Tom Benn [Thu, 17 Oct 2019 10:20:04 +0000 (10:20 +0000)]
dbus: update dbus-1.init to reflect new PID file
The PID file referenced in dbus-1.init script was out of date and no longer existed. This meant that dbus could not be restarted via init.d without force removing the old PID file.
Signed-off-by: fridgecow <fridgecow@fb.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Yi Zhao [Tue, 15 Oct 2019 07:42:12 +0000 (15:42 +0800)]
libgcrypt: fix CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)
André Draszik [Tue, 1 Oct 2019 14:29:56 +0000 (15:29 +0100)]
ruby: some ptest fixes
* the (new?) ruby expects some additional compiled libraries
to run, so we need to copy them as part of ptest.
Fixes errors like:
# ruby ./runner.rb ./-ext-/vm/test_at_exit.rb
Run options:
# Running tests:
[1/1] TestVM#test_at_exit = 0.06 s
1) Failure:
TestVM#test_at_exit [/usr/lib/ruby/ptest/test/-ext-/vm/test_at_exit.rb:7]:
1. [1/2] Assertion for "stdout"
| <["begin", "end"]> expected but was
| <[]>.
2. [2/2] Assertion for "stderr"
| <[]> expected but was
| <["-:1:in `require': cannot load such file -- -test-/vm/at_exit (LoadError)",
| "\tfrom -:1:in `<main>'"]>.
* the 'erb' test can't find the erb binary, as we're not
running this from within the build directory
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
icecc: Export ICECC_CC and friends via wrapper-script
By exporting ICECC_CC, ICECC_CXX, and ICECC_VERSION in a wrapper-script,
and putting this wrapper-script in the PATH, the Makefiles generated by CMake or
the autotools are able to function correctly outside of bitbake.
This provides a convenient developer workflow in which the
modify-compile-unittest cycle can happen directly in the ${B} directory.
The `rm -f $ICE_PATH/$compiler` line is transitional,
and can go at some later date (October 2020 or later, perhaps).
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Also note that 'created.rid' is not being installed
anymore since v2.6.0
While additional LICENSEs were added to the recipe,
they should always have been mentioned in this recipe,
i.e. the license checksum was updated only because:
* URLs were updated
* new imported components were mentioned (with no new licenses)
* formatting was changed
* dates were updated
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Michael Ho [Wed, 14 Aug 2019 15:05:15 +0000 (17:05 +0200)]
cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH
The find_program command will fail if it is used on a tool that is listed in
ASSUME_PROVIDED. This is because these tools are in the hosttools directory
which is not listed in CMAKE_FIND_ROOT_PATH so cmake will not find them.
Adding the directory HOSTTOOLS_DIR to the CMAKE_FIND_ROOT_PATH variable fixes
the initial issue of needing to search for tools in ASSUME_PROVIDED.
Note that this change alone does not fix the issue because find_program will
by default only look into the subdirectories bin and usr/bin under the paths
in CMAKE_FIND_ROOT_PATH to find the programs and the hosttools directory has
instead the symlinks directly present without these subdirectories.
Set CMAKE_PROGRAM_PATH to by default include the root directory so
find_program can search the hosttools directory without needing the prefix
directories.
Signed-off-by: Ross Burton <ross.burton@intel.com>
devtool: Add --remove-work option for devtool reset command
Enable --remove-work option for devtool reset command that allows user
to clean up source directory within workspace.
Currently devtool reset command only removes recipes and user is forced
to manually remove the sources directory within the workspace before
running devtool modify again.
Using devtool reset -r or devtool reset --remove-work option, user can
cleanup the sources directory along with the recipe instead of manually
cleaning it.
syntax: devtool reset -r <recipename>
Ex: devtool reset -r zip
Ross Burton [Thu, 17 Oct 2019 11:29:43 +0000 (12:29 +0100)]
python3: ensure that all forms of python3-config are in python3-dev
In multilib builds python3-config gets renamed to eg python3-config-lib64 but
this ends up being packaged in python3-core not python3-dev.
The manifest uses an extended glob to package all python* binaries that are not
python-config into python3-core:
"${bindir}/python*[!-config]",
However, this doesn't do what was intended, as [] is a range match.
Replace the globs with more verbose but precise matches, and clear out
FILES_${PN} to ensure that new binaries don't end up in ${PN} (which shouldn't
exist).
[ YOCTO #13592 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Mikko Rapeli [Thu, 17 Oct 2019 07:31:58 +0000 (10:31 +0300)]
systemd.bbclass: enable all services specified in ${SYSTEMD_SERVICE}
This has been the traditional way of enabling systemd services.
It may conflict with presets feature, but other layers, image classes
and recipes add services to be enabled using SYSTEMD_SERVICE
variable also with read-only rootfs, e.g. IMAGE_FEATURES has
stateless-rootfs and systemd_preset_all task is not executed.
Fixes startup of custom services from our recipes using custom
image classes with various BSP layers. In the worst case even
serial console getty service wasn't starting due to dependency
no not enabled services.
Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Cc: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Thu, 17 Oct 2019 09:28:02 +0000 (10:28 +0100)]
oeqa/runtime/systemd: skip unit enable/disable on read-only-rootfs
This doesn't work on read-only-rootfs:
AssertionError: 1 != 0 : SYSTEMD_BUS_TIMEOUT=240s systemctl disable avahi-daemon.service
Failed to disable unit: File /etc/systemd/system/multi-user.target.wants/avahi-daemon.service: Read-only file system
This patch does two things:
1) Decorate the existing test to be skipped if the rootfs is
read-only
2) add a new test to be executed only if the rootfs is
read-only. This new test remounts the rootfs read-write
before continuing to execute the existing test, making
sure to clean up correctly after itself (remount r/o
again).
Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Wed, 16 Oct 2019 09:18:24 +0000 (10:18 +0100)]
oeqa/runtime/opkg: skip install on read-only-rootfs
Images can have package management enabled, but be
generally running as read-only. In this case, the
test fails at the moment with various errors due to
that.
Use the new @skipIfFeature decorator to also skip
this test in that case.
Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Wed, 16 Oct 2019 09:18:22 +0000 (10:18 +0100)]
oeqa/runtime/df: don't fail on long device names
When device names are long (more than 20 characters), the
df test will fail with an exception:
self.assertTrue(int(output)>5120, msg=msg)
ValueError: invalid literal for int() with base 10: ''
at least when busybox is in use.
The reason is that busybox breaks the line in that case:
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/disk/by-partuuid/8e991e5a-cebd-4f88-9494-c9db4f30cb02 1998672 87024 1790408 5% /
and the code tries to extract the fourth field from the
second line, which is empty of course.
df can be told not to break lines, though, using the -P
flag, which turns on the POSIX output format, and is
supported by busybox df and coreutils df:
Filesystem 1024-blocks Used Available Capacity Mounted on
/dev/disk/by-partuuid/8e991e5a-cebd-4f88-9494-c9db4f30cb021998672 87024 1790408 5% /
Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Wed, 16 Oct 2019 09:18:21 +0000 (10:18 +0100)]
testimage.bbclass: enable ssh agent forwarding
Some targets might use ssh to do their power- or serial-
control. In that case, ssh might need access to the
ssh agent, or otherwise won't work.
So export it into the environment.
Note that the (old) oeqa/controllers/masterimage.py
tries to do that as well by exporting all of BB_ORIGENV
into the test environment. Here in testimage.bbclass we
are a bit more strict and only pass the ssh related
environment variables.
Signed-off-by: André Draszik <git@andred.net> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Wed, 16 Oct 2019 09:18:20 +0000 (10:18 +0100)]
testimage.bbclass: support hardware-controlled targets
Since the introduction of the new runtime framework for target
testing in commit 2aa5a4954d76
("testimage.bbclass: Migrate class to use new runtime framework")
commit 3857e5c91da6 in poky.git, target controllers have no
access to the global datastore 'd' anymore.
This makes it impossible for a specific OEQA (hardware)
controller to access documented properties like
TEST_POWERCONTROL_CMD, TEST_SERIALCONTROL_CMD, etc,
meaning it's impossible for those controllers to actually
control the hardware.
To solve this, simply add those documented variables into
the target_kwargs[].
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 17 Oct 2019 11:29:44 +0000 (12:29 +0100)]
python3: -dev should depend on distutils
python3-config uses distutils:
Traceback (most recent call last):
File "/usr/bin/python3-config", line 9, in <module>
from distutils import sysconfig
ModuleNotFoundError: No module named 'distutils'
Add the dependency so that distutils is always present.
[ YOCTO #13592 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes:
# decode-dimms
Can't locate Carp.pm in @INC (you may need to install the Carp module) (@INC contains: /usr/lib/perl5/site_perl/5.28.1/x86_64-linux /usr/lib/perl5/site_perl/5.28.1 /usr/lib/perl5/vendor_perl/5.28.1/x86_64-linux /usr/lib/perl5/vendor_perl/5.28.1 /usr/lib/perl5/5.28.1/x86_64-linux /usr/lib/perl5/5.28.1 .) at /usr/lib/perl5/5.28.1/Tie/Hash.pm line 190.
BEGIN failed--compilation aborted at /usr/lib/perl5/5.28.1/Tie/Hash.pm line 190.
Compilation failed in require at /usr/lib/perl5/5.28.1/x86_64-linux/POSIX.pm line 505.
Compilation failed in require at /usr/bin/decode-dimms line 41.
BEGIN failed--compilation aborted at /usr/bin/decode-dimms line 41.
root@qt5222:~# apt-get install perl-module-carp
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 18 Oct 2019 11:28:19 +0000 (12:28 +0100)]
file: explicitly disable seccomp
file will automatically enable seccomp if the seccomp headers are available, but
the build will fail on Opensuse Tumbleweed because the include paths are wrong.
Enabling seccomp is a bad idea because it interacts badly with pseudo (causing
build failures), so explicitly and globally disable seccomp.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Eugene Smirnov [Fri, 18 Oct 2019 11:16:14 +0000 (13:16 +0200)]
wic/rawcopy: Support files in sub-directories
If the source file is located in a subdirectory of DEPLOY_DIR
rawcopy will currently fail in sparse_copy function on
open(dst_fname, 'wb'), as the parent directory for destination
file does not exist.
This patch helps to avoid that by recursively creating
parent directories.
Signed-off-by: Eugene Smirnov <evgenii.smirnov@here.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefan Agner [Fri, 11 Oct 2019 09:06:59 +0000 (11:06 +0200)]
uninative: check .done file instead of tarball
In case multiple builds share UNINATIVE_DLDIR's location, one build
might be in the process of downloading the tarball while another is
just checking whether the tarball exists. Check for the done file
instead and rely on the fetchers lockfile mechanism in case two
builds are running.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 14 Oct 2019 11:42:57 +0000 (12:42 +0100)]
sanity: check the format of SDK_VENDOR
If SDK_VENDOR isn't formatted as -foosdk and is instead for example -foo-sdk
then the triple that are constructed are not in fact triples, which results in
mysterious compile errors.
Check in sanity.bbclass so this failure is detected early.
[ YOCTO #13573 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mattias Hansson [Tue, 15 Oct 2019 08:00:15 +0000 (10:00 +0200)]
base.bbclass: add dependency on pseudo from do_prepare_recipe_sysroot
do_prepare_recipe_sysroot may perform groupadd, which requires pseudo.
However, do_prepare_recipe_sysroot does not depend on pseudo explicitly,
which sometimes causes a build error when building a recipe that adds
groups.
This issue only occurs when executing do_prepare_recipe_sysroot for a
recipe that adds groups before finishing a task that depends on pseudo
for a recipe that doesn't add groups.
Signed-off-by: Mattias Hansson <mattihn@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peiran Hong [Tue, 8 Oct 2019 15:33:31 +0000 (11:33 -0400)]
dbus: Change path of system_bus_socket from /var/run/dbus/ to /run/dbus/
Fixed a warning message during startup caused by referencing the legacy
directory /var/run instead of /run. An extra parameter is passed to the
configure script to achiveve this. Upstream cannot provide a fix due to
another Linux distribution (Slackware) uses /var/run and /run as
different directories.
Refer to https://gitlab.freedesktop.org/dbus/dbus/issues/282 for
details.
Signed-off-by: Peiran Hong <peiran.hong@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joerg Vehlow [Fri, 11 Oct 2019 06:03:57 +0000 (08:03 +0200)]
runqemu: Remove disabling of high resolution timer
The option 'highres=off' sneaked itself into the runqemu script for all
configurations, where the root filesystem type is not 'cpio' or 'cpio.gz'.
See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=13590
Signed-off-by: Joerg Vehlow <joerg.vehlow@aox-tech.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Version 2 of the recipe is not actually required by anything; the
lidmodulemd dependency in createrepo-c is optional, and the
libmodulemd feature is not used in YP.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream has split version 1 of the libmodulemd recipe into
its own branch and removed version 1 from the master
branch and 2.x releases; as libdnf requires v1 of libmodulemd,
this commit introduces a v1-specific revipe.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop patches:
- 0001-WebKitMacros-Append-to-I-and-not-to-isystem.patch - this
has been a pain to rebase for a while as upstream keeps shifting and
changing the code that needs to be modified. If the issue the patch
is addressing is still relevant, please work with upstream to fix it
at the source
- 0001-gstreamer-add-a-missing-format-string.patch, narrowing.patch
are integrated upstream
- detect-gstreamer-gl.patch is adjusting something that is better done
from the yocto package configuration
Add an option to disable an enabled-by-default sandbox that requires
a component that oe-core does not have.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backported 0001-meson-do-a-build-time-check-for-strlcpy-before-attem.patch
and 0001-meson.build-do-not-hardcode-linux-as-the-host-system.patch where
upstream has removed the problematic bit.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
runqemu: unset another environment variable for 'egl-headless'
Some host distributions (opensuse for example) are using 'pkgconf',
which, unlike the original pkg-config, appends PKG_CONFIG_SYSROOT_DIR
to every directory from the .pc file.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
license_image.bbclass: check and reject packages which have incompatible licenses
The use case is setting INCOMPATIBLE_LICENSE per image,
rather than as an awkward, and too strict global setting.
This for example would allow building development images with gplv3 tools,
but production images without them, and checking that nothing gpl3-licensed
gets into the latter.
Examples are provided via the selftest: four scenarios are tested:
- bash is added to the image, with a default gpl3 license; this is rejected
- bash is added to the image, with a "gpl3 & other" license; this is also rejected
- bash is added to the image, with a "gpl3 | other" license; this is accepted, but
only 'other' is added to the license manifest (this was already handled correctly
previously).
- bash is added to the image with a default gpl3 license, and is additionally
whitelisted for that image; this is accepted.
Eventually, this would allow deprecating the meta-gplv2 layer, while still
enforcing the no-gpl3 rule where possible and needed.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
