Changqing Li [Tue, 22 Oct 2019 02:47:11 +0000 (10:47 +0800)]
sudo: fix CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer
account can bypass certain policy blacklists and session PAM modules,
and can cause incorrect logging, by invoking sudo with a crafted user
ID. For example, this allows bypass of !root configuration, and USER=
logging, for a "sudo -u \#$((0xffffffff))" command.
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4e11cd561f2bdaa6807cf02ee7c9870881826308) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tom Benn [Thu, 17 Oct 2019 10:20:04 +0000 (10:20 +0000)]
dbus: update dbus-1.init to reflect new PID file
The PID file referenced in dbus-1.init script was out of date and no longer existed. This meant that dbus could not be restarted via init.d without force removing the old PID file.
Signed-off-by: fridgecow <fridgecow@fb.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 2ed6f06f30cb54b9c70f1a92d93c920ec4d01ffe) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Yi Zhao [Tue, 15 Oct 2019 07:42:12 +0000 (15:42 +0800)]
libgcrypt: fix CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)
icecc: Export ICECC_CC and friends via wrapper-script
By exporting ICECC_CC, ICECC_CXX, and ICECC_VERSION in a wrapper-script,
and putting this wrapper-script in the PATH, the Makefiles generated by CMake or
the autotools are able to function correctly outside of bitbake.
This provides a convenient developer workflow in which the
modify-compile-unittest cycle can happen directly in the ${B} directory.
The `rm -f $ICE_PATH/$compiler` line is transitional,
and can go at some later date (October 2020 or later, perhaps).
Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 40d74cb1d0ddce930267e49764cacb263b244091) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Thu, 17 Oct 2019 11:29:44 +0000 (12:29 +0100)]
python3: -dev should depend on distutils
python3-config uses distutils:
Traceback (most recent call last):
File "/usr/bin/python3-config", line 9, in <module>
from distutils import sysconfig
ModuleNotFoundError: No module named 'distutils'
Add the dependency so that distutils is always present.
[ YOCTO #13592 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 04136dbac48986dce5b2b872b2c0b46c673c44f2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes:
# decode-dimms
Can't locate Carp.pm in @INC (you may need to install the Carp module) (@INC contains: /usr/lib/perl5/site_perl/5.28.1/x86_64-linux /usr/lib/perl5/site_perl/5.28.1 /usr/lib/perl5/vendor_perl/5.28.1/x86_64-linux /usr/lib/perl5/vendor_perl/5.28.1 /usr/lib/perl5/5.28.1/x86_64-linux /usr/lib/perl5/5.28.1 .) at /usr/lib/perl5/5.28.1/Tie/Hash.pm line 190.
BEGIN failed--compilation aborted at /usr/lib/perl5/5.28.1/Tie/Hash.pm line 190.
Compilation failed in require at /usr/lib/perl5/5.28.1/x86_64-linux/POSIX.pm line 505.
Compilation failed in require at /usr/bin/decode-dimms line 41.
BEGIN failed--compilation aborted at /usr/bin/decode-dimms line 41.
root@qt5222:~# apt-get install perl-module-carp
Signed-off-by: Ricardo Ribalda Delgado <ricardo@ribalda.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c73d2a2c0ecc99f0d6d7e6a1861ecce7a2312a57) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Fri, 18 Oct 2019 11:28:19 +0000 (12:28 +0100)]
file: explicitly disable seccomp
file will automatically enable seccomp if the seccomp headers are available, but
the build will fail on Opensuse Tumbleweed because the include paths are wrong.
Enabling seccomp is a bad idea because it interacts badly with pseudo (causing
build failures), so explicitly and globally disable seccomp.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a752faa152df031df5acaa40491299ac115109a4) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Eugene Smirnov [Fri, 18 Oct 2019 11:16:14 +0000 (13:16 +0200)]
wic/rawcopy: Support files in sub-directories
If the source file is located in a subdirectory of DEPLOY_DIR
rawcopy will currently fail in sparse_copy function on
open(dst_fname, 'wb'), as the parent directory for destination
file does not exist.
This patch helps to avoid that by recursively creating
parent directories.
Signed-off-by: Eugene Smirnov <evgenii.smirnov@here.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 073c435644091c2801e45c6d02afa917de575082) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Stefan Agner [Fri, 11 Oct 2019 09:06:59 +0000 (11:06 +0200)]
uninative: check .done file instead of tarball
In case multiple builds share UNINATIVE_DLDIR's location, one build
might be in the process of downloading the tarball while another is
just checking whether the tarball exists. Check for the done file
instead and rely on the fetchers lockfile mechanism in case two
builds are running.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a1c95580549cb4f77601e62c7f026b19c752d853) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Mon, 14 Oct 2019 11:42:57 +0000 (12:42 +0100)]
sanity: check the format of SDK_VENDOR
If SDK_VENDOR isn't formatted as -foosdk and is instead for example -foo-sdk
then the triple that are constructed are not in fact triples, which results in
mysterious compile errors.
Check in sanity.bbclass so this failure is detected early.
[ YOCTO #13573 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b0efd8d4d0dbc30e6505b42f5603f18fa764d732) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Joerg Vehlow [Fri, 11 Oct 2019 06:03:57 +0000 (08:03 +0200)]
runqemu: Remove disabling of high resolution timer
The option 'highres=off' sneaked itself into the runqemu script for all
configurations, where the root filesystem type is not 'cpio' or 'cpio.gz'.
See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=13590
runqemu: unset another environment variable for 'egl-headless'
Some host distributions (opensuse for example) are using 'pkgconf',
which, unlike the original pkg-config, appends PKG_CONFIG_SYSROOT_DIR
to every directory from the .pc file.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Richard Purdie [Wed, 9 Oct 2019 17:02:31 +0000 (18:02 +0100)]
readline-native: Fix builds on tumbleweed
OpenSuse's libreadline has extra symbol information which upsets our uninative
loader as our libreadline is missing symbols with the appropriate versions.
The simplest solution is to add the version information as they're harmless.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If this test fails then the output doesn't help in any meaningful way, so
improve the test to output the unparsable JSON and display unexpected output.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 8 Oct 2019 10:46:04 +0000 (11:46 +0100)]
bluez5: add needed character encoding for ptests
The test-gobject-header test suite needs UTF-16 encoding:
test_decode_header_name_ascii:
assertion failed (err == NULL):
Unicode conversion failed:
Conversion from character set ?UTF-16BE? to ?UTF-8? is not supported (g-obex-error-quark, 256)
Add gconv-utf-16 to the bluez5-ptest RDEPENDS.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Tue, 8 Oct 2019 05:06:29 +0000 (22:06 -0700)]
perl: Handle PACKAGES_DYNAMIC for perl-native
A perl module recipe extending to provide native version causes target
perl dependencies to be pulled into native build if the module recipe
has RDEPENDS_${PN} = "perl-module-XXXX" e.g. libxml-sax-base-perl
recipe.
The reason is that native bbclass empties out PACKAGES_DYNAMIC and
perl's PACKAGES_DYNAMIC_class-target is greedy enough to usurp native
modules as well.
Eventually we end up with errors like when sstate is used across
machines
* ERROR: libxml-sax-base-perl-native different signature for task do_populate_sysroot.sigdata between qemux86copy and qemuarm
Therefore, to fix this native case needs to handled specially when
re-assigning module dependencies in split_perl_packages(), where the
modules are named correctly for native case and have a single dependency
on perl-native, secondly, PACKAGES_DYNAMIC for target case needs to be
reined in to spare, -native modules, thirdly, let perl-native take over
the case for providing native modules
This will fix several sstate signature errors like above with external
perl modules providing native variants and having runtime dependencies on
modules which are provided by perl proper
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
systemd.bbclass: add RMINITDIR for nativesdk builds
nativesdk builds such as nativesdk-dnf are installing systemd
service files, leading bitbake to throw installed-vs-shipped
warnings, but these are not needed in nativesdk:
WARNING: nativesdk-dnf-4.2.2-r0 do_package: QA Issue: nativesdk-dnf: Files/directories were installed but not shipped in any package:
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic.timer
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-makecache.timer
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic.service
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-makecache.service
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-notifyonly.timer
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-download.service
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-download.timer
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-notifyonly.service
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-install.timer
/usr/local/oecore-x86_64/sysroots/x86_64-oesdk-linux/lib/systemd/system/dnf-automatic-install.service
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
nativesdk-dnf: 13 installed and not shipped files. [installed-vs-shipped]
Rather than have each recipe remove the files, an RMINITDIR case
for nativesdk builds should be added to systemd.bbclass.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 8 Oct 2019 14:26:29 +0000 (10:26 -0400)]
linux-yocto/5.2: fix strace/ptrace long runtime issues
Bumping SRCREVs to pickup the following kernel commit:
[
Author: Bruce Ashfield <bruce.ashfield@gmail.com>
Date: Tue Oct 8 13:15:46 2019 +0000
signal/ptrace: fix cgroup2/freezer long runtimes
As reported in the thread: https://lkml.org/lkml/2019/10/1/789, in
kernels with commit 76f969e8948d82 [cgroup: cgroup v2 freezer], we
were seeing much longer runtime in strace/ptrace tests (4 minutes
versus 4 seconds).
The issue only manifests if CONFIG_PREEMPT is enabled, which is in
all of the default configurations.
As sugggested in the thread, the movement of preempt_enable_no_resched()
until after the cgroup is frozen returns the behaviour to pre-5.2
runtimes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
With this change in place, our times are back to normal:
root@qemux86-64:~# cd /usr/lib/strace/ptest/tests
root@qemux86-64:/usr/lib/strace/ptest/tests# time ../strace -o log -qq -esignal=none -e/clock ./printpath-umovestr>ttt
real 0m3.909s
user 0m0.534s
sys 0m3.342s
This will eventually loop around via -stable, or may need future
tweaks, but it does address the immediate issue/symptom that we are
seeing, with no obvious side effects.
[YOCTO #13556]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Tue, 8 Oct 2019 16:01:44 +0000 (12:01 -0400)]
linux-yocto-rt/5.2: update to -rt9
Updating to 5.2-rt9. Which comprises the following fixes:
90a5890111ca v5.2.17-rt9 7700ef5f6438 sched: migrate disable: Protect cpus_ptr with lock 11d09bb2607b sched: Remove dead __migrate_disabled() check ceb75897bca0 sched: __set_cpus_allowed_ptr: Check cpus_mask, not cpus_ptr 70d3cef7a488 printk: devkmsg: read: Return EPIPE when the first message user-space wants has gone eef2411714d4 drm/i915: Drop the IRQ-off asserts f063808d4629 drm/i915: Don't disable interrupts for intel_engine_breadcrumbs_irq() d3136b34629a rcutorture: Avoid problematic critical section nesting on RT ded0345350a6 rcu: Use rcuc threads on PREEMPT_RT as we did ea804ff7a3de sched: migrate_dis/enable: Use sleeping_lock…() to annotate sleeping points 5221cc57007f rcu: Acquire RCU lock when disabling BHs b05b0d20c207 posix-timers: Unlock expiry lock in the early return 066bbfed5243 v5.2.17-rt8 163d8462f622 v5.2.14-rt7 41f51767f77d hrtimer: Add a missing bracket and hide `migration_base' on !SMP 8d0056d6bd7a v5.2.14-rt6
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Newer versions of gnome-terminal (3.32.0 and up) are not starting
as expected for commands e.g. "bitbake -c devshell zlib". This
manifests as the instance appearing as a new tab rather than a
new window. Fix this (and maintain new window preferred behavior)
by changing the "-x" option to "--" as per the warning message,
avoiding deprecated options:
# Option “--command” is deprecated and might be removed in a later version of gnome-terminal.
# Use “-- ” to terminate the options and put the command line to execute after it.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Sat, 5 Oct 2019 06:12:20 +0000 (23:12 -0700)]
ghostscript: Disable libpaper
OE does not provide libpaper recipe, and the configure check looks for
libpaper if not disabled, this causes problems especially when shared
state is built on a machine which has libpaper installed on host but the
consumer machine although running same OS, but does not have libpaper
installed, the artifact from sstate are re-used but then native binary
./obj/aux/packps fails to execute
./obj/aux/packps: error while loading shared libraries: libpaper.so.1: cannot open shared object file: No such file or directory
So either we need to provide libpaper in OE or we disable it, disabling
is best for now
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Trevor Gamblin [Mon, 7 Oct 2019 17:56:20 +0000 (13:56 -0400)]
watchdog: fix PIDFile path in existing patch
systemd throws a warning about the value of PIDFile:
systemd[1]: /usr/lib/systemd/system/watchdog.service:11: PIDFile=
references a path below legacy directory /var/run/, updating
/var/run/watchdog.pid → /run/watchdog.pid; please update the
unit file accordingly.
This is actually due to patch file 0001-watchdog-remove-interdependencies-of-watchdog-and-wd.patch
setting PIDFile=/var/run/watchdog.pid. Modify PIDFile in the patch
to be correctly set to /run/watchdog.pid.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 4 Oct 2019 00:22:17 +0000 (01:22 +0100)]
insane: add check for perllocal.pod
perlocal.pod is an index file of locally installed modules and so shouldn't be
installed by any distribution packages. cpan.bbclass already sets NO_PERLOCAL
to stop this file being generated by most Perl recipes, but if a recipe is using
MakeMaker directly (such as rrdtool) then they might not be doing this
correctly.
To avoid multiple packages shipping this file and then failing to install
together, add a QA test to check if this file exists and by default emit an
error if it does.
[ YOCTO #13491 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This service file is designed to do first-boot initialisation of the udev hwdb
database, but the condition logic to fire it is suboptimal: it can fire if not
needed, and can also not fire if needed. Specifically it will always fire on
first boot, even though as part of rootfs generation we build the hwdb database.
On slow machines this can take a significant amount of time, the pathological
case being qemumips where the service can time out after 90 seconds of
processing.
Other distributions have also noticed this problem (specifically, at least
Debian and Clear) and solve it by using traditional postinst scripts to generate
the hwdb (which we already do) and deleting the service file (which we don't).
Finish the fix and improve boot times across all boards by deleting the service
file.
[ YOCTO #13504 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 7 Oct 2019 10:11:38 +0000 (11:11 +0100)]
meson: fix cross detection
Meson 0.51 onwards detects if a build is cross by whether the host and build
machines match. However this doesn't work in a number of cross compilation
cases: notably where host is Windows but build is Linux, but also the common
OpenEmbedded case where the host and build machine are both x86-64.
Previously we'd patched this to instead look at whether an executable wrapper is
needed: our cross files always set this to true so all cross builds would be
identified as cross. However, this breaks build on the target as without a
cross file the early cross build detection fails as we don't yet know if an exe
wrapper is needed.
The neater solution is to simply go back to the older logic: a cross build has
cross files defined.
[ YOCTO #13571 ]
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Michael Cooper [Thu, 3 Oct 2019 15:36:25 +0000 (18:36 +0300)]
wic/direct: Partition numbering is broken for MBR primary partition #4
When wks describes extra partitions that aren't in the partition
table (e.g. boot loader) and exactly four primary MBR partitions, the
last partition gets added to fstab as partition #5 instead of #4.
[YOCTO #13560]
Signed-off-by: Michael Cooper <michaelcooper81@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jaewon Lee [Fri, 20 Sep 2019 00:13:29 +0000 (17:13 -0700)]
devtool/standard.py: Not filtering devtool workspace for devtool finish
All devtool commands right now are filtering out the devtool workspace
bbappends in build/workspace/appends when calling parse_recipe. While
this may make sense for devtool add and modify, we need devtool finish
to include those appends.
A specific breakage that is caused because devtool finish filters devtool
appends is the cmake/cml1 flow where a file is created in the WORKDIR
that finish needs access to, to commit those files. Particularly for
git packages with SRCPV in PV, SRCPV is only changed to 999 when using
external source, hence when creating the cfg or cmake config files using
for instance bitbake -c diffconfig, these files are created in the
git999 workdir correctly (as in the devtool bbapends, we are inheriting
externalsrc class). But when devtool finish is run, the devtool appends
are not parsed, hence SRCPV is not changed to 999 and devtool is looking
for the fragment files in the wrong WORKDIR.
Changing the parse_recipe call just in devtool finish to not filter out
the devtool workspace.
Fixes [YOCTO #13533]
Signed-off-by: Jaewon Lee <jaewon.lee@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reported-By: "Hilsdorf, Jan (LAWO)" <Jan.Hilsdorf@lawo.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 2 Oct 2019 13:59:18 +0000 (14:59 +0100)]
base: Improve module import error message
Turn:
ERROR: Unable to parse Var <OE_IMPORTED[:=]>
Traceback (most recent call last):
File "Var <OE_IMPORTED[:=]>", line 1, in <module>
File "/media/build1/poky/meta/classes/base.bbclass", line 35, in oe_import(d=<bb.data_smart.DataSmart object at 0x7f1d941ad208>):
for toimport in oe.data.typed_value("OE_IMPORTS", d):
> imported = __import__(toimport)
inject(toimport.split(".", 1)[0], imported)
File "/media/build1/poky/meta/lib/oe/sstatesig.py", line 267, in <module>:
>class SignatureGeneratorOEEquivHash(SignatureGeneratorOEBasicHashMixIn, bb.siggen.SignatureGeneratorUniHashMixIn, bb.siggen.SignatureGeneratorBasicHash):
name = "OEEquivHash"
bb.data_smart.ExpansionError: Failure expanding variable OE_IMPORTED[:=], expression was ${@oe_import(d)} which triggered exception AttributeError: module 'bb.siggen' has no attribute 'SignatureGeneratorUniHashMixIn'
into:
ERROR: Error importing OE modules: module 'bb.siggen' has no attribute 'SignatureGeneratorUniHashMixIn'
which can then trigger a version mismatch error message.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Tue, 1 Oct 2019 15:57:28 +0000 (16:57 +0100)]
packagegroup: fix a comment regarding PACKAGE_ARCH
packagegroups whose dependencies are affected by MACHINE_FEATURES
need to be marked as MACHINE_ARCH *before* inheriting the
packagegroup class, not after.
This has changed in commit 9c826962ec8f
("packagegroup: Make allarch inherit conditional"),
commit 4f3f34deafe4 in poky but the comment here
wasn't updated at the time.
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joe Slater [Tue, 1 Oct 2019 21:36:20 +0000 (14:36 -0700)]
bash-completion: add image feature
Create bash-completion-pkgs image feature to load *-bash-completion packages
into an image. The packages are created by the bash-completion
bbclass but are currently never loaded.
Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alexandre Bard [Wed, 2 Oct 2019 12:12:22 +0000 (12:12 +0000)]
systemd: Expose resolv-conf alternative only when resolved is built
When systemd is built without internal resolver, it does not make
sense to expose it as a resolv-conf alternative and can even break
images where this alternative would be chosen, because of an
invalid symlink.
Signed-off-by: Alexandre Bard <alexandre.bard@netmodule.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Konrad Scherer [Fri, 27 Sep 2019 18:56:42 +0000 (14:56 -0400)]
gen-lockedsig-cache: Replace glob lookup with hash to filename lookup
Using the glob function to map signatures to sstate files is very slow
when the sstate is large and accessed over nfs. The lookup now only
loads the necessary prefixes and doesn't use glob as all.
Unfortunately I don't have access to the systems where the performance
isse was noticed and on my test system the glob is fast enough that
the performance numbers aren't useful. I could verify that file list
returned by the new code is the same.
[YOCTO #13539]
Signed-off-by: Konrad Scherer <Konrad.Scherer@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
André Draszik [Tue, 1 Oct 2019 09:54:51 +0000 (10:54 +0100)]
ruby: fix non-IPv6 support
When IPv6 support is disabled, this recipe mis-configures
ruby so that it end up non-working:
--enable-wide-getaddrinfo instructs ruby to re-implement
the standard getaddinfo(), but IPv6 support is still
automatically detected via ext/socket/extconf.rb
independently of that flag.
To re-implement getaddrinfo(), ruby uses the obsolete
getipnodebyaddr() and getipnodebyname() functions - i.e.
according to the man-page, glibc provided those only in
glibc 2.1.91-95; and of course compilation fails. [1]
Switch to ruby's standard --enable-ipv6= configure
options to make the build work without warnings, and
ruby work at runtime as well.
[1] Compilation and linking actually succeed, albeit with
a warning regarding implicit declaration / unresolved
symbols. The error is only obvious at runtime due to the
unresolved symbols...
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
André Draszik [Tue, 1 Oct 2019 09:54:49 +0000 (10:54 +0100)]
ruby: drop long-merged CVE patches
The CVE patches here address the original problem in
a different way to how upstream solved it, and are
superfluous.
Ruby updated to Onigmo v6.1.3+669ac999761 before its
v2.5.0 release, and both CVEs were fixed before Onigmo
v6.1.3:
https://github.com/k-takata/Onigmo/releases/tag/Onigmo-6.1.3
https://github.com/k-takata/Onigmo/commits/Onigmo-6.1.3
https://github.com/k-takata/Onigmo/commit/40945546578004bf40e6f884834bcad4054c70f7
https://github.com/k-takata/Onigmo/commit/783b7ef491e1422e4be7407ccc3e4305e5013507
Because the issues were fixed differently here and
in Ruby (Onigmo), patch never complained about
duplicatation during recipe updates.
Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
pathfinder has no recipe and its last update was in 2013
(see http://freshmeat.sourceforge.net/projects/pathfinder),
so it should be removed from the list of PACKAGECONFIG options
for opkg. --disable-pathfinder is added to EXTRA_OECONF for
good measure.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Fri, 27 Sep 2019 13:39:26 +0000 (14:39 +0100)]
pango: fix the failing testiter test case
The testiter test case fails if libthai support isn't enabled because it
execises codepaths that need libthai to be correct. Backport a patch to skip
this test if libthai isn't enabled.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diego Rondini [Thu, 19 Sep 2019 07:45:09 +0000 (09:45 +0200)]
initramfs-framework: support PARTLABEL option
Since commit (kernel >= 4.20):
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f027c34d844013d9d6c902af8fa01a82d6e5073d
specifying rootfs by PARTLABEL is supported. This commit adds support to
specify root by GPT partition label.
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Yi Zhao [Thu, 19 Sep 2019 07:44:11 +0000 (15:44 +0800)]
python: add tk-lib as runtime dependency for python-tkinter
Fixes:
ERROR: python-2.7.16-r0 do_package_qa: QA Issue:
/usr/lib/python2.7/lib-dynload/_tkinter.so contained in package
python-tkinter requires libtk8.6.so, but no providers found in
RDEPENDS_python-tkinter? [file-rdeps]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Li Zhou [Thu, 19 Sep 2019 06:15:20 +0000 (14:15 +0800)]
shadow: use relaxed usernames for all
The previous commit <shadow: use relaxed usernames> works only for
target. When test with configuration:
INHERIT += 'extrausers'
EXTRA_USERS_PARAMS += "useradd -p '' aBcD; "
and run "bitbake core-image-minimal", error occurs:
NOTE: core-image-minimal: Performing useradd with [
-R .../build/tmp-glibc/work/qemux86_64-wrs-linux/core-image-minimal/1.0-r0/rootfs -p '' aBcD]
useradd: invalid user name 'aBcD'
Here move the patch for using relaxed usernames from class_target to
the source code for all.
Signed-off-by: Li Zhou <li.zhou@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Currently systemd cannot boot correctly on NFS. This is because
the code uses readdir which returns DT_UNKNOWN instead of DT_LNK
on NFS. So consider DT_UNKNOWN to fix this problem.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
ERROR: Nothing PROVIDES 'gamin' (but /yow-lpggp31/tgamblin/oe-core.git/meta/recipes-extended/lighttpd/lighttpd_1.4.54.bb DEPENDS on or otherwise requires it)
NOTE: Runtime target 'lighttpd' is unbuildable, removing...
Missing or unbuildable dependency chain was: ['lighttpd', 'gamin']
ERROR: Required build target 'core-image-minimal' has no buildable providers.
Missing or unbuildable dependency chain was: ['core-image-minimal', 'lighttpd', 'gamin']
Since gamin hasn't been maintained for several years, this should
be removed from the list of lighttpd PACKAGECONFIG options.
--without-fam is hard-coded in EXTRA_OECONF for good measure.
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some of the packagegroups violate the allarch policy therefore the ones
which do so, should be marked as TUNE specific
Fixes QA errors
packagegroup-self-hosted-1.0: Package version for package packagegroup-self-hosted-graphics went backwards which would break package feeds from (0:1.0-r13.12 to 0:1.0-r13.9) [version-going-backwards]
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
$ bitbake lttng-ust
ERROR: lttng-ust-2_2.10.4-r0 do_package: QA Issue: lttng-ust: Files/directories were installed but not shipped in any package:
/usr/lib
/usr/lib/python3.7
/usr/lib/python3.7/site-packages
/usr/lib/python3.7/site-packages/lttngust-2.10.4-py3.7.egg-info
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lib/oe/lsb: Make sure the distro ID is always lowercased
In commit 8689e561 (lib/oe/lsb: attempt to ensure consistent distro id
regardless of source), the distro ID returned by
oe.lsb.distro_identifier() was lowercased, but only if a release
version is also present.
This changes the code to always lowercase the distro ID, including the
default distro ID "unknown", which is used if no other ID can be
identified.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Do not decode the log content into a string only to re-encode it as
binary data again. Some logs might un-intentionally contain bytes that
do not decode as utf-8, as such preserve the log file content as it was
on disk.
Handle the decoding on the resulttool side, but also handle the failure
to decode the data.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/core/utils/concurrencytest.py: Handle exceptions and details
Handle the streaming of exception content with details data. The
testtools package allows both 'err' and 'details' kwargs but can only
pass one of them to the parent.
To handle the passing of exception traceback and details data at the
same time, encode the traceback into the details object and remove the
'err' arg from the add* result call. This encodes the traceback similar
to how 'err' is handled without any details object. Decoding is already
done by testtools when the traceback is encoded in the details object.
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
