linux/poky.git/meta/classes, branch yocto-2.3.1Mirror of git.yoctoproject.org/pokyhttps://git.enea.com/cgit/linux/poky.git/atom?h=yocto-2.3.12017-07-07T08:19:08+00:00systemd-boot.bbclass: Add configuration data to secondary EFI partition2017-07-07T08:19:08+00:00California Sullivancalifornia.l.sullivan@intel.com2017-06-27T00:52:17+00:00urn:sha1:7c27bf2dd85ee77d643d975add4256e957652a5c
The secondary EFI partition is used when booting in EFI mode, and
without the configuration data we don't get any boot targets.
Partial fix to [YOCTO #11503].
(From OE-Core master rev: 84aa7a00810e135fdad3f77bdb1da7d1f5fb8627)
(From OE-Core rev: 915b01258ef426392bb9052c345f952670db4450)
Signed-off-by: California Sullivan <california.l.sullivan@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
package_ipk: Clean up Source entry in ipk packages2017-06-16T09:21:02+00:00Richard Purdierichard.purdie@linuxfoundation.org2017-06-16T08:42:30+00:00urn:sha1:f01b909a266498853e6b3f10e6b39f2d95148129
There is the potential for sensitive information to leak through the urls
there and removing it brings this into the behavior of the other package
backends since filtering it is likely error prone.
Since ipks don't appear to be generated at all if we don't set this, set
the field to the recipe name used (basename only, no paths). This avoids
information leaking. We may want to drop the field if opkg can allow that
at a future point but the recipe name is a suitable identifier for now.
Reported-by: Andrej Valek <andrej.valek@siemens.com>
(From OE-Core rev: 0b5e0d072f93a958e4211a8aeb2fd8cc3c25cc21)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
image-vm: Avoid use of fold, tac and paste commands for DISK_SIGNATURE2017-06-12T16:02:36+00:00Jonathan Liunet147@gmail.com2017-06-08T11:07:54+00:00urn:sha1:bebb3d36f857c50992d45813e2f6e87e4e7449e2
These commands are not whitelisted by the HOSTTOOLS variable which
silently prevents the MBR disk signature from being written to the
image.
Reported-by: Michael Davis <michael.davis@essvote.com>
(From OE-Core rev: 5527af688f6ccaacd7ec24d29425d0c007d5341c)
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernel: predefine KBUILD_BUILD_USER and KBUILD_BUILD_HOST2017-06-11T22:00:58+00:00Joshua Lockjoshua.g.lock@intel.com2017-05-19T15:53:06+00:00urn:sha1:607bd9ec3981e23ea09fe01290f9a3af8c77de27
By exporting KBUILD_BUILD_USER with a pre-defined value we improve the
reproducibility of the kernel and remove the requirement for whoami in the
HOSTTOOLS.
KBUILD_BUILD_HOST also helps improve the reproducibility of the kernel.
For more kernel reproducibility options see:
https://lwn.net/Articles/437864/
(From OE-Core rev: 357801a491efc067c6d4bd9a2bfa6fff460357aa)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
cve-check.bbclass: make warning contain CVE IDs2017-06-05T22:30:21+00:00Chen QiQi.Chen@windriver.com2017-05-09T09:31:36+00:00urn:sha1:d2586b6fde626faeb65667a64b4d993a017a1d25
When warning users about unpatched CVE, we'd better put CVE IDs into
the warning message, so that it would be more straight forward for the
user to know which CVEs are not patched.
So instead of:
WARNING: gnutls-3.5.9-r0 do_cve_check: Found unpatched CVE, for more information check /path/to/workdir/cve/cve.log.
We should have:
WARNING: gnutls-3.5.9-r0 do_cve_check: Found unpatched CVE (CVE-2017-7869), for more information check /path/to/workdir/cve/cve.log.
(From OE-Core rev: ad46069e7b58f2fba373131716f28407816fa1a6)
(From OE-Core rev: e0e1414a4574d4165a8dc5d0d9d0d5b5a660355f)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
staging: Allow BB_LIMITEDDEPS to avoid BB_TASKDEPDATA2017-05-18T12:17:44+00:00Richard Purdierichard.purdie@linuxfoundation.org2017-05-08T10:56:22+00:00urn:sha1:abae42362ad327df4caf86743d02f632931f1f1d
In the limited dependency case we don't use any of the data from
BB_TASKDEPDATA. Restructure the code so this variable doesn't have
to be set. This allows the function to be called from other contexts
without creating artificial constructs. There should be no functional
change, behaviour remains unchanged.
(From OE-Core rev: 71e5243e3ebadb90b45fe418dac3eaa2c1b896bd)
(From OE-Core rev: e962e257f4c124869953d1fbb3da7dbf564f818a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sstate: Ensure native/cross recipes have relocation of HOSTTOOLS_DIR2017-05-18T12:17:44+00:00Richard Purdierichard.purdie@linuxfoundation.org2017-05-04T10:59:14+00:00urn:sha1:78747cc91249126d932a0fa210fbd11d2c1d2a1b
The previous change to relocate HOSTTOOLS wasn't complete as some files,
particularly in gcc stashed build directories were not being correctly
relocated. This patch addresses the issue.
(From OE-Core rev: 21dd36cc12a033b012544c5d15a6f8afd84dabc9)
(From OE-Core rev: 64c2f8acd02e0e5dca234b36a2a7097c0c16f7c2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GNU_MIRROR: switch from ftp to https2017-05-11T15:56:00+00:00Maxin B. Johnmaxin.john@intel.com2017-05-09T16:19:22+00:00urn:sha1:0fcbb4d0ec26ef24db78190dcdc5568af3beaa14
Based on the same reason behind DEBIAN's switch from ftp:
https://www.debian.org/News/2017/20170425
(From OE-Core rev: ba119d836c0f4b20a39c92fa2e64abb0d5a55ad4)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
DEBIAN_MIRROR: switch from ftp to http2017-05-11T15:56:00+00:00Maxin B. Johnmaxin.john@intel.com2017-05-09T16:19:21+00:00urn:sha1:97e194e555d078c2bacd62c383636e011bef6c32
All public-facing debian.org FTP services will be shut down on November 1, 2017
The mirrors should just be accessed using HTTP instead.
https://www.debian.org/News/2017/20170425
Fixes [YOCTO #11413]
(From OE-Core rev: c2cdc4d9155d7a3b9cba60fa9cbb448cf64c62bd)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
useradd: remove preinst script referring to recipe sysroot2017-05-11T15:56:00+00:00Maxin B. Johnmaxin.john@intel.com2017-05-09T16:19:20+00:00urn:sha1:eb30ca2b316076e83e1a709015863670946d5bee
Remove recipe-specific-sysroot details from the preinst scripts
generated by useradd.bbclass.
This was added to match the default from bitbake.conf. Unlike the default
case, the dependencies used by useradd mean that a default passwd/group
file is always present. This means we don't need the native sysroot fallback.
Fixes [YOCTO #11460]
(From OE-Core rev: dfc9323c1cd7814989766be5bd1861fbaa739d2d)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>