Paths to host tools that have been copied to ${HOSTTOOLS_DIR} may end
up in the sstate cache. They thus need to be corrected when restoring
from the sstate cache.
(From OE-Core rev: f8671aecf05a286dd2b34b07bb5fbbe0c31e26d0)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The path to where to install and find the tools copied from the host
environment is already used in a couple of places. This warrants it to
get its own variable.
(From OE-Core rev: 8164c466943ffedff399009bf5547dba4f06d6c8)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Avoids parser errors if PACKAGE_ADD_METADATA_DEB is set to an
empty value.
(From OE-Core rev: f0959c0908dfb386d29f13fcd3e57b2b004c6c14)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In deb control files, each line of a long description starts with
a single space. Empty lines are represented by a single space
followed by a single full stop character.
(From OE-Core rev: f66278f471c0bf9421ce2c55a56a144a0f9332bf)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add bash to /etc/shells if busybox is built with bash applet anabled
to fix login via dropbear.
(From OE-Core rev: 86a2db0b2997fd05882ae0119ef45b1ea5411d39)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Audio playback in gtk-play is broken with vaapi because the
visualizations do not work: disable visualizations as workaround.
This should be reverted as soon as [YOCTO #11410] is fixed.
(From OE-Core rev: 1092a8d4bc78a53f60ad0137aeb08b31853db9eb)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier
and other products, does not offer a flag directly indicating that
the current document may be read but other files may not be opened,
which makes it easier for remote attackers to conduct XML External
Entity (XXE) attacks via a crafted document.
Reference:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9318
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/?id=2304078555896cf1638c628f50326aeef6f0e0d0
(From OE-Core rev: 0dd44c00e3b2fbc3befc3f361624a3a60161d979)
Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2016-6170: ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and
9.11.x through 9.11.0b1 allows primary DNS servers to cause a denial of
service (secondary DNS server crash) via a large AXFR response, and
possibly allows IXFR servers to cause a denial of service (IXFR client
crash) via a large IXFR response and allows remote authenticated users
to cause a denial of service (primary DNS server crash) via a large
UPDATE message.
External References:
https://nvd.nist.gov/vuln/detail/CVE-2016-6170
Patch from:
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=1bbcfe2fc84f57b1e4e075fb3bc2a1dd0a3a851f
(From OE-Core rev: 14abd767349bc868ca59838f1af3aaf17dfe4350)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2016-8864: named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before
9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause
a denial of service (assertion failure and daemon exit) via a DNAME
record in the answer section of a response to a recursive query,
related to db.c and resolver.c.
External References:
https://nvd.nist.gov/vuln/detail/CVE-2016-8864
Patch from:
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=c1d0599a246f646d1c22018f8fa09459270a44b8
(From OE-Core rev: c06f3a5993c7d63d91840c2a4d5b621e946ef78f)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Something in the fetched webpage made the default regex matching really slow.
(From OE-Core rev: e4d1100a84e28cb97438c18df6d9f98996a7d578)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
After change to the rpm4, the rpm packages in lsbtest, such as:
lsb-setup-4.1.0-1.noarch.rpm
lsb-dist-checker-5.0.0.1-1.x86_64.rpm
......
lsb-cmdchk-5.0.3-1.x86_64.rpm
When install above rpm packages, the error log appears:
package lsb-setup-4.1.0-1.noarch is intended for a different operating system
......
So we should add option "--ignoreos" to the rpm install command in LSB_Test.sh
in ./meta/recipes-extended/lsb/lsbtest directory. In this way we can make sure
the correct installation of those rpm packages.
The YOCTO bug #11224 didn't create logs, this is because the above test rpm
packages didn't install.
[YOCTO #11224]
(From OE-Core rev: db2798d967dbffed834070b52fe778efa18cb4ae)
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These tools are not currently used for anything, but we should
still provide working versions of them.
[YOCTO #11400]
(From OE-Core rev: da11fbde6f8164e2774068b99bab84e4b6084713)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Make it slightly easier to support situations where the default path
needs to be over-ridden more than once.
(From OE-Core rev: 07390e3d45cdf244079a6b91175512ebac789da0)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Using bitbake variable syntax (i.e., ${FOO}) for shell variables is
bad practice. First of all it is confusing, but more importantly it
can lead to weird problems if someone actually defines a bitbake
variable with the same name as the shell variable.
Also use lower case for local shell variables.
(From OE-Core rev: ea6befae799f45cf93771442f242cb023dd809d1)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add python2 to HOSTTOOLS as, according to
https://www.python.org/dev/peps/pep-0394/, the command "python2" should be the
one used in scripts that are not yet ported to Python 3.
(From OE-Core rev: b85e41eeef3fddc2c15439cf78b8cc8542b5bc22)
Signed-off-by: Diego Rondini <diego.rondini@kynetics.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
pr is used by gstreamer1.0-libav during configure
(From OE-Core rev: cb6c02bd8c65ea033a939011cbba21ad0442acf0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sstates are cleaned when ruining test_devtool_virtual_kernel_modify to
have a clean environment but this is affecting eSDK test that are
dependent of those sstates, hence “cleansstate” is replaced for
“clean”.
[YOCTO #11300]
(From OE-Core rev: 182fdb97ed6c11c7b55fdb99773da6f72c9828b3)
Signed-off-by: Jose Perez Carranza <jose.perez.carranza@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
gstreamer-vaapi fails to play files with specific frame sizes
because of buffer allocation issues. Fix is a backport.
Fixes [YOCTO #11311].
(From OE-Core rev: e01eb9b37ba5512d6fd9893c70b1f4d766fab2ac)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This test was assuming the format of SRC_URI so broke when SRC_URI was changed.
Fix the test by hardcoding a complete SRC_URI instead of appending and hoping
for the best.
(From OE-Core rev: afe1d3073a435ef6c838cc676748842af4c4af83)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It was reported that do_validate_branches was failing with the following
error:
Log data follows:
| DEBUG: Executing shell function do_validate_branches
| HEAD is now at fe0fb8d Merge tag 'v4.10.9' into standard/base
| mkdir: cannot create directory .: File exists
|
| [ERROR] Can't find patch dir at ./patches/standard/base
| usage: kgit s2q
| WARNING: exit code 1 from a shell command.
| ERROR: Function failed: do_validate_branches
This was triggered by the execution of 'kgit-s2q --clean' after forcing
the SRCREV to something other than the tip of the branch. --clean is
being run to remove any sentinel files from previous kernel builds to
ensure that the tree is in a consistent state.
There were two bugs, --clean was being executed and not exiting the
script as it was supposed to. Hence validation for applying patches
was done, and threw the error that eventually makes it to the console.
And the second bug is that since do_validate_branches actually calls
kgit-s2q --clean, the dependency on kern-tools-native needs to be on
that function (versus do_kernel_metadata which runs later).
With the tweaked kern-tool + the dependency fix, we no longer see this
error.
(From OE-Core rev: 4d5890b54cbdac01ee748759578b7b22ed8e61a2)
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The commit 31dee7946340bf0f1e94e4e714191d3d6ca3bf6a added a new useradd and
groupadd option to specify a clear text password. The parsing logic in the
useradd-staticid class did not understand this new option. If the
meta-skeleton examples were run with the class enabled an error would be
generated, as an example uses the -P option.
Note, the code has a check that we do not attempt to set both a crypt and
clear text password. It is not allowed that these two options are set
at the same time, so we prefer the crypt option if they happen to be.
(From OE-Core rev: a1715970d5c454dd24d04972ffb9cf735b5d1338)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qemu-native-helper has an additional task that needs to be run in order
for testimage to work. This task is usually run by default in a full
build but there are use cases where it might be skipped. This commit
adds the dependency explicitly.
Also, this commit adds a try/catch error message to make it clearer what
you need to do if you try to run testimage before you have built or
downloaded the image artifacts.
[YOCTO #11375]
(From OE-Core rev: 6e019537b9eb3af482e474a8cb248fe7312f4b58)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit 7933fbbc637 "Security fix Drown via 1.0.2g update" included
a version-script change from Debian that was an ABI change. It did
not include the soname change that Debian did so we have been calling
our ABI 1.0.0 but it really matches what others call 1.0.2.
Bump SONAME to match the ABI. In practice this changes both libcrypto
and libssl sonames from 1.0.0 to 1.0.2.
For background: Upstream does not do sonames so these are set by
distros. In this case the ABI changes based on a build time
configuration! Debian took the ABI changing configuration and bumped
soname but e.g. Ubuntu kept the deprecated API and just made it not
work, keeping soname. So both have same version of openssl but support
different ABI (and expose different SONAME).
Fixes [YOCTO #11396].
Thanks to Alexander Larsson et al for detective work.
(From OE-Core rev: 1b430eef7131876bc735c22d66358379b0516821)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sadly this breaks previous OE releases as it means the source mirror contains a
tarball with the same name but different checksums as was previously available.
This reverts commit 99c6e89db1.
(From OE-Core rev: eb4fee616287ae731f7af52e0fe5fc81f2eea2c0)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This saves relative paths in the qemuboot.conf file instead of absolute
paths. This is to allow the images and kernels to be relocated and still
have the testimage and runqemu work.
[YOCTO #11375]
(From OE-Core rev: 235243d7be5df57df4767e4710b846e83f0aa9fd)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We pass the TOPDIR to do a search/replace in export2json so that we save
relative paths in the testdata.json file rather than absolute paths.
This is to allow the images and kernels to be relocated yet still allow
testimage to work.
[YOCTO #11375]
(From OE-Core rev: 7f9f1bdd714fbc6b2adc62f64bf0e4fd1d98ce05)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We want to be able to save relative paths so that we can relocate the
deploy dir images and kernels, yet still have qemu and testimage work
correctly. This extends export2json with 2 named arguments so a
search/replace operation can be done to remove the leading path.
[YOCTO #11375]
(From OE-Core rev: 4829f1ebd89dc91860cf72fbbdc7b6bb0d5822bc)
Signed-off-by: brian avery <brian.avery@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The single purpose of "map_kernel_arch" is to set
export ARCH = "some-arch"
The case when "some-arch" is not a valid Linux architecture results in an error.
This makes sense if the TARGET_OS is Linux, but that is not always the case.
kernel-arch is also inherited by toolchain-script, which may be used to build
toolchains for architectures not supported by Linux.
Rather than modifying toolchain-script to provide its own version of "map_arch"
this patch bypasses the error if the TARGET_OS is not linux.
(From OE-Core rev: 0b931e983b1f663d5d7dc65f1db7687334dd3ef2)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport patch from upstream to fix build failures on ppc and ppc64.
(From OE-Core rev: 705669f8221027b525773a512beb25a7ea5f0275)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
icedtea-native from meta-java needs sha256sum for checksum validation.
Therefore add sha256sum to HOSTTOOLS (as md5sum is already in there).
Without it the icedtea-native build will fail during configuration at
current master.
(From OE-Core rev: d0d3abdf9e2dec57f3849813faa5e7e3d34b83a4)
Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The architecture list used by dnf/libsolv was in the wrong order.
As a result, the images were built with wrong and unpredictable
packages.
$ MACHINE=intel-corei7-64 bitbake core-image-sato
$ MACHINE=qemux86-64 bitbake core-image-sato
$ MACHINE=intel-corei7-64 bitbake -ccleansstate core-image-sato
$ MACHINE=intel-corei7-64 bitbake core-image-sato
The first image had 0 core2_64 packages in it, but the last one had
583 core2_64 packages (which were built for the qemu image in
between).
Reverse the arch order in etc/dnf/vars/arch.
Fixes [YOCTO #11384].
(From OE-Core rev: 4a82433de42943f8219beca3286f40b67157172f)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In order to have a shared sysroot usable within the eSDK after recipe
specific sysroots were implemented, we need to run
bitbake build-sysroots as a separate call. However, unlike the first
call, --quiet wasn't being specified and that somewhat undermined the
earlier effort to clean up the eSDK installation output. Make this
second call quiet as well so that the output is tidier.
(From OE-Core rev: 56b73788edaa0796e53f1a30e9ebdb2ae85b1646)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie
Peter Kjellerstedt
Andreas Oberritter
Jussi Kukkonen
Catalin Enache
Yi Zhao
Alexander Kanavin
Dengke Du
Andre McCurdy
Diego Rondini
Khem Raj
Jose Perez Carranza
Ross Burton
Bruce Ashfield
Mark Hatle
brian avery
Aníbal Limón
brian avery
Juro Bystricky
Kai Kang
Richard Leitner
Paul Eggleton