summaryrefslogtreecommitdiffstats
path: root/meta/conf
Commit message (Collapse)AuthorAgeFilesLines
* maintainers: Add entry for buildtools-extended-tarballRichard Purdie2020-09-161-0/+1
| | | | | | | | | | | | | (From OE-Core rev: 4281342a04078990bb0a110760ff2dc053eccc93) (From OE-Core rev: 665ef4274e0261bb8351c8d4fd2c8496a2dc27e7) (From OE-Core rev: 848af99b4e6afda0658db44128a6921217653e95) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 61d4d3d5a9f27e0fbf1d7ed6db818a779643b8f3) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Upgrade to 2.9Khem Raj2020-09-161-5/+5
| | | | | | | | | | | | | This supports glibc upto 2.32 which is now rolling into distributions (From OE-Core rev: 622371678ddb013fc456eaf75def26fc4e142d15) (From OE-Core rev: 4543eeacd65eebe74ff3a44182915a732ba26e47) (From OE-Core rev: ab3c7e09c347a2c57d894ba5e04f38fc9adfad59) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative.inc: version 2.8 updates glibc to 2.31Michael Halstead2020-09-161-5/+5
| | | | | | | | | | Allow sstate use in Tumbleweed and other distros as they update glibc. (From OE-Core rev: ccb374c279b260b1fd3460f6bfd1567240816055) (From OE-Core rev: 0e12f41848fd2fdbc0f70f568ce13baeb3263d03) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: backport rewrite from masterRoss Burton2019-12-161-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As detailed at [1] the XML feeds provided by NIST are being discontinued on October 9th 2019. As cve-check-tool uses these feeds, cve-check.bbclass will be inoperable after this date. To ensure that cve-check continues working, backport the following commits from master to move away from the unmaintained cve-check-tool to our own Python code that fetches the JSON: 546d14135c5 cve-update-db: New recipe to update CVE database bc144b028f6 cve-check: Remove dependency to cve-check-tool-native 7f62a20b32a cve-check: Manage CVE_PRODUCT with more than one name 3bf63bc6084 cve-check: Consider CVE that affects versions with less than operator c0eabd30d7b cve-update-db: Use std library instead of urllib3 27eb839ee65 cve-check: be idiomatic 09be21f4d17 cve-update-db: Manage proxy if needed. 975793e3825 cve-update-db: do_populate_cve_db depends on do_fetch 0325dd72714 cve-update-db: Catch request.urlopen errors. 4078da92b49 cve-check: Depends on cve-update-db-native f7676e9a38d cve-update-db: Use NVD CPE data to populate PRODUCTS table bc0195be1b1 cve-check: Update unpatched CVE matching c807c2a6409 cve-update-db-native: Skip recipe when cve-check class is not loaded. 07bb8b25e17 cve-check: remove redundant readline CVE whitelisting 5388ed6d137 cve-check-tool: remove 270ac00cb43 cve-check.bbclass: initialize to_append e6bf9000987 cve-check: allow comparison of Vendor as well as Product 91770338f76 cve-update-db-native: use SQL placeholders instead of format strings 7069302a4cc cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELIST 78de2cb39d7 cve-update-db-native: Remove hash column from database. 4b301030cf9 cve-update-db-native: use os.path.join instead of + f0d822fad2a cve-update-db: actually inherit native b309840b6aa cve-update-db-native: use executemany() to optimise CPE insertion bb4e53af33d cve-update-db-native: improve metadata parsing 94227459792 cve-update-db-native: clean up JSON fetching 95438d52b73 cve-update-db-native: fix https proxy issues 1f9a963b9ff glibc: exclude child recipes from CVE scanning [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement (From OE-Core rev: 8c87e78547c598cada1bce92e7b25d85b994e2eb) (From OE-Core rev: beeed02f9831e75c3f773e44d7efc726f1ff859c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* arch-arm64.inc: Lower the priority of aarch64 in MACHINEOVERRIDESPeter Kjellerstedt2019-10-151-1/+1
| | | | | | | | | | | | This makes sure, e.g., ${SOC_FAMILY} and ${MACHINE} have higher priorities than aarch64. (From OE-Core rev: 3b8db95973fc144b00d59c4797adb405a935cd7c) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Update to 2.7 releaseMichael Halstead2019-10-101-5/+5
| | | | | | | | | | | | The 2.7 release updates glibc to version 2.30. Recently added to openSUSE Tumbleweed and needed for Fedora Core 31. (From OE-Core rev: e6728a873f1eef335a9e21bdface304f13f0c952) Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* uninative: Update to 2.6 releaseRichard Purdie2019-07-271-4/+4
| | | | | | | | | | | | | | | The 2.6 release contains both libcrypt.so.1 and libcrypt.so.2 which fixes compatibility with recent fedora/suse releases. The difference is one is built with obsolete APIs enabled and one disabled. We now ship both in uninative for compatibility regardless of which distro a binary is built on. (From OE-Core rev: 352ab80333096df92ef0f4cd331baea98e71aa21) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Update to 2.5 releaseRichard Purdie2019-07-271-4/+4
| | | | | | | | | | | | This includes libstdc++ changes from gcc 9.X. It also switches uninative from bz2 to xz compression. (From OE-Core rev: 0497623882da714cbe098a4281982b7f9ce6030f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Update to 2.4Richard Purdie2019-03-261-6/+5
| | | | | | | | | | This supports glibc 2.29 which is appearing in distros like Ubuntu 19.04 (From OE-Core rev: 6b839dc9c55b2ea282041b9dc2dddb233236d612) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Correct sha256sum for aarch64Michael Halstead2019-03-261-1/+1
| | | | | | | | | | | Avoid uninative checksum warnings when building on aarch64 hardware. (From OE-Core rev: 6c7cdf288d1b7dfd9be2c99f687949d368cecbd7) Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* licence: Add license file CC-BY-SA-4.0Eric Chanudet2019-01-081-1/+1
| | | | | | | | | | | | | | Original legalcode.txt: https://creativecommons.org/licenses/by-sa/4.0/legalcode.txt (From OE-Core rev: fa06fcce7942f5960178dcdeb61a7b659f7f8207) (From OE-Core rev: 7e53f67d2d94d6811aa9d6fa078ea3fbeddb708c) Signed-off-by: Eric Chanudet <chanudete@ainfosec.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers.inc: update Intel ownersAnuj Mittal2019-01-081-85/+85
| | | | | | | | | | | (From OE-Core rev: 198fe6d08f000b3db9082b5fd4337536931719ee) (From OE-Core rev: a7be891dde68225bd037d4ae1c9f81e6920037ce) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-init-buildenv/base: Relax python version checks in favour of HOSTTOOLS ↵Richard Purdie2018-11-071-1/+2
| | | | | | | | | | | | | | manipulation Several distros are now shipping "python" as python v3 contra to the original python guidelines. This causes users confusion/pain in trying to use our tools. We can just force "python" to "python2" within HOSTTOOLS to avoid this issue and hide the complexity from the user. (From OE-Core rev: b06a6cde5c5503f456f260c773cf126085e18c8d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Upgrade to verson 2.3 which includes glibc 2.28Richard Purdie2018-10-281-5/+5
| | | | | | | | | This allows us to handle distros which contain glibc 2.28 such as Ubuntu 18.10. (From OE-Core rev: 5c7d9abcd611d23d4340f9a0aee2564f72158a0b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: Split out machine specific configurationMark Hatle2018-10-282-0/+2
| | | | | | | | | | | | | | | Weston needs to be configured to load the fbdev driver when run on a QEMU system. Other MACHINEs may want to also provider their own configuration as well.. Adding a new RRECOMMEND configuration package will allow this, but avoid installing empty packages/files in the majority case where it is not needed. Add maintainer entry as well. (From OE-Core rev: 0f43ea8510ae6148a49eb25accac407b6b301b43) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tcmode-default: Drop pinning go to 1.9Khem Raj2018-10-211-1/+1
| | | | | | | | | | This ensures that we default to latest go recipes 1.9 is not supported anymore (From OE-Core rev: d48c8148eae41e613448d78c26516538244cd9c9) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: Remove items that made this machine (qemu) specificMark Hatle2018-10-212-0/+2
| | | | | | | | | | | | | | | | Create a new systemd-conf recipe to contain the specific system/machine configuration items. This new package is now machine specific. Without doing this trying to create a single system with multiple BSPs, one of which was qemu based, would result in the systemd -and- everything that dependend upon systemd to have their hash changed. The hash changing means lots of rebuilds, but worse if it's a package based system each different machine ends with a new PR value and a newly generated package. (From OE-Core rev: d3395418758ed414eee3e95e13d2d8bc5dca88cc) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "os-release: avoid multilib expand"Richard Purdie2018-10-201-1/+1
| | | | | | | | This reverts commit 591a11ba58ce3c2c147bb1f8202bc6a0092b70eb. This is not needed after the recent os-release fix. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemux86/gstreamer: Move kernel module recommendation to the machine ↵Richard Purdie2018-10-182-0/+4
| | | | | | | | | | | | | | | | | | | configuration If you try to build a system with multiple BSPs, one of which is qemux86 or qemux86-64, the gstreamer package will change. This will trigger anything using gstream to also be rebuilt. For a package based system, the PR values will also be incremented each time. The end result will be an ever growing set of PR values as well as being unable to tell which configured version of the multimedia components are really being deployed. These therefore belong in the machine configuration. (From OE-Core rev: 112775995158cf6c504fd6beef345ee446f4f11d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers: assign CMake to Pascal BachRoss Burton2018-10-181-2/+2
| | | | | | | (From OE-Core rev: 954a7715763118ba8e15ce7a96a2b82680f4a6c4) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* conf/machine/include: add mcf5441x cpu type tuningAngelo Dureghello2018-10-081-0/+13
| | | | | | | | | This patch adds tuning for the mcf5441x ColdFire family. (From OE-Core rev: 89e7192b607361769c03b939437c9815672ceadb) Signed-off-by: Angelo Dureghello <angelo@sysam.it> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* conf/machine/include: add m68k architecture definitionsAngelo Dureghello2018-10-081-0/+8
| | | | | | | (From OE-Core rev: 475ca28ab1b42fc0307669edae220afb97dd15c3) Signed-off-by: Angelo Dureghello <angelo@sysam.it> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* os-release: avoid multilib expandKai Kang2018-10-041-1/+1
| | | | | | | | | | Add os-release to NON_MULTILIB_RECIPES in multilib.conf that do not do multilib expand for os-release. (From OE-Core rev: 361382ca16c276e1e404eab58c0956a2b6d23d7e) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* multilib: avoid expanding grub and grub-efi to multilibRobert Yang2018-10-011-0/+4
| | | | | | | | | | | | | | | | | | | | | | It doesn't make much sense to expand them to multilib, and there is an error on qemuarm64 since grub-efi supports arm64, but doesn't support armv7a or armv7ve: * Fixed: MACHINE = "qemuarm64" require conf/multilib.conf MULTILIBS = "multilib:lib32" DEFAULTTUNE_virtclass-multilib-lib32 = "armv7a" MACHINE_FEATURES_append = " efi" $ bitbake lib32-core-image-minimal Also introduced a variable NON_MULTILIB_RECIPES in multilib.conf, so that we can easily add other recipes, such as syslinux if needed. (From OE-Core rev: 25f7c6c329038b443d36074fff45a30ba3712f7a) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* layer.conf: Drop sumo from LAYERSERIES_CORENAMESRichard Purdie2018-10-011-1/+1
| | | | | | | | | | | Prepare for release and drop sumo for the compatible list of layer names. This will mean other layers need updating to continue to indicate compatibility with master but that is intentional at this part of the release cycle, we want layers to indicate compatibility and show they're up to date. (From OE-Core rev: 9ec5a8a0f86510f7aae572dfb79e8bda73d4e0fc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* layer.conf: Add thud to LAYERSERIES_CORENAMESRichard Purdie2018-09-241-2/+2
| | | | | | | | | | | With the release approaching, add thud to LAYERSERIES_CORENAMES and update oe-core to use this release series. "sumo" will be removed during M4 in the next couple of weeks so people need to start updating their master layers in preperation for release. (From OE-Core rev: 986792481fa005fe136fd4b4e388042492b1ad8a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Add aarch64 uninative tarball checksumRichard Purdie2018-09-201-0/+1
| | | | | | (From OE-Core rev: 957a2f95b839f2d871c658d6e8ea8c0f4d6c41e5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers.inc: Update package ownersMaxin B. John2018-09-201-124/+124
| | | | | | | | | | update Intel owners (From OE-Core rev: a6de4b1809e90d02a865c56ec8269bdfa3ceec0a) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libressl: remove recipeHongxu Jia2018-09-201-1/+0
| | | | | | | | | | Since openssh support oepnssl 1.1.x, there is no reason to keep libressl. (From OE-Core rev: 30121a78555574f49b321566fcab172417bdf3e3) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tune-core2: use n270 instead of core2duoAnuj Mittal2018-09-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Fixes warnings in builds using core2-32 tune: warning: TCG doesn't support requested feature: CPUID.80000001H:EDX.syscall [bit 11] warning: TCG doesn't support requested feature: CPUID.80000001H:EDX.lm [bit 29] when executing postinsts using qemu-i386. i386 target doesn't enable CPUID_EXT2_SYSCALL and CPUID_EXT2_LM [1] while cpu choice of core2duo that we use for core2-32 TUNE does [2]. Use n270 cpu instead to use with qemu which supports SSSE3 and doesn't have these bits enabled [3]. [1] https://github.com/qemu/qemu/blob/master/target/i386/cpu.c#L739 [2] https://github.com/qemu/qemu/blob/master/target/i386/cpu.c#L1439 [3] https://github.com/qemu/qemu/blob/master/target/i386/cpu.c#L1603 Fixes [YOCTO #12916] (From OE-Core rev: 3db567d7835c6bb158d0f6c5b5533835a0181c45) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Make BUILD_OPTIMIZATION respect to DEBUG_BUILDRobert Yang2018-09-131-1/+1
| | | | | | | | | | | We may also need debug native tools, so make BUILD_OPTIMIZATION respect to DEBUG_BUILD, otherwise, we need set CFLAGS in the recipe which isn't convenient. (From OE-Core rev: 5db09f7ad007d1def009a60d7d9bf9c13c0faa4e) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/utils.py: Add vartrue()Robert Yang2018-09-131-1/+1
| | | | | | | | | | It can be used to simplify code like: "${@['iffalse', 'iftrue'][var]}" (From OE-Core rev: fc5a5af7bc3619f575988a75efc0c4fe15478b2d) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yasm: removeRoss Burton2018-09-111-1/+0
| | | | | | | | | | Nothing in oe-core is using yasm now that gstreamer-libav and ffmpeg are using nasm, so remove it from oe-core. (From OE-Core rev: b7f3f7ecfdf26129c5df2d3ee14e73c4633ea5a3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tclibc-baremetal.inc: Remove BASEDEPENDS on compilerlibsNathan Rossi2018-09-111-0/+3
| | | | | | | | | | | | Without a libc the gcc-runtime provider of compilerlibs does not compile. As such avoid the default dependence on the virtual/${TARGET_PREFIX}compilerlibs provider. (From OE-Core rev: 61eead0cdd1f44d8c850f8e4c7389ef444bcd591) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tclibc: For newlib and baremetal disable some security featuresNathan Rossi2018-09-112-0/+10
| | | | | | | | | | | | | | | | | | | With GCCPIE being enabled by default with security_flags.inc the compiler will by default attempt to compile and link programs as PIE. The targets that use newlib and baremetal in general do not support PIE or are otherwise unable to use it due to how embedded targets are compiled and executed. As such it makes sense to disable PIE by default for these libc's in order to prevent build failures. For baremetal tclibc there are no libc features or implementation as such there is no implementation for the strong stack protector by default. (From OE-Core rev: dfe434b793c156a87b5ead5cb85fe60d920d69d3) Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox/packagegroups: Break out the busybox-syslog dependencyRichard Purdie2018-09-101-0/+1
| | | | | | | | | | | | | | | | | | | | The busybox-syslog rrecomends is proving tricky as it gets pulled in early and there are conflicts between its use of update-alternatives and busybox needing to provide those things. We already have recipes using BAD_RRECOMMENDS to remove this dependency, it probably makes sense to spell it out explicitly and allow it to be overridden more easily. This patch does this, dropping the now unneeded BAD_RRECOMMENDS. It preserves the dependency as a recommendation for now, further cleanup may allow simplication of that. This unbreaks certain build failures on the autobuilder, more as a workaround but is a change we probably want to make anyway. (From OE-Core rev: 544ade2d78f1375d9e93d6bf5842d857ddaf3530) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: Update to 8.2Khem Raj2018-09-101-1/+1
| | | | | | | | | | * https://sourceware.org/ml/gdb-announce/2018/msg00003.html * Support RISC-V (From OE-Core rev: 1d9d117e8eee2d3b9802384cb93155aea487f002) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* eee-acpi-scripts: remove the recipeAlexander Kanavin2018-09-102-2/+0
| | | | | | | | | Asus EEEPc hardware is well obsolete, upstream repo is now gone. (From OE-Core rev: 2ac9d94a4d9b88d56ac6af1dd4d7f3d383439a12) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* maintainers: Add entry for fribidiRichard Purdie2018-09-051-0/+1
| | | | | | (From OE-Core rev: 0f9e7cb8bd6042152e5f3f0a9786f5550d2c851f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* no-static-libs: disable static libraries in libjpeg-turboRoss Burton2018-09-051-0/+1
| | | | | | | | | | Previously this was done with the generic autotools support, but CMake doesn't have a standard option so set it explicitly. (From OE-Core rev: 47bd456c1be169fc86788edf0173847b9b0d255b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Update git.gnome.org addresses after upstream changesRichard Purdie2018-09-041-1/+1
| | | | | | | | | | | | | | | git.gnome.org is no more. It has ceased to be. It's an ex-git. Please see here: https://about.gitlab.com/2018/05/31/welcome-gnome-to-gitlab/ Note that gitlab does not support git://, only https:// (and ssh). [Commit message from Alexander Kanavin] (From OE-Core rev: 8382cdc0888ca645a44aacaac1155afb8dcde979) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libressl: add a recipe to support opensshAlexander Kanavin2018-09-041-0/+1
| | | | | | | | | | | | | | | | | | | | | | | After reading through this: https://github.com/openssh/openssh-portable/pull/48 and this thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2017-October/036344.html I've concluded that this is the best of the three not-great options. The alternatives: - bundle libressl inside openssh packages - keep openssh dependent on openssl 1.0 and wait until upstream does something are both inferior. Libressl is used with openssh in OpenBSD and in OS X, so it did get at least some testing in the real world. (From OE-Core rev: e7ac137bfc59bc67e17d5372b59d20bdbfcc2550) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: rename openssl 1.0.x to openssl10 and make openssl 1.1.x the ↵Alexander Kanavin2018-09-042-3/+1
| | | | | | | | | | | | | | | default version I believe the time has come to do this: openssl 1.0 upstream support stops at the end of 2019, and we do not want a situation where a supported YP release contains an unsupported version of a critical security component. Openssl 1.0 can still be utilized by depending on 'openssl10' recipe. (From OE-Core rev: 876466145f2da93757ba3f92177d0f959f5fe975) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* security_flags.inc: add var-SECURITY_STACK_PROTECTOR to improve variable ↵Hongxu Jia2018-09-041-7/+9
| | | | | | | | | | | | | | | | | | | | | | | | | OVERRIDES There are var-SECURITY_PIE_CFLAGS, var-lcl_maybe_fortify and var-SECURITY_STRINGFORMAT which are helpful for OVERRIDES. Also add var-SECURITY_STACK_PROTECTOR, and drop hardcoded `_remove' overrides. Such as `4ca946c security_flags: use -fstack-protector-strong', it s/-fstack-protector-all/-fstack-protector-strong/, only tweak var-SECURITY_STACK_PROTECTOR is sufficient. The fix does not have any side affect on SECURITY_CFLAGS of glibc/ glibc-initial/gcc-runtime, these three directly assigned with "". ... SECURITY_CFLAGS_pn-glibc = "" SECURITY_CFLAGS_pn-glibc-initial = "" SECURITY_CFLAGS_pn-gcc-runtime = "" ... (From OE-Core rev: 0ed4a6233bdcb25cbdce698504611541420d92d0) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* security_flags.inc: use `?=' to set a default var-lcl_maybe_fortifyHongxu Jia2018-09-041-2/+2
| | | | | | | | | | | | | | | | | - Since poky enable security flags+pie by default, tweak comments to sync with it. [poky commit] 491082c poky.conf: Enable security flags+pie by default 29d76b3 poky-lsb: Remove including security_flags.inc [poky commit] - Use `?=' to set a default lcl_maybe_fortify, it is helpful for variable OVERRIDES. (From OE-Core rev: 38c410bb7d1688cd952da9f19269c2a65a92ab45) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu/bsp: update 4.15 preferred versions to 4.18Bruce Ashfield2018-08-282-2/+2
| | | | | | | | | | 4.18 is replacing 4.15 as the latest kernel in the upcoming release, so we update our preferred versions to match. (From OE-Core rev: e12f9e7ede7eea408d6a97233c7c8df97e8bfb26) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libc-headers: update to 4.18Bruce Ashfield2018-08-281-1/+1
| | | | | | | | | | | | | | | | Updating to the 4.18 headers to match the newest kernel that will be part of the release. 4.18 brings a requirement on bison-native to the libc-headers, since it is required as part of the configuration steps. We also tweak the license md5sum, since the kernel now includes SPDX headers in the license file and that changes our sum. (From OE-Core rev: c36a5e21b711cd577a2186a5267d46bb4323acc1) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity.conf: Update minimum bitbake version to 1.39.1Richard Purdie2018-08-231-1/+1
| | | | | | | | We need this for the new break_hardlinks helper function. (From OE-Core rev: d6ccefd347bf31acf8d31996d796717acb4da74f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sstate: Avoid indirect autoconf-archive-native dependenciesChangqing Li2018-08-211-0/+3
| | | | | | | | | | | remove the indirect dependcy of autoconf-archive-native via SSTATE_EXCLUDEDEPS_SYSROOT to avoid not needed .m4 installed into sysroot, which may cause compile problem. (From OE-Core rev: d23156460e2b8f6684bd3005d7fa09b2c73e522e) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dos2unix: Move to oe-coreKhem Raj2018-08-211-0/+1
| | | | | | | | | | | | | | | - Import from meta-oe layer - This is useful for many packages where CR-LF needs to be adjusted, many recipes depend on it e.g. meta-multimedia libebml and so on. - Add myself as maintainer for now (From OE-Core rev: d8c075d9ac8792726be162da02f2325cbb3aeaaa) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>