Sascha Silbe [Fri, 8 Jun 2018 16:18:41 +0000 (18:18 +0200)]
gobject-introspection: relocate typelib repository for native builds
gobject-introspection hard-codes the install path in the search path
for the typelib repository, pretty much the same way glib behaves for
the gio modules directory. Like for glib, this causes problems when
gobject-introspection-native is restored from sstate with a different
build directory.
Based on the glib fix by Ross Burton <ross.burton@intel.com>.
Signed-off-by: Sascha Silbe <x-yo17@se-silbe.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefan Agner [Wed, 16 May 2018 09:13:52 +0000 (11:13 +0200)]
rootfs.py: for dpkg/opkg, don't install postinsts if package management is present
If package management is present opkg/dpkg will bring the original
copy of the postinsts scripts with the metadata and will be able to
handle postinsts just fine. In fact, it is preferred to let package
management handle the postinsts scripts in this case since it will
keep the package managers database up-to-date too. The run-postinsts
scripts will make sure the package manager gets invoked instead of
the scripts directly.
Note: Before commit 5aae19959a44 ("rootfs.py: Change logic to
unistall packages") rootfs.py did not install /etc/$pm-postinsts
too. It is not clear whether that change was intentionally or just
a bug. This commit fixes/reverts that aspect of the commit.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefan Agner [Wed, 16 May 2018 09:13:51 +0000 (11:13 +0200)]
run-postinsts: for dpkg/opkg, do not rely on /etc/*-postinsts
Start opkg/dpkg as soon as the respective package managers status
file is present, no matter whether /etc/$pm-postinsts exists. This
decouples the implicit link between postinsts scripts in /etc and
the package manager: Currently the package manager is only started
if those scripts are present, although the package manager does not
use those scripts at all! Package managers install their own set of
postinst scripts.
The behavior when using rpm packages stays the same.
Note that using the package managers capability to execute postinst
scripts is preferred for good reasons: It makes sure that the
package managers database reflects that the packages have been
completely installed and configured.
This change allows to drop installation of the postinsts scripts
when package management is present. This will be done in a separate
change.
Note: Before commit 5aae19959a44 ("rootfs.py: Change logic to
unistall packages") rootfs.py did not install /etc/$pm-postinsts
when package management is installed! The change caused YOCTO #8235
which lead to the behavior change of run-postinsts in first place.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefan Agner [Wed, 16 May 2018 09:13:50 +0000 (11:13 +0200)]
opkg: avoid running postinst scripts twice when using systemd
OpenEmbedded has a built-in mechanism to run postinst scripts offline
at build time or, if necessary, on first boot (delayed execution). If
the latter is the case and systemd is in use, two services end up
doing the same thing:
- opkg-configure.service starts "opkg configure" directly.
- run-postinsts.service starts "/usr/sbin/run-postinsts" which runs
postinst scripts stored in /etc/ipk-postinsts/ or "opkg configure"
if package management is installed.
Since the run-postinsts.service is also used in cases where no
package management is in use, it is the primary means of handling
postinsts.
Get rid of the opkg-configure.service to avoid duplicate opkg
configure execution.
Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Dennis Menschel [Wed, 13 Jun 2018 18:28:15 +0000 (20:28 +0200)]
runqemu-extract-sdk: support tar.xz format
As the format "tar.xz" is included in the IMAGE_TYPES bitbake variable
as defined in meta/classes/image_types.bbclass, it should also be
possible to extract a rootfs that has been built using that format.
Signed-off-by: Dennis Menschel <menschel-d@posteo.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Stefan Stanacar [Wed, 13 Jun 2018 19:56:03 +0000 (19:56 +0000)]
default-versions.inc: use weak assignments to allow overwrite
default-versions.inc is included by defaultsetup.conf which in bitbake.conf
is included after local/machine/distro.conf.
If these are hard assignments distros can's overwrite them.
Signed-off-by: Stefan Stanacar <sstncr@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jeremy Puhlman [Wed, 13 Jun 2018 19:53:43 +0000 (12:53 -0700)]
Multilibize the UPDATERCPN variable
The audit package specifies the following:
UPDATERCPN = "auditd"
However because it is not multilibized, the value "auditd" is used to
search for the package to add the post install script too. In the mutlilib
alternate abi case, that package does not exist. It ends up assigning
the post install script to the lib32-audit-lic package, which
subsequently failes to execute the script due to the initscript it is
trying to turn on is not installed.
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Wed, 13 Jun 2018 11:50:45 +0000 (12:50 +0100)]
meson: only use lists of commands in cross file if required
There's a bug in Meson[1] where it find_program("foo") will fail if foo is
defined in the cross file as a list.
This is causing the Meson build of libdrm to fail, but for this instance we can
work around the problem by only using lists in the cross file if there are
arguments, and just using a string if there are not.
Chen Qi [Wed, 13 Jun 2018 07:58:25 +0000 (15:58 +0800)]
dnf: default to disable systemd units
The services and timers are not useful if a repo is not configured.
In OE, we default to have no repo configured. So we default to disable
these units.
The problem was found by the test_systemd_failed runtime test case.
dnf-makecache.service is found to fail. This is due to lack of repo.
Note that as this service is started by the dnf-makecache.timer, it's
possible that test_systemd_failed passes in case the timer is not started
yet.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Wed, 13 Jun 2018 07:58:23 +0000 (15:58 +0800)]
watchdog: fix init script for sysvinit
The current init script is installed from source with redhat style.
It does not get configuration from /etc/default/watchdog. We should use
debian style init script.
Write our own script just like what wd_keepalive does.
Also, in the init script, we check the existence of /dev/watchdog to
determine whether to start the daemon or not.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Chen Qi [Wed, 13 Jun 2018 07:58:20 +0000 (15:58 +0800)]
watchdog: remove the useless watchdog-conf.patch
This patch modifies watchdog.conf file. But this file is deliberately
deleted in do_install. The current mechanism in OE is to use another
recipe watchdog-conf to handle watchdog configuration. So the patch
is really useless.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When generating the extended SDK, there is a copy step where this class
goes through the layers and other stuff that have been copied to
generate the SDK. The corebase; ie. the folder that contains the core
layer 'meta' is treated in a special way. Unfortunately in our tree, we
have:
In populate_sdk_ext's copy_buildsystem, the heuristic to determine which
element of the list returned by copy_bitbake_and_layers is corebase is
fooled by such layout.
In copy_bitbake_and_layers, corebase is already handled specifically and
reliably, so we should let that function tell us which folder is
corebase instead of trying to determine it.
To do so, change the return type of copy_bitbake_and_layers to a tuple
that contains (corebase, copied_layers). It also simplifies the code on
the caller side.
Signed-off-by: Damien Riegel <damien.riegel@savoirfairelinux.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Sat, 16 Jun 2018 11:36:09 +0000 (12:36 +0100)]
sqlite3: Merge/simplify CFLAGS
An earlier version of a change was merged from S. Lockwood-Childs
<sjl@vctlabs.com> which made the CFLAGS consistent across native,
nativesdk and target cases. This syncs with a later verison of the
patch to remove duplicate CFLAGS settings and simplify the recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alex Kiernan [Sat, 16 Jun 2018 09:28:53 +0000 (09:28 +0000)]
kernel-fitimage: Add DTBO support for configurations
When generating overlay DTB configuration sections, U-Boot doesn't want
the kernel specified again as we already have that in our base DTB. Add
support for this to allow bootm to process overlay configuration sections.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alex Kiernan [Sat, 16 Jun 2018 09:28:52 +0000 (09:28 +0000)]
kernel-fitimage: Allow setting of DTB/DTBO relocation address
Introduce UBOOT_DTB_LOADADDRESS and UBOOT_DTBO_LOADADDRESS so that you
can set where U-Boot loads full and overlay DTBs. This is required when
using bootm's overlay support to construct the final DTB.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 11 Jun 2018 20:38:16 +0000 (21:38 +0100)]
alsa-tools: rewrite packaging
alsa-tools is actually a collection of 20 separate tools, each with their own
configure scripts. The dependencies are varied, old, and estoric (FLTK, GTK+ 1, 2,
and 3, PyGTK 2, Qt3).
Instead of maintaining patches to try and pick a subset that builds, use
PACKAGECONFIG and some magic to build what the user requests.
By default we build all the tools which have no dependencies, and the tools
which need GTK+ 2 or GTK+ 3 if the relevant DISTRO_FEATURES are enabled.
Add a patch to fix the build of ld10k1 with musl.
The ncurses build dependency doesn't seem to be checked for, so remove that.
Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy [Thu, 7 Jun 2018 18:48:39 +0000 (11:48 -0700)]
openssh: only create sshd host keys which have been enabled
Previously sshd_check_keys would create a full set of all possible
sshd host keys, even if sshd_config has been set to only enable
certain key types.
Update sshd_check_keys to only create keys which have been enabled in
sshd_config (with a fallback to creating a full set of key types if
no HostKey options are defined, as before).
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy [Thu, 7 Jun 2018 18:48:37 +0000 (11:48 -0700)]
openssh: minor indent cleanup for sshd init script
The openssh sshd init script contains a mix of indent styles, mostly
inherited from the Debian script from which it is derived. Leave the
indent from Debian as-is, but for lines which are OE specific (e.g.
where Debian's log_daemon_msg helper has been replaced with echo)
make the indent consistent with surrounding lines.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy [Thu, 7 Jun 2018 18:48:36 +0000 (11:48 -0700)]
openssh: drop RCONFLICTS for openssh-keygen
The "ssh-keygen" package no longer seems to be provided by any recipe
in oe-core or meta-oe, so there's no clear reason for the
openssh-keygen package to conflict with it.
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Andre McCurdy [Thu, 7 Jun 2018 18:48:34 +0000 (11:48 -0700)]
openssh: stop adding -D__FILE_OFFSET_BITS=64 to CFLAGS
Openssh takes care of enabling large-file support automatically via
the AC_SYS_LARGEFILE in the configure.ac, so additional help from the
recipe is not required.
Even if it were once required, defining __FILE_OFFSET_BITS (ie with
double leading underscores) looks like a typo and probably never had
any effect anyway?
Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kai Kang [Thu, 14 Jun 2018 06:18:03 +0000 (14:18 +0800)]
goarch.bbclass: set SECURITY_CFLAGS for mips64
When include conf/distro/include/security_flags.inc, NOPIE flags are
still required for mips64 target builds. Otherwise it fails to build
packages such as glide which inherit go.bbclass:
| .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/recipe-sysroot-native/usr/bin/mips64-wrs-linux/../../libexec/mips64-wrs-linux/
| gcc/mips64-wrs-linux/7.3.0/ld: .../tmp-glibc/work/mips64-wrs-linux/glide/0.13.1-r0/go-tmp/go-link-518447869/go.o:
| relocation r_mips_26 against `a local symbol' can not be used when making a shared object; recompile with -fPIC`
Use override 'mipsarch' to set SECURITY_CFLAGS for both mips and mips64.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 15 Jun 2018 10:10:31 +0000 (11:10 +0100)]
gcc-8: enable build-id in gcc-cross-initial
Apply patch from Taras Kondratiuk <takondra@cisco.com> to gcc 8.x too.
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Normal gcc-cross has build-id feature enabled by default, so most of
target binaries has build-id. But libc (glibc, musl) doesn't have
build-id, because it is built with gcc-cross-initial.
Build-id is a useful feature, so enable it for gcc-cross-initial too.
Signed-off-by: Taras Kondratiuk <takondra@cisco.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
SystemD 237 implements a stricted PIDfile handling that breaks several
daemons [1].
Change the way we start xinetd, mimicing other distros [2].
Fixes:
root@qt5122:~# journalctl -u xinetd
-- Logs begin at Fri 2018-05-25 14:33:29 UTC, end at Mon 2018-06-11 07:33:08 UTC. --
May 25 14:33:31 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
May 25 14:33:31 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:27:24 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:27:24 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
Jun 11 07:31:38 qt5122 systemd[1]: Starting Xinetd A Powerful Replacement For Inetd...
Jun 11 07:31:38 qt5122 systemd[1]: xinetd.service: Permission denied while opening PID file or unsafe symlink chain: /var/run/xinetd.pid
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Start operation timed out. Terminating.
Jun 11 07:33:08 qt5122 systemd[1]: xinetd.service: Failed with result 'timeout'.
Jun 11 07:33:08 qt5122 systemd[1]: Failed to start Xinetd A Powerful Replacement For Inetd.
Kai Kang [Thu, 7 Jun 2018 09:01:59 +0000 (02:01 -0700)]
manpages.bbclass: Update RDEPENDS and post install scripts
If a package installs manual files, it should update manual index cache
after its installation. Add package 'man-db' to RDEPENDS which contains
command 'mandb' to update the cache. And do the update in the post
install scripts.
Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Andre McCurdy [Fri, 25 May 2018 00:14:19 +0000 (17:14 -0700)]
cpio: fix CVE-2016-2037
"The cpio_safer_name_suffix function in util.c in cpio 2.11 allows
remote attackers to cause a denial of service (out-of-bounds write)
via a crafted cpio file."
https://nvd.nist.gov/vuln/detail/CVE-2016-2037
Note that there appear to be two versions of this fix. The original
patch posted to the bug-cpio mailing list [1] is used by Debian [2],
but apparently causes regression [3]. The patch accepted to the
upstream git repo [4] seems to be the most complete fix.
Dan McGregor [Wed, 6 Jun 2018 15:21:19 +0000 (09:21 -0600)]
systemd: allow setting time-epoch to epoch
systemd by default sets the system time at boot to the date of its NEWS
file. It provides the option to change that at build time, and some
projects need to come up at a particular date if no RTC is present.
Provide the option to set the time at boot to the epoch instead of the
date of the NEWS file.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca> Signed-off-by: Ross Burton <ross.burton@intel.com>
Li Wang [Wed, 6 Jun 2018 02:54:45 +0000 (10:54 +0800)]
rpcbind: add option to make user able to use fixed port number
Add option "-p" to specify fixed port number
Signed-off-by: Li Wang <li.wang@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Jens Rehsack [Mon, 28 May 2018 18:55:09 +0000 (20:55 +0200)]
cpan_build.bbclass: tell Module::Build the replacement
Instead of patching Module::Build, maybe Module::Build::Tiny and all other
similar tools, use the official way to tell them which is the target perl
on target.
Ross Burton [Wed, 6 Jun 2018 10:20:43 +0000 (11:20 +0100)]
attr/acl: disable make clean
These packages use hand-grown makefiles which don't handle cleans as they can
invoke /usr/bin/gmake directly which may not exist. Until new upstream releases
are made (which have ported to automake) set CLEANBROKEN to work around this.
[ YOCTO #12775 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Mingli Yu [Fri, 15 Jun 2018 08:35:05 +0000 (16:35 +0800)]
boost: Improve reproducibility
Set .file section explicitly for .S files to avoid
the linker introduces the host path in symbols for
object files whose source file is .S
Otherwise, there is a host path in the symbols as
below:
$ readelf --wide --symbols /my-build/boost/1.67.0-r0/boost_1_67_0/x86_64-poky-linux/boost/bin.v2/libs/context/build/aca09349fdb84d131321425f6c3a38ed/libboost_context.so.1.67.0
42: 0000000000000000 0 FILE LOCAL DEFAULT ABS /my-build/boost/1.67.0-r0/boost_1_67_0/x86_64-poky-linux/boost/bin.v2/libs/context/build/aca09349fdb84d131321425f6c3a38ed/asm/make_x86_64_sysv_elf_gas.o
[YOCTO #12708]
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The change "fix hostname conflict with other packages" moved the
hostname util to the list of base_bindir_progs, so do_install_append()
now expects hostname to have been built.
coreutils do_install_append() is shared between target and nativesdk
builds (though not used by native build, see comment) so hostname should
be enabled to build on both of them.
Signed-off-by: S. Lockwood-Childs <sjl@vctlabs.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Mingli Yu [Fri, 15 Jun 2018 09:28:01 +0000 (17:28 +0800)]
ltp: set -fomit-frame-pointer explicitly for x86-64
Since ltp contains x86-64 assembler which uses the
frame-pointer register, it will trigger below error
when build ltp with -fno-omit-frame-pointer on
x86-64.
| cve-2015-3290.c: In function 'child_thread':
| cve-2015-3290.c:416:1: error: bp cannot be used in asm here
And there is also some comment as below in the source
file ltp/20180515-r0/git/testcases/cve/cve-2015-3290.c
* Build with -O2. Don't use -fno-omit-frame-pointer.
So explicitly set -fomit-frame-pointer on x86-64 for
compiler to fix the above build error.
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
tclibc-newlib: Adds a new TCLIBC variant to build with newlib as C library
This patch adds the posibility to build using TCLIBC=newlib.
It allows users to build baremetal applications with the use of a
C library.
Newlib is a lightweight C library meant to be used on embedded systems,
it is meant to be easily portable for new platforms and to provide
basic functionality on them, by design, it provides stubs for some of
these core functions declared as weak, so they can be built correctly
and then linked against some other library which provides specifics
about the platform being used if need be, libgloss takes care of these
in some cases, but it can also be extended, this patch also allows the
user to easily add other libraries to it by adding them to
NEWLIB_EXTENDED for this specific reason.
insane.bbclass: Adds powerpc to elf headers machine dictionary
This patch adds makes it possible to build elf for powerpc by adding
this combination to the elf headers machine dictionary, this can be
useful when trying to build baremetal applications where the TARGET_OS=elf
Newlib is a C library that is intended to be used on embedded systems.
It is a conglomeration of several library parts, all under free software
licenses that make them easily usable on embedded products.
Newlib provides a C library alternative that can run on baremetal, mainly
for resource constrained devices.
Libgloss is the BSP part of the C library, which can be easily modified
to port for new hardware platforms.
MIPS: Use '+=" instead of '=' to avoid the CFLAGS override
We used the CFLAGS_xxx to workaround the gcc 8 build warnings
for some specific file. But CFLAGS_xxx is also used with '=' in
other places of this Makefile. This override the gcc 8 workaround,
so replace all the '=' with '+=" to fix this issue.
Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
My last bugfix added -Os on the command line, which unfortunately
caused a build regression on powerpc in some configurations.
I've done some more analysis of the original problem and found
slightly different workaround that avoids this regression and also
results in better performance on gcc-7.0: -fcode-hoisting is an
optimization step that got added in gcc-7 and that for all gcc-7 versions causes
worse performance.
This disables -fcode-hoisting on all compilers that understand the
option. For gcc-7.1 and 7.2 I found the same performance as my previous
patch (using -Os), in gcc-7.0 it was even better. On gcc-8 I could see
no change in performance from this patch. In theory, code hoisting
should not be able make things better for the AES cipher, so leaving it
disabled for gcc-8 only serves to simplify the Makefile
change.
