| Age | Commit message (Collapse) | Author |
|---|
|
License-Update: added terms for cipher/cipher-gcm-ppc.c, still under GPL
(From OE-Core rev: d28c1f67c447f99313890e68083da61adcc66f74)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes: [YOCTO #13471]
(From OE-Core rev: 6db24928d62aeb093a0e6da6619713eaca57a96f)
Signed-off-by: Ida Delphine <idadelm@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop backports.
Add a patch that inserts missing spaces in Makefiles.
Drop determinism.patch: upstream has moved the git
stuff to an external script, which has a guard that
checkes for presence of .git/ in source tree.
License-Update: additional source file listed
(From OE-Core rev: ad2eae801c7809db3f4830f19efdad78d1a62d59)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Whitelisted below CVEs:
1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.
2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.
(From OE-Core rev: 2943efe3f56d394308f9364b439c25f6a7613288)
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 15f1143ad34586740dd782506ff393c4f3735614)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 260ea206a0729de9c31e8635474188604ef73332)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The build was injection git information from the wrong git tree, stop this
to allow reproducible builds.
(From OE-Core rev: 506b36b6d86b3454fcc3cb85f6229cbe8d14f5b5)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Upgrade libgcrypt. Upstream repo now has a pkg-config
feature. The new patch for compatibility with oe-core
is a replacement for a patch that added pkg-config as
a feature when upstream did not have it.
(From OE-Core rev: 53b73a39ae4a4c8db19fb18ef1881033f6b9ff51)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a
flush-and-reload side-channel attack because physical addresses are
available to other processes. (The C implementation is used on platforms
where an assembly-language implementation is unavailable.)
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-12904
Patches from:
https://github.com/gpg/libgcrypt/commit/1374254c2904ab5b18ba4a890856824a102d4705
https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
(From OE-Core rev: 37e390ff05b6a4509019db358ed496731d80cc51)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 1100e7f1519be91c90b139c337799c7ea635a8b3)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The LICENSES file contains references to source files with other
licenses than GPL/LGPL that stipulate that they shall be mentioned in
any documentation accompanying a product including this library.
License-Update: Add missing LICENSES file
(From OE-Core rev: 67bc0b3babd922c800a03c1370d6d33a75f273c1)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c15a7f739a929c3f43f17387c5a950c9d6a02203)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: cd34a6dc9f0507ed3514c7fb333b313a0b0590c2)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: e84d96a1cd82333b290942b095b4a9a4457b444e)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Update libgcrypt version from 1.8.0 to 1.8.1.
(From OE-Core rev: b26d1dc8767cd0a34da47a8eb3ab001cc86cd8cc)
Signed-off-by: Jussi Laako <jussi.laako@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch is backported from the upstream git repository to fix building
libgcrypt on armv6 platforms such as raspberrypi.
(From OE-Core rev: c47ed9aa7a34ef62b3ffaea6ebd5cc9e7c052899)
Signed-off-by: Paul Barker <pbarker@toganlabs.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport the fix from https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;
a=commit;h=bf76acbf0da6b0f245e491bec12c0f0a1b5be7c9
(From OE-Core rev: 3b827eff306c484d78d61b259cd5d4eef8df381c)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Rebase patches:
- add-pkgconfig-support.patch -> 0001
- libgcrypt-fix-building-error-with-O2-in-sysroot-path.patch -> 0002
- fix-ICE-failure-on-mips-with-option-O-and-g.patch -> 0003
- fix-undefined-reference-to-pthread.patch -> 0004
(From OE-Core rev: b90037da8754009ca7cf2ab996b46b3dae1eb204)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libtool tries to guess the --tag value based on CC/CXX environment
variables and the compile commandline generated by makefiles. This
heuristics however fails when we construct CC variables in OE
and add security flags to it, especially -fPIE -pie which are added
by external compilers e.g. clang particularly. It fails because
libtool removed PIE flags from compiler cmdline intelligently
if it figures out that its building a library, which means that
the CC variable passed from cmdline does not match with the compiler
cmdline constructed by libtool and we end up with errors like
| arm-bec-linux-musleabi-libtool: compile: unable to infer tagged configuration
| arm-bec-linux-musleabi-libtool: error: specify a tag with '--tag'
This works with internal gcc toolchain because we configure gcc for
PIE when hardening is selected and dont pass -fPIE -pie options explicitly
but this is not an option for clang, and some external gcc toolchains
using older gcc
This patch adds the --tag option to help libtool set correct tags
in packages where it cant get it right via its heuristics
(From OE-Core rev: 0505075ae8d339ba097aebb82b4d0ae62f87c0a9)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixes CVE-2017-7526, 'flush+reload side-channel attack on RSA secret keys dubbed
"Sliding right into disaster"'.
(From OE-Core rev: c4c2fb3732dbb290b7f0ca43af2e8662f99e4582)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 4b48c0afdf24c4fc71479893c262b5f35d8c188a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 99392e366047ee14e0ac94ac0ad2d97fed02e097)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This works ok with thumb2 as well now a days
It was added in 2006
http://git.openembedded.org/openembedded/commit/?id=037b00e3d629962e8d2bc4fcc944c9ecf9a240be
(From OE-Core rev: 9f3401eb2c7ee6a4cf9c1b0cdeb61c8c0fdd2301)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 22e17785744e001eae8387dab853e6b9d5468211)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add PACKAGECONFIG options for 'capabilities' which enables the libcap
dependency.
(From OE-Core rev: a7dfe49a1236b0eb1cebcfe490bb0da68e3252a0)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Enable nativesdk on this recipe.
(From OE-Core rev: 798edc3f9931bae4481e09287ac00002ad30654f)
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 0a6c2db4d79288fc8c9bebbf7d93bf142d358f7e)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 88abc4bc9a4e0b4d1e223827fe279b8f008af8a2)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- Add fix-undefined-reference-to-pthread.patch to fix undefined
reference to `pthread_create'
(From OE-Core rev: f9ed35ec4aeca0a37e8b00a0b185abf1b87db0d1)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
https version seems more reliable and in an informal test fetching
all gnupg recipes now takes <20% of the time it used to.
Define GNUPG_MIRROR in bitbake.conf so future tweaks to this are
easier. Replace some slower mirrors with the official ftp site
and another from gnupg.org mirror list.
Set UPSTREAM_CHECK_URI in all recipes that need it to
"https://gnupg.org/download/index.html" as the directory listings
are not up-to-date.
(From OE-Core rev: dfc9178e2f2b6873ca497d981e308e00d15280b5)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Noteworthy changes in version 1.6.5 (2016-02-09) [C20/A0/R5]
------------------------------------------------
* Mitigate side-channel attack on ECDH with Weierstrass curves
[CVE-2015-7511]. See http://www.cs.tau.ac.IL/~tromer/ecdh/ for
details.
* Fix build problem on Solaris.
(From OE-Core rev: 1146a4bb3af167c75bdea3e75e6f1e80b45cc721)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: c6d4581e81460162d6c94dd4136d9675c17a3ab4)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix a variety of problems such as typos, bad punctuations, or incorrect
Upstream-Status values.
(From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Because dumpsexp.c is GPLv3. So pick up the dumpsexp and modified license to GPLv3.
(From OE-Core rev: 18cc7893e453bb10e395ff81dd10c0b5872a1742)
Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 7a5882310a6619a926f047c517fe6fa3f5f32e7a)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It works well now, and bump the PR to avoid:
configure: error: source directory already configured; run "make distclean" there first
(From OE-Core rev: 05020b08ecb55f27164c67eda494377e4a70e606)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Remove backported patch
(From OE-Core rev: a1ebad9242eb3c94505383c4558e4d9476298c5d)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libgcrypt.so.20 contains .text relocations, backport a patch
to fix it.
(From OE-Core rev: a81d59bc8d13402725f0f5b42af92332570484d3)
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removing all m4 files in the m4 directory led to a number of non-fatal
errors while running configure when the expected m4 macros could not
be found.
(From OE-Core rev: b43b6bae5b164f641233dcd2e373f3cae26273a6)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This adds a binconfig-disabled class which can be used by recipes where
a -config file is installed but we wish to disable it and just rely on
the .pc files instead.
Rather than simply deleting it, we make the script "exit 1" so that it
can be found in PATH and raise a build error rather than something
silently falling back to the build system for example.
Rather than randomly finding -config files, this adds in the
specification of a list of binconfig scripts which is more deterministic
and maintainable moving forward.
This patch converts various users in OE-Core to use this, a world build
of OE-Core tests out ok with this change. There will likely be issues in
other layers however, hence this being a RFT.
(From OE-Core rev: 5870bd272b0b077d0826fb900b251884c1c05061)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fixed:
rm: cannot remove `/path/libgcrypt-1.6.1/m4/*.m4': No such file or directory
We would meet this error if we stop the configure and run again.
(From OE-Core rev: 2d13380c6546bb41afa53227f1571bd2908ceca2)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Hit a ICE and could reduce it to the following minimal example:
1. Only the size of array assigned with 2 caused the issue:
$ cat > mipgcc-test.c << END
int main (int argc, char **argv)
{
char *pStrArry[ARRAY_SIZE_MAX] = {"hello"};
int i = 0;
while(pStrArry[i] && i<ARRAY_SIZE_MAX)
{
printf("%s\n", pStrArry[i]);
i++;
}
return 0;
}
END
2. Only -O1 and -g on mips caused the issue:
$ mips-poky-linux-gcc -O1 -g -o mipgcc-test mipgcc-test.c
mipgcc-test.c: In function 'main':
mipgcc-test.c:18:1: internal compiler error: in dwarf2out_var_location, at dwarf2out.c:20810
}
^
Please submit a full bug report,
with preprocessed source if appropriate.
See <http://gcc.gnu.org/bugs.html> for instructions
[YOCTO #6034]
3. The quick workround is trying to enlarge the size of array with larger
than 2.
4. File a bug to GNU, but it could not be reproduced on there environment.
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60643
(From OE-Core rev: 4af0c70c70809c8f03d7ba14745d79e3c6e35b2e)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Use pkg-config instead of -config files in the m4 macros.
(From OE-Core rev: 74d73cf1e4607cb313b5e4c7138b555d5999a46d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: fd2848df50bec43248cab6ccdea2358be4719473)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The class itself currently does nothing. The idea is to mark all recipes that
make use of the texinfo utilities. In the future, this class could be used to
suppress the generation/formatting of documentation for performance,
explicitly track dependencies on these utilities, and eliminate Yocto's
current dependency on the host system's texinfo utilities.
(From OE-Core rev: e6fb2f9afe2ba6b676c46d1eb297ca9cc532d405)
Signed-off-by: Max Eliaser <max.eliaser@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch goes through the OE-Core recipes and marks those which use autotools
but don't support a separate build directory (${S} != ${B}). A new class,
autotools-brokensep is used for this purpose.
This doesn't introduce any change in behaviour in its own right.
(From OE-Core rev: 006b8a7808a58713af16c326dc37d07765334b12)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A lot of our recipes had short one-line DESCRIPTION values and no
SUMMARY value set. In this case it's much better to just set SUMMARY
since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY
is at least useful. I also took the opportunity to fix up a lot of the
new SUMMARY values, making them concisely explain the function of the
recipe / package where possible.
(From OE-Core rev: b8feee3cf21f70ba4ec3b822d2f596d4fc02a292)
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Characters like '-O2' or '-Ofast' will be replaced by '-O1' when
compiling cipher. If we are cross compiling libgcrypt and sysroot
contains such characters, we would get compile errors because the
sysroot path has been modified.
Fix this by adding whitespaces before and after the original matching
pattern in the sed command.
[YOCTO #5628]
(From OE-Core rev: 84514834417e022660e7b3a540910d2d6fb12337)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This isn't recognised by configure, and the random number daemon that requires
Pth isn't enabled.
(From OE-Core rev: 6553c807e19042d3b6add4e7c4b3999fb641abe6)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: ef13891b3bc69b05ee01ae767fc21f46e05bcadd)
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Alexander Kanavin
Meh Mbeh Ida Delphine
saloni
Richard Purdie
Trevor Gamblin
Yi Zhao
Hongxu Jia
Peter Kjellerstedt
Juro Bystricky
Alexander Kanavin
Jussi Laako
Paul Barker
Khem Raj
Ross Burton
Nathan Rossi
Fan Xin
Jussi Kukkonen
Andre McCurdy
Lei Maohui
Robert Yang
Saul Wold
Jackie Huang
Max Eliaser
Paul Eggleton
Chen Qi