Mark Asselstine [Fri, 25 Nov 2016 04:17:14 +0000 (23:17 -0500)]
systemd.bbclass: don't block on service restart
The current class works fine when a recipe uses SYSTEMD_AUTO_ENABLE
'enable' and has no on device pkg_postinst(), ie when the postinst is
run as part of rootfs creation. However, when there is a component of
pkg_postinst() that is run on device the 'systemctl restart' is run as
part of the run_postinsts.service at boot. This results in the boot
spinning indefinitely with:
[ *** ] A start job is running for Run pending postinsts (7s / no limit)
The issue could potentially be that the packages service has an
'After' clause which comes later in the boot, beyond
run_postinsts.service, creating a chicken before the egg
scenario. Even service files without an 'After' clause cause this
situation however. Despite this not being the cause of the issue this
fix will prevent this scenario from happenning.
Using strace we are able to find that during boot, when
run_postinsts.service is running attempting to start or restart any
service will result in the call get stuck on poll(). Since the
run_postinsts.service does not monitor the outcome of the call to
restart we can work around this by using '--no-block'.
Samuli Piippo [Wed, 23 Nov 2016 14:36:37 +0000 (16:36 +0200)]
mesa: make sure GLES3 headers are installed
Since there is no libgles3-mesa package that would pull in the headers,
add dependency to libgles2-mesa-dev. Now there no need to manually add
GLES3 headers to image or toolchain.
Ross Burton [Thu, 24 Nov 2016 20:37:48 +0000 (20:37 +0000)]
insane: rewrite the expanded-d test as a QAPKGTEST
Instead of being executed for every file in every package, this is now just
called for each package. It is also now correctly called for packages which
don't have any content but do have postinst scripts.
Ross Burton [Thu, 24 Nov 2016 20:26:44 +0000 (20:26 +0000)]
insane: add QAPKGTEST, a package-wide equivilant to QAPATHTEST
QAPATHTEST defines a function that is executed for every file in every package.
For tests which just need to look at the datastore this is massive overkill.
Add QAPKGTEST, which is invoked for each package in the recipe.
Ross Burton [Thu, 24 Nov 2016 11:24:26 +0000 (11:24 +0000)]
insane: fix expanded-d test
This test should be looking for the expanded value of ${D} in the expanded value
of pkg_postinst and so on, but one of the getVar() calls was passing
expand=False so the test would never be true.
kgit-scc: dont mention meta-repo in help ; it doesnt exist
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
commit 08463d684c1952e74c25344cddace4c3f24c739d
Author: Bruce Ashfield <bruce.ashfield@windriver.com>
Date: Mon Oct 31 14:30:12 2016 -0400
scc: exit on error
If there is an error in the processing of the input files, scc
should exit and inform the user.
scc is executed on a combined/preprocessed file and as a result
it doesn't have the granularity to see each input file individually.
Rather than moving preprocessing into scc (from spp), we can trap
the line number of the error and dump context around the line.
This gives the user a pointer to the input file and the specific
line that caused the problem.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
commit bf99953e8ac14cee653e559f2d4a6022c847a182
Author: Bruce Ashfield <bruce.ashfield@windriver.com>
Date: Fri Oct 28 21:23:27 2016 -0400
kgit-meta: always checkout branches on branch commands
During a tree generation we must always make the branch active when
we see any kind of branch command. This ensures that any subsequent
patches are applied in the proper context.
Previously, only branch creation was changing the active branch, and
this mean that tree generation was not determinstic and relied
on the order of processing to generate a correct tree.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
]
Bruce Ashfield [Wed, 16 Nov 2016 14:24:33 +0000 (09:24 -0500)]
linux-yocto/4.8: update from v4.8.6 -> v4.8.8
Updating to the korg -stable release 4.8.8. The short log change
summary follows:
61385cc1db42 Linux 4.8.8 8ed841d6c045 scsi: megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression 32f60e9b621f scsi: megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices eb2ca7aac349 usb: dwc3: gadget: properly account queued requests 38db26fb3ae5 arch/powerpc: Update parameters for csum_tcpudp_magic & csum_tcpudp_nofold a143c6022cef packet: on direct_xmit, limit tso and csum to supported devices a6289d9ac3fe ip6_tunnel: Update skb->protocol to ETH_P_IPV6 in ip6_tnl_xmit() c9e086b9009a sctp: validate chunk len before actually using it 5a37dce1b679 net sched filters: fix notification of filter delete with proper handle d46b19687fec net: ipv6: Do not consider link state for nexthop validation eb77db88ea11 macsec: Fix header length if SCI is added if explicitly disabled 027ab3b8ee5a netvsc: fix incorrect receive checksum offloading b75edf27a6c3 udp: fix IP_CHECKSUM handling 5ee356021c42 sctp: fix the panic caused by route update d90cbfaf5439 net: sctp, forbid negative length 64774617da37 net: fec: Call swap_buffer() prior to IP header alignment c6c82c2b707e ipv4: use the right lock for ping_group_range 8418193f7052 ipv4: disable BH in set_ping_group_range() 23c110c4cdbc net: add recursion limit to GRO d3bbd04b92fd net: core: Correctly iterate over lower adjacency list fc5722f8f8f2 rtnetlink: Add rtnexthop offload flag to compare mask 4ac3ca8c2933 switchdev: Execute bridge ndos only for bridge ports 63d82a2cbd0c bridge: multicast: restore perm router ports on multicast enable e9a5921c393f net: pktgen: remove rcu locking in pktgen_change_name() 2eeb5735dd04 net/mlx4_en: fixup xdp tx irq to match rx 27bb6e31d32d IB/ipoib: move back IB LL address into the hard header f280126ec8d8 ipv6: correctly add local routes when lo goes up 0f3e77623916 ip6_tunnel: fix ip6_tnl_lookup a148a818df84 net: phy: Trigger state machine on state change and not polling. 2a9099899a6a ipv6: tcp: restore IP6CB for pktoptions skbs 50b43ad1dce6 net_sched: reorder pernet ops and act ops registrations dac04913ee27 drivers/ptp: Fix kernel memory disclosure 3f841d1555ad netlink: do not enter direct reclaim from netlink_dump() 5086cadf8fa4 packet: call fanout_release, while UNREGISTERING a netdev 6fff1319fdac net: Add netdev all_adj_list refcnt propagation to fix panic 9caee42c800e net/sched: act_vlan: Push skb->data to mac_header prior calling skb_vlan_*() functions c002dfd8adaa net: pktgen: fix pkt_size ff1b27c31706 net: fec: set mac address unconditionally 567aeca9fbb7 Linux 4.8.7 1bf121d3b234 HID: usbhid: add ATEN CS962 to list of quirky devices 05a833d4b051 cpufreq: intel_pstate: Set P-state upfront in performance mode c89771511deb ubi: fastmap: Fix add_vol() return value test in ubi_attach_fastmap() 591bf1362e9e btrfs: qgroup: Prevent qgroup->reserved from going subzero 0c879624701d kvm: x86: Check memopp before dereference (CVE-2016-8630) 725a92be3926 ARM: fix oops when using older ARMv4T CPUs e339609bf377 tty: vt, fix bogus division in csi_J 4a22930a74ac v4l: vsp1: Prevent pipelines from running when not streaming 59f9693a170a usb: musb: Fix hardirq-safe hardirq-unsafe lock order error 086ac9180437 usb: chipidea: host: fix NULL ptr dereference during shutdown 07bae478e1c1 usb: dwc3: Fix size used in dma_free_coherent() fedede0963c4 pwm: Unexport children before chip removal 7b4b77b9566d omapfb: fix return value check in dsi_bind() a3e55d6342b2 video: fbdev: pxafb: potential NULL dereference on error 13d0f5b3a399 uapi: add missing install of sync_file.h db5025bd08ef UBI: fastmap: scrub PEB when bitflips are detected in a free PEB EC header cc94524e8940 netfilter: xt_NFLOG: fix unexpected truncated packet 720a40113e78 i2c: mark device nodes only in case of successful instantiation f7d8d44a68de drm: i915: Wait for fences on new fb, not old 1cefe4cb4f8c drm/i915/fbc: fix CFB size calculation for gen8+ 809e9e6fc390 drm/i915: Clean up DDI DDC/AUX CH sanitation ba0a959e0334 drm/i915: Respect alternate_aux_channel for all DDI ports 426a724c9972 drm: Release reference from blob lookup after replacing property 5064a6a05387 drm/dp/mst: Check peer device type before attempting EDID read e6fcf953a995 drm/i915/gen9: fix watermarks when using the pipe scaler 0f7f9c456380 drm/i915/gen9: fix DDB partitioning for multi-screen cases 0cc98b5963f8 drm/fb-helper: Keep references for the current set of used connectors 14f4a463dc78 drm/fb-helper: Fix connector ref leak on error 6222f1e0b9ef drm/fb-helper: Don't call dirty callback for untouched clips 7290da41b8da drm/nouveau/acpi: fix check for power resources support fd5f9e1e28cb drm/radeon: drop register readback in cayman_cp_int_cntl_setup e136de5d7331 drm/radeon/si_dpm: workaround for SI kickers fe777e7a595c drm/radeon/si_dpm: Limit clocks on HD86xx part fa6227dbfd6a drm/imx: ipuv3-plane: Access old u/vbo properly in ->atomic_check for YU12/YV12 d040374f3473 drm/imx: ipuv3-plane: Switch EBA buffer only when we don't need modeset 51ed5a2bbf38 Revert "drm/radeon: fix DP link training issue with second 4K monitor" ac6f210dd7a6 md: be careful not lot leak internal curr_resync value into metadata. -- (all) eba4fe9db92f RAID10: ignore discard error 21faa6dbf53f RAID1: ignore discard error b80fcd58e6f6 mmc: dw_mmc-pltfm: fix the potential NULL pointer dereference 1244d3c3a0f6 scsi: arcmsr: Send SYNCHRONIZE_CACHE command to firmware 2a1a0a6f1d60 scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded 5bac49422b4a ath10k: cache calibration data when the core is stopped a7d092e946f5 Revert "ath9k_hw: implement temperature compensation support for AR9003+" aea7cb3b7ceb mac80211: discard multicast and 4-addr A-MSDUs 27fa1e735c70 firewire: net: fix fragmented datagram_size off-by-one 032430fb6a2c firewire: net: guard against rx buffer overflows facb17b67ac9 Input: i8042 - add XMG C504 to keyboard reset table 8b535f07898a rtl8xxxu: Fix rtl8723bu driver reload issue 1c9edb27261e rtl8xxxu: Fix big-endian problem reporting mactime ece1b51ae1c4 rtl8xxxu: Fix memory leak in handling rxdesc16 packets 5a805cd29284 dm raid: fix activation of existing raid4/10 devices 6e5456768ba1 dm raid: fix compat_features validation 056290446e8a dm rq: clear kworker_task if kthread_run() returned an error 13a59a868756 dm table: fix missing dm_put_target_type() in dm_table_add_target() 159a17e8dbf6 dm mirror: fix read error on recovery after default leg failure d8db5234adef virtio: console: Unlock vqs while freeing buffers 7569d22a820d virtio_pci: Limit DMA mask to 44 bits for legacy virtio devices 0c2f67a6196d virtio_ring: Make interrupt suppression spec compliant c528df925fba parisc: Ensure consistent state when switching to kernel stack at syscall entry 592de1000694 ovl: fsync after copy-up 3ad464dadb7c ovl: update S_ISGID when setting posix ACLs be9015460ed5 ovl: fix get_acl() on tmpfs 2b632307635f MIPS: KASLR: Fix handling of NULL FDT 1734afcce32b nfsd: Fix general protection fault in release_lock_stateid() 202c6676b963 ARM: dts: fix the SD card on the Snowball db20b510ca5c ARM: mvebu: Select corediv clk for all mvebu v7 SoC c627b2e76ae2 KVM: MIPS: Precalculate MMIO load resume PC f3a0c969e788 KVM: MIPS: Make ERET handle ERL before EXL 961cf133b710 KVM: s390: Fix STHYI buffer alignment for diag224 88aca01f8cb4 KVM: x86: fix wbinvd_dirty_mask use-after-free ea261d177aed dm: free io_barrier after blk_cleanup_queue call 377a2a273c4b Staging: wilc1000: Fix kernel Oops on opening the device 0c4ffbf9e118 iio:chemical:atlas-ph-sensor: Fix use of 32 bit int to hold 16 bit big endian value 52a1e76f16e2 arm64: dts: marvell: fix clocksource for CP110 master SPI0 0dff3c6321a5 tty: limit terminal size to 4M chars 44f0722dc9ac xhci: workaround for hosts missing CAS bit 0894224ae7c0 xhci: add restart quirk for Intel Wildcatpoint PCH b2d28d93cf83 hv: do not lose pending heartbeat vmbus packets eeae0a12a166 vt: clear selection before resizing 9710f5b19328 x86/smpboot: Init apic mapping before usage 58b0a7f115f8 GenWQE: Fix bad page access during abort of resource allocation b9aa0a7290f5 usb: increase ohci watchdog delay to 275 msec 241208e7b721 usb: renesas_usbhs: add wait after initialization for R-Car Gen3 00dbeb06292b xhci: use default USB_RESUME_TIMEOUT when resuming ports. 1e306cd37a66 USB: serial: ftdi_sio: add support for Infineon TriBoard TC2X7 d082fd105eb9 USB: serial: cp210x: fix tiocmget error handling e8bf726705bd USB: serial: fix potential NULL-dereference at probe 23124735a6f0 usb: gadget: function: u_ether: don't starve tx request queue fe4af125085a usb: gadget: udc: atmel: fix endpoint name 420d16894425 mei: txe: don't clean an unprocessed interrupt cause. 5d30e8f65073 ubifs: Fix regression in ubifs_readdir() b8176cc56bf1 ubifs: Abort readdir upon error 1755f43e9a90 timers: Lock base for same bucket optimization e18ed431d7da timers: Plug locking race vs. timer migration b5e3a038997a timers: Prevent base clock corruption when forwarding 665f7bf33aa8 timers: Prevent base clock rewind when forwarding clock 0d621c57e739 x86/microcode/AMD: Fix more fallout from CONFIG_RANDOMIZE_MEMORY=y e599203f55ad powerpc/64: Fix race condition in setting lock bit in idle/wakeup code 51d784b54768 powerpc/64: Re-fix race condition between going idle and entering guest 2c7ff0e5c311 powerpc/mm/radix: Use tlbiel only if we ever ran on the current cpu ae150de2d5e0 powerpc: Convert cmp to cmpd in idle enter sequence 1198fbca645e btrfs: fix races on root_log_ctx lists bc720ae2ffab cxl: Fix leaking pid refs in some error paths 2a997e83960b ANDROID: binder: Clear binder and cookie when setting handle in flat binder struct 599cfd58ffde ANDROID: binder: Add strong ref checks 2a0efa30b15c ALSA: hda - Fix headset mic detection problem for two Dell laptops 2585e17b71c7 ALSA: hda - Fix surround output pins for ASRock B150M mobo 14456570a4a5 ALSA: hda - Adding a new group of pin cfg into ALC295 pin quirk table 54186c7dd2ec ALSA: hda - allow 40 bit DMA mask for NVidia devices 0f574c90d747 ALSA: seq: Fix time account regression 8ccf154b2654 ALSA: usb-audio: Add quirk for Syntek STK1160 9d3f5b85ef8b device-dax: fix percpu_ref_exit ordering 33bcff297228 security/keys: make BIG_KEYS dependent on stdrng. 5152986c9257 KEYS: Sort out big_key initialisation 5daa841d0437 KEYS: Fix short sprintf buffer in /proc/keys show function 0a38e6c551c4 thermal/powerclamp: correct cpu support check 5db5e0c11c13 mm: memcontrol: do not recurse in direct reclaim 68adb469dd3b mm/slab: fix kmemcg cache creation delayed issue 67ae004e2c52 mm/list_lru.c: avoid error-path NULL pointer deref 5cb73199ca48 libxfs: clean up _calc_dquots_per_chunk d00057ecf82f gpio: GPIO_GET_LINE{HANDLE,EVENT}_IOCTL: Fix file descriptor leak c70eb2cc1276 gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix another information leak 6bba4b226521 gpio: GPIO_GET_LINEEVENT_IOCTL: Reject invalid line and event flags e2144827d96b gpio: GPIO_GET_LINEHANDLE_IOCTL: Reject invalid line flags c0699405b147 gpio: GPIO_GET_LINEEVENT_IOCTL: Validate line offset 49bdfb21e37d gpio: GPIOHANDLE_GET_LINE_VALUES_IOCTL: Fix information leak e22edf53b40f gpio: GPIO_GET_LINEHANDLE_IOCTL: Validate line offset a23a59c56a53 gpio: GPIO_GET_CHIPINFO_IOCTL: Fix information leak 78ae767553e4 gpio: GPIO_GET_CHIPINFO_IOCTL: Fix line offset validation 56ffab4f532e gpio / ACPI: fix returned error from acpi_dev_gpio_irq_get() 4366246129ca h8300: fix syscall restarting a639266ae0c3 spi: mark device nodes only in case of successful instantiation d6634d871199 spi: fsl-espi: avoid processing uninitalized data on error 0cee66b72acc drm/dp/mst: Clear port->pdt when tearing down the i2c adapter f2ffb21fb495 i2c: core: fix NULL pointer dereference under race condition 0fda1cdcbb72 i2c: xgene: Avoid dma_buffer overrun 9c619c2a8d4d i2c: rk3x: Give the tuning value 0 during rk3x_i2c_v0_calc_timings
Bruce Ashfield [Wed, 16 Nov 2016 14:24:32 +0000 (09:24 -0500)]
linux-yocto/4.8: update to v4.8.6-rt5
Paul Gortmaker sent along updates to the latest 4.8 -rt version.
Updating the SRCREVs to include the following commits:
f83a3d4a643b v4.8.6-rt5 74c7ffc2e3f2 NFSv4: don't disable preemption on !RT 9711dc408890 kbuild: Add -fno-pie to KBUILD_AFLAGS: 7b4d4278e307 v4.8.6-rt4 24aa22031f3c v4.8.2-rt3 8541163464e2 kbuild: add -fno-PIE 81b61ced2d45 NFSv4: replace seqcount_t with a seqlock_t a8300ce29d0c worqueue: document the proper argument 9711591ebdc3 genirq: document swork member 1aace69fd88f rbtree: include barrier.h 74d4589809f2 rxrpc: remove unused static variables a941e2f0611c x86/apic: get rid of "warning: 'acpi_ioapic_lock' defined but not used" 9888d1c2e3ab hotplug: Call mmdrop_delayed() in sched_cpu_dying() if PREEMPT_RT_FULL debf0ec42b2e drivers/zram: Don't disable preemption in zcomp_stream_get/put() c84b472ee376 mm/zs_malloc: Fix bit spinlock replacement c17de80bfeba zsmalloc: turn that get_cpu_light() into a local_lock() 33586701e8ad connector/cn_proc: Protect send_msg() with a local lock on RT b20867d36bcd ftrace: Fix trace header alignment
Signed-off-by: Liwei Song <liwei.song@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Tue, 22 Nov 2016 17:41:43 +0000 (17:41 +0000)]
conf: add C++ flags for uninative interoperatility
Create a common include file for compiler flags which allow native binaries to
be interoperable on a wide range of hosts. In particular the C++ ABI is
problematic so choose the CXX11 version to allow interoperation between gcc4 and
gcc5 based hosts. Moving this to a common include instead of uninative.bbclass
allows uninative to be configured later and used in the eSDK (where its
mandatory) even if the base configuration doesn't enable uninative by default
(e.g. nodistro in OE-Core).
Maciej Borzecki [Thu, 10 Nov 2016 12:18:34 +0000 (13:18 +0100)]
wic: check that filesystem is specified for a rootfs partition
We explicitly check for --fstype if no source was provided for a
partition. However, this was not the case for rootfs partitions. Make
sure to raise an error if filesystem was left unspecified when preparing
a rootfs partition image.
Yi Zhao [Thu, 17 Nov 2016 08:08:10 +0000 (16:08 +0800)]
tiff: Security fix CVE-2016-3632
CVE-2016-3632 libtiff: The _TIFFVGetField function in tif_dirinfo.c in
LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of
service (out-of-bounds write) or execute arbitrary code via a crafted
TIFF image.
Yi Zhao [Wed, 16 Nov 2016 10:07:43 +0000 (18:07 +0800)]
nfs-utils: fix protocol minor version fall-back
Mount nfs directory would fail if no specific nfsvers:
mount -t nfs IP:/foo/bar/ /mnt/
mount.nfs: an incorrect mount option was specified
mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if
the kernel doesn't understand the requested NFS version.
Unfortunately if the requested minor is not known to the kernel
it returns -EINVAL.
Backport patch from nfs-utils-1.3.4 to fix this issue.
Yi Zhao [Wed, 16 Nov 2016 10:07:33 +0000 (18:07 +0800)]
openssl: Security fix CVE-2016-7055
There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits.
Use SHA256 as default digest for OpenSSL instead of MD5.
CVE: CVE-2004-2761
The MD5 Message-Digest Algorithm is not collision resistant,
which makes it easier for context-dependent attackers to
conduct spoofing attacks, as demonstrated by attacks on the
use of MD5 in the signature algorithm of an X.509 certificate.
Khem Raj [Mon, 14 Nov 2016 05:35:46 +0000 (21:35 -0800)]
cmake.bbclass: Set CXXFLAGS and CFLAGS
We strip the TOOLCHAIN_OPTIONS and HOST_CC_ARCH from CC/CXX in cmake.bbclass
whereas CFLAFS and CXXFLAGS assume that TOOLCHAIN_OPTIONS are
part of CC/CXX variables, this causes compile failures when cmake
is running compiler tests during configure on some architectures
especially armhf, because hf ABI information -mfloat-abi is part
of TOOLCHAIN_OPTIONS, so what happens is that testcase gets compiled
without hard-float, howver, during linking the float ABI option
is passed via LDFLAGS, now linker rejects this and fails like
/mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: error: cmTC_27947 uses VFP register arguments, CMakeFiles/cmTC_27947.dir/src.cxx.o does not
mnt/a/build/tmp-glibc/sysroots/x86_64-linux/usr/libexec/arm-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/6.2.0/ld: failed to merge target specific data of file CMakeFiles/cmTC_27947.dir/src.cxx.o
collect2: error: ld returned 1 exit status
This means that CMake now fails the configure time test too
which is not right, e.g. it might disable features which actually do exist
and should be enabled e.g. in case above it is resulting as below
Performing C++ SOURCE FILE Test HAS_BUILTIN_SYNC_SUB_AND_FETCH failed with the following output:
Its actually a bug in CMake see
https://gitlab.kitware.com/cmake/cmake/issues/16421
CMake is ignoring CMAKE_CXX_FLAGS when using CHECK_CXX_SOURCE_COMPILES
function.
Until it is fixed upstream, we add HOST_CC_ARCH and TOOLCHAIN_OPTIONS
to CFLAGS and CXXFLAGS, so that we can ensure that compiler invocation
remains consistent.
Zhixiong Chi [Mon, 14 Nov 2016 09:46:52 +0000 (17:46 +0800)]
tiff: Security fix CVE-2016-3658
The TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool
allows remote attackers to cause a denial of service (out-of-bounds read) via vectors
involving the ma variable.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
André Draszik [Wed, 9 Nov 2016 14:48:53 +0000 (14:48 +0000)]
openssl: fix bashism in c_rehash shell script
This script claims to be a /bin/sh script, but it uses
a bashism:
from checkbashisms:
possible bashism in meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh line 151 (should be 'b = a'):
if [ "x/" == "x$( echo ${FILE} | cut -c1 -)" ]
This causes build issues on systems that don't have
/bin/sh symlinked to bash:
Ross Burton [Tue, 8 Nov 2016 23:07:41 +0000 (23:07 +0000)]
systemtap: remove explicit msgfmt check
Passing --disable-nls should be enough to disable the requirement for a full
gettext to be present, but the upstream configure explicitly checks for msgfmt
even if it isn't going to be used. To avoid having to depend on gettext-native,
patch this check out.
Ed Bartosh [Mon, 24 Oct 2016 13:54:41 +0000 (16:54 +0300)]
systemd-bootdisk.wks: use PARTUUID
Root device name in systemd-bootdisk.wks is 'sda'. This can cause
images, produced using this wks to refuse booting if real device
name is not 'sda'. For example, when booting MinnowBoard MAX from
MicroSD card the boot process stucks with this message on the boot
console output: Waiting for root device /dev/sda2...
This happens because real device name of MicroSD card on this device
is mmcblk1.
Used --use-uuid option for root partition. This should make
wic to put partiion UUID instead of device name into kernel command
line.
Khem Raj [Mon, 7 Nov 2016 07:25:26 +0000 (23:25 -0800)]
libbsd: Fix build with musl
a.out.h support is not across all architectures only
x86/x86_64 support is in linux/a.out.h, this patch
abstracts the minimum needed constructs into itself
Li Zhou [Mon, 7 Nov 2016 03:02:16 +0000 (11:02 +0800)]
db: disable the ARM assembler mutex code
The swpb in macro MUTEX_SET will cause "undefined instruction" error
on the new arm arches which don't support this assembly instruction
any more. If use ldrex/strex to replace swpb, the old arm arches don't
support them. So to avoid this issue, just disable the ARM assembler
mutex code, and use the default pthreads mutex.
André Draszik [Fri, 4 Nov 2016 11:06:31 +0000 (11:06 +0000)]
cve-check.bbclass: CVE-2014-2524 / readline v5.2
Contrary to the CVE report, the vulnerable trace functions
don't exist in readline v5.2 (which we keep for GPLv2+
purposes), they were added in readline v6.0 only - let's
whitelist that CVE in order to avoid false positives.
See also the discussion in
https://patchwork.openembedded.org/patch/81765/
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Daniel Díaz [Thu, 24 Nov 2016 22:09:31 +0000 (16:09 -0600)]
weston: Add no-input-device patch to 1.11.0.
The included patch, backported from Weston master (and OE-Core
master since Weston 1.11.1, b6864b1), allows it to run without
any input device at launch. An ini option is introduced for
this purpose, so there is no behavioral change.
Related change in weston.ini:
[core]
require-input=true
Default is true; setting it false allows Weston to run
without a keyboard or mouse, which is handy for automated
environments.
Signed-off-by: Daniel Díaz <daniel.diaz@linaro.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Armin Kuster [Fri, 4 Nov 2016 05:53:28 +0000 (22:53 -0700)]
tzdata: update to 2016i
Briefly: Cyprus split into two time zones on 2016-10-30, and Tonga
reintroduces DST on 2016-11-06.
Changes to future time stamps
Pacific/Tongatapu begins DST on 2016-11-06 at 02:00, ending on
2017-01-15 at 03:00. Assume future observances in Tonga will be
from the first Sunday in November through the third Sunday in
January, like Fiji. (Thanks to Pulu ʻAnau.) Switch to numeric
time zone abbreviations for this zone.
Changes to past and future time stamps
Northern Cyprus is now +03 year round, causing a split in Cyprus
time zones starting 2016-10-30 at 04:00. This creates a zone
Asia/Famagusta. (Thanks to Even Scharning and Matt Johnson.)
Antarctica/Casey switched from +08 to +11 on 2016-10-22.
(Thanks to Steffen Thorsen.)
Changes to past time stamps
Several corrections were made for pre-1975 time stamps in Italy.
These affect Europe/Malta, Europe/Rome, Europe/San_Marino, and
Europe/Vatican.
First, the 1893-11-01 00:00 transition in Italy used the new UT
offset (+01), not the old (+00:49:56). (Thanks to Michael
Deckers.)
Second, rules for daylight saving in Italy were changed to agree
with Italy's National Institute of Metrological Research (INRiM)
except for 1944, as follows (thanks to Pierpaolo Bernardi, Brian
Inglis, and Michael Deckers):
The 1916-06-03 transition was at 24:00, not 00:00.
The 1916-10-01, 1919-10-05, and 1920-09-19 transitions were at
00:00, not 01:00.
The 1917-09-30 and 1918-10-06 transitions were at 24:00, not
01:00.
The 1944-09-17 transition was at 03:00, not 01:00. This
particular change is taken from Italian law as INRiM's table,
(which says 02:00) appears to have a typo here. Also, keep the
1944-04-03 transition for Europe/Rome, as Rome was controlled by
Germany then.
The 1967-1970 and 1972-1974 fallback transitions were at 01:00,
not 00:00.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Fri, 25 Nov 2016 17:35:03 +0000 (17:35 +0000)]
lib/oe/qa: handle binaries with segments outside the first 4kb
The ELF parser was assuming that the segment tables are in the first 4kb of the
binary. Whilst this generally appears to be the case, there have been instances
where the segment table is elsewhere (offset 2MB, in this sample I have). Solve
this problem by mmap()ing the file instead.
Also clean up the code a little whilst chasing the problem.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Andre McCurdy [Wed, 2 Nov 2016 22:57:03 +0000 (15:57 -0700)]
gdb: update 7.11+git1a982b689c -> 7.11.1
41d8236 Set GDB version number to 7.11.1. 136613e Fix PR gdb/19828: gdb -p <process from a container>: internal error a0de87e Make gdb/linux-nat.c consider a waitstatus pending on the infrun side cf2cd51 Add mi-threads-interrupt.exp test (PR 20039) f0a8d0d Fix double prompt output after run control MI commands with mi-async on (PR 20045) b5f0db4 Fix -exec-run not running asynchronously with mi-async on (PR gdb/18077) 7f8e34d Use target_terminal_ours_for_output in MI
Dengke Du [Wed, 2 Nov 2016 07:12:10 +0000 (15:12 +0800)]
subversion: fix "svnadmin create" fail on x86
When run the following command on x86:
svnadmin create /var/test_repo
It cause segmentation fault error like the following:
[16499.751837] svnadmin[21117]: segfault at 83 ip 00000000f74bf7f6 sp 00000000ffdd9b34 error 4 in libc-2.24.so[f7441000+1af000]
Segmentation fault (core dumped)
This is because in source code ./subversion/libsvn_fs_fs/low_level.c,
function svn_fs_fs__unparse_footer, when:
target arch: x86
apr_off_t: 4 bytes
if the "APR_OFF_T_FMT" is "lld", it still use type "apr_off_t" to pass
data to apr, but in apr source code file apr_snprintf.c the function
apr_vformatter meet "lld", it would use the:
i_quad = va_arg(ap, apr_int64_t);
It uses the apr_int64_t to deal data, it read 8 bytes, so the follow-up
data may be error.
If you are using a repository which contains a .templateconf file that
sets TEMPLATECONF to point into a layer it contains, but you aren't
using that layer in your bblayers.conf, the eSDK would produce an error
during the preparation step of the installation. An example would be
using the poky repository but setting DISTRO to your own custom distro
and removing meta-poky from your bblayers.conf. The eSDK doesn't
support creating new build directories, so we don't care about the
templates and can thus force a known good value to prevent this from
happening.
Paul Eggleton [Wed, 2 Nov 2016 02:31:04 +0000 (15:31 +1300)]
oe-setup-builddir: fix TEMPLATECONF error message
This directory shouldn't contain local.conf and bblayers.conf - just
templates for them; except it doesn't have to contain those, it just has
to exist to pass this test. Change the error message accordingly, and
mention TEMPLATECONF so that the user has at least some context.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Armin Kuster [Mon, 24 Oct 2016 03:00:16 +0000 (20:00 -0700)]
tzdata: Update to 2016h
Changes to future time stamps
Asia/Gaza and Asia/Hebron end DST on 2016-10-29 at 01:00, not
2016-10-21 at 00:00. (Thanks to Sharef Mustafa.) Predict that
future fall transitions will be on the last Saturday of October
at 01:00, which is consistent with predicted spring transitions
on the last Saturday of March. (Thanks to Tim Parenti.)
Changes to past time stamps
In Turkey, transitions in 1986-1990 were at 01:00 standard time
not at 02:00, and the spring 1994 transition was on March 20, not
March 27. (Thanks to Kıvanç Yazan.)
Changes to past and future time zone abbreviations
Asia/Colombo now uses numeric time zone abbreviations like "+0530"
instead of alphabetic ones like "IST" and "LKT". Various
English-language sources use "IST", "LKT" and "SLST", with no
working consensus. (Usage of "SLST" mentioned by Sadika
Sumanapala.)
Armin Kuster [Mon, 24 Oct 2016 03:00:15 +0000 (20:00 -0700)]
tzcode-native: update to 2016h
Changes to code
zic no longer mishandles relativizing file names when creating
symbolic links like /etc/localtime, when these symbolic links
are outside the usual directory hierarchy. This fixes a bug
introduced in 2016g. (Problem reported by Andreas Stieger.)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Olaf Mandel [Fri, 21 Oct 2016 16:36:02 +0000 (16:36 +0000)]
texi2html: Allow compiling out-of-source
Compiling texi2html 5.0 out-of-source with USE_NLS set to no failed
because it tried to copy from srcdir without using that variable.
Fix this issue and add a reference to the upstream commit.
Remove backported gcc5-port.patch
Remove 11_mips-link-tool.patch as there is nothing in the target file
(or the entire source tree) that resembles anything contained in the patch.
rt-tests: fix the recipe version to match upstream
Upstream had a 2.0 tag for a while, then removed it and added a 1.1 tag :-/
Let's make it match to avoid confusion. There's only one new commit
added, which adds a missing manpage.
Also, update the outdated version comment in rt-tests.inc
Mike Looijmans [Tue, 1 Nov 2016 13:30:56 +0000 (14:30 +0100)]
busybox/mdev.conf: Ignore eMMC RPMB and boot block devices
eMMC devices may report block devices like "mmcblk0rpmb" and
"mmcblk0boot0". These are not actually block devices and any
read/write operation on them will fail. To prevent spamming error
messages attempting to mount them, just ignore these devices.
Robert Yang [Tue, 1 Nov 2016 12:44:46 +0000 (05:44 -0700)]
insane.bbclass:buildpaths: open() file with 'rb'
open() is default to 'rt' which may cause decoding errors when open
binary file:
$ bitbake xcursor-transparent-theme
[snip]
Exception: UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfd in position 18: invalid start byte
[snip]
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Paul Eggleton [Tue, 1 Nov 2016 03:24:23 +0000 (16:24 +1300)]
classes/nativesdk: set SDK_OLDEST_KERNEL appropriately
SDK_OLDEST_KERNEL currently only controls the check on SDK installation,
however as with OLDEST_KERNEL it should be controlling the OLDEST_KERNEL
value for building glibc used in the SDK. Thus, set it in
nativesdk.bbclass. This means we need to move the default to
bitbake.conf so that it can be seen in both places.
Also set a more reasonable default for SDK_OLDEST_KERNEL for x86/x86-64 as
glibc 2.24 still supports back to 2.6.32 there and there are still
people wanting to build SDKs that will install on older distros (e.g.
CentOS 6). However it's not possible to set this with overrides since
there aren't any for the SDK_ARCH, however we can instead set the variable
from conf files in conf/machine-sdk especially as there is now a soft
default for SDKMACHINE.
Paul Eggleton [Tue, 1 Nov 2016 03:24:22 +0000 (16:24 +1300)]
classes/populate_sdk_base: fix usage of & character in SDK_TITLE
If you used an & character in SDK_TITLE (possibly indirectly from
DISTRO_NAME) then sed interpreted this as a directive to paste in the
replaced string (@SDK_TITLE@ in this case). Escape any & characters in
SDK_TITLE to avoid that.
Yi Zhao [Wed, 26 Oct 2016 08:26:48 +0000 (16:26 +0800)]
tiff: Security fix CVE-2016-3622
CVE-2016-3622 libtiff: The fpAcc function in tif_predict.c in the
tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to
cause a denial of service (divide-by-zero error) via a crafted TIFF
image.
Yi Zhao [Wed, 26 Oct 2016 08:26:47 +0000 (16:26 +0800)]
tiff: Security fix CVE-2016-3623
CVE-2016-3623 libtiff: The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier
allows remote attackers to cause a denial of service (divide-by-zero) by
setting the (1) v or (2) h parameter to 0.
Yi Zhao [Wed, 26 Oct 2016 08:26:46 +0000 (16:26 +0800)]
tiff: Security fix CVE-2016-3991
CVE-2016-3991 libtiff: Heap-based buffer overflow in the loadImage
function in the tiffcrop tool in LibTIFF 4.0.6 and earlier allows remote
attackers to cause a denial of service (out-of-bounds write) or execute
arbitrary code via a crafted TIFF image with zero tiles.
Yi Zhao [Wed, 26 Oct 2016 08:26:45 +0000 (16:26 +0800)]
tiff: Security fix CVE-2016-3990
CVE-2016-3990 libtiff: Heap-based buffer overflow in the
horizontalDifference8 function in tif_pixarlog.c in LibTIFF 4.0.6 and
earlier allows remote attackers to cause a denial of service (crash) or
execute arbitrary code via a crafted TIFF image to tiffcp.
Yi Zhao [Wed, 26 Oct 2016 08:26:44 +0000 (16:26 +0800)]
tiff: Security fix CVE-2016-3945
CVE-2016-3945 libtiff: Multiple integer overflows in the (1)
cvt_by_strip and (2) cvt_by_tile functions in the tiff2rgba tool in
LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote
attackers to cause a denial of service (crash) or execute arbitrary code
via a crafted TIFF image, which triggers an out-of-bounds write.
Chen Qi [Wed, 26 Oct 2016 06:09:47 +0000 (14:09 +0800)]
systemd: CVE-2016-7795
The manager_invoke_notify_message function in systemd 231 and earlier allows
local users to cause a denial of service (assertion failure and PID 1 hang)
via a zero-length message received over a notify socket.
The patch is a backport from the latest git repo.
Please see the link below for more information.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7795
Robert Yang [Mon, 31 Oct 2016 15:48:58 +0000 (08:48 -0700)]
oe/copy_buildsystem.py: dereference symlink
When there is a relative symlink in the layer, for example:
symA -> ../out/of/layer/file
symA will be invalid fater copied, it would be invalid from build time
if it points to a relative path, and would be invalid after extracted
the sdk if it points to a absolute py. Dereference symlink when copy
will fix the problem.
Use tar rather than shutil.copytree() to copy is because:
1) shutil.copytree(symlinks=Fasle) has bugs when dereference symlinks:
https://bugs.python.org/issue21697
And Ubunutu 1404 doesn't upgrade python3 to fix the problem.
2) shutil.copytree(symlinks=False) raises errors when there is a invalid
symlink, and tar just prints a warning, tar is preferred here since
the real world is unpredicatable
3) tar is faster than shutil.copytree() as said by oe.path.copytree()
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Dmitry Rozhkov [Fri, 28 Oct 2016 07:22:35 +0000 (10:22 +0300)]
openssl: rehash actual mozilla certificates inside rootfs
The c_rehash utility is supposed to be run in the folder /etc/ssl/certs
of a rootfs where the package ca-certificates puts symlinks to
various CA certificates stored in /usr/share/ca-certificates/mozilla/.
These symlinks are absolute. This means that when c_rehash is run
at rootfs creation time it can't hash the actual files since they
actually reside in the build host's directory
$SYSROOT/usr/share/ca-certificates/mozilla/.
This problem doesn't reproduce when building on Debian or Ubuntu
hosts though, because these OSs have the certificates installed
in the same /usr/share/ca-certificates/mozilla/ folder.
Images built in other distros, e.g. Fedora, have problems with
connecting to https servers when using e.g. python's http lib.
The patch fixes c_rehash to check if it runs on a build host
by testing $SYSROOT and to translate the paths to certificates
accordingly.
Ross Burton [Mon, 31 Oct 2016 15:45:58 +0000 (15:45 +0000)]
slang: add PREMIRRORS to handle upstream moving tarballs
The slang maintainer only puts the current release at
jedsoft.org/releases/slang/slang-1.2.3.tar.bz2, all previous releases are moved
into /releases/slang/old/.
As this breaks the fetch the moment a new version is released, use PREMIRRORS to
also look in the /old/ directory.
Paul Eggleton [Mon, 31 Oct 2016 03:59:43 +0000 (16:59 +1300)]
classes/license: fix handling of symlinks pointed to in LIC_FILES_CHKSUM
If you set LIC_FILES_CHKSUM to point to a relative symlink then you'll
get "Could not copy license file" warnings in copy_license_files() since
the symlink won't be valid after it's copied. If the source is a symlink
then we need to dereference it first.
I encountered this when I used recipetool on the sources for capnproto,
where the c++ directory contains a LICENSE.txt symlink to the LICENSE
file in the parent directory, and this symlink ends up being pointed to
in LIC_FILES_CHKSUM.
Juro Bystricky [Fri, 28 Oct 2016 22:14:56 +0000 (15:14 -0700)]
build-appliance-image: Fix incorrect PATH
When modifying the PATH variable in .bashrc, double quote characters
were used, resulting in expanding the variable $PATH with the value of
PATH of the system building the Build Appliance.
The original intent was to enter an un-expanded (literal) $PATH.
In order to that, one must use single quotes instead of double quotes.
0 elf32_arm_count_additional_relocs (sec=0x79bf40) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:18210
1 0x000000000047635a in bfd_elf_final_link (abfd=abfd@entry=0x783250, info=info@entry=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elflink.c:11224
2 0x000000000044df7b in elf32_arm_final_link (abfd=0x783250, info=0x748400 <link_info>) at /mnt/a/work/oe/binutils-gdb/bfd/elf32-arm.c:12131
3 0x0000000000418917 in ldwrite () at /mnt/a/work/oe/binutils-gdb/ld/ldwrite.c:577
4 0x000000000040365f in main (argc=<optimized out>, argv=<optimized out>) at /mnt/a/work/oe/binutils-gdb/ld/ldmain.c:433
gold works ok. The patch is already applied in master binutils
Paul Eggleton [Tue, 18 Oct 2016 02:51:16 +0000 (15:51 +1300)]
devtool: runqemu: work around runqemu script path assumption
The new runqemu script assumes that if OECORE_NATIVE_SYSROOT is set then
it shouldn't try to run bitbake to find out the values of various
variables such as DEPLOY_DIR_IMAGE; this assumption is incorrect for the
extensible SDK. To work around this, clear OECORE_NATIVE_SYSROOT in the
environment when running runqemu.
Fixes [YOCTO #10447].
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
