+24
| | | | | | | | | | | | | | | | | | | If you have a patch remotely fetched in a recipe (e.g. from an http server) that needs updating then add a local version and substitute the entry in SRC_URI to point to it. One can argue about how desirable it is to be modifying patches fetched in this way, but then one can argue about how desirable it is to have such patches in the recipe in the first place - and in any case if devtool update-recipe is to correctly transfer changes to such patches made in the git repository within the source tree to the recipe then there isn't much choice but to do it this way. (From OE-Core rev: a19c26cc78a181f9dd2706dd42e7e450d7ad4082) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: update-recipe: fix handling of compressed local patchesPaul Eggleton2016-11-236-25/+85
| | | | | | | | | | | | | | | | | | | | It is possible to use gzip or bzip2 to compress patches and still refer to them in compressed form in the SRC_URI value within a recipe. If you run "devtool modify" on such a recipe, make changes to the commit for the patch and then run devtool update-recipe, we need to correctly associate the commit back to the compressed patch file and re-compress the patch, neither of which we were doing previously. Additionally, add an oe-selftest test to ensure this doesn't regress in future. Fixes [YOCTO #8278]. (From OE-Core rev: e47d21624dfec6f71742b837e91da553f18a28c5) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/patch: fix handling of patches with no headerPaul Eggleton2016-11-231-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | If a patch applied by a recipe has no header and we turn the recipe's source into a git tree (when PATCHTOOL = "git" or when using devtool extract / modify / upgrade), the commit message ends up consisting only of the original filename marker ("%% original patch: filename.patch"). When we come to do turn the commits back into a set of patches in extractPatches(), this first line ends up in the "Subject: " part of the file, but we were ignoring it because the line didn't start with the marker text. The end result was we weren't able to get the original patch name. Strip off any "Subject [PATCH x/y]" part before looking for the marker text to fix. This caused "devtool modify openssl" followed by "devtool update-recipe openssl" (without any changes in-between) to remove version-script.patch because that patch has no header and we weren't able to determine the original filename. (From OE-Core rev: d9971f5dc8eb7de551fd6f5e058fd24770ef5d78) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-selftest: devtool: test update-recipe with only local filesPaul Eggleton2016-11-234-0/+26
| | | | | | | | | | | | | | Add a test to ensure devtool update-recipe works properly on recipes that contain only local files (since the other tests we have didn't test that). Relates to [YOCTO #10563]. (From OE-Core rev: bdc844b3f0c3fbddcd3523095899a5bd29797704) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* devtool: update-recipe: check output before treating it as a stringPaul Eggleton2016-11-231-4/+5
| | | | | | | | | | | | | | | | | | As of the move to Python 3 and the fixes we applied at that time, bb.process.run() will return a byte array of length 0 rather than an empty string if the output is empty. That may be a bug that we should fix, but for now it's easiest to just check the result here before treating it as a string. This fixes running "devtool update-recipe" or "devtool finish" on a recipe which has no source tree, for example initramfs-framework. Fixes [YOCTO #10563]. (From OE-Core rev: 66bf6978fc807ecc422fb6b6328f68bc3406cf15) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake.bbclass: Set CXXFLAGS and CFLAGSKhem Raj2016-11-231-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We strip the TOOLCHAIN_OPTIONS and HOST_CC_ARCH from CC/CXX in cmake.bbclass whereas CFLAFS and CXXFLAGS assume that TOOLCHAIN_OPTIONS are part of CC/CXX variables, this causes compile failures when cmake is running compiler tests during configure on some architectures especially armhf, because hf ABI information -mfloat-abi is part of TOOLCHAIN_OPTIONS, so what happens is that testcase gets compiled without hard-float, howver, during linking the float ABI option is passed via LDFLAGS, now linker rejects this and fails like /mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: error: cmTC_27947 uses VFP register arguments, CMakeFiles/cmTC_27947.dir/src.cxx.o does not mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: failed to merge target specific data of file CMakeFiles/cmTC_27947.dir/src.cxx.o collect2: error: ld returned 1 exit status This means that CMake now fails the configure time test too which is not right, e.g. it might disable features which actually do exist and should be enabled e.g. in case above it is resulting as below Performing C++ SOURCE FILE Test HAS_BUILTIN_SYNC_SUB_AND_FETCH failed with the following output: Its actually a bug in CMake see https://gitlab.kitware.com/cmake/cmake/issues/16421 CMake is ignoring CMAKE_CXX_FLAGS when using CHECK_CXX_SOURCE_COMPILES function. Until it is fixed upstream, we add HOST_CC_ARCH and TOOLCHAIN_OPTIONS to CFLAGS and CXXFLAGS, so that we can ensure that compiler invocation remains consistent. (From OE-Core rev: 826f3cdb474b5728b22f08d2342fc90235ca9e7d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tiff: Security fix CVE-2016-3658Zhixiong Chi2016-11-232-0/+112
| | | | | | | | | | | | | | | | | | | The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool allows remote attackers to cause a denial of service (out-of-bounds read) via vectors involving the ma variable. External References: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3658 http://bugzilla.maptools.org/show_bug.cgi?id=2546 Patch from: https://github.com/vadz/libtiff/commit/45c68450bef8ad876f310b495165c513cad8b67d (From OE-Core rev: c060e91d2838f976774d074ef07c9e7cf709f70a) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: Reload configuration on package installLinus Wallgren2016-11-231-0/+4
| | | | | | | | | | | When a systemd service file has changed it is required to reload systemd's configuration. Otherwise changes to a service file will not be picked up during package upgrade. (From OE-Core rev: 94efe6d1d7893e241bcf98eff80ac8d8fbf2e885) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: update run-ptest scriptKai Kang2016-11-231-3/+5
| | | | | | | | | | | The Makefile in directory tests has been renamed, then update script run-ptest to follow the change. (From OE-Core rev: 364565f3f3baccc9757ce0dcb393464b38055b4f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2016-7909Kai Kang2016-11-232-0/+43
| | | | | | | | | | | | | Backport patch to fix CVE-2016-7909 of qemu. Ref: https://security-tracker.debian.org/tracker/CVE-2016-7909 (From OE-Core rev: 126783ca25a5ae9daf87ac563239fbff4696a682) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: fix CVE-2016-6323Kai Kang2016-11-232-0/+47
| | | | | | | | | | | | | | Backport patch to fix CVE-2016-6323 of glibc. And remove the section of file ChangeLog which can't be applied. Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=20435 (From OE-Core rev: a3c2acee40c8875e311e03bff6906e7c93c491fc) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix CVE-2016-8858Kai Kang2016-11-232-0/+40
| | | | | | | | | | | | | Backport patch to fix CVE-2016-8858 of openssh. Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1384860 (From OE-Core rev: 134a05616839d002970b2e7124ea38348d10209b) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix bashism in c_rehash shell scriptAndré Draszik2016-11-231-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | This script claims to be a /bin/sh script, but it uses a bashism: from checkbashisms: possible bashism in meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh line 151 (should be 'b = a'): if [ "x/" == "x$( echo ${FILE} | cut -c1 -)" ] This causes build issues on systems that don't have /bin/sh symlinked to bash: Updating certificates in ${WORKDIR}/rootfs/etc/ssl/certs... <builddir>/tmp/sysroots/x86_64-linux/usr/bin/c_rehash: 151: [: x/: unexpected operator ... Fix this by using POSIX shell syntax for the comparison. (From OE-Core rev: 0526524c74d4c9019fb014a2984119987f6ce9d3) Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Sylvain Lemieux <slemieux@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* webkitgtk: Add an option to disable opengl supportCarlos Alberto Lopez Perez2016-11-231-1/+2
| | | | | | | | (From OE-Core rev: 04e17727a3d1b52f6f93078fd16c6c7c9ba2b0d4) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* swig: 3.0.8 -> 3.0.10Wang Xin2016-11-231-2/+2
| | | | | | | | | | Upgrade swig from 3.0.8 to 3.0.10. (From OE-Core rev: e04d91771d8f3682080317cf0a160a18184df54b) Signed-off-by: Wang Xin <wangxin2015.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: Reduce duplication in MIPS variants.Zubair Lutfullah Kakakhel2016-11-231-1/+1
| | | | | | | | | | | Reduce duplication in MIPS variants now that the MACHINEOVERRIDES variable is defined (From OE-Core rev: 6be164d691291a297c8211bdb92f095bbfbd22fe) Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-networking: remove intltool dependencyRoss Burton2016-11-231-1/+1
| | | | | | | | | glib-networking 2.50 moved away from intltool to modern gettext, so remove the build dependency. (From OE-Core rev: 709004afe9f55126400f4ca70454b3e69a19fa6a) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* readline: Update to version 7.0Fabio Berton2016-11-234-34/+7
| | | | | | | | | | | Remove readline 6.3 patches and config-dirent-symbols.patch already apply on upstream. (From OE-Core rev: 983a4986947b63e9b6042fc8c083cde3bc1c30ad) Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lib/oe/package_manager: .deb pre/postinst argsLinus Wallgren2016-11-231-6/+11
| | | | | | | | | | | | | | | | The debian policy manual and MaintainerScripts wiki page states that the postinst script is supposed to be called with the `configure` argument at first install, likewise the preinst script is supposed to be called with the `install` argument on first install. https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html https://wiki.debian.org/MaintainerScripts (From OE-Core rev: 3d9c3aae54589794ce3484fa1b21d1af2bd32661) Signed-off-by: Linus Wallgren <linus.wallgren@scypho.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: COW.py: fix sample codesKai Kang2016-11-231-12/+12
| | | | | | | | | | | | | | The call of methods iteritems() and itervalues() in sample codes were replaced by items() and values() to convert to Python 3 by Bitbake rev d0f904d407f57998419bd9c305ce53e5eaa36b24. But the methods iteritems() and itervalues() belong to class COWDictMeta not class dict or set. The modifications should not be made in purpose that it fails to run sample codes, so revert them. (Bitbake rev: d140f0ee6f301264e226914766d9f63558acfd6c) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: layerindex updater Take into account layers being predefinedMichael Wood2016-11-231-41/+19
| | | | | | | | | | | | | | | | | | As we can now provide layer definitions through fixtures we need to be more clever how we update the metadata in the database to avoid duplicate metadata being created. To do this we make more effort to match existing data in the database and update only the fields which will be better provided by the layer index. This removes the need for us to special case layers which are provided as part of poky such as openembedded-core or meta-poky which exist on the layerindex but with different git urls. (Bitbake rev: f981b68f66718d5b196684f4e378a5f195ff0337) Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: orm/fixtures Add the master release and correct morty releaseMichael Wood2016-11-232-9/+96
| | | | | | | | | | | | | | | Add the master release option to base your project on and correct the morty release so that for poky based setups we use the poky provided version of the layer rather than checking out the layer from its own git repository. [YOCTO #10497] (Bitbake rev: c83ab92362378b22d3f4d6119bf362f704577ca2) Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: toaster: settings fixture Set default release to masterMichael Wood2016-11-231-1/+1
| | | | | | | | | | | Now that morty has been released we now set the DEFAULT_RELEASE back to master. (Bitbake rev: 115cee16a9aecfcd1061bb106ebca4e861d9b296) Signed-off-by: Michael Wood <michael.g.wood@intel.com> Signed-off-by: brian avery <brian.avery@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: taskdata.py: improve handling of depends/rdependsPatrick Ohly2016-11-231-18/+15
| | | | | | | | | | | | | | | | | | | | Error handling only caught the cause where a dependency did not have any colon, but ignored the case where more than one was given. Now "pn:task:garbage" will raise an error instead of ignoring ":garbage". The error message had a misplaced line break (?) with the full stop on the next line. Indenting the explanation with a space might have been intended and is kept. split() was called three times instead of just once. Instead of improving the two instances of the code (one for 'depends', one for 'rdepends'), the common code is now in a helper function. (Bitbake rev: 063d255fdcb3f79b2d1b0badedc80384b295a3f5) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake: data_smart.py: don't reorder internal bitbake variables when ↵Patrick Ohly2016-11-231-1/+0
| | | | | | | | | | | | | | | | calculating hash Commit 260ced745 added __BBTASKS, __BBANONFUNCS, __BBHANDLERS to the data that gets hashed, but only after reordering these lists. The intention probably was to make the hash deterministic, but that's unnecessary (the content of the variables should already be deterministic) and hides potential reasons that might require re-parsing. (Bitbake rev: 3511d464f3a9d8b4334cda384b35016de69ce49e) Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>