* to be able to mount vfat formatted
usbsticks we need the nls subsystem
* providing nls as modules is a bad idea because
you need to add them at image creation
* better include them into the kernel,
like the kernel for bts and bts-2050 does
Let's flash multiple copies of UBL and U-Boot to cope better with
NAND bits flipping in these sectors. To fit multiple copies of
U-Boot into the flash we had to move the rootfs a bit to the end.
* setting APPEND in the image file overwrites
the APPEND from boot-directdisk.bbclass in edison, which
creates the syslinux.cfg without "root=" stanza
* for dora we do not use syslinux or the image-directdisk
so revert this paticular changes
Fixes: SYS#373
Daniel noticed that on upgrade his /etc/osmocom/osmo-bts.cfg
was overwritten. This was due the addition of the sysmobts-mgr
config file and using an assignment instead of an append.
A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.
https://access.redhat.com/security/cve/CVE-2014-0198
(From OE-Core rev: 4c58fe468790822fe48e0a570779979c831d0f10)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We will change the MTD partitioning for our devices soon. The
kernel needs to honor the cmdline given by the kernel for that.
The rootfs will move a few pages to the back with newer bootloaders.
If we don't provide a DNS server via DHCP to the BTSs, then their
ntpdate will not succeed in contacting pool.ntp.org (resolver failure),
which in turn means they have the wrong date, which again in turn leads
to failing opkg update or openvpn certificate verification failures.
Update to current master of lcr, which includes support for AMR
and RTP-bridge. Master openbsc doesn't support RTP-bridge yet,
but it will work with a transcoding LCR getting all TCH frames
in all codecs (HR/FR/EFR/AMR) via MNCC.
The .pc files were already covered by the normal -dev package
glob. No need to do more work here.
Addresses:
WARNING: Variable key FILES_${PN}-dev (${includedir} ${FILES_SOLIBSDEV} ${libdir}/*.la ${libdir}/*.o ${libdir}/pkgconfig ${datadir}/pkgconfig ${datadir}/aclocal ${base_libdir}/*.o ${libdir}/${BPN}/*.la ${base_libdir}/*.la) replaces original key FILES_gpsd-dev ( ${libdir}/pkgconfdir/libgpsd.pc ${libdir}/pkgconfdir/libgps.pc).
The fetcher will try:
1) PREMIRROR
2) Upstream
3) MIRROR
If it fails to download from the Upstream, but succeeds from the MIRROR,
and ud.localpath != origud.localpath (for example, the git tarball),
then we will get the error (e.g.: xf86-video-omapfb):
ERROR: Function failed: Fetcher failure for URL: 'xxx'. Unable to fetch URL from any source.
ERROR: Logfile of failure stored in: /path/to/log.do_fetch.28024
It should not show the error and let the build go on since it succeeds.
(e.g.: xf86-video-omapfb)
[YOCTO #5686]
(Bitbake rev: 3bb3f1823bdd46ab34577d43f1e39046a32bca77)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A typo was meaning that the mirror creation method wasn't being called
when it should have been. Fix the type to fix mirror tarball creation.
[YOCTO #5284]
(Bitbake rev: 66cdc2e21660847c50317e8bfd28cf3595422e28)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix to be HEAD of Dora, not master
(From OE-Core rev: abc158bf873bb7c01414e437eea2b538eb73881c)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently OpenBSC and LCR are not compatible with each other.
So far we have only included patches that add new defines and
do not change the wire format of messages. Just revert it so
we can have LCR talk to OpenBSC
When specifying tags, they're searched for unanchored so foo/bar could
match:
refs/heads/abc/foo/bar
refs/heads/xyz/foo/bar
refs/heads/foo/bar
This change anchors the expressions so they are based against heads
or tags (or any other base level tree that has been created).
(Bitbake master rev: df2e0972cd1db7abd5ec8b7cb295fb0c42e284a4)
(Bitbake rev: da93afe9834e137ed1e9410380181286c80198b5)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Even if 'egl' is in PACKAGECONFIG, mesa egl support
can be disabled explicitly (changing configure flags
using a .bbappend, for example).
On dora, meta-fsl-arm is an example of this kind.
On master there are no known cases, and we should
encourge package configuration through PACKAGECONFIG.
This patch adds another check for the existence
of eglplatform.h before 'sed' can alter it.
(From OE-Core rev: 97bc1bce9a226cc02db8a5afc2c0d4f4f70034a6)
Signed-off-by: Valentin Popa <valentin.popa@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't normally do this, but with the recent CVE fixes (most
importantly the one for the serious CVE-2014-0160 vulnerability) I am
bumping PR explicitly to make it a bit more obvious that the patch has
been applied.
(From OE-Core rev: 813fa9ed5e492e5dc08155d23d74127ca87304df)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This avoids a nasty sstate hash corruption issue where the
fact the testimage bbclass was inherited meant that the checksum
changed due to testimage.bbclass being confused with image.bbclass.
This patch anchors the bbclass names to avoid this confusion.
(From OE-Core master rev: 943a75a4f3b6877e4092dae14b59b7afef8cad3d)
(From OE-Core rev: 71b15a41652e280aca2a451073a83a25fb4e6f50)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since we now run depmod when building images (as the postinst that does
this is now on kernel-base instead of kernel-image) it is possible to
have module file differences between the two halves of the multilib image,
and the code that checks for such differences detects this and fails.
Whitelist this file to avoid the failure.
Specifically, modules.alias, modules.dep and modules.symbol can differ
along with their .bin counterparts.
Related to fix for [YOCTO #5392].
(From OE-Core master rev: 0a315804bf991664c0948e3024b8e8b9e9085808)
(From OE-Core rev: a2c026cf565897e4b0ba4c31c8762b41361649f4)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since kernel-base is the package that contains the files that depmod
needs to run, we should be running depmod from the kernel-base
postinstall rather than kernel-image.
Fixes [YOCTO #5392].
(From OE-Core master rev: f7d2cb383281ec8dfa90950ba04d87dd29ffc676)
(From OE-Core rev: ac92a5ab25ddfd8462c43bac6f93730b1e454a4f)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the "ABI safe" recipes, we've been excluding those from signatures. This
is fine in the general case but in the specific case of image recipes it breaks.
A good test case is the interfaces file. Editting this causes init-ifupdown
to rebuild but not an image containing it (e.g. core-image-minimal).
We need to ensure the checksums are added to the image recipes and this change
does that.
(From OE-Core master rev: fd085f15e7cd093953f974f69277e130174d551d)
(From OE-Core rev: 946ec90c5de1faa18c899e9b45efedc3d47b93bd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fixes the "heartbleed" TLS vulnerability (CVE-2014-0160). More
information here:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Patch borrowed from Debian; this is just a tweaked version of the
upstream commit (without patching the CHANGES file which otherwise
would fail to apply on top of this version).
(From OE-Core rev: c3acfdfe0c0c3579c5f469f10b87a2926214ba5d)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2
obtains a certain version number from an incorrect data structure, which
allows remote attackers to cause a denial of service (daemon crash) via
crafted traffic from a TLS 1.2 client.
(From OE-Core master rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd)
(From OE-Core rev: 33b6441429603b82cfca3d35e68e47e1ca021fd7)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet delivery,
related to ssl/d1_both.c and ssl/t1_enc.c.
(From OE-Core master rev: 94352e694cd828aa84abd846149712535f48ab0f)
(From OE-Core rev: 1e934529e501110a7bfe1cb09fe89dd0078bd426)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before
1.0.1f allows remote TLS servers to cause a denial of service (NULL
pointer dereference and application crash) via a crafted Next Protocol
Negotiation record in a TLS handshake.
(From OE-Core master rev: 35ccce7002188c8270d2fead35f9763b22776877)
(From OE-Core rev: a5060594208de172cb31ad406b34b25decd061e4)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>