Alex Kube [Fri, 25 Oct 2019 19:19:15 +0000 (23:49 +0430)]
go: Extract common environment setup.
Add default values for go environment variables to go-common.inc.
Override where appropriate in other go*.inc files, and use
host/target tuples from goarch for setting CC flags.
Signed-off-by: Alex Kube <alexander.j.kube@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Richard Purdie [Fri, 22 Nov 2019 15:12:44 +0000 (15:12 +0000)]
package_ipk: Remove pointless comment to trigger rebuild
The opkg-utils change didn't trigger a full repackage due to its mention
in layer.conf for update-alternatives hash exclusion. Do it manually
to invalidate broken ipks.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 21 Nov 2019 14:59:06 +0000 (14:59 +0000)]
sanity: Add check for tar older than 1.28
Older versions break opkg-build when reproducible builds are enabled.
Rather than trying to be selective based on which features are enabled,
lets just make this a minimum version.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
opkg-build was failing on hosts where tar < 1.28 and reproducibile builds
were enabled but it was doing this silently and generating corrupted
(empty) ipk files. Add a fix for this (submitted upstream).
The fix requires bash but if you're building ipk files this shoudn't be
a problem.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Tue, 19 Nov 2019 10:52:52 +0000 (23:52 +1300)]
devtool: fix devtool upgrade with reproducible_builds class
If the reproducible_build class is inherited then there may be a
"source-date-epoch" subdirectory in a fetched source tree; devtool
upgrade was not expecting that in the upgraded source. Take a small
snippet of code from recipetool create which already handles this,
and make it a shared function that can be used in both places.
Additionally, fix an assumption that the source is always in a
subdirectory in the cleanup code that blocked debugging this.
[YOCTO #13635]
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 18 Nov 2019 16:46:47 +0000 (16:46 +0000)]
cve-check: fetch CVE data once at a time instead of in a single call
This code used to construct a single SQL statement that fetched the NVD data for
every CVE requested. For recipes such as the kernel where there are over 2000
CVEs to report this can hit the variable count limit and the query fails with
"sqlite3.OperationalError: too many SQL variables". The default limit is 999
variables, but some distributions such as Debian set the default to 250000.
As the NVD table has an index on the ID column, whilst requesting the data
CVE-by-CVE is five times slower when working with 2000 CVEs the absolute time
different is insignificant: 0.05s verses 0.01s on my machine.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 18 Nov 2019 16:46:45 +0000 (16:46 +0000)]
cve-check: rewrite look to fix false negatives
A previous optimisation was premature and resulted in false-negatives in the report.
Rewrite the checking algorithm to first get the list of potential CVEs by
vendor:product, then iterate through every matching CPE for that CVE to
determine if the bounds match or not. By doing this in two stages we can know
if we've checked every CPE, instead of accidentally breaking out of the scan too
early.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 18 Nov 2019 16:46:44 +0000 (16:46 +0000)]
cve-update-db-native: clean up proxy handling
urllib handles adding proxy handlers if the proxies are set in the environment,
so call bb.utils.export_proxies() to do that and remove the manual setup.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Unfortunately this change broke 'devtool upgrade' functionality,
causing 'devtool finish' to write out an upgraded recipe that no
longer includes the original upstream source in SRC_URI.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the second last release of py 2.x; upstream support ends on
1 January 2020, there will be one final 2.x afterwards.
Note that the only thing that still needs python 2.x in oe-core is
u-boot; when the next u-boot update arrives, we should find out
where the py3 migration is for that component before merging the
update.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Mon, 18 Nov 2019 15:44:21 +0000 (15:44 +0000)]
recipetool/create: Fix to work with reproducible_builds
The extra diretory created by reproducibile_builds was confusing recipetool
and hence devtool. Ignore this directory to restore the correct behaviour and
allow it to work with the class.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Fri, 15 Nov 2019 13:00:48 +0000 (13:00 +0000)]
cdrtools-native: Don't set uid/gid during install
This is a native recipe so won't be installed as root.
If the string 'root' is part of the username then the install script
can get tricked into thinking we are root (regardless of the actual
uid or permissions) resulting in attempts to run chown/chgrp
inappropriately.
Signed-off-by: Paul Barker <paul@betafive.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alistair Francis [Thu, 14 Nov 2019 20:22:20 +0000 (12:22 -0800)]
mesa: Upgrade to 19.2.4
Upgrade mesa and mesa-gl to 19.2.4.
The license hash change was a trivial new line removal.
The glx-tls option was removed as it isn't included in the meson.build
file. It has been replaced with 'use-elf-tls' instead.
I have backported the asm removal as an attempt to fix the musl build
issue.
Signed-off-by: Alistair Francis <alistair@alistair23.me> Signed-off-by: Alistair Francis <alistair.francis@wdc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chee Yang Lee [Fri, 15 Nov 2019 01:58:48 +0000 (09:58 +0800)]
wic: rm with -r flag support
wic currently unable to remove non-empty directory in ext* partition.
enable wic rm to remove non-empty directory and all the sub-content
with -r flag.
update help documents for 'wic rm'.
[YOCTO #12404]
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kai Kang [Fri, 15 Nov 2019 07:42:02 +0000 (15:42 +0800)]
systemd: remove ${PN}-xorg-xinitrc
In 50-systemd-user.sh which is packaged to sub-package
${PN}-xorg-xinitrc, it exports environment variables DISPLAY and
XAUTHORITY to systemd. It fails to start systemd services which require
these environment variables such as thunar.service:
Nov 14 07:47:29 qemux86-64 systemd[352]: Starting Thunar file manager...
Nov 14 07:47:29 qemux86-64 Thunar[873]: cannot open display:
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Main process exited, code=exited, status=1/FAILURE
Nov 14 07:47:29 qemux86-64 systemd[352]: thunar.service: Failed with result 'exit-code'.
Nov 14 07:47:29 qemux86-64 systemd[352]: Failed to start Thunar file manager.
It is not convenient to make all such kind of packages require package
${PN}-xorg-xinitrc, so remove the sub-package and merge the only file
provided by it to main package.
No recipe depends on ${PN}-xorg-xinitrc in oe-core and meta-openembedded
now, so no need to set rprovides for it.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
distro_features_check: expand with MACHINE_FEATURES and COMBINED_FEATURES, rename
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Barker [Tue, 12 Nov 2019 22:10:03 +0000 (22:10 +0000)]
scripts/native-intercept: Add chgrp intercept
Some installation rules have been seen to run chgrp for native recipes
which leads to 'Operation not permitted' errors. To prevent this we
need a chgrp intercept script to go with the existing chown intercept.
Signed-off-by: Paul Barker <paul@betafive.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Anuj Mittal [Wed, 13 Nov 2019 08:41:06 +0000 (16:41 +0800)]
libsdl2: fix race when building in parallel
Fixes a race where it tries to build version res file in build directory
before it has even been created. Prevents intermittent errors on
autobuilder when building for mingw:
| /bin/bash ../SDL2-2.0.10/build-scripts/updaterev.sh
| /bin/bash ../SDL2-2.0.10/build-scripts/mkinstalldirs build
| mkdir -p -- build
| x86_64-pokysdk-mingw32-windres --include-dir=/home/pokybuild/yocto-worker/meta-mingw/build/build/tmp/work/x86_64-nativesdk-mingw32-pokysdk-mingw32/nativesdk-libsdl2/2.0.10-r0/recipe-sysroot/opt/poky/3.0/sysroots/x86_64-pokysdk-mingw32/us
| /include ../SDL2-2.0.10/src/main/windows/version.rc build/version.o
| x86_64-pokysdk-mingw32-windres: build/version.o: No such file or directory
| Makefile:692: recipe for target 'build/version.o' failed
| make: *** [build/version.o] Error 1
| make: *** Waiting for unfinished jobs....
| touch build/.created
| WARNING: exit code 1 from a shell command.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yongxin Liu [Wed, 13 Nov 2019 06:48:55 +0000 (14:48 +0800)]
ltp: Add "udevadm trigger" before swap verification in mkswap01.sh
Swap verification sometimes fails due to race condition with udev.
This is a known issue: https://github.com/linux-test-project/ltp/issues/458.
"udevadm trigger" forces udev to sync up device events with kernel.
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sysstat: Correct when to use the package provided systemd unit files
There have been a number of changes back and forth as to when and how
to use the systemd unit files provided by the package. The correct
condition is actually that both cron and systemd need to be enabled
for them to be installed.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In commit 8862f21e (sysstat: 12.1.3 -> 12.1.6), sa_lib_dir was changed
from "${libdir}/sa" to "${libexecdir}/sa" to avoid problems with
multilib. However, the systemd unit file was not changed accordingly,
which lead to the following error when trying to start the service:
systemd[4698]: sysstat.service: Failed at step EXEC spawning
/usr/lib/sa/sa1: No such file or directory
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Wed, 13 Nov 2019 04:10:31 +0000 (22:10 -0600)]
mc: Fix build reproducibility
Fixes some issues with reproducible builds. Adds a patch to allow the
configure arguments to be omitted from the build and also explicitly
setting some autoconf paths that were picking up hosttools.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Wed, 13 Nov 2019 21:24:00 +0000 (15:24 -0600)]
icecc-create-env: Use OE patchelf in SDK
The Icecream environment creation script runs when the SDK is installed
and uses patchelf to fix up executables. Rather than rely on the host
system to provided patchelf (which often can be older versions that
produce buggy executables), mark the OE version of patchelf as a
dependency of icecc-create-env when included in the SDK.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yeoh Ee Peng [Thu, 7 Nov 2019 09:50:30 +0000 (17:50 +0800)]
resulttool/store.py: Enable add extra test environment data
Enable the option to add extra test environment data to the
configuration of each test result (as optional).
Example of optional test environment data include:
- custom packages included for runtime test
- detail machine specification used as target
- detail host environment used for bitbake
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yeoh Ee Peng [Thu, 7 Nov 2019 09:50:28 +0000 (17:50 +0800)]
scripts/resulttool/report: Enable output raw test results
In case of debugging, report user need to acccess the raw
test result. Instead of going back to source file/directory/URL
to manually pull out the raw result, provide alternative
way to let report showing raw test results by providing
the result id (optional).
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yeoh Ee Peng [Thu, 7 Nov 2019 09:50:27 +0000 (17:50 +0800)]
scripts/resulttool/report: Enable report to use regression_map
By default, report will use the store_map to generate the key
to reference each result set. In some situation when using store_map
with multiple set of tests sharing similar test configurations,
the report will only showing partial result set for results
that having identical result_id (use of multiconfig to run tests
where it generate identical result_id).
Enable report to have the option to use the regression_map (optional)
instead of the default store_map, where it will take larger
set of configurations to generate the key to reference each
result set, this will prevent the report from only showing
partial result set.
Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 7 Nov 2019 23:58:30 +0000 (23:58 +0000)]
cve-update-db-native: don't refresh more than once an hour
We already fetch the yearly CVE metadata and check that for updates before
downloading the full data, but we can speed up CVE checking further by only
checking the CVE metadata once an hour.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
buildhistory: fix "version went backwards" QA error message
Fix parentheses placement in the message from:
Package version for package X went backwards which would break package feeds from (Y to Z)
to this one:
Package version for package X went backwards which would break package feeds (from Y to Z)
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>