Mikko Ylinen [Tue, 10 Oct 2017 12:27:06 +0000 (15:27 +0300)]
linux-firmware: make i.MX SDMA split complete
The commit to split i.MX SDMA firmware blobs in their
own packages was not complete and results in a failure
when trying to install full linux-firmware:
* Solver encountered 1 problem(s):
* Problem 1/1:
* - nothing provides linux-firmware-imx-sdma-license needed
* by linux-firmware-1:0.0+git0+a61ac5cf83-r0.all
*
* Solution 1:
* - do not ask to install a package providing linux-firmware
Make the split complete by installing the license in
${PN}-imx-sdma-license and have the blob packages depend on it.
Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 229f70a5f6d29d82e1a7b1f780e2149fb91d5385) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Otavio Salvador [Thu, 5 Oct 2017 18:00:06 +0000 (15:00 -0300)]
linux-firmware: Split i.MX SDMA firmwares
This splits out the i.MX SDMA firmwares for i.MX6 and i.MX7 SoCs. This
also includes the required runtime provides, conflicts and replaces
for the old firmware-imx which was provided by NXP BSP layer.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b3f3078fd4349fdf6986dd57e4b04bce03630924) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Stefan Agner [Wed, 13 Sep 2017 23:05:49 +0000 (16:05 -0700)]
linux-firmware: bump to latest linux-firmware git revision
This requires MD5 sum updates for
- LICENSE.QualcommAtheros_ath10k: year change
- WHENCE: various version updates and addition of new firmwares
The new firmware for Qualcom Venus causes a QA error:
QA Issue: linux-firmware: Recipe inherits the allarch class, but has packaged architecture-specific binaries
Since firmware typically do not run on the CPU, the architecture of
the firmware file is independent from the CPU architecture the image
will be running on. Disable the QA check for the linux-firmware
package by default.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit a83dd65e64e9b7fa702927f96947bd3f0537adfd) Signed-off-by: Armin Kuster <akuster808@gmail.com>
ibt-firmware was not packaged separately and was part of big linux-firmware
package. Packaging allows to install it separately, according to requirements.
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f1414d6f9c327547023375f9e298f6f021eaee1b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ng Wei Tee [Fri, 5 May 2017 02:04:58 +0000 (19:04 -0700)]
linux-firmware: enable netronome firmware
It was previously disabled, as rpm refused to package it into noarch
package, due to the firmware being considered arch-specific. This
check is disabled in rpm now.
The netronome binaries has ELF headers which will trigger an
arch-specific error. INSANE_SKIP variable is used to skip some
package_qa check usage.
Signed-off-by: Ng Wei Tee <wei.tee.ng@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 8b2f6b308019e697c9d3e66969807eb573350d78)
Manual fixup to current base Signed-off-by: Armin Kuster <akuster808@gmail.com>
Khem Raj [Fri, 12 Jan 2018 11:47:02 +0000 (13:47 +0200)]
webkitgtk: update to 2.18.5 (includes Spectre mitigations; see commit description)
This is the only available stable version with mitigation fixes for Spectre.
Webkit upstream developers do not port CVE fixes to earlier stable series,
no exception was made in this case.
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: Fix build for armv5
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: Upgrade to 2.16.5
Adjust some dependencies: libgcrypt is now required (instead of gnutls)
and the following build deps where missing: gettext-native, glib-2.0
and glib-2.0-native.
Also the CMake argument ENABLE_CREDENTIAL_STORAGE has been renamed to
USE_LIBSECRET.
This new upstream release (2.16.4 actually) includes security fixes for
CVE: CVE-2017-2538
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: update to 2.16.6
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: Do not use -isystem forcibly
this causes include_next <stdlib.h> to not find
this header since -isystem <sysroot> is added via
cmake, we alrady are using --sysroot so rely on that
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: Add a recommends on shared-mime-info.
* without this package installed any WebKitGTK+ based browser
will fail to correctly open html files (and other files)
from disk (file:// URIs). It will open them as plain txt files.
Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: disable gobject-introspection on armv7a
Disable gobject-introspection on armv7a and armv7ve
to avoid do_compile failure:
Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
===
webkitgtk: update to 2.18.3
gcc7.patch, musl-fixes.patch, and ppc-musl-fix.patch all change code that is no
longer present in upstream tree. However, a patch with different musl fixes
has been added.
The rest of the patches are rebased to the new tree.
Libtasn is a new dependency.
Disable Gstreamer GL support on x86 due to clashing headers problem.
Richard Purdie [Sun, 7 Jan 2018 16:59:40 +0000 (16:59 +0000)]
libunwind: Disable documentation explicitly
We don't have latex2man in HOSTTOOLs so documentaion is never built but this
dependency does cause problems on older releases like morty, pre-HOSTTOOLS.
Document the configuration explicitly in master.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 74fb6043f6d74b84f7efc282ac6cfc54fcb71882)
Fixed up patch to apply agains this version Signed-off-by: Armin Kuster <akuster808@gmail.com>
liburi-perl: update SRC_URI to yoctoproject mirror
Upstream has removed the 1.71 release from www.cpan.org and
moved to the latest 1.72. Since we don't want to upgrade at
this point of time, temporarily move the SRC_URI to yoctoproject
source mirror.
[YOCTO #12454]
Signed-off-by: Chang Rebecca Swee Fun <rebecca.swee.fun.chang@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Mikko Ylinen [Wed, 6 Dec 2017 22:53:18 +0000 (14:53 -0800)]
staging.bbclass: handle postinst-useradd-* fixmes
After 02457ef7f600ce954874e2d11e74b1c6daaa3bfc, PSEUDO for
postinst-useradd-* scripts get to use only one PSEUDO_LOCALSTATEDIR
which is set under recipes ${WORKDIR}.
When the those scripts are run in a clean build environment that
is built from the sstate (populate_sysroot_setscene run for
postinst-useradd-* providers), pseudo fails to run because it cannot
access the PSEUDO_LOCALSTATEDIR (recipe ${WORKDIR}s do not exist).
This triggers a sysroot staging error.
Previously, the PSEUDO_LOCALSTATEDIR setting in useradd.bbclass
worked because the RSS sstate/staging logic automagically processed
${STAGING_DIR_TARGET} in postinst-useradd-* scripts to point under
the sysroot being built.
The fix uses the same fixme processing by adding PSEUDO_LOCALSTATEDIR
variable to it. Furthermore, LOGFIFO is added to be able to use
the logging fifo of the recipe that actually runs postinst-useradd-*.
Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Richard Purdie [Tue, 2 Jan 2018 11:36:53 +0000 (11:36 +0000)]
runqemu: Add workaround for APIC hang on pre 4.15 kernels on qemux86
On pre 4.15 host kernels, an APIC window emulation bug can cause qemu
to hang. On 64 bit we can use the x2apic, for 32 bit, we just have to
disable the other timer sources and rely on kvm-clock.
[YOCTO #12301]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 82e67b82ea8e12aa0b7b9db1d84fec0436dec71b) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Nikolay Merinov [Fri, 6 Oct 2017 19:00:39 +0000 (00:00 +0500)]
cross.bbclass: Remove usage of host flags for cross-compilation
BUILD_* flags can't be used as TARGET_* flags even for "cross" packages.
gcc-cross buils leaks config.log's through "gcc-stashed-builddir" and
TARGET_* flags to libgcc cross-build through "gcc/libgcc.mvars" file
on "gcc-stashed-builddir". This means that if BUILD_CFLAGS contains
host-specific flags like "-isystem/usr/include" libgcc build will
fail "do_qa_configure" and "do_package_qa" checks.
Remove host-related flags from TARGET_* flags for gcc-cross build.
Signed-off-by: Nikolay Merinov <n.merinov@inango-systems.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 13 Sep 2017 15:59:09 +0000 (16:59 +0100)]
bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an
information disclosure vulnerability which allows remote attackers to obtain
sensitive information from the bluetoothd process memory. This vulnerability
lies in the processing of SDP search attribute requests.
Ross Burton [Tue, 6 Jun 2017 14:23:18 +0000 (15:23 +0100)]
archiver: preserve sysroot paths in configured mode
do_ar_configured alters WORKDIR but also expects to be able to run do_configure,
so forcibly expand the paths to the sysroots as otherwise they'll point to a
non-existant directory in the temporary WORKDIR.
Mikko Ylinen [Mon, 5 Jun 2017 14:42:51 +0000 (17:42 +0300)]
archiver.bbclass: adapt do_unpack_and_patch to RSS
do_unpack_and_patch was not correctly run until recently
("archiver.bbclass: various fixes for original+diff mode") but
with the fix applied, the errors we get indicate the function
is not adapted to work with recipe specific sysroots.
do_unpack_and_patch sets WORKDIR to ARCHIVER_WORKDIR which
affects all path settings relative to WORKDIR, inluding the paths
to recipes' sysroots. IOW, when do_unpack and do_patch are run, they
cannot find the necessary native tools and files located in the
sysroot (e.g., quiltrc) because the paths point to ARCHIVER_WORKDIR.
Adapt do_unpack_and_patch to RSS by restoring the original
STAGING_DIR_NATIVE after WORKDIR is changed to ARCHIVER_WORKDIR.
Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dengke Du [Mon, 28 Nov 2016 12:37:35 +0000 (12:37 +0000)]
archiver.bbclass: fix do_ar_original error for matchbox-desktop
Error:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ERROR: matchbox-desktop-2.1-r0 do_ar_original: Can not determine archive names
for original source because 'name' URL parameter is unset in more than one URL.
Add it to at least one of these: git://git.yoctoproject.org/matchbox-desktop-2
file://vfolders/%2A
ERROR: matchbox-desktop-2.1-r0 do_ar_original: Function failed: do_ar_original
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function do_ar_original, when recipes have more than one source, it added the
"name" URL parameter as suffix to identify the created tarball.
But the URL type "file://" that we always used to represent a series of patches,
it didn't have "name" parameter, so it failed.
So set "name" to the folder name to identify the created tarball, for example:
In matchbox-desktop bb file, the SRC_URI contains:
file://vfloders/*
We set "name" to "vfolders" to identify the created tarball.
In connman-gnome bb file, the SRC_URI contains:
file://images/*
We set "name" to "images" to identify the created tarball.
Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patrick Ohly [Fri, 5 May 2017 10:25:25 +0000 (12:25 +0200)]
archiver.bbclass: do not cause kernel rebuilds
Adding or removing archiver.bbclass from a build configuration causes
rebuilds of linux-yocto-based kernels because of the
do_kernel_configme->do_unpack_and_patch task dependency.
This particular dependency can be ignored for the do_kernel_configme
sstate signature calculcation. Idea for the fix from Richard Purdie.
Note that building the kernel and adding archiver.bbclass later to
archive sources leads to do_unpack_and_patch running after
do_kernel_configme (because that already ran in the first build),
which might be problematic. This is independent of the change here.
The use case in YOCTO #11441 is to removed archiver.bbclass between a
production build with archiving enabled and builds via oe-selftests
without archiving. That direction is fine.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Patrick Ohly [Fri, 5 May 2017 10:25:24 +0000 (12:25 +0200)]
archiver.bbclass: various fixes for original+diff mode
The diff.gz gets created in do_unpack_and_patch, but
do_deploy_archives did not depend on it, so there was a race
condition. For example, "bitbake linux-intel:do_deploy_archives"
without a prior "bitbake linux-intel:do_kernel_configme" did not
deploy the diff.gz.
When do_unpack_and_patch ran first, it failed because the output
directory didn't exist yet and the error was not detected because the
result of the diff command wasn't checked.
Changing the current working directory in create_diff_gz() without
returning to the original directory caused warnings like this:
WARNING: linux-intel-... do_unpack_and_patch: Task do_unpack_and_patch changed cwd to .../tmp-glibc/work-shared/intel-corei7-64
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously, do_ar_recipe ran again unnecessarily when adding or
removing classes like buildhistory.bbclass, because that changes the
BBINCLUDED variable which do_ar_recipe uses to find .bbappend files.
This is both extra work and also sometimes triggered "basehash
changed" errors (seen under oe-selftest, which adds machine.inc and
bblayers.inc) because BBINCLUDED is special and does not cause
the basehash to be recalculated.
The file *content* already was not considered in the task signature,
instead relying indirectly on PF (which includes the revision assigned
by a PR server) to ensure that a new versioned source archive gets
created each time there is a rebuild.
Therefore it makes sense to use the same mechanism and also ignore the
file *list*, i.e. exclude BBINCLUDED from the task signature.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Eggleton [Mon, 25 Sep 2017 11:23:35 +0000 (00:23 +1300)]
classes: drop image dependencies on TOPDIR variable
We don't need a dependency on this variable changing, and having one
causes locked signature warnings during eSDK installation if you have
INITRAMFS_IMAGE_* set (since TOPDIR will always be different between
the eSDK and the environment in which it was built).
Ming Liu [Wed, 16 Aug 2017 04:34:08 +0000 (06:34 +0200)]
image.bbclass: drop initramfs bundle related code
The original purpose of this code snippet was to repackage initramfs
bundled kernel images before do_image_complete, to be able to be
included by rootfs, but it's not going to achieve that since the
initramfs bundled kernel images are not even installed to ${D}/boot
after commit a49569e3a7534779bbe3f01a0647fd076c95798d:
[ kernel.bbclass: do not copy bundled initramfs to /boot ]
So there is not a initramfs bundled kernel package at all, we should
drop the code, because it is leading kernel do_initramfs_bundle
unnecessarily rerun and it's very time consuming and hence is impacting
the performance a lot.
Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 6 Jan 2018 10:02:10 +0000 (10:02 +0000)]
local.conf.sample: Weakly set BB_DISKMON_DIRS
For various reasons we need to be able to set and override this from
auto.conf on our test infrastructure. We have tried forcing the variable
but this then breaks other selftests. In the interests of not complicating
things further and needing to modify the tests across releases, weaken
the default assignment.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Joshua Watt [Wed, 6 Dec 2017 19:46:28 +0000 (13:46 -0600)]
cross-localedef-native: Include locale_t.h
Newer versions of glibc (2.26) moved the struct locale definition from
xlocale.h to bits/types/locale_t.h. For compatibility with build hosts
using this version of glibc, include this header.
Andre McCurdy [Mon, 20 Nov 2017 19:40:30 +0000 (11:40 -0800)]
glibc_2.25: fix building for x86 with -Os (or -fno-omit-frame-pointer)
Glibc 2.25 fails to build for x86 when frame pointers are enabled (ie
when optimised for size or when -fno-omit-frame-pointer is explicitly
included in CFLAGS etc). Backport the upstream fix from glibc 2.26.
Andrey Konovalov [Sat, 25 Nov 2017 19:47:24 +0000 (22:47 +0300)]
weston: add patch to set pitch correctly for subsampled textures
This fixes display issue with YUV420/I420 and NV12 formats, that
can result in crash of weston.
The master branch has this fix as part of commit 148920f3971d "weston:
Bump version to 3.0.0". The patch has been rebased to apply cleanly
to weston 2.0.0.
Ming Liu [Mon, 20 Nov 2017 18:35:57 +0000 (10:35 -0800)]
lib/oe/terminal.py: use an absolute path to execute oe-gnome-terminal-phonehome
A flaw was found on my Ubuntu 14.04.5 LTS, on which that gnome-terminal is
the default terminal, when I run any of the tasks:
bitbake busybox -c menuconfig/devshell/devpyshell
bitbake virtual/kernel -c menuconfig/devshell/devpyshell
I got a error as follows:
"Failed to execute child process "oe-gnome-terminal-phonehome" (No such file or directory)"
Seems the environment of the process calling Popen is not passed to the
child process, this behaviour is a known issue in Python bug tracker:
http://bugs.python.org/issue8557
It could be fixed by using an absolute path instead per test.
Signed-off-by: Ming Liu <liu.ming50@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2117c148ef07d84bc605768e3b3671b0126b9337) Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Florin Sarbu [Mon, 13 Nov 2017 19:00:11 +0000 (21:00 +0200)]
gcc: Use libssp_nonshared linker specs only for ppc/musl
Link libssp_nonshared.a only for ppc/musl because glibc already
provides the content for libssp_nonshared in libc_nonshared.a and
therefore we dont need to make it universal.
Tom Rini [Fri, 9 Jun 2017 00:00:41 +0000 (20:00 -0400)]
dpkg: Add missing RDEPENDS for dpkg-perl
In order to be able to use dpkg-perl on a system various stock perl
modules must also be installed on the system. Create the list of
required modules based on a read of the code and testing with additional
utilities and list them in RDEPENDS_${PN}-perl.
Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tom Rini [Sun, 11 Jun 2017 12:36:32 +0000 (08:36 -0400)]
dpkg: Fix perl modules by moving them to the versioned perl directory
In order for the dpkg perl modules to be used the must reside in the
versioned perl library directory (as to be in the default include path).
Be explicit about this location in our FILES_${PN}-perl directive, so
that if this breaks in the future, the recipe will fail). We can now
drop the custom do_configure as it wasn't fixing this problem.
Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tom Rini [Sun, 11 Jun 2017 12:36:31 +0000 (08:36 -0400)]
cpan-base.bbclass: Move PERLVERSION and get_perl_version to a new file
It is possible for non-CPAN recipes to contain perl modules. These perl
modules must reside in the versioned perl library directory in order to
work in normal circumstances.. Export this logic to a separate class so
that it can be reused without the rest of the cpan logic.
Without this, dpkg will not export its perl code to the correct location
and will not be found by utilities that expect to use it.
Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Richard Purdie [Sat, 9 Dec 2017 11:06:47 +0000 (11:06 +0000)]
populate_sdk_ext: Use prebuilt uninative tarball
For uninative to work, it relies on it being updated to new versions as
newer glibcs are built. This means the uninative generated by the current
build may not be as recent as the uninative that is being downloaded by
uninative.bbclass.
If this occurs, we can get symbol mismatch errors.
Ultimately, the sstate and the uninative versions need to match so we
should use the same tarball as uninative.bbclass is using, not the one
we built.
[YOCTO #12405]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
oeqa/sdk: Replace buildiptables for buildlzip tests
Buildiptables test cases are conflicting with images built with “musl”
as standard C library, in order to avoid those issues lzip package was
selected to be used on the tests as this does not have any "musl"
dependency.
oeqa/runtime: Replace buildiptables for buildlzip on runtime tests
Buildiptables test cases are conflicting with images built with “musl”
as standard C library, in order to avoid those issues lzip package was
selected to be used on the tests as this does not have any "musl"
dependency.
Tom Rini [Fri, 21 Jul 2017 22:06:34 +0000 (18:06 -0400)]
image_types.bbclass: Make u-boot signed images more versatile
With the introduction of chaining compression/conversion support we can
convert the old image_types_uboot.bbclass code that did a hand-chaining
of a set of ${filesystem}.${compression} into generic and arbitrary
support to sign whatever the user wants to sign for their image.
This, for the record, does remove setting a valid compression type in
the record in favour of just saying none. This is not a generally
useful feature in U-Boot and I believe being versatile in terms of being
able to pass in arbitrary compressions is more important.
Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Joshua Watt [Fri, 6 Oct 2017 14:19:20 +0000 (15:19 +0100)]
openssh: Fix key generation with systemd
106b59d9 broke SSH host key generation when systemd and a read-only root file
system are in use because there isn't a way for systemd to get the optional
weak assigment of SYSCONFDIR from /etc/default/sshd and still provide a default
value if it is not specified. Instead, move the logic for determining if keys
need to be created to a helper script that both the SysV init script and the
systemd unit file can reference.
This does mean that the systemd unit file can't check for file existence to
know if it should start the service, but it wasn't able to do that correctly
anyway anymore. This should be a problem since the serivce is only run once per
power cycle by systemd, and should exit quickly if the keys already exist
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 7e49c5879862253ae1b6a26535d07a2740a95798) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
André Draszik [Fri, 6 Oct 2017 12:24:08 +0000 (13:24 +0100)]
json-c: backport patch to fix gcc7 compilation
(The native version might be being built using gcc-7)
We can't cherry-pick a commit from master, as master
has upgraded json-c at the same time as applying
this patch, see commit ccf630e78aad ("json-c: Upgrade to 0.12.1 release")
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
André Draszik [Fri, 6 Oct 2017 12:12:59 +0000 (13:12 +0100)]
useradd-staticids: don't create username-group if gid is specified
Adding distcc to an image, and having staticids enabled,
doesn't work as it causes a a superfluous 'distcc' group
being added using a conflicting GID, thus failing the
build:
| ERROR: distcc-3.2-r0 do_prepare_recipe_sysroot: distcc: groupadd command did not succeed.
Compared to other recipes, the distcc recipe only
specifies --gid for the primary group, and doesn't specify
--no-user-group, but when --gid is given, it doesn't make
sense to create a matching username-group in addition,
even if --no-user-group was not specified, and 'useradd'
actually complains if --gid and --user-group are given
both.
If only --gid is given, the current code in here
effectively behaves as if --user-group was specified,
taking the group-id of the username-group from the
--gid parameter. This causes the error above, as we try
to add a new group (distcc) with an existing group-id
(nogroup).
This is contrary to the comment in this file just above,
contrary to what useradd can do, contrary to behaviour
without the useradd-staticids bbclass, and non-intuitive.
Change the code such that a username-group is only created
- if a primary group using --gid was not specified, or
- if --no-user-group was not specified
To be in line with useradd, if gid is not given, and
--no-user-group is given, we add the user to the group
'users', which mimics useradd's behaviour.
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fc3a86ae68919cec72c1a8ae0f9ba1f98ae13f0d) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
André Draszik [Fri, 6 Oct 2017 12:12:58 +0000 (13:12 +0100)]
curl: enable threaded resolver
Multi-threaded applications using libcurl crash
on DNS timeouts when built using OE.
The reason is as follows:
By default, libcurl implements DNS timeouts using a
timer (alarm()) and a pair of setjmp()/longjmp().
This approach is unsafe in multi-threaded applications
for various reasons, as e.g. explained in the relevant
man-pages.
To avoid this, libcurl can be compiled with a built-in
threaded resolver, or against the c-ares asynchronous
resolver library.
To keep extra dependencies to a minimum, and to mimic
other distributions (debian at least), and because
c-ares is not available in OE-core, add a PACKAGECONFIG
to be able to enable use of of the built-in threaded
resolver and enable it by default.
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 41f1e44fce976c4140cda62a41349e91e69d04ef) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
André Draszik [Fri, 6 Oct 2017 12:12:56 +0000 (13:12 +0100)]
kernel-uboot: support compressed kernel on MIPS
MIPS generates vmlinuz.bin when compression in the kernel build is
enabled, including any necessary objcopy so we can leverage that
and skip our manual invocation of objcopy here. We just have to
put the file into the right place for the rest of the build to
find it.
Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 00bc7682473c2558d72ba42c182f8e3bd445f8af) Signed-off-by: André Draszik <adraszik@tycoint.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
