Joshua Lock [Wed, 17 Jun 2015 08:33:18 +0000 (09:33 +0100)]
distutils-common-base: add to, don't set, FILES_${PN}
If we set FILES_${PN} and a recipe inherits other classes that
modify FILES_${PN} *before* distutils-common-base is included, any
changes to FILES_${PN} made by those classes are lost.
Instead, append the additional directories we want to include in
FILES_${PN}
Richard Purdie [Thu, 11 Jun 2015 22:03:28 +0000 (23:03 +0100)]
wayland: Fix hardlink corruption issue
The way this code was working, the m4 file is hardlinked to the
copies which would be packaged and could lead to the native m4
file being used in the target packages.
By removing the file first the hardlink is broken and this avoids
corruption (since cp uses open to change the file contents).
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
valgrind: add configure option to build only 32-bit or 64-bit components
Building both 32-bit and 64-bit binaries in valgrind at a time would
lead to following QA issue as below,
(snip)
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_exp-sgcheck-x86-linux.so
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/getoff-x86-linux
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_core-x86-linux.so
ERROR: QA Issue: Architecture did not match (62 to 3) on ${WORKDIR}/valgrind/3.10.1-r0/packages-split/valgrind-dbg/usr/lib64/valgrind/.debug/vgpreload_memcheck-x86-linux.so
-- CUT --
hence perform only one type of build 32-bit or 64-bit, but not both.
Robert Yang [Tue, 9 Jun 2015 06:46:25 +0000 (23:46 -0700)]
libpostproc: pass correct libdir
When MACHINE=qemux86-64 and enable multilib:
ERROR: QA Issue: libpostproc: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/libpostproc.so.52.3.0
/usr/lib/libpostproc.so
/usr/lib/libpostproc.so.52
/usr/lib/.debug
/usr/lib/.debug/libpostproc.so.52.3.0
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. [installed-vs-shipped]
Pass the right libdir to configure as otherwise it assumes $prefix/lib
which may be wrong.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dave Lerner [Fri, 22 May 2015 15:42:42 +0000 (10:42 -0500)]
valgrind: remove arm tests that don't compile
[Yocto #7453]
Corrects the original commit for the patch that removed ARM ptest CFLAGS
settings. Since the flags could be set by a user, the flags should
be kept in place during compilation. By keeping the original up-stream
CFLAGS for the tests, then additional tests successfully compile
for all tested ARM tunings.
However, there were still two tests listed below that did not compile
for any beaglebone tuning that is valid for valgrind. With the updated
patch, the set of excluded ARM ptests and their respective build
failures are:
intdiv - fails for all beaglebone tunings with 2 errors:
{standard input}:(40 or 41): Error: selected processor does not
support Thumb mode `udiv r3,r9,r10'
{standard input}:(72 or 73): Error: selected processor does not
support Thumb mode `sdiv r3,r9,r10'
vcvt_fixed_float_VFP - fails for all beaglebone tunings in one of
two ways:
with neon tuning (-mfpu=neon) fails with Internal Compiler Error
without neon tuning fails with 3 errors:
{standard input}:33: Error: selected FPU does not support
instruction -- `vcvt.f32.s32 s15,s15,#1'
{standard input}:58: Error: selected FPU does not support
instruction -- `vcvt.f32.s32 s15,s15,#32'
{standard input}:136: Error: selected FPU does not support
instruction -- `vcvt.f32.u32 s15,s15,#1'
After applying this commit, the valgrind ARM ptests compile without
errors for tunings:
armv7[t][hf][b][-neon] cortexa8[t][hf][-neon]
where the tuning [option] was successfully compiled, both with
and without the 'option', and in combination with all other options.
Signed-off-by: Dave Lerner <dave.lerner@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 1 Jun 2015 21:13:23 +0000 (22:13 +0100)]
base: Fix license checksum rebuild problems
"MACHINE=qemux86-64 bitbake init-ifupdown; MACHINE=genericx86-64 bitbake init-ifupdown"
shows a rebuild when it would be expected. The reason is a LIC_FILES_CHKSUM which
contains file://${WORKDIR}, an absolute path which doesn't exist in the first build
but does in the second, causing a signature change and a rebuild.
Fix the problem by ignoring any file:// url which resolves since TMPDIR for
license file dependency purposes.
Paul Eggleton [Thu, 7 May 2015 13:52:25 +0000 (14:52 +0100)]
oe-selftest: devtool: add a proper test to see if tap devices exist
Check up front in test_devtool_deploy_target whether the tap devices
exist and skip if not. If we don't do this we get a significantly less
comprehensible error via pexpect.
Paul Eggleton [Fri, 8 May 2015 14:26:04 +0000 (15:26 +0100)]
devtool: if workspace layer exists, still ensure it's in bblayers.conf
When we run devtool, if the workspace layer already exists but isn't in
bblayers.conf (perhaps because it was previously created but
subsequently removed from bblayers.conf by the user) then we should add
it and notify the user, otherwise devtool operations won't work.
If we execute an external command, we ought to prepare for the
possibility that it can fail and handle the failure appropriately. We
can especially expect this to happen when running bitbake in this
scenario. Ensure we return the appropriate exit code to the calling
process.
Paul Eggleton [Tue, 28 Apr 2015 11:25:30 +0000 (12:25 +0100)]
recipetool: ensure git clone is standalone when extracting
If -x is specified and the specified URI was a git repository, we need
to ensure that the resulting clone is a sandalone and not one that has
pointers into the temporary fetch location or DL_DIR (since the git
fetcher does a local clone with -s). Split out the code from devtool
that already does this for "devtool modify -x" and reuse that.
Paul Eggleton [Tue, 28 Apr 2015 11:22:36 +0000 (12:22 +0100)]
recipetool: avoid second-level subdir when extracting
When -x was specified, we were getting the normal unpack subdirectory
which we don't really want - if there's only one subdirectory unpacked
then we should effectively copy just it to the extraction path, not as a
subdirectory under it.
Paul Eggleton [Mon, 27 Apr 2015 09:53:21 +0000 (10:53 +0100)]
devtool: update-recipe: check if source tree is a git repository
If you've done "devtool add" (or "devtool modify" without -x) then it's
possible that the external source tree is not a git repository, so we
should handle that case here instead of printing a traceback.
Markus Lehtonen [Mon, 27 Apr 2015 09:53:14 +0000 (10:53 +0100)]
devtool: modify: implement --no-same-dir
This option can be used to have a separate build directory, in order to
keep the srctree directory clean for packages that do not need to be
built in the source directory.
Markus Lehtonen [Mon, 27 Apr 2015 09:53:13 +0000 (10:53 +0100)]
devtool: modify: use B=S if that is the default for the recipe
Makes the build succeed for packages which do not support separate build
directory, e.g. zlib. The same outcome could be achieved with the
--same-dir option, but, it's generally hard to tell if a random package
would need that option. The negative side effect of this patch is that
dev srctree (of some packages that build fine without this modification)
gets dirtied by build artefacts.
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com> Acked-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Note that the fix is only required when glibc is built for i686/multiarch,
so is not applicable in the default oe-core x86 configuration (which builds
glibc for i586 and therefore does not include SSE2 optimised memcpy etc).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Saul Wold [Tue, 12 May 2015 19:02:46 +0000 (12:02 -0700)]
lttng-modules: Update to stable version 2.6.1
This fixes a build issue with the 3.19.5 kernel where the regmap prototypes
have changed. The patch is rebased do to changes in the new version of the
Makefile.
Robert Yang [Thu, 28 May 2015 09:22:24 +0000 (02:22 -0700)]
python3: fix build for shared object
Fixed when build on armv7a_vfp_neon:
Python-3.3.3/Modules/_struct.o: relocation R_ARM_MOVW_ABS_NC against `a local symbol' can not be used when making a shared object; recompile with -fPIC
All the archs should use -fPIC when build shared object for linux.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Buffer overflow in the rc_mksid function in plugins/radius/util.c in
Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is
greater than 65535, allows remote attackers to cause a denial of
service (crash) via a start accounting message to the RADIUS server.
oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not
effected, but I found this buggy codes are same between 2.4.6 and
2.4.7, and 2.4.7 should have this issue.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Seebach [Thu, 21 May 2015 20:36:35 +0000 (15:36 -0500)]
rootfs.py: Make set -x not break rootfs creation
The rootfs logfile check errors out if it finds an "exit 1" in
a log. But consider the shell idiom:
if ! $command; then exit 1; fi
and consider a postinstall script with a "set -x" for debugging
purposes (to get log output in /var/log/postinstall.log.)
Solution: Ignore lines prefixed with a +, because those show shell
code even if a specific fragment won't be executed.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 20 May 2015 14:38:49 +0000 (15:38 +0100)]
zlib: clean up base_libdir symlink
libz.so symbolic link created in ${libdir} is
../../${base_libdir}/libz.so.1.2.8. This doesn't work if base_libdir or libdir
is changed, so use oe.path.relative to construct the correct path at build time.
André Draszik [Mon, 18 May 2015 08:06:01 +0000 (09:06 +0100)]
icu-native: fix hard paths in native icu
The icu recipe installs icu-native twice, once in the usual location,
and once for cross builds into the path given by --with-cross-build.
This latter path is not included in the list of paths recognised by
chrpath.bbclass, hence the binaries in there retain the rpath as used
during compilation. This causes the package to not be relocateable
from sstate
[YOCTO #6851]
We use the infrastructure that is in place already, and simply set
PREPROCESS_RELOCATE_DIRS as necessary, and things start to work.
A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
other related functions computed the size of a buffer when passed a
misaligned buffer as input. An attacker able to make an application call
any of these functions with a misaligned buffer could use this flaw to
crash the application or, potentially, execute arbitrary code with the
permissions of the user running the application.
Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
native.bbclass: avoid unintended substring replacement when setting PROVIDES
The way native_virtclass_handler was implemented leaded to
unintended substring replacements when setting PROVIDES for
native providers, in case the original PROVIDES value contains
providees with common substrings.
Here's a practical case where the old behavior was problematic:
the oracle-jse-jdk-x86-64 recipe provides both virtual/java and
virtual/javac:
Signed-off-by: Mario Domenech Goulart <mario@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otavio Salvador [Mon, 11 May 2015 11:26:47 +0000 (08:26 -0300)]
gstreamer1.0-plugins-bad: Move EGL requirement for Wayland
The EGL is used by the Wayland backend. When building using Software
Rendering and without Wayland support the EGL backend is not available
so we should not require EGL for GLES2 support.
This fixes following build error:
,----
| ...
| checking for bcm_host_init in -lbcm_host... no
| checking for WAYLAND_EGL... no
| configure: error: Could not find the required EGL libraries
| Configure failed. The contents of all config.log files follows to aid debugging
| ERROR: oe_runconf failed
`----
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Thu, 14 May 2015 11:41:26 +0000 (13:41 +0200)]
boost: properly fix do_boostconfig re-execution
* it was partially fixed in:
commit 291e20a51544c640d07767d1dc32d762f4370f41
Author: Venkata ramana gollamudi <ramana.gollamudi@huawei.com>
Date: Fri Apr 13 11:42:46 2012 +0000
Subject: boost: fix re-execution of task
but with disadvantage that when CXX or *FLAGS variables were changed
it was continuing to use old values
* just remove the line before appending it with current values to fix
that
Martin Jansa [Tue, 28 Apr 2015 22:46:18 +0000 (00:46 +0200)]
e2fsprogs: install populate-extfs.sh
* install populate-extfs.sh from contrib, be aware that in order
to use it you need to set DEBUGFS shell variable, otherwise it will
try to use debugfs from relative path which is almost always
incorrect:
CONTRIB_DIR=$(dirname $(readlink -f $0))
DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs"
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Richard Purdie [Wed, 13 May 2015 08:08:09 +0000 (09:08 +0100)]
glibc: Fix x32 make race
On x32 builds, sysd-syscalls appears malformed since the make-target-directory
appears on the wrong line. This causes races during the build process where you can
see failures like:
Assembler messages:
Fatal error: can't create [...]glibc/2.21-r0/build-x86_64-poky-linux-gnux32/time/gettimeofday.os: No such file or directory
Assembler messages:
Fatal error: can't create [...]glibc/2.21-r0/build-x86_64-poky-linux-gnux32/time/time.os: No such file or directory
The issue is that the carriage return is being escaped when it should
not be. The change to sysd-syscalls with this change:
which ensures the target directory is correctly created. Only x32 uses the vdso
code which contains the bug which is why the error only really appears on x32.
For recipes with PACKAGES_remove = "${PN}", the find which removes
.la files can race against deletion of other directories in WORKDIR
e.g.:
find: '/home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/sstate-build-populate_lic': No such file or directory
| WARNING: /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/temp/run.do_configure.6558:1 exit 1 from
| find /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7 -name \*.la -delete
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with
an uncompressed size smaller than the compressed field size in a
zip archive that advertises STORED method compression.
Buffer overflow in the charset_to_intern function in unix/unix.c in
Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code
via a crafted string, as demonstrated by converting a string from CP866
to UTF-8.
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Fri, 8 May 2015 03:36:15 +0000 (23:36 -0400)]
kernel-yocto: propagate in tree defconfigs to WORKDIR
As reported by Steffen Pankratz <Steffen.Pankratz@elektrobit.com>, the
previous logic of KBUILD_DEFCONFIG processing would not propagate an in
tree defcofig to WORKDIR if one was not already present.
We fix the propagation by copying the in tee config if a defconfig is
not already in WORKDIR.
Additionally we only warn (versus copying) if an in tree configuration
is specified, is different than the WORKDIR version and isn't copied.
Bruce Ashfield [Fri, 8 May 2015 03:36:14 +0000 (23:36 -0400)]
linux-yocto: fix race between checkout and meta data generation
There are two tasks that must run before a linux-yocto kernel is built.
- Kernel checkout and relocation to work-shared (kernel_checkout)
- Meta data gathering and configuration prep (kernel_metadata)
The current task definitions for both are simply "before do_patch",
which is correct, but kernel_checkout must run before and not race with
kernel_metadata.
So we set the definition of kernel_checkout to be more specific and
enforce the proper ordering.
Ed Bartosh [Wed, 6 May 2015 20:28:39 +0000 (23:28 +0300)]
kernel.bbclass: Fix race condition
Race condition between do_compile_kernelmodules and do_shared_workdir
tasks occurs when do_compile_kernelmodules changes files in
include/generated/* while do_shared_workdir tries to copy them to
shared working directory.
Fixed race by moving do_shared_workdir after do_compile but before
do_compile_kernelmodules.
Mike Crowe [Thu, 30 Apr 2015 15:51:13 +0000 (16:51 +0100)]
libcap: Avoid passing "-e" to make
oe-core 51540b64f62234c145fc32cfa3fbbaaebbeece08 altered libcap.inc (at the
time) to append to EXTRA_OEMAKE rather than assign to it. The default value
for EXTRA_OEMAKE contains "-e". This means that the change caused "-e" to
be passed to make for the first time.
Unfortunately passing "-e" subtly changes the behaviour of libcap's
Make.Rules under recursive make when prefix="" (which it is for us since
we're using meta-micro.)
Without "-e" the prefix comes from the command line in both the parent and
submakes. This takes precedence over any attempt to reassign it with a
simple "=" operation so the headers are correctly installed in (empty
string)/include.
With "-e" the prefix still comes from the command line in the parent make
but from the environment in the submake. The attempt to assign it fails in
the parent make as before, but not in the submake so the headers are
installed incorrectly in /usr/include.
In all four cases the "ifdef prefix" else clause is executed.
So, let's assign EXTRA_OEMAKE in order to avoid using "-e" at all.
Roy Li [Tue, 28 Apr 2015 06:22:54 +0000 (14:22 +0800)]
elfutils: Security Advisory - CVE-2015-0255
Directory traversal vulnerability in the read_long_names function in
libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers
to write to arbitrary files to the root directory via a / (slash) in a
crafted archive, as demonstrated using the ar program.
Robert Yang [Tue, 28 Apr 2015 03:43:27 +0000 (20:43 -0700)]
openssl: remove 3 patches
Removed:
- openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch
- upgate-vegsion-script-for-1.0.2.patch
Since they are already in the source.
- make-targets.patch
It removed test dir from DIRS, which is not needed any more since we
need build it.
Robert Yang [Wed, 29 Apr 2015 09:09:18 +0000 (02:09 -0700)]
python-numpy: remove 2 dangling patches
Removed:
- unbreak-assumptions.diff
This patch changs the dir to /non-existant-dir, the source code has
changed the dir to /deadir, so it is not needed any more.
- trycompile.diff
There is no try_compile or try_run in numpy/core/setup.py any more, so
assumed that it is not needed.
Patrick Ohly [Wed, 20 May 2015 11:48:20 +0000 (13:48 +0200)]
combo-layer: handle unset dest_dir in sanity_check()
The previous "clean up dest_dir checking" patch (f8cdbe7497) improved
handling of empty dest_dir but made handling of unset dest_dir worse:
instead showing the "Option dest_dir is not defined for component ..."
error, it fails with a Python exception.
Avoid that by providing a sane fallback for the unset case. With that
change, dest_dir is no longer strictly required, but the check for it
is kept to ensure that a combo-layer.conf also works with older
combo-layer versions.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patrick Ohly [Fri, 8 May 2015 12:37:30 +0000 (14:37 +0200)]
combo-layer: improve merge commit handling
When the head of a branch is a merge commit, combo-layer did not
record that commit as last_revision because it only considers applied
patches, and the merge commit never gets applied.
This causes problems when the merge commit leads to multiple patches
and the commit id that gets recorded only reaches some of these
patches. The next run then will try to re-apply the other patches.
This special case is now detected and dealt with by bumping
last_revision to the branch commit. The behavior where the head is a
normal commit is intentionally not changed, because some users might
prefer the traditional behavior.
Created separate group of hardlinks for the files inside
the same package. This should prevent stripped files to be
populated outside of package directories.
This turns out not to be straightforward and has overlap with the
other hardlink handling code in this area. The code is condensed
into a more concise and documented form.
There is no reason to build sed for the host, however now:
ERROR: Nothing RPROVIDES 'sed-native' (but virtual:native:/OE/sources/openembedded-core/meta/recipes-extended/groff/groff_1.22.2.bb RDEPENDS on or otherwise requires it)
Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If shadow is installed, sulogin from busybox cannot work correctly because
it still assumes that /etc/shadow is not there. This leads to the problem
when booting into rescue mode in an image with shadow installed but not
sulogin from util-linux.
To fix this problem, we add 'util-linux-sulogin' to RDEPENDS of shadow.
This runtime dependency is specific to OE, because we have to ensure
that sulogin can work correctly and sulogin from busybox cannot because
FEATURE_SHADOWPASSWORDS is not enabled by default. And we cannot enable
it by default for busybox, because that would lead to utilities in busybox
to assume the existence of /etc/shadow which is not always true in OE.
Richard Purdie [Tue, 28 Apr 2015 10:51:12 +0000 (11:51 +0100)]
autotools: Fix find races on source directory
In a similar way to http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=aa1438b56f30515f9c31b306decef7f562dda81f
there are more find races in the autotools class.
For recipes with PACKAGES_remove = "${PN}", the find which removes
.la files can race against deletion of other directories in WORKDIR
e.g.:
find: '/home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/sstate-build-populate_lic': No such file or directory
| WARNING: /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/temp/run.do_configure.6558:1 exit 1 from
| find /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7 -name \*.la -delete
bdfReadCharacters: ensure metrics fit into xCharInfo struct
We use 32-bit ints to read from the bdf file, but then try to stick
into a 16-bit int in the xCharInfo struct, so make sure they won't
overflow that range.
Alexander Cherepanov discovered that bsdcpio, an implementation of the "cpio"
program part of the libarchive project, is susceptible to a directory
traversal vulnerability via absolute paths.
An out of bounds read access in the UTF-8 decoding can be triggered with
a malformed file in the tool less. The access happens in the function
is_utf8_well_formed due to a truncated multibyte character in the sample
file.
The bug does not crash less, it can only be made visible by running less
with valgrind or compiling it with Address Sanitizer.
Version 475 of less contains a fix for this issue. The file version.c
contains some entry mentioning this issue (without any credit):
- v475 3/2/15 Fix possible buffer overrun with invalid UTF-8
The fix is in the file line.c. We derive this patch from:
