summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* common-licenses: Correct the FreeType license textPeter Kjellerstedt2018-11-071-2/+2
| | | | | | | | | | It now matches: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/FTL.TXT (From OE-Core rev: 9dcb393551b65c8b674f625e90171b512f5e5a60) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* reproducible_build: update do_deploy_source_date_epoch commmentDouglas Royds2018-11-071-1/+4
| | | | | | | | | | | | Once the value of SOURCE_DATE_EPOCH is determined, it is stored in the recipe's SDE_FILE. If none of the existing mechanisms are suitable, replace the do_deploy_source_date_epoch task with recipe-specific functionality to write the appropriate SOURCE_DATE_EPOCH into the SDE_FILE. (From OE-Core rev: e7b891b76954c784f5a93bd0a1c91315673ce40d) Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842Changqing Li2018-11-073-0/+113
| | | | | | | (From OE-Core rev: 0f0db9fc8512a0ecd0cdba3304a195cd925a5029) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2018-0735 for 1.1.1Kai Kang2018-11-072-0/+51
| | | | | | | | | Backport patch to fix CVE-2018-0735 for openssl 1.1.1. (From OE-Core rev: 78e751e33d3ec4394d96391e737cc39cad960ebe) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1Kai Kang2018-11-074-0/+143
| | | | | | | | | | Backport patches to fix CVE-2018-0734 for both openssl 1.0.2p and 1.1.1 versions. (From OE-Core rev: 9d5c6a87eb72a8b8b8d417126a831565982ca9a6) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18284Hongxu Jia2018-11-072-0/+246
| | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. (From OE-Core rev: 98ab5c5770d20b39bf3c58083f31f31838f2e940) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-18073Hongxu Jia2018-11-073-0/+241
| | | | | | | | | | | Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. (From OE-Core rev: 6098c19e1f179896af7013c4b5db3081549c97bc) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ghostscript: fix CVE-2018-17961Hongxu Jia2018-11-076-0/+806
| | | | | | | | | | | | Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. (From OE-Core rev: 6c32ea184941d292cd8f0eb898e6cc90120ada40) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: fix CVE-2018-18520 & CVE-2018-18521 & CVE-2018-18310Hongxu Jia2018-11-074-0/+139
| | | | | | | | | | These CVE fixes come from upstream master branch and no new version released, so backport rather than upgrade. (From OE-Core rev: bd8d2c25f595e30a3fdcad8a2409913bb8af7c5c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* elfutils: 0.173 -> 0.174Hongxu Jia2018-11-075-1015/+22
| | | | | | | | | | | | | | - Drop backport fixes CVE-2018-16062.patch 0001-libdw-Check-end-of-attributes-list-consistently.patch 0002-libelf-Return-error-if-elf_compress_gnu-is-used-on-S.patch - Rebase 0008-build-Provide-alternatives-for-glibc-assumptions-hel.patch (From OE-Core rev: 777c1f8b6e20643964c304400e2d746dc2926524) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nasm: fix CVE-2018-1000667Hongxu Jia2018-11-072-0/+38
| | | | | | | | | | Since the latest nasm is 2.14rc16 (not formal release), so backport a patch to 2.13 to fix CVE-2018-1000667. (From OE-Core rev: 024b395425c95a08c881d922c310be78ffad483a) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unzip: fix for CVE-2018-18384Changqing Li2018-11-071-0/+39
| | | | | | | (From OE-Core rev: 2ddb3b25ed063b47d3fe2b3e9e17b7f9d0e2a7e5) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* qemu: fix for CVE-2018-10839Changqing Li2018-11-071-0/+52
| | | | | | | (From OE-Core rev: 5c2b164e1022c46f6bf541894429773c3dde7af2) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: fix CVE-2018-15688Chen Qi2018-11-072-0/+40
| | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15688 (From OE-Core rev: 13591d7224393dc0ae529a03cdf74aceb3540ce9) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: fix CVE-2018-15687Chen Qi2018-11-072-0/+220
| | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15687 (From OE-Core rev: eeb621aa19f690971caf862290a172a115578ba1) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: fix CVE-2018-15686Chen Qi2018-11-072-0/+251
| | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15686 (From OE-Core rev: 0ef70603bc983315eb0e8a97958d995a31198c35) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2018gArmin Kuster2018-11-071-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code When generating TZif files with leap seconds, zic no longer uses a format that trips up older 32-bit clients, fixing a bug introduced in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround for QTBUG-53071 now also works for TZif files with leap seconds. The translator to rearguard format now rewrites the line "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to "Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S". This caters to zic before 2007 and to Oracle TZUpdater 2.2.0 and earlier. (Reported by Christos Zoulas.) Changes to past time zone abbreviations Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii. This reverts to 2011h, as the abbreviation change in 2011i was likely inadvertent. Changes to documentation tzfile.5 has new sections on interoperability issues. (From OE-Core rev: 32e5dd919a61b1c245fb6a867d0ea4a71d394aca) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode-native: update to 2018gArmin Kuster2018-11-071-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code When generating TZif files with leap seconds, zic no longer uses a format that trips up older 32-bit clients, fixing a bug introduced in 2018f. (Reported by Daniel Fischer.) Also, the zic workaround for QTBUG-53071 now also works for TZif files with leap seconds. The translator to rearguard format now rewrites the line "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to "Rule Japan 1948 1951 - Sep Sun>=9 1:00 0 S". This caters to zic before 2007 and to Oracle TZUpdater 2.2.0 and earlier. (Reported by Christos Zoulas.) Changes to past time zone abbreviations Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii. This reverts to 2011h, as the abbreviation change in 2011i was likely inadvertent. Changes to documentation tzfile.5 has new sections on interoperability issues. (From OE-Core rev: a24d0c174411a32a2793c89980ca87c4f9d98bc4) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nss: update to 3.39 includes CVE-2018-12384Armin Kuster2018-11-071-2/+2
| | | | | | | | | see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes (From OE-Core rev: 9d5d19cee30ac73b9fbf75308e5729857384983e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* xserver-xorg: fix CVE-2018-14665Ross Burton2018-11-012-0/+63
| | | | | | | | | | | | | | | | Incorrect command-line parameter validation in the Xorg X server can lead to privilege elevation and/or arbitrary files overwrite, when the X server is running with elevated privileges (ie when Xorg is installed with the setuid bit set and started by a non-root user). The -modulepath argument can be used to specify an insecure path to modules that are going to be loaded in the X server, allowing to execute unprivileged code in the privileged process. The -logfile argument can be used to overwrite arbitrary files in the file system, due to incorrect checks in the parsing of the option. (From OE-Core rev: 14b5854d50c38e94fc0d1ce6af36698fc69f52b4) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to master head revisionyocto-2.6thud-20.0.0Richard Purdie2018-10-291-1/+1
| | | | | | (From OE-Core rev: 1fd7d0f2fbf7e200844c675ddb77513a8d5d7327) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzdata: update to 2018fArmin Kuster2018-10-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Briefly: Volgograd moves from +03 to +04 on 2018-10-28. Fiji ends DST 2019-01-13, not 2019-01-20. Most of Chile changes DST dates, effective 2019-04-06. Changes to future timestamps Volgograd moves from +03 to +04 on 2018-10-28 at 02:00. (Thanks to Alexander Fetisov and Stepan Golosunov.) Fiji ends DST 2019-01-13 instead of the 2019-01-20 previously predicted. (Thanks to Raymond Kumar.) Adjust future predictions accordingly. Most of Chile will end DST on the first Saturday in April at 24:00 mainland time, and resume DST on the first Saturday in September at 24:00 mainland time. The changes are effective from 2019-04-06, and do not affect the Magallanes region modeled by America/Punta_Arenas. (Thanks to Juan Correa and Tim Parenti.) Adjust future predictions accordingly. Changes to past timestamps The 2018-05-05 North Korea 30-minute time zone change took place at 23:30 the previous day, not at 00:00 that day. China's 1988 spring-forward transition was on April 17, not April 10. Its DST transitions in 1986/91 were at 02:00, not 00:00. (Thanks to P Chan.) Fix several issues for Macau before 1992. Macau's pre-1904 LMT was off by 10 s. Macau switched to +08 in 1904 not 1912, and temporarily switched to +09/+10 during World War II. Macau observed DST in 1942/79, not 1961/80, and there were several errors for transition times and dates. (Thanks to P Chan.) The 1948-1951 fallback transitions in Japan were at 25:00 on September's second Saturday, not at 24:00. (Thanks to Phake Nick.) zic turns this into 01:00 on the day after September's second Saturday, which is the best that POSIX or C platforms can do. Incorporate 1940-1949 Asia/Shanghai DST transitions from a 2014 paper by Li Yu, replacing more-questionable data from Shanks. Changes to time zone abbreviations Use "PST" and "PDT" for Philippine time. (Thanks to Paul Goyette.) Changes to documentation New restrictions: A Rule name must start with a character that is neither an ASCII digit nor "-" nor "+", and an unquoted name should not use characters in the set "!$%&'()*,/:;<=>?@[\]^`{|}~". The latter restriction makes room for future extensions (a possibility noted by Tom Lane). tzfile.5 now documents what time types apply before the first and after the last transition, if any. Documentation now uses the spelling "timezone" for a TZ setting that determines timestamp history, and "time zone" for a geographic region currently sharing the same standard time. The name "TZif" is now used for the tz binary data format. tz-link.htm now mentions the A0 TimeZone Migration utilities. (Thanks to Aldrin Martoq for the link.) Changes to build procedure New 'make' target 'rearguard_tarballs' to build the rearguard tarball only. This is a convenience on platforms that lack lzip if you want to build the rearguard tarball. (Problem reported by Deborah Goldsmith.) tzdata.zi is now more stable from release to release. (Problem noted by Tom Lane.) It is also a bit shorter. tzdata.zi now can contain comment lines documenting configuration information, such as which data format was selected, which input files were used, and how leap seconds are treated. (Problems noted by Lester Caine and Brian Inglis.) If the Makefile defaults are used these comment lines are absent, for backward compatibility. A redistributor intending to alter its copy of the files should also append "-LABEL" to the 'version' file's first line, where "LABEL" identifies the redistributor's change. (From OE-Core rev: 9d786808fb9471eff46d95dd354f6254e468aa17) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* tzcode: update to 2018fArmin Kuster2018-10-291-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to code zic now always generates TZif files where time type 0 is used for timestamps before the first transition. This simplifies the reading of TZif files and should not affect behavior of existing TZif readers because the same set of time types is used; only their internal indexes may have changed. This affects only the legacy zones EST5EDT, CST6CDT, MST7MDT, PST8PDT, CET, MET, and EET, which previously used nonzero types for these timestamps. Because of the type 0 change, zic no longer outputs a dummy transition at time -2**59 (before the Big Bang), as clients should no longer need this to handle historical timestamps correctly. This reverts a change introduced in 2013d and shrinks most TZif files by a few bytes. zic now supports negative time-of-day in Rule and Leap lines, e.g., "Rule X min max - Apr lastSun -6:00 1:00 -" means the transition occurs at 18:00 on the Saturday before the last Sunday in April. This behavior was documented in 2018a but the code did not entirely match the documentation. localtime.c no longer requires at least one time type in TZif files that lack transitions or have a POSIX-style TZ string. This future-proofs the code against possible future extensions to the format that would allow TZif files with POSIX-style TZ strings and without transitions or time types. A read-access subscript error in localtime.c has been fixed. It could occur only in TZif files with timecnt == 0, something that does not happen in practice now but could happen in future versions. localtime.c no longer ignores TZif POSIX-style TZ strings that specify only standard time. Instead, these TZ strings now override the default time type for timestamps after the last transition (or for all time stamps if there are no transitions), just as DST strings specifying DST have always done. leapseconds.awk now outputs "#updated" and "#expires" comments, and supports leap seconds at the ends of months other than June and December. (Inspired by suggestions from Chris Woodbury.) (From OE-Core rev: 4670dcdb6e2504469c30ebed828d4702d8c0003c) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to thud head revisionRichard Purdie2018-10-291-2/+2
| | | | | | (From OE-Core rev: 4a022fddc06587ffd0147c6c3d06ef0d595da112) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meson: map powerpc64 TARGET_ARCH to ppc64 for the cross fileVictor Kamensky2018-10-291-0/+2
| | | | | | | | | | Meson uses 'ppc64' for 64 bit powerpc. Issue came up while building systemd for MACHINE that uses ppc64e5500 tune. (From OE-Core rev: eccd5414c37be26df63a90154c1808f6f5618b7d) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libxcrypt: tweak branch from master to developHongxu Jia2018-10-291-1/+1
| | | | | | | | | The master branch does not exist any more, use develop to replace. (From OE-Core rev: 6db5e994ed9179eb6174ace1fd60c007f11deadd) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* groff: not search fonts on build hostKai Kang2018-10-292-0/+21
| | | | | | | | | | | | groff searches fonts on build host which are provided by ghostscript. The number of font files installed by groff are different according to whether ghostscript fonts are installed on build host. Fix it by not search font dirs on the host. (From OE-Core rev: 01bce5fada48ecc7bd76c3d7fbade3c034518573) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* git: upgrade 2.18.0 -> 2.18.1Changqing Li2018-10-292-11/+11
| | | | | | | | | Includes a fix for CVE-2018-17456. (From OE-Core rev: 95a74460f30223e6db9bff068b3ba84c74e1ba63) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/utils/metadata: Allow to function without the git moduleRichard Purdie2018-10-291-2/+15
| | | | | | | | | | The python git module may or may not be enabled, allow this code to function without it, falling back to the same method as metadata_scm.bbclass uses. This will be cleaned up in the next round of feature development. (From OE-Core rev: 6350586ba9f4a4107a2d457590824cd4d662d5b9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/core/runner: Don't add empty log entriesRichard Purdie2018-10-291-1/+4
| | | | | | | | | There is no point in adding empty log entries to the json result files, only add them if there is log data. (From OE-Core rev: da6aef0b6bd4655805f7f743858d4e04341f75ed) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testsdk: Improvements to the json loggingRichard Purdie2018-10-291-18/+18
| | | | | | | | | | | | | Tweak the preceeding commit to: * Add STARTTIME to the identifier to make it unique * Add MACHINE to the identifier * Use LOG_DIR * Store the layer config in a more natural json format * Drop '_' function prefixes (From OE-Core rev: c272079d662237b1b9f87940c88cbadaeda9a9d1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testsdk.bbclass: write testresult to json filesYeoh Ee Peng2018-10-291-4/+32
| | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia to store testresult, OEQA sdk and sdkext need to output testresult into json files, where these json testresult files will be stored into git repository by the future test-case-management tools. By default, json testresult file will be written to "oeqa" directory under the "WORKDIR" directory. To configure multiple instances of bitbake to write json testresult to a single testresult file at custom directory, user will define the variable "OEQA_JSON_RESULT_DIR" with the custom directory for json testresult. (From OE-Core rev: cdbedba7da9c3f97a642d79a5e8ec363ba938e35) Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testimage: Improvements to the json loggingRichard Purdie2018-10-291-14/+14
| | | | | | | | | | | | | | Tweak the preceeding commit to: * Add STARTTIME to the identifier to make it unique * Log DISTRO * Use LOG_DIR * Store the layer config in a more natural json format * Drop '_' function prefixes (From OE-Core rev: dda94cfa708cf3c6e5408d6dbcece360b4e8cd27) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testimage.bbclass: write testresult to json filesYeoh Ee Peng2018-10-291-2/+29
| | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia to store testresult, OEQA testimage need to output testresult into json files, where these json testresult files will be stored into git repository by the future test-case-management tools. By default, json testresult file will be written to "oeqa" directory under the "WORKDIR" directory. To configure multiple instances of bitbake to write json testresult to a single testresult file at custom directory, user will define the variable "OEQA_JSON_RESULT_DIR" with the custom directory for json testresult. (From OE-Core rev: 5d135d4769b6bb60d575eb6ed196367f9e077cc4) Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest: Improvements to the json loggingRichard Purdie2018-10-291-14/+11
| | | | | | | | | | | | | Tweak the preceeding commit to: * Add STARTTIME to the identifier to make it unique * Use LOG_DIR * Store the layer config in a more natural json format * Drop '_' function prefixes (From OE-Core rev: 173f59acf9722e2ef27fdd49c20f7d3d664917eb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/selftest/context: write testresult to json filesYeoh Ee Peng2018-10-291-3/+31
| | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia to store testresult, OEQA selftest need to output testresult into json files, where these json testresult files will be stored into git repository by the future test-case-management tools. By default, json testresult file will be written to "oeqa" directory under the oe-selftest log directory. To configure multiple instances of bitbake to write json testresult to a single testresult file at custom directory, user will define the variable "OEQA_JSON_RESULT_DIR" with the custom directory for json testresult. (From OE-Core rev: 10697165c832e3dbb2913b6215164ea75e23ec23) Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/core/runner: write testresult to json filesYeoh Ee Peng2018-10-291-1/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia to store testresult, OEQA need to output testresult into single json file, where json testresult file will be stored in git repository by the future test-case-management tools. The json testresult file will store more than one set of results, where each set of results was uniquely identified by the result_id. The result_id would be like "runtime-qemux86-core-image-sato", where it was a runtime test with target machine equal to qemux86 and running on core-image-sato image. The json testresult file will only store the latest test content for a given result_id. The json testresult file contains the configuration (eg. COMMIT, BRANCH, MACHINE, IMAGE), result (eg. PASSED, FAILED, ERROR), test log, and result_id. Based on the destination json testresult file directory provided, it could have multiple instances of bitbake trying to write json testresult to a single testresult file, using locking a lockfile alongside the results file directory to prevent races. Also the library class inside this patch will be reused by the future test-case-management tools to write json testresult for manual test case executed. (From OE-Core rev: 00e03b5004f1eb6d59295544b3a8620504278f51) Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* curl: extend CVE_PRODUCTGrygorii Tertychnyi2018-10-291-1/+1
| | | | | | | | | | | | | There are both "curl" and "libcurl" CPEs in NVD. All "curl" CVEs are now missed in the reports. Hence, switch "CVE_PRODUCT" to a space separated list of the items. (From OE-Core rev: 69ff709c2450c42139fd9705e3a74464221ad754) Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cve-check: Allow multiple entries in CVE_PRODUCTGrygorii Tertychnyi2018-10-291-1/+2
| | | | | | | | | | | | | | There are both "curl" and "libcurl" CPEs in NVD. All "curl" CVEs are currently missing in the reports. Hence, switch "CVE_PRODUCT" to a space separated list. It is useful for recipes generating several packages, that have different product names in NVD. (From OE-Core rev: 404f75e026393ddc55da87f6f04fb1201cff4e11) Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: add missing CVE tag to patchesRoss Burton2018-10-292-6/+2
| | | | | | | (From OE-Core rev: 67f9e9045ab91a9df15876ad73e44ff98f11bf59) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemtap: move systemtap-exporter into separate packageVictor Kamensky2018-10-281-1/+10
| | | | | | | | | | | | | | | | | | | | stap-exporter runs a set of systemtap scripts and relays their procfs outputs to remote HTTP clients on demand. systemtap-exporter is not supposed to run in untrusted environment. It starts HTTP server on some port. It does not look safe enough to be included by default along with the rest of systemtap. Move systemtap-exporter, its systemd unit, configuration files and examples scripts into separate package. So if one needs it and understand its implication, he/she can include it explicitely. (From OE-Core rev: 03e01c26a297642dbe4b0e1c7cf2cbe3c225140e) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Upgrade to verson 2.3 which includes glibc 2.28Richard Purdie2018-10-281-5/+5
| | | | | | | | | This allows us to handle distros which contain glibc 2.28 such as Ubuntu 18.10. (From OE-Core rev: 5c7d9abcd611d23d4340f9a0aee2564f72158a0b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* package_manager.py: correct the deploydir when packagefeed-stability inheritedMingli Yu2018-10-281-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After create_packages_dir added in below commit: 85e72e1 package_manager: Filter to only rpms we depend upon When add below line into conf/local.conf INHERIT += "packagefeed-stability" There comes below error when do_rootfs Exception: FileExistsError: [Errno 17] File exists: '/$Prj/tmp/deploy/rpm-prediff/i586/initscripts-1.0-r155.i586.rpm' -> '/$Prj/tmp/work/qemux86-poky-linux/core-image-minimal/1.0-r0/oe-rootfs-repo/rpm-prediff/i586/initscripts-1.0-r155.i586.rpm' def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencies): [snip] bb.utils.remove(subrepo_dir, recurse=True) [snip] In create_packages_dir function, there is a logic as bb.utils.remove(subrepo_dir, recurse=True) to clean subrepo_dir which is actually as example is /$Prj/tmp/work/qemux86-poky-linux/core-image-minimal/1.0-r0/oe-rootfs-repo/rpm. But currently when inherit packagefeed-stability class, the deploydir should be /$Prj/tmp/deploy/rpm-prediff, not the default /$Prj/tmp/deploy/rpm. If use /$Prj/tmp/deploy/rpm, then result in the logic as below: os.link("/$Prj/tmp/deploy/rpm-prediff/i586/initscripts-1.0-r155.i586.rpm", "/$Prj/tmp/work/qemux86-poky-linux/core-image-minimal/1.0-r0/oe-rootfs-repo/rpm-prediff/i586/initscripts-1.0-r155.i586.rpm") Update to the actual deploydir to guarantee the logic as below: os.link("/$Prj/tmp/deploy/rpm-prediff/i586/initscripts-1.0-r155.i586.rpm", "/$Prj/tmp/work/qemux86-poky-linux/core-image-minimal/1.0-r0/oe-rootfs-repo/rpm/i586/initscripts-1.0-r155.i586.rpm") (From OE-Core rev: 3b17052611e640fb3db5d03c06ab87185a12be58) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd: add back alternatives for init utitiliesChen Qi2018-10-281-3/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add back alternatives for init utilities to avoid regression. These alternatives were removed when upgradeing systemd to 239. They were removed out of the logic that init utitilies should be bound to init manager. However, it turned out that two use cases were not covered. 1) initramfs using commands like 'reboot' from busybox. 2) Users use customized busybox defconfig which enables init utilities. The first use case caused a regression bug in yocto. https://bugzilla.yoctoproject.org/show_bug.cgi?id=12914 Patches were sent to fix the reboot problem. But this is not enough. As we may have the second use case. In such situation, users will find themselves having regression error when using 'busybox + systemd' (and busybox is installed after systemd, overriding the systemd symlinks). So in order to avoid regression, add back these alternatives. (From OE-Core rev: 43ef422d80e0544232a9361187ac1c608304c969) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* weston: Split out machine specific configurationMark Hatle2018-10-284-7/+38
| | | | | | | | | | | | | | | Weston needs to be configured to load the fbdev driver when run on a QEMU system. Other MACHINEs may want to also provider their own configuration as well.. Adding a new RRECOMMEND configuration package will allow this, but avoid installing empty packages/files in the majority case where it is not needed. Add maintainer entry as well. (From OE-Core rev: 0f43ea8510ae6148a49eb25accac407b6b301b43) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* systemd-conf: Fix clean supportMark Hatle2018-10-281-0/+2
| | | | | | | (From OE-Core rev: ed335e201c878ab4518675f57ce0d12cdc60e02e) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* testimage.bbclass: define ptest suite variableArmin Kuster2018-10-251-0/+1
| | | | | | | | | | | Ptest has dependencies on other tests so contain them in a variable. This allows layers to not worry about maintaining the depends themselves. (From OE-Core rev: c5c5ad9030ec7ddaa6387e2ba52e9e37b9ea76a2) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel-devsrc: add selinux include files needed by scripts/selinux buildVictor Kamensky via Openembedded-core2018-10-251-0/+3
| | | | | | | | | | | | | | | | | | If CONFIG_SECURITY_SELINUX=y is enabled in kernel configuration, then 'make scripts' command in /usr/src/kernel fails to build utilities under scripts/selinux that would be pulled in by this config: HOSTCC scripts/selinux/genheaders/genheaders scripts/selinux/genheaders/genheaders.c:19:10: fatal error: classmap.h: No such file or directory #include "classmap.h" To address this issue add security/selinux/include files into kernel-devsrc. (From OE-Core rev: 8dce789ae1a2c11521ebe895fd3bd636cff64261) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libaio: extend to nativesdkChen Qi2018-10-251-0/+2
| | | | | | | | | | | | | | | lvm2 currently requires libaio. So building nativesdk-lvm2 will result in the following error. ERROR: Required build target 'nativesdk-lvm2' has no buildable providers. Missing or unbuildable dependency chain was: ['nativesdk-lvm2', 'nativesdk-libaio'] Extend libaio to nativesdk to fix this issue. (From OE-Core rev: 5f56ce58360320d7ef9526b3bdcc7e26a647b6de) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kernel.bbclass: allow custom KERNEL_IMAGEDESTIoan-Adrian Ratiu2018-10-251-1/+1
| | | | | | | | | | | Some distros want to install the kernel in a custom location other than /boot and have it properly packaged, so it's useful to use a weaker assignment. (From OE-Core rev: cadd91655a336eb6d65ca43dc1231bbe5271e1cf) Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>