Catalin Enache [Tue, 19 Dec 2017 10:39:12 +0000 (12:39 +0200)]
qemu: CVE-2017-17381
The Virtio Vring implementation in QEMU allows local OS guest users to
cause a denial of service (divide-by-zero error and QEMU process crash)
by unsetting vring alignment while updating Virtio rings.
Richard Purdie [Sat, 13 Jan 2018 17:57:24 +0000 (17:57 +0000)]
cross-canadian/gettext: Drop unneeded nativesdk-gettext dependency
In line with the other gettext cleanups, drop the nativesdk-gettext dependency
as it isn't needed (similarly to the previous target gettext dependencies).
This then means we can drop DEPENDS_GETTEXT as there are no other users.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Tue, 9 Jan 2018 17:50:06 +0000 (17:50 +0000)]
glib: remove gettext-native dependency for native builds
By removing gettext-native as a build dependency in glib-2.0-native we can delay
the build of gettext-native further. The gettext class will add the dependency
for target builds.
Don't forcibly set USE_NLS=yes so that NLS support is supposedly disabled in
native builds. GLib will then force it back on, but we shouldn't be using it in
any other native recipes so seed the autoconf cache so GLib will run /bin/false
instead of msgfmt. Quite a kludge, but it works and should fail obviously if
the kludge stops being sufficient.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Jackie Huang [Wed, 10 Jan 2018 01:53:06 +0000 (09:53 +0800)]
rpcbind: Stop freeing a static pointer
commit 7ea36ee introduced a svc_freeargs() call
that ended up freeing static pointer.
It turns out the allocations for the rmt_args
is not necessary . The xdr routines (xdr_bytes) will
handle the memory management and the largest
possible message size is UDPMSGSIZE (due to UDP only)
which is smaller than RPC_BUF_MAX
Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Fixed:
$ oe-selftest -r devtool.DevtoolTests.test_create_workspace
[snip]
2017-12-20 18:28:59,404 - oe-selftest - INFO - Traceback (most recent call last):
File "/workspace2/lyang1/poky/meta/lib/oeqa/core/decorator/__init__.py", line 32, in wrapped_f
return func(*args, **kwargs)
File "/workspace2/lyang1/poky/meta/lib/oeqa/selftest/cases/devtool.py", line 177, in test_create_workspace
self.assertTrue('/workspace' not in result.output, 'This test cannot be run with a workspace layer in bblayers.conf')
AssertionError: False is not true : This test cannot be run with a workspace layer in bblayers.conf
[snip]
The value was hardcoded from the time it couldn't be computed, which
is no longer the case. After C99 'bool' is only defined if stdbool.h
is included, it's implementation defined and not required to be 1, so
caching it doesn't make sense and certain recipes whoose code test
ac_cv_sizeof_bool fail to build.
Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Tue, 9 Jan 2018 00:21:10 +0000 (00:21 +0000)]
autotools: don't wipe gettext macros from gettext
We usually forcibly delete any gettext macros we come across to ensure that the
latest versions we ship are used, but if we're building gettext then it's a bad
idea to delete the gettext macros.
Historically this hasn't been a problem as the top-level gettext configure
doesn't use AM_GNU_GETTEXT so the deletion was never done, but this may change.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Anuj Mittal [Sat, 13 Jan 2018 10:02:37 +0000 (18:02 +0800)]
libxml2: fix makefile for ptests
Changes to Makefile in latest version mean when "make -k runtests" is executed,
it leads to errors like:
| make: *** No rule to make target 'runtest.c', needed by 'runtest.o'.
| make: *** No rule to make target 'SAX.c', needed by 'SAX.lo'.
| make: *** No rule to make target 'entities.c', needed by 'entities.lo'.
| make: *** No rule to make target 'encoding.c', needed by 'encoding.lo'.
Make sure that we don't try to check and compile the tests again on the target.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Juro Bystricky [Thu, 11 Jan 2018 21:16:57 +0000 (13:16 -0800)]
qemu-2.10.1.bb: support mingw build
The patch chardev-connect-socket-to-a-spawned-command.patch calls
"socketpair". This function is missing in mingw, so the patch
needs to be modified accordingly, otherwise we end up with a broken
mingw build.
While it is possible to simply remove the patch on a recipe level for
mingw platform, it makes more sense to modify the patch itself.
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jackie Huang [Thu, 2 Nov 2017 06:40:40 +0000 (14:40 +0800)]
glibc/nscd: do not cache for netgroup by default
We don't have /etc/netgroup by default, so do not
cache for netgroup by default to avoid:
nscd[529]: 529 disabled inotify-based monitoring for file `/etc/netgroup': No such file or directory
nscd[529]: 529 stat failed for file `/etc/netgroup'; will try again later: No such file or directory
bash: ptest dependency on locale should honor virtual/libc-locale
meta/conf/distro/include/tclibc-glibc.inc weakly assigns PREFERRED_PROVIDER
for virtual/libc-locale to glibc-locale, but allows adjusting it if needed.
Hence, bash should not depend on glibc-locale directly, but instead use this
virtual/libc-locale variable.
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When we run wic within eSDK:
$ wic create mkefidisk -e core-image-minimal
ERROR: BUILDDIR not found, exiting. (Did you forget to source oe-init-build-env?)
In order to figure out variable values, one must have sourced
the OE build environment setup script. However, when we are in
within the eSDK environment which isn't initialised like the
normal OE build environment, we can't use wic utility with eSDK.
While wic ought to be fixed to be able to run without bitbake
& native tools [YOCTO #11281], but this is a workaround to set
BUILDDIR in the environment so that bitbake environment is setup
for wic to build its required native tools.
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/wic: fix error of import wic module in eSDK environment
wic modules in scripts/lib/ are needed for wic to work, but path to
the python module is not exported in eSDK environment and we were
using an absolutized path of wic script within the sysroots.
We now changed to use real script path instead, where the wic modules
are located. This will also resolved the tracebacks found when running
wic from within the eSDK environment.
Traceback (most recent call last):
File "/tmp/deploy/sdk/poky_sdk/sysroots/x86_64-pokysdk-linux/usr/bin/wic", line 58, in <module>
from wic import WicError
ImportError: No module named 'wic'
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
scripts/wic: append bitbake executable file path in eSDK environment
wic needs a set of tools to be available from sysroots.
wic will find bitbake executable within the environment,
and wic was unable to locate bitbake executable within eSDK
because it wasn't setup with the OE build environment script.
Hence, we need to add bitbake file path into the environment
PATH for wic to be able to discover it and import bb modules.
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
webkitgtk: update to 2.18.5 (includes Spectre mitigations; see commit description)
This is the only available stable version with mitigation fixes for Spectre.
Webkit upstream developers do not port CVE fixes to earlier stable series,
no exception was made in this case.
at: explicitly depend on bison-native for deterministic builds
Usually bison-native gets into sysroot through indirect dependencies,
even with RSS. But when bison-native is not in sysroot, due to different
system config, it falls back to using "yacc" instead and fails like this:
| yacc -d parsetime.y
| make: yacc: Command not found
| Makefile:82: recipe for target 'y.tab.c' failed
| make: *** [y.tab.c] Error 127
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Explicitly depend on bison-native and flex-native for deterministic builds,
as those are required for the build:
| Makefile.config:129: *** Error: flex is missing on this system, please install it. Stop.
| Makefile.perf:205: recipe for target 'sub-make' failed
| make[1]: *** [sub-make] Error 2
| Makefile:68: recipe for target 'all' failed
| make: *** [all] Error 2
| Makefile.config:133: *** Error: bison is missing on this system, please install it. Stop.
| Makefile.perf:205: recipe for target 'sub-make' failed
| make[1]: *** [sub-make] Error 2
| Makefile:68: recipe for target 'all' failed
| make: *** [all] Error 2
In most cases, those dependencies come indirectly via toolchain dependencies,
specifically binutils-cross, which pulls both bison-native and flex-native.
Different setups, such as with external toolchain, would expose this problem,
since correct dependency is not marked explicitly.
The change is build-tested on all qemu architectures.
Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 11 Jan 2018 16:49:49 +0000 (16:49 +0000)]
gcc: Add missing flex-native dependency
This is needed for all stages of the cross/target/canadian compilers
and without it (and with indirect gcc dependencies disabled), the steps
fail. Add missing dependencies.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 10 Jan 2018 17:28:58 +0000 (17:28 +0000)]
gettext: rationalise optional dependencies
gettext has optional dependencies on libxml2, glib, libcroco and libunistring.
If they're not available then gettext will use internal copies, but it can also
use system libraries.
For gettext-native and nativesdk-gettext continue to use the internal copies to
reduce the dependencies, but for target use the system shared libraries.
Also gettext 0.19.7 onwards swapped expat for libxm2, so remove the build
dependency on expat.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 10 Jan 2018 17:28:57 +0000 (17:28 +0000)]
glib-2.0: rationalise build dependencies
nativesdk-glib-2.0 doesn't build-depend on nativesdk-gettext, but all variations
need to depend on gettext-native as they need msgfmt (so gettext-minimal-native
isn't an option).
Also add virtual/libintl as glib explicitly needs this. Generally this is
provided by glibc but some platforms (such as MinGW) don't.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gnupg: use native version for signing, rather than one provided by host
Using host gpg has been problematic, and particularly this removes
the need to serialize package creation, as long as --auto-expand-secmem
is passed to gpg-agent, and gnupg >= 2.2.4 is in use
(https://dev.gnupg.org/T3530).
Sadly, gpg-agent itself is single-threaded, so in the longer run
we might want to seek alternatives:
https://lwn.net/Articles/742542/
(a smaller issue is that rpm itself runs the gpg fronted in a serial
fashion, which slows down the build in cases of recipes with very
large amount of packages, e.g. glibc-locale)
Note that sstate signing and verification continues to use host
gpg, as depending on native gpg would create circular dependencies.
[YOCTO #12022]
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The entries of the created manifest file are always in a
different order. To ensure a deterministic build output
the entries are ordered alphabetically.
Signed-off-by: Michael Blättler <michael.blaettler@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Mon, 8 Jan 2018 09:33:05 +0000 (17:33 +0800)]
multilib.bbclass: remove invalid PACKAGE_INSTALL
The PACKAGE_INSTALL is only used by image recipe, the previous code had
handled it in "if bb.data.inherits_class('image', d)", handle it again
doesn't make any sense (there is no PACKAGE_INSTALL for non-image
recipe), so remove it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Mon, 8 Jan 2018 09:33:00 +0000 (17:33 +0800)]
sstate.bbclass: sstate_hardcode_path(): fix for multilib
It only substituted staging_target for target recipe which didn't work
for multilib, for example, postinst-useradd-lib32-polkit:
* No multilib:
PATH=/path/to/tmp-glibc/work/core2-64-wrs-linux/polkit/0.113-r0/recipe-sysroot-native/bin
staging_target=/path/to/tmp-glibc/work/core2-64-wrs-linux/polkit/0.113-r0/recipe-sysroot
The PATH would be substituted to:
FIXMESTAGINGDIRTARGET-native/bin
Not the funny "-native/bin", this works well.
* When multilib:
PATH=/path/to/tmp-glibc/work/core2-32-wrsmllib32-linux/lib32-polkit/0.113-r0/recipe-sysroot-native/bin
staging_target=/path/to/tmp-glibc/work/core2-32-wrsmllib32-linux/lib32-polkit/0.113-r0/lib32-recipe-sysroot
Now staging_target endswith "/lib32-recipe-sysroot", so it can't
replace '/recipe-sysroot-native' in PATH , so PATH can't be fixed, and
there would be build errors when building multilib + rm_work, for
example:
chown: invalid user: ‘polkitd:root’
Substitute staging_host for target recipe can fix the problem, now all
of native, cross and target need substitute staging_host, so we can
simply the code a little.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 9 Jan 2018 11:20:31 +0000 (11:20 +0000)]
nativesdk/sdk: Update sdk dummy providers
When we migrated rpm v5 -> v4, we lost the ability to drop "per file"
dependencies from the rpm backend for things like "/bin/bash" and
"/usr/bin/env" which meant the sdks were becomming 'bloated'.
This restores the functionality using a dummy package, similarly to
the way the buildtools perl issue was addressed. It also removes
the non-functional old code so as not to confuse people in future.
I ran into this problem trying to filter dependencies to only rpms
a build directly depends upon and it turns out we have some determinism issues
in this area so this is something key to fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 9 Jan 2018 11:22:54 +0000 (11:22 +0000)]
package_deb: Handle / in dependency name
We can end up with / in dependency names from file dependencies but the
deb format doesn't allow this. Filter the names to allow such dependencies
to work. Names have to start with an alphanumeric digit so also handle this.
This allows for future handling of "per file" dependencies similarly to
the rpm backend, bring parity to the functionality of the backends.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 8 Jan 2018 15:53:19 +0000 (15:53 +0000)]
avahi: remove explicit avahi-dev RDEPENDS
These were added to the avahi-dev package back in 2011 before avahi-ui existed
at all. The problem of GTK+ being pulled in via avahi-dev was finally solved
with the avahi-ui split, so these explicit (and by being manually maintained,
incomplete) dependencies can be removed.
This also results in gettext-dev being removed from the dependency tree (the
gettext library API is provided by glibc/musl), which means that for a standard
image we don't need to build target gettext at all anymore.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Fri, 5 Jan 2018 16:39:11 +0000 (16:39 +0000)]
psmisc: improve autopoint-enabling
Instead of globally clearing EXTRA_AUTORECONF (which by default currently
contains --exclude=autopoint) use _remove to selectively remove the piece we
care about.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Juro Bystricky [Sun, 7 Jan 2018 16:56:08 +0000 (08:56 -0800)]
perl-ptest: various fixes
Improve reproducibility: Remove all build host references from
distributed files.
Do not package non-linux OS related files.
Also remove some additional files not needed by run-ptest. (There are
probably still more files that can be removed, but as long as they
don't leak build host references they are harmless).
Fix the expected checksum of MakeMaker/lib/ExtUtils/Liblist/Kid.pm
to match the one expected: We modified the file, but did not
recalculate/update the file checksum accordingly.
(This fixes the only failing test.)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sun, 7 Jan 2018 16:59:40 +0000 (16:59 +0000)]
libunwind: Disable documentation explicitly
We don't have latex2man in HOSTTOOLs so documentaion is never built but this
dependency does cause problems on older releases like morty, pre-HOSTTOOLS.
Document the configuration explicitly in master.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mike Crowe [Sat, 6 Jan 2018 20:08:58 +0000 (20:08 +0000)]
cmake: Always put cmake package files in -dev packages
Various recipes that inherit cmake contain FILES_${PN}-dev magic to add the
generated package files to their -dev packages. Since this is a standard
feature of cmake, we might as well teach cmake.bbclass to do this itself so
those recipes can be simpler.
Signed-off-by: Mike Crowe <mac@mcrowe.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Tue, 31 Oct 2017 08:30:03 +0000 (16:30 +0800)]
multilib.bbclass: remove obsolete DEFAULTTUNE_ML_
It had been dropped by:
commit 65581c68d130fa74d703f6c3c92560e053857ac7
Author: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Date: Mon Feb 13 16:44:48 2017 +0200
rootfs_rpm.bbclass: migrate image creation to dnf
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Sun, 15 Oct 2017 19:51:24 +0000 (03:51 +0800)]
oe/copy_buildsystem.py: make sure layer exists
It had a problem when nested layer before, e.g.:
layer_a/layer_b/
And when layer_b is handled before layer_a, then layer_a dir existed, so
it would be treated as already handled, which was wrong, check
conf/layer.conf can fix the problem.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Yang [Thu, 12 Oct 2017 06:28:47 +0000 (23:28 -0700)]
testsdk.bbclass: add a newline after own-mirrors
Otherwise it would generate lines like the following when multilib:
INHERIT += "own-mirrors"SSTATE_MIRRORS += " \n file://.* file:///path/to/../share/sstate-cache/PATH"
Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libpcre2: add packages for 16-bit and 32-bit code unit support
The packages loosely follow the debian package names. In that way more
projects, e.g. Qt5 for 16-bit, are able use system libraries. This does
not change the existing default package.
Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 5 Jan 2018 15:14:35 +0000 (15:14 +0000)]
bitbake.conf: Set AUTOREV to have a vardepvalue
If you have a recipe which does not include SRCPV in PV but does set
SRCREV = "${AUTOREV}" and you run do_fetch, then change the repo to a
new commit then run do_unpack, do_unpack will fail since the new commit
doesn't exist in the repo that was fetched.
The problem is the revision chosen is not represented in the do_fetch
task hash. It if were, the fetch would rerun first and the commit would be
present. It works when PV includes SRCPV since that does contain the chosen
commit from the AUTOREV.
The solution is to include the SRCPV value into the representation of AUTOREV
used for checksum calculation purposes.
Add a selftest for this issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Fri, 5 Jan 2018 13:06:16 +0000 (13:06 +0000)]
lz4: remove ptest changes
This recipe installs the test suite by copying the entire build tree into
/usr/share/ptest, which is both wasteful and breaks packaging as lz4-ptest then
gets renamed by debian.bbclass to liblz4.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 5 Jan 2018 16:09:47 +0000 (16:09 +0000)]
oeqa/runtime/buildcpio: Use our own mirror for source
We see occasional network glitches which break this test. Use our own
mirror (which has a .gz instead of .bz2) to avoid the errors, we're not
trying to test network connectivity.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 6 Jan 2018 10:02:10 +0000 (10:02 +0000)]
local.conf.sample: Weakly set BB_DISKMON_DIRS
For various reasons we need to be able to set and override this from
auto.conf on our test infrastructure. We have tried forcing the variable
but this then breaks other selftests. In the interests of not complicating
things further and needing to modify the tests across releases, weaken
the default assignment.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Note that meson flags for gobject introspection and gtk-doc
appear to be non-standardized; going forward we should devise
a common way to deal with it.
gettext inherit is removed, as there is no equivalent functionality
in meson; NLS bits are always built and installed.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Martin Kelly [Thu, 4 Jan 2018 13:12:37 +0000 (15:12 +0200)]
meson: export native env only for native build
Although the meson crossfile should take care of setting the right cross
environment for a target build, meson slurps any set CFLAGS, CXXFLAGS,
LDFLAGS, and CPPFLAGS from the environment and injects them into the
build (see mesonbuild/environment.py:get_args_from_envvars for details).
This means that we are seeing native CFLAGS, CXXFLAGS, LDFLAGS, and
CPPFLAGS in the target build, which is wrong and causes build failures
when target and native have libraries in common (the linker gets
confused and bails).
That said, we *do* need to set certain vars for all builds so that meson
can find the right build tools. Without this, meson will fail during its
sanity checking step because it will determine the build tools to be
unrunnable since they output target instead of native artifacts.
The solution to all of this is to set CC, CXX, LD, and AR globally to
the native tools while setting the other native vars *only* for the
native build. For target builds, these vars will get overridden by the
cross file as we expect.
Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gnomebase.bbclass hardcodes the autotools inherit, so make it
configurable and allow meson to be specified instead.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
[RP: patches tweaked to only need the one class] Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
