]> code.ossystems Code Review - openembedded-core.git/log
openembedded-core.git
6 years agooeqa/loader: Fix deprecation warning
Richard Purdie [Tue, 13 Nov 2018 21:16:54 +0000 (21:16 +0000)]
oeqa/loader: Fix deprecation warning

Clean up the warning:
meta/lib/oeqa/core/loader.py:27: DeprecationWarning: inspect.getargspec() is deprecated, use inspect.signature() or inspect.getfullargspec()
  _failed_test_args = inspect.getargspec(unittest.loader._make_failed_test).args

(From OE-Core rev: d2deb66830be2d44532fea3d5db763b57778252a)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/runner: Sort the test result output by result class
Richard Purdie [Tue, 13 Nov 2018 21:11:50 +0000 (21:11 +0000)]
oeqa/runner: Sort the test result output by result class

We want to see failures/errors listed last since this is the most easily
visible part of the log on consoles or autobuilder output and makes
human processing easier rather than having to scroll up and scan for
a single failure.

(From OE-Core rev: 7954b19020c28a4120bc1671aa81b9e1e2b05fa2)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/runner: Always show a summary of success/fail/error/skip counts
Richard Purdie [Tue, 13 Nov 2018 21:10:43 +0000 (21:10 +0000)]
oeqa/runner: Always show a summary of success/fail/error/skip counts

Its useful to have the counts of success/failure/error/skipped at the end of the
results to allow for easier human reading of what happened.

(From OE-Core rev: 080d8900d470a8e7f929b0c5c2765ad461744fbb)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/esdk: run selftest inside workdir not /tmp
Ross Burton [Mon, 3 Dec 2018 20:35:15 +0000 (20:35 +0000)]
oeqa/selftest/esdk: run selftest inside workdir not /tmp

We've seen issues with rootfs size calculations and we've seen systems
like opensuse which have btrfs mounted on /tmp causing selftest failures.

(From OE-Core rev: 61be3cd748d1b7321a1fc4cfe84efa9b26a6aee0)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa: don't litter /tmp with temporary directories
Ross Burton [Mon, 3 Dec 2018 20:35:14 +0000 (20:35 +0000)]
oeqa: don't litter /tmp with temporary directories

If we need to create a temporary directory in targetbuild or buildproject use
tempfile.TemporaryDirectory so that when the test case is finished, the
directory is deleted.

Also synchronise the logic and don't possibly store the temporary directory in
self.tmpdir as nothing uses that.

(From OE-Core rev: db0e658097130d146752785d0d45f46a3e0bad71)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/qemurunner: Avoid tracebacks on closed files
Richard Purdie [Sun, 2 Dec 2018 11:23:17 +0000 (11:23 +0000)]
oeqa/utils/qemurunner: Avoid tracebacks on closed files

Reorder the shutdown/teardown to avoid:

  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/meta/lib/oeqa/utils/qemurunner.py", line 224, in launch
    op = self.getOutput(output)
  File "/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/meta/lib/oeqa/utils/qemurunner.py", line 90, in getOutput
    fl = fcntl.fcntl(o, fcntl.F_GETFL)
ValueError: I/O operation on closed file

(From OE-Core rev: 8e7d756862d2a8d62f3c87497d6d65ddb3c1b962)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/runqemu: Improve testcase failure handling
Richard Purdie [Mon, 3 Dec 2018 20:46:06 +0000 (20:46 +0000)]
oeqa/selftest/runqemu: Improve testcase failure handling

assertTrue doesn't give good debug information when things fail. Update
several to use assertIn which gives information upon failure, for the
others print the log information upon failure.

(From OE-Core rev: c29cb75d5ce6b0873a934f4709b0c8824f7164d3)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agolib/oe/utils: Improve multiprocess_lauch exception handling
Richard Purdie [Sat, 1 Dec 2018 14:05:16 +0000 (14:05 +0000)]
lib/oe/utils: Improve multiprocess_lauch exception handling

We've seen a cryptic:

"ERROR: Fatal errors occurred in subprocesses, tracebacks printed above"

message from oe-selftest with no other traceback information. Improve the
traceback logging to try and give a better indication of any errors that is
ocurring.

(From OE-Core rev: 521dd3d00979a27b6932e58d5497de68abac26e1)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/oelib/path: don't leak temporary directories
Ross Burton [Mon, 3 Dec 2018 11:47:58 +0000 (11:47 +0000)]
oeqa/oelib/path: don't leak temporary directories

setUp() is used to populate a directory of temporary files, and deleted in
__del__.  However setUp() is called once *per test* so __del__ would only be
able to remove the last directory created.

Fix the code by using the natural counterpart to setUp, tearDown(), to clean up.

(From OE-Core rev: 68b4723e6fb11d171869185bccf28f32f6284c18)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/context: Improve log file handling
Richard Purdie [Thu, 29 Nov 2018 12:07:53 +0000 (12:07 +0000)]
oeqa/selftest/context: Improve log file handling

The existing logfile is simply placed in the current directory. Since the test
changes cwd to BUILDDIR, the symlink to the log can be placed in an invalid
directory. We also see trackbacks if the symlink is invalid.

Improve things by:

* Placing logs in LOG_DIR (or BUILDDIR if unset).
* Using a full path to the log meaning the log and link are placed in the same directory.
* Using lexists instead of exists so invalid symlinks are handled correctly.

(From OE-Core rev: 750ece11bed0e62a11e0003d1d16a81f7c219761)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/buildoptions: Ensure diskmon tests run consistently
Richard Purdie [Thu, 29 Nov 2018 10:40:58 +0000 (10:40 +0000)]
oeqa/selftest/buildoptions: Ensure diskmon tests run consistently

Heartbeat events default to once a second and we need to ensure we have
enough time in the task to see them.

Add a nostamp delay task 5s long so we can have a consistently timed
task which doesn't need cleanup or have unneeded dependencies. This
ensures we should deterministically see the disk moinitor events
regardless of the state of the build. This is done in a way which
doesn't corrupt build state or need cleanup and is efficient.

(From OE-Core rev: ecc49ee8986929e2429d948000a0ca588fe63959)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/buildoptions: Improve ccache test
Richard Purdie [Thu, 29 Nov 2018 10:22:15 +0000 (10:22 +0000)]
oeqa/selftest/buildoptions: Improve ccache test

This test occisionally fails as m4 doesn't recompile, meaning the logfile test
then doesn't find mention of ccache.

To ensure m4 does recompile, clean m4 before force compiling it.

(Reading the test is confusing due to the test cleanup also involving a clean)

(From OE-Core rev: 6e0b9214a0d57ed45a5df0ba5c9887a9045b89b1)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/qemurunner: Remove resource python warnings
Richard Purdie [Wed, 28 Nov 2018 16:12:51 +0000 (16:12 +0000)]
oeqa/qemurunner: Remove resource python warnings

If runqemu fails it would leak an unclosed socket and file. Ensure we
close these in all cases to remove the resource warning.

(From OE-Core rev: ed80e46ccbc8fe8e9148d80723152066fa00ba28)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/commands: Avoid log message duplication
Richard Purdie [Wed, 28 Nov 2018 13:00:11 +0000 (13:00 +0000)]
oeqa/utils/commands: Avoid log message duplication

Each time a runqemu() fails, the log handler would be left behind meaning
messages from any subsequent run would be duplicated (or worse/more).

This ensures we remove the handler regardless and means we no longer
have the duplication.

(From OE-Core rev: 532984708436bdfa3a8cac2c684a425eb249bad0)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/qemurunner: Fix python ResourceWarning for unclosed file
Richard Purdie [Wed, 28 Nov 2018 11:18:30 +0000 (11:18 +0000)]
oeqa/utils/qemurunner: Fix python ResourceWarning for unclosed file

Fixes:

Stderr:
/media/build1/poky/meta/lib/oeqa/utils/qemurunner.py:381: ResourceWarning: unclosed file <_io.BufferedWriter name=16>
  self.runqemu = None

(From OE-Core rev: b9e0bf919e6fc1a58e02145a363ebe7066e5bf4f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/commands: Add extra qemu failure logging
Richard Purdie [Tue, 27 Nov 2018 23:38:44 +0000 (23:38 +0000)]
oeqa/utils/commands: Add extra qemu failure logging

Rather than just referring the user to the logs containing the failure, print
them on the console. This aids debugging with oe-selftest with parallelisation
as the logs may otherwise be lost.

(From OE-Core rev: 36a018e245a232f520ff946f152cc875927a6fb4)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/buildoptions: Improve ccache test failure output
Richard Purdie [Tue, 27 Nov 2018 12:19:39 +0000 (12:19 +0000)]
oeqa/selftest/buildoptions: Improve ccache test failure output

The current failure mode doesn't show us what the logs actually looked like
and later cleans can lose them. Show the whole log in case of failure
to aid debugging intermittent problems on the autobuilder.

(From OE-Core rev: 7c3a0dc5978cea898b1ca51decf4d6e7cf9d519f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/case: Use bb.utils.remove() instead of shutil.remove()
Richard Purdie [Tue, 27 Nov 2018 12:03:50 +0000 (12:03 +0000)]
oeqa/selftest/case: Use bb.utils.remove() instead of shutil.remove()

This avoids problems where shutil.remove will error with:

  File "/usr/lib/python3.5/shutil.py", line 436, in _rmtree_safe_fd
    os.unlink(name, dir_fd=topfd)
FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.extra'

when there are races over file deletion (gpg agent may be slow to exit).

We already worked around speed and race issues in bb.utils.

(From OE-Core rev: 00a8fd5b93a5c19ce0b7498e2bc653ce8ad58aaf)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/signing: Use do_populate_lic target instead of do_package
Richard Purdie [Mon, 26 Nov 2018 17:03:13 +0000 (17:03 +0000)]
oeqa/selftest/signing: Use do_populate_lic target instead of do_package

This should speed the test up signficiantly without any loss of functionality
for the purposes of the test.

(From OE-Core rev: 3dde0b749643575878bfbca2f8d2d9ec30bad166)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/signing: Allow tests not to need gpg on the host
Richard Purdie [Mon, 26 Nov 2018 17:00:10 +0000 (17:00 +0000)]
oeqa/selftest/signing: Allow tests not to need gpg on the host

We ideally don't want to use gpg from the host. This is straightforward for package
management but not for sstate.

For sstate, create a second build directory to run the test in using gnupg-native
from the original build directory.

(From OE-Core rev: 10afa94c3f0d7eb7524a26deda86949073d55fde)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/signing: Skip tests if gpg isn't found
Richard Purdie [Sat, 24 Nov 2018 17:56:06 +0000 (17:56 +0000)]
oeqa/selftest/signing: Skip tests if gpg isn't found

Raising an assertionError in the class setup isn't a particuarly good way to
indicate gpg isn't installed. Instead skip the tests if the required binary
isn't present. For the signing tests we do require it to be present and can't
use a prebuilt one.

(From OE-Core rev: 2d486af97e51b9daa9c40482c31d637c9ab4ae79)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoscripts/runqemu: Improve lockfile handling for python with close_fd=True
Richard Purdie [Wed, 28 Nov 2018 17:31:39 +0000 (17:31 +0000)]
scripts/runqemu: Improve lockfile handling for python with close_fd=True

On python versions with close_fds=True (python 3.2 onwards), the tap
device lockfile isn't passed to the child process.

Since this guards against use of an active interface, we really want this
here, so pass it in pass_fds. This means if the parent exits early, the child
still holds the lock, avoiding messages like:

runqemu - ERROR - Failed to run qemu: qemu-system-x86_64: could not configure /dev/net/tun (tap0): Device or resource busy

(From OE-Core rev: 17a0a067d597c445c5892ff9914e91a2187f7e09)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoscripts/runqemu: Tidy up lock handling code
Richard Purdie [Wed, 28 Nov 2018 17:30:10 +0000 (17:30 +0000)]
scripts/runqemu: Tidy up lock handling code

Various tweaks:
- Balance up the aquire/release functions
- Use debug messge for both acquiring and release message for consistency in logs
- Use None instead of an empty string
- Reset the value of the field if we don't have the lock any more

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoscripts/runqemu: Replace subprocess.run() for compatibilty
Michael Halstead [Thu, 8 Nov 2018 20:58:39 +0000 (12:58 -0800)]
scripts/runqemu: Replace subprocess.run() for compatibilty

subprocess.run() was introduced in Python 3.5. We currently support down to
Python 3.4 so I've replaced it with subprocess.check_call() which is available
in that version.

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogstreamer1.0-vaapi: downgrade vaapisink to marginal rank
Anuj Mittal [Fri, 30 Nov 2018 07:16:09 +0000 (15:16 +0800)]
gstreamer1.0-vaapi: downgrade vaapisink to marginal rank

Using vaapisink (which doesn't supports DRI3 [1] and uses DRI2) with
default poky configuration currently results in an unresponsive display
because DRI2 rendering doesn't work (as of xserver 1.20.3) in non-composited
environments [2].

Downgrade vaapisink to marginal for now so playbin (and in turn gst-play
and gtk-play examples) uses next best sink element and works out of box.

[1] https://github.com/intel/libva/issues/122
[2] https://gitlab.freedesktop.org/xorg/xserver/issues/13

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agosanity: Add check for WSL
Richard Purdie [Fri, 16 Nov 2018 10:28:10 +0000 (10:28 +0000)]
sanity: Add check for WSL

Users are starting to expect OE to work under WSL which it doesn't. Add a warning to
tell them about this up front and manage expectations.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/httpserver: Rework to avoid hangs and improve logging
Richard Purdie [Fri, 16 Nov 2018 09:33:28 +0000 (09:33 +0000)]
oeqa/utils/httpserver: Rework to avoid hangs and improve logging

testimage.bbclass installs a SIGTERM handler which conflicts with the
use of multiprocessing here. This is paritcularly problematic if the http
service is terminated before its started and hence before its had a chance
to reset the default signal handler (as the code was written).

Instead, temporarily remove testimage's handler whilst forking the http process
which means the correct handler is installed and won't deadlock.

Also take the opportunity to add in some log messages about the server start
and shutdown so that future debugging is easier and its clearer what the code
is doing.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoopenssl-1.1.1: remove build path from version info
Martin Hundebøll [Thu, 15 Nov 2018 09:12:50 +0000 (10:12 +0100)]
openssl-1.1.1: remove build path from version info

The openssl build system generates buildinf.h containing the full
compiler command line used to compile objects. This breaks
reproducibility, as the compile command is baked into libcrypto, where
it is used when running `openssl version -f`.

Add stripped build variables for the compiler and cflags lines, and use
those when generating buildinfo.h.

This is based on a similar patch for older openssl versions:
https://patchwork.openembedded.org/patch/147229/

Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agobusybox: make busybox.links.{suid, nosuid} reproducible
Martin Hundebøll [Thu, 15 Nov 2018 09:12:49 +0000 (10:12 +0100)]
busybox: make busybox.links.{suid, nosuid} reproducible

The busybox.link.* files are generated from autoconf.h and applets.h,
which are both auto-generated by the build system. The contents of the
two files might be in different order, and so the link files are not
reproducble as is.

Fix this by sorting the lists using `sort`.

Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoshadow: improve reproducibility by hard-coding shell path
Martin Hundebøll [Thu, 15 Nov 2018 09:12:48 +0000 (10:12 +0100)]
shadow: improve reproducibility by hard-coding shell path

The shadow configure script tries really hard to detect the running
shell to make sure it doesn't do unsupported calls.

On my system the shell is detected as /bin/sh, while a build in an
ubuntu docker it resolves to /bin/bash. And since the shell path is
baked into the target binaries through config.h, the build becomes
inreproducible.

Fix reproducibility by hard-coding the shell to be /bin/sh

Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agocurl: actually apply latest CVE patches
Ross Burton [Fri, 9 Nov 2018 16:53:11 +0000 (16:53 +0000)]
curl: actually apply latest CVE patches

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agounzip: actually apply CVE-2018-18384
Ross Burton [Fri, 9 Nov 2018 16:28:36 +0000 (16:28 +0000)]
unzip: actually apply CVE-2018-18384

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/recipetool: Fix problems from changing upstream source
Mohamad Noor Alim Hussin [Fri, 9 Nov 2018 09:57:58 +0000 (17:57 +0800)]
oeqa/selftest/recipetool: Fix problems from changing upstream source

The upstream source tarball checksums changed. Use the copy from our source
mirror to avoid failures.

[YOCTO #12979]

Signed-off-by: Mohamad Noor Alim Hussin <mohamad.noor.alim.hussin@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoimage-buildinfo,oeqa/selftest/containerimage: Ensure image-buildinfo doesn't break...
Richard Purdie [Fri, 9 Nov 2018 11:24:47 +0000 (11:24 +0000)]
image-buildinfo,oeqa/selftest/containerimage: Ensure image-buildinfo doesn't break tests

Having image-buildinfo enabled causes containerimage.ContainerImageTests.test_expected_files
to fail due to the presence of an unexpected file:
  ['./',
   './etc/',
-  './etc/build',
   './etc/default/',
   './etc/default/postinst',

Tweak the class to allow it to be disabled and disable it from the test just in
case it was enabled.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agovalgrind: drop mips n32 support
Randy MacLeod [Wed, 7 Nov 2018 17:59:22 +0000 (12:59 -0500)]
valgrind: drop mips n32 support

valgrind for qemumips64 multilib builds fails to configure
for libn32 with the error:
   configure:6190: checking for 32 bit build support
   ...
   fatal error: bits/long-double-32.h: No such file or directory
It seems that the toolchain is producing:
   tmp-glibc/sysroots-components/mips64-n32/libn32-glibc/usr/include/bits/long-double-n32.h

Until the toolchain problem is resolved, skip valgrind for libn32.

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest: Standardize json logging output directory
Yeoh Ee Peng [Wed, 7 Nov 2018 07:08:31 +0000 (15:08 +0800)]
oeqa/selftest: Standardize json logging output directory

Currently sdk & sdkext will output json file to LOG_DIR, while
selftest will output json file to TOPDIR/log.

Standardize selftest json output file to LOG_DIR.

Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoglibc: make ld-2.28.so reproducible on arm
Martin Hundebøll [Tue, 6 Nov 2018 10:04:16 +0000 (11:04 +0100)]
glibc: make ld-2.28.so reproducible on arm

Play the whack-a-mole game and add the .file directive to another
assembly file that otherwise shows itself in ld-2.28.so debug file,
which in turns alters the build-id of ld-2.28.so on target.

Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agobase.bbclass: avoid 'find -ignore_readdir_race -delete'
Matthias Schiffer [Tue, 6 Nov 2018 08:56:23 +0000 (09:56 +0100)]
base.bbclass: avoid 'find -ignore_readdir_race -delete'

Due to a bug in find [1], -ignore_readdir_race does not work correctly with
-delete. This can lead to spurious build failures when files disappear
while such a command is running; specifically this was seen in the case of
do_configure and do_populate_lic running concurrently for packages
with ${B} == ${WORKDIR}:

   find: '.../sstate-build-populate_lic': No such file or directory

While the issue is fixed in the findutils git master, the find command of
the host system is called here, so we can't ensure that the used version
contains the fix. Many common distros have not updated to a recent enough
findutils version yet (Ubuntu 18.10 contains the fix, while 18.04 is still
affected).

Work around the issue by passing the output of find to 'rm -f' instead of
using -delete.

[1] https://savannah.gnu.org/bugs/?52981

Signed-off-by: Matthias Schiffer <matthias.schiffer@ew.tq-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agobinutils: fix four CVE issues
Zhixiong Chi [Tue, 6 Nov 2018 06:43:41 +0000 (22:43 -0800)]
binutils: fix four CVE issues

Backport the CVE patches from the binutils upstream.

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoperf: Disable libunwind for ARC & RISCV64
Alexey Brodkin [Wed, 31 Oct 2018 18:54:23 +0000 (21:54 +0300)]
perf: Disable libunwind for ARC & RISCV64

libunwind is not yet ported for ARC & RISCV64 and on attempt
to build it for those arches we just get an error message.

If we explicitly disable libunwind it is gracefully handled by
perf build system and it just gets configured to not use it
so perf is still usable even on those arches.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoapt: update SRC_URI
Changqing Li [Thu, 1 Nov 2018 03:15:17 +0000 (11:15 +0800)]
apt: update SRC_URI

update SRC_URI since previous link is not valid now

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoarchiver: Drop unwanted directories
Fabien Lahoudere [Mon, 29 Oct 2018 11:02:29 +0000 (12:02 +0100)]
archiver: Drop unwanted directories

In sources directory we can find patches/ and temp/.
The first one is filled with symbolic link unusable on another
machines.
The second contains yocto logs to create this archives and are
typically copied when 'S = "${WORKDIR}"'

Signed-off-by: Fabien Lahoudere <fabien.lahoudere@collabora.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoscripts/autobuilder-worker-prereq-tests: adjust max_user_watches
Michael Halstead [Mon, 5 Nov 2018 17:10:48 +0000 (09:10 -0800)]
scripts/autobuilder-worker-prereq-tests: adjust max_user_watches

Temporarily modify path to run as non-privileged user on more distros.
Change the recommended value to match what we use on the autobuilder.

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agometa: Use double colon for chown OWNER:GROUP
Kosta Zertsekel [Sun, 4 Nov 2018 19:24:46 +0000 (21:24 +0200)]
meta: Use double colon for chown OWNER:GROUP

Rationale - excerp from `info chown`
====================================

OWNER‘:’GROUP
     If the OWNER is followed by a colon and a GROUP (a group name or
     numeric group ID), with no spaces between them, the group ownership
     of the files is changed as well (to GROUP).

   Some older scripts may still use ‘.’ in place of the ‘:’ separator.
POSIX 1003.1-2001 (*note Standards conformance::) does not require
support for that, but for backward compatibility GNU ‘chown’ supports
‘.’ so long as no ambiguity results.  New scripts should avoid the use
of ‘.’ because it is not portable, and because it has undesirable
results if the entire OWNER‘.’GROUP happens to identify a user whose
name contains ‘.’.

Signed-off-by: Kosta Zertsekel <zertsekel@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agowic: use explicit errno import
Ross Burton [Mon, 5 Nov 2018 11:23:03 +0000 (11:23 +0000)]
wic: use explicit errno import

os.errno doesn't work in Python 3.7 and shouldn't have ever worked, so use
import errno explicitly.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest: Add test for Yocto source mirror functionality/completeness
Richard Purdie [Mon, 5 Nov 2018 15:52:09 +0000 (15:52 +0000)]
oeqa/selftest: Add test for Yocto source mirror functionality/completeness

We've had a number of occasions where the Yocto Project source mirrors have not
been complete or functioning correctly. This adds a test so that if this happens
we find out out it sooner.

It also only works over http meaning we should be able to test that anyone behind
an http only proxy (no git protocol) also has functional fetches for OE-Core and
layers built by the core of the project.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agolibgpg-error: Support build for native on ppc64/ppc64le hosts
Serhey Popovych [Thu, 1 Nov 2018 17:21:10 +0000 (19:21 +0200)]
libgpg-error: Support build for native on ppc64/ppc64le hosts

Both RHEL and SLES uses ppc64/ppc64le for powerpc 64 bit big/little
endian targets instead of powerpc64/powerpc64le in libgpg-error.

Also libgpg-error provides common target system names in form like
<arch>-unknown-linux-gnu.

Add mapping for ppc64/ppc64le targets to their libgpg-error equivalents
to fix native builds.

Cross build for arm64 tested on IBM Power 8 machine with RHEL7 for
ppc64le variant only, but should work for ppc64 as well.

Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agov86d: Make cross compilation working on more architectures
Serhey Popovych [Wed, 31 Oct 2018 14:55:47 +0000 (16:55 +0200)]
v86d: Make cross compilation working on more architectures

Since commit 709c603dec19 ("v86d: Accept aarch64 as build host") we
support cross compilation on aarch64 host in addition to x86 host.
However building on hosts different than two above will fail.

Make cross compilation support more generic by checking for TARGET_ARCH
in v86d configure script with fallback to `uname -m` when not present in
environment and pass TARGET_ARCH explicitly in do_configure().

Cross build for x86 tested on IBM Power 8 machine with RHEL7. Should
work on aarch64 and rest too.

Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooe-init-buildenv/base: Relax python version checks in favour of HOSTTOOLS manipulation
Richard Purdie [Tue, 30 Oct 2018 11:18:54 +0000 (11:18 +0000)]
oe-init-buildenv/base: Relax python version checks in favour of HOSTTOOLS manipulation

Several distros are now shipping "python" as python v3 contra to the original
python guidelines. This causes users confusion/pain in trying to use our tools.

We can just force "python" to "python2" within HOSTTOOLS to avoid this issue
and hide the complexity from the user.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/runtime/ptest: Inject results+logs into stored json results file
Richard Purdie [Fri, 2 Nov 2018 13:13:43 +0000 (13:13 +0000)]
oeqa/runtime/ptest: Inject results+logs into stored json results file

This allows the ptest results from ptest-runner, run in an image to be
transferred over to the resulting json results output.

Each test is given a pass/skip/fail so individual results can be monitored
and the raw log output from the ptest-runner is also dumped into the
results json file as this means after the fact debugging becomes much easier.

Currently the log output is not split up per test but that would make a good
future enhancement.

I attempted to implement this as python subTests however it failed as the
output was too confusing, subTests don't support any kind of log
output handling, subTest successes aren't logged and it was making things
far more complex than they needed to be.

We mark ptest-runner as "EXPECTEDFAILURE" since its unlikely every ptest
will pass currently and we don't want that to fail the whole image test run.
Its assumed there would be later analysis of the json output to determine
regressions. We do have to change the test runner code so that
'unexpectedsuccess' is not a failure.

Also, the test names are manipuated to remove spaces and brackets with
"_" used as a replacement and any duplicate occurrences truncated.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agocrosssdk: Remove usage of host flags for cross-compilation
Richard Purdie [Wed, 31 Oct 2018 22:38:43 +0000 (22:38 +0000)]
crosssdk: Remove usage of host flags for cross-compilation

Similarlly to OE-Core rev 4b936cde58ca0a6f34092ce82640a02859110411 for
cross.sdk, BUILD_* flags can't be used as TARGET_* flags

gcc-crosssdk buils leaks config.log's through "gcc-stashed-builddir" and
TARGET_* flags to libgcc cross-build through "gcc/libgcc.mvars" file
on "gcc-stashed-builddir". This means that if BUILD_CFLAGS contains
host-specific flags like "-isystem/usr/include" libgcc build will
fail "do_qa_configure" and "do_package_qa" checks.

Remove host-related flags from TARGET_* flags for gcc-crosssdk builds.

[YOCTO #11874]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogo: Change from TARGET_ARCH to TUNE_PKGARCH
Richard Purdie [Wed, 31 Oct 2018 14:52:11 +0000 (14:52 +0000)]
go: Change from TARGET_ARCH to TUNE_PKGARCH

Right now go-cross is changing signatures when you change TUNE for a given
architecture. In particular this breaks layer tests like:

yocto-check-layer ../meta-yocto-bsp/ --machines qemuarm beaglebone-yocto

This changes the PN addtion to something containing the tune rather than
the arch which avoids these kinds of errors. If go-cross can be tune
independent that would be nice but currently that isn't the case.

[YOCTO #12586]

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogo-dep: disable PTEST_ENABLED for mips and mips64
Chen Qi [Tue, 30 Oct 2018 06:32:42 +0000 (14:32 +0800)]
go-dep: disable PTEST_ENABLED for mips and mips64

The current go-dep does not compile ptest successfully on mips
and mips64. So as a workaround, disable PTEST_ENABLED explicitly
to avoid error like below.

  | vet config not found

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agopython3: add python3-venv to the python3-modules RDEPENDS
Ross Burton [Mon, 5 Nov 2018 11:22:58 +0000 (11:22 +0000)]
python3: add python3-venv to the python3-modules RDEPENDS

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agopython3: Fix python3-pyvenv run-time dependency
Hugues Kamba [Tue, 30 Oct 2018 09:37:25 +0000 (09:37 +0000)]
python3: Fix python3-pyvenv run-time dependency

Pyvenv is just a small script that uses venv to create virtual
environments.
https://www.python.org/dev/peps/pep-0405/#creating-virtual-environments

This patch adds the python3-venv module as a self-contained package which
python3-pyvenv must depend on at run-time.

The patch also provides the package python3-pyvenv from the pyhton3-venv
package.This is good for future-proofing since python3-pyvenv has been
deprecated and only python3-venv is now available in Python 3.6.
https://docs.python.org/3/library/venv.html.

Without this patch python3-pyvenv is broken because it is missing the
venv module at run-time. This patch specifies the newly created
python3-venv as a run-time dependency of python3-pyvenv.

Signed-off-by: Hugues Kamba <hugues.kamba@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogdbm: fix ptest failure
Chen Qi [Tue, 30 Oct 2018 08:06:42 +0000 (16:06 +0800)]
gdbm: fix ptest failure

Some of gdbm's ptest cases require gdbmtool, which is packaged into
${PN}-bin. So extend the RDEPENDS_${PN}-ptest to include the package.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agopixman: Trim license info extracted from pixman-matrix.c
Peter Kjellerstedt [Sat, 3 Nov 2018 09:30:29 +0000 (10:30 +0100)]
pixman: Trim license info extracted from pixman-matrix.c

Four unrelated lines were extracted from pixman-matrix.c for the
license information.

License-Update: Only extract the relevant part from pixman-matrix.c
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agolibgpg-error: Trim license info extracted from init.c & gpg-error.h.in
Peter Kjellerstedt [Sat, 3 Nov 2018 09:30:28 +0000 (10:30 +0100)]
libgpg-error: Trim license info extracted from init.c & gpg-error.h.in

License-Update: Only extract relevant parts from init.c & gpg-error.h.in
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoapr-util: Trim license info extracted from apu_version.h
Peter Kjellerstedt [Sat, 3 Nov 2018 09:30:27 +0000 (10:30 +0100)]
apr-util: Trim license info extracted from apu_version.h

Two unrelated lines were extracted from apu_version.h for the license
information.

License-Update: Only extract the relevant part from apu_version.h
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoapr: Trim license info extracted from apr_lib.h
Peter Kjellerstedt [Sat, 3 Nov 2018 09:30:26 +0000 (10:30 +0100)]
apr: Trim license info extracted from apr_lib.h

Two unrelated lines were extracted from apr_lib.h for the license
information.

License-Update: Only extract the relevant part from apr_lib.h
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agocommon-licenses: Correct the FreeType license text
Peter Kjellerstedt [Sat, 3 Nov 2018 09:30:25 +0000 (10:30 +0100)]
common-licenses: Correct the FreeType license text

It now matches:
http://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/FTL.TXT

Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoreproducible_build: update do_deploy_source_date_epoch commment
Douglas Royds [Mon, 5 Nov 2018 05:39:41 +0000 (18:39 +1300)]
reproducible_build: update do_deploy_source_date_epoch commment

Once the value of SOURCE_DATE_EPOCH is determined, it is stored in the recipe's SDE_FILE.
If none of the existing mechanisms are suitable, replace the do_deploy_source_date_epoch task
with recipe-specific functionality to write the appropriate SOURCE_DATE_EPOCH into the SDE_FILE.

Signed-off-by: Douglas Royds <douglas.royds@taitradio.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
6 years agocurl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842
Changqing Li [Fri, 2 Nov 2018 06:07:49 +0000 (14:07 +0800)]
curl: fix for CVE-2018-16839/CVE-2018-16840/CVE-2018-16842

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoopenssl: fix CVE-2018-0735 for 1.1.1
Kai Kang [Fri, 2 Nov 2018 08:02:14 +0000 (16:02 +0800)]
openssl: fix CVE-2018-0735 for 1.1.1

Backport patch to fix CVE-2018-0735 for openssl 1.1.1.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoopenssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1
Kai Kang [Fri, 2 Nov 2018 08:02:13 +0000 (16:02 +0800)]
openssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1

Backport patches to fix CVE-2018-0734 for both openssl 1.0.2p and 1.1.1
versions.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoghostscript: fix CVE-2018-18284
Hongxu Jia [Mon, 5 Nov 2018 08:03:37 +0000 (16:03 +0800)]
ghostscript: fix CVE-2018-18284

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving the 1Policy
operator.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoghostscript: fix CVE-2018-18073
Hongxu Jia [Mon, 5 Nov 2018 08:03:36 +0000 (16:03 +0800)]
ghostscript: fix CVE-2018-18073

Artifex Ghostscript allows attackers to bypass a sandbox protection
mechanism by leveraging exposure of system operators in the saved
execution stack in an error object.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoghostscript: fix CVE-2018-17961
Hongxu Jia [Mon, 5 Nov 2018 08:03:35 +0000 (16:03 +0800)]
ghostscript: fix CVE-2018-17961

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a
sandbox protection mechanism via vectors involving errorhandler
setup. NOTE: this issue exists because of an incomplete fix for
CVE-2018-17183.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoelfutils: fix CVE-2018-18520 & CVE-2018-18521 & CVE-2018-18310
Hongxu Jia [Fri, 2 Nov 2018 09:52:51 +0000 (17:52 +0800)]
elfutils: fix CVE-2018-18520 & CVE-2018-18521 & CVE-2018-18310

These CVE fixes come from upstream master branch and no
new version released, so backport rather than upgrade.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoelfutils: 0.173 -> 0.174
Hongxu Jia [Fri, 2 Nov 2018 09:52:50 +0000 (17:52 +0800)]
elfutils: 0.173 -> 0.174

- Drop backport fixes
  CVE-2018-16062.patch
  0001-libdw-Check-end-of-attributes-list-consistently.patch
  0002-libelf-Return-error-if-elf_compress_gnu-is-used-on-S.patch

- Rebase 0008-build-Provide-alternatives-for-glibc-assumptions-hel.patch

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agonasm: fix CVE-2018-1000667
Hongxu Jia [Tue, 23 Oct 2018 08:35:06 +0000 (04:35 -0400)]
nasm: fix CVE-2018-1000667

Since the latest nasm is  2.14rc16 (not formal release),
so backport a patch to 2.13 to fix CVE-2018-1000667.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agounzip: fix for CVE-2018-18384
Changqing Li [Fri, 2 Nov 2018 06:08:57 +0000 (14:08 +0800)]
unzip: fix for CVE-2018-18384

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agoqemu: fix for CVE-2018-10839
Changqing Li [Fri, 2 Nov 2018 06:08:45 +0000 (14:08 +0800)]
qemu: fix for CVE-2018-10839

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agosystemd: fix CVE-2018-15688
Chen Qi [Fri, 2 Nov 2018 04:42:43 +0000 (12:42 +0800)]
systemd: fix CVE-2018-15688

Backport patch to fix the following CVE.

CVE: CVE-2018-15688

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agosystemd: fix CVE-2018-15687
Chen Qi [Fri, 2 Nov 2018 04:42:42 +0000 (12:42 +0800)]
systemd: fix CVE-2018-15687

Backport patch to fix the following CVE.

CVE: CVE-2018-15687

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agosystemd: fix CVE-2018-15686
Chen Qi [Fri, 2 Nov 2018 04:42:41 +0000 (12:42 +0800)]
systemd: fix CVE-2018-15686

Backport patch to fix the following CVE.

CVE: CVE-2018-15686

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotzdata: update to 2018g
Armin Kuster [Mon, 29 Oct 2018 01:29:32 +0000 (01:29 +0000)]
tzdata: update to 2018g

  Changes to code

    When generating TZif files with leap seconds, zic no longer uses a
    format that trips up older 32-bit clients, fixing a bug introduced
    in 2018f.  (Reported by Daniel Fischer.)  Also, the zic workaround
    for QTBUG-53071 now also works for TZif files with leap seconds.

    The translator to rearguard format now rewrites the line
    "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
    "Rule Japan 1948 1951 - Sep Sun>=9  1:00 0 S".
    This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
    and earlier.  (Reported by Christos Zoulas.)

  Changes to past time zone abbreviations

    Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
    This reverts to 2011h, as the abbreviation change in 2011i was
    likely inadvertent.

  Changes to documentation

    tzfile.5 has new sections on interoperability issues.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
6 years agotzcode-native: update to 2018g
Armin Kuster [Sun, 28 Oct 2018 23:38:32 +0000 (23:38 +0000)]
tzcode-native: update to 2018g

  Changes to code

    When generating TZif files with leap seconds, zic no longer uses a
    format that trips up older 32-bit clients, fixing a bug introduced
    in 2018f.  (Reported by Daniel Fischer.)  Also, the zic workaround
    for QTBUG-53071 now also works for TZif files with leap seconds.

    The translator to rearguard format now rewrites the line
    "Rule Japan 1948 1951 - Sep Sat>=8 25:00 0 S" to
    "Rule Japan 1948 1951 - Sep Sun>=9  1:00 0 S".
    This caters to zic before 2007 and to Oracle TZUpdater 2.2.0
    and earlier.  (Reported by Christos Zoulas.)

  Changes to past time zone abbreviations

    Change HDT to HWT/HPT for WWII-era abbreviations in Hawaii.
    This reverts to 2011h, as the abbreviation change in 2011i was
    likely inadvertent.

  Changes to documentation

    tzfile.5 has new sections on interoperability issues.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
6 years agonss: update to 3.39 includes CVE-2018-12384
Armin Kuster [Sat, 20 Oct 2018 12:00:13 +0000 (13:00 +0100)]
nss: update to 3.39 includes CVE-2018-12384

see: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.39_release_notes

Signed-off-by: Armin Kuster <akuster@mvista.com>
6 years agoxserver-xorg: fix CVE-2018-14665
Ross Burton [Thu, 1 Nov 2018 11:15:58 +0000 (11:15 +0000)]
xserver-xorg: fix CVE-2018-14665

Incorrect command-line parameter validation in the Xorg X server can lead to
privilege elevation and/or arbitrary files overwrite, when the X server is
running with elevated privileges (ie when Xorg is installed with the setuid bit
set and started by a non-root user). The -modulepath argument can be used to
specify an insecure path to modules that are going to be loaded in the X server,
allowing to execute unprivileged code in the privileged process. The -logfile
argument can be used to overwrite arbitrary files in the file system, due to
incorrect checks in the parsing of the option.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agobuild-appliance-image: Update to master head revision 2018-10 2018-10-thud yocto-2.6
Richard Purdie [Mon, 29 Oct 2018 17:37:49 +0000 (17:37 +0000)]
build-appliance-image: Update to master head revision

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotzdata: update to 2018f
Armin Kuster [Mon, 22 Oct 2018 14:05:12 +0000 (15:05 +0100)]
tzdata: update to 2018f

 Briefly:
  Volgograd moves from +03 to +04 on 2018-10-28.
  Fiji ends DST 2019-01-13, not 2019-01-20.
  Most of Chile changes DST dates, effective 2019-04-06.

  Changes to future timestamps

    Volgograd moves from +03 to +04 on 2018-10-28 at 02:00.
    (Thanks to Alexander Fetisov and Stepan Golosunov.)

    Fiji ends DST 2019-01-13 instead of the 2019-01-20 previously
    predicted.  (Thanks to Raymond Kumar.)  Adjust future predictions
    accordingly.

    Most of Chile will end DST on the first Saturday in April at 24:00 mainland
    time, and resume DST on the first Saturday in September at 24:00 mainland
    time.  The changes are effective from 2019-04-06, and do not affect the
    Magallanes region modeled by America/Punta_Arenas.  (Thanks to Juan Correa
    and Tim Parenti.)  Adjust future predictions accordingly.

  Changes to past timestamps

    The 2018-05-05 North Korea 30-minute time zone change took place
    at 23:30 the previous day, not at 00:00 that day.

    China's 1988 spring-forward transition was on April 17, not
    April 10.  Its DST transitions in 1986/91 were at 02:00, not 00:00.
    (Thanks to P Chan.)

    Fix several issues for Macau before 1992.  Macau's pre-1904 LMT
    was off by 10 s.  Macau switched to +08 in 1904 not 1912, and
    temporarily switched to +09/+10 during World War II.  Macau
    observed DST in 1942/79, not 1961/80, and there were several
    errors for transition times and dates.  (Thanks to P Chan.)

    The 1948-1951 fallback transitions in Japan were at 25:00 on
    September's second Saturday, not at 24:00.  (Thanks to Phake Nick.)
    zic turns this into 01:00 on the day after September's second
    Saturday, which is the best that POSIX or C platforms can do.

    Incorporate 1940-1949 Asia/Shanghai DST transitions from a 2014
    paper by Li Yu, replacing more-questionable data from Shanks.

  Changes to time zone abbreviations

    Use "PST" and "PDT" for Philippine time.  (Thanks to Paul Goyette.)

 Changes to documentation

    New restrictions: A Rule name must start with a character that
    is neither an ASCII digit nor "-" nor "+", and an unquoted name
    should not use characters in the set "!$%&'()*,/:;<=>?@[\]^`{|}~".
    The latter restriction makes room for future extensions (a
    possibility noted by Tom Lane).

    tzfile.5 now documents what time types apply before the first and
    after the last transition, if any.

    Documentation now uses the spelling "timezone" for a TZ setting
    that determines timestamp history, and "time zone" for a
    geographic region currently sharing the same standard time.

    The name "TZif" is now used for the tz binary data format.

    tz-link.htm now mentions the A0 TimeZone Migration utilities.
    (Thanks to Aldrin Martoq for the link.)

  Changes to build procedure

    New 'make' target 'rearguard_tarballs' to build the rearguard
    tarball only.  This is a convenience on platforms that lack lzip
    if you want to build the rearguard tarball.  (Problem reported by
    Deborah Goldsmith.)

    tzdata.zi is now more stable from release to release.  (Problem
    noted by Tom Lane.)  It is also a bit shorter.

    tzdata.zi now can contain comment lines documenting configuration
    information, such as which data format was selected, which input
    files were used, and how leap seconds are treated.  (Problems
    noted by Lester Caine and Brian Inglis.)  If the Makefile defaults
    are used these comment lines are absent, for backward
    compatibility.  A redistributor intending to alter its copy of the
    files should also append "-LABEL" to the 'version' file's first
    line, where "LABEL" identifies the redistributor's change.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotzcode: update to 2018f
Armin Kuster [Mon, 22 Oct 2018 14:05:11 +0000 (15:05 +0100)]
tzcode: update to 2018f

 Changes to code

    zic now always generates TZif files where time type 0 is used for
    timestamps before the first transition.  This simplifies the
    reading of TZif files and should not affect behavior of existing
    TZif readers because the same set of time types is used; only
    their internal indexes may have changed.  This affects only the
    legacy zones EST5EDT, CST6CDT, MST7MDT, PST8PDT, CET, MET, and
    EET, which previously used nonzero types for these timestamps.

    Because of the type 0 change, zic no longer outputs a dummy
    transition at time -2**59 (before the Big Bang), as clients should
    no longer need this to handle historical timestamps correctly.
    This reverts a change introduced in 2013d and shrinks most TZif
    files by a few bytes.

    zic now supports negative time-of-day in Rule and Leap lines, e.g.,
    "Rule X min max - Apr lastSun -6:00 1:00 -" means the transition
    occurs at 18:00 on the Saturday before the last Sunday in April.
    This behavior was documented in 2018a but the code did not
    entirely match the documentation.

    localtime.c no longer requires at least one time type in TZif
    files that lack transitions or have a POSIX-style TZ string.  This
    future-proofs the code against possible future extensions to the
    format that would allow TZif files with POSIX-style TZ strings and
    without transitions or time types.

    A read-access subscript error in localtime.c has been fixed.
    It could occur only in TZif files with timecnt == 0, something that
    does not happen in practice now but could happen in future versions.

    localtime.c no longer ignores TZif POSIX-style TZ strings that
    specify only standard time.  Instead, these TZ strings now
    override the default time type for timestamps after the last
    transition (or for all time stamps if there are no transitions),
    just as DST strings specifying DST have always done.

    leapseconds.awk now outputs "#updated" and "#expires" comments,
    and supports leap seconds at the ends of months other than June
    and December.  (Inspired by suggestions from Chris Woodbury.)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agobuild-appliance-image: Update to thud head revision
Richard Purdie [Mon, 29 Oct 2018 17:32:54 +0000 (17:32 +0000)]
build-appliance-image: Update to thud head revision

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agomeson: map powerpc64 TARGET_ARCH to ppc64 for the cross file
Victor Kamensky [Mon, 29 Oct 2018 14:32:54 +0000 (07:32 -0700)]
meson: map powerpc64 TARGET_ARCH to ppc64 for the cross file

Meson uses 'ppc64' for 64 bit powerpc. Issue came up while
building systemd for MACHINE that uses ppc64e5500 tune.

Signed-off-by: Victor Kamensky <kamensky@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agolibxcrypt: tweak branch from master to develop
Hongxu Jia [Mon, 29 Oct 2018 06:33:03 +0000 (14:33 +0800)]
libxcrypt: tweak branch from master to develop

The master branch does not exist any more, use develop to replace.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogroff: not search fonts on build host
Kai Kang [Fri, 26 Oct 2018 09:45:36 +0000 (17:45 +0800)]
groff: not search fonts on build host

groff searches fonts on build host which are provided by ghostscript.
The number of font files installed by groff are different according to
whether ghostscript fonts are installed on build host. Fix it by not
search font dirs on the host.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogit: upgrade 2.18.0 -> 2.18.1
Changqing Li [Thu, 25 Oct 2018 02:17:36 +0000 (10:17 +0800)]
git: upgrade 2.18.0 -> 2.18.1

Includes a fix for CVE-2018-17456.

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agogitignore: Ignore repo tool directory
Christian Meusel [Thu, 25 Oct 2018 16:48:54 +0000 (18:48 +0200)]
gitignore: Ignore repo tool directory

This reduces the noise produced by 'git status' and 'repo status' when
orchestrating the layers with Google's repo tool
(https://gerrit.googlesource.com/git-repo/).

Signed-off-by: Christian Meusel <christian.meusel@posteo.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/utils/metadata: Allow to function without the git module
Richard Purdie [Mon, 29 Oct 2018 13:46:52 +0000 (13:46 +0000)]
oeqa/utils/metadata: Allow to function without the git module

The python git module may or may not be enabled, allow this code to
function without it, falling back to the same method as metadata_scm.bbclass
uses. This will be cleaned up in the next round of feature development.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/core/runner: Don't add empty log entries
Richard Purdie [Mon, 29 Oct 2018 13:48:14 +0000 (13:48 +0000)]
oeqa/core/runner: Don't add empty log entries

There is no point in adding empty log entries to the json result files, only
add them if there is log data.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotestsdk: Improvements to the json logging
Richard Purdie [Mon, 29 Oct 2018 13:49:24 +0000 (13:49 +0000)]
testsdk: Improvements to the json logging

Tweak the preceeding commit to:
* Add STARTTIME to the identifier to make it unique
* Add MACHINE to the identifier
* Use LOG_DIR
* Store the layer config in a more natural json format
* Drop '_' function prefixes

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotestsdk.bbclass: write testresult to json files
Yeoh Ee Peng [Tue, 23 Oct 2018 05:57:22 +0000 (13:57 +0800)]
testsdk.bbclass: write testresult to json files

As part of the solution to replace Testopia to store testresult,
OEQA sdk and sdkext need to output testresult into json files, where
these json testresult files will be stored into git repository
by the future test-case-management tools.

By default, json testresult file will be written to "oeqa"
directory under the "WORKDIR" directory.

To configure multiple instances of bitbake to write json testresult
to a single testresult file at custom directory, user will define
the variable "OEQA_JSON_RESULT_DIR" with the custom directory for
json testresult.

Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotestimage: Improvements to the json logging
Richard Purdie [Mon, 29 Oct 2018 13:49:14 +0000 (13:49 +0000)]
testimage: Improvements to the json logging

Tweak the preceeding commit to:

* Add STARTTIME to the identifier to make it unique
* Log DISTRO
* Use LOG_DIR
* Store the layer config in a more natural json format
* Drop '_' function prefixes

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agotestimage.bbclass: write testresult to json files
Yeoh Ee Peng [Tue, 23 Oct 2018 05:57:21 +0000 (13:57 +0800)]
testimage.bbclass: write testresult to json files

As part of the solution to replace Testopia to store testresult,
OEQA testimage need to output testresult into json files, where
these json testresult files will be stored into git repository
by the future test-case-management tools.

By default, json testresult file will be written to "oeqa"
directory under the "WORKDIR" directory.

To configure multiple instances of bitbake to write json testresult
to a single testresult file at custom directory, user will define
the variable "OEQA_JSON_RESULT_DIR" with the custom directory for
json testresult.

Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest: Improvements to the json logging
Richard Purdie [Mon, 29 Oct 2018 13:49:02 +0000 (13:49 +0000)]
oeqa/selftest: Improvements to the json logging

Tweak the preceeding commit to:

* Add STARTTIME to the identifier to make it unique
* Use LOG_DIR
* Store the layer config in a more natural json format
* Drop '_' function prefixes

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/selftest/context: write testresult to json files
Yeoh Ee Peng [Tue, 23 Oct 2018 05:57:20 +0000 (13:57 +0800)]
oeqa/selftest/context: write testresult to json files

As part of the solution to replace Testopia to store testresult,
OEQA selftest need to output testresult into json files, where
these json testresult files will be stored into git repository
by the future test-case-management tools.

By default, json testresult file will be written to "oeqa"
directory under the oe-selftest log directory.

To configure multiple instances of bitbake to write json testresult
to a single testresult file at custom directory, user will define
the variable "OEQA_JSON_RESULT_DIR" with the custom directory for
json testresult.

Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agooeqa/core/runner: write testresult to json files
Yeoh Ee Peng [Tue, 23 Oct 2018 05:57:19 +0000 (13:57 +0800)]
oeqa/core/runner: write testresult to json files

As part of the solution to replace Testopia to store testresult,
OEQA need to output testresult into single json file, where json
testresult file will be stored in git repository by the future
test-case-management tools.

The json testresult file will store more than one set of results,
where each set of results was uniquely identified by the result_id.
The result_id would be like "runtime-qemux86-core-image-sato", where
it was a runtime test with target machine equal to qemux86 and running
on core-image-sato image. The json testresult file will only store
the latest test content for a given result_id. The json testresult
file contains the configuration (eg. COMMIT, BRANCH, MACHINE, IMAGE),
result (eg. PASSED, FAILED, ERROR), test log, and result_id.

Based on the destination json testresult file directory provided,
it could have multiple instances of bitbake trying to write json
testresult to a single testresult file, using locking a lockfile
alongside the results file directory to prevent races.

Also the library class inside this patch will be reused by the future
test-case-management tools to write json testresult for manual test
case executed.

Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agocurl: extend CVE_PRODUCT
Grygorii Tertychnyi [Mon, 29 Oct 2018 15:13:10 +0000 (17:13 +0200)]
curl: extend CVE_PRODUCT

There are both "curl" and "libcurl" CPEs in NVD.
All "curl" CVEs are now missed in the reports.

Hence, switch "CVE_PRODUCT" to a space separated list
of the items.

Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
6 years agocve-check: Allow multiple entries in CVE_PRODUCT
Grygorii Tertychnyi [Mon, 29 Oct 2018 15:13:10 +0000 (17:13 +0200)]
cve-check: Allow multiple entries in CVE_PRODUCT

There are both "curl" and "libcurl" CPEs in NVD.
All "curl" CVEs are currently missing in the reports.

Hence, switch "CVE_PRODUCT" to a space separated list.
It is useful for recipes generating several packages,
that have different product names in NVD.

Signed-off-by: Grygorii Tertychnyi <gtertych@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>