Stefan Agner [Sat, 18 Nov 2017 08:53:57 +0000 (09:53 +0100)]
openssl: fix runtime errors with Thumb2 when using binutils 2.29
When compiling OpenSSL with binutils 2.29 for ARM with Thumb2 enabled
crashes and unexpected behavior occurs. E.g. connecting to a OpenSSH
server using the affected binary fails with:
ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect signature
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Acked-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Stefan Agner [Sat, 18 Nov 2017 08:53:56 +0000 (09:53 +0100)]
openssl: Upgrade 1.1.0f -> 1.1.0g
Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Acked-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Stefan Agner [Sat, 18 Nov 2017 08:53:55 +0000 (09:53 +0100)]
openssl10: fix runtime errors with Thumb2 when using binutils 2.29
When compiling OpenSSL with binutils 2.29 for ARM with Thumb2 enabled
crashes and unexpected behavior occurs. E.g. connecting to a OpenSSH
server using the affected binary fails with:
ssh_dispatch_run_fatal: Connection to 192.168.10.171 port 22: incorrect signature
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Acked-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Stefan Agner [Sat, 18 Nov 2017 08:53:54 +0000 (09:53 +0100)]
openssl10: Upgrade 1.0.2l -> 1.0.2m
Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Acked-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Amanda Brindle [Tue, 21 Nov 2017 00:40:25 +0000 (16:40 -0800)]
scripts/contrib/bbvars.py: Remove dead code
Removed the -m option since this script now searches through all
recipes in the configuration. Also removed dead code, which includes
the functions recipe_bbvars() and collect_bbvars().
Signed-off-by: Amanda Brindle <amanda.r.brindle@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Tom Hochstein [Sat, 18 Nov 2017 15:02:20 +0000 (09:02 -0600)]
libepoxy: Fix build break for EGL_CAST dependency
This is a backport [1] to fix the following build error:
| In file included from /home/r60874/upstream/xwayland/tmp/work/armv7at2hf-neon-mx6qdl-fslc-linux-gnueabi/gtk+3/3.22.17-r0/recipe-sysroot/usr/include/epoxy/egl.h:46:0,
| from ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.h:32,
| from ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c:24:
| ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c: In function 'gdk_wayland_gl_context_realize':
| ../../../gtk+-3.22.17/gdk/wayland/gdkglcontext-wayland.c:179:43: error: expected expression before 'EGLContext'
| : EGL_NO_CONTEXT,
| ^
Markus Lehtonen [Mon, 20 Nov 2017 12:15:32 +0000 (14:15 +0200)]
python3: remove two setup.py cross-compile hacks
Remove two unneeded hacks. The first hack ("setup.py: no host headers
libs" patch) is not needed because we use cross-compiler (e.g.
i586-oe-linux-gcc) which has not been configured with any host system
include or library directories, and thus, we don't get any host system
directories when running "gcc -E -v".
The second hack becomes useless after the first hack has been removed
and we get the standard include and lib directories normally from gcc.
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Hongxu Jia [Fri, 17 Nov 2017 06:08:03 +0000 (01:08 -0500)]
systemd: fix formatting IDE storage does not trigger "change" uevents
Formatting IDE storage does not trigger "change" uevents. As a result
clients using udev API don't get any updates afterwards and get outdated
information about the device.
...
root@qemux86-64:~# mkfs.ext4 -F /dev/hda1
Creating filesystem with 262144 4k blocks and 65536 inodes
Filesystem UUID: 98791eb2-2bf3-47ad-b4d8-4cf7e914eee2
root@qemux86-64:~# ls /dev/disk/by-uuid/98791eb2-2bf3-47ad-b4d8-4cf7e914eee2
ls: cannot access '/dev/disk/by-uuid/98791eb2-2bf3-47ad-b4d8-4cf7e914eee2': No such file or directory
...
Include hd* in a match for watch option assignment.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Yi Zhao [Fri, 17 Nov 2017 02:17:13 +0000 (10:17 +0800)]
ppp: include netinet/in.h before linux/in.h in pppoe.h
The patch ppp-fix-building-with-linux-4.8.patch tries to fix build error
with 4.8 or newer linux headers, but it would break building with kernel
< 4.8. There is a better solution to fix this issue in upstream.
Backport the upstream patch and replace the old one.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
LGPL version has been updated from 2.0 to 2.1, adjust the checksums accordingly.
Rebase various patches.
A few tools have been rewritten from perl (or C) to python, so
add a patch that avoids hardcoding the python path in the shebang,
and remove previous patching with sed.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
distrodata.bbclass: make upstream version check more useful for git upstreams
Specifically:
1) remove +git${SRCPV} stuff from comparison and output; it's just
unnecessary clutter;
2) write the commit id of the latest version tag into the output;
this saves quite a bit of trouble of manually checking what that
commit id is when doing version updates;
3) when UPSTREAM_CHECK_COMMITS is set, ignore the tags altogether;
instead check if the latest commit is different to the one we use,
and if so, report that the recipe can be updated to said commit
(which is also written into the output, as in 2). Multiple
recipes are failing the upstream check because they never
issue tags, now we can fix them.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Juro Bystricky [Thu, 16 Nov 2017 19:48:50 +0000 (11:48 -0800)]
sudo: improve reproducibility
Delete various build host references from the internally
generated file sudo_usage.h. The references get compiled into
executables, which leads to non-reproducible builds.
The removed references (configure options) were only used as part
of the sudo "usage", and even then only when ran as root.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Jackie Huang [Thu, 16 Nov 2017 07:41:36 +0000 (15:41 +0800)]
libnsl2: fix installed-vs-shipped QA issue
Fix the installed-vs-shipped QA issue:
| WARNING: libnsl2-1.0.5+gitAUTOINC+dfa2f31352-r0 do_package: QA Issue:
libnsl2: Files/directories were installed but not shipped in any package:
/usr/lib64/nsl/libnsl.a
Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Patrick Vacek [Wed, 15 Nov 2017 12:40:41 +0000 (13:40 +0100)]
ca-certificates: Add /etc to SYSROOT_DIRS
For recipes that depend on native ca-certificates.crt, /etc should be
added to the list of directories that automatically populate the
sysroot, otherwise the file may not be there.
Signed-off-by: Patrick Vacek <patrick@advancedtelematic.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
The non-EFI counterpart for installation was previously missing for
initramfs-framework. This simply puts the normal install script in the
correct location for initramfs-framework to make use of it.
Partial fix for [YOCTO #12346].
Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Andre McCurdy [Tue, 14 Nov 2017 19:39:23 +0000 (11:39 -0800)]
systemd: use consistent indenting and coding style in do_install()
Make the polkit fixup etc at the end of do_install() more consistent
with the rest of the function. Also indent do_install_ptest() with
tabs instead of spaces to make do_install_ptest() consistent with
do_install().
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Saul Wold [Tue, 21 Nov 2017 15:26:44 +0000 (07:26 -0800)]
image_types: Add debugging code to ext4 fs creation
We have seen a small number of issues with ROOTFS_SIZE not getting
computed correctly, resulting in a failure in the mke2fs processing
and populating the resulting new filesystem.
This information should help us to reproduce [YOCTO #12304]
Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 21 Nov 2017 11:39:12 +0000 (11:39 +0000)]
qemuboot: Improve relative path handling
qemuconf files are currently written relative to TOPDIR. What
makes more sense is to write paths relative to the location of the
file. This makes moving them around and decoding the end paths in
runqemu much easier.
The effect of this should allow less use of bitbake to determine
variables and allow us to simplify runqemu.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 21 Nov 2017 11:32:55 +0000 (11:32 +0000)]
qemu: Add patch to avoid qemuppc boot hangs
qemuppc boots are occasionally hanging on the autobuilder. This adds a
patch which fixes the issue in local testing. Its being discussed with
upstream qemu.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Mon, 13 Nov 2017 17:58:49 +0000 (01:58 +0800)]
libsdl2: 2.0.5 -> 2.0.7
* Drop linkage.patch, this version already links .lo object.
* Remove backported patch fix-build-failure-on-ppc.patch
* Update LIC_FILES_CHKSUM since the year is changed.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Chen Qi [Mon, 13 Nov 2017 05:26:22 +0000 (13:26 +0800)]
autoconf-archive: inherit allarch and fix package splitting
autoconf-archive is a set of common m4 macros, it should be allarch,
just like it is on other distros.
Also fix package splitting. With current package splitting,
autoconf-archive itself contains almost nothing, the m4 macros are
contained in its dev package. However, autoconf-archive should
contain those m4 marcos itself.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Paul Eggleton [Sun, 12 Nov 2017 22:00:25 +0000 (11:00 +1300)]
recipetool: create: fix failure handling included dicts
If a setup dict in a python setup.py file pulled in the contents of
another dict (e.g. **otherdict), then we got an error when mapping
the keys because the key is None in that case. Skip those keys to avoid
the error (we pick up the values directly in any case).
Nathan Rossi [Fri, 10 Nov 2017 17:04:17 +0000 (03:04 +1000)]
site/microblaze-linux: Add MicroBlaze linux site info
Add linux site info for the MicroBlaze architecture. This is based on
the site info from meta-xilinx and additional options based on config
options that other *-linux architecture site info files define.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ovidiu Panait [Fri, 10 Nov 2017 15:46:10 +0000 (17:46 +0200)]
icu: CVE-2017-14952
Double free in i18n/zonemeta.cpp in International Components for Unicode
(ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary
code via a crafted string, aka a "redundant UVector entry clean up
function call" issue.
Richard Purdie [Mon, 13 Nov 2017 17:33:26 +0000 (17:33 +0000)]
qemu.inc: Drop rng-tools
This was included to allow hwrng to feed data to /dev/random. Since the
kernel does this itself (confirmed by the recent kernel Kconfig text change
, code inspection and local testing), we can drop rng-tools from these
images.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
zhengrq [Wed, 8 Nov 2017 09:56:02 +0000 (17:56 +0800)]
kexec-tools: 2.0.14 -> 2.0.15
1) Upgrade kexec-tools from 2.0.14 to 2.0.15.
2) Remove patches that are included in 2.0.15.
kexec-tools/0001-arm64-Disable-PIC.patch
kexec-tools/0001-kexec-exntend-the-semantics-of-kexec_iomem_for_each_.patch
kexec-tools/0001-vmcore-dmesg-Define-_GNU_SOURCE.patch
kexec-tools/0001-x86-x86_64-Fix-format-warning-with-die.patch
kexec-tools/0002-kexec-generalize-and-rename-get_kernel_stext_sym.patch
kexec-tools/0002-ppc-Fix-format-warning-with-die.patch
kexec-tools/0003-arm64-identify-PHYS_OFFSET-correctly.patch
kexec-tools/0004-arm64-kdump-identify-memory-regions.patch
kexec-tools/0005-arm64-kdump-add-elf-core-header-segment.patch
kexec-tools/0006-arm64-kdump-set-up-kernel-image-segment.patch
kexec-tools/0007-arm64-kdump-set-up-other-segments.patch
kexec-tools/0008-arm64-kdump-add-DT-properties-to-crash-dump-kernel-s.patch
kexec-tools/0009-arm64-kdump-Add-support-for-binary-image-files.patch
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
