64ff1449d0
This is the only available stable version with mitigation fixes for Spectre. Webkit upstream developers do not port CVE fixes to earlier stable series, no exception was made in this case. More information: https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-for-webkit/ https://webkitgtk.org/security/WSA-2018-0001.html https://webkitgtk.org/2018/01/10/webkitgtk2.18.5-released.html This commit also contains the following commits added in master branch after pyro release: === webkitgtk: Upgrade to 2.16.1 Fix build with gcc7 Move all patches to webkit folder Drop patches that were backports or have been upstreamed (From OE-Core rev: bfbdd1a2069f199be9ba0909dd512469ff17b65e) (From OE-Core rev: a70a8179eb8b8ebb6c9f9dc8fa6f26bb271b2954) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: remove native python dependency Using host python seems to be fine. (From OE-Core rev: 7cf80640f53bd8faa4874c2dad5f630a935475f6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Fix build for armv5 Detect atomics during configure (From OE-Core rev: 424ffbde2111130137e307eb9e598ad50451c865) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Upgrade to 2.16.3 Use bfd linker on ppc, this is because gold fails to link webkit libraries when PIE is enabled (From OE-Core rev: 8808d4b13a946499bc6e84a1be15f53d8ab3f673) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Upgrade to 2.16.5 Adjust some dependencies: libgcrypt is now required (instead of gnutls) and the following build deps where missing: gettext-native, glib-2.0 and glib-2.0-native. Also the CMake argument ENABLE_CREDENTIAL_STORAGE has been renamed to USE_LIBSECRET. This new upstream release (2.16.4 actually) includes security fixes for CVE: CVE-2017-2538 (From OE-Core rev: ef68005a8c527e9b1d05b7769f0ec8ebe9ec3f91) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.16.6 (From OE-Core rev: 198ccdbefa481f725492b5d8834213fe26431be5) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Do not use -isystem forcibly this causes include_next <stdlib.h> to not find this header since -isystem <sysroot> is added via cmake, we alrady are using --sysroot so rely on that (From OE-Core rev: a0f2d1389a7e76b64003fea391a0cd485ff5fe77) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Add a recommends on shared-mime-info. * without this package installed any WebKitGTK+ based browser will fail to correctly open html files (and other files) from disk (file:// URIs). It will open them as plain txt files. (From OE-Core rev: b708cb53b46d9d82a7853bcd0f25ef6bc417bd10) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: disable gobject-introspection on armv7a Disable gobject-introspection on armv7a and armv7ve to avoid do_compile failure: | qemu: uncaught target signal 11 (Segmentation fault) - core dumped | Segmentation fault (From OE-Core rev: bdddd81c8b4eab6bbf7a8697992b48cb5a30ae4a) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.18.3 gcc7.patch, musl-fixes.patch, and ppc-musl-fix.patch all change code that is no longer present in upstream tree. However, a patch with different musl fixes has been added. The rest of the patches are rebased to the new tree. Libtasn is a new dependency. Disable Gstreamer GL support on x86 due to clashing headers problem. (From OE-Core rev: 3acae2dcd130122fe76504ec855af78db829d6ec) === webkitgtk: fix build with musl and x32 Make the x32 check generic to make it work with musl as well. Fixes [YOCTO #12118] (From OE-Core rev: dbd604ccf34e304769937b15051c047561de47f7) === Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |
||
---|---|---|
bitbake | ||
documentation | ||
meta | ||
meta-poky | ||
meta-selftest | ||
meta-skeleton | ||
meta-yocto/conf | ||
meta-yocto-bsp | ||
scripts | ||
.gitignore | ||
.templateconf | ||
LICENSE | ||
README | ||
README.hardware | ||
oe-init-build-env | ||
oe-init-build-env-memres |
README
Poky ==== Poky is an integration of various components to form a complete prepackaged build system and development environment. It features support for building customised embedded device style images. There are reference demo images featuring a X11/Matchbox/GTK themed UI called Sato. The system supports cross-architecture application development using QEMU emulation and a standalone toolchain and SDK with IDE integration. Additional information on the specifics of hardware that Poky supports is available in README.hardware. Further hardware support can easily be added in the form of layers which extend the systems capabilities in a modular way. As an integration layer Poky consists of several upstream projects such as BitBake, OpenEmbedded-Core, Yocto documentation and various sources of information e.g. for the hardware support. Poky is in turn a component of the Yocto Project. The Yocto Project has extensive documentation about the system including a reference manual which can be found at: http://yoctoproject.org/documentation OpenEmbedded-Core is a layer containing the core metadata for current versions of OpenEmbedded. It is distro-less (can build a functional image with DISTRO = "nodistro") and contains only emulated machine support. For information about OpenEmbedded, see the OpenEmbedded website: http://www.openembedded.org/ Where to Send Patches ===================== As Poky is an integration repository (built using a tool called combo-layer), patches against the various components should be sent to their respective upstreams: bitbake: Git repository: http://git.openembedded.org/bitbake/ Mailing list: bitbake-devel@lists.openembedded.org documentation: Git repository: http://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/ Mailing list: yocto@yoctoproject.org meta-poky, meta-yocto-bsp: Git repository: http://git.yoctoproject.org/cgit/cgit.cgi/meta-yocto(-bsp) Mailing list: poky@yoctoproject.org Everything else should be sent to the OpenEmbedded Core mailing list. If in doubt, check the oe-core git repository for the content you intend to modify. Before sending, be sure the patches apply cleanly to the current oe-core git repository. Git repository: http://git.openembedded.org/openembedded-core/ Mailing list: openembedded-core@lists.openembedded.org Note: The scripts directory should be treated with extra care as it is a mix of oe-core and poky-specific files.