Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=thud 2020-09-16T12:35:10+00:00 2020-09-16T12:35:10+00:00 Khem Raj raj.khem@gmail.com 2019-12-22T04:05:48+00:00 urn:sha1:e52122a3e6912575ff401a4af6ac1bf3070092bc (From OE-Core rev: 2cca75155baec8358939e2aae822e256bed4cfe0) (From OE-Core rev: 1351f9be973cfbd043f9b10d218e3cecaa0ab372) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-09-16T12:35:10+00:00 Jaewon Lee jaewon.lee@xilinx.com 2019-04-25T23:02:21+00:00 urn:sha1:e7e1b9a43dee9eb289e936513b2ee68963ae1628 Adding back the python wrapper and adding a patch to use OEPYTHON3HOME instead of PYTHONHOME if set, for python3. If we add back the wrapper as is, we would see the following error that we also see in Thud: ImportError: No module named site OpenEmbedded requires 'python' to be python v2 (>= 2.7.3), not python v3. Please upgrade your python v2 This is because python3 would've set PYTHONHOME to use nativesdk python3 libraries but when the oe-buildenv-internal script tries to call python2 for the py_v27_check, there will be no python2 libraries in the PYTHONHOME directory. In other words, bitbake needs host python2 and the env variable set from the wrapper contaminates the env and host python2 won't be able to find its libraries Creating another variable OEPYTHON3HOME and using this in the python3 wrapper to allow for a way to set a different paths for python3 and python2 [YOCTO #13208] (From OE-Core rev: 75d2a85e24ef9a2bf0e218521944523f0ff281e0) (From OE-Core rev: b29e87376fdd49ce07749b87c3000033fa96e43f) Signed-off-by: Jaewon Lee <jaewon.lee@xilinx.com> Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-09-16T12:35:09+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2019-11-28T12:08:55+00:00 urn:sha1:000ae7db615c6834c06c89bfffb158cc51d04107 traceback2 adds traceback for python2. Rather than depend on traceback2, we're python3 only so just use traceback. This caused breakage in oe-selftest -j which uses testtools on the autobuilder using buildtools-tarball. [YOCTO #13652] (From OE-Core rev: ee80a06c107375e3cf0d246ea17c09dda4536dab) (From OE-Core rev: ee82e3c24fe5727ce81e972cadedca431d6086c5) (From OE-Core rev: be4470c9590183b388d9ff176331d0c50984dec8) (From OE-Core rev: e15ff4775aef99a13acb98501454d1b99c923969) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-09-16T12:35:09+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2020-01-17T17:20:48+00:00 urn:sha1:47ba4c7decfb1afd7e2118354f7a898b85d73e1c In the SDK we need the plain symlinks and don't use alternative providers. When these are missing the toolchain can work incorrectly so fix this. (From OE-Core rev: 0c06cfaa016d06cc56d80dc1c244a938f3d38a3c) (From OE-Core rev: 0d299c5dc04407d2d54574157f4014f50f2d0468) (From OE-Core rev: aa37b5fe0620122e47f36165f5c7a07d3328dba3) (From OE-Core rev: 6540c5bb9241d5729a0e56f5cf24e1d1d1d4a4cc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-09-16T12:35:09+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2020-01-17T17:21:39+00:00 urn:sha1:c08f2dc6355cb230a915e8b363a854bd6537f671 We need binutils to look at our ld.so.conf file within the SDK to ensure we search the SDK's libdirs as well as those from the host system. There add a patch which passes in the directory to the code using a define, then add it to a section we relocate in a similar way to the way we relocate the gcc internal paths. This ensures that ld works correctly in our buildtools tarball. Standard sysroot relocation doesn't work since we're not in a sysroot, we want to use both the host system and SDK libs. (From OE-Core rev: f6c1089642934ad93056ef19a0888965486ee030) (From OE-Core rev: 09a2b16ac2bd1e3e415131e46315c851373aa7e0) (From OE-Core rev: d0b7811b0e8654cf83d1b0f8256c7941fc3d9c41) (From OE-Core rev: 669b73c9f469642085c6ad11b55a9065c889ddbd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-12-16T23:11:10+00:00 Ross Burton ross.burton@intel.com 2019-12-08T18:35:47+00:00 urn:sha1:593fe7e35267f665dbb37cc0abcc82be55ac67f8 As detailed at [1] the XML feeds provided by NIST are being discontinued on October 9th 2019. As cve-check-tool uses these feeds, cve-check.bbclass will be inoperable after this date. To ensure that cve-check continues working, backport the following commits from master to move away from the unmaintained cve-check-tool to our own Python code that fetches the JSON: 546d14135c5 cve-update-db: New recipe to update CVE database bc144b028f6 cve-check: Remove dependency to cve-check-tool-native 7f62a20b32a cve-check: Manage CVE_PRODUCT with more than one name 3bf63bc6084 cve-check: Consider CVE that affects versions with less than operator c0eabd30d7b cve-update-db: Use std library instead of urllib3 27eb839ee65 cve-check: be idiomatic 09be21f4d17 cve-update-db: Manage proxy if needed. 975793e3825 cve-update-db: do_populate_cve_db depends on do_fetch 0325dd72714 cve-update-db: Catch request.urlopen errors. 4078da92b49 cve-check: Depends on cve-update-db-native f7676e9a38d cve-update-db: Use NVD CPE data to populate PRODUCTS table bc0195be1b1 cve-check: Update unpatched CVE matching c807c2a6409 cve-update-db-native: Skip recipe when cve-check class is not loaded. 07bb8b25e17 cve-check: remove redundant readline CVE whitelisting 5388ed6d137 cve-check-tool: remove 270ac00cb43 cve-check.bbclass: initialize to_append e6bf9000987 cve-check: allow comparison of Vendor as well as Product 91770338f76 cve-update-db-native: use SQL placeholders instead of format strings 7069302a4cc cve-check: Replace CVE_CHECK_CVE_WHITELIST by CVE_CHECK_WHITELIST 78de2cb39d7 cve-update-db-native: Remove hash column from database. 4b301030cf9 cve-update-db-native: use os.path.join instead of + f0d822fad2a cve-update-db: actually inherit native b309840b6aa cve-update-db-native: use executemany() to optimise CPE insertion bb4e53af33d cve-update-db-native: improve metadata parsing 94227459792 cve-update-db-native: clean up JSON fetching 95438d52b73 cve-update-db-native: fix https proxy issues 1f9a963b9ff glibc: exclude child recipes from CVE scanning [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement (From OE-Core rev: 8c87e78547c598cada1bce92e7b25d85b994e2eb) (From OE-Core rev: beeed02f9831e75c3f773e44d7efc726f1ff859c) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-10-10T15:52:30+00:00 Armin Kuster akuster808@gmail.com 2019-10-06T04:30:56+00:00 urn:sha1:f3a4b208500790f2163dab3fefc8f18b57d37621 This fixes the following error: TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:254:16: error: static declaration of ‘gettid’ follows non-static declaration 254 | _syscall0(int, gettid) | ^~~~~~ TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:185:13: note: in definition of macro ‘_syscall0’ 185 | static type name (void) \ | ^~~~ In file included from /usr/include/unistd.h:1170, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/include/qemu/osdep.h:90, from TOPDIR/tmp/work/x86_64-linux/qemu-native/3.1.0-r0/qemu-3.1.0/linux-user/syscall.c:20: /usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here 34 | extern __pid_t gettid (void) __THROW; | ^~~~~~ (From OE-Core rev: 5b5ca76cc5dd424248c7e687e562597a2c85df57) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-10-10T15:52:30+00:00 Dan Tran dantran@microsoft.com 2019-09-30T23:11:08+00:00 urn:sha1:bda26ff31cb7f2f097f837ecc29bb5a056d569eb (From OE-Core rev: cffd085ef77d055e5e837887b0eaf820aa982f00) Signed-off-by: Dan Tran <dantran@microsoft.com> [Perl before 5.26.3 and 5.28.x before 5.28.1] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-10-10T15:52:30+00:00 Adrian Bunk bunk@stusta.de 2019-09-29T20:46:25+00:00 urn:sha1:cc0605bad6c2bde06136f3af5eeb145a9636c5d2 In recent years AMD CPUs have had various problems with RDRAND giving either non-random data or no result at all, which is problematic if either build or target machine has a CPU with this problem. The fallback is /dev/urandom, and I'd trust the kernel here. --enable-rdrand was added in an upgrade to a new upstream version without mentioning any reason. [YOCTO #13534] (From OE-Core rev: fad633eb5c464d4e2a984b9259625bcd150ee357) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-10-10T15:52:30+00:00 Shubham Agrawal shuagr@microsoft.com 2019-09-23T21:26:16+00:00 urn:sha1:2d699f84a3002a9c159dab571f14fba79aea5c59 CVE: CVE-2019-7664.patch CVE: CVE-2019-7665.patch Sign off: Shubham Agrawal <shuagr@microsoft.com> (From OE-Core rev: 8ca80002aa21897834b8c9869137461221e50225) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>