summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* linux-yocto/3.10: add valleyisland ioBruce Ashfield2014-03-303-3/+3
| | | | | | | | | | Updating the 3.10 meta SRCREV to include the valleyisland IO .scc and configuration files. (From OE-Core rev: 5adccadee00ac4408d3b3d4e6a0b7ee7c84cba97) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.10: update to v3.10.33Bruce Ashfield2014-03-303-13/+13
| | | | | | | | | Updating to the latest -stable release. (From OE-Core rev: 9acc956c23ea161d0af691ff4685b472d3eff086) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.10: update EFI configurationBruce Ashfield2014-03-303-3/+3
| | | | | | | | | | | | Importing the following two meta data changes for EFI configuration: 284e9589436a meta: efi.cfg/efi-ext.cfg: add EFIVAR_FS to default efi fragment 0a8c4971e2d9 meta: update efi config fragment to include EFI_STUB by default (From OE-Core rev: ec6ff275ba44ec183c00910f47e5b8916e58ab14) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.4: update mohonpeak.cfg for SATA, SMBus, LPC, WDT, crypto & ↵Bruce Ashfield2014-03-303-3/+3
| | | | | | | | | | | highmem64g Updating the meta SRCREV with the latest configuration updates. (From OE-Core rev: 8e98af96a4b2b725724cd97276168c03e95aa99d) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* linux-yocto/3.10: intel-core*/common configuration updatesBruce Ashfield2014-03-303-3/+3
| | | | | | | | | | | | | | | Importing the following configuration changes to support the latest intel common BSPs: 6e0e756d5137 intel-common: Remove GMA500 support 226c3b7a2b82 intel-core*: Add baytrail soc support 25df7acf2cc4 baytrail: Add feature/soc/baytrail 8715856ab617 meta: input: add CONFIG_INPUT dependency (From OE-Core rev: 88d2bb9c5959a9b1e744bb517c26a322cd537023) Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image.py: check file exists before deletingLaurentiu Palcu2014-03-301-1/+2
| | | | | | | | | | | | When RM_OLD_IMAGE = "1", we delete old images but we didn't check they actually exist... [YOCTO #6029] (From OE-Core rev: 8910d3cc94899ab4d509e681b438ae96218fa777) Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_*.bbclass: Simplify addtaskRichard Purdie2014-03-303-3/+3
| | | | | | | | | The package_write task was previously removed. Remove a remaining superfluous reference to it. (From OE-Core rev: 76bbf9e8f07f3e6f20c890dd4c82c72641e2ca88) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_*: Drop now unneeded recrdeptask flagsRichard Purdie2014-03-303-5/+0
| | | | | | | | | Now populate_sdk_base has the appropriate flags, we can drop these from the individual classes. (From OE-Core rev: 388bfe2dc168d31ba3c5c85684f3c96d2ae13800) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* populate_sdk_base: add dependency of do_package_write_* tasksLaurentiu Palcu2014-03-301-1/+1
| | | | | | | | | | | | | | | | | | | | nativesdk packages were created only for the first backend listed in PACKAGE_CLASSES. Hence, if one had it set to "package_rpm package_ipk" and did a 'bitbake -c populate_sdk core-image-something', the nativesdk packages were created only for rpm. This is particularily bad for adt-installer which is based on opkg repos. Credits go to richard.purdie@linuxfoundation.org who suggested me this fix. [YOCTO #5900] (From OE-Core rev: 85c3238ee713bc27e99a2e393e3bf8438ed4d91f) Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* rootfs.py: add new cleanup methodLaurentiu Palcu2014-03-301-0/+25
| | | | | | | | | | | | | | This commit adds a new _cleanup() internal method that will be called at the end of rootfs creation, so that each backend can delete various files that were probably generated during rootfs postprocess execution, etc. [YOCTO #6049] (From OE-Core rev: 6151d69875f3f4f097b6e2fdef2a0f3ab391e2fd) Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager.py: leave the __db.00* files in placeLaurentiu Palcu2014-03-301-7/+1
| | | | | | | | | | | | | | | | | | | | Do not delete the __db.00* files in the PackageManager class. Leave this operation up to the client classes. One side effect of this deletion was the following message appearing in the output of the next rpm command executed: rpmdb: BDB1540 configured environment flags incompatible with existing environment We might also gain some time here by not deleting/creating those files very often. [YOCTO #6049] (From OE-Core rev: 12e300f0af2a27c15d80298d3fbb27b092c35154) Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss-3.15.1: fix CVE-2013-5605yanjun.zhu2014-03-302-0/+19
| | | | | | | | | | | | | | Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5605 (From OE-Core rev: 09e8cd6f09284ad3faf0bc05d623a43e2b174866) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss-3.15.1: fix CVE-2013-1741yanjun.zhu2014-03-302-0/+93
| | | | | | | | | | | | | | Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1741 (From OE-Core rev: b666d173ff0ba213bf81e2c035a605a28e5395ea) Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtiff: fix CVE-2013-4244Baogen Shang2014-03-302-1/+21
| | | | | | | | | | | | | | | cve description: The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4244 (From OE-Core rev: 4eec8fae3f972a27bfb986066f5b3603599ebc25) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libarchive: fix CVE-2013-0211Baogen Shang2014-03-302-0/+39
| | | | | | | | | | | | | | | | | CVE description: Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecified vectors, which triggers an improper conversion between unsigned and signed types, leading to a buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0211 (From OE-Core rev: 355a8086637b859a469e1f2dc717b4ccec00b970) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* autoconf: new autotest/testsuite option to enable automake test result formatRadu Patriu2014-03-302-0/+137
| | | | | | | | | | | lib/autotest/general.m4: added "--am-fmt | -A" command line parameter for testsuite script to enable "RESULT: testname" output format; to be used by yocto ptest packages directly or with autoconf TESTSUITEFLAGS. (From OE-Core rev: 9d288e5afd6696cc519574470c7d47ca55403d27) Signed-off-by: Radu Patriu <radu.patriu@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* packagegroup-toolset-native: Update after ocf-linux -> cryptodev-linux changeRichard Purdie2014-03-271-1/+1
| | | | | | (From OE-Core rev: b16de9af5c7108396a347e7107c73608a2f8d74f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ocf-linux: remove recipeKai Kang2014-03-272-30/+0
| | | | | | | | | | | | ocf-linux only provides header file and no kernel module is built. We can't use ocf-linux without its implementation. And linux-yocto uses an alternative project cryptodev-linux, so we remove ocf-linux and use cryptodev-linux instead. (From OE-Core rev: 45f1659f49edbceed0b75c0319880151161fdc8e) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: replace dependency ocf-linux with cryptodev-linuxKai Kang2014-03-271-1/+1
| | | | | | | | | | | | ocf-linux only provides header files but no implementation in kernel. And Yocto kernel linux-yocto use cryptodev-linux to implement /dev/crypto interface. So replace dependency ocf-linux with cryptodev-linux for openssl. (From OE-Core rev: b36b15cddbe52e6770b96e06af2959cea0e2436f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cryptodev-linux: add recipeKai Kang2014-03-271-0/+22
| | | | | | | | | | | Yocto kernel linux-yocto uses cryptodev-linux to use device /dev/crypto. So add cryptodev-linux which is one alternative of ocf-linux and then remove ocf-linux later. (From OE-Core rev: 6b6c24eccdb0030ecccadefe94c1c5b4387e46d1) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* run-postinsts: fix issue with checking IMAGE_FEATURESLaurentiu Palcu2014-03-272-9/+23
| | | | | | | | | | | | | | | | | | | | The old implementation was wrong. It was not very generic and it checked IMAGE_FEATURES while building the recipe, which led to various issues with the generation of the final script. That is, the run-postinsts script was generated once, while building the package for the first time. Hence, any other changes to IMAGE_FEATURES, like removing/adding 'package-management' did not reflect in the final script. This commit makes run-postinsts script autodetect the backend used for creating the image, making it generic. [YOCTO #5666] [YOCTO #5972] (From OE-Core rev: 44902f7550e490a9d4d2e2bcdf8c577329b4af75) Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: update to head ae938eba92b2c89a9fd91161e57c5dbc594ad4adCristian Iorga2014-03-271-1/+1
| | | | | | | | | | | | | Build Appliance includes a more recent version of poky, up to commit: ae938eba92b2c89a9fd91161e57c5dbc594ad4ad. Adds bitbake fixes/optimizations; (From OE-Core rev: f41f1b263438e19e2209876798bbcbbcee646f34) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gummiboot: fix the installed but not shipped warningRobert Yang2014-03-271-0/+2
| | | | | | | | | | | | | | | | Fix the warning: WARNING: QA Issue: gummiboot: Files/directories were installed but not shipped /usr/lib /usr/lib/gummiboot /usr/lib/gummiboot/gummibootx64.efi This is because it uses "/usr/lib" in gummibootlibdir, use ${libdir} to fix it. (From OE-Core rev: ee587332f2ac9d88d4a300732645b0e2f793ce5f) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gummiboot: use objcopy from the envRobert Yang2014-03-272-1/+42
| | | | | | | | | | | | | | | | | | | | | | | Fix the error: [snip] | nm -D -u src/efi/gummiboot.so | grep ' U ' && exit 1 || : | objcopy -j .text -j .sdata -j .data -j .dynamic \ | -j .dynsym -j .rel -j .rela -j .reloc -j .eh_frame \ | --target=efi-app-x86_64 src/efi/gummiboot.so gummibootx64.efi | objcopy: src/efi/gummiboot.so: Invalid bfd target | make[1]: *** [gummibootx64.efi] Error 1 | make[1]: *** Waiting for unfinished jobs.... | make: *** [all] Error 2 [snip] It uses the "objcopy" directly, which is not suitable for cross compile. [YOCTO #6054] (From OE-Core rev: 393fe40c14e7adeadbccb72953027b63b6f8030c) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gummiboot: add COMPATIBLE_HOSTRobert Yang2014-03-271-0/+5
| | | | | | | | | | | | | | The gummiboot depends on gnu-efi which had set: COMPATIBLE_HOST = "(x86_64.*|i.86.*)-linux" We also need set this for gummiboot, otherwise there would be build failures for other non-x86 archs. (From OE-Core rev: f1b23a32d0c823577cec532e3646c2f78e81ccda) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnu-efi: fix the LIBDIRRobert Yang2014-03-271-1/+1
| | | | | | | | | | | | | | | | | Its LIBDIR in Makefile is: LIBDIR = $(PREFIX)/lib This is incorrect for 64 bit bsp, thus will cause build failures on gummiboot: ld: cannot open linker script file /path/to/usr/lib64/elf_x86_64_efi.lds: No such file or directory [YOCTO #6053] (From OE-Core rev: a18e4bef5f284c5b940007e60c7be28128a94c44) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bitbake.conf: Adds bitbake qemu option for ppc e6500 & ppc e6500-64b.Valentin Cobelea2014-03-271-0/+2
| | | | | | | | | | This patch adds the bitbake qemu option for the ppc e6500 & ppc e6500-64b architectures. (From OE-Core rev: 62b0f09c13aa8e9c75ddea286586d1a2385a80be) Signed-off-by: Valentin Cobelea <valentin.cobelea@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* selftest/bbtests.py: Fixed regex and added bitbake output to ↵Corneliu Stoicescu2014-03-271-4/+4
| | | | | | | | | | | | test_warnings_errors The test failed when more than 1 error or 1 warning is present. Also pasting the bitbake output when the test fails. (From OE-Core rev: abc691026592b406e69f8bf9e4fffe2e6a17fffc) Signed-off-by: Corneliu Stoicescu <corneliux.stoicescu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lsb: fix lsb_log_msg() implementationCristian Iorga2014-03-272-6/+6
| | | | | | | | | | | | | | | | | | | | LSB lsb_log_message calls a begin() function that should be implemented in /etc/init.d/functions. The aforementioned script does not implement the begin() function, as such there is a small issue related to logging. This fix implements a local version of the function, while cleaning up the troublesome previous implementation. Fix [YOCTO #5795] (From OE-Core rev: 365ab9118b6c68aedb2e79129202b385329a8abb) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* image.bbclass: replace rootfs with /dev/rootChen Qi2014-03-271-1/+1
| | | | | | | | | | | | | | | Replace 'rootfs' with '/dev/root' in read_only_rootfs_hook function to match the latest change in fstab file from the base-files recipe. The related commit is as follows. commit e8bc7a136a81a0d8df2d32dfba0920c1b2835141 base-files: use /dev/root in /etc/fstab for systemd support (From OE-Core rev: 31b5aeb5a0b82842e1dd8545bf5d43778d8c218b) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd-serialgetty: update to match systemd 211Jonathan Liu2014-03-271-0/+3
| | | | | | | (From OE-Core rev: c48a2827a5494983dcefa70d8bebcc50e8a5fc3b) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: Fix perl paths in scripts and population of the perltools packageRichard Purdie2014-03-271-3/+28
| | | | | | | | | | | | | References to "perl-native" were slipping into the target packages. These changes ensure those references are cleaned up and that tools using perl are packaged in the correct perltools package. The same issues affected the nativesdk-git output so are also applied there. [YOCTO #5918] (From OE-Core rev: fd4a6b0cd275931e552cd23233c178e9ec54bdbb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base.bbclass: Merge two ConfigParsed event handlersRichard Purdie2014-03-271-7/+1
| | | | | | | | | There were two ConfigParsed event handlers in base.bbclass, this merges them together for small efficiency wins. (From OE-Core rev: ff919ed132b543f70e9635be7a31f799aafcf8d6) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sanity.bbclass: Update against bitbake sanity event changesRichard Purdie2014-03-271-7/+6
| | | | | | | | | | Bitbake will now trigger sanity events when it needs the checks to run in all cases so we can drop the ConfigParsed hook. We now control whether events are generated or errors are raised from the event itself. (From OE-Core rev: 97108a5647f9278280c923ef69d2b0b945a26eef) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base.bbclass: Run oe_import before other INHERITsRichard Purdie2014-03-271-1/+5
| | | | | | | | | | | | | Its possible for classes listed in INHERIT directives to use things like the oe.utils functions. If that happens the user sees a traceback since the modules don't become available until the ConfigParsed event. This change to use immediate expansion means that the oe modules become available much sooner and can be used in the core classes, including within base.bbclass. (From OE-Core rev: a9ecad713f37f2703e99c6b856207abeb6c5ad1f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* apt/package_mamager: Ensure WORKDIR is used for lists directoryRichard Purdie2014-03-272-1/+3
| | | | | | | | | | | | The native sysroot should not be used as a store for the lists files since multiple images running at once would conflict over this. Instead redirect this to WORKDIR. This means some extra directories need to be created. Also create apt.conf.d to silence some warnings. (From OE-Core rev: dc4abfc8f99c08e0c1ac9d098ce17838d0eda028) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager: Fix apt-ftparchive index creation problemsRichard Purdie2014-03-271-7/+6
| | | | | | | | | | a) There were missing parameters to the release and package commands (".") b) The commands need to be executed as one block since they build upon each other (From OE-Core rev: a3965b76ed4361455c89c982761263be03e1a8e5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager: Ensure we don't process directories twiceRichard Purdie2014-03-271-1/+3
| | | | | | | | | | Processing directories twice is both pointless and introduces a race condition. When building the list, ensure duplicates (like "all" and "noarch") are handled correctly. (From OE-Core rev: 4c487543422ae471a01a573bab44e3f6a6d2497a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mmc-utils: Add user space mmc utilities for eMMCChase Maupin2014-03-271-0/+19
| | | | | | | | | | | | * The mmc-utils are useful userspace utilities for configuring and working with MMC devices. These are particularly useful when working with eMMC devices to do the initial programming of the device. (From OE-Core rev: 6ce4010951a291aec72a3e4997cd7c523a22ac87) Signed-off-by: Chase Maupin <Chase.Maupin@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* base-files: do_install.sigdata: remove the depends on DATERobert Yang2014-03-271-0/+1
| | | | | | | | | | | | | | | | | | | | If we run "bitbake -S base-files" today, and re-run it tomorrow with nothing changed, we would see that the do_install.sigdata changes because of: do_intall -> do_install_basefilesissue -> DISTRO_VERSION -> DATE We had set: IMAGE_NAME[vardepsexclude] += "DATETIME" in meta/conf/bitbake.conf, we can set a similar line in base-files_3.0.14.bb to fix the problem. [YOCTO #6032] (From OE-Core rev: cd06824bda76a9d08a3318e0621e31c0e8c39f74) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/conf/bitbake.conf: add STAMPCLEAN to BB_HASHBASE_WHITELISTRobert Yang2014-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | The problem is that do_configure.sigdata depends on STAMPS_DIR because: do_configure -> STAMPCLEAN -> STAMPS_DIR this will make the sigdata generated by "STAMPS_DIR=/tmp/stps bitbake -S recipe" doesn't match the ones in our build dir, but it should. We can add STAMPS_DIR or STAMPCLEAN to BB_HASHBASE_WHITELIST to fix the problem, but we can't add STAMPS_DIR since once it is in BB_HASHBASE_WHITELIST, the "STAMPS_DIR=/tmp/stps bitbake -S recipe" would not run again. [YOCTO $6031] (From OE-Core rev: faf3e74d5c488a66fdabd485eb916f555d7353fd) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* util-linux-native: fix qsort_r for CentOS 5.10Robert Yang2014-03-272-1/+37
| | | | | | | | | | | The qsort_r() was added to glibc in version 2.8, so there is no qsort_r() on the host like CentOS 5.x, use qsort() to fix it since they are nearly identical. (From OE-Core rev: cda5310e32ce05bc54602d4c18ee2d28a53be57f) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cpio rootfs build: Avoid modifying rootfs dirJonas Eriksson2014-03-271-3/+5
| | | | | | | | | | | | | | | | | | | The Linux kernel requires that initrd images contain a /init file for the image to be used as an initrd, even if it is empty. Adding it into the rootfs directory creates a race, that can upset tar when building both a .tar and .cpio image file ("tar: .: file changed as we read it"). Additionally, whether or not the tar file will contain the /init file is also up to the race condition. To avoid this problem, move the /init addition out from the rootfs directory, and thus only include it in the .cpio image. (From OE-Core rev: 706055503f493a5af73240c0983c46dbe31d8fe9) Signed-off-by: Jonas Eriksson <jonas.eriksson@enea.com> Signed-off-by: Josep Puigdemont <josep.puigdemont@enea.com> Cc: Laurentiu Palcu <laurentiu.palcu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: CVE-2013-4576Yong Zhang2014-03-272-0/+154
| | | | | | | | | | | | | | | | | | | GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE. (From OE-Core rev: 46b80c80b0e008820b34f4360054e1697df2650d) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: CVE-2013-4351Ming Liu2014-03-272-1/+47
| | | | | | | | | | | | | GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. (From OE-Core rev: 259aebc9dbcaeb1587aaaab849942f55fa321724) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6449Yue Tao2014-03-272-0/+34
| | | | | | | | | | | | | The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (From OE-Core rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6450Yue Tao2014-03-272-0/+82
| | | | | | | | | | | | | | The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (From OE-Core rev: 94352e694cd828aa84abd846149712535f48ab0f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-4353Yue Tao2014-03-272-0/+32
| | | | | | | | | | | | | The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake. (From OE-Core rev: 35ccce7002188c8270d2fead35f9763b22776877) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* toaster.bbclass: update buildstats event dataAlexandru DAMIAN2014-03-251-3/+3
| | | | | | | | | | | We add the PN to the buildstats event data in order to proper select database task when multiple similar tasks are executed for the same recipe file. (From OE-Core rev: 43d717df16312a8f0333aff6b8b037b4b9d51bf3) Signed-off-by: Alexandru DAMIAN <alexandru.damian@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Enable yasm in gstreamer1.0-libav by defaultCarlos Rafael Giani2014-03-251-1/+1
| | | | | | | | | | | Since yasm has been moved to OE-core, there is no reason for not enabling yasm by default anymore. It improves performance of gstreamer1.0-libav considerably. (From OE-Core rev: ec734f0cccba2659334498235851c93ce8abef2b) Signed-off-by: Carlos Rafael Giani <dv@pseudoterminal.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>