| Age | Commit message (Collapse) | Author |
|---|
|
This reverts commit 09e695246d30ef9b73e743e0130e710e19793d14.
This isn't a Backport as indicated in patch and not all the changes in
this change are relevant to the CVE. Revert and wait for the fix
to be available upstream.
(From OE-Core rev: f39285bb82e68945a81034b84da09ca1078d6719)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 799b3cd1016bd765f4452a5e81ea5613c9089bce)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For u-boot recipes without menuconfig support, running devtool results
in a do_configure error:
cp: cannot stat '/home/r60874/upstream/fsl-xwayland/tmp/work/imx8mmevk-fsl-linux/u-boot-imx/2018.03-r0/u-boot-imx-2018.03//.config': No such file or directory
The problem arises because u-boot.inc supports recipes with and without
menuconfig.
Fix the problem by properly setting DEVTOOL_DISABLE_MENUCONFIG so that devtool
can control logic that applies only for menuconfig support.
(From OE-Core rev: 00e0bc966cc21e8560587c73e72858b9d2e8c891)
Signed-off-by: Tom Hochstein <tom.hochstein@nxp.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a6c430b0077eb56b4adbe391a0a05a52133cc8f0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The build was deciding whether to rename manpages based upon the presence of
/etc/debian_version. Be explicit about the configuration instead and
ensure determinism.
[YOCTO #13781]
(From OE-Core rev: 09c8a28893e7ca94a44232d802e1cb02a8f34b87)
(From OE-Core rev: 3d114c08c32578426646f5d97769d2c66fea06cb)
(From OE-Core rev: 7bc68f7b946b1aaaafb161a57aa889b200abc2eb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We need to sort python dict output to be deterministic and generate consistent
header files.
(From OE-Core rev: 75e4cedb986379db2e8a897df52ee1363f9a9a80)
(From OE-Core rev: fc6e8e527698a82bf8047d02e0e792c4a1a64449)
(From OE-Core rev: 7edd5e5fd392fe2bc5eb41e40ee49a2b0f118e41)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With a sequence like:
bitbake sysvinit
bitbake sysvinit -c clean
bitbake sysvinit -c package_write_ipk -f
then the resulting package has two files with group "root/70" rather
than "root/shutdown". The issue is that of do_package is a setscene
task, base-passwd isn't present. This patch fixes that dependency
but there may be other cases of this problem around.
[YOCTO #13776]
(From OE-Core rev: 0227e929021263c51d2e7db36224000fecb01f1c)
(From OE-Core rev: cbcba43c18d67aea0ba41f019b357fbec6570ee1)
(From OE-Core rev: bde90e407c8ae0b851534ae84d9d54980e908046)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
sudo uses AC_PATH_PROG to find target paths, which means at best
potential host-contamination (and reproducible issues) and at worst it
thinks sh is at /your/build/path/hosttools/sh.
Solve this by explicitly passing the correct paths to configure.
(From OE-Core rev: 61650dd8498a093f3bfa93202c9cd2e9a7fb7834)
(From OE-Core rev: 6e809474ab686fba6924d8b46fd0b9eab5c66c06)
(From OE-Core rev: 232430bdee74bb266ded6ccf2fb3842caad06181)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The build was injection git information from the wrong git tree, stop this
to allow reproducible builds.
(From OE-Core rev: 506b36b6d86b3454fcc3cb85f6229cbe8d14f5b5)
(From OE-Core rev: 2b68ffc6d7c45541958f1b0c0b9ca9e39064e096)
(From OE-Core rev: cd2e778771d836e04f76a0ff283c250dc19372c6)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The build was injection git information from the wrong git tree, stop this
to allow reproducible builds.
(From OE-Core rev: c3f6a6113f562ecdb13386c3ff52adb7973980a4)
(From OE-Core rev: 22dc9a3314eef5925241a9a961bd79815d3172b6)
(From OE-Core rev: f29b56b9c140a03edeba69ffc2dc9888b2fde106)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The suid/setcap code depends on whether setcap is on the host system or not
with suid as a fallback. Disable this functionality to be deterministic.
(From OE-Core rev: 8b00ec484fb851c301f13145e17707c0167feab1)
(From OE-Core rev: 3997c47dea49d583fd48cb03f83c007f61d2cb35)
(From OE-Core rev: 46f9c48dc11928ace672e9a3dea7c01d29cf3f04)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There was a build architecture leaking into the target ptest which
could vary depending upon host. Remove it as its cosmetic.
[YOCTO #13770]
(From OE-Core rev: 37db519eedb7eb5cd4f14d05f30f5d580aa7458d)
(From OE-Core rev: c31c676319812e6fc036741db2ab8e16eccff723)
(From OE-Core rev: 94113433887dab43d54f3a76b1e0aa1bacb0d086)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a patch which handles the following issues:
a) Remove the \n from configure_attr.sh since it gets quoted differently depending on
whether the shell is bash or dash which can cause the test result to be incorrect.
Reported upstream: https://github.com/arsv/perl-cross/issues/87
b) Sort the order of the module lists from configure_mods.sh since otherwise
the result isn't the same leading to makefile differences.
Reported upstream: https://github.com/arsv/perl-cross/issues/88
c) Sort the Encode::Byte byte_t.fnm file output (and the makefile depends whilst
there for good measure)
This needs to go to upstream perl (not done)
d) Use bash for perl-cross configure since otherwise trnl gets set to "\n" with bash
and "" with dash
Reported upstream: https://github.com/arsv/perl-cross/issues/87
(From OE-Core rev: 482fd0d99f989b5a72a25bdf402fb2f219420b5d)
(From OE-Core rev: def3a9d748564883d71c506726554df622701b00)
(From OE-Core rev: 1f630fe43ec3c3e78c25f93d6badc8a35ff782ad)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This was breaking reproducibility, and the files aren't needed on
target.
[YOCTO #13772]
(From OE-Core rev: 2e0f30c4680221c693495e3a0327378d502a518b)
(From OE-Core rev: 208efc88fa3c57244b272bf7e7f7f8163f14630c)
(From OE-Core rev: e120848c6bba6ce2cf910e762d53193d85280a98)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The list of resources is gathered with $(wildcard) in Make, which isn't
sorted. If this order changes then the generated libraries will differ.
(From OE-Core rev: f3675be6be29426688187a135221431a0941d007)
(From OE-Core rev: a2a6d9fa4df66a1f52c1c1fec45eedb4199e8162)
(From OE-Core rev: 5c38cdfc67fb2da167012190d24a607dc7b273ba)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous tweak for reproducibility didn't handle the duplicate
whitepace left behind, fix this.
[YOCTO #13771]
(From OE-Core rev: 0392fcbdc85180581ce7392212808ebb822cc2e8)
(From OE-Core rev: ca213de432d8d9d715ef09e17cea2aa1e6666e91)
(From OE-Core rev: 77be3238269de636199f9e1e40133711b7440cb4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is a bug in patch 2.7.3 and earlier where index lines
in patches can change file modes when they shouldn't:
http://git.savannah.gnu.org/cgit/patch.git/patch/?id=82b800c9552a088a241457948219d25ce0a407a4
This leaks into debug sources in particular (e.g. tcp-wrappers where
source files are read-only). Add the dependency to target recipes
to avoid this problem until we can rely on 2.7.4 or later.
We could try and remove all index lines from patch files but it will be a
losing battle. We could try and identify all the recipes which change
modes on files in patches but again, its a losing battle.
Instead, compromise and have patch-native as a dependency
for target recipes. We use patch-replacement-native since patch-native
is in ASSUME_PROVIDED.
Also add nativesdk-patch to buildtools-tarball.
[YOCTO #13777]
(From OE-Core rev: 5ed0840c93804488cd1c1aba6cb382b2434714a5)
(From OE-Core rev: fd3bd61a6fe5190c575dc968f3a0be9c1cbf21ed)
(From OE-Core rev: 148f1f8caf5d9a262c1f55e437326ce6139a743e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rsh is insecure and obsolete but tar will enable support if the binary is
on the host system. Some systems point it at ssh. Lets explictly disable it
for now unless someone actually needs/uses this at which point it could
become a packageconfig.
(From OE-Core rev: d14a4b0db92a9a7d1ff72a2e0faca7f1a23a0b68)
(From OE-Core rev: 6bdc5f787af46e9c849947cad06ad40aa401b767)
(From OE-Core rev: af4a284bb6fbfd8b58d10d4a5f0f10297c949912)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The man page date can vary depending upon the host perl, e.g. in Russian
some versions print 'июня', others 'Июнь' or Polish 'czerwca' or 'czerwiec'.
Rather than depend upon perl-native to fix this, just remove the date from
the manpages.
(From OE-Core rev: 5553c20f9fa4f35bf711b6b9d5717dcf4bfefafa)
(From OE-Core rev: 3653fd41fbc28f70259a00bb0098ec8731526449)
(From OE-Core rev: feaf05c39ffecd7a9fd8bd81fc1872ce26b7801e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This value was floating causing differences in generated files.
Set it determinstically.
(From OE-Core rev: 11d7a9e37c1d3fc21396a98fefc9d34c0b9e784b)
(From OE-Core rev: 8f77075425e2ef9c3b5adbf8e5b29e7cfd7b9b7a)
(From OE-Core rev: 60cdd912b565207b9f236116d8832719cfa9ccfd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes some issues with reproducible builds. Adds a patch to allow the
configure arguments to be omitted from the build and also explicitly
setting some autoconf paths that were picking up hosttools.
(From OE-Core rev: f54d60ee8f15229aa515e168b9c7d248663b48fe)
(From OE-Core rev: 164d72b7a6ab20940f9a124beaf485be9ddc07ba)
(From OE-Core rev: 055766f135b4373264827c5b33c8c385b1ff4748)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without setting this it will vary depending on which directories are present
on the host.
[YOCTO #13778]
(From OE-Core rev: 6217c3a7201b34888aa2fbae8b6e490bea545574)
(From OE-Core rev: 10357b0bf3f6b34b54c0329e7e392ecf2c7043cd)
(From OE-Core rev: 0e0111a9adad2faadfc825f14b0ad34c429ab95b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without setting this it will vary depending on which directories are present
on the host.
[YOCTO #13775]
(From OE-Core rev: 39fe849b56d70689846262c31ab7c182c8443923)
(From OE-Core rev: 51274c9b195ad00dd6362f352ad9bbf7e9a3e098)
(From OE-Core rev: 89f517c2775338db92874484c28b4224d670ec1f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Defers the resolution of the SOURCE_DATE_EPOCH until the variable needs
to be actually realized with a value. The previous method of loading the
value in anonymous python had issues because it could occur before other
anonymous python functions that affect the location of the epoch file,
such as when a recipe uses AUTOINC/AUTOREV or allarch.bbclass.
Also adds more logging to help diagnose issues in the future.
[YOCTO #13763]
(From OE-Core rev: b3313a10a3eb93f0a3710a35de0404fb49cd6202)
(From OE-Core rev: 10515e5f7e38edbc4430e2599062a9ce6fdb42a8)
(From OE-Core rev: 81d3832728aeae0e02e775bab9fc13e159fb61d3)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Adding newline characters between the packages in the failure output
massively improves readability.
Also ensure to output ipk failures when there are deb failures by
calling self.fail() at the end, else sometimes only partial differences
are returned.
(From OE-Core rev: 6e2e0480852177db75a6108d77c99c92c4e9950f)
(From OE-Core rev: 4d470f48f7fb5e05fba1ca3a59fb4f85d910026e)
(From OE-Core rev: 38359c79dc6e02a21d1bc26756c8bd88da762ef8)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
There is a sorting problem with opkg-build where the ipk generated is depending
upon the order of files on disk. The reason is the --sort option to tar only
influences the orders of files tar reads, not those passed by the -T option.
Add in a sort call to resolve this issue. To ensure consistent sorting we
also need to force to a specific locale (C) else the results are still not
deterministic.
(From OE-Core rev: a9b8287984c63420e10329a69f7ac5125f1687f8)
(From OE-Core rev: b577a6d923042cfc04e67d470e0987488ea61412)
(From OE-Core rev: ff31fa7ae18cffb1618c3859c5dff7eb3c587692)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Drop 00001-Switch-all-scripts-to-use-Python-3.x.patch
- Drop 00001-opkg-build-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch
- Drop pipefail.patch
(From OE-Core rev: bf51a4a1312562cc9b5944b7dfccba0b3d11dc3c)
(From OE-Core rev: 1b71c28e1ca4fddc0f3c340ea4bcd76854ef620c)
(From OE-Core rev: 428c8a3887c86ea882b264fdad606612b9d9eb8e)
Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Linux kernel compilation for aarch64 triggers ICE if
CONFIG_CC_OPTIMIZE_FOR_SIZE=y.
The rootcause is GCC bug #91102 'aarch64 ICE on Linux kernel with -Os'.
Apply the fix to 9.2.
(From OE-Core rev: 14f34d32bfdaa752f5043e62750d2e7b92c4b419)
(From OE-Core rev: 8ebd3b4ed4995f27c1568cf873067ce24b1998bd)
Signed-off-by: Taras Kondratiuk <takondra@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c06d69e6dccb849e60847a33593fa20e192feea2)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 30f4f40c4c92b000fa3356fae0504da233b0f601)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
patch for this CVE applies to v3.1.3pre1 not for v3.1.3.
patch already in v3.1.3.
see
https://git.samba.org/rsync.git/?p=rsync.git;a=commitdiff;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hp=bc112b0e7feece62ce98708092306639a8a53cce
(From OE-Core rev: 1e2739c821312527010fb0afbde5a20cd3f03d24)
(From OE-Core rev: be8838387b5dd06abd81cc478d3c2ab9c95930bc)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This reverts commit 175e6cb75ce328d51a9d4ad18c7e09d9fb92c2e1.
This change is already in bzip2 1.0.7. The change fixing a regression
caused by this change is in 1.0.8 which is the current version in zeus.
This isn't resulting in failures because the patch file isn't included
in SRC_URI.
(From OE-Core rev: ac6150563bd8e4cb2fa09a2777879afc993f1c20)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 832588c287d47604d8f717adfed6cc2ecd8c755e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
python3 has this but python is missing this.
[Yocto #13740]
(From OE-Core rev: af41a2238beec0c34c1c1e5f25eed55f2a214643)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Partial backport from WebKit.git. See patch for details.
Fixed in webkitgtk 2.26.1.
(From OE-Core rev: bc31d2d68135ce0a856db62519b370d6c05201f1)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some native tools dependency issues were seen while building with
external GCC tool-set rather than source GCC tool-set. While building
with source tool-set these dependencies were implicitly met which is not
the case with external tool-set. So explicitly state these native tools
dependencies.
(From OE-Core rev: 534b4a63299c6d74662c9d035238a0adb19cd1c7)
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Added patch for CVE-2019-12900 as backport from upstream.
Fixes out of bound access discovered while fuzzying karchive.
Tested by: Sana.Kazi@kpit.com
(From OE-Core rev: aec10c9993f04304466e15ea7a5bc4d85a357c5b)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
busybox as well as vlock utility from meta-oe provides vlock utility
which can conflict when with kbd if pam is a enabled distro_feature
Fixes image build errors
update-alternatives: Error: not linking <rootfs>/usr/bin/vlock to /bin/busybox.suid since <rootfs>/usr/bin/vlock exists and is not a link
ERROR: yoe-qt5-wayland-image-1.0-r0 do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget_${PN} ().
Deferring to first boot via 'exit 1' is no longer supported.
(From OE-Core rev: d00349526f5727fdff9b40c6139d95bd75af213d)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The vlock doesn't exist if PAM isn't enabled.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: De Huo <de.huo@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Downstream bug report: https://bugs.gentoo.org/661650
Upstream-Status: Backport [f7f357ef079b6d185f340e716d7c72a98d82bad0]
(From OE-Core rev: bb544a4d9b0b889d6acacdd73e3a790546fe13ba)
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Signed-off-by: De Huo <De.Huo@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11.
By default, if Bash is run with its effective UID not equal to its real UID,
it will drop privileges by setting its effective UID to its real UID.
However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality,
the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for
runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore
regains privileges. However, binaries running with an effective UID of 0 are unaffected.
Backport the CVE patche from https://github.com/bminor/bash/commit/
951bdaad7a18cc0dc1036bba86b18b90874d39ff to fix CVE-2019-18276
(From OE-Core rev: b348e31c93f08332667df65cd2ecec63631d184e)
Signed-off-by: Chet Ramey <chet.ramey@case.edu>
Signed-off-by: De Huo <De.Huo@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
see:
https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
(From OE-Core rev: 9fd363d21df59fff4488763d62548c936b4d14fb)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
If getpwduid fails, we don't see which file it failed on which is key information
to aid debugging. Print this information when exceptions are raised.
(From OE-Core rev: 2bba0052597020ea887c84419440df11f9859283)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9d7a5219713af8117eda145052c6d9abdf577d8f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We can have one taskhash which represents multiple native/cross sstate objects
since they're stored by BUILD_ARCH or possibly host distro (or host gcc version).
We need to put these into separate namespaces on hashserv since their outhashes
will never match and we need deterministic lookups for the different namespaces.
Use this extramethod option to handle this. This fixes several problematic
failures on the autobuilder.
(From OE-Core rev: 766b57a1f9030429b546276a537fbce3a175cc25)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2a76082363d189880613765ad339718e3614049d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Ensure that RECIPE_SYSROOT is the same for -native recipes whether
multilib.conf is included or not.
Without this change task signatures for -native recipes change when
switching between MACHINEs that require multilib.conf and those that
don't.
This fix was one of the ones suggested by Khem Raj in
http://lists.openembedded.org/pipermail/openembedded-core/2019-December/290303.html
Add test_sstate_multilib_or_not_native_samesigs test case to
sstatetests.py to ensure that this stays fixed.
(From OE-Core rev: c3e957409bf68e7b310e27781ac91d24cf4452bf)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit aa05f1ded71366b86eda7fce24d8b5395e85ada2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the naming of the loader on armhf to match what glibc expects:
#define GLIBC_DYNAMIC_LINKER_SOFT_FLOAT SYSTEMLIBS_DIR "ld-linux.so.3"
#define GLIBC_DYNAMIC_LINKER_HARD_FLOAT SYSTEMLIBS_DIR "ld-linux-armhf.so.3"
(From OE-Core rev: 70efe880589df1dfe7d71451d62d9d8e4afd7981)
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7ad531093d620f18c04d487d79e9dad9f5a96232)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Previously, there was SRC_DISTRIBUTE_LICENSES, an undocumented
variable that contained a static list of licenses. It was used by
expand_wildcard_licenses() to expand any wildcards used in, e.g.,
INCOMPATIBLE_LICENSE. However, since this static list of licenses has
not been kept up-to-date, many licenses were missing, with the result
that if one tried to use any of those licenses with a wildcard, no
licenses would be found, effectively ignoring that they should be
marked as incompatible.
This introduces a new (documented) variable, AVAILABLE_LICENSES, that
is automatically updated to contain all licenses found in any
directories specified by ${COMMON_LICENSE_DIR} and ${LICENSE_PATH},
and uses it instead of SRC_DISTRIBUTE_LICENSES when expanding
wildcards.
(From OE-Core rev: 5ed714139f91eb03871e01b68a4370784071234d)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c9ef587fe499c612a878a1ab42092eb79b334ef)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The SRC_DISTRIBUTE_LICENSES variable and its static list of licenses
has been replaced by AVAILABLE_LICENSES, which automatically contains
all available licenses.
(From OE-Core rev: c41f1c7f33a8a13ed8e6fd86b494cf460328a9e4)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 64daaf29e2c12c8b587bafdebf9409433187ddf7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since this file is written during recipe parsing, having it in the
${BUILDDIR}/conf directory, which is covered by an inotify watcher,
will trigger a re-parse the next time bitbake is run and the resident
bitbake server is enabled. This causes the sanity_info file to be
updated again, which triggers a new parse the next time bitbake is run
ad infinitum. Moving it to ${BUILDDIR}/cache should avoid this.
(From OE-Core rev: f1a609e7176a37e7e5f86f0b786f7da915085f83)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f98103b548aa7dba6b1be6c8e02ef41858a8e85c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Since the sanity_info file has moved from the conf directory to the
cache directory, there is no longer any need to clean it away
explicitly in clean_esdk_builddir() since the whole cache directory is
already cleaned away anyway.
(From OE-Core rev: f0ea8b49a183d9340aaf0c60ee959aa8ec3c041c)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 40c30990e1be72130819c040fe471e2bdc0c6e7d)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In commit 692b2046 (package: Fix race between do_package and
do_packagedata), the path used for do_packagedata[sstate-inputdirs]
was changed from "${PKGDESTWORK}" to "${WORKDIR}/pkgdata-pdata-input".
This commit adapts the path used for pkgdatadir in
toaster_package_dumpdata() accordingly to avoid setscene errors like:
ERROR: libgcc-9.2.0-r0 do_packagedata_setscene: Error executing a
python function in exec_python_func() autogenerated:
The stack trace of python calls that resulted in this
exception/failure was:
File: 'exec_python_func() autogenerated', lineno: 2, function:
<module>
0001:
*** 0002:toaster_package_dumpdata(d)
0003:
File: 'meta/classes/toaster.bbclass', lineno: 130, function:
toaster_package_dumpdata
0126: lpkgdata = {}
0127: datadir = os.path.join(pkgdatadir, 'runtime')
0128:
0129: # scan and send data for each generated package
*** 0130: for datafile in os.listdir(datadir):
0131: if not datafile.endswith('.packaged'):
0132: lpkgdata = _toaster_load_pkgdatafile(datadir,
0133: # Fire an event containing the pkg data
0134: bb.event.fire(bb.event.MetadataEvent(
Exception: FileNotFoundError: [Errno 2] No such file or directory:
'tmp/work/mips32r2el-nf-poky-linux/libgcc/9.2.0-r0/pkgdata/runtime'
(From OE-Core rev: c1d881448fea0bc48aba0bc0e5b8748442572226)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5a0f6f631b86f7107aa72453b6d23f32ba39f713)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Some mips 64 bit platforms use vmlinux.64 image name
Make a symbol link to vmlinux.64 in arch/mips/boot/
(From OE-Core rev: f9739e0f58f5d8a5dc01fdb0efaa778af4edd671)
Signed-off-by: Vasyl Gomonovych <gomonovych@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 70626b52e5e61c80018e9f1f85bc169d0434b986)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Anuj Mittal
Richard Purdie
Tom Hochstein
Ross Burton
Alexander Kanavin
Joshua Watt
Alejandro del Castillo
Taras Kondratiuk via Openembedded-core
Lee Chee Yang
Armin Kuster
Joe Slater
Sumit Garg
Sana Kazi
Hongxu Jia
De Huo
Mike Crowe
Alex Kiernan
Peter Kjellerstedt
Vasyl Gomonovych