The user site-packages gets inserted into sys.path ahead of the
system site directories, so a site package installed there will
be used in preference to what's in our sysroot, causing less
deterministic builds, and potential build breakage, depending
on what the user has installed there. Disable it for our native
python, so they don't affect our builds.
(From OE-Core rev: c448bf3629ab5d930ed845d4ba48e37e4a85d2a3)
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Yasir-Khan <yasir_khan@mentor.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
http://bugs.python.org/issue21529
Python 2 and 3 are susceptible to arbitrary process memory reading by
a user or adversary due to a bug in the _json module caused by
insufficient bounds checking.
The sole prerequisites of this attack are that the attacker is able to
control or influence the two parameters of the default scanstring
function: the string to be decoded and the index.
The bug is caused by allowing the user to supply a negative index
value. The index value is then used directly as an index to an array
in the C code; internally the address of the array and its index are
added to each other in order to yield the address of the value that is
desired. However, by supplying a negative index value and adding this
to the address of the array, the processor's register value wraps
around and the calculated value will point to a position in memory
which isn't within the bounds of the supplied string, causing the
function to access other parts of the process memory.
(From OE-Core rev: 9ec213bf67afbdfdbe25802ec86487bb22aeb2e4)
Signed-off-by: Benjamin Peterson <benjamin@python.org>
Applied to python-native recipe in order to fix the above mentioned
vulnerability.
Upstream-Status: Submitted
Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We apply this patch to the python recipe already. Without this patch
the zeroc-ice-native recipe will not build.
See: http://bugs.python.org/issue17547 for more details.
(From OE-Core rev: 2335a8ed3748e687e7f34f21f27f8e4029d1e26b)
Signed-off-by: Philip Balister <philip@balister.org>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes [YOCTO #4497]
Usage of FILESPATH is discouraged, since it can make recipes harder to
bbappend. Instead FILESEXTRAPATHS should be used to extend the
path. Don't migrate paths that already exist in base FILESPATH to
FILESEXTRAPATHS.
(From OE-Core rev: 00cbfadbf402ad1462ec0c8eaaaefa9a225a4aa7)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport two patches from upstream:
use new readline function types (closes#20374)
Issue #20374: Avoid compiler warnings when compiling readline with libedit.
[YOCTO #6107]
(From OE-Core rev: a6b91ae7dec2edebc0eaea0592c42b1c455ad4d7)
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using make -j with the 'install' target, it's possible for altbininstall
(which normally creates BINDIR) and libainstall (which doesn't, though it
installs python-config there) to race, resulting in a failure due to
attempting to install python-config into a nonexistent BINDIR. Ensure it also
exists in the libainstall target.
(From OE-Core rev: 54da47f3ddc1c009594744793060ffd09db3ad11)
Signed-off-by: Christopher Larson <kergoth@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is now required by python-argparse-native as of OE-Core revision
8d0e84bdfaf63ad61be7b015dd55dacccfa9132c.
(From OE-Core rev: e9e03d44d6a402fecdf0d62ff09a1f6af9da10bb)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a symlink to the native Python so that scripts can just invoke
"nativepython" and get the right one without needing absolute paths (these often
end up too long for the #! parser in the kernel as the buffer is 128 bytes
long).
The name "nativepython" was chosen to match the existing "nativeperl" which
serves the same purpose.
(From OE-Core rev: d99dac66e3e121e96c4d8a29aee846d4b8f38622)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We had hard coded python-native and python's default optimization to 1,
which made the "assert" statement didn't work, and removed the "-O/-OO"
(optimization options), the target python had a "-N" option to disable
the default optimization, but the native python didn't.
I think that we can set the environment variable PYTHONOPTIMIZE or use
"python -O" if we need to optimize, but I'm not sure whether we need to
set it by default, it would confuse the user or cause/hide unexpected
problems if the "assert" doesn't work.
[YOCTO #4427]
(From OE-Core rev: 165ed464bbb9bf985dde9d8c15d000809901fff6)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In a small number of cases we need to have ${PN} in FILESPATH rather
than ${BPN}. Rather than hurt readability for all other recipes,
set FILESPATH in these recipes so we can prune the default.
(From OE-Core rev: d61ef6ce86abe5b484a2a2602982f4ded54b3f9a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Its bad practise to poke into the sysroot without knowledge of sstate.
This adds a patch to python allowing us to account for cross compiling
and allow it to find the Makefile/pyconfig.h files without needing them
in the sysroot for do_compile/do_install to complete.
Tested on two architectures and compared with buildhistory with no
significant delta.
(From OE-Core rev: 16da4f75a75dc8020803df9ea73a2a7ead88cc5a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
follow Richard's approach, modify bzip2-native recipe to install bzip2 package
binaries to STAGING_BINDIR_NATIVE/bzip2-native to avoid problems when other
package is doing upack to reference bzip2. libbz2.so* still installs to
STAGING_LIBDIR_NATIVE.
change python-native to depends on bzip2-replacement-native instead of
bzip2-full-native and add EXTRANATIVEPATH for bzip2-native.
Didn't add bzip2native.bbclass as python-native is the only user so far.
(From OE-Core rev: 5bf3541836457465aa76577bfb41cdf6316213c9)
Signed-off-by: Yao Zhao <yao.zhao@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update python-native to install the binaries in the python-native directory,
add pythonnative.bbclass to let recipes that need python-native use the
binaries and update disutils access the new binaries. Update distutils-base
to inherit pythonnative.
(From OE-Core rev: a2e554f731437545e9483a7a73e6847c03f6f48a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bin/python2 link is provided by the python install process,
so no need to create it.
rebase these patches to the newer code:
fix_for_using_different_libdir.patch
04-default-is-optimized.patch
remove this patch as it is upstream now:
sys_platform_is_now_always_linux2.patch
Change default python version to 2.7.3 in the distro config
(From OE-Core rev: 5d92a95ea9b480235b7c9ca5949a681376eba725)
Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>