Richard Purdie [Tue, 7 Jul 2015 12:22:15 +0000 (13:22 +0100)]
oeqa/bbtests: Fix race over DL_DIR and SSTATE_DIR
Running "-c cleanall" on shared DL_DIR and SSTATE_DIR is antisocial.
It leads to hard to debug races where we wonder why files disappear
and reappear from those directories.
Fix this by using a specific set of directories for these tests. This
avoids a long standing bug on the autobuilder where aspell and man
sources would disappear.
we need to stop the preprocessor from generating the #line directives
or we run into issues like
| checking for apr_int64_t Python/C API format string...
| configure: error: failed to recognize APR_INT64_T_FMT on this platform
| Configure failed. The contents of all config.log files follows to aid
debugging
| ERROR: oe_runconf failed
Rightly subversion should be fixed but lets leave that to subversion
folks
Richard Purdie [Sat, 25 Jul 2015 23:19:08 +0000 (23:19 +0000)]
cross-localedef-native: Use older C standards for older code
This older code needs specific compiler options to allow it to work
with gcc 5. These options are used in the 2.21 recipe in master/fido
so this simply backports them.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with
an uncompressed size smaller than the compressed field size in a
zip archive that advertises STORED method compression.
Buffer overflow in the charset_to_intern function in unix/unix.c in
Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code
via a crafted string, as demonstrated by converting a string from CP866
to UTF-8.
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Tue, 17 Feb 2015 13:41:06 +0000 (14:41 +0100)]
test-dependencies.sh: strip only .bb suffix
* we were stripping too much when stripping recipe name from line like this:
ERROR: Task 12016 (/some/patch/something.dot.bar.bb, do_fetch) failed with exit code '1'
where the recipe name contains dots and doesn't end with _<version>.bb
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Tue, 28 Apr 2015 22:46:18 +0000 (00:46 +0200)]
e2fsprogs: install populate-extfs.sh
* install populate-extfs.sh from contrib, be aware that in order
to use it you need to set DEBUGFS shell variable, otherwise it will
try to use debugfs from relative path which is almost always
incorrect:
CONTRIB_DIR=$(dirname $(readlink -f $0))
DEBUGFS="$CONTRIB_DIR/../debugfs/debugfs"
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta/recipes-support/gpgme/gpgme_1.4.3.bb
A buffer overflow flaw was found in the way glibc's gethostbyname_r() and
other related functions computed the size of a buffer when passed a
misaligned buffer as input. An attacker able to make an application call
any of these functions with a misaligned buffer could use this flaw to
crash the application or, potentially, execute arbitrary code with the
permissions of the user running the application.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta/recipes-devtools/qemu/qemu_2.1.0.bb
Buffer overflow in the rc_mksid function in plugins/radius/util.c in
Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is
greater than 65535, allows remote attackers to cause a denial of
service (crash) via a start accounting message to the RADIUS server.
oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not
effected, but I found this buggy codes are same between 2.4.6 and
2.4.7, and 2.4.7 should have this issue.
Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Conflicts:
meta/recipes-qt/qt4/qt4-4.8.6.inc
Robert Yang [Thu, 4 Jun 2015 11:37:41 +0000 (13:37 +0200)]
license.bbclass: set dirs for do_populate_lic_setscene
Fixed:
ERROR: Build of do_populate_lic failed
ERROR: Traceback (most recent call last):
File "bitbake/lib/bb/build.py", line 497, in exec_task
return _exec_task(fn, task, d, quieterr)
File "bitbake/lib/bb/build.py", line 437, in _exec_task
exec_func(func, localdata)
File "bitbake/lib/bb/build.py", line 212, in exec_func
exec_func_python(func, d, runfile, cwd=adir)
File "/home/nxadm/nx/ala-blade44.1/builds-2015-03-09-163005/qemuppc_world_oe_bp/bitbake/lib/bb/build.py", line 237, in exec_func_python
os.chdir(cwd)
OSError: [Errno 2] No such file or directory: 'bitbake_build/tmp/work/ppc7400-wrs-linux/taglib/1.9.1-r0/build'
When running setscene, the cwd is $B which maybe removed by
autotools.bbclass or cmake.bbclass when rebuild.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster@smtp.gmail.com>
Egypt will not observe DST in 2015 and will consider canceling it
permanently. For now, assume no DST indefinitely.
(Thanks to Ahmed Nazmy and Tim Parenti.)
Changes affecting past time stamps
America/Whitehorse switched from UTC-9 to UTC-8 on 1967-05-28, not
1966-07-01. Also, Yukon's time zone history is documented better.
(Thanks to Brian Inglis and Dennis Ferguson.)
Change affecting past and future time zone abbreviations
The abbreviations for Hawaii-Aleutian standard and daylight times
have been changed from HAST/HADT to HST/HDT, as per US Government
Printing Office style. This affects only America/Adak since 1983,
as America/Honolulu was already using the new style.
Created separate group of hardlinks for the files inside
the same package. This should prevent stripped files to be
populated outside of package directories.
This turns out not to be straightforward and has overlap with the
other hardlink handling code in this area. The code is condensed
into a more concise and documented form.
Fabrice Coulon [Thu, 14 May 2015 18:01:40 +0000 (19:01 +0100)]
meta/lib/oe/package.py: fix files ownership in packages
This fix solves the problem with the ownership of files in packages.
The do_install task was producing correct and expected output but when
the files were being put in, e.g. a rpm package, the ownership could
be different than that in the do_install task.
After selecting the "install" gummiboot option of a Live image we are
seeing boot failure resulting from the gummiboot entries not being
installed correctly. This seems to be a problem in this init-install-efi.sh
script where it incorrectly installs the gummiboot entries into the root
filesystem, not the boot partition. We fix it by installing the entries in
the boot partition.
Jonathan Liu [Tue, 21 Apr 2015 10:53:02 +0000 (12:53 +0200)]
postinst-intercepts/update_font_cache: fix ownership of fontconfig cache
The file ownership of the cache files in /var/cache/fontconfig needs to
be set to root:root otherwise it inherits the user and group id of the
build user.
[YOCTO #7411]
Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Jansa [Tue, 21 Apr 2015 10:53:01 +0000 (12:53 +0200)]
pulseaudio: use stricter PACKAGES_DYNAMIC
* I don't see any usage for libpulse-* packages
* adding '-' resolves the issue when we have separate recipe for
pulseaudio-modules-droid which isn't built to satisfy RDEPENDS
with the same name, because generic pulseaudio recipe seems to
RPROVIDE it through PACKAGES_DYNAMIC
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 13 Feb 2015 13:05:59 +0000 (13:05 +0000)]
gcc-target: Don't install target gcc libdir files
Installing /usr/lib/gcc/* means we'd have two copies, one from gcc-cross
and one from here. These can confuse gcc cross where includes use #include_next
and builds track file dependencies (e.g. perl and its makedepends code).
For determinism we don't install this to the sysroot, ever and rely on the
copy from gcc-cross.
initscripts: Remove /etc/volatile.cache on upgrade
/etc/volatile.cache is a cached copy of a script (which is
generated by /etc/init.d/populate-volatile.sh) that generates
the volatile filesystem directories. Since volatile.cache is
a generated file, it is not necessarily changed if
populate-volatile.sh is updated. As a result, the stale script
can add/remove the wrong directories on the next system boot.
If initscripts is being upgraded, make sure volatile.cache gets
deleted.
base-files: Check for /run and /var/lock softlinks on upgrade
Commit ea647cd9eebdc3e3121b84074519c4bb305adac9 moved the locations
of /run and /var/lock to match the FHS 3 draft specifications.
However, the install doesn't remove the existing directories.
As a result, upgrading a system may result in /run as a softlink
to /var/run and /var/run as a softlink to /run, creating a circular
link.
During pre-install, check for the existence of the old softlinks and
remove them so the new directories can be installed.
Richard Purdie [Sat, 28 Mar 2015 08:50:27 +0000 (08:50 +0000)]
dpkg-native: Avoid 'file changed' errors from tar
Hardlink count duing do_package_write_deb can change causing dpkg-deb
failures. We don't care about this error case so avoid it by checking
the tar exit code.
Otherwise, when fortran support will be enabled in the compiler, both
lingfortran and gcc-runtime receipes will create the same files and will
try to install them. This will cause errors:
ERROR: The recipe libgfortran is trying to install files into a shared
area when those files already exist. Those files and their manifest
location are: ...
Please verify which recipe should provide the above files.
Jonathan Liu [Wed, 11 Mar 2015 02:25:56 +0000 (13:25 +1100)]
fontcache.bbclass: prepend to PACKAGEFUNCS instead of appending
Appending to PACKAGEFUNCS results in the font packages missing the
postinst/postrm scripts and the fontconfig cache not being generated
in /var/cache/fontconfig when creating images or installing font
packages. This is because the package data has already been emitted
by emit_pkgdata in PACKAGEFUNCS. Prepend to PACKAGEFUNCS to ensure
add_fontcache_postinsts is executed before emit_pkgdata.
[YOCTO #7410]
Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Richard Purdie [Thu, 26 Mar 2015 14:18:30 +0000 (14:18 +0000)]
autotools: Avoid find race for S = "${WORKDIR}"
For recipes with PACKAGES_remove = "${PN}", the find which removes .la files
can race against deletion of other directories in WORKDIR e.g.:
find: '/home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/sstate-build-populate_lic': No such file or directory
| WARNING: /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7/temp/run.do_configure.6558:1 exit 1 from
| find /home/autobuilder/yocto-autobuilder/yocto-worker/nightly-oe-selftest/build/build/tmp/work/qemux86_64-poky-linux/init-ifupdown/1.0-r7 -name \*.la -delete
The simplest fix is to add the find option which ignores these kind of races.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Armin Kuster [Sat, 21 Mar 2015 14:42:09 +0000 (07:42 -0700)]
tzdata: update to 2015b
Changes affecting future time stamps
Mongolia will start observing DST again this year, from the last
Saturday in March at 02:00 to the last Saturday in September at 00:00.
(Thanks to Ganbold Tsagaankhuu.)
Palestine will start DST on March 28, not March 27. Also,
correct the fall 2014 transition from September 26 to October 24.
Adjust future predictions accordingly. (Thanks to Steffen Thorsen.)
Changes affecting past time stamps
The 1982 zone shift in Pacific/Easter has been corrected, fixing a 2015a
regression. (Thanks to Stuart Bishop for reporting the problem.)
Some more zones have been turned into links, when they differed
from existing zones only for older time stamps. As usual,
these changes affect UTC offsets in pre-1970 time stamps only.
Their old contents have been moved to the 'backzone' file.
The affected zones are: America/Antigua, America/Cayman,
Pacific/Midway, and Pacific/Saipan.
Changes affecting time zone abbreviations
Correct the 1992-2010 DST abbreviation in Volgograd from "MSK" to "MSD".
(Thanks to Hank W.)
Armin Kuster [Sat, 21 Mar 2015 14:42:08 +0000 (07:42 -0700)]
tzcode: update to 2015b
Changes affecting code
Fix integer overflow bug in reference 'mktime' implementation.
(Problem reported by Jörg Richter.)
Allow -Dtime_tz=time_t compilations, and allow -Dtime_tz=... libraries
to be used in the same executable as standard-library time_t functions.
(Problems reported by Bradley White.)
Changes affecting commentary
Cite the recent Mexican decree changing Quintana Roo's time zone.
(Thanks to Carlos Raúl Perasso.)
Likewise for the recent Chilean decree. (Thanks to Eduardo Romero Urra.)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
and because 'bitbake' cleans environment we can pass it completely
instead of trying to enumerate needed env.
With the 'env.patch' the FULLCC variable is not needed anymore (which
would break when CC is 'ccache arm-...-gcc' and host ccache is used)
because the correct $PATH is available during scons build:
| sh: .../sysroots/x86_64-oe-linux/usr/bin/arm-linux-gnueabi/ccache: No such file or directory
| scons: *** [context.o] Error 127
Chen Qi [Tue, 3 Feb 2015 20:53:39 +0000 (14:53 -0600)]
package_manager.py: fix rootfs failure with multilib enabled
With the current code, if we use debian package backend and enable
multilib support, the do_rootfs process would always fail with error
messages like below.
E: Unable to locate package packagegroup-core-boot
Richard Purdie [Wed, 15 Apr 2015 13:13:22 +0000 (14:13 +0100)]
toolchain-scripts: Allow the CONFIGSITE_CACHE variable to be overridden
In multilib and baremetal configurations, this variable can cause a variety of
problems due to the use of TCLIBC. At least allowing it to be overriden
is a start and allows various configurations to avoid the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 28 Mar 2015 10:34:13 +0000 (10:34 +0000)]
file: Update CVE patch to ensure file gets built correctly
If we touch both files, we can end up in a situation where magic.h should be
rebuilt and isn't. The easiest fix is not to touch the generated files which
ensures the timestamps are such that it is always rebuilt.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Max Krummenacher [Wed, 25 Mar 2015 22:09:37 +0000 (23:09 +0100)]
udev: don't keep ptest testdata laying around
Only unpack udev's testdata right before executing the tests and cleanup
afterwards.
udev's testsuite can be used by ptest. However currently the testdata against
which its functionality is tested is installed in the sysroot at udev install
time.
If the sysroot is used with qemu the testdata makes qemu entering an infinite
loop.
http://lists.openembedded.org/pipermail/openembedded-core/2014-September/097098.html
This has already been fixed for the systemd udev flavour.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=5664
Signed-off-by: Max Krummenacher <max.oss.09@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Max Krummenacher [Wed, 25 Mar 2015 22:09:36 +0000 (23:09 +0100)]
udev: fix ptest rule syntax check
The ptest which checks for correct udev rules fails.
Missing files and paths for the build host caused this.
Signed-off-by: Max Krummenacher <max.oss.09@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Brendan Le Foll [Wed, 25 Mar 2015 13:15:43 +0000 (13:15 +0000)]
openssl: Upgrade to 1.0.1m
Security update, some patches modified to apply correctly mostly due to
upstream changing indentation/styling
* configure-targets.patch updated
* fix-cipher-des-ede3-cfb1.patch updated
* openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch updated
* openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch removed as no
merged with 3942e7d9ebc262fa5c5c42aba0167e06d981f004 in upstream
Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Wed, 18 Feb 2015 10:23:42 +0000 (10:23 +0000)]
lib/oe/package_manager: support exclusion from complementary glob process by regex
Sometimes you do not want certain packages to be installed when
installing complementary packages, e.g. when using dev-pkgs in
IMAGE_FEATURES you may not want to install all packages from a
particular multilib. This introduces a new PACKAGE_EXCLUDE_COMPLEMENTARY
variable to allow specifying regexes to match packages to exclude.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Brendan Le Foll <brendan.le.foll@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 29 Jan 2015 20:44:20 +0000 (12:44 -0800)]
systemd: Backports fixes to 216
Fix systemd-timesyncd assertion
when networkd is disabled then we now do not
create /run/systemd/netif/links but timesyncd needs it. So lets
manually create this file when networkd is disabled so timesyncd
can still function
When enabling systemd-timesyncd we need systemd-timesync user
Backport patches to enable timesyncd when resolved and networkd
are disabled
replace the resolv.conf symlinink patch with a proper backport
Sona Sarmadi [Fri, 16 Jan 2015 10:16:03 +0000 (11:16 +0100)]
python: Disables SSLv3
This is related to "SSLv3 POODLE vulnerability" CVE-2014-3566
Building python without SSLv3 support when openssl is built without
any support for SSLv3 (e.g. by adding EXTRA_OECONF = " -no-ssl3" in
the openssl recipes).
Backport from:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768611#22
[python2.7-nossl3.patch] only Modules/_ssl.c is backported.
Armin Kuster [Sat, 31 Jan 2015 01:15:50 +0000 (17:15 -0800)]
tzdata: update to 2015a including leap second
Changes affecting future time stamps
The Mexican state of Quintana Roo, represented by America/Cancun,
will shift from Central Time with DST to Eastern Time without DST
on 2015-02-01 at 02:00. (Thanks to Steffen Thorsen and Gwillim Law.)
Chile will not change clocks in April or thereafter; its new standard time
will be its old daylight saving time. This affects America/Santiago,
Pacific/Easter, and Antarctica/Palmer. (Thanks to Juan Correa.)
New leap second 2015-06-30 23:59:60 UTC as per IERS Bulletin C 49.
(Thanks to Tim Parenti.)
Changes affecting past time stamps
Iceland observed DST in 1919 and 1921, and its 1939 fallback
transition was Oct. 29, not Nov. 29. Remove incorrect data from
Shanks about time in Iceland between 1837 and 1908.
Some more zones have been turned into links, when they differed
from existing zones only for older time stamps. As usual,
these changes affect UTC offsets in pre-1970 time stamps only.
Their old contents have been moved to the 'backzone' file.
The affected zones are: Asia/Aden, Asia/Bahrain, Asia/Kuwait,
and Asia/Muscat.
Armin Kuster [Sat, 31 Jan 2015 01:15:49 +0000 (17:15 -0800)]
tzcode: update to 2015a leap second changes too
Changes affecting code
tzalloc now scrubs time zone abbreviations compatibly with the way
that tzset always has, by replacing invalid bytes with '_' and by
shortening too-long abbreviations.
tzselect ports to POSIX awk implementations, no longer mishandles
POSIX TZ settings when GNU awk is used, and reports POSIX TZ
settings to the user. (Thanks to Stefan Kuhn.)
Changes affecting build procedure
'make check' now checks for links to links in the data.
One such link (for Africa/Asmera) has been fixed.
(Thanks to Stephen Colebourne for pointing out the problem.)
Changes affecting commentary
The leapseconds file commentary now mentions the expiration date.
(Problem reported by Martin Burnicki.)
Ross Burton [Mon, 1 Dec 2014 16:26:55 +0000 (16:26 +0000)]
python: ensure all of Python is installed in nativesdk
If any part of Python gets installed in a SDK, we need to ensure that all of
Python gets installed to avoid replacing python in the environment with a
minimal package set.
The switch to the fetcher where it added BeautifulSoup revealed
a shortcoming in the python packaged for the self hosting (missing
htmlentitydefs). Here we fix it in the same way as what was done
for buildtools-tarball and include python-modules vs. all the
individual little chunks.
Mark Hatle [Thu, 22 Jan 2015 22:10:34 +0000 (16:10 -0600)]
python-smartpm: Fix attemptonly builds when file conflicts occur
[YOCTO #7299]
When file conflicts occur, the RPM transaction aborts. Instead of
simply accepting the failure, we now identify, capture, and remove
the offending package(s) from the transaction and retry.
For cpio images, do_rootfs() can operate on a dirty '${WORKDIR}/cpio_append'
directory which contains e.g. files from previous builds. This can cause
unwanted files in the image or can break the build.
E.g. when there is a cpio_append/init -> /sbin/init symlink symlink, the
'ln -sf' can fail due to SELinux restrictions:
Patch cleans up 'cpio_append' before executing the 'do_rootfs' task by
adding it to 'cleandirs'. An alternative implementation (which avoids
creation of this empty dir for non-cpio images) might remove it within
IMAGE_CMD_cpio, but this might break builds where people rely on the
existence of this directory (e.g. to add local files).
