This CVE is about TOCTOU (time-of-check time-of-use)
race condition when copying and removing directory trees
which had very low severity problem and marked as closed
and won't fix. Therefore whitelisted CVE-2013-4235.
Master, gatesgarth and dunfell all have shadow version 4.81.
Hence, this is applicable for master, gatesgarth and dunfell. Link: https://bugzilla.redhat.com/show_bug.cgi?id=884658 Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b1c6cd87bee6b019619dc5728fd6c36bc87ed696) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Minjae Kim [Mon, 8 Mar 2021 13:45:52 +0000 (22:45 +0900)]
wpa-supplicant: fix CVE-2021-27803
A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant
before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests.
It could result in denial of service or other impact
(potentially execution of arbitrary code), for an attacker within radio range.
Upstream-Status: Acepted [https://w1.fi/cgit/hostap/commit/?id=8460e3230988ef2ec13ce6b69b687e941f6cdb32]
CVE: CVE-2021-27803 Signed-off-by: Minjae Kim <flowergom@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Michael Halstead [Sat, 13 Feb 2021 06:27:54 +0000 (22:27 -0800)]
yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 317f8bf320383e81085f5740e202a7edb12932c7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
yocto-uninative.inc: version 2.11 updates glibc to 2.33
Support glibc 2.33.
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5c7f963d395aa4a94d78c37883488baac471ea43) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 24 Feb 2021 21:40:52 +0000 (21:40 +0000)]
cups: Fix reproducibility issues
configure inspects the host's /etc/group for these configuration
options, fix this to the correct values by using configure options.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f16f9c727569414cd52862dcba18d8e423f4e961) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Upstream has renamed the "master" branch to "main".
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 05637733cf89a81fd5d787402f5a917f279a1a0d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 24 Feb 2021 21:51:08 +0000 (21:51 +0000)]
package/package_rpm: Disable font_provides configuration for reproducibilty
The host may or may not have fc-cache which is used for find provides
information by rpmdeps. This lead to non-deterministic build output.
Disable the font provides code so we have deterministic builds,
we have nothing using/relying on it at this point.
Need to disable this in both the rpmdeps code and in package_rpm
itself although the latter shouldn't be being used.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1c0cd8012a96fd4d9caf33c6de5fd39cea6db55d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Ensure the fallback value if used is written to the SDE file
and hence stored in sstate, reducing any confusion within the
code over '0' values.
Bump the HASHEQUIV_VERSION since we've had a ton of trouble
with ensuring this rolls out correctly on the autobuilder so
others may too, take a clean slate for it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 53ffffa32b76330835287dfc05d4e4796841af08) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Jan-Simon Möller [Sat, 20 Feb 2021 17:29:33 +0000 (18:29 +0100)]
reproducible_builds: SOURCE_DATE_EPOCH should not be 0
A SOURCE_DATE_EPOCH of 0 might be misinterpreted by namely rpm as no SDE.
e.g.:
char *srcdate = getenv(SOURCE_DATE_EPOCH);
if (srcdate && rpmExpandNumeric(%{?clamp_mtime_to_source_date_epoch}))
Solve this by:
- providing a SOURCE_DATE_EPOCH_FALLBACK variable != 0
- changing defaults to use it
- using SOURCE_DATE_EPOCH_FALLBACK also when reading 0 out of sstate-cache
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9a1dde74e794362399193dc3f81c9685a83d0776) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Milan Shah [Wed, 6 Jan 2021 13:38:37 +0000 (19:08 +0530)]
report-error.bbclass: Add layer and bitbake version info to error report
Instead of just providing local.conf info, add layer names and their
revisions with bitbake version information into error report
makes it easier to understand and reproduce failed build.
[YOCTO #9700]
Signed-off-by: Milan Shah <mshah@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5afd7b1857c0012ab6e3d8bbafa67a96ff9e9e0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 21 Feb 2021 15:15:19 +0000 (15:15 +0000)]
libpcre: Drop old/stale patch
According to my tests this incorrect symbols resolution at runtime no
longer happens. Ubuntu is still carrying the patch but also probably
doesn't need to, they are also on a much older version. It sounds
like there was once a linkage bug somewhere which has likely been
resolved since.
Drop the patch as it doesn't seem needed anymore. If it were a real
issue it should be submitted upstream too, the status is incorrect.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 02f36ed515afed550dfcd986977ce2106dee556a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 20 Feb 2021 15:45:46 +0000 (15:45 +0000)]
ca-certificates: Clean up two patches and submit upstream
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3eabbb5c15fb55ae3d46b2377c09bb58226d965) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 20 Feb 2021 15:08:23 +0000 (15:08 +0000)]
libevdev: Update patch status to backport
The patch was submitted and merged upstream.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 871bce0703ca9d14e5c44f6ee0b66fcb13cfb630) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 20 Feb 2021 09:28:02 +0000 (09:28 +0000)]
maintainers: Update email address for Victor
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5b509fe1c5ff86a0397fa98d7bcd0199da32bf14) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Feb 2021 11:24:07 +0000 (11:24 +0000)]
bitbake.conf: Split PSEUDO_IGNORE_PATHS to be more readable
We've had a lot of concern about the readability of diffs of this
path setting, refactor to avoid long line length.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f3930cba16ccbc4b76ed14187d5586d6479bc59e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Feb 2021 11:21:17 +0000 (11:21 +0000)]
bitbake.conf/image: Move image specific PSEUDO_IGNORE_PATHS to image class
This path is image specific so we can move to the image class
definition of PSEUDO_IGNORE_PATHS.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 66a8ca0f206434e0b301a8fdc90f062750d6d118) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Feb 2021 11:18:42 +0000 (11:18 +0000)]
populate_sdk: Add directories to PSEUDO_IGNORE_PATHS
Some paths used in sdk construction shouldn't be tracked under pseudo
so list these.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 21621e09162ff9e8014a1cfba78d0f2c3746202a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Feb 2021 11:17:32 +0000 (11:17 +0000)]
image: Add directories to PSEUDO_IGNORE_PATHS
Some paths used in image construction shouldn't be tracked under pseudo
so list these.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9463be2292b942a1072eea88881b9644e55aadb9) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Martin Jansa [Tue, 23 Feb 2021 13:35:53 +0000 (14:35 +0100)]
sstatesig.py: show an error instead of warning when sstate manifest isn't found
* not sure if there are some valid use-cases for missing manifest, but
recently I'm seeing increasing number of build failures where something
from native recipe is missing (seen it with pseudo, autoconf, nodejs
recently) and the only indication that something is wrong (before showing
sometimes misleading error like:
recipe-sysroot-native/usr/bin/node: No such file or directory
is this warning:
NOTE: Running task 7844 of 12431 (/meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_12.20.2.bb:do_prepare_recipe_sysroot)
NOTE: recipe nodejs-12.20.2-r0: task do_prepare_recipe_sysroot: Started
WARNING: nodejs-12.20.2-r0 do_prepare_recipe_sysroot: Manifest /BUILD/sstate-control/manifest-x86_64_ubuntu-18.04-nodejs-native.populate_sysroot not found in x86_64 x86_64_ubuntu-18.04 (variant '')?
NOTE: Running task 7845 of 12431 (/meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_12.20.2.bb:do_unpack)
NOTE: recipe nodejs-12.20.2-r0: task do_unpack: Started
WARNING: nodejs-12.20.2-r0 do_prepare_recipe_sysroot: Manifest /BUILD/sstate-control/manifest-x86_64_ubuntu-18.04-nodejs-native.populate_sysroot not found in x86_64 x86_64_ubuntu-18.04 (variant '')?
NOTE: recipe nodejs-12.20.2-r0: task do_prepare_recipe_sysroot: Succeeded
if I rebuild that native dependency, then it gets fixed and I don't
see these failures in clean builds (as without sstate and with empty
TMPDIR), only in incremental builds
* but if there isn't valid reason for missing manifest file, then I think
it would be better to error early (or even bb.fatal())
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 95607a26854d873399d2b9d7e5fcbffc0cbdba4c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Stefan Ghinea [Tue, 23 Feb 2021 19:20:28 +0000 (21:20 +0200)]
wpa-supplicant: fix CVE-2021-0326
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write
due to a missing bounds check. This could lead to remote code execution
if the target device is performing a Wi-Fi Direct search, with no
additional execution privileges needed. User interaction is not needed
for exploitation.Product: AndroidVersions: Android-10 Android-11
Android-8.1 Android-9 Android ID: A-172937525
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b7940edabe100512e8f558cc37f9da836feae74d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Scott Murray [Mon, 22 Feb 2021 02:52:06 +0000 (21:52 -0500)]
screen: fix CVE-2021-26937
Apply patch from Debian to fix CVE-2021-26937.
Signed-off-by: Scott Murray <scott.murray@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d688cc8672b1830ba10966492ab3f8a12d32e17) Signed-off-by: Steve Sakoman <steve@sakoman.com>
License file had a number of new additions for new firmware but no
new licenses that didn't already exist.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit eab46e65feae24311f0ee0cd05b7ebb2e3b07363) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wang Mingyu [Mon, 22 Feb 2021 06:11:30 +0000 (14:11 +0800)]
openssl: upgrade 1.1.1i -> 1.1.1j
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a67635ca2c7a016efcf450e4011f2032883e995d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 26 Feb 2021 17:45:20 +0000 (17:45 +0000)]
selftest/reproducible: Don't call sync between each file compare
Calling sync between each file compare is horrible performance wise
as we compare thousands of files. We don't care about IO latency here
so disable.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 25f78abd8bbeb201fd9452e7983e015027954948) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 21 Nov 2020 10:50:07 +0000 (10:50 +0000)]
oeqa/commands: Fix compatibility with python 3.9
Python 3.9 dropped isAlive() so use the preferred is_alive().
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9bb06428cbb2ac0f3d98a1696f050d3393385503) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Andrei Gherzan [Thu, 18 Feb 2021 21:14:03 +0000 (21:14 +0000)]
oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised
`devtool` uses `copy_recipe_files` for the upgrade operation when
creating the new, workspace recipe. Before handling the copy operations,
the function checks the entry in `SRC_URI` against `FILE` while in turn
uses absolute paths. When BBLAYERS contains entries that are not
normalised, this check will fail resulting in having the recipe in the
workspace without the initial patches.
Signef-off-by: Robert Drab <robert.drab@huawei.com> Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 777fc24ab2c332954b56dac28cd9b3032808828c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Zbigniew Bodek [Fri, 19 Feb 2021 17:19:54 +0000 (02:19 +0900)]
wpebackend-fdo: Fix missing .so symlink when using dev package
Problem spotted on dunfell-23.0.4
Normally, unversioned .so is removed from -dev (default) package
however it is still being referred by other agents, such as webkitgtk.
That can be observed while executing i.e. Epiphany Browser.
For instance:
platformInitializeWebProcess()
calls
wpe_loader_init("libWPEBackend-fdo-1.0.so")
as a result one can see:
--------------------
wpe_loader_init could not load the library 'libWPEBackend-fdo-1.0.so':
libWPEBackend-fdo-1.0.so: cannot open shared object file:
No such file or directory
--------------------
"master" branch contains a bumped-up version of webkitgtk
to which this issue does not apply (the code has changed).
Forcefully keep this .so symlink to resolve the problem in dunfell.
Signed-off-by: Zbigniew Bodek <zbigniew.bodek@huawei.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Wes Lindauer [Thu, 18 Feb 2021 06:20:55 +0000 (01:20 -0500)]
df.py: Add feature check for read-only-rootfs
If the target is using a read-only rootfs, the available space on '/'
will be zero. This will cause the test to incorrectly fail and skipping
seems appropriate in this case.
Signed-off-by: Wes Lindauer <wesley.lindauer@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit af1dbea3c9b9b42a3e6803b231e425423d70e210) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Marek Vasut [Sun, 14 Feb 2021 14:40:45 +0000 (15:40 +0100)]
weston-init: Fix weston-keyboard path in weston.ini
The weston-keyboard executable is installed into /usr/libexec
instead of /usr/lib/weston , correct the path in weston.ini .
Signed-off-by: Marek Vasut <marex@denx.de> Cc: Khem Raj <raj.khem@gmail.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 56dee47a5ddb1da66d30f894a282d0658dcc930c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Thomas Viehweger [Sat, 13 Feb 2021 22:04:03 +0000 (23:04 +0100)]
mtd-utils: Remove duplicate assignments to alternative link names
The two duplicate lines are not needed. The existence is confusing.
Signed-off-by: Thomas Viehweger <patchesThomas.Vie@web.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 36bdb4faa90dc18bc020481eba82ee570b968c39) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Joshua Watt [Fri, 12 Feb 2021 16:51:57 +0000 (10:51 -0600)]
libomxil: Fix up commercial license flag
The commercial license flag on libomxil is set because it may include
the Adaptive Multi-Rate audio codec (AMR) using FFmepg, which is patent
encumbered.
It turns out this component is disabled by default in the recipe; add a
PACKAGECONFIG to enable it and trigger the "commercial" LICENSE_FLAGS on
it. This make the default build configuration clean unless a user
specifically asks for AMR support, and prevents them from marking the
recipe with the "commerical" flag unnecessarily which could hide
potential problems later on.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5f61e20002c2af93e2d6810574e23606925526ee) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Yoann Congal [Tue, 9 Feb 2021 15:53:46 +0000 (16:53 +0100)]
npm.bbclass: avoid building target nodejs for native npm recipes
The current recipe unconditionally RDEPENDS on nodejs (the target one).
When building on the "-native recipe" of "BBCLASSEXTEND native" recipe,
the target nodejs is unnecessarily built.
This patch fixes this by only RDEPENDS on nodejs when building for the target.
Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 92a9a86df9e3bcffb13d2f8b5dcbe7822170f734) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Vivien Didelot [Thu, 18 Feb 2021 22:42:02 +0000 (17:42 -0500)]
local.conf.sample.extended: prefer INIT_MANAGER
Since the INIT_MANAGER variable has been introduced, there is no need
to append the distro features and set the init manager manually.
Replace the busybox/mdev and systemd examples with the 4 values
currently supported for the INIT_MANAGER variable.
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 514454651522f97590d1403c50effd9c79df827a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Vivien Didelot [Tue, 16 Feb 2021 18:47:00 +0000 (13:47 -0500)]
local.conf.sample.extended: fix double 'of' typo
Remove the redundant 'of' word in the INITRAMFS_IMAGE comment.
Signed-off-by: Vivien Didelot <vdidelot@pbsc.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit de9544f4654510ac33821b7f170de3074205a221) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Thu, 18 Feb 2021 15:01:03 +0000 (15:01 +0000)]
groff: Fix determinism issue
Sometimes bison would regenerate source files and sometimes it would not
This is likely related to the patching of generated files by on of the
patches.
Drop those changes and force the files to regenerate in all cases since
we depend on bison-native anyway. This ensures the results are always
consistent.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4449fa226e94f7124215c5ead43aadda7967f3af) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 15 Feb 2021 23:46:06 +0000 (23:46 +0000)]
xmlto: Fix reproducibility
Don't hardcode the host's grep path into xmlto.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a7d78971df193c321c309481749fc30cae77788c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 17 Feb 2021 10:56:19 +0000 (10:56 +0000)]
xorg-minimal-fonts: Really fix determinism
My previous fix wasn't correct as the file timestamps do vary by git checkout
or modification time and aren't correct here. Instead use a specific
date/time for the files to be deterministic.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 725a30a30052540a4b7fc2933396fe9eb946eeac) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 15 Feb 2021 23:41:29 +0000 (23:41 +0000)]
xorg-fonts-minimal: Fix reproducibility
When installing the font files, preserve their timestamp rather than using
the current time which fixes reproducibility issues.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a0c4f4b0182a995f0eb2709cc9b3c852527ab936) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Tue, 16 Feb 2021 11:22:33 +0000 (11:22 +0000)]
watchdog: Avoid reproducibility failures after fixing build
Add some temporary bumps to versions to change the output hash so
the fix applies correctly. Can be dropped next time we update the
recipe and the output changes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 69205edcdff865048e55a6b7feaf82064ebc10c5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 15 Feb 2021 21:34:25 +0000 (21:34 +0000)]
watchdog: Fix determinism issue from sendmail host path
The build was injecting the path of the host's sendmail binary. Set
this deterministically to match OE's path for it.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 476328b91ea4417160580d28df4fcc1147d85ae2) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 15 Feb 2021 23:32:04 +0000 (23:32 +0000)]
vim: Fix a race over creation of the desktop files
The LINGUAS file can be written by two different Makefile targets
and if they race, the desktop file contents isn't deterministic.
Fix the makfile to avoid this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 416bc7b697764075fbf73683cd8bddf36d839244) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 14 Feb 2021 13:29:11 +0000 (13:29 +0000)]
vim: Improve determinism
Add a couple of configure options to avoid determism issues in the vim build.
This can happen due to the addition of glib-2.0 to the native sysroot through
later task additions to the sysroot through indirect dependencies.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 914f86054f5ea0a115767c1b3d9cdb4c4ef9545b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 14 Feb 2021 12:05:10 +0000 (12:05 +0000)]
cwautomacros: Ensure version is set deterministically
The makefile injects the current date into the version file. Do this
deterministically with SOURCE_DATE_EPOCH.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 31f2ad739ea776a1e11b5cef5434df188007c7bf) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Teoh Jay Shen [Thu, 18 Feb 2021 05:21:01 +0000 (13:21 +0800)]
oeqa/runlevel : add test for runlevels
This test mimic the boot_from_runlevel_3 and boot_from_runlevel_5 test cases from oeqa/manual/bsp-hw.json.
The boot_from_runlevel_3 and boot_from_runlevel_5 manual test cases should be remove from oeqa/manual/bsp-hw.json if this patch get merged.
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6effd30f0e3726bc1f2eb7768c57c6b95eddb079) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Joshua Watt [Sun, 14 Feb 2021 19:12:58 +0000 (13:12 -0600)]
oeqa: reproducible: Add more logging
The reproducible build tests can take a long time, so having more
logging messages at various points in the build can help debug where the
build is taking a long time.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6b792afe8759d62af8e713b86dad8f6721961a05) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 14 Feb 2021 14:41:13 +0000 (14:41 +0000)]
buildtools-extended-tarball: Add glibc-gconvs needed for build
When building vim it tries to rebuild files using iconv. If this fails
the build continues anyway but the output is not determnistic as builds
using a hosttools tarball are different from builds where there isn't a
hosttools tarball. Add the needed gconvs to the tarball when iconv is
present to become determistic and generate vim locales consistently.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b945652a088f430a2adec6b968cd00c5928d4272) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sun, 14 Feb 2021 14:40:04 +0000 (14:40 +0000)]
quilt: Be determnistic about column presence
I've seen local differences in the quilt output depending on whether the column
binary was available in the sysroot. Fix determinism issues by being specific
about configuration.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0cd5fba8634bcc679518f98cc25be66a51081372) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Thu, 18 Feb 2021 03:59:37 +0000 (22:59 -0500)]
linux-yocto/5.4: update to v5.4.98
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
5b9a4104c902 Linux 5.4.98 3654a0ed0bdc squashfs: add more sanity checks in xattr id lookup d78a70667738 squashfs: add more sanity checks in inode lookup a814355e7057 squashfs: add more sanity checks in id lookup 848bcb0a1d96 Fix unsynchronized access to sev members through svm_register_enc_region 78e2f71b89b2 bpf: Fix 32 bit src register truncation on div/mod 8589eda99cb1 regulator: Fix lockdep warning resolving supplies 513fee2aee13 blk-cgroup: Use cond_resched() when destroy blkgs d1eb41833408 i2c: mediatek: Move suspend and resume handling to NOIRQ phase 618b65dbde7a SUNRPC: Handle 0 length opaque XDR object data properly 19b56e8433e7 SUNRPC: Move simple_get_bytes and simple_get_netobj into private header fa758032a546 iwlwifi: mvm: guard against device removal in reprobe 2fa76f19dc15 iwlwifi: mvm: invalidate IDs of internal stations at mvm start c82793ef4f3b iwlwifi: pcie: fix context info memory leak b301eaf27f86 iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap 01742ade9286 iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time() 8f630ed7e98e iwlwifi: mvm: skip power command when unbinding vif during CSA 589cf152fe47 ASoC: ak4458: correct reset polarity e96d10250227 pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() a5c70e57c4c1 chtls: Fix potential resource leak 8b6d5013cd70 ASoC: Intel: Skylake: Zero snd_ctl_elem_value db272cd2bc9e mac80211: 160MHz with extended NSS BW in CSA 26548561cb92 regulator: core: avoid regulator_resolve_supply() race condition 03d76df5f164 af_key: relax availability checks for skb size calculation 968b1b034136 tracing/kprobe: Fix to support kretprobe events on unloaded modules 5e1942063dc3 Linux 5.4.97 40af962eb1d4 usb: host: xhci: mvebu: make USB 3.0 PHY optional for Armada 3720 76ab33055fbc net: sched: replaced invalid qdisc tree flush helper in qdisc_replace e65d331755de net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add 5d3007b6cc7b net: ip_tunnel: fix mtu calculation 90d7459d24b8 neighbour: Prevent a dead entry from updating gc_list 271ea7072901 igc: Report speed and duplex as unknown when device is runtime suspended 7018edb19a92 md: Set prev_flush_start and flush_bio in an atomic way e857e21eb200 iommu/vt-d: Do not use flush-queue when caching-mode is on 5fdf672759e9 Input: xpad - sync supported devices with fork on GitHub 03d56dab56ae iwlwifi: mvm: don't send RFH_QUEUE_CONFIG_CMD with no queues 2d5705150707 x86/apic: Add extra serialization for non-serializing MSRs bc1a3aeeff0f x86/build: Disable CET instrumentation in the kernel 40d0fff29761 mm: thp: fix MADV_REMOVE deadlock on shmem THP 56d61cd652dd mm, compaction: move high_pfn to the for loop scope 90ef21e5806f mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active af5508b1e862 mm: hugetlb: fix a race between isolating and freeing page 3264a763174f mm: hugetlb: fix a race between freeing and dissolving the page 108f56ed354f mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page 75be4852490f ARM: footbridge: fix dc21285 PCI configuration accessors b2640b08c43c KVM: x86: Update emulator context mode if SYSENTER xfers to 64-bit mode 6d3201c77be5 KVM: SVM: Treat SVM as unsupported when running as an SEV guest f9be9445e494 nvme-pci: avoid the deepest sleep state on Kingston A2000 SSDs f9034fcb27c0 drm/amd/display: Revert "Fix EDID parsing after resume from suspend" 6844143e2198 mmc: core: Limit retries when analyse of SDIO tuples fails 68c825bd2726 smb3: fix crediting for compounding when only one request in flight eaf2f835b52c smb3: Fix out-of-bounds bug in SMB2_negotiate() 00f581964b66 cifs: report error instead of invalid when revalidating a dentry fails fd6dc98f66ef xhci: fix bounce buffer usage for non-sg list case f6a47f2ce090 genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set c9654bbe52b5 libnvdimm/dimm: Avoid race between probe and available_slots_show() d0f36951ead4 kretprobe: Avoid re-registration of the same kretprobe earlier e80f9021d5be fgraph: Initialize tracing_graph_pause at task creation efa17285b338 mac80211: fix station rate table updates on assoc ecdd962c4b9b ovl: fix dentry leak in ovl_get_redirect 6b9a2e5c0c42 usb: host: xhci-plat: add priv quirk for skip PHY initialization ddc682d33024 usb: xhci-mtk: break loop when find the endpoint to drop 32410786279f usb: xhci-mtk: skip dropping bandwidth of unchecked endpoints f4e4f067f94c usb: xhci-mtk: fix unreleased bandwidth data 1f9e9c1048b8 usb: dwc3: fix clock issue during resume in OTG mode 9d058a06149b usb: dwc2: Fix endpoint direction check in ep_from_windex 2a968ab0d2dd usb: renesas_usbhs: Clear pipe running flag in usbhs_pkt_pop() 4d1d959348c1 USB: usblp: don't call usb_set_interface if there's a single alt 522567fe540d USB: gadget: legacy: fix an error code in eth_bind() e57d70c59bb7 memblock: do not start bottom-up allocations with kernel_end 7e6dcaeadc0e nvmet-tcp: fix out-of-bounds access when receiving multiple h2cdata PDUs f1c87b4b2c7b ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode d97a821b2e9c r8169: fix WoL on shutdown if CONFIG_DEBUG_SHIRQ is set c545879e8080 net: mvpp2: TCAM entry enable should be written after SRAM data bf0507fb2073 net: lapb: Copy the skb before sending a packet 1cef1d46add8 net/mlx5: Fix leak upon failure of rule creation 67b7f73bbe3f i40e: Revert "i40e: don't report link up for a VF who hasn't enabled queues" 6380ef64b9eb igc: check return value of ret_val in igc_config_fc_after_link_up ec68581f7479 igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr 5ce999efcaa7 arm64: dts: ls1046a: fix dcfg address range 68e798fa3c0e rxrpc: Fix deadlock around release of dst cached on udp tunnel 98650c3d0e33 um: virtio: free vu_dev only with the contained struct device 02531b5549eb bpf, cgroup: Fix problematic bounds check 9146fffc5d2a bpf, cgroup: Fix optlen WARN_ON_ONCE toctou 4921f81ce65a arm64: dts: rockchip: fix vopl iommu irq on px30 831132b13f0d arm64: dts: amlogic: meson-g12: Set FL-adj property value 829bf438cb39 Input: i8042 - unbreak Pegatron C15B 0d6e0a192e2e arm64: dts: qcom: c630: keep both touchpad devices enabled 96dcfabef504 USB: serial: option: Adding support for Cinterion MV31 5ad95c521fd5 USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 dfa820563c67 USB: serial: cp210x: add pid/vid for WSDA-200-USB
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98bb6a3cb528abe02b6edc291d05e240985ca80e) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bruce Ashfield [Thu, 18 Feb 2021 03:59:35 +0000 (22:59 -0500)]
linux-yocto/5.4: update to v5.4.96
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
d4716ee8751b Linux 5.4.96 b1a1c262e4b0 workqueue: Restrict affinity change to rescuer 5b1e4fc2984e kthread: Extract KTHREAD_IS_PER_CPU 2d7ca4a84b58 objtool: Don't fail on missing symbol table 88240f7ac221 drm/amd/display: Change function decide_dp_link_settings to avoid infinite looping 53c10bbf9186 drm/amd/display: Update dram_clock_change_latency for DCN2.1 c6eb3dfdac44 selftests/powerpc: Only test lwm/stmw on big endian 805e9cdb5793 nvme: check the PRINFO bit before deciding the host buffer length 8e59209d53c9 udf: fix the problem that the disc content is not displayed 2d1593543418 ALSA: hda: Add Cometlake-R PCI ID c03ecc192c8e scsi: ibmvfc: Set default timeout to avoid crash during migration 02cc1ee3e8d1 mac80211: fix fast-rx encryption check efd061fc77f3 ASoC: SOF: Intel: hda: Resume codec to do jack detection e0f1ba38f788 scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 935fa0d5a5c5 scsi: libfc: Avoid invoking response handler twice if ep is already completed 335bbffdd90c scsi: scsi_transport_srp: Don't block target in failfast state b1f680ffc25b x86: __always_inline __{rd,wr}msr() d1aed452c05f platform/x86: intel-vbtn: Support for tablet mode on Dell Inspiron 7352 c99ac7213638 platform/x86: touchscreen_dmi: Add swap-x-y quirk for Goodix touchscreen on Estar Beauty HD tablet 6f705e80fb87 phy: cpcap-usb: Fix warning for missing regulator_disable fd4c12f31209 net_sched: gen_estimator: support large ewma log 27afc7128345 btrfs: backref, use correct count to resolve normal data refs 66bcf5f6f989 btrfs: backref, only search backref entries from leaves of the same root c3089b06d6fe btrfs: backref, don't add refs from shared block when resolving normal backref 21a0c97fb27c btrfs: backref, only collect file extent items matching backref offset 1960c3d40b69 tcp: make TCP_USER_TIMEOUT accurate for zero window probes 55cb8e232f9a arm64: Do not pass tagged addresses to __is_lm_address() b28387cf8f1c arm64: Fix kernel address detection of __is_lm_address() 11084836e5fb ACPI: thermal: Do not call acpi_thermal_check() directly 1410d2b68207 Revert "Revert "block: end bio with BLK_STS_AGAIN in case of non-mq devs and REQ_NOWAIT"" 5e8776df14fa ibmvnic: Ensure that CRQ entry read are correctly ordered bc4e7277cc93 net: switchdev: don't set port_obj_info->handled true when -EOPNOTSUPP 9edebe46010c net: dsa: bcm_sf2: put device node before return e89428970c23 Linux 5.4.95 e7aeca61cb9b tcp: fix TLP timer not set when CA_STATE changes from DISORDER to OPEN 3e93b9efc3bb team: protect features update by RCU to avoid deadlock 489e35c6829a ASoC: topology: Fix memory corruption in soc_tplg_denum_create_values() 9a4d367b2783 NFC: fix possible resource leak c929c76e98b0 NFC: fix resource leak when target index is invalid b2f4a59a2216 rxrpc: Fix memory leak in rxrpc_lookup_local 6d25d788efa4 iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built 66f4f98ee363 iommu/vt-d: Gracefully handle DMAR units with no supported address widths 0551a2fd456c selftests: forwarding: Specify interface when invoking mausezahn e4405451dd6e nvme-multipath: Early exit if no path is available 64a4ec1850f7 can: dev: prevent potential information leak in can_fill_info() 4dc2395d8f14 net/mlx5e: Reduce tc unsupported key print level a66705277baf net/mlx5e: E-switch, Fix rate calculation for overflow dbc13deeec6a net/mlx5: Fix memory leak on flow table creation error flow 02ef126a002d igc: fix link speed advertising 873d1a4740d6 i40e: acquire VSI pointer only after VF is initialized cf9276211563 mac80211: pause TX while changing interface type 46c67a4c1a76 iwlwifi: pcie: reschedule in long-running memory reads 563daf7c0f4a iwlwifi: pcie: use jiffies for memory read spin time limit f39fce916a7b pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() a3c5fec1e09f ASoC: Intel: Skylake: skl-topology: Fix OOPs ib skl_tplg_complete 748c2cd57615 RDMA/cxgb4: Fix the reported max_recv_sge value 72797bfc5f77 firmware: imx: select SOC_BUS to fix firmware build 347feca03881 ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status f7c6e6c9b62c arm64: dts: ls1028a: fix the offset of the reset register 78fc9ef35d18 xfrm: Fix wraparound in xfrm_policy_addr_delta() f5e7db4fcd38 selftests: xfrm: fix test return value override issue in xfrm_policy.sh dac256de1fe2 xfrm: fix disable_xfrm sysctl when used on xfrm interfaces a7edea0fe85a xfrm: Fix oops in xfrm_replay_advance_bmp deb8d5dfeb63 netfilter: nft_dynset: add timeout extension to template 347a1a20b195 ARM: imx: build suspend-imx6.S with arm instruction set 61bdab3d770b xen-blkfront: allow discard-* nodes to be optional 65543408f257 tee: optee: replace might_sleep with cond_resched ad3d896ef55c drm/i915: Check for all subplatform bits 59546420c51b drm/nouveau/svm: fail NOUVEAU_SVM_INIT ioctl on unsupported devices 37ef9b59f479 mt7601u: fix rx buffer refcounting 77771158182f mt7601u: fix kernel crash unplugging the device 2c4f52b9cddf arm64: dts: broadcom: Fix USB DMA address translation for Stingray 6aceac245059 leds: trigger: fix potential deadlock with libata 2c7b4b25293a xen: Fix XenStore initialisation for XS_LOCAL 632a7728da9b KVM: Forbid the use of tagged userspace addresses for memslots ba668a507788 KVM: x86: get smi pending status correctly ff5f6de29faf KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration 2fc14cafefb3 KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh() c547d39feb65 KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] e1ae9aab8029 btrfs: fix possible free space tree corruption with online conversion d30cb3d348b8 drivers: soc: atmel: add null entry at the end of at91_soc_allowed_list[] 082dc611fdc8 drivers: soc: atmel: Avoid calling at91_soc_init on non AT91 SoCs 53fd4e4003a6 PM: hibernate: flush swap writer after marking 7f9a267c67af s390/vfio-ap: No need to disable IRQ after queue reset 9077bc37d2d1 net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family 8aba60ebcfc3 wext: fix NULL-ptr-dereference with cfg80211's lack of commit() 720032d3dc84 ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming b24dc0aa7e9b media: rc: ensure that uevent can be read directly after rc device register 5d6fd0357057 ALSA: hda/via: Apply the workaround generically for Clevo machines f78803928481 ALSA: hda/realtek: Enable headset of ASUS B1400CEPE with ALC256 8de2109f4670 kernel: kexec: remove the lock operation of system_transition_mutex 93603a27fc31 ACPI: sysfs: Prefer "compatible" modalias 587c6b75d7fd nbd: freeze the queue while we're adding connections b8fcb8f53995 IPv6: reply ICMP error if the first fragment don't include all headers 1f58e378a17e ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b39a6de2c1175e4554c688a44c905c24367fa57a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Chris Laplante [Tue, 29 Sep 2020 15:57:46 +0000 (11:57 -0400)]
cve-check: add CVE_CHECK_REPORT_PATCHED variable to suppress reporting of patched CVEs
Default behavior is not changed. To suppress patched CVEs, set:
CVE_CHECK_REPORT_PATCHED = ""
Signed-off-by: Chris Laplante <chris.laplante@agilent.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 05bd9f1f006cf94cf5324f96df29cd5862abaf45) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Chris Laplante <chris.laplante@agilent.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0d40f1482c6d87785ae47c46c2305e1df46f459a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Mon, 15 Feb 2021 20:52:57 +0000 (20:52 +0000)]
pseudo: Update to include fixes for glibc 2.33
Pull in the changes:
makewrappers: Fix glibc 2.33 fstatat usage issues
ports/linux: Add wrapper for fstatat/fstatat64 in glibc 2.33
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dfcb1c5eb2690046f96c2bb6724e091028ddc3ec) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Fri, 12 Feb 2021 15:32:38 +0000 (15:32 +0000)]
pseudo: Update for rename and faccessat fixes
Pull in:
ports/rename/renameat: Avoid race when renaming files
ports/unix: Add faccessat and faccessat2
ports/access.c: Use EACCES, not EPERM
which includes a fix for rename race issues causing pseudo aborts.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 330c232e4f756296331f9026e91ac26fd45f0315) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Wed, 3 Feb 2021 23:41:16 +0000 (23:41 +0000)]
pseudo: Update to work with glibc 2.33
Update to a pseudo version which contains some heqader fixes for
glibc 2.33.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c897ac317926b132547578b1f6bd347fe5677dfc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Khem Raj [Tue, 17 Nov 2020 22:02:57 +0000 (14:02 -0800)]
python3targetconfig.bbclass: Make py3 dep and tasks only for target recipes
python3targetconfig append target python3 to dependencies
unconditionally, and here its inherited unconditionally too but
distutils3-base is inherited in BBCLASSEXTEND'ed recipes and other not-target
recipes as well. Hence the change added via 9c8f666097802cb594a759989edcf01603a22df3
is now bridging the native dependencies with target python3 and thats
resulting all sorts of rebuilds for multimachine builds e.g.
Therefore limit effects of this class only for target recipes.
Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Alexander Kanavin <alex.kanavin@gmail.com> Cc: Martin Jansa <Martin.Jansa@gmail.com> Cc: Jose Quaresma <quaresma.jose@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c99bb79087e74a967286469e1d8888a546ebec83) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38ecb83c444406b5157712d87aef3bbb320b45ec) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d3a81dd0e72a3495bfc7cc969c2bb806b666023d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9c8f666097802cb594a759989edcf01603a22df3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dadf001c85938b831def8da5851a40dc0977e3d0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
python3: split python target configuration into own class
Setting _PYTHON_SYSCONFIGDATA_NAME in python3native class globally was
problematic as it was leaking into host python environment, which
was causing tracebacks depending on host distro and action
(typically anything involving importing sysconfig module).
The new class sets the variable only in specific tasks where it is needed,
and should be inherited explicitly:
- use python3native to run scripts with native python
- use python3targetconfig to run scripts with native python
if those scripts need to access target config data (such
as correct installation directories). This also adds a dependency
on target python, so should be used carefully to avoid lengthening builds.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5a118d4e7985fa88f04c3611f8db813f0dafce75) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Release notes:
Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook
anchor: Prefer persistent format when storing anchor [#329]
common: Fix infloop in p11_path_build [#326, #327]
proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [#325]
common: Check for a NULL locale before freeing it [#321]
Build and test fixes [#313, #315, #317, #318, #319, #323, #330, #333, #334, #335, #338, #339]
https://github.com/p11-glue/p11-kit/commit/c4e75e10021ce86ab42682ea4936dce94ced2f77
patch to fix trailing newline using custom_target() caused error
with DISTRO_FEATURES api-documentation due to meson bugs, enable
manpages PACKAGECONFIG should prevent this error.
| warning: failed to load external entity "../version.xml"
| ../p11-kit-docs.xml:11: parser error : Failure to process entity version
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| ../p11-kit-docs.xml:11: parser error : Entity 'version' not defined
| <releaseinfo>for p11-kit &version;</releaseinfo>
| ^
| unable to parse ../p11-kit-docs.xml
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b112ba291835061640123c13784e2b33cc73f17d)
[0.23.x is an lts release, bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e811db2f614500f16415fc09801f229968428e7)
[0.23.x is an lts release, bug fix only update] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Tue, 9 Feb 2021 13:15:24 +0000 (13:15 +0000)]
opkg: Fix patch glitches
The original patch contained some text which shouldn't have been there
and used brackets in configure which isn't a great idea. Tweak the patch
to resolve this.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 63cbf187fe189c99645fe3afee8a6361a9a32cdc) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Tue, 2 Feb 2021 23:45:18 +0000 (23:45 +0000)]
opkg: Fix build reproducibility issue
A build date was leaking into the generated docs and makefile used for
ptests leading to reproducibility issues each time the month changed.
Add a patch to use SOURCE_DATE_EPOCH to derive it if available.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6a9ca7aec4991eabd425e32fdf85f51bb1686b8b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Martin Jansa [Fri, 5 Feb 2021 19:22:34 +0000 (20:22 +0100)]
image_types.bbclass: tar: use posix format instead of gnu
* gnu isn't compatible with --xattrs used e.g. here:
https://github.com/advancedtelematic/meta-updater/blob/d3a832f66e8802cb45536ff278d5c77f946d341d/classes/image_types_ostree.bbclass#L16
causing do_image_tar failing with:
| tar: --xattrs can be used only on POSIX archives
| Try 'tar --help' or 'tar --usage' for more information.
* https://www.gnu.org/software/tar/manual/html_chapter/tar_8.html
says about posix format:
This is the most flexible and feature-rich format.
It does not impose any restrictions on file sizes or file name lengths.
This format is quite recent, so not all tar implementations are able to handle it properly.
However, this format is designed in such a way that any tar implementation able to read `ustar'
archives will be able to read most `posix' archives as well, with the only exception that any
additional information (such as long file names etc.) will in such case be extracted as plain
text files along with the files it refers to.
This archive format will be the default format for future versions of GNU tar.
and:
The default format for GNU tar is defined at compilation time.
You may check it by running tar --help, and examining the last lines of its output.
Usually, GNU tar is configured to create archives in `gnu' format, however, future version will switch to `posix'.
* I've compared tar on centos7 and ubuntu-18.04:
bash-4.2$ cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
bash-4.2$ tar --version
tar (GNU tar) 1.26
...
bash-4.2$ tar --help | tail -n 5
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/etc/rmt
--rsh-command=/usr/bin/ssh
...
bitbake@e0ee76f81c2f:/$ grep VERSION /etc/os-release
VERSION="18.04.5 LTS (Bionic Beaver)"
VERSION_ID="18.04"
VERSION_CODENAME=bionic
bitbake@e0ee76f81c2f:/$ tar --version
tar (GNU tar) 1.29
...
bitbake@e0ee76f81c2f:/$ tar --help | tail -n 5
...
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/usr/lib/tar/rmt
--rsh-command=/usr/bin/rsh
Both support posix format (as pax POSIX 1003.1-2001). But centos7 version is
already too old anyway, because it doesn't support --sort=name used since:
https://git.openembedded.org/openembedded-core/commit/?id=4fa68626bbcfd9795577e1426c27d00f4d9d1c17
and
https://git.openembedded.org/openembedded-core/commit/?id=f19e43dec63a86c200e04ba14393583588550380
says that 1.28 is the minium version now and
https://git.openembedded.org/openembedded-core/commit/?id=7a66434cf11b7f051699b774e4fccd6738351368
recommends to use install-buildtools for hosts with tar < 1.28
On the other side latest tumbleweed from:
https://hub.docker.com/r/opensuse/tumbleweed
with tar-1.33 alredy defaults to posix format:
b99dbb3d86dd:/ # head -n 3 /etc/os-release
NAME="openSUSE Tumbleweed"
ID="opensuse-tumbleweed"
b99dbb3d86dd:/ # tar --version
tar (GNU tar) 1.33
...
b99dbb3d86dd:/ # tar --help | tail -n 3
*This* tar defaults to:
--format=posix -f- -b20 --quoting-style=escape --rmt-command=/usr/bin/rmt
--rsh-command=/usr/bin/ssh
I've packaged some sample rootfs directory with both tars and the result is
identical (with --format=gnu as well as --format=posix).
with ubuntu:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.ubuntu.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.ubuntu.posix.tar -C rootfs .
tumbleweed:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.tumbleweed.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.tumbleweed.posix.tar -C rootfs .
centos7 (without --sort=name):
tar --format=gnu --numeric-owner -cf rootfs.centos7.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --format=posix --numeric-owner -cf rootfs.centos7.posix.tar -C rootfs .
size is identical:
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 09:19 rootfs.ubuntu.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 10:17 rootfs.centos7.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb 5 10:26 rootfs.tumbleweed.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:15 rootfs.ubuntu.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:16 rootfs.centos7.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb 5 10:26 rootfs.tumbleweed.posix.tar
so cannot really say which format is better for reproducible tar
archives from different distros, but posix at least supports xattrs
and it's the format for future.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ecea58f2a3382d9f4b410d6ad7089111334cb6f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 30 Jan 2021 17:57:13 +0000 (17:57 +0000)]
image_types: Ensure tar archives are reproducible
The tar output seems to vary depending on the version of tar used and distro
configuration. Be explict about the output format to avoid this and be
determinstic.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c56f3c9febc1732aa1302524c6c4da36f16bd1f7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8b5d932a42ce9e3e801837bea9cf319c455d9ae5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Lee Chee Yang [Thu, 4 Feb 2021 00:29:44 +0000 (08:29 +0800)]
wic/selftest: test_permissions also test bitbake image
existing test case test_permissions use Wic command as standalone
tools to create wic image and check that wic image for permissions.
add extra steps to the test case to also check against image build
using bitbake do_image_wic.
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 551ce73a90757ba43501fe5cf9ac84a7b77de549) Signed-off-by: Steve Sakoman <steve@sakoman.com>
sstatesig: Add descriptive error message to getpwuid/getgrgid "uid/gid not found" KeyError
If path is not owned by any user installed on target it gives
insufficient error "getpwuid(): uid not found" which may be misleading.
This exception occurs if uid/gid of path was not found in PSEUDO_PASSWD
files, which simply means the path is owned by host user and there is
host user contamination.
Add more information to the exception message to make it easier for user
to debug.
[YOCTO #14031]
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38540b59ed4ec8632e30a5fd6364b010d9da8470) Signed-off-by: Steve Sakoman <steve@sakoman.com>
lib/oe/patch.py: Ignore scissors line on applying patch
The "devtool modify" could remove message body before scissors line, so
patches re-generated from git tree were incorrectly modified.
Adding --no-scissors to "git am" invocation to prevent this behaviour.
[YOCTO #12674]
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 13ea33fbd197b9ee3cf913d9995617115f22798f) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Sourabh Banerjee [Tue, 13 Oct 2020 16:45:10 +0000 (22:15 +0530)]
layer.conf: fix sanity error for PATH variable in extensible SDK workflow
Sanity checker reports following error for the PATH variable,
when bitbake -e <recipe> command is run in an extensible SDK workspace.
PATH contains '.', './' or '' (empty element), which will break the build
In case of extensible SDK, PATH variable is formed with two consecutive ':'
as bb.utils.which(d.getVar('PATH'),'bitbake') call returns an empty string.
This change adds ':' if BITBAKEPATH is a non empty string.
Signed-off-by: Sourabh Banerjee <sbanerje@codeaurora.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 05a87be51b44608ce4f77ac332df90a3cd2445ef) Signed-off-by: Steve Sakoman <steve@sakoman.com>
Richard Purdie [Sat, 30 Jan 2021 14:18:32 +0000 (14:18 +0000)]
qemu.inc: Should depend on qemu-system-native, not qemu-native
This looks like it was from before the recipe was split, we'd expect
the system qemu mode for running the images so the dependency should be
updated.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3a4fed4ae0e8a0d1bd62ea5fa1ef12925e1f20f5) Signed-off-by: Steve Sakoman <steve@sakoman.com>
python3: Use addtask statement instead of task dependencies
The externalsrc class deletes do_patch task which results with:
| ERROR: Task do_create_manifest in <PATH>/python3_3.8.2.bb depends upon
| non-existent task do_patch in <PATH>/python3_3.8.2.bb
Use addtask to define correct order to prevent this error, since addtask
mechanism accepts deleted tasks.
[YOCTO #14151]
Signed-off-by: Tomasz Dziendzielski <tomasz.dziendzielski@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a746d034fa7eaad4f4876fa61c5a8c3c15e211c8) Signed-off-by: Steve Sakoman <steve@sakoman.com>
