Ross Burton [Thu, 14 Sep 2017 16:32:24 +0000 (17:32 +0100)]
useradd: don't override pseudo environment
Back in the dark days before recipe-specific-sysroots the paths being passed in
this manual construction of the pseudo environment made sense, but now they're
incorrect and result in pseudo writing to two different databases during a
single build. The result is that pseudo doesn't follow changes to /etc/passwd
in the sysroot, and warns in the logs.
Remove the PSEUDO_LOCALSTATEDIR assignment and inherit the correct assignment in
FAKEROOTENV.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Robert Yang [Thu, 14 Sep 2017 09:13:18 +0000 (02:13 -0700)]
systemd-machine-units: update LIC_FILES_CHKSUM
Fixed:
WARNING: systemd-machine-units-1.0-r19 do_populate_lic: ${COREBASE}/LICENSE is not a valid license file, please use '${COMMON_LICENSE_DIR}/MIT' for a MIT License file in LIC_FILES_CHKSUM. This will become an error in the future
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Mark Hatle [Wed, 13 Sep 2017 22:40:15 +0000 (17:40 -0500)]
bitbake.conf: Add default FILESYSTEM_PERMS_TABLES
If FILESYSTEM_PERMS_TABLES was not defined, the default was selected by the
packages.bbclass. This made it difficult for a recipe or layer to 'append'
to the default.
Copy the default into the bitbake.conf, allowing future _append and += style
actions.
Default was remove from package.bbclass. If a value is not set, only the
built-in perms fixes will be used.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Paul Eggleton [Wed, 6 Sep 2017 09:55:01 +0000 (21:55 +1200)]
devtool: ensure recipes devtool is working on are unlocked within the eSDK
Alongside reworking the way devtool extracts source, we now need to
ensure that within the extensible SDK where task signatures are locked,
the signatures of the tasks for the recipes being worked on get unlocked
at the right time or otherwise we'll now get taskhash mismatches when
running devtool modify on a recipe that was included in the eSDK such as
the kernel (due to a separate bug). The existing mechanism for
auto-unlocking recipes was a little weak and was happening too late, so
I've reimplemented it so that:
(a) it gets triggered immediately when the recipe/append is created
(b) we avoid writing to the unlocked signatures file unnecessarily
(since it's a global configuration file) and
(c) within the eSDK configuration we whitelist SIGGEN_UNLOCKED_RECIPES
to avoid unnecessary reparses every time we perform one of the
devtool operations that does need to change this list.
Fixes [YOCTO #11883] (not the underlying cause, but this manifestation
of the issue).
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Paul Eggleton [Mon, 4 Sep 2017 22:56:18 +0000 (10:56 +1200)]
devtool: rework source extraction so that dependencies are handled
Since it was first implemented, devtool's source extraction (as used by
the devtool modify, extract and upgrade subcommands) ignored other recipe
dependencies - so for example if you ran devtool modify on a recipe that
fetches from svn or is compressed using xz then it would fail if those
dependencies hadn't been built first. Now that we can execute tasks in
the normal way (i.e. tinfoil.build_targets()) then we can rework it to
use that. This is slightly tricky in that the source extraction needs to
insert some logic in between tasks; luckily we can use a helper class
that conditionally adds prefuncs to make that possible.
Some side-effects / aspects of this change worth noting:
* Operations are a little slower because we have to go through the task
dependency graph generation and other startup processing. There's not
really any way to avoid this though.
* devtool extract didn't used to require a workspace, now it does
because it needs to create a temporary bbappend for the recipe. (As
with other commands the workspace be created on the fly if it doesn't
already exist.)
* I want any existing sysroot files and stamps to be left alone during
extraction since we are running the tasks off to the side, and
especially devtool extract should be able to be used without touching
these. However, this was hampered by the automatic removal process in
sstate.bbclass triggered by bb.event.ReachableStamps when the task
signatures change, thus I had to introduce a way to disable this
removal on a per-recipe basis (we still want it to function for any
dependencies that we aren't working on). To implement this I elected
to use a file written to tmp/sstate-control which gets deleted
automatically after reading so that there's less chance of stale files
affecting future sessions. I could have used a variable but this would
have needed to be whitelisted and I'd have to have poked its value in
using the setVariable command.
Fixes [YOCTO #11198].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 14 Sep 2017 13:46:56 +0000 (09:46 -0400)]
linux-yocto/4.9: update to v4.9.49
Integrating the korg -stable updates that comprise the following commits:
f07cb3489cff Linux 4.9.49 8bc67f67b763 drm/bridge: adv7511: Switch to using drm_kms_helper_hotplug_event() 8b5a7e443622 drm/bridge: adv7511: Use work_struct to defer hotplug handing to out of irq context 7791b59153cb scsi: sg: recheck MMAP_IO request length with lock held b06e1abf1ff2 scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE 5b9c6a54c629 cs5536: add support for IDE controller variant ec552ece1f25 workqueue: Fix flag collision 25bdc516b58e drm/nouveau/pci/msi: disable MSI on big-endian platforms by default 078866740e35 s390/mm: avoid empty zero pages for KVM guests to avoid postcopy hangs c193becad9ad MCB: add support for SC31 to mcb-lpc 0e720cd70631 mwifiex: correct channel stat buffer overflows 5c23d3ed1190 dlm: avoid double-free on error path in dlm_device_{register,unregister} 23b7d4f52b69 iwlwifi: pci: add new PCI ID for 7265D 747562619512 Bluetooth: Add support of 13d3:3494 RTL8723BE device b48f7183c64c rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter ed7a384a904f Input: trackpoint - assume 3 buttons when buttons detection fails 90a1e2e19ed7 ath10k: fix memory leak in rx ring buffer allocation d8b992d93555 intel_th: pci: Add Cannon Lake PCH-LP support a22d561178ee intel_th: pci: Add Cannon Lake PCH-H support 5555eb956edc driver core: bus: Fix a potential double free ffb58b875d24 iio: adc: ti-ads1015: add adequate wait time to get correct conversion ff4a98e3bcb3 iio: adc: ti-ads1015: don't return invalid value from buffer setup callbacks 1ed4565b7c7b iio: adc: ti-ads1015: avoid getting stale result after runtime resume c72ad1a4fdf0 iio: adc: ti-ads1015: enable conversion when CONFIG_PM is not set 115af6c3b155 iio: adc: ti-ads1015: fix scale information for ADS1115 177d84e3a72a iio: adc: ti-ads1015: fix incorrect data rate setting update e58b04fb5b0b staging/rts5208: fix incorrect shift to extract upper nybble afcfe0661a74 USB: core: Avoid race of async_completed() w/ usbdev_release() 80cdcd7f5335 USB: musb: fix external abort on suspend 6b3b3a22ef20 usb:xhci:Fix regression when ATI chipsets detected 99a22c84f51d usb: Add device quirk for Logitech HD Pro Webcam C920-C 773b93f4255f USB: serial: option: add support for D-Link DWM-157 C1 2ea91c52ff5f usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard 8a697a50c090 Linux 4.9.48 d325f1f1e245 epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() dd2342ad6665 kvm: arm/arm64: Force reading uncached stage2 PGD 70df301a083c drm/ttm: Fix accounting error when fail to get pages for pool 12a70ccaa686 xfrm: policy: check policy direction value 31decdcd8369 lib/mpi: kunmap after finishing accessing buffer 9e2788ce8f17 wl1251: add a missing spin_lock_init() e2ae90bb85f8 CIFS: remove endian related sparse warning c5e76654a9e5 CIFS: Fix maximum SMB2 header size d4e7dfda905e alpha: uapi: Add support for __SANE_USERSPACE_TYPES__ 309e4dbfaf3d cpuset: Fix incorrect memory_pressure control file mapping da16ed52c36a cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs 715849268b34 ceph: fix readpage from fscache 8cc3acff5f1a mm, madvise: ensure poisoned pages are removed from per-cpu lists 17c564f629f4 mm, uprobes: fix multiple free of ->uprobes_state.xol_area 9e0a64330ce5 crypto: algif_skcipher - only call put_page on referenced and used pages 91a0e1edb80a i2c: ismt: Return EMSGSIZE for block reads with bogus length d22f6da47355 i2c: ismt: Don't duplicate the receive length for block reads 31562136c8d4 irqchip: mips-gic: SYNC after enabling GIC region 458ca52f1564 Linux 4.9.47 529ada21ff9e lz4: fix bogus gcc warning c47c52cde806 scsi: sg: reset 'res_in_use' after unlinking reserved array 4099ac938385 scsi: sg: protect accesses to 'reserved' page array c0c6dff92303 locking/spinlock/debug: Remove spinlock lockup detection code 27e7506c33d0 arm64: fpsimd: Prevent registers leaking across exec 43f776dab360 x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl 509d8b52bbe7 arm64: mm: abort uaccess retries upon fatal signal 3e033635b2b7 kvm: arm/arm64: Fix race in resetting stage2 PGD b8a1532b16fd gcov: support GCC 7.1 47974403c9ca staging: wilc1000: simplify vif[i]->ndev accesses dd758f82a3bf scsi: isci: avoid array subscript warning f71996c3ce5d p54: memset(0) whole array
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 14 Sep 2017 13:46:55 +0000 (09:46 -0400)]
linux-yocto/4.12: update to v4.12.12
Integrating the korg stable update comprising the following commits:
6ff98e8e5d24 Linux 4.12.12 ce4ef9346d9f rtlwifi: Fix fallback firmware loading 21da5e36f41e rtlwifi: Fix memory leak when firmware request fails 3ef5220bdba7 of/device: Prevent buffer overflow in of_device_modalias() aee0b37b710e scsi: sg: recheck MMAP_IO request length with lock held b0f24dc0e57b scsi: sg: protect against races between mmap() and SG_SET_RESERVED_SIZE 1054309aca02 cs5536: add support for IDE controller variant e5298cd80371 ahci: don't use MSI for devices with the silly Intel NVMe remapping scheme f21c4eea8bb4 workqueue: Fix flag collision daf316ac4a6c drm/nouveau: Fix error handling in nv50_disp_atomic_commit 75bc569a0d4b drm/nouveau/pci/msi: disable MSI on big-endian platforms by default e3b9fb20262f s390/mm: fix BUG_ON in crst_table_upgrade 2ce0e0495177 s390/mm: avoid empty zero pages for KVM guests to avoid postcopy hangs d859d5a434f1 MCB: add support for SC31 to mcb-lpc f7fb789880dd mwifiex: correct channel stat buffer overflows 0bfb078274ed dlm: avoid double-free on error path in dlm_device_{register,unregister} 985696916329 iwlwifi: pci: add new PCI ID for 7265D cbe865a2e67d Bluetooth: Add support of 13d3:3494 RTL8723BE device 7d20c5530a56 rtlwifi: rtl_pci_probe: Fix fail path of _rtl_pci_find_adapter a47814b210eb Input: trackpoint - assume 3 buttons when buttons detection fails d49ea1b6f98f ath10k: fix memory leak in rx ring buffer allocation 270f0aadd1d2 intel_th: pci: Add Cannon Lake PCH-LP support d2192374b951 intel_th: pci: Add Cannon Lake PCH-H support 055be595e016 fpga: altera-hps2fpga: fix multiple init of l3_remap_lock ba89dc8dce4e crypto: caam/qi - fix compilation with DEBUG enabled aa57cf57df95 crypto: caam/qi - fix compilation with CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y 693ef09dc616 binder: free memory on error bbe1a3b3d20d HID: wacom: Do not completely map WACOM_HID_WD_TOUCHRINGSTATUS usage af617519a8c2 driver core: bus: Fix a potential double free 6c6c3c6bd954 iio: adc: ti-ads1015: add adequate wait time to get correct conversion 00202ded930e iio: adc: ti-ads1015: don't return invalid value from buffer setup callbacks 303d31eb5adf iio: adc: ti-ads1015: avoid getting stale result after runtime resume 6c164a8ad918 iio: adc: ti-ads1015: enable conversion when CONFIG_PM is not set 6c5595e0815d iio: adc: ti-ads1015: fix scale information for ADS1115 1d7fadc5937f iio: adc: ti-ads1015: fix incorrect data rate setting update 70bfcf9e319e staging/rts5208: fix incorrect shift to extract upper nybble ed68c935f5ae USB: core: Avoid race of async_completed() w/ usbdev_release() ffdb5b9e299a ANDROID: binder: add hwbinder,vndbinder to BINDER_DEVICES. 74ffccfed38f ANDROID: binder: add padding to binder_fd_array_object. 68596cc21060 USB: musb: fix external abort on suspend c927f42c8e38 usb:xhci:Fix regression when ATI chipsets detected 0e8e379786da usb: Add device quirk for Logitech HD Pro Webcam C920-C c8ff3d1a47a2 USB: serial: option: add support for D-Link DWM-157 C1 572bcfc7fbce usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard 13817987369a Linux 4.12.11 9c2144e80db8 epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() 38f5d65ad997 drm/nouveau/i2c/gf119-: add support for address-only transactions bdacc5fcf4f9 nvme: fix the definition of the doorbell buffer config support bit c6d2779d8f0d drm/ttm: Fix accounting error when fail to get pages for pool 6c5b60edd786 xfrm: policy: check policy direction value 6cc6f45db016 lib/mpi: kunmap after finishing accessing buffer a3deff1d3285 mmc: sdhci-xenon: add set_power callback d767ccb7c387 wl1251: add a missing spin_lock_init() 619d31a0d247 drm/vmwgfx: Fix F26 Wayland screen update issue 399081a50c48 dm mpath: do not lock up a CPU with requeuing activity 77ab9e7fb431 CIFS: remove endian related sparse warning 0627f7136685 CIFS: Fix maximum SMB2 header size f3e9dc4504b1 alpha: uapi: Add support for __SANE_USERSPACE_TYPES__ ae53897e22db cpuset: Fix incorrect memory_pressure control file mapping fd20ca80f807 cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs 3d7aeba120fd ceph: fix readpage from fscache b3010084e111 mm, madvise: ensure poisoned pages are removed from per-cpu lists 8c46edd78de9 mm, uprobes: fix multiple free of ->uprobes_state.xol_area 726bd348ead3 crypto: algif_skcipher - only call put_page on referenced and used pages 44c6b4a96625 i2c: ismt: Return EMSGSIZE for block reads with bogus length 7a90bfae6345 i2c: ismt: Don't duplicate the receive length for block reads 6fb972d03751 crypto: chacha20 - fix handling of chunked input 6b31ae8707a7 Input: xpad - fix PowerA init quirk for some gamepad models 2ed56448f555 Input: synaptics - fix device info appearing different on reconnect 55a5a10ce349 irqchip: mips-gic: SYNC after enabling GIC region 691208979811 x86/io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl 34ed350889dd arm64: mm: abort uaccess retries upon fatal signal
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Kelly [Tue, 12 Sep 2017 21:03:20 +0000 (14:03 -0700)]
python*native.bbclass: suppress user site dirs
Currently, $HOME/.local is being added into sys.path for the native
Python, causing subtle host contamination. Suppress this by exporting
PYTHONNOUSERSITE = "1" as documented in PEP 370.
Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 13 Sep 2017 19:11:52 +0000 (20:11 +0100)]
bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an
information disclosure vulnerability which allows remote attackers to obtain
sensitive information from the bluetoothd process memory. This vulnerability
lies in the processing of SDP search attribute requests.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:10 +0000 (14:54 -0300)]
go: update to go 1.9
* Rebased patches
- dropped armhf-elf patch, should no longer be needed
- dropped syslog patch which should not have been imported to begin with
- reworked other patches as needed for the updated code base
* Updated native, cross, cross-canadian .inc files to
remove some testdata directories that contain .a files
that strip chokes on during sysroot staging
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:09 +0000 (14:54 -0300)]
goarch.bbclass: set ARM_INSTRUCTION_SET to "arm"
Go does not play well with thumb, so ensure that the
toolchain and any packages use arm, not thumb, instructions.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:06 +0000 (14:54 -0300)]
go.bbclass: add support linking against shared runtime
For architectures that support it, use the -linkshared
build option to build packages against the shared Go
runtime.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:05 +0000 (14:54 -0300)]
go-runtime: build the Go runtime as a shared library
If the target architecture supports, it build the Go
runtime as a shared library in addition to building
the static libraries.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:04 +0000 (14:54 -0300)]
go-1.8: add patch for set soname in ELF shared objects
The go link tool does not set the soname by default, which
prevents package.bbclass's shlibs processing from seeing
shared libraries built with go.
This patch passes appropriate options to go's linker and
the external linker to set the soname.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:03 +0000 (14:54 -0300)]
goarch.bbclass: identify archs with Go dynamic linking support
Go only supports shared libraries for some architectures, so
add a variable for use elsewhere that gets a non-null value
only for those architectures.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Wed, 13 Sep 2017 17:54:02 +0000 (14:54 -0300)]
go-runtime: extend to nativesdk builds
Missed this when addding SDK support.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mark Hatle [Wed, 13 Sep 2017 15:15:05 +0000 (10:15 -0500)]
meta/conf/layers.conf: Add ca-certificates as ABISAFE
meta-oe was doing this before, but it was triggering a yocto-compat-script
failure during the signature checking.
The ca-certificates changing is ABISAFE, as the certificates themselves do
not modify the compiles behavior of the applications. This should permit
easier upgrades without as much rebuilding.
devtool/standard: set a preferred provider when adding a new recipe with devtool
A recipe added with "devtool add" requires to be able to take precedence on recipes
previously defined with PREFERRED_PROVIDER.
By adding the parameter "--provides" to "devtool add" it is possible to specify
an element to be provided by the recipe. A devtool recipe can override a previous
PREFERRED_PROVIDER using the layer configuration file in the workspace.
E.g.
devtool add my-libgl git@git://my-libgl-repository --provides virtual/libgl
[YOCTO #10415]
Signed-off-by: Juan M Cruz Alcaraz <juan.m.cruz.alcaraz@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Maxin B. John [Mon, 11 Sep 2017 11:37:41 +0000 (14:37 +0300)]
hostap-utils: use w1.fi for SRC_URI
epitest.fi is down and hostap-utils source is now available in
w1.fi. So, move SRC_URI to https://w1.fi
Since hostap-utils is only meant for old Intersil Prism2/2.5/3 wifi cards,
this recipe will be removed from oe-core in future (most likely to
meta-handheld)
[YOCTO #12051]
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
uvesafb: failed to execute /sbin/v86d
uvesafb: probe of uvesafb.0 failed with error -22
uvesafb: vbe_init() failed with -22
uvesafb: Getting VBE info block failed (eax=0x4f00, err=-2)
These were caused because the uvesa module was being loaded during boot,
when it is only meant to be loaded on qemu according to: 6af89812e8a9931ffed63768ed85367519bf7aef
Since genericx86-common.inc includes qemuboot-x86, the module also tries
to be loaded on genericx86 machines, this patch removes the instruction from
qemuboot-x86 and adds it in specific to both qemux86 machines confs so
it is correctly loaded only on those.
Yi Zhao [Wed, 13 Sep 2017 06:01:07 +0000 (14:01 +0800)]
busybox: using ip instead of ifconfig for ifup/ifdown
There is an issue for requesting dynamic IP with ifup/ifdown command
when using dhclient.
Steps to reproduce:
1. Build a full-cmdline image and install dhcp-client as the default DHCP client.
2. Configure a static IP for eth0 in /etc/networking/interfaces and reboot.
$ ifconfig eth0
eth0 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
$ ifdown eth0
3. Modify /etc/networking/interfaces to configure a dynamic IP for eth0
$ ifup eth0
$ ifconfig eth0
eth0 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
You could see the eth0 still has a static IP. But actually it also has a
dynamic IP:
$ ip addr show eth0
eth0:
inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0
inet 128.224.162.173/23 brd 128.224.163.255 scope global eth0
The root cause is the ifdown invokes "ifconfig" to down the eth0 but
doesn't remove its IP. The dhclient would invoke "ip" to configure the
interface. It can not remove an IP from down interface with "ip addr
flush" and "ip addr add" command can set multiple IPs on one interface.
To fix this issue, we should use the "ip" command to implement
ifup/ifdown, rather than using the older "ifconfig". It will flush the
IP before down the interface.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Wed, 13 Sep 2017 07:49:55 +0000 (15:49 +0800)]
binutils: bump SRCREV to latest 2.29 branch
Update to the latest commit on the 2.29 branch to fix CVEs:
CVE-2017-12448, CVE-2017-12449. CVE-2017-12451, CVE-2017-12452,
CVE-2017-12454, CVE-2017-12455, CVE-2017-12456, CVE-2017-12457,
CVE-2017-12458, CVE-2017-12459, CVE-2017-12799, CVE-2017-12967,
CVE-2017-13710
Otavio Salvador [Tue, 12 Sep 2017 20:36:06 +0000 (17:36 -0300)]
kernel: Move Device Tree support to kernel.bbclass
The Device Tree is commonly used but it is still kept as a .inc file
instead of a proper class. Instead now we move the Device Tree code to
a kernel-devicetree class and automatically enable it when the
KERNEL_DEVICETREE variable is set.
To avoid breakage in existing layers, we kept a linux-dtb.inc file
which raises a warning telling the user about the change so in next
release this can be removed.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We need QEMU PID in order to access "/proc/<qemupid>/cmdline"
Having a valid QEMU PID does not mean we can access the proc entry
immediately, we need to wait for the /proc/<qemupid> to appear
before we can access it.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Wed, 13 Sep 2017 20:57:44 +0000 (08:57 +1200)]
oe-selftest: devtool: fix test_devtool_add hanging on some machines
The code in scriptutils which implements the logic for running the
editor used by devtool edit-recipe looks at the VISUAL environment
variable before EDITOR, and thus if VISUAL is set in the environment it
will override the EDITOR value we are setting here, the editor (usually
vim) launches and there's nothing to stop it running forever short of
manually killing it. Set VISUAL instead to fix this.
Apparently VISUAL is in fact the variable we should really be preferring
here - I don't think I knew that but somehow I got it right in the code,
just not in the test. Here are the details for the curious:
Matt Madison [Tue, 12 Sep 2017 12:50:31 +0000 (09:50 -0300)]
go-cross-canadian: add recipe
Enable cross-canadian builds of the Go toolchain. This
requires an additional patch to the Go source to allow us
to use the native GOTOOLDIR during the bootstrap phase.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:30 +0000 (09:50 -0300)]
go.bbclass: enable nativesdk builds for Go packages
Adding the necessary overrides for nativesdk builds.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:29 +0000 (09:50 -0300)]
go-crosssdk: add recipe
Enable crosssdk builds for the Go toolchain.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:28 +0000 (09:50 -0300)]
go: enable nativesdk builds for the toolchain
All that's needed is setting BBCLASSEXTEND.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:27 +0000 (09:50 -0300)]
go-cross: take GOARM environment setting
Instead of hard-coding GOARM to ${TARGET_GOARM} in
the wrapper script, take it from an existing
environment setting if present. This allows the
same cross-compiler to be used for different ARM
targets.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:26 +0000 (09:50 -0300)]
go: rename go.inc -> go-target.inc
to make it clearer that it is only used for building
the toolchain for the target.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:25 +0000 (09:50 -0300)]
go.bbclass: clean up CGO_xxx settings
* use conditional assignment for the CGO_xxx
variables, so they can be overridden more easily
* remove the TOOLCHAIN_OPTIONS and TARGET_CC_ARCH
references, since those are already present in
CC and CXX
* remove the TARGET_ prefix so the values are
appropriate for native, nativesdk, etc. builds
* move the GOROOT export away from the CGO settings
and closer to its definition
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:23 +0000 (09:50 -0300)]
go.bbclass: remove some xxx_FINAL variables
GOROOT_FINAL is used by the Go linker for rewriting
source paths when the build GOROOT is not the same
as the runtime GOROOT, but the other _FINAL variables
aren't really needed.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:22 +0000 (09:50 -0300)]
go.bbclass: remove GO_GCFLAGS nad GO_LDFLAGS
These variables are not used anywhere.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:21 +0000 (09:50 -0300)]
go: split out go-runtime into separate recipe
Reorganize the Go toolchain build to split out
the Go standard runtime libraries into a separate
recipe. This simplifies the extension to crosssdk
and cross-canadian builds.
* Adds a patch to the go build tool to prevent it
from trying to rebuild anything in GOROOT, which
is now resident in the target sysroot.
* 'go' bb and inc files are now for building the
compiler for the target only.
* 'go-cross' bb and inc files are now just for
the cross-compiler.
* Adds virtual/<prefix> PROVIDES for the compiler
and runtime
* Removes testdata directories from the sysroot
during staging, as they are unnecessary and
can cause strip errors (some of the test files
are ELF files).
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:20 +0000 (09:50 -0300)]
go-bootstrap-native: remove recipe
No longer needed, with go-native handling its own
bootstrap phase.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Tue, 12 Sep 2017 12:50:19 +0000 (09:50 -0300)]
go-native: remove dependency on go-bootstrap-native
The go1.4 toolchain is only required for bootstrapping
go-native, and should not be used for anything else,
so build it as part of the go-native build. This way,
we don't have to carry around its built artifacts in
the native sysroot.
The go-cross and target toolchains can then just depend
on go-native, using that for their 'bootstrap' toolchain.
Also removed some unnecessary package-related noexec
settings, since native recipes inherit nopackages.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mark Hatle [Wed, 6 Sep 2017 19:26:54 +0000 (14:26 -0500)]
iproute2: Default to tipc enabled, and include libmnl dependency
iproute2 has the ability to include a tipc tool. When enabled this requires
the libmnl package (formerly supplied by meta-openembedded). So both are
needed at the same time.
The change itself is needed because of the tipc-utils package (in
meta-openembedded) which RDEPENDS on iproute2-tipc. Without this package
the yocto-compat-layer script indicates there is no way for me to have
meta-openembedded pass the checker. This is because meta-openembedded is
not allowed to just enable 'tipc' on it's own. (A layer may not make distro
wide changes without a user saying to do it.) The checker script invokes
bitbake -S none world, which will fail on dependency resolution due to there
being no iproute2-tipc package. The tipc-utils package does not have a way
to check the PACKAGECONFIG of the iproute2 package so disable itself if the
dependency can not be met. So the default system behavior needs to be:
iproute2 w/ tipc enabled
tipc-utils RDEPENDS on iproute2-tipc
Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
selftest/cases/signing: ignore removal errors when cleaning temporary gpg directory
The high-level method tempfile.TemporaryDirectory give us no way to
ignore erros on removal thus use tempfile.mkdtemp instead. Ignoring possible issues
on removal is neccesary because it contains gpg sockets that are automatically removed
by the system once the process terminates, otherwise the following log is observed:
..
..
File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd
os.unlink(name, dir_fd=topfd)
FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.browser'
[YOCTO #11821]
Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Fri, 8 Sep 2017 16:27:38 +0000 (18:27 +0200)]
bitbake.conf: add bzr to HOSTTOOLS_NONFATAL
* it's used by bzr fetcher:
meta/conf/bitbake.conf:FETCHCMD_bzr = "/usr/bin/env bzr"
and when it isn't available in PATH do_fetch tasks fail with:
/usr/bin/env: ‘bzr’: No such file or directory
* it was also added in:
https://patchwork.openembedded.org/patch/140107/
but this change wasn't merged (nor rejected AFAIS)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit e0ed52c514 ('kernel-module-split: rrecommend kernel-image instead
of rdepend') changed kernel modules to rrecommend kernel-image instead
of rdepend on kernel. This broke existing setups, where the kernel is
omitted by setting RDEPEND_kernel-base = "".
Revert the patch, as the existing way of omitting kernel-image in images
works just fine.
Signed-off-by: Martin Hundebøll <mnhu@prevas.dk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexander Monakov (3):
overhaul environment functions
free allocations in clearenv
fix OOB reads in Xbyte_memmem
Bartosz Brachaczek (1):
handle whitespace before %% in scanf
Rich Felker (6):
fix erroneous stop before input limit in mbsnrtowcs and wcsnrtombs
fix erroneous acceptance of f4 9x xx xx code sequences by utf-8 decoder
fix signal masking race in pthread_create with priority attributes
don't treat numeric port strings as servent records in getservby*()
fix glob descent into . and .. with GLOB_PERIOD
work around incorrect EPERM from mmap syscall
Szabolcs Nagy (4):
s390x: add bits/hwcap.h
add a_clz_64 helper function
arm: add HWCAP_ARM_ hwcap macros
make syscall.h consistent with linux
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otavio Salvador [Mon, 11 Sep 2017 17:37:16 +0000 (14:37 -0300)]
initramfs-framework: Allow directories with spaces
When mdev module loads the Linux kernel modules, it can visit
directories with spaces. To allow that, we must quote the variable
otherwise it misunderstand it arguments as multiple entries.
Fixes:
,----
| Freeing unused kernel memory: 3072K (80d00000 - 81000000)
| cat: can't open '/sys/devices/platform/Vivante': No such file or directory
| cat: can't open 'GCCore/modalias': No such file or directory
`----
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* but in some builds the glibc dependency isn't built soon enough:
$ diff -uNr BUILD-*/pkgdata/qemux86/runtime/localedef
--- BUILD-bad/pkgdata/qemux86/runtime/localedef 2017-09-02 21:17:50.000000000 +0000
+++ BUILD-ok/pkgdata/qemux86/runtime/localedef 2017-09-11 10:15:49.954381592 +0000
@@ -6,6 +6,7 @@
LICENSE: GPLv2 & LGPLv2.1
DESCRIPTION_localedef: glibc: compile locale definition files
SUMMARY: Locale data from glibc
+RDEPENDS_localedef: glibc (>= 2.26)
SECTION: base
PKG_localedef: localedef
FILES_localedef: /usr/bin/localedef
and the build fails with QA issues:
http://errors.yoctoproject.org/Errors/Details/155529/
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.0), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.15), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.3), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.2), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.1), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6, but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: QA run found fatal errors. Please consider fixing them.
* reproducible with Yocto 2.2 Morty as well, with slightly different
error message:
ERROR: glibc-locale-2.24-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.4), but no providers found in RDEPENDS_localedef? [file-rdeps]
* with Yocto 2.3 Pyro it's not reproducible by default, because rpmdeps
aren't enabled to populate FILERDEPENDS, but once you add:
ENABLE_RPM_FILEDEPS_FOR_PYRO = "1"
similar QA issue is shown as well:
ERROR: glibc-locale-2.25-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.15), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: glibc-locale-2.25-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6(GLIBC_2.4), but no providers found in RDEPENDS_localedef? [file-rdeps]
ERROR: glibc-locale-2.25-r0 do_package_qa: QA Issue: /usr/bin/localedef contained in package localedef requires libc.so.6, but no providers found in RDEPENDS_localedef? [file-rdeps]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 5 Sep 2017 19:24:20 +0000 (20:24 +0100)]
staging: gracefully abort if two recipes conflict in the sysroot
When building the per-recipe sysroot keep track of what files we're installing
and where they came from, so we can detect when a file is installed by two
different recipes and tell the user what these recipes are (instead of just
showing a os.link() stack trace).
Paul Eggleton [Wed, 30 Aug 2017 23:54:07 +0000 (11:54 +1200)]
devtool: upgrade: check that user has configured git properly
If user.name or user.email haven't been set then git rebase can't really
work properly. Check that the user has set these and error out if not.
(Elsewhere we are relying on OE's git patch functionality which forces
a dummy OE value - that's OK there as it's completely under OE's control
and therefore it's OK for a dummy OE user to be the committer, but here
the rebase may require intervention so it's reasonable to have the
user's actual name and email on the operation.)
Otavio Salvador [Fri, 8 Sep 2017 21:04:43 +0000 (18:04 -0300)]
go-dep: Add 0.3.0 release
This is the Golang dependency management tool under development; it is
ready for production use and intended to be merged onto Golang
1.10. Until that, projects are starting to use it and making it
available on OE-Core reduces the Golang integration work for new
recipes.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Fri, 8 Sep 2017 21:04:42 +0000 (18:04 -0300)]
go.bbclass: add GO_INSTALL_FILTEROUT variable
When using the Go 'vendor' mechanism to bring in
dependencies for a Go package, the default GO_INSTALL
setting, which uses the '...' wildcard, will include
the vendored packages in the build, which produces
incorrect results.
There are also some Go packages that are structured
poorly, so that the '...' wildcard results in building
example or test code that should not be included in
the build, or fail to build.
This patch adds a mechanism for filtering out a
subset of the sources. It defaults to filtering
out everything under the 'vendor' subdirectory
under package's main directory, which is the
normal location for vendored packages, but can
be overridden by a recipe to filter out other
subdirectories, if needed.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Fri, 8 Sep 2017 21:04:41 +0000 (18:04 -0300)]
go.bbclass: add do_unpack function to handle common cases
Go source trees have a particular structure, with all
sources located under ${GOROOT}/src/<import-path>.
The fetcher step implemented by the 'go get' command
automatically follows this structure, so we need
to do the same here.
Since most Go packages are hosted in git repositories,
this adds a custom do_unpack() function that sets
the destsuffix to match the expected directory structure,
for any git SRC_URIs that haven't had a destsuffix
explicitly set in the recipe.
This simplifies recipe writing for the most common
cases.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Fri, 8 Sep 2017 21:04:40 +0000 (18:04 -0300)]
go.bbclass: separate ${S} and ${B}
Add a do_configure task to populate ${B} by symlinking
in the src subdirectory under ${S}, which lets us point
GOPATH at ${B}. This lets us take advantage of the
automatic directory creation and cleaning for do_configure.
This necessitates a change to do_install to split the
installation of the sources and built artifacts. Taking
advantage of some additional tar options, we can eliminate
the extra staging area and extra recursive chown command.
So overall efficiency should be improved.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Matt Madison [Fri, 8 Sep 2017 21:04:38 +0000 (18:04 -0300)]
go.bbclass: exported function cleanup
Since this is a class, it should follow the
class function export mechanism for its task
functions, and should set directory-related
flags for directories they need.
Signed-off-by: Matt Madison <matt@madison.systems> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Will Newton [Fri, 8 Sep 2017 21:04:34 +0000 (18:04 -0300)]
goarch.bbclass: Replace logic for setting GOARM
The previous logic applied a regex to TUNE_FEATURES which could
set the GOARM value to 7 incorrectly, for example when dealing
with an arm1176 core. Simplify to check for the presence of
"armv7" instead. At the same time add a check for "armv6" and
set GOARM to 6 in that case.
Signed-off-by: Will Newton <willn@resin.io> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otavio Salvador [Fri, 8 Sep 2017 21:04:33 +0000 (18:04 -0300)]
go: Remove Go 1.6 and 1.7 releases
The OE-Core has no reason to support multiple versions of Go as this
increases the maintenance work and testing efforts. So we are going to
support just a single version from now on which currently is 1.8.3.
The 1.4 release is kept around as it is used for bootstrap, as such,
it cannot be removed.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Go toolchain changes the installation path when building for the same
architecture as the build host. This was already been considered in
the GO_BUILD_BINDIR variable but was not being used by the go class.
This fixes following error:
,----
| ERROR: go-dep-0.3.0-r0 do_package: QA Issue: go-dep: Files/directories
| were installed but not shipped in any package:
| /usr/lib/x86_64-oel-linux/go/bin/dep
| Please set FILES such that these items are packaged. Alternatively if
| they are unneeded, avoid installing them or delete them within
| do_install.
`----
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/buildhistory-diff: use of argparse instead of optparse
Optparse is deprecated since version 2.7 and won't be developed further.
Argparse should be used instead as it provides better tools for parsing
and handling arguments.
[YOCTO #9635]
Signed-off-by: Daniela Plascencia <daniela.plascencia@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Wenzong Fan [Thu, 7 Sep 2017 09:49:06 +0000 (02:49 -0700)]
subversion: fix CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients
before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3
to run an arbitrary shell command. Such a URL could be generated by a
malicious server, by a malicious user committing to a honest server(to
attack another user of that server's repositories), or by a proxy
server.
The vulnerability affects all clients, including those that use
file://, http://, and plain (untunneled) svn://.
