Bruce Ashfield [Thu, 21 Apr 2016 15:23:45 +0000 (11:23 -0400)]
kernel-yocto: allow branch auditing to be suspended
When working on the yocto-bsp and kernel-lab update for yocto 1.2
we found it was impossible for a end-user BSP to isolate patches
on a branch, since with the following commit:
[kernel-yocto: enforce SRC_URI specified branch]
Any new branch would be switched to whatever was specified on the
SRC_URI and undoing the work that the yocto-bsp tool did to support
board specific patches.
To fix this, we'll keep the enforcing of branch consistency enabled
by default, but introduce a variable "KMETA_AUDIT" that when not
set will skip the check.
There's no impact for existing users, and it is only something that
other plumbing commands and tools will need to use (or care about).
[YOCTO: #9120]
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
There was a bug in the tools that did not handle the mix of subdirs
properly and ended up leaving a trailing / on the elements *not* in
the $BOARD subdir. As a result, the configuration fragments were not
properly found when searching the include paths, and a configuration
failure was triggered (due to missing files).
This change tweaks the tools to always check a path with and without
a trailing / when processing config fragments so they can be later
found when processing the configuration of the kernel.
Reported-by: "Robert P. J. Day" <rpjday@crashcourse.ca> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
backporting a mainline commit to address splats that have been
seen on the 4.4 kernel:
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Bruce Ashfield [Wed, 20 Apr 2016 23:30:07 +0000 (19:30 -0400)]
linux-yocto/uvesafb: print error message when task timeout occurs
Integrating the following commit to have a more informative error
message:
uvesafb: print error message when task timeout occurs
The driver waits for response from user space for a pending
task until a timeout (UVESAFB_TIMEOUT) occurs. But the
existing error message in later steps is a little obscure.
This patch throws out an error message when timeout happens.
Signed-off-by: Jianxun Zhang <jianxun.zhang@linux.intel.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ismo Puustinen [Wed, 4 May 2016 13:06:46 +0000 (16:06 +0300)]
libpcre: Fix CVE-2016-3191
Fix workspace overflow for (*ACCEPT) with deeply nested parentheses.
The patch is from libpcre version control at
http://vcs.pcre.org/pcre?view=revision&revision=1631 with the ChangeLog
part removed. Original author is Philip Hazel.
Signed-off-by: Ismo Puustinen <ismo.puustinen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Yuqing Zhu [Wed, 4 May 2016 09:46:46 +0000 (17:46 +0800)]
alsa-lib: Fix incorrect appl pointer when mmap_commit() returns error.
The appl pointer needs to be updated only when snd_pcm_mmap_commit() is
successfully returned. Or it shouldn't be updated.
This is to fix the avail_update()'s result is incorrect when returns error.
Signed-off-by: Yuqing Zhu <carol.zhu@nxp.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Maxin B. John [Wed, 4 May 2016 08:20:17 +0000 (11:20 +0300)]
pkgconfig: update to version 0.29.1
87152c0 : Update to 0.29.1 753f0ba : glib: Fix OSX build with internal glib 5164b9d : Revert "Quote pc_path virtual variable" a3e58e7 : check: More thoroughly test variable usage 1c564a3 : Only unquote --variable when it appears quoted e6d33fb : Revert "Unquote values of requested variables" 8d19fad : Also match -Wl,-framework for OSX framework ae0a8b1 : Allow overriding package variables with env vars 9ef2d34 : Pass key into parse_package_key so it can be set early 52baea8 : README.win32: Add info on building with MSVC 5f70074 : build: Add NMake makefiles for Visual Studio builds 1ed3367 : build: Add a pre-configure config.h template for MSVC builds 56061ef : build: Split Out Source Listing dd57ff3 : pkg.c: Port from dirent to GDir
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diego Rondini [Fri, 29 Apr 2016 10:24:09 +0000 (12:24 +0200)]
base-files: add some safety checks in profile
Add some safety checks when sourcing files in /etc/profile.d/, in particular:
- source only *.sh files, not every file. This is the practice in use in both
Fedora and Debian/Ubuntu (see
https://help.ubuntu.com/community/EnvironmentVariables#A.2Fetc.2Fprofile.d.2F.2A.sh);
- check the input is actually a file and is readable. This check is especially
important if profile.d is empty, as "*.sh" will get expanded only if
profile.d is not empty. Previously if profile.d was present but empty,
"/etc/profile.d/*" was sourced causing errors on login and breaking stuff, for
example X startup.
Signed-off-by: Diego Rondini <diego.ml@zoho.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Fri, 29 Apr 2016 10:48:24 +0000 (11:48 +0100)]
bitbake.conf: change APACHE_MIRROR to point at archive.apache.org
The official download servers www.[country].apace.org only host the latest
release, so the URL is only valid when the recipe is fully up to date.
In the general case this isn't a problem as our mirror list includes
archive.apache.org, but the upstream URI checking (the checkuri task) fails as
that explicitly doesn't use the mirrors.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Wed, 27 Apr 2016 02:20:30 +0000 (19:20 -0700)]
libxsettings-client: fix COPYING file
Fixed:
* Move the code of copy COPYING file from do_configure_append() to
do_patch[postfuncs] since we had moved license-checksum from
do_package_qa to do_populate_lic.
* Add xsettings-client.c and xsettings-common.c to LIC_FILES_CHKSUM.
* Update comments.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Wed, 27 Apr 2016 02:20:29 +0000 (19:20 -0700)]
meta-world-pkgdata: add LIC_FILES_CHKSUM
Fixed:
ERROR: meta-world-pkgdata-1.0-r0 do_populate_lic: QA Issue: meta-world-pkgdata: Recipe file does not have license file information (LIC_FILES_CHKSUM) [license-checksum]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Wed, 27 Apr 2016 02:20:27 +0000 (19:20 -0700)]
packagegroup.bbclass: set LICENSE and LIC_FILES_CHKSUM
* Use "??=" in bitbake.conf to set LICENSE, so that it can overrided by
packagegroup.bbclass and recipes.
* Use "?=" to set LICENSE and LIC_FILES_CHKSUM to MIT by default
in packagegroup.bbclass, this won't impact any packagegroup recipes
which use non-MIT license, since they can be overrided by the recipe.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The package_qa_check_license() was in do_qa_configure which had a
potential problem, when the recipe sets do_configure[noexec] = "1", then
the license checking won't run, which may hidden license issues. Rename
it to populate_lic_qa_checksum() and run in do_populate_lic[postfuncs] which
is more reasonable (when no populate license, no license checking).
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Maxin B. John [Tue, 26 Apr 2016 08:48:25 +0000 (11:48 +0300)]
libxml2: fix dependencies and QA Issues
Fix the following QA warnings:
WARNING: libxml2-2.9.3-r0 do_package_qa: QA Issue: libxml2 rdepends on
libiconv, but it isn't a build dependency, missing libiconv in DEPENDS
or PACKAGECONFIG? [build-deps]
WARNING: libxml2-2.9.3-r0 do_package_qa: QA Issue: libxml2-python
rdepends on libiconv, but it isn't a build dependency, missing libiconv
in DEPENDS or PACKAGECONFIG? [build-deps]
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Maxin B. John [Tue, 26 Apr 2016 08:48:24 +0000 (11:48 +0300)]
bash: fix dependencies and QA Issue
Fix the following QA warning:
WARNING: bash-4.3.30-r0 do_package_qa: QA Issue: bash rdepends on libiconv,
but it isn't a build dependency, missing libiconv in DEPENDS
or PACKAGECONFIG? [build-deps]
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Maxin B. John [Tue, 26 Apr 2016 08:48:23 +0000 (11:48 +0300)]
popt: fix dependencies and QA Issue
Fix the following QA warning:
WARNING: popt-1.16-r3 do_package_qa: QA Issue: popt rdepends on
libiconv, but it isn't a build dependency, missing libiconv in DEPENDS
or PACKAGECONFIG? [build-deps]
Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Wed, 27 Apr 2016 08:28:35 +0000 (09:28 +0100)]
qemu: remove explicit but redundant native build dependencies
qemu-native was optionally depending on libxext-native if the DISTRO_FEATURES
included x11. This dependency was required back when we didn't build
libsdl-native and causes an undesirable relationship between DISTRO_FEATURES and
qemu-native.
As the dependency isn't required anymore, remove it.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Wed, 27 Apr 2016 13:06:19 +0000 (01:06 +1200)]
recipetool: create: fix falling back to declared license for npm packages
Fix two problems falling back to the "license" field from package.json
when no license file is present:
1) The function that was supposed to return the license field value was
always explicitly returning None, and this was never noticed (because
the test cases never exercised the fallback as they provided license
files for each module).
2) Fix the main package not falling back because it had a default of an
empty list, which evaluates to '' instead of 'Unknown'.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Wed, 27 Apr 2016 13:06:18 +0000 (01:06 +1200)]
recipetool: create: fix picking up false npm package directories
It is possible for a Node.js module to have node_modules subdirectories
that contain no package.json file (e.g. iotivity-node has such a
directory). It appears these should simply be ignored, or else with the
way the current code works we will get errors later.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
armv7a is a subset of armv7ve:
https://gcc.gnu.org/onlinedocs/gcc/ARM-Options.html
-march=armv7ve is the armv7-a architecture with virtualization extensions.
By inheriting armv7a from armv7ve it's possible for e.g. Cortex-A15 machines
to include tune-cortexa15.inc and have a full range of optimizations, but
set DEFAULTTUNE as "armv7a" to produce binaries compatible with Cortex-A8
machines, etc.
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernel: fitimage: basic support for fitimage signature
This is an initial support of fitImage signature to enable U-Boot verified
boot. This feature is implemented by adding a signature tag to the
configuration section of the generated fit-image.its file.
When a UBOOT_SIGN_ENABLE variable is set to "1", the signature procedure is
activated and performs a second call to mkimage to sign the fitImage file and
to include the public key in the deployed U-Boot device tree blob. (This
implementation depends on the use of CONFIG_OF_SEPARATE in U-Boot.)
As the U-Boot device tree blob is appended in the deploy dir, a dependency
on 'u-boot:do_deploy' is added when the feature is activated.
Signed-off-by: Yannick Gicquel <yannick.gicquel@iot.bzh> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
kernel: fitimage: support device tree compiler options
This introduces a new variable to set the device tree compiler options while
calling mkimage ('-D' option). By default, this variable is not set but it can
be defined in a configuration file, as following example:
UBOOT_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
Signed-off-by: Yannick Gicquel <yannick.gicquel@iot.bzh> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
u-boot: basic support of dtb append for verified boot
This introduces a new uboot-sign.class to support U-Boot verified boot.
This part delivers the new class file, with related environment variables, and
a new task intended to run before do_install task and which performs the
concatenation of the u-boot-nodtb.bin and the device tree blob. The 'cat'
command used overrides the u-boot.bin in both DEPLOYDIR & build dir to
propagate the changes in later tasks (do_install, do_package, etc.)
Signed-off-by: Yannick Gicquel <yannick.gicquel@iot.bzh> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/lib/argparse_oe: show subparser help for unrecognized args
As an example, `recipetool create foo bar baz` shows `recipetool: error:
unrecognized arguments: bar baz` and then displays the main help, not the help
for the create command. Fix by saving the subparser name and using it in
parse_args() to look up the subparser.
Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Thu, 28 Apr 2016 10:58:10 +0000 (13:58 +0300)]
wic: use sparse_copy to copy partitions
Copied partition images into final partitioned image using
sparse_copy API. This method preserves sparseness of the
final image. It also makes wic much faster, as unmapped
blocks of the partition images are not copied.
[YOCTO #9099]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Thu, 28 Apr 2016 10:58:09 +0000 (13:58 +0300)]
wic: add sparse_copy API
In order to make wic images sparse sparse_copy function has been
copied from meta-ostro:
https://github.com/kad/meta-ostro/blob/master/meta-ostro/lib/image-dsk.py
This function uses filemap APIs to copy source sparse file into
destination file preserving sparseness.
The function has been modified to satisfy wic requirements:
parameter 'skip' has been added.
[YOCTO #9099]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Thu, 28 Apr 2016 10:58:08 +0000 (13:58 +0300)]
wic: add FIEMAP and SEEK_HOLE / SEEK_DATA APIs
In order to make wic images sparse set of APIs has been copied
from bmap-tools project.
filemap.py module is taken from bmap-tools project:
https://github.com/01org/bmap-tools/blob/master/bmaptools/Filemap.py
It implements two ways of get information about file block: FIEMAP
ioctl and the 'SEEK_HOLE / SEEK_DATA' features of the file seek
syscall.
Note that this module will be removed as soon as bmaptool utility
supports copying sparse source file into destination file (this is
already agreed with the maintainer of bmap-tools project).
[YOCTO #9099]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Thu, 28 Apr 2016 10:58:04 +0000 (13:58 +0300)]
wic: use truncate utility to create sparse files
Used truncate instead of dd to create wic images for the
following reasons:
- dd doesn't preserve sparseness
- truncate syntax is much more clear
- dd requires additional calculations of the image size
in blocks
- the way dd was used in the code is not always correct.
In some cases it was writing one block to the file which makes
it not 100% sparse.
[YOCTO #9099]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
packagegroup-core-lsb: fix whitespace in meta-qt* warnings
Without these extra space characters the messages are ill-formatted, i.e:
'The meta-qt3 layer should be added, this layer provides Qt 3.xlibraries.
Its intended use is for passing LSB tests as Qt3 isa requirement for LSB.'
Changes to:
'The meta-qt3 layer should be added, this layer provides Qt 3.x libraries.
Its intended use is for passing LSB tests as Qt3 is a requirement for LSB.'
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
security_flags: turn potential string format security issues into an error
Add "-Wformat -Wformat-security -Werror=format-security" to the default
SECURITY_CFLAGS to catch potential security vulnerabilities due to the
misuse of various string formatting functions.
These flags are widely used in distributions such as Fedora and Ubuntu,
however we have 15 recipes in OE-Core which fail to build with these
flags included and thus the flags are removed for:
- busybox
- console-tools
- cmake
- expect
- gcc
- gettext
- kexec-tools
- leafpad
- libuser
- ltp
- makedevs
- oh-puzzles
- stat
- unzip
- zip
[YOCTO #9488]
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current recipe creates inittab labels based off the device node name
of TTYs used as consoles. If those names exceed the 4 character label
limit of inittab, it will break. This change takes the last 4 chars of
the device names in order to avoid any errors.
[ YOCTO #9529 ]
Signed-off-by: Stephano Cetola <stephano.cetola@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ed Bartosh [Fri, 22 Apr 2016 09:32:01 +0000 (12:32 +0300)]
wic: add system_id attribute to Partition
Added Partition.system_id attribute and initialized it
from parse result of wks option --system-id. It will be
used by the wic code below the call stack to set partition
system id.
[YOCTO #9096]
Signed-off-by: Ed Bartosh <ed.bartosh@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
