License checksum change due to copyright year update.
Latest icu will not compile with anything less than C++11, so
drop the enforcement of an earlier C++ version. This should be okay,
as there is now a fix in place for the problem of mixing native gcc 4/5
compiled code:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=c21cec84886d9c70396e9be0ceb9a8ef300b54be
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy [Wed, 26 Jul 2017 00:18:36 +0000 (17:18 -0700)]
mirrors.bbclass: provide git repo fallbacks using the https protocol
Use MIRRORS to provide git repo fallbacks using the https protocol,
for cases where git native protocol fetches may fail due to local
firewall rules, etc.
These rules should cover all git native repos used by recipes within
oe-core, with the exception of mtd-utils, for which there's currently
no upstream alternative to the git native protocol for anonymous
access ( see http://git.infradead.org/mtd-utils.git ).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Wed, 26 Jul 2017 16:22:29 +0000 (19:22 +0300)]
oe-selftest: wic: change mkfs.btrfs options
test_mkfs_extraopts test case fails on ab with error caused
by using -K --mixed options:
output: extent-tree.c:2696: btrfs_reserve_extent: BUG_ON `ret` triggered, value -28
For this test case it's not important to use particular options,
so changing options to anything less influential is OK.
Changed extra options for mkfs.btrfs to '--quiet' to fix the failure.
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
RPM file signing is enabled with --with-imaevm during configuration.
If enabled, the RPM signing tool rpmsign will call libimaevm.so provided
by the recipe ima-evm-utils.
Robert Yang [Thu, 13 Jul 2017 08:09:34 +0000 (01:09 -0700)]
runqemu: validate combos
Error out ealier if the combos is invalid, e.g.:
$ runqemu tmp/deploy/images/qemux86/bzImage-qemux86.bin tmp/deploy/images/qemux86/core-image-minimal-qemux86.wic
This will fail at kernel panic, no we check and error out early. We can
add other checkings in the future.
[YOCTO #11286]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Richard Purdie [Wed, 26 Jul 2017 08:52:43 +0000 (09:52 +0100)]
gnome-themes-standard: Fix packages so dev-pkgs image generation works
A change from Ross removed the dual -dev/-dbg packages but this broke
deb/ipk rootfs constuction due to a dependency on a package which doesn't
exist (for dev-pkgs images). Remove the dependency on that package to
allow images to build.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Rini [Tue, 25 Jul 2017 19:58:09 +0000 (15:58 -0400)]
image: Fix "metadata is not deterministic" when chaining 2+ CONVERSION_CMDs
When we have more than one CONVERSION_CMD being used, for example
ext4.gz.sha256sum we will see errors about "metadata is not
deterministic". This is because we do not have a stable order of
intermediate files that will be removed in the generated shell command.
We fix this by calling sorted() on the set of rm_tmp_images so that we
will have a stable hash again.
Cc: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/buildperf: Add 'bitbake -m' on sync function to ensure bitbake is unloaded
Add 'bitbake -m' to the sync method and ensure all process related to
bitbake are correctly unloaded before doing the different measurements.
Also add a call to sync funtion on Test4 before final measurment of
eSDK deploy dir disk usage.
Signed-off-by: Jose Perez Carranza <jose.perez.carranza@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Rini [Fri, 21 Jul 2017 22:06:34 +0000 (18:06 -0400)]
image_types.bbclass: Make u-boot signed images more versatile
With the introduction of chaining compression/conversion support we can
convert the old image_types_uboot.bbclass code that did a hand-chaining
of a set of ${filesystem}.${compression} into generic and arbitrary
support to sign whatever the user wants to sign for their image.
This, for the record, does remove setting a valid compression type in
the record in favour of just saying none. This is not a generally
useful feature in U-Boot and I believe being versatile in terms of being
able to pass in arbitrary compressions is more important.
Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Rini [Fri, 21 Jul 2017 22:06:33 +0000 (18:06 -0400)]
image.bbclass: Correct chaining compression support
When chaining of compression/conversion types was added, we had a new
way to handle doing things like "ext4.bz2.sha256sum" or
"ext2.gz.u-boot". However, because the U-Boot image class isn't
included normally, it wasn't properly converted at the time. After the
support was added the "clean" argument that the .u-boot code uses no
longer functions. The fix for this inadvertently broke chaining
compression/conversion. First, correct the u-boot conversion code.
Fixes: 46bc438374de ("image.bbclass: do exact match for rootfs type") Cc: Zhenhua Luo <zhenhua.luo@nxp.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Cc: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
package_rpm.bbclass: disable generation of .build-id links
As we're not using them and they're getting in the way of
reproducibility.
[YOCTO #11718]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 24 Jul 2017 20:34:49 +0000 (21:34 +0100)]
libpng: use SourceForge mirror
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com>.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
externalsrc: place copy of git index into /tmp and do not use copyfile2
Using shutil.copy2() to copy .git/index to a temporary file tries to
copy SELinux attributes which might fail for confined users in SELinux
environments.
E.g. our builders are running in docker containers and modification of
sources (inclusive updated of .git/index) is done outside. Trying to
copy .git/index fails with
is created. This can not be solved by adapting the SELinux policy because
this is a very deep constraint violation:
| constrain file { create relabelfrom relabelto } ((u1 == u2 -Fail-) or (t1 == can_change_object_identity -Fail-) ); Constraint DENIED
|
| Possible cause is the source user (system_u) and target user (unconfined_u) are different.
I do not see much sense in using 'shutil.copy2()' here; 'shutil.copyfile()'
seems to be a better choice (target file is created in a secure way by
tempfile.NamedTemporaryFile()).
By placing the tempfile into /tmp we avoid potential problems related to
git's 'core.sharedRepository'. As a (positive) side effect, the source
tree will not be modified anymore (at least by this part of code) which
prevented to mount it read-only from somewhere else.
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ming Liu [Mon, 24 Jul 2017 05:01:25 +0000 (07:01 +0200)]
buildtools-tarball: drop deltask package/packagedata
They are redundant since nopackages are being inherited.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ming Liu [Mon, 24 Jul 2017 04:59:12 +0000 (06:59 +0200)]
uninative-tarball: drop deltask package/packagedata
They are redundant since nopackages are being inherited.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ming Liu [Mon, 24 Jul 2017 04:55:52 +0000 (06:55 +0200)]
package-index: inherit nopackages
Drop deltask do_package* syntax, inheriting nopackages instead.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Tue, 25 Jul 2017 09:12:10 +0000 (11:12 +0200)]
wic-tools: ensure pseudo is available
wic will attempt to use pseudo from the wic-tools sysroot to run, but it
was only sure to be in there if do_install had executed - which is not
the case if it had been restored from sstate, in which case it failed
horribly as seen when running the wic.Wic.test_fs_types and
test_mkfs_extraopts tests on the Yocto Project autobuilder recently. Add
an explicit dependency on pseudo-native to ensure it's always there.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joe Slater [Thu, 20 Jul 2017 23:19:51 +0000 (16:19 -0700)]
linux-yocto: only suggest default kernel type
The distro should set a default kernel type (?=) which could be
overriden by local.conf (=) or extensions (templates). The kernel itself
should only use "??=" to provide a value which allows builds to succeed.
Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Mikko Rapeli [Thu, 20 Jul 2017 13:23:11 +0000 (16:23 +0300)]
cve-check.bbclass: use "+git" as separator in PV instead of "git+"
PV is the recipe major version number. cve-check tries to map that to
NVD database release versions of the component. If the recipe sources
are taken from git, the PV can be automatically modified to include
git details, but the syntax is like 233+gitAUTOINC+a1e2ef7ec9.
In CVE checks we want to remove the git details and just use the major
version information, in this example 233.
Thus use "+git" as the separator and use the first part before the separator
as SW product version number in CVE check.
Fixes version number for e.g. systemd recipe. If systemd PV is
233+gitAUTOINC+a1e2ef7ec9 there will be no matches from CVE database where
latest release mentioned is plain 233. If the filter is set to +git, then
CVE PV is 233 and issues like this are detected by do_cve_check:
Martin Kelly [Tue, 18 Jul 2017 18:46:54 +0000 (11:46 -0700)]
gstreamer1.0-python: add new recipe
Previously, we had a gst-python recipe, but it supported only GStreamer
0.1. After GStreamer switched the Python bindings to use GObject
introspection, we were no longer able to build the bindings, and they
were dropped in this patch:
https://patchwork.openembedded.org/patch/93793/
However, at this point, we have a gobject-introspection class, so we can
use the bindings again, this time with GStreamer 1.0.
Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Which were dangling configure options, which started to be enabled after the
pkg-config fix, so they need now to be explicitely disabled. Follow up patch
will enable these options when DISTRO_FEATURES has x11.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com>
Mikko Rapeli [Thu, 20 Jul 2017 13:23:09 +0000 (16:23 +0300)]
cve-check.bbclass: use weak assignment for default CVE_PRODUCT
This way also bbclasses can override it. For example kernel.bbclass
could set CVE_PRODUCT to linux_kernel for all users of the class
which compile Linux kernels.
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com>
We get linking errors on some hosts like
| ld -static --warn-multiple-gp --warn-common -T linux-i386/convert.lds -o objdir/linux-i386/convert ob
jdir/linux-i386/head.o objdir/linux-i386/convert_params.o
| objdir/linux-i386/convert_params.o: In function `printf':
| convert_params.c:(.text+0x1fd): undefined reference to `__stack_chk_fail_local'
This is because the build system is defaulting to host linker when building
32bit binaries and it may not have same defaults as OE toolchain and issue
gets highlighted.
fix it by using cross linker for 32bit links when building on x86_64
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ed Bartosh [Fri, 21 Jul 2017 11:48:13 +0000 (14:48 +0300)]
patchelf: fix segfault for binaries linked by gold
Due to a bug in calculating adresses of modified program
headers patchelf breaks executables linked by Gold linker
causing them to segfault, e.g.
$ tmp/sysroots-components/x86_64/m4-native/usr/bin/m4 --help
Segmentation fault
This is reproducible only in some cases and only for executables
of ET_DYN type produced by Gold or by ld linked with pie.
This should be solved by fix-adjusting-startPage.patch that
fixes calculation logic.
[YOCTO #11785]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Maxin B. John [Thu, 20 Jul 2017 12:22:35 +0000 (15:22 +0300)]
bluez5: upgrade to 5.46
5.45 -> 5.46
This includes the new testing utility "advtest"
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
base.bbclass: Make .jar file depend on unzip-native
Unzip is required for jar files. Without this patch:
ERROR: junit4-4.3.1-r0 do_unpack: Unpack failure for URL:
'http://downloads.sourceforge.net/junit/junit-4.3.1-src.jar'. Unpack
command
PATH="/var/lib/jenkins/workspace/qt5122-dyspro/build/tmp/sysroots-uninative/x86_64-linux/usr/bin ......."
unzip -q -o '/var/lib/yocto/downloads/junit-4.3.1-src.jar' failed with
return value 127
Suggested-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Otavio Salvador [Mon, 17 Jul 2017 18:40:49 +0000 (15:40 -0300)]
mesa: Upgrade to 17.1.5 release
This is a stable bugfix release. Following upstream bugs were fixed:
Bug 100242 - radeon buffer allocation failure during startup of Factorio
Bug 101657 - strtod.c:32:10: fatal error: xlocale.h: No such file or directory
Bug 101666 - bitfieldExtract is marked as a built-in function on OpenGL ES 3.0, but was added in OpenGL ES 3.1
Bug 101703 - No stencil buffer allocated when requested by GLUT
Also, the following patches were included in this release and as such
deleted:
- etnaviv_fix-shader-miscompilation.patch
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
When the kernel's menuconfig target is called while using the esdk or an
esdk-based container, the pkg-config info that is found is not correct.
The pkg-config info is for the target, but we need the eSDK's information
in order to build the host based menuconfig.
The new pkg-config-esdk script checks both that it's in SDK and being
called from the check-lxdialog script in order to limit the scope of when
the pkg-config automagically switches to pkg-config-native.
The pkg-config-esdk is only installed as pkg-config inside the eSDK, which
is why we use the sstate post install script and check for if we are in the
esdk environment using the WITHIN_EXT_SDK
[YOCTO #11155]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Martin Jansa [Mon, 17 Jul 2017 14:04:50 +0000 (16:04 +0200)]
icecc.bbclass: prevent nativesdk builds depending on target specific KERNEL_CC
* without this we cause nativesdk-linux-libc-headers to depend
on target specific KERNEL_CC (through icecc_get_tool ->
icecc_is_kernel -> KERNEL_CC -> HOST_CC_KERNEL_ARCH ->
TARGET_CC_KERNEL_ARCH -> TUNE_FEATURES(thumb) as shown by
bitbake-diffsigs:
OE qemux86@ ~/build/oe-core $ ls /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata*
/OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemuarm/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.3a9a423878d56524e0ee8e42eba1804f
/OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemux86/x86_64-nativesdk-oesdk-linux/nativesdk-linux-libc-headers/4.10-r0.do_configure.sigdata.401071dbaa88903ece37d35a47965ff2
OE qemux86@ ~/build/oe-core $ bitbake-diffsigs /OE/build/oe-core/tmp-glibc/sstate-diff/1499859497/qemu*/*sdk*/*/*do_configure.sigdata*
basehash changed from 39774238b66763c598153132e87a2c1a to aa2d66e770bf533e312536eb0a401c4c
Variable TARGET_CC_KERNEL_ARCH value changed from '${@bb.utils.contains('TUNE_FEATURES', 'thumb', '-mno-thumb-interwork-marm', '', d)} TUNE_FEATURES{thumb} = Set' to ''
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
David Vincent [Mon, 10 Jul 2017 10:45:33 +0000 (12:45 +0200)]
initscripts: start bootmisc.sh at 36 instead of 55
bootmisc.sh is responsible for setting the system date to a sane
default. Currently, it is the last script to be run from the rcS
runlevel.
Problem is that the files created before appear to have been created
on 1/1/1970. Most notably, /var/log/dmesg created in dmesg.sh cannot be
properly rotated with logrotate which does not consider it a valid date
and stops processing.
There is no blocker on moving this script right before populating
volatiles because it just requires the local and virtual filesystems to
be mounted to work.
Signed-off-by: David Vincent <freesilicon@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Currently, this recipe only supports daily scheduling via a cron job.
This commit adds support for systemd in the recipe, as the feature is
already supported on upstream. When the corresponding distro feature is
enabled the systemd variant will be used. The timer granularity and its
accuracy are also configurable.
Signed-off-by: Romain Perier <romain.perier@collabora.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
devtool: standard: enable options for PREMIRRORS and MIRRORS
Since we have provide an option to manually enable PREMIRRORS and MIRRORS
in recipetool, we need to make sure devtool is having the same options
as devtool uses recipetool in creating new recipes.
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
logger was not defined in scriptutils.py based on the
observation in python traceback.
Traceback (most recent call last):
File "/workdir/poky/scripts/devtool", line 351, in <module>
ret = main()
File "/workdir/poky/scripts/devtool", line 338, in main
ret = args.func(args, config, basepath, workspace)
File "/workdir/poky/scripts/lib/devtool/utilcmds.py", line 55, in
edit_recipe
return scriptutils.run_editor(find_recipe(args, config, basepath,
workspace))
File "/workdir/poky/scripts/lib/scriptutils.py", line 141, in
run_editor
logger.error("Execution of '%s' failed: %s" % (editor, exc))
NameError: name 'logger' is not defined
We pass in logger as parameter to run_editor() from where it has
been called (devtool/utilcmds.py and recipetool/newappend.py),
which both modules already has logger setup.
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
scriptutils: exit politely when no text editor available
devtool edit-recipe now has ugly tracebacks if executed without an
editor available. This happens in the build containers whenever no
text editor is available.
subprocess.check_call will run text editing command with recipe path
provided. It will wait for command to complete. If the return code
was zero then return, otherwise raise CalledProcessError exception.
This enhancement will suppress the traceback by catching the exception
and prompt the error messages in a proper manner shown below:
pokyuser@59c99c507238:/workdir/docker-dbg$ devtool edit-recipe ifupdown
/bin/sh: 1: vi: not found
ERROR: Execution of 'vi' failed: Command 'vi
"/workdir/docker-dbg/workspace/recipes/ifupdown/ifupdown_0.8.16.bb"'
returned non-zero exit status 127
[YOCTO #11434]
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
