QEMU_USE_KVM can either be a boolean or a whitespace separated list
of kvm supported machines.
For the 'intel-corei7-64' machine, defined in meta-intel, kvm could not be
used as the 'x86' substring is not part of its machine name.
By changing the order of this 'or' statement and setting
the 'QEMU_USE_KVM' variable to 'intel-corei7-64', it is possible to run the
'testimage' task with kvm support successfully.
Signed-off-by: Emmanuel Roullit <emmanuel.roullit@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 11 Sep 2018 09:37:36 +0000 (10:37 +0100)]
harfbuzz: remove stale pkg.m4
harfbuzz shipped an old pkg.m4 which overruled the pkg.m4 from the sysroot.
This is now fixed upstream, but until another release is made delete it from the
source tree.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
tclibc-baremetal.inc: Remove BASEDEPENDS on compilerlibs
Without a libc the gcc-runtime provider of compilerlibs does not
compile. As such avoid the default dependence on the
virtual/${TARGET_PREFIX}compilerlibs provider.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
tclibc: For newlib and baremetal disable some security features
With GCCPIE being enabled by default with security_flags.inc the
compiler will by default attempt to compile and link programs as PIE.
The targets that use newlib and baremetal in general do not support PIE
or are otherwise unable to use it due to how embedded targets are
compiled and executed. As such it makes sense to disable PIE by default
for these libc's in order to prevent build failures.
For baremetal tclibc there are no libc features or implementation as
such there is no implementation for the strong stack protector by
default.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
libgloss_3.0.0.bb: Fix up mv pattern to include libnosys
When installing libgloss libraries handle the ${TARGET_SYS}/lib contents
so that it is placed in ${libdir} instead of ${libdir}/lib. This
resolves a packaging QA issue.
ERROR: libgloss-3.0.0-r0 do_package: QA Issue: libgloss:
Files/directories were installed but not shipped in any package:
/usr/lib/lib
/usr/lib/lib/libnosys.a
/usr/lib/lib/nosys.specs
Please set FILES such that these items are packaged. Alternatively
if they are unneeded, avoid installing them or delete them within
do_install.
libgloss: 3 installed and not shipped files. [installed-vs-shipped]
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Martin Jansa [Mon, 10 Sep 2018 09:35:31 +0000 (09:35 +0000)]
attr: use u-a for setfattr
setfattr is now provided also by busybox since 1.29.2 upgrade and
do_rootfs is failing with:
update-alternatives: Error: not linking usr/bin/setfattr to /bin/busybox.nosuid since
usr/bin/setfattr exists and is not a link
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Modifying this constrain allows a user to create squashfs-based rootfs and boot
from them with such kernel argument 'root=PARTUUID=7d46da2d-29cc-4d5a-9e39-d0381c4abb0c'
Fixes: 2fbdcf4e59c8 ("wic: kparser.py: Check for SquashFS and use-uuid") Signed-off-by: Emmanuel Roullit <emmanuel.roullit@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Bruce Ashfield [Fri, 7 Sep 2018 13:38:40 +0000 (09:38 -0400)]
kern-tools: improve kernel config audit output
Recent kernels broke the ability of kconfiglib to parse the Kconfig
files and offer reasons why a symbol may not be set. To address this
issue, we update to Kconfiglib2 and adjust the symbol_why script to
work with the new API.
We also tweak the kconf_check script to allow the specification of
a list of option as "non-hardware". This allows a BSP to inhibit
warnings on options that it knows are mismatched for a valid reason
(i.e. -tiny kernels using common fragments with known missing
dependencies).
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 6 Sep 2018 22:40:47 +0000 (23:40 +0100)]
busybox/packagegroups: Break out the busybox-syslog dependency
The busybox-syslog rrecomends is proving tricky as it gets pulled in early and
there are conflicts between its use of update-alternatives and busybox needing
to provide those things.
We already have recipes using BAD_RRECOMMENDS to remove this dependency, it probably
makes sense to spell it out explicitly and allow it to be overridden more easily.
This patch does this, dropping the now unneeded BAD_RRECOMMENDS. It preserves
the dependency as a recommendation for now, further cleanup may allow simplication
of that.
This unbreaks certain build failures on the autobuilder, more as a workaround but
is a change we probably want to make anyway.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 7 Sep 2018 11:15:52 +0000 (12:15 +0100)]
staging: Ensure we handle glibc-locale do_stash_locale correctly
Occasionally we see warnings like:
WARNING: core-image-sato-1.0-r0 do_populate_sdk: Manifest /home/pokybuild/yocto-worker/nightly-qa-extras/build/build/tmp/sstate-control/manifest-allarch-nativesdk-linux-libc-headers.populate_sysroot not found in i686_linux allarch (variant '')?
which occur when do_populate_sdk is run in an otherwise empty TMPDIR.
It occurs because do_stash_locale is not recognised as a setscene task
and is removed from the taskgraph meaning the dependency chains fed
through setscene_depvalid don't match what was actually setscene'd.
That task is recipe specific and not in the global SSTATETASKS so we
hardcode the value for now to stop the build warnings. This is going to
need to be revisited for a more generic solution.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Yi Zhao [Fri, 7 Sep 2018 00:22:05 +0000 (08:22 +0800)]
taglib: Security fix CVE-2018-11439
CVE-2018-11439: The TagLib::Ogg::FLAC::File::scan function in
oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause
information disclosure (heap-based buffer over-read) via a crafted audio
file.
Richard Purdie [Thu, 6 Sep 2018 15:47:42 +0000 (16:47 +0100)]
busybox: Ensure busybox-syslog depends on busybox
If we don't do this, busybox-syslog can install before busybox
which clearly doesn't make sense and can trigger postinst failures
(missing sed which u-a depends upon).
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 6 Sep 2018 11:16:56 +0000 (12:16 +0100)]
gstreamer1.0-libav: use nasm instead of yasm
The options are still called yasm and there's some cleanup to be done, but as
libav can use both yasm and nasm let's unify on nasm (last release six months
ago, fifteen RCs since) instead of yasm (last release 2014).
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 6 Sep 2018 11:15:21 +0000 (12:15 +0100)]
python3: use regrtest instead of PyBench for profile-guided-optimisation
PyBench takes a long time to run, also upstream have removed it from Python and
instead use test.regrtest —pgo to profile the interpreter.
The results are good: not only does Python compile faster (~300s vs ~600s on my
machine) but Phoronix’s PyBench test runs in 2130ms compared to 2229ms when
using PyBench to train (and 2345ms with PGO disabled).
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 5 Sep 2018 10:48:53 +0000 (11:48 +0100)]
python3: don't use runtime checks to identify float endianism
Python uses AC_RUN_IFELSE to determine the byte order for floats and doubles,
and falls back onto "I don't know" if it can't run code. This results in
crippled floating point numbers in Python, and the regression tests fail.
Instead of running code, take a macro from autoconf-archive which compiles C
with a special double in which has an ASCII representation, and then greps the
binary to identify the format.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 6 Sep 2018 11:15:19 +0000 (12:15 +0100)]
python3: trim PGO patch
There's no need to delete the line that removes the profile data, as we're not
using it after the build. This reduces the size of the patch, making it easier
to maintain.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 6 Sep 2018 11:15:18 +0000 (12:15 +0100)]
python3: add toggle for profile-guided-optimisation
Add a PACKAGECONFIG for profile-guided-optimisation, and default to whether
qemu-usermode is available.
Move --enable-optimizations to the pgo optimisation as all this currently does
is use the PGO rules, causing a performance hit if PGO isn't actually used.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Thu, 30 Aug 2018 08:36:25 +0000 (16:36 +0800)]
kexec-tools: fix for "Unhandled rela relocation: R_X86_64_PLT32" error
In response to a change in binutils, commit b21ebf2fb4c
(x86: Treat R_X86_64_PLT32 as R_X86_64_PC32) was applied to
the linux kernel during the 4.16 development cycle and has
since been backported to earlier stable kernel series. The
change results in the failure message as below when rebooting
via kexec.
# kexec -l /boot/bzImage --append="console=ttyS0,115200 root=/dev/sda1"
Unhandled rela relocation: R_X86_64_PLT32
Fix this by replicating the change in kexec.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
build.py: add clean option to 'devtool build' command
Add -c (--clean) optiont to 'devtool build' command so that users
could easily clean things up when using devtool.
I encountered a problem about do_prepare_recipe_sysroot failure
when using `devtool build' command and I found myself in a situation
where I either have to use `bitbake' command to clean things up or
use `rm' to remove the directories under ${WORKDIR}.
So add a clean option as it would be helpful when users want to clean
things up to prepare an environment for a clean build.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
opkg: add strict package matching on removal patch
During removal, opkg is using globs to select which metadata files to
remove. The glob is too broad and sometimes can result in a package
removing the metadata from a package with a close name. Make the
matching more strict.
Fixes bugzilla 12905
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This patch intends to clean up the whole create_manifest script/task
for python3.
This is an effort to make the code more human friendly and facilitate
adoption, it not only cleans up the code but it also improves comments,
it should also be easier to upgrade the manifest after each python3
upgrade now, with these fixes the transition to python 3.7 should be
seamless.
It fixes a rather harmless bug where module dependencies were being
added twice to the core package and adds tests and sqlite3-tests
as special packages since we want specific dependencies on those.
It also fixes a bug that happened on a few packages that
contained a directory with the same name as the module itself
e.g. asyncio, where the script avoided checking that module for
dependencies.
Lastly, it improves the output, it errors out if a module is found
on more than one package, which is what usually happens when
python upstream introduces a new file, hence why the current
manifest is unaware of, it is better to exit with an error because
otherwise the user wouldnt know if anything went wrong unless the output
of the script was checked manually.
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3: Modify create_manifest to make it versionless
This patch improves the create_manifest script by making it
use PYTHON_MAJMIN instead of hard coded paths containing the
version number when looking at the necessary modules for
every package, the script should now be independent of the
python(3) version on which were working
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3-manifest: Use PYTHON_MAJMIN instead of hard coded version
Currently the manifest contains hard coded paths with the version number,
e.g. python3.5, this patch changes the paths to use the variable
PYTHON_MAJMIN instead, this should make the python upgrades easier
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mark Hatle [Wed, 5 Sep 2018 16:30:40 +0000 (12:30 -0400)]
prelink: Update to the latest version of prelink
The new version of prelink includes the fix for a segmentation fault due to
using e_shnum vs e_shstrndx.
In addition the following changes are incorporated:
2018-08-29 Khem Raj <raj.khem@gmail.com>
* src/elf.h: Add RISC-V defines
* src/rtld/dl-tls.c: Add RISC-V support
* src/rtld/rtld.c: Add RISC-V support
2018-08-29 Robert Yang <liezhi.yang@windriver.com>
* src/dso.c: use ehdr.e_shstrndx as index
2017-06-20 Andrew Stubbs <ams@codesourcery.com>
* src/arch-x86_64.c (x86_64_prelink_conflict_rela): Also convert
R_X86_64_32 conflicts to R_X86_64_IRELATIVE for ifuncs.
* src/arch-x86_64.c (PL_ARCH(x32)): Set mmap_end to 0x60000000.
2017-06-20 Joseph Myers <joseph@codesourcery.com>
* src/rtld/rtld.c (load_ld_so_conf): Add argument use_x32.
(main): Update call to load_ld_so_conf.
2017-06-20 Kyle Russell <bkylerussell@gmail.com>
* src/rtld/rtld.c: Add missing DT_NEEDED DSOs to needed_list
Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 4 Sep 2018 23:41:13 +0000 (00:41 +0100)]
populate_base_sdk: Stop running gcc --version all the time
Running 'gcc --version' for every image recipe is slow and increases parsing
time/resource usage for no good reason. Only compute the value in when we're
really running the task/function.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 5 Sep 2018 08:50:57 +0000 (09:50 +0100)]
binutils: Fix variable conflict
A recent binutils patch added the LDGOLD variable but its already used
for controlling EXTRA_OECONF options for gold. Separate the two variables
to different names to avoid build warnings and confusion.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 3 Sep 2018 10:49:09 +0000 (11:49 +0100)]
python: Run pybench once for optimisation task in pgo
There is no good reason to loop 10 times on the test since the profile
optimisation won't change between runs, we don't need/want a statistical
average. This is just burning cpu cycles, just make 1 run.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 5 Sep 2018 16:39:31 +0000 (17:39 +0100)]
busybox: Put klogd/syslogd alternative links in syslog package
Currently these are in ${PN} and ${PN}-syslog may get replaced by
other packages but update-alternatives would error in the postinst
if other files were installed first. Avoid the problems by putting
the links in the correct package.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andrej Valek [Thu, 30 Aug 2018 16:02:44 +0000 (18:02 +0200)]
busybox: update to 1.29.2
- refresh busybox-udhcpc-no_deconfig.patch
- remove obsolete patches which are included in this update
- update defconfig
- Add newly required virtual/crypt depends [RB]
Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andrej Valek [Tue, 4 Sep 2018 15:48:06 +0000 (17:48 +0200)]
wpa-supplicant: fix CVE-2018-14526
Ignore unauthenticated encrypted EAPOL-Key data in supplicant
processing. When using WPA2, these are frames that have the Encrypted
flag set, but not the MIC flag.
Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
