Andre McCurdy [Sat, 24 Mar 2018 04:55:13 +0000 (21:55 -0700)]
sanity.bbclass: quote path passed to stat in get_filesystem_id()
Although get_filesystem_id() is a private API and never gets passed
a path containing spaces or other special characters, etc, quote the
path anyway for consistency.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Tim Orling [Fri, 23 Mar 2018 08:17:23 +0000 (01:17 -0700)]
libxml-namespacesupport: use stable v1.12 release; inherit ptest-perl
* Fix RDEPENDS
* Upstream v1.12_9 is a development version, not a stable release
* Add UPSTREAM_CHECK_REGEX skip development releases
* Drop anonymous python function to "fix" version, which breaks
auto-upgrade-helper (AUH)
* Use LICENSE file for checksum rather than ephemeral META.yml
* License remains the same
Fixes: [YOCTO #12581]
License-Update: use LICENSE file for checksum
Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Andreas Kaufmann [Thu, 22 Mar 2018 16:06:08 +0000 (17:06 +0100)]
pseudo: explicitly enable xattr support
Pseudo is using a custom configure script that detects if it shall build with
extended file attribute support or not. The check is done by simply calling
'getfattr' provided by attr-native which is not part of the dependency list.
Due to the recent changes (recipe specific sysroot & cleanup of $PATH) this
call fails now when the recipe is being build for the first time (at least
when being build for nativesdk case). Explicitly setting up a dependency to
attr-native just to satisfy configure would be wrong also since the real
dependency is to attr/nativesdk-attr which are already part of the dependency
list (see DEPENDS). Therefore bypass the test in the configure by explicitly
enabling xattr using a configure option available in any case.
Signed-off-by: Andreas Kaufmann <andreas.kaufmann.79@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Trevor Woerner [Fri, 23 Mar 2018 00:07:07 +0000 (20:07 -0400)]
virtual/libgbm: create
The 'glamor' PACKAGECONFIG in xserver-xorg creates a dependency on libgbm
which can be satisfied in some cases by mesa, in others by blobs such as mali.
Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Trevor Woerner [Fri, 23 Mar 2018 00:07:06 +0000 (20:07 -0400)]
mesa.inc: make PROVIDES conditional on PACKAGECONFIG
Mesa only PROVIDES these features if they are enabled via PACKAGECONFIG.
Therefore make the PROVIDES conditional depending on whether or not these
features have been enabled.
Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Otavio Salvador [Wed, 21 Mar 2018 18:49:05 +0000 (15:49 -0300)]
mesa: Upgrade 17.3.6 -> 17.3.7
This version has been published at March 21, 2018, and it is a bugfix
only release. It includes several important fixes that were made as
part of 18.0.0 development cycle.
Full list of bug fixes can be see online at:
https://www.mesa3d.org/relnotes/17.3.7.html
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Armin Kuster [Fri, 23 Mar 2018 05:04:46 +0000 (22:04 -0700)]
distcc: Change SRC_URI
ERROR: distcc-3.2-r0 do_fetch: Fetcher failure: Unable to find revision d8b18df3e9dcbe4f092bed565835d3975e99432c in branch 3.2 even from upstream
ERROR: distcc-3.2-r0 do_fetch: Fetcher failure for URL: 'git://github.com/distcc/distcc.git;branch=3.2'. Unable to fetch URL from any source.
ERROR: distcc-3.2-r0 do_fetch: Function failed: base_do_fetch
[v2]
upstream deleted the branch and the hash no longer exists.
Took the git snapshot from yocto and created a copy on my github.
There was no offical 3.2 release, only rc versions.
Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Juro Bystricky [Tue, 20 Mar 2018 22:34:19 +0000 (15:34 -0700)]
reproducible_build.bbclass: support for binary reproducibility
Setup environment for builds requiring binary reproducibility.
Determine and export SOURCE_DATE_EPOCH per each recipe.
This is a crucial step to achieve binary reproducibility.
The value for this variable (timestamp) is obtained after source code for
a recipe has been unpacked, but before it is patched. If the code sources
come from a GIT repo, we get the timestamp from the top commit. (GIT repo
does not preserve file mktime timestamps). Otherwise, if GIT repo is not
present, we try to get mtime from known files such as NEWS, ChangeLog, etc.
If this also fails, we go through all files and get the timestamp from the
youngest one. We create an individual timestamp for each recipe.
The timestamp is stored in the file '__source_date_epoch.txt' (in the folder
source-date-epoch_). Later on, each task reads this file and sets
the exported value of SOURCE_DATE_EPOCH to the value found in the file.
Uasge:
INHERIT += "reproducible_build"
[YOCTO#11178]
[YOCTO#11179]
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
systemd: link udev statically with systemd internal libraries
This was the default behavior with autotools, but is not with meson.
Otherwise, udev package will pull in the rest of systemd even
that is not desired.
[YOCTO #12618]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Chen Qi [Thu, 22 Mar 2018 07:34:18 +0000 (15:34 +0800)]
systemd: change PACKAGECONFIG 'resolve' back to 'resolved'
When systemd was upgraded from 234 to 237, the PACKAGECONFIG item
'resolved' is changed to 'resolve', this is because meson_options.txt
uses the word 'resolve' instead of 'resolved'.
However, this causes trouble for users. Backward compatibility is obviously
more important, because we might have bbappend files in other layers
using this PACKAGECONFIG item.
So change the name back to 'resolved'.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Wed, 21 Mar 2018 14:47:29 +0000 (14:47 +0000)]
gtk-doc: don't regenerate gtk-doc in do_install
In out-of-tree builds gtk-doc's setup-build target copies all the content from
$srcdir to $builddir. However, if some of this content is regenerated at
configure time this can happen:
1) configure writes new build/version.xml
2) make compile copies content, including the tarball's src/version.xml
to build/version.xml, and generates gtk-doc.
3) make install notices build/version.xml is older than configure.status,
so regenerates gtk-doc.
gtk-doc generation is a slow process at the best of times, so doing it twice
isn't good.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Khem Raj [Wed, 21 Mar 2018 02:30:04 +0000 (19:30 -0700)]
ncurses: Abstract out termlib
termlib needs to be disabled on some targets e.g. mingw
this change paves the way for doing that. Functionally
it does not change anything for other platforms
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Martin Jansa [Tue, 20 Mar 2018 12:08:49 +0000 (12:08 +0000)]
iputils: change default PACKAGECONFIG to disable libidn
* wrong revision of this patch, where the commit message didn't match
with the default PACKAGECONFIG value, was merged to master, update
it to avoid confusion
* it got enabled by default, but without the dependency on libidn in:
commit 5997981fa2c22609a88b8cbb595dbf7758b2f7c2
Author: Alexander Kanavin <alexander.kanavin@linux.intel.com>
AuthorDate: Thu Feb 1 20:02:08 2018 +0200
Subject: iputils: update to 20161105
* https://github.com/iputils/iputils/blob/master/RELNOTES.old
mentiones that IDN was enabled by default in:
[s20160308] and surprisingly the same in [s20150815]
but there are no release notes for s20151218 version we were using until
now, don't know how it really relates to [s20150815].
* but there are some issues with libidn as described in:
https://github.com/iputils/iputils/commit/f3a461603ef4fb7512ade3bdb73fe1824e294547
so disable it by default.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Tim Orling [Fri, 23 Mar 2018 05:29:39 +0000 (22:29 -0700)]
maintainers.inc: drop lsb4 perl modules no longer in core
The following perl module packages were removed from oe-core
with commit: 30fb4c8f329fe3aa3c528ffeba60ee7d702e873e
- libclass-isa-perl
- libenv-perl
- libdumpvalue-perl
- libfile-checktree-perl
- libi18n-collate-perl
- libpod-plainer-perl
Remove these from the maintainers list
Fixes: [Yocto #12582] Signed-off-by: Tim Orling <timothy.t.orling@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Tanu Kaskinen [Tue, 20 Mar 2018 08:50:23 +0000 (10:50 +0200)]
libvorbis: CVE-2017-14632
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing
uninitialized memory in the function vorbis_analysis_headerout() in
info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
Tanu Kaskinen [Tue, 20 Mar 2018 08:50:22 +0000 (10:50 +0200)]
libvorbis: CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability
exists in the function mapping0_forward() in mapping0.c, which may lead
to DoS when operating on a crafted audio file with vorbis_analysis().
Chen Qi [Thu, 1 Mar 2018 08:01:19 +0000 (00:01 -0800)]
systemd: fix build failure for qemux86 and qemuppc with musl
Remove the 'fstack-protector' and 'fstack-protector-strong' flags
as a workaround to fix the following error when building for qemux86
and qemuppc with musl.
Chen Qi [Mon, 12 Mar 2018 06:35:45 +0000 (14:35 +0800)]
systemd: upgrade to 237
Upgrade systemd to 237.
Note that this version has dropped autotools support.
The following patches are rebased:
0004-Use-getenv-when-secure-versions-are-not-available.patch
0005-binfmt-Don-t-install-dependency-links-at-install-tim.patch
0007-use-lnr-wrapper-instead-of-looking-for-relative-opti.patch
0015-Revert-udev-remove-userspace-firmware-loading-suppor.patch
0018-check-for-uchar.h-in-configure.patch
0019-socket-util-don-t-fail-if-libc-doesn-t-support-IDN.patch
0001-add-fallback-parse_printf_format-implementation.patch
0002-src-basic-missing.h-check-for-missing-strndupa.patch
0007-check-for-missing-canonicalize_file_name.patch
0008-Do-not-enable-nss-tests.patch
0010-test-sizeof.c-Disable-tests-for-missing-typedefs-in-.patch
0011-nss-mymachines-Build-conditionally-when-HAVE_MYHOSTN.patch
The following backported patches are dropped:
0001-core-evaluate-presets-after-generators-have-run-6526.patch
0001-main-skip-many-initialization-steps-when-running-in-.patch
0001-meson-update-header-file-to-detect-memfd_create.patch
0003-fileio-include-sys-mman.h.patch
The following patch is dropped as autotools support is dropped:
0002-configure.ac-Check-if-memfd_create-is-already-define.patch
The following patches are newly added to fix problems:
0027-remove-nobody-user-group-checking.patch
0028-add-missing-FTW_-macros-for-musl.patch
0030-fix-missing-of-__register_atfork-for-non-glibc-build.patch
0031-fix-missing-ULONG_LONG_MAX-definition-in-case-of-mus.patch
Other changes are mostly autotools/meson related.
This new version has dropped ptest support, as there's no easy
way to do this in the framework of meson.
Maxin B. John [Mon, 19 Mar 2018 13:59:55 +0000 (15:59 +0200)]
libsolv: refresh the patches
fixes:
WARNING: libsolv-0.6.33-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to
incorrectly applied patches.
The context lines in the patches can be updated with devtool:
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch
0001-Add-fallback-fopencookie-implementation.patch
patching file ext/CMakeLists.txt
patching file ext/solv_xfopen.c
Hunk #1 succeeded at 12 with fuzz 1 (offset -1 lines).
Hunk #2 succeeded at 25 (offset -18 lines).
Hunk #3 succeeded at 34 (offset -18 lines).
Hunk #4 succeeded at 46 (offset -18 lines).
patching file ext/solv_xfopen_fallback_fopencookie.c
patching file ext/solv_xfopen_fallback_fopencookie.h
Now at patch 0001-Add-fallback-fopencookie-implementation.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Martin Jansa [Sat, 17 Mar 2018 11:21:30 +0000 (11:21 +0000)]
iputils: add PACKAGECONFIG for libidn and disable it by default
* it got enabled by default, but without the dependency on libidn in:
commit 5997981fa2c22609a88b8cbb595dbf7758b2f7c2
Author: Alexander Kanavin <alexander.kanavin@linux.intel.com>
AuthorDate: Thu Feb 1 20:02:08 2018 +0200
Subject: iputils: update to 20161105
* https://github.com/iputils/iputils/blob/master/RELNOTES.old
mentiones that IDN was enabled by default in:
[s20160308] and surprisingly the same in [s20150815]
but there are no release notes for s20151218 version we were using until
now, don't know how it really relates to [s20150815].
* but there are some issues with libidn as described in:
https://github.com/iputils/iputils/commit/f3a461603ef4fb7512ade3bdb73fe1824e294547
so disable it by default.
* fails with:
| In file included from ping_common.c:1:0:
| ping.h:39:10: fatal error: idna.h: No such file or directory
| #include <idna.h>
| ^~~~~~~~
* Easiest way to reproduce this failure is to remove libidn from gnutls
PACKAGECONFIG or to use gnutls which doesn't have libidn PACKAGECONFIG
at all (like the one in meta-gplv2).
* First it leads to following QA issue:
http://errors.yoctoproject.org/Errors/Build/53212/
ERROR: iputils-s20161105-r0 do_package_qa: QA Issue: iputils-ping rdepends on libidn, but it isn't a build dependency, missing libidn in DEPENDS or PACKAGECONFIG? [build-deps]
ERROR: iputils-s20161105-r0 do_package_qa: QA Issue: iputils-traceroute6 rdepends on libidn, but it isn't a build dependency, missing libidn in DEPENDS or PACKAGECONFIG? [build-deps]
ERROR: iputils-s20161105-r0 do_package_qa: QA run found fatal errors.
Please consider fixing them.
ERROR: iputils-s20161105-r0 do_package_qa: Function failed:
do_package_qa
ERROR: Logfile of failure stored in: /OE/build/oe-core/tmp-glibc/work/core2-64-oe-linux/iputils/s20161105-r0/temp/log.do_package_qa.7627
ERROR: Task (/OE/build/oe-core/openembedded-core/meta/recipes-extended/iputils/iputils_s20161105.bb:do_package_qa) failed with exit code '1'
* But if you cleansstate iputils as well (after removing libidn from
gnutls PACKAGECONFIG) to empty iputils RSS, then you get the error about
missing idna.h:
http://errors.yoctoproject.org/Errors/Build/53213/
* Adding the libidn dependency explicitly in iputils recipe fixes the
issue.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
package-index: index also subdirectories when using rpm
Previously only the top-level index was created, which did not
work if PACKAGE_FEED_ARCHS whitelisting (or explicitly listing
architectures in dnf repo files by hand) was in use:
https://lists.yoctoproject.org/pipermail/yocto/2018-March/040327.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=12419
[YOCTO #12419]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
License-Update: new releases and copyright years updated. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
Martin Jansa [Thu, 15 Mar 2018 22:50:10 +0000 (22:50 +0000)]
patch.py: Use git format-patch with --no-signature --no-numbered params
* --no-signature saves unnecessary .patch modifications when executed on
host with different git version
* --no-numbered saves unnecessary .patch modifications when number of the
applied patches is changed (the number is still in the filename so the
order how they should be applied is still preserved)
* both options exist for very long time, I've tested them with git 1.9.1
from Ubuntu 14.04 and I'm quite sure they were available even in much
older releases, so there shouldn't be any issue on relatively new sanity
tested distros
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
ca-certificates: run postinst script only for -target package
Nativesdk package has a special arrangement where the same thing is done
in do_install(). It was assumed (in the comment) that postinsts don't run when
installing nativesdk packages, but this was incorrect: they are run, but
any failures were previously silently ignored. Now this missing failure reporting has
been fixed, and so we get to see the failures.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Bruce Ashfield [Wed, 14 Mar 2018 15:10:29 +0000 (11:10 -0400)]
linux-yocto/4.12: backport bugfixes for x86
Integrating the following commits:
60b649971940 x86/hibernate/64: Mask off CR3's PCID bits in the saved CR3 cec3c008ec8f drm/i915/cfl: Coffee Lake works on Kaby Lake PCH. 073873cb152c brd: remove unused brd_mutex 912c53b1b346 audit: fix memleak in auditd_send_unicast_skb.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Author: California Sullivan <california.l.sullivan@intel.com>
Date: Wed Feb 17 16:47:10 2016 -0800
ktypes: add developer ktype
The developer ktype enables EMBEDDED, EXPERT, and DEBUG_KERNEL,
opening up more kernel options and setting some defaults.
Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Was created to address the kernel footprint related issues that are related
to many of the kernel debug options.
When this commit was merged, it re-enabled CONFIG_DEBUG_KERNEL for the
standard kernel, since it includes the systemtap fragment. The correct thing
to do is to move systemtap properly into the developer kernel type.
For now, you can build the developer kernel type, or add the developer kernel
configuration fragment via a bbappend, and you'll have a functional systemtap.
[YOCTO #12603]
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Jason Wessel [Tue, 13 Mar 2018 03:08:26 +0000 (22:08 -0500)]
python3: Fix purelib install and runtime paths
oe-core commit: 45afadf0b6 fixed the pip problem with purelib for
python2, even though the the patch stated it was for python3. This
patch addresses the purelib problem for python3.
If you install the package python3-pip you will have a pip3 binary
where you can see the problem on the device easily where the modules
install into the incorrect area and are not able to be referenced by
python3 at all.
Example error:
pip3 install imutils
pip3 list |grep imutils || echo ERROR no imutils
ERROR no imutils
python3 -c 'import imutils'
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named 'imutils'
Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Koen Kooi [Fri, 9 Mar 2018 10:55:14 +0000 (11:55 +0100)]
openssl: fix libdir logic to allow multiarch style paths
The recipes were using 'basename' to turn '/usr/lib' into 'lib', which breaks when libdir is '/usr/lib/tuple', leading to libraries ending up in '/usr/tuple', which isn't in FILES_*. Change the logic to use sed to strip the prefix instead.
Signed-off-by: Koen Kooi <koen.kooi@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com>
Richard Purdie [Wed, 14 Mar 2018 16:52:18 +0000 (09:52 -0700)]
uninative: Add compatiblity version check
If glibc is newer on the host than in uninative, the failure mode is
pretty nasty for clusters where the sstate is shared, including the Yocto
Project autobuilder.
This check aborts the use of uninative in such scenarios where a newer
glibc version appears and avoids corruption of sstate caches.
We use ldd to check the glibc version since that is included in libc-bin
(or equivalent) which locales use so it should always be present.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 Mar 2018 16:38:58 +0000 (16:38 +0000)]
build-recipe-list: build universe instead of world
Building world means recipes that are excluded from world build for whatever
reason get skipped from the manifests, which isn't useful. Instead building
universe and pass -k so that the expected dependency failures are not fatal.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 12 Mar 2018 16:38:57 +0000 (16:38 +0000)]
meta: remove some EXCLUDE_FROM_WORLD assignments
Now that we have recipe-specific-sysroots we don't need to exclude recipes from
world builds because they conflict with other recipes, as they'll all be built
with their own sysroots.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Woerner [Mon, 12 Mar 2018 15:22:33 +0000 (11:22 -0400)]
iproute2: fix rebuild failures
When rebuilding iproute2, many such instances of the following build failure
occur:
| make[1]: Entering directory '.../iproute2/4.14.1-r0/iproute2-4.14.1/lib'
| Makefile:1: ../config.mk: No such file or directory
| make[1]: *** No rule to make target '../config.mk'. Stop.
Signed-off-by: Trevor Woerner <twoerner@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
