Jan Luebbe [Thu, 18 Aug 2022 11:17:03 +0000 (13:17 +0200)]
openssh: add support for config snippet includes to ssh and sshd
This makes it simpler to set specific ssh/sshd config options by adding
snippet files to /etc/ssh/ssh_config.d/ or /etc/ssh/sshd_config.d/
instead of modifying a copy of the full configuration file. As new
snippets can be added from separate recipes, targeted changes can be
done in multiple layers.
These specific directories are also used in Debian's default
configuration.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 18 Aug 2022 18:58:07 +0000 (11:58 -0700)]
musl: Update to tip
brings in these fixes
* 37e18b7b freopen: reset stream orientation (byte/wide) and encoding rule
* bf992585 ldso: process RELR only for non-FDPIC archs
* d32dadd6 ldso: support DT_RELR relative relocation format
* 2404d9d6 use syscall_arg_t and __scc macro for arguments to __alt_socketcall
Yongxin Liu [Fri, 5 Aug 2022 02:42:19 +0000 (10:42 +0800)]
grub2: fix several CVEs
Backport CVE patches from upstream to fix:
CVE-2021-3695
CVE-2021-3696
CVE-2021-3697
CVE-2022-28733
CVE-2022-28734
CVE-2022-28735
Backport the following 5 patches to make CVE patches be applied smoothly.
video-Remove-trailing-whitespaces.patch
video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch
video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch
Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Jon Mason [Wed, 17 Aug 2022 16:00:31 +0000 (12:00 -0400)]
oeqa/parselogs: add qemuarmv5 arm-charlcd masking
On qemuarmv5, arm-charlcd is logging an error because the device isn't
present on the virtual machine. Mask it off, as that device could be
present on the physical hardware (and we want to use the same kernel
config as the real hardware).
Signed-off-by: Jon Mason <jdmason@kudzu.us> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Wed, 17 Aug 2022 07:04:37 +0000 (00:04 -0700)]
binutils: Disable gprofng when using clang
It does not yet compile with clang it comes with __ builtin___snprintf_chk Not Supported
formatted output of built-in functions check is failing with clang
somehow it seems to be compiler limitation. Therefore disable building
this component with clang for now
Awais Belal [Tue, 16 Aug 2022 13:58:55 +0000 (18:58 +0500)]
kernel-fitimage.bbclass: only package unique DTBs
The KERNEL_DEVICETREE and related variables could potentially have a device
tree listed multiple times and this works okay for most scenarios. However,
when we create FIT entries for these we get duplicate nodes and uboot-mkimage
fails with
fit-image-initramfs-image.its:219.58-229.19: ERROR (duplicate_node_names): /images/fdt-freescale_imx8mp-evk-ecspi-slave.dtb: Duplicate node name
fit-image-initramfs-image.its:307.50-317.19: ERROR (duplicate_node_names): /images/fdt-freescale_imx8mp-evk-ndm.dtb: Duplicate node name
fit-image-initramfs-image.its:362.54-372.19: ERROR (duplicate_node_names): /images/fdt-freescale_imx8mp-evk-rm67199.dtb: Duplicate node name
fit-image-initramfs-image.its:417.56-427.19: ERROR (duplicate_node_names): /images/fdt-freescale_imx8mp-evk-usdhc1-m2.dtb: Duplicate node name
fit-image-initramfs-image.its:648.59-658.19: ERROR (duplicate_node_names): /configurations/conf-freescale_imx8mp-evk-ecspi-slave.dtb: Duplicate node name
fit-image-initramfs-image.its:744.51-754.19: ERROR (duplicate_node_names): /configurations/conf-freescale_imx8mp-evk-ndm.dtb: Duplicate node name
fit-image-initramfs-image.its:804.55-814.19: ERROR (duplicate_node_names): /configurations/conf-freescale_imx8mp-evk-rm67199.dtb: Duplicate node name
fit-image-initramfs-image.its:864.57-874.19: ERROR (duplicate_node_names): /configurations/conf-freescale_imx8mp-evk-usdhc1-m2.dtb: Duplicate node name
ERROR: Input tree has errors, aborting (use -f to force output)
uboot-mkimage: Can't open arch/arm64/boot/fitImage.tmp: No such file or directory
We fix this by tracking the DTBs we're compiling in the FIT and only picking
up unique ones.
Bertrand Marquis [Thu, 11 Aug 2022 09:47:21 +0000 (10:47 +0100)]
sysvinit-inittab/start_getty: Fix respawn too fast
When an entry in /dev does not exist, start_getty is returning directly.
As it is started from init in a respawn mode, it will loop infinitely.
In this case add a sleep inside start_getty to prevent the "Respawning
too fast" message popping up every 5 minutes.
This case is happening quite often when the system is started as an
hypervisor guest as the standard serial line is usually taken by it and
removed from the configuration.
This was triggered quite often running linux as dom0 on top of Xen on
arm as the serial line is taken by Xen and removed from the device tree.
Use the opportunity to replace one tab with spaces as the rest of the
file is using spaces.
wangmy [Tue, 16 Aug 2022 00:05:39 +0000 (08:05 +0800)]
msmtp: upgrade 1.8.20 -> 1.8.22
Changelog:
==========
- The msmtpq script was updated.
- Added a new configuration command 'eval' to replace the current configuration
file line with the output of a command (similar to passwordeval, but more
general).
- Added a new configuration command 'set_msgid_header' with the default setting
'auto'. This adds a Message-ID header to the mail if none is present.
- msmtpd now adds a Received header
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 16 Aug 2022 09:30:25 +0000 (10:30 +0100)]
skeleton/service: Ensure debug path handling works as intended
DEBUG_PREFIX_MAP uses ${S} but that wasn't set correctly for this
recipe meaning cwd during the build (WORKDIR) was encoded into the
binary leading to buildpath warnings in debug symbols. Set S correctly
to avoid this issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 17 Aug 2022 17:17:39 +0000 (18:17 +0100)]
valgrind: Disable drd/tests/std_thread2 ptest
After improvements to debug sources handling I suspect that extra debug
information became available and is confusing this test. Disable it
for now until someone with more knowledge can resolve the issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Fri, 12 Aug 2022 16:17:20 +0000 (17:17 +0100)]
gcc: Resolve relative prefix-map filenames
Add a patch to gcc so that relative paths are handled by -fdebug-prefix-map
and friends. In OE we use relative paths in autotools and removing that
creates a lot of issues we'd have to fix. This alternative allows us to
fix the paths within gcc and improve our debug file coverage (and SPDX
manifests) accordingly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Thu, 21 Jul 2022 14:27:10 +0000 (15:27 +0100)]
gcc-cross: Fix relative links
Now that we're using absolute paths to run configure, there are absolute
path symlinks within gcc's output. Use our script that fixes these so
that the sstate objects work correctly.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 20 Jul 2022 12:28:03 +0000 (13:28 +0100)]
bitbake.conf: Handle S and B separately for debug mapping
We don't really need to keep S and B separate for debug source purposes
and there shouldn't be source references in WORKDIR that isn't S and B
either.
Separating these out simplifies the shared-work directory handling for
gcc and should also help fix external source usage. Therefore handle
S and B in DEBUG_PREFIX_MAP separately and clean up other code.
Indentation is reduced here as it is introduced on every compiler
commandline so minimising it is helpful.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This code was some of the earliest reproducible build work we did. To
correctly handle the encoding of file paths, we used relative build
paths to run configure which resulted in relative build paths in the
binaries.
We now have more modern approaches used elsewhere with the prefix remapping
options. These work best with absolute paths, not relative ones. As such,
drop the relative path mangling and switch to using prefix mapping
exclusively on absolute paths.
This makes the code matc the rest of the system and triggers the correct
code to be added in /usr/src/debug.
We have to include both file-prefix and debug-prefix since the assembler
only looks at debug-prefix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Tue, 19 Jul 2022 16:32:32 +0000 (17:32 +0100)]
package: Switch debug source handling to use prefix map
Reproducible builds are no longer a configuration option but are required.
We also rely on the prefix mapping capability of the compilers now.
As such, rewrite the source locating code to use the prefix maps instead
of taking a guess about WORKDIR which isn't correct for kernels, gcc,
externalsrc and probably more.
Instead, iterate the maps to locate any matching source code, keeping
in mind that multiple maps may map to one target location.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Sun, 14 Aug 2022 22:20:37 +0000 (15:20 -0700)]
libtirpc: Upgrade to 1.3.3
In this release a large number of deadlocks in the
in the multi-thread code were fix. A number of
memory leaks were plugged and a DoS was eliminated.
As well as a large number of bug fixes.
Khem Raj [Sun, 14 Aug 2022 03:08:50 +0000 (20:08 -0700)]
musl: Upgrade to latest tip of trunk
Rebase existing patches
Brings in following changes
* 46d1c780 fix strings.h feature test macro usage due to missing features.h
* baaf257f fix ESRCH error handling for clock_getcpuclockid
* 4f48da00 aarch64: add vfork
* 7d568410 fix mishandling of errno in getaddrinfo AI_ADDRCONFIG logic
* d16d7b10 early stage ldso: remove symbolic references via error handling function
* 63c67053 in early stage ldso before __dls2b, call mprotect with __syscall
* a23a3da2 avoid limited space of random temp file names if clock resolution is low
* 41002798 remove random filename obfuscation that leaks ASLR information
* 6c858d6f ensure distinct query id for parallel A and AAAA queries in resolver
* 8974ef21 mntent: fix potential mishandling of extremely long lines
* 751bee0e mntent: fix parsing lines with optional fields
* dcb31f6b fix constraint violation in qsort wrapper around qsort_r
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Simone Weiss [Fri, 12 Aug 2022 09:39:24 +0000 (11:39 +0200)]
json-c: Add ptest for json-c
Adapt json-c recipe to compile and deploy a ptest for json-c.
Also add a small script for executing the tests.
All tests were successful on a trial and took around 20 seconds.
Signed-off-by: Simone Weiß <simone.weiss@elektrobit.com> Signed-off-by: Kai Tomerius <kai.tomerius@elektrobit.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Tom Rini [Thu, 11 Aug 2022 15:40:05 +0000 (11:40 -0400)]
qemux86-64: Allow higher tunes
Back in 0be64e54a0e6 ("qemux86: Allow higher tunes") we moved the
qemux86 machine to using the core-i7 tune file, for maximum flexibility
and to allow for enabling advanced processor features if desired or
required by various packagess, without changing the default tune. Do the
same now for qemux86-64.
Cc: Joshua Watt <JPEWhacker@gmail.com> Cc: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Peter Marko [Thu, 11 Aug 2022 12:35:13 +0000 (14:35 +0200)]
create-spdx: handle links to inaccessible locations
When a link is pointing to location inaccessible to build user (e.g. "/root/something"),
filepath.is_file() throws "PermissionError: [Errno 13] Permission denied".
Fix this by first checking if it is a link.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Khem Raj [Thu, 11 Aug 2022 05:54:30 +0000 (22:54 -0700)]
zip: Make configure checks to be more robust
Newer compilers are strict and have turned some warnings into hard
errors which results in subtle configure check failures. Therefore fix
these tests and also enable largefile support via cflags when its
desired
Khem Raj [Thu, 11 Aug 2022 05:54:29 +0000 (22:54 -0700)]
zip: Enable largefile support based on distro feature
The configure test tries to run a binary during build to determine
largefile support, which wont work in cross-compile mode, therefore
specify it when largefile DISTRO_FEATURE is on.
Changqing Li [Tue, 9 Aug 2022 11:47:22 +0000 (19:47 +0800)]
apt: fix nativesdk-apt build failure during the second time build
Run following commands:
bitbake nativesdk-apt
bitbake nativesdk-apt -c install -f
The second command's do_install will fail with following error:
| /build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/recipe-sysroot-native/usr/bin/x86_64-wrlinuxsdk-linux/x86_64-wrlinuxsdk-linux-g++ -D_WITH_GETLINE=1 -Dapt_pkg_EXPORTS -I/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/build/include -I/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/build/include/apt-pkg --sysroot=/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/recipe-sysroot -O2 -pipe -fmacro-prefix-map=/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0=/usr/src/debug/nativesdk-apt/2.4.5-r0 -fdebug-prefix-map=/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0=/usr/src/debug/nativesdk-apt/2.4.5-r0 -fdebug-prefix-map=/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/recipe-sysroot= -fdebug-prefix-map=/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/recipe-sysroot-native= -fPIC -fvisibility=hidden -fvisibility-inlines-hidden -Wall -Wextra -Wcast-align -Wlogical-op -Wredundant-decls -Wmissing-declarations -Wunsafe-loop-optimizations -Wctor-dtor-privacy -Wdisabled-optimization -Winit-self -Wmissing-include-dirs -Wnoexcept -Wsign-promo -Wundef -Wdouble-promotion -Wsuggest-override -Werror=suggest-override -Werror=return-type -std=gnu++17 -MD -MT apt-pkg/CMakeFiles/apt-pkg.dir/tagfile-keys.cc.o -MF apt-pkg/CMakeFiles/apt-pkg.dir/tagfile-keys.cc.o.d -o apt-pkg/CMakeFiles/apt-pkg.dir/tagfile-keys.cc.o -c /build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/build/apt-pkg/tagfile-keys.cc
| /build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/build/apt-pkg/tagfile-keys.cc:1:10: fatal error: /include/apt-pkg/tagfile-keys.h: No such file or directory
| 1 | #include "/include/apt-pkg/tagfile-keys.h"
0/build/tmp-glibc/work/x86_64-nativesdk-wrlinuxsdk-linux/nativesdk-apt/2.4.5-r0/build/apt-pkg/tagfile-keys.cc
During the first command, do_install task changed tagfile-keys.cc, this
will make tagfile-keys.cc is newer than the built tagfile-keys.cc.o. So the second
do_install will rebuild tagfile-keys.cc.o. But the header path is
replaced wrongly, so fix the header path
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Kevin Hao [Tue, 9 Aug 2022 10:28:19 +0000 (18:28 +0800)]
uboot-config.bbclass: Don't bail out early in multi configs
Previously we had the support to build multiple u-boot configs for a
machine, but after the change in the commit 801a27d73b10
("uboot-config.bbclass: Raise error for bad key"), this anonymous
function would bail out after handling the first config in UBOOT_CONFIG.
This is definitely not what we want. Fix it by making sure all the
configs are handled.
Fixed: 801a27d73b10 ("uboot-config.bbclass: Raise error for bad key") Signed-off-by: Kevin Hao <kexin.hao@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
