Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=zeus 2020-08-12T09:53:51+00:00 2020-08-12T09:53:51+00:00 Tim Orling timothy.t.orling@linux.intel.com 2020-08-08T14:51:50+00:00 urn:sha1:28e4f996b77e1ba21e3774b860ff0b0c8b31fdcc Upstream https://pypi.python.org/pypi/${PYPI_PACKAGE}/ redirects to https://pypi.org/project/${PYPI_PACKAGE}/ (From OE-Core rev: b535360f0bd2fb6a057b678f35da1803a31eeba6) Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit e5f3f961242d888f3f786af8f793bf1d247fdff0) [Yocto # 13990] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-08-12T09:53:51+00:00 Konrad Weihmann kweihmann@outlook.com 2020-08-08T14:51:49+00:00 urn:sha1:2eb0fb2fcf89653906673ae9b7fc008165acd37d Some pypi packages do have suffixes like dev, or a0 or b1. When doing a version check on these, the version will get falsely identified as major release versions. Add a terminating slash to rule out those false positives (From OE-Core rev: 13b145b9551884534f1dd2446eccfc55abc25f38) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> (cherry picked from commit 0603f6d9f2abfa67b99b1bc39228f6aa16a0370d) [Yocto bug #13990] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-08-04T22:17:37+00:00 Ralph Siemsen ralph.siemsen@linaro.org 2020-07-08T21:07:50+00:00 urn:sha1:6d936d8d3d49cca5ac3724efd2aa76ef4403789b In the generated cve.log files, include the epoch in the product version. This better matches how versions are displayed elsewhere, in particular the bb.warn("Found unpatched CVE...") that appears on the terminal when CVEs are found. (From OE-Core rev: 99f6de1c74b581054c74c6b4598a5d47facc9964) (From OE-Core rev: a8b69927485acbe504fcd75dc2cafc4c550cb66a) Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org> (cherry picked from commit e1c3c0b6e5b01304e2127f5058986697e82adf93) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-08-04T22:17:37+00:00 Khem Raj raj.khem@gmail.com 2020-07-08T21:07:48+00:00 urn:sha1:46809da0bb0221ab96bde218a9398d58da38a4c0 Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in metadata, this could fail cve_check ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001 This patch ensures that download is done before running CVE scan, even though these will be external patches and may not contain CVE tags as it expects, but it will fix the run failures as seen above (From OE-Core rev: dbf143d79476e54e8da93101fc16eaedeec88362) (From OE-Core rev: 4b65abc70e84187f666e2ea2ab4dcf6bf7216658) Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-08T09:47:50+00:00 Peter Kjellerstedt pkj@axis.com 2020-03-20T18:04:20+00:00 urn:sha1:ab252296366f7833e47002edea55a9d7ac917c97 Rewrite relocatable_native_pcfiles() so that it can handle that any of the checked pkgconfig directories are empty without causing an exception. (From OE-Core rev: d449e6b536c197b6723dab1d61e989706c14f19c) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f9c5df6dc1c13e9b05ff1b47ad84ad339f6779a4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-08T09:47:50+00:00 Lili Li lili.li@intel.com 2020-06-26T05:45:56+00:00 urn:sha1:f8fcc057d51bd320893b8c3311f1b460b1c297ce Starting from v5.8-rc1 commit 269a535ca931 (modpost: generate vmlinux.symvers and reuse it for the second modpost"), kernel will generate new vmlinux.symvers instead of dumping all the vmlinux symbols into Module.symvers in the first pass. Error log: 'run.do_shared_workdir.16614' failed with exit code 1: DEBUG: cp: cannot stat 'Module.symvers': No such file or directory This change will check the file Module.symvers existence before copying it. (From OE-Core rev: 03248953d1eacede00971289dc9fff8d97d00464) Signed-off-by: Lili Li <lili.li@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cd2d62a08a1dfcd890a03ee55132b6d6c65f5ab7) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-08T09:47:50+00:00 Richard Leitner richard.leitner@skidata.com 2020-06-05T07:08:38+00:00 urn:sha1:42fd2f8e4dcd1327956c3693a0f3c242d9504769 make fitImage configuration signature algorithm selectable with FIT_SIGN_ALG. (From OE-Core rev: e24b27a2b49e97cec6153f2d642d17a901b8ba12) (From OE-Core rev: 12dceaba5a7e3afed2ccb43d0788e5b95c602951) Signed-off-by: Richard Leitner <richard.leitner@skidata.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-04-29T15:11:56+00:00 Lee Chee Yang chee.yang.lee@intel.com 2020-03-31T07:26:03+00:00 urn:sha1:73738879a282e3a39c5753024ed363b27e704416 CPE version could be '-' to mean no version info. Current cve_check treat it as not valid and does not report these CVE but some of these could be a valid vulnerabilities. Since non-valid CVE can be whitelisted, so treat '-' as all version and report all these CVE to capture possible vulnerabilities. Non-valid CVE to be whitelisted separately. [YOCTO #13617] (From OE-Core rev: 1e8e188514584f9f972c0eb733c10a61853ec3d0) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c69ee3594079589d27c10db32bc288566ebde9ef) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-04-17T07:29:02+00:00 Paul Barker pbarker@konsulko.com 2020-03-09T14:21:37+00:00 urn:sha1:74f229160c7f4037107c1dad8f0d02128c080a7e When the externalsrc class is used the tasks listed in SRCTREECOVEREDTASKS are deleted to prevent them being executed. If externalsrc is used for the kernel then this will include virtual/kernel:do_patch. We can depend on do_shared_workdir instead as this will survive when externalsrc is used. (From OE-Core rev: 5ac98c776f9b77804a0ee812f47f3ecf593e432f) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 2c17d35cc7b9c5e01fd5829858d2f0234e7ac8d6) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-04-17T07:29:02+00:00 Paul Barker pbarker@konsulko.com 2020-03-09T14:21:39+00:00 urn:sha1:5b38b8af6afd2765fefb4ca4f3a4b6bcf61a6306 The merging of config fragments is performend in the do_kernel_configme task and so config fragments will not be supported when this task is removed from the dependency tree. kernel-yocto adds additional tasks which may modify the source directory to SRCTREECOVEREDTASKS so that they are removed when using externalsrc. However, do_kernel_configme should be safe to use, the only modification to the source tree is the potential creation of the '.kernel-meta' directory and the '.metadir' file. (From OE-Core rev: b7ae0fa668be008e46982190553d0738a5465efe) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 44f04c039a4d61dd18666e42b9b9865cbc3ada9e) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>