summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* meson.bbclass: export STRIP=${BUILD_STRIP}Ross Burton2019-07-221-0/+1
| | | | | | | | | | | | | In Meson the environment variables are always the native tools, so export STRIP=${BUILD_STRIP} along with CC et al to silence this Meson warning: WARNING: Env var STRIP seems to point to the cross compiler. This is probably wrong, it should always point to the native compiler. (From OE-Core rev: 8d1557356d2c7d94eeef2a9b61d3c9622e337a9e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtool: remove host information from libtoolJoe Slater2019-07-222-1/+22
| | | | | | | | | Import patch from Debian. (From OE-Core rev: b2e0b383a17a3cd450adb3d86f7f818729438375) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unfs3: set upstream tag regex to avoid false-positivesRoss Burton2019-07-221-0/+1
| | | | | | | (From OE-Core rev: 4663d06a79c6608127413488676a6e7dfbefb3e1) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* freetype: upgrade to 2.10.1Ross Burton2019-07-221-5/+3
| | | | | | | | | | Also switch SRC_URI to the nongnu mirrors as they're more reliable than Sourceforge. (From OE-Core rev: 18875698e182d5eb5a9bc1f95abdc2348f66cedc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: clean up JSON fetchingRoss Burton2019-07-221-17/+12
| | | | | | | | | | | | | Currently the code fetches the compressed JSON, writes it to a temporary file, uncompresses that with gzip and passes the fake file object to update_db(). Instead, uncompress the gzip'd data in memory and pass the JSON directly to update_db(). (From OE-Core rev: 9422745979256c442f533770203f62ec071c18fb) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: improve metadata parsingRoss Burton2019-07-221-8/+10
| | | | | | | | | | | | | | | | The metadata parser is fragile: first it coerces a bytes() to a str() (so the string is b'LastModifiedDate:2019...'), assumes the first line is the date, and then uses a regex to parse (which then includes the trailing quote as part of the date). Clean this up by parsing the bytes as UTF-8 (ASCII is probably fine, but this is safer), iterate through the lines and split on colons to find the right key/value pair. (From OE-Core rev: bb4e53af33d6ca1e9346464adbdc1b39c47530f3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: use executemany() to optimise CPE insertionRoss Burton2019-07-221-53/+32
| | | | | | | | | | Instead of calling execute() repeatedly, rewrite the function to be a generator and use executemany() for performance. (From OE-Core rev: b309840b6aa3423b909a43499356e929c8761318) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix valgrind errors on v1.1.1cBonnans, Laurent2019-07-222-0/+36
| | | | | | | | | | Running valgrind against code using Openssl v1.1.1c reports a large number of uninitialized memory errors. This fix from upstream solves this problem. (From OE-Core rev: 8081d645353ed934a0158329f2f36ea49d663e19) Signed-off-by: Laurent Bonnans <laurent.bonnans@here.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* runtime_test.py: use track_for_cleanup for temp dirChen Qi2019-07-221-3/+1
| | | | | | | | | | | Use track_for_cleanup for temp dir to avoid such temp dir being not cleaned up when something goes wrong, e.g., building image failure. (From OE-Core rev: 7105c9bcceda3e4defbb6aa9fb3e8fd38c1e00a2) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db: actually inherit nativeRoss Burton2019-07-191-2/+1
| | | | | | | | | The recipe was called -native but didn't inherit native. (From OE-Core rev: f0d822fad2a163d1ee32ed3b4c0359245140e19b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: use os.path.join instead of +Ross Burton2019-07-191-4/+4
| | | | | | | (From OE-Core rev: 4b301030cf9cf7a981dcff85a50e915c045e3130) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gdb: fix CVE-2017-9778Anuj Mittal2019-07-192-0/+99
| | | | | | | (From OE-Core rev: 4fa03fa14f8facb134ecd772a99c25184d8a4cbd) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: include CVE patches for python-native as wellAnuj Mittal2019-07-192-5/+5
| | | | | | | | | Also avoids maintaining a different set of patches for both. (From OE-Core rev: b3b1c00cc46b33ddbf7e008267032220e1e298af) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix CVE-2019-13232Anuj Mittal2019-07-192-0/+340
| | | | | | | | | Include the fix by Mark Adler which has also been adopted by Debian. (From OE-Core rev: 4df4de2ac8bc0e80446e1ad0ce67eb244e2d2a32) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc: CVE-2018-20796 is same as CVE-2019-9169Anuj Mittal2019-07-191-0/+1
| | | | | | | | | | | See: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141 https://www.securityfocus.com/bid/107160 (From OE-Core rev: 7e90506534ed2a70680382cf28614f02fdb98409) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rsync: fix CVEs for included zlibAnuj Mittal2019-07-195-0/+393
| | | | | | | | | | | | | | | | rsync includes its own copy of zlib and doesn't recommend linking with the system version [1]. Import CVE fixes that impact zlib version 1.2.8 [2] that is currently used by rsync. [1] https://git.samba.org/rsync.git/?p=rsync.git;a=blob;f=zlib/README.rsync [2] https://nvd.nist.gov/vuln/search/results?form_type=Advanced&cves=on&cpe_version=cpe%3a%2fa%3agnu%3azlib%3a1.2.8 (From OE-Core rev: a55fbb4cb489853dfb0b4553f6e187c3f3633f48) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iptables: Security Advisory - iptables - CVE-2019-11360Li Zhou2019-07-192-0/+118
| | | | | | | | | | | Porting patch from <https://git.netfilter.org/iptables/commit/iptables/ xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e> to solve CVE-2019-11360. (From OE-Core rev: 5a38ef7eef9ecef2d27ae89f01691072bb94a25e) Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: upgrade 20190115 -> 20190517Yi Zhao2019-07-1928-1232/+184
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Drop the following patches since the issues have been fixed upstream: 0001-file01.sh-Fix-in-was-not-recognized.patch 0001-lapi-Define-TST_ABI-32-64-to-detect-target-type.patch 0001-syscalls-setrlimit03.c-read-proc-sys-fs-nr_open-for-.patch 0007-fix-__WORDSIZE-undeclared-when-building-with-musl.patch 0009-fix-redefinition-of-struct-msgbuf-error-building-wit.patch 0021-Define-_GNU_SOURCE-for-MREMAP_MAYMOVE-definition.patch 0023-ptrace-Use-int-instead-of-enum-__ptrace_request.patch 0024-rt_sigaction-rt_sigprocmark-Define-_GNU_SOURCE.patch 0026-crash01-Define-_GNU_SOURCE.patch 0028-rt_sigaction.h-Use-sighandler_t-instead-of-__sighand.patch 0034-periodic_output.patch 0039-commands-ar01-Fix-for-test-in-deterministic-mode.patch define-sigrtmin-and-sigrtmax-for-musl.patch setregid01-security-string-formatting.patch Refresh the following patches: 0004-build-Add-option-to-select-libc-implementation.patch 0005-kernel-controllers-Link-with-libfts-explicitly-on-mu.patch 0008-Check-if-__GLIBC_PREREQ-is-defined-before-using-it.patch 0018-guard-mallocopt-with-__GLIBC__.patch 0020-getdents-define-getdents-getdents64-only-for-glibc.patch 0035-fix-test_proc_kill-hang.patch 0036-testcases-network-nfsv4-acl-acl1.c-Security-fix-on-s.patch 0001-open_posix_testsuite-mmap24-2-Relax-condition-a-bit.patch 0001-shmctl01-don-t-use-hardcoded-index-0-for-SHM_STAT-te.patch 0001-diotest4-Let-kernel-pick-an-address-when-calling-mma.patch 0001-getrlimit03-adjust-a-bit-of-code-to-compatiable-with.patch Add patch: 0006-rt_tgsigqueueinfo-disable-test-on-musl.patch (From OE-Core rev: eb59546c83f4c217de6272a8d3b2fa65e3c84e7f) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd-bootconf: Mark as machine specificRicardo Ribalda Delgado2019-07-191-0/+1
| | | | | | | | | | | | | | | | | | | | | APPEND is usually attached to a machine. This patch avoids multiconfig errors such as: | NOTE: Direct dependencies are ['multiconfig:qt5022:/workdir/repo/poky/meta/recipes-core/glibc/glibc_2.29.bb:do_populate_sysroot', 'multiconfig:qt5022:virtual:native:/workdir/repo/poky/meta/recipes-devtools/pseudo/pseudo_git.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/quilt/quilt-native_0.65.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/gcc/gcc-cross_8.3.bb:do_populate_sysroot', 'multiconfig:qt5022:/workdir/repo/poky/meta/recipes-devtools/gcc/gcc-runtime_8.3.bb:do_populate_sysroot'] | NOTE: Installed into sysroot: [] | NOTE: Skipping as already exists in sysroot: ['glibc', 'pseudo-native', 'quilt-native', 'gcc-cross-x86_64', 'gcc-runtime', 'libgcc', 'linux-libc-headers', 'libtool-native', 'texinfo-dummy-native', 'libmpc-native', 'flex-native', 'automake-native', 'zlib-native', 'mpfr-native', 'gmp-native', 'binutils-cross-x86_64', 'xz-native', 'autoconf-native', 'gnu-config-native', 'gettext-minimal-native', 'm4-native'] | DEBUG: Python function extend_recipe_sysroot finished | DEBUG: Executing shell function do_install | install: cannot stat 'loader.conf': No such file or directory | WARNING: exit code 1 from a shell command. | ERROR: Function failed: do_install (log file is located at /workdir/build/tmp/work/bobcat-poky-linux/systemd-bootconf/1.00-r0/temp/log.do_install.737) NOTE: recipe systemd-bootconf-1.00-r0: task do_install: Failed ERROR: Task (multiconfig:qt5022:/workdir/repo/poky/meta/recipes-core/systemd/systemd-bootconf_1.00.bb:do_install) failed with exit code '1' (From OE-Core rev: 84d08b0bed9e1c5f223f9ec437bb8d96a2bda599) Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: Remove hash column from database.Pierre Le Magourou2019-07-192-20/+13
| | | | | | | | | | | | djb2 hash algorithm was found to do collisions, so the database was sometime missing data. Remove this hash mechanism, clear and populate elements from scratch in PRODUCTS table if the current year needs an update. (From OE-Core rev: 78de2cb39d74b030cd4ec811bf6f9a6daa003d19) Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELISTPierre Le Magourou2019-07-191-11/+11
| | | | | | | | | | CVE_CHECK_WHITELIST does not contain version anymore, as it was not used. This variable should be set per recipe. (From OE-Core rev: 7069302a4ccbb5b72e1902f284cf078516fd7294) Signed-off-by: Pierre Le Magourou <pierre.lemagourou@softbankrobotics.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* squashfs-tools: upgrade to commit f95864afe883Ulrich Ölmann2019-07-195-224/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The master branch's current tip commit as of this writing is [1], see the squashfs-tool's repo at [0]. Because of commits [2]-[4] which are included in the master branch three corresponding patches are dropped as they are not needed anymore. The single remaining patch was rebased on top of [1] to apply cleanly. Commits [5] & [6] introduced interesting features, namely zstd support and reproducibility of created SquashFS images. They are reflected in two new PACKAGECONFIG options now, but only the latter ("reproducible") is appended to the default options as OE-core does not contain a recipe to build zstd at the moment (a working zstd recipe can be found e.g. in meta-rauc, see [7]). [0] https://github.com/plougher/squashfs-tools.git [1] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6") [2] 46bdc1726e5a ("mksquashfs: Make a load of functions static") [3] b0ca8a5c98ff ("pseudo.c: add explicit <sys/stat.h> include") [4] f95864afe883 ("unsquashfs-4: Add more sanity checks + fix CVE-2015-4645/6") [5] 6113361316d5 ("squashfs-tools: Add zstd support") [6] e0d74d07bb35 ("Add configuration and Mksquashfs build options for reproducible builds") [7] https://layers.openembedded.org/layerindex/recipe/79049/ (From OE-Core rev: 92f34fbe321040db3dc0431dd464747324058e2e) Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: upgrade 7.65.1 -> 7.65.2Anuj Mittal2019-07-191-2/+2
| | | | | | | | | | Changelog: https://curl.haxx.se/changes.html#7_65_2 (From OE-Core rev: 54b91da2bd07e8c3a40e61d90af251a1bfbf50f4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* debianutils: upgrade 4.8.6.1 -> 4.8.6.3Yi Zhao2019-07-191-5/+3
| | | | | | | (From OE-Core rev: bbde94e994f4904b983ee396b55eb68931de7d4c) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: set CVE vendor to opensslAnuj Mittal2019-07-191-0/+2
| | | | | | | | | Differentiate it from openssl gem for Ruby. (From OE-Core rev: 2ec481b19d6c9c20ce6573de77ae89e576d6b8cb) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpciaccess:upgrade 0.14 -> 0.16Zang Ruochen2019-07-192-31/+2
| | | | | | | | | | | | -Upgrade from libpciaccess_0.14.bb to libpciaccess_0.16.bb. -libpciaccess/0004-Don-t-include-sys-io.h-on-arm.patch Removed since this is included in 0.16. (From OE-Core rev: c2140b42c8516100c55c381d98e0f281b562d2db) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xwininfo:upgrade 1.1.4 -> 1.1.5Zang Ruochen2019-07-191-2/+2
| | | | | | | | | -Upgrade from xwininfo_1.1.4.bb to xwininfo_1.1.5.bb. (From OE-Core rev: 7f34f3657568a0130aa31a481973509203984a06) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libice:upgrade 1.0.9 -> 1.0.10Zang Ruochen2019-07-192-153/+2
| | | | | | | | | | | | -Upgrade from libice_1.0.9.bb to libice_1.0.10.bb. -libice/CVE-2017-2626.patch Removed since this is included in 1.0.10. (From OE-Core rev: d3581b5d5562604ba31fc2b10873b3b0c9bf75fc) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vte: upgrade 0.56.1 -> 0.56.3Anuj Mittal2019-07-191-2/+2
| | | | | | | (From OE-Core rev: 00c84fd2583022d6f11067cc0b2e8782a09abc26) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib-2.0: upgrade 2.60.4 -> 2.60.5Anuj Mittal2019-07-192-3/+3
| | | | | | | | | | Changes: https://github.com/GNOME/glib/blob/glib-2-60/NEWS (From OE-Core rev: 7ab3b3d57df1bddf2241b75ae6ebec29ea288502) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bzip2: upgrade 1.0.7 -> 1.0.8Anuj Mittal2019-07-191-3/+3
| | | | | | | | | | | | License-Update: Change in version and copyright year/date. Changelog: https://sourceware.org/git/?p=bzip2.git;a=blob;f=CHANGES (From OE-Core rev: ad33d889ad551651d72cf1cdfdfffdd147ee91ac) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix CVE-2019-12155Anuj Mittal2019-07-192-0/+36
| | | | | | | (From OE-Core rev: a0236a8f682ab0e897cd99555b9225bae4fb04ab) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2019-9070 is same as CVE-2019-9071Anuj Mittal2019-07-191-0/+1
| | | | | | | | | | | See: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395 (From OE-Core rev: cef180de3684491f1ac4180ddbcc102121222181) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* defaultsetup.conf: enable select init managerKai Kang2019-07-197-6/+25
| | | | | | | | | | | | | | | | | | | Introduce a new variable INIT_MANAGER and create 4 init-manager-*.inc files to configure init manager settings. Available values of INIT_MANAGER are sysvinit, systemd, mdev-busybox and a default of none. 'none' provides backwards compatibility. The settings of various VIRTUAL-RUNTIME variables are moved into these files from the packagegroups. [YOCTO #13031] [Modifications by RP for backwards compatibility] (From OE-Core rev: 8d0b4704a526a48cd5e67df61b613424bbbdccde) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* staging: Drop clean_recipe_sysrootRichard Purdie2019-07-181-11/+0
| | | | | | | | | | | | | With recent changes to runqueue, this fuction is unsafe as setscene tasks can run at the same time as normal ones and doing things before do_fetch no longer offers any guarantees. There is other code which cleans out things from the sysroots as tasks rerun so we should rely upon that instead. (From OE-Core rev: 27ce69861edb7e52078b59ebf8fefc9201e9a228) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pkgconf: upgrade 1.6.1 -> 1.6.3Ross Burton2019-07-181-2/+2
| | | | | | | (From OE-Core rev: 4a69bf5ae3328d124a7607a52333643ebf7ec0b3) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* piglit: upgrade to latest revisionRoss Burton2019-07-181-1/+1
| | | | | | | (From OE-Core rev: 6ee8d724bb7347a47395709df9d16e32abc9e06e) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager: Ensure the base-feed directory existsAlistair Francis2019-07-181-0/+2
| | | | | | | | | | Ensure that the /etc/opkg directory exists before we try to create a file there. (From OE-Core rev: 30ff50223cd0b79fd3b8aa393ea1e621282773ac) Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemurunner.py: Be more verbose about problemsAlistair Francis2019-07-181-10/+10
| | | | | | | | | | Instead of hiding problems in the debug log let's print them as warnings instead. (From OE-Core rev: 088f5d97001bd4b573f00cfca93b8d24e814fd64) Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* opensbi: Fix installed-vs-shipped warningAlistair Francis2019-07-181-0/+1
| | | | | | | | | | | | | Fix the following warning by just deleting the files: WARNING: opensbi-0.4-r0 do_package: QA Issue: opensbi: Files/directories were installed but not shipped in any package: /lib /lib/libsbiutils.a /lib/libsbi.a (From OE-Core rev: ecbf494b26db71076ad74902a75a3205c849d81e) Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xkeyboard-config: remove redundant intltool dependencyRoss Burton2019-07-181-2/+1
| | | | | | | | | Upstream now uses plain gettext. (From OE-Core rev: 0fd2b3318a7fb9bf8eeb760f82fe796f5b29643f) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ltp: getrlimit03: adjust-a-bit-of-code-to-compatiable-with mips32Hongzhi.Song2019-07-183-0/+138
| | | | | | | | | | | | | | | | | | | | | | | | | | Error info: getrlimit03.c:104: FAIL: __NR_prlimit64(0) had rlim_cur = ffffffffffffffff but __NR_getrlimit(0) had rlim_cur = 7fffffff According to kernel code: [arch/mips/include/uapi/asm/resource.h] RLIM_INFINITY is set to 0x7fffffffUL instead of ULONG_MAX on mips32. /* * SuS says limits have to be unsigned. * Which makes a ton more sense anyway, * but we keep the old value on MIPS32, * for compatibility: */ #ifndef __mips64 # define RLIM_INFINITY 0x7fffffffUL #endif Adding conditional statement about mips to fix this. (From OE-Core rev: 6bb6de711631fb2d339c447c6f88c8e06c17b967) Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-update-db-native: use SQL placeholders instead of format stringsRoss Burton2019-07-181-1/+1
| | | | | | | (From OE-Core rev: 91770338f76ef35f3c4eeac216eb9d2b3188e575) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* flex: set CVE_PRODUCT to include vendorRoss Burton2019-07-181-0/+3
| | | | | | | | | | | | There are many projects called Flex and they have CVEs, so also set the vendor to remove these false positives. (From OE-Core rev: 0598ccdcb31e16f1d1227197591b10ba441fcfe2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: allow comparison of Vendor as well as ProductRoss Burton2019-07-181-4/+8
| | | | | | | | | | | | | | | | Some product names are too vague to be searched without also matching the vendor, for example Flex could be the parser compiler we ship, or Adobe Flex, or Apache Flex, or IBM Flex. If entries in CVE_PRODUCT contain a colon then split it as vendor:product to improve the search. Also don't use .format() to construct SQL as that can lead to security issues. Instead, use ? placeholders and lets sqlite3 handle the escaping. (From OE-Core rev: e6bf90009877d00243417898700d2320fd87b39c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* freetype: add --tag CC to libtool argumentsMikko Rapeli2019-07-181-1/+1
| | | | | | | | | | | Fixes build failures on aarch64: aarch64-poky-linux-libtool: compile: unable to infer tagged configuration (From OE-Core rev: 2501fb402260d5d3929bffee78a1127dad2d538e) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe/copy_buildsystem: move layer into layers directoryAndrej Valek2019-07-181-1/+7
| | | | | | | | | | | | | | | | | | | | | | | Layers could be located outside from poky but inside the build directory. This case should be covered in eSDK. meta-abc meta-def/meta-ghi meta-def/poky meta-def/meta-oe/meta-oe ... It should take all enabled layers and put them into 'layers' dir during build-time with respecting new relative path to poky. layers/meta-abc layers/meta-ghi layers/poky layers/meta-oe/meta-oe ... (From OE-Core rev: 55ecf6988d3e3c0935cb6324a6ad2c75f1191a1d) Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check.bbclass: initialize to_appendMikko Rapeli2019-07-181-0/+1
| | | | | | | | | | | Fixes build failure with core-image-minimal: Exception: UnboundLocalError: local variable 'to_append' referenced before assignment (From OE-Core rev: 270ac00cb43d0614dfe1c95f960c76e9e5fa20d4) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* busybox: enable unicode supportMikko Rapeli2019-07-182-0/+11
| | | | | | | | | | | | | | | | | | | | | | | While creating and deleting files with unicode or other encodings works, it's annoying when ls and other core utils show questionmarks instead of the unicode characters. In 2019, it's quite common that users of embedded devices based on yocto need unicode support. Debugging a box with unicode encoded file names is a bit annoying when core utils from busybox don't support them. The unicode config fragment has the same config as Debian in their deb and udeb builds of version 1:1.30.1-4. If developers do not want this or other default yocto features in busybox, or optimize the configuration for size, then they likely run a completely custom configuration. Thus I think it's safe to enable unicode support by default. (From OE-Core rev: a48438422dbe64095bdb379c20428ba87e2a0e99) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ed: set CVE vendor to avoid false positivesRoss Burton2019-07-181-0/+2
| | | | | | | (From OE-Core rev: 2c3d689e4f78d8ea00b1bd2239af80c8fe038074) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-07-05 20:56:14 +0000