]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/log
thirdparty/openembedded/openembedded-core.git
4 years agosubversion: upgrade 1.14.0 -> 1.14.1
Richard Purdie [Mon, 15 Feb 2021 22:34:39 +0000 (22:34 +0000)] 
subversion: upgrade 1.14.0 -> 1.14.1

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agodistutils3-base: Fix after native packaging changes
Richard Purdie [Tue, 16 Feb 2021 11:34:23 +0000 (11:34 +0000)] 
distutils3-base: Fix after native packaging changes

Now that native recipes have PACKAGES, this DEPENDS construct doesn't
work. It applies to target and nativesdk recipes so adjust accordingly.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolocal.conf.sample.extended: fix double 'of' typo
Vivien Didelot [Tue, 16 Feb 2021 18:47:00 +0000 (13:47 -0500)] 
local.conf.sample.extended: fix double 'of' typo

Remove the redundant 'of' word in the INITRAMFS_IMAGE comment.

Signed-off-by: Vivien Didelot <vdidelot@pbsc.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoselftest/reproducible: Update exclusions
Richard Purdie [Mon, 15 Feb 2021 23:36:42 +0000 (23:36 +0000)] 
selftest/reproducible: Update exclusions

Add ruby-ri-docs and meson back as not reproducible, remove watchdog,
xorg-minimal-fonts and xmlto as issues fixed.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoxmlto: Fix reproducibility
Richard Purdie [Mon, 15 Feb 2021 23:46:06 +0000 (23:46 +0000)] 
xmlto: Fix reproducibility

Don't hardcode the host's grep path into xmlto.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoxorg-fonts-minimal: Fix reproducibility
Richard Purdie [Mon, 15 Feb 2021 23:41:29 +0000 (23:41 +0000)] 
xorg-fonts-minimal: Fix reproducibility

When installing the font files, preserve their timestamp rather than using
the current time which fixes reproducibility issues.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agowatchdog: Avoid reproducibility failures after fixing build
Richard Purdie [Tue, 16 Feb 2021 11:22:33 +0000 (11:22 +0000)] 
watchdog: Avoid reproducibility failures after fixing build

Add some temporary bumps to versions to change the output hash so
the fix applies correctly. Can be dropped next time we update the
recipe and the output changes.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agowatchdog: Fix determinism issue from sendmail host path
Richard Purdie [Mon, 15 Feb 2021 21:34:25 +0000 (21:34 +0000)] 
watchdog: Fix determinism issue from sendmail host path

The build was injecting the path of the host's sendmail binary. Set
this deterministically to match OE's path for it.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agooeqa: reproducible: Add more logging
Joshua Watt [Sun, 14 Feb 2021 19:12:58 +0000 (13:12 -0600)] 
oeqa: reproducible: Add more logging

The reproducible build tests can take a long time, so having more
logging messages at various points in the build can help debug where the
build is taking a long time.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agooeqa: reproducible: Fix SSTATE_MIRRORS variable
Joshua Watt [Sun, 14 Feb 2021 19:12:41 +0000 (13:12 -0600)] 
oeqa: reproducible: Fix SSTATE_MIRRORS variable

The SSTATE_MIRRORS variable was misspelled, which allowed the "clean"
test build to pull from the mirror.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agobuildtools-extended-tarball: Add glibc-gconvs needed for build
Richard Purdie [Sun, 14 Feb 2021 14:41:13 +0000 (14:41 +0000)] 
buildtools-extended-tarball: Add glibc-gconvs needed for build

When building vim it tries to rebuild files using iconv. If this fails
the build continues anyway but the output is not determnistic as builds
using a hosttools tarball are different from builds where there isn't a
hosttools tarball. Add the needed gconvs to the tarball when iconv is
present to become determistic and generate vim locales consistently.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoquilt: Be determnistic about column presence
Richard Purdie [Sun, 14 Feb 2021 14:40:04 +0000 (14:40 +0000)] 
quilt: Be determnistic about column presence

I've seen local differences in the quilt output depending on whether the column
binary was available in the sysroot. Fix determinism issues by being specific
about configuration.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agopackage_manager/deb: Fix image generation with package removal
Richard Purdie [Sun, 14 Feb 2021 14:38:21 +0000 (14:38 +0000)] 
package_manager/deb: Fix image generation with package removal

When building SDKs with the deb backend you could see errors like:

Setting up nativesdk-python3-ndg-httpsclient (0.5.1-r0) ...
mkdir: cannot create directory ‘/usr/lib/opkg’: Permission denied
dpkg: error processing package nativesdk-python3-ndg-httpsclient (--configure):

which is due to environment misconfiguration when removing packages.

Fix this by setting the same environment variables as used for installation.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agovim: Fix a race over creation of the desktop files
Richard Purdie [Mon, 15 Feb 2021 23:32:04 +0000 (23:32 +0000)] 
vim: Fix a race over creation of the desktop files

The LINGUAS file can be written by two different Makefile targets
and if they race, the desktop file contents isn't deterministic.

Fix the makfile to avoid this.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agovim: Improve determinism
Richard Purdie [Sun, 14 Feb 2021 13:29:11 +0000 (13:29 +0000)] 
vim: Improve determinism

Add a couple of configure options to avoid determism issues in the vim build.
This can happen due to the addition of glib-2.0 to the native sysroot through
later task additions to the sysroot through indirect dependencies.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoweston-init: Fix weston-keyboard path in weston.ini
Marek Vasut [Sun, 14 Feb 2021 14:40:45 +0000 (15:40 +0100)] 
weston-init: Fix weston-keyboard path in weston.ini

The weston-keyboard executable is installed into /usr/libexec
instead of /usr/lib/weston , correct the path in weston.ini .

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Khem Raj <raj.khem@gmail.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agocwautomacros: Ensure version is set deterministically
Richard Purdie [Sun, 14 Feb 2021 12:05:10 +0000 (12:05 +0000)] 
cwautomacros: Ensure version is set deterministically

The makefile injects the current date into the version file. Do this
deterministically with SOURCE_DATE_EPOCH.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoclasses: Drop now unneeded umask flags
Richard Purdie [Sun, 14 Feb 2021 11:47:13 +0000 (11:47 +0000)] 
classes: Drop now unneeded umask flags

Now that 022 is the default in BB_DEFAULT_UMASK in bitbake.conf, we
don't need any of these task flags, clean up.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agobitbake.conf: Set as default task umask of 022
Richard Purdie [Sun, 14 Feb 2021 11:42:23 +0000 (11:42 +0000)] 
bitbake.conf: Set as default task umask of 022

Rather than trying to set the umask of every task to the correct
value for determinism, set one value globally. This uses a new
bitbake variable so bump the minimum version to match.

This fixes strange determinism issues in at least quilt-ptest,
valgrind-ptest and kernel-devsrc.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agogo: Update to 1.15.8
Khem Raj [Sun, 14 Feb 2021 08:49:05 +0000 (00:49 -0800)] 
go: Update to 1.15.8

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agomusl: Update to latest master
Khem Raj [Sun, 14 Feb 2021 08:05:15 +0000 (00:05 -0800)] 
musl: Update to latest master

Brings in following changes

e5d28236 riscv64: define ELF_NFPREG
964104f9 math: fix expm1f overflow threshold
c4c38e63 math: fix acoshf for negative inputs
074932c8 fix possible fd leak via missing O_CLOEXEC in pthread_setname_np
9b77aaca oldmalloc: preserve errno across free
98b9df99 fix build regression in oldmalloc
2010df0d preserve errno across free
9afed99c fix inconsistent signature of __libc_start_main
dd5b6384 fail posix_spawn file_actions operations with negative fds

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agotar: update to 1.34
Oleksandr Kravchuk [Sun, 14 Feb 2021 01:22:13 +0000 (02:22 +0100)] 
tar: update to 1.34

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agomtd-utils: Remove duplicate assignments to alternative link names
Thomas Viehweger [Sat, 13 Feb 2021 22:04:03 +0000 (23:04 +0100)] 
mtd-utils: Remove duplicate assignments to alternative link names

The two duplicate lines are not needed. The existence is confusing.

Signed-off-by: Thomas Viehweger <patchesThomas.Vie@web.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agogdb: Drop SIGRTMIN definition patch
Khem Raj [Sat, 13 Feb 2021 20:01:41 +0000 (12:01 -0800)] 
gdb: Drop SIGRTMIN definition patch

This has been already fixed in gdb via
https://sourceware.org/pipermail/gdb-patches/2015-October/128532.html

and W_STOPCODE is fixed by including gdbsupport/gdb_wait.h in nat/linux-nat.h

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosystemd: Simplify mount error patch
Richard Purdie [Sat, 13 Feb 2021 17:21:15 +0000 (17:21 +0000)] 
systemd: Simplify mount error patch

As mentioned during review, this patch can be less invasive and hence easier
to maintain. Improve as such.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agopseudo: Update to include fixes for glibc 2.33
Richard Purdie [Mon, 15 Feb 2021 20:52:57 +0000 (20:52 +0000)] 
pseudo: Update to include fixes for glibc 2.33

Pull in the changes:
makewrappers: Fix glibc 2.33 fstatat usage issues
ports/linux: Add wrapper for fstatat/fstatat64 in glibc 2.33

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoyocto-uninative.inc: version 3.0 incorporate seccomp filter workaround
Michael Halstead [Sat, 13 Feb 2021 06:27:54 +0000 (22:27 -0800)] 
yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoshaderc: remove the receipe configure hack and use a patch for that
Jose Quaresma [Sat, 13 Feb 2021 00:59:22 +0000 (00:59 +0000)] 
shaderc: remove the receipe configure hack and use a patch for that

[Yocto #14226]

[RP: Small patch filename fixup to allow to build]
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoglslang: add comment about unversioned libraries
Jose Quaresma [Sat, 13 Feb 2021 00:59:21 +0000 (00:59 +0000)] 
glslang: add comment about unversioned libraries

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoglslang: generate glslang pkg-config
Jose Quaresma [Sat, 13 Feb 2021 00:59:20 +0000 (00:59 +0000)] 
glslang: generate glslang pkg-config

- it will be useful for shaderc

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agospirv-tools: build all libaries as shared
Jose Quaresma [Sat, 13 Feb 2021 00:59:19 +0000 (00:59 +0000)] 
spirv-tools: build all libaries as shared

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agospirv-tools: disable tests
Jose Quaresma [Sat, 13 Feb 2021 00:59:18 +0000 (00:59 +0000)] 
spirv-tools: disable tests

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agocryptodev: upgrade to 1.12
Oleksandr Kravchuk [Fri, 12 Feb 2021 01:41:01 +0000 (02:41 +0100)] 
cryptodev: upgrade to 1.12

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoffmpeg: move ffmpeg config into packageconfig
Suji Velupillai [Fri, 12 Feb 2021 19:25:20 +0000 (11:25 -0800)] 
ffmpeg: move ffmpeg config into packageconfig

Move ffmpeg configuration options to Yocto PACKAGECONFIG options.

Signed-off-by: Suji Velupillai <suji.velupillai@broadcom.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoselftest/reproducible: Remove no longer needed exclusions
Richard Purdie [Sat, 13 Feb 2021 16:14:20 +0000 (16:14 +0000)] 
selftest/reproducible: Remove no longer needed exclusions

It appears these exclusions are no longer needed with master, drop
them and improve our reproducibilty metrics.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoselftest/reproducible: Sort the unused exclusion list
Richard Purdie [Sat, 13 Feb 2021 15:57:32 +0000 (15:57 +0000)] 
selftest/reproducible: Sort the unused exclusion list

This makes comparisions between lists easier.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoselftest/reproducible: track unusued entries in the exclusion list
Alexander Kanavin [Fri, 12 Feb 2021 19:35:10 +0000 (20:35 +0100)] 
selftest/reproducible: track unusued entries in the exclusion list

This helps with trimming down the list, and towards 100% reproducibility :)

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoweston: remoting backend requires GStreamer base plugins
Joshua Watt [Fri, 12 Feb 2021 16:51:46 +0000 (10:51 -0600)] 
weston: remoting backend requires GStreamer base plugins

The remoting backend of weston requires the GStreamer base plugins, so
add them to the PACAKGECONFIG depends list.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolibomxil: Fix up commercial license flag
Joshua Watt [Fri, 12 Feb 2021 16:51:57 +0000 (10:51 -0600)] 
libomxil: Fix up commercial license flag

The commercial license flag on libomxil is set because it may include
the Adaptive Multi-Rate audio codec (AMR) using FFmepg, which is patent
encumbered.

It turns out this component is disabled by default in the recipe; add a
PACKAGECONFIG to enable it and trigger the "commercial" LICENSE_FLAGS on
it. This make the default build configuration clean unless a user
specifically asks for AMR support, and prevents them from marking the
recipe with the "commerical" flag unnecessarily which could hide
potential problems later on.

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agonativesdk-buildtools-perl-dummy: Add new autoconf dependencies
Richard Purdie [Sat, 13 Feb 2021 10:00:22 +0000 (10:00 +0000)] 
nativesdk-buildtools-perl-dummy: Add new autoconf dependencies

When used in SDKs we need to provide the perl modules used by autoconf.
Add new ones needed by recent changes.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoautoconf: Add missing perl modules to rdeps
Khem Raj [Fri, 12 Feb 2021 07:59:52 +0000 (23:59 -0800)] 
autoconf: Add missing perl modules to rdeps

Calling autoreconf with on-device sdk fails due to missing perl modules
which are required for it to work with autoconf 2.71+

Fixes
Can't locate File/Temp.pm in @INC (you may need to install the File::Temp module) (@INC contains: /usr/share/autoconf /usr/lib/perl5/site_perl/5.32.0/riscv32-linux /usr/lib/perl5/site_perl/5.32.0 /usr/lib/per
l5/vendor_perl/5.32.0/riscv32-linux /usr/lib/perl5/vendor_perl/5.32.0 /usr/lib/perl5/5.32.0/riscv32-linux /usr/lib/perl5/5.32.0 .) at /usr/bin/autoreconf line 50.
BEGIN failed--compilation aborted at /usr/bin/autoreconf line 50.

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoglibc: add workaround for faccessat2 being blocked by seccomp filters uninative-3.0
Ross Burton [Thu, 11 Feb 2021 14:46:45 +0000 (14:46 +0000)] 
glibc: add workaround for faccessat2 being blocked by seccomp filters

Older seccomp-based filters used in container frameworks will block faccessat2
calls as it's a relatively new syscall.  This isn't a big problem with
glibc <2.33 but 2.33 will call faccessat2 itself, get EPERM, and thenn be confused
about what to do as EPERM isn't an expected error code.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agonpm.bbclass: avoid building target nodejs for native npm recipes
Yoann Congal [Tue, 9 Feb 2021 15:53:46 +0000 (16:53 +0100)] 
npm.bbclass: avoid building target nodejs for native npm recipes

The current recipe unconditionally RDEPENDS on nodejs (the target one).
When building on the "-native recipe" of "BBCLASSEXTEND native" recipe,
the target nodejs is unnecessarily built.

This patch fixes this by only RDEPENDS on nodejs when building for the target.

Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosecurity_flags.inc: Add same O<level> as in SELECTED_OPTIMIZATION
Khem Raj [Wed, 10 Feb 2021 07:40:44 +0000 (23:40 -0800)] 
security_flags.inc: Add same O<level> as in SELECTED_OPTIMIZATION

Adding -O can be troublesome in some packages where it may override the
O<n> specified by CFLAGS, this can be due to configure processing of
CFLAGS and munging them into new values in Makefiles, which is
contructed from CC and CFLAGS passed by bitbake environment. Problem
arises if the sequence is altered, which seems to be the case in some
packages e.g. ncurses, where the value from CC variable is added last
and thus overrides -O<n> coming from CFLAGS,

Therefore grok the value from SELECTED_OPTIMIZATION and append the
appropriate -O<level> flag to lcl_maybe_fortify so the level does not
change inaderdantly.

Since we do not use -O0 anymore there is no point of checking for
DEBUG_BUILD since it uses -Og now which works fine with
-D_FORTIFY_SOURCE=2, so check for optlevel O0 instead

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agotcf-agent: Fix build on riscv32
Khem Raj [Tue, 9 Feb 2021 18:57:22 +0000 (10:57 -0800)] 
tcf-agent: Fix build on riscv32

LCL_STOP_SERVICES needs tcf/cpudefs-mdep.h ported

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoconnman: update to 1.39
akuster [Wed, 10 Feb 2021 04:32:07 +0000 (04:32 +0000)] 
connman: update to 1.39

Bug fix only and includes two security fixes:

CVE-2021-26675
CVE-2021-26676

Changelog:
- Fix issue with scanning state synchronization and iwd.
- Fix issue with invalid key with 4-way handshake offloading.
- Fix issue with DNS proxy length checks to prevent buffer overflow.
- Fix issue with DHCP leaking stack data via uninitialized variable.

[Yocto #14231]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agopseudo: Update for rename and faccessat fixes
Richard Purdie [Fri, 12 Feb 2021 15:32:38 +0000 (15:32 +0000)] 
pseudo: Update for rename and faccessat fixes

Pull in:

  ports/rename/renameat: Avoid race when renaming files
  ports/unix: Add faccessat and faccessat2
  ports/access.c: Use EACCES, not EPERM

which includes a fix for rename race issues causing pseudo aborts.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agooe-pkgdata-util: Check if environment script is initialized
Dorinda [Mon, 1 Feb 2021 14:46:38 +0000 (09:46 -0500)] 
oe-pkgdata-util: Check if environment script is initialized

Tinfoil doesn't behave well if environment is not initialized, this check ensures a proper error log if environment is not initialized.

[YOCTO #12096]

Signed-off-by: Dorinda Bassey <dorindabassey@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agompg123: Add support for FPU-less targets
Robert Rosengren [Tue, 9 Feb 2021 14:16:16 +0000 (15:16 +0100)] 
mpg123: Add support for FPU-less targets

Support added to configure mpg123 for FPU-less targets. Building for
fixed-point arithmetic increases performance on such devices.

Signed-off-by: Robert Rosengren <robert.rosengren@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoopkg: Fix patch glitches
Richard Purdie [Tue, 9 Feb 2021 13:15:24 +0000 (13:15 +0000)] 
opkg: Fix patch glitches

The original patch contained some text which shouldn't have been there
and used brackets in configure which isn't a great idea. Tweak the patch
to resolve this.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoparted: upgrade 3.3 -> 3.4
Wang Mingyu [Tue, 9 Feb 2021 08:30:36 +0000 (16:30 +0800)] 
parted: upgrade 3.3 -> 3.4

0001-Move-python-helper-scripts-used-only-in-tests-to-Pyt.patch
0001-libparted-fs-add-sourcedir-lib-to-include-paths.patch
0002-tests-use-skip_-rather-than-skip_test_-which-is-unde.patch
removed since they are included in 3.4

Add python3-core to RDEPENDS_parted-ptest
since /usr/lib/parted/ptest/tests/msdos-overlap contained in package parted-ptest requires /usr/bin/python3

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agodocumentation.conf: add both CVE_CHECK_LAYER_*
akuster [Tue, 9 Feb 2021 04:33:37 +0000 (04:33 +0000)] 
documentation.conf: add both CVE_CHECK_LAYER_*

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoFix up bitbake logging compatibility
Richard Purdie [Wed, 10 Feb 2021 10:12:40 +0000 (10:12 +0000)] 
Fix up bitbake logging compatibility

Bitbake changed the debug() logging call to make it compatible with
standard python logging by no longer including a debug level as the
first argument. Fix up the few places this was being used.

Tweaked version of a patch from Joshua Watt.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosanity.conf: Increase minimum bitbake version due to logging function change
Richard Purdie [Tue, 9 Feb 2021 15:57:17 +0000 (15:57 +0000)] 
sanity.conf: Increase minimum bitbake version due to logging function change

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agou-boot: upgrade 2020.10 -> 2021.01
Alexander Kanavin [Mon, 8 Feb 2021 10:59:26 +0000 (11:59 +0100)] 
u-boot: upgrade 2020.10 -> 2021.01

tools/binman/binman needs python3-setuptools now.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agowic: debug mode to keep tmp directory
Lee Chee Yang [Mon, 8 Feb 2021 01:22:55 +0000 (09:22 +0800)] 
wic: debug mode to keep tmp directory

files in wic tmp directory can be usefull for debugging, so do not remove
tmp directory when wic create run with debugging mode (-D or --debug).

also update wic.Wic.test_debug_short and wic.Wic.test_debug_long to
check for tmp directory.

[YOCTO#14216]

Signed-off-by: Lee Chee Yang <Chee.Yang.Lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoautoconf: Fix typo for prefuncs
Khem Raj [Sun, 7 Feb 2021 23:05:55 +0000 (15:05 -0800)] 
autoconf: Fix typo for prefuncs

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoinitrdscripts: init-install-efi.sh install extra files for ESP
Chee Yang Lee [Tue, 2 Feb 2021 05:43:16 +0000 (13:43 +0800)] 
initrdscripts: init-install-efi.sh install extra files for ESP

Currently the install script copy only few hard coded item while
setting up target ESP, kernel artifacts, all .efi in EFI/BOOT,
grub & boot cfg and loader.conf.
While ESP can be much complex, eg: contain multiple initrd.

Add a ESP folder to carry any other files to setup onto ESP.

Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agocve-check: add include/exclude layers
akuster [Mon, 8 Feb 2021 05:51:30 +0000 (05:51 +0000)] 
cve-check: add include/exclude layers

There are times when exluding or including a layer
may be desired. This provide the framwork for that via
two variables. The default is all layers in bblayers.

CVE_CHECK_LAYER_INCLUDELIST
CVE_CHECK_LAYER_EXCLUDELIST

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agocve-check.bbclass: add layer to cve log
akuster [Mon, 8 Feb 2021 05:51:29 +0000 (05:51 +0000)] 
cve-check.bbclass: add layer to cve log

Lets include whcih layer a package belongs to and
add it to the cve logs

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agopython3-packaging: upgrade 20.8 -> 20.9
zhengruoqin [Mon, 8 Feb 2021 06:36:26 +0000 (14:36 +0800)] 
python3-packaging: upgrade 20.8 -> 20.9

20.9 - 2021-01-29
~~~~~~~~~~~~~~~~~

* Run [isort](https://pypi.org/project/isort/) over the code base (:issue:`377`)
* Add support for the ``macosx_10_*_universal2`` platform tags (:issue:`379`)
* Introduce ``packaging.utils.parse_wheel_filename()`` and ``parse_sdist_filename()``
  (:issue:`387` and :issue:`389`)

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolibdrm: upgrade 2.4.103 -> 2.4.104
Wang Mingyu [Mon, 8 Feb 2021 14:34:10 +0000 (22:34 +0800)] 
libdrm: upgrade 2.4.103 -> 2.4.104

Add 0001-meson-Also-search-for-rst2man.py.patch to fix bug of program rst2man cannot be found.

Add dependency python3-docutils-native to manpages.

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agobind: upgrade 9.16.10 -> 9.16.11
Wang Mingyu [Mon, 8 Feb 2021 11:57:01 +0000 (19:57 +0800)] 
bind: upgrade 9.16.10 -> 9.16.11

rename directory of patches
-License-Update: Copyright year updated to 2021.

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agospirv-tools: correct version check
Alexander Kanavin [Mon, 8 Feb 2021 10:59:32 +0000 (11:59 +0100)] 
spirv-tools: correct version check

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoshaderc: correct version check
Alexander Kanavin [Mon, 8 Feb 2021 10:59:31 +0000 (11:59 +0100)] 
shaderc: correct version check

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoat: correct upstream version check
Alexander Kanavin [Mon, 8 Feb 2021 10:59:30 +0000 (11:59 +0100)] 
at: correct upstream version check

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agotar: update 1.32 -> 1.33
Alexander Kanavin [Mon, 8 Feb 2021 10:59:29 +0000 (11:59 +0100)] 
tar: update 1.32 -> 1.33

Drop musl fix as upstream fixed the issue.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolibhandy: upgrade 1.0.2 -> 1.0.3
Alexander Kanavin [Mon, 8 Feb 2021 10:59:28 +0000 (11:59 +0100)] 
libhandy: upgrade 1.0.2 -> 1.0.3

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agodpkg: update 1.20.5 -> 1.20.7.1
Alexander Kanavin [Mon, 8 Feb 2021 10:59:27 +0000 (11:59 +0100)] 
dpkg: update 1.20.5 -> 1.20.7.1

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agovulkan-samples: update to latest revision
Alexander Kanavin [Mon, 8 Feb 2021 10:59:25 +0000 (11:59 +0100)] 
vulkan-samples: update to latest revision

Drop patch merged upstream.

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoruby: update 2.7.2 -> 3.0.0
Alexander Kanavin [Mon, 8 Feb 2021 10:59:24 +0000 (11:59 +0100)] 
ruby: update 2.7.2 -> 3.0.0

Drop 0001-Modify-shebang-of-libexec-y2racc-and-libexec-racc2y.patch
as files removed upstream.

License-Update: formatting

Drop autoconf270.patch, as no longer needed with 3.0.0
(I verified against master-next which has the new autoconf).

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agopython3-setuptools: update 51.0.0 -> 52.0.0
Alexander Kanavin [Mon, 8 Feb 2021 10:59:23 +0000 (11:59 +0100)] 
python3-setuptools: update 51.0.0 -> 52.0.0

easy_install script removed upstream:
https://github.com/pypa/setuptools/blob/v52.0.0/CHANGES.rst

Tarballs are now provided instead of zip files.

License-Update: formatting

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agogptfdisk: update 1.0.5 -> 1.0.6
Alexander Kanavin [Mon, 8 Feb 2021 10:59:22 +0000 (11:59 +0100)] 
gptfdisk: update 1.0.5 -> 1.0.6

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agodistcc: update 3.3.3 -> 3.3.5
Alexander Kanavin [Mon, 8 Feb 2021 10:59:21 +0000 (11:59 +0100)] 
distcc: update 3.3.3 -> 3.3.5

Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosqlite3: upgrade 3.34.0 -> 3.34.1
zhengruoqin [Sun, 7 Feb 2021 07:11:13 +0000 (15:11 +0800)] 
sqlite3: upgrade 3.34.0 -> 3.34.1

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosystemd: Fix build on musl
Khem Raj [Sun, 7 Feb 2021 01:40:09 +0000 (17:40 -0800)] 
systemd: Fix build on musl

include "missing_stdlib.h" is needed for strndupa()

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoell: update to 0.37
Oleksandr Kravchuk [Sat, 6 Feb 2021 18:35:26 +0000 (19:35 +0100)] 
ell: update to 0.37

Changelog:
- Fix issue with D-Bus filter messages with no interfaces set.
- Add support for PKCS#12 certification loading.

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoinetutils: update to 2.0
Oleksandr Kravchuk [Sat, 6 Feb 2021 18:28:36 +0000 (19:28 +0100)] 
inetutils: update to 2.0

Removed upstreamed patches and refreshed q few other.

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoselftest/reproducible: remove spirv-tools-dev from exclusion list
Jose Quaresma [Sat, 6 Feb 2021 14:27:11 +0000 (14:27 +0000)] 
selftest/reproducible: remove spirv-tools-dev from exclusion list

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agospirv-tools: fix reproducible
Jose Quaresma [Sat, 6 Feb 2021 14:27:10 +0000 (14:27 +0000)] 
spirv-tools: fix reproducible

- remove build host path in cmake dev file to fix spirv-tools-dev reproducible
  https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20210125-8161_obd/packages/diff-html/

Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosecurity_flags.inc: Use -O with -D_FORTIFY_SOURCE
Khem Raj [Sat, 6 Feb 2021 06:31:38 +0000 (22:31 -0800)] 
security_flags.inc: Use -O with -D_FORTIFY_SOURCE

compiler can only use fortify options when some level of optimization is
on, otherwise it ends up sending some warnings.

warning: _FORTIFY_SOURCE requires compiling with optimization (-O) [-W#warnings]

this is usually OK, since -O<level> would be added via CFLAGS to
compiler cmdline in normal compile stages, however during configure
there are problems when CC,CPP,CXX are probed alone in configure tests
which results in above warning, which confuses the configure results and
autotools 2.70+ detects it as error e.g.

configure:17292: error: C preprocessor "riscv32-yoe-linux-clang -target riscv32-yoe-linux      -mlittle-endian -mno-relax -Qunused-arguments -fstack-protector-strong  -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security --sysroot=/mnt/b/yoe/master/build/tmp/work/riscv32-yoe-linux/ndpi/3.4-r0/recipe-sysroot -E" fails sanity check
See `config.log' for more details

therefore adding a -O ( which actually is -O1 ) to lcl_maybe_fortify
means we can properly test these configure tests and real -O<level> will
still override -O added here, so overrall behavior improves

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoyocto-uninative.inc: version 2.11 updates glibc to 2.33
Michael Halstead [Sat, 6 Feb 2021 02:27:50 +0000 (18:27 -0800)] 
yocto-uninative.inc: version 2.11 updates glibc to 2.33

Support glibc 2.33.

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoautotools: no need to depend on gnu-config
Ross Burton [Wed, 11 Nov 2020 15:30:20 +0000 (15:30 +0000)] 
autotools: no need to depend on gnu-config

autoconf 2.70 onwards installs its own copies of config.guess/config.sub
which we keep up to date when autoconf builds, so there's no need to
depend on gnu-config for those files.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoautotools: remove intltoolize logic
Ross Burton [Tue, 13 Oct 2020 16:59:55 +0000 (17:59 +0100)] 
autotools: remove intltoolize logic

autoconf 2.70 now invokes intltoolize, so there's no need to do it again
in this class.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoautotools: disable gtkdocize for now
Ross Burton [Tue, 13 Oct 2020 21:52:02 +0000 (22:52 +0100)] 
autotools: disable gtkdocize for now

This breaks kmod, so for now we can continue to do it ourselves.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoautoconf: upgrade to 2.71
Ross Burton [Wed, 15 Jul 2020 15:03:21 +0000 (16:03 +0100)] 
autoconf: upgrade to 2.71

After too many years, autoconf has made a new release.  On the whole it
is compatible with previous releases, but some macros are more specific
about what they expose so minor tweaks to configure.ac may be required.

autoconf also now invokes intltoolize, gtkdocize, and copies
config.sub/guess, so there is less work for autotools.bbclass to do.

- AC_HEADER_MAJOR-port-to-glibc-2.25.patch
- add_musl_config.patch
- autoconf-replace-w-option-in-shebangs-with-modern-use-warnings.patch
- autoreconf-gnuconfigize.patch
- check-automake-cross-warning.patch
- config_site.patch
- fix_path_xtra.patch
- performance.patch
Drop a number of patches which have been integrated upstream.

- man-host-perl.patch
Don't use the target perl path when building documentation at build time:

- no-man.patch
Don't build documentation in native builds to avoid further build
dependencies.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoautotools: don't warn about obsolete usage
Ross Burton [Wed, 11 Nov 2020 15:26:16 +0000 (15:26 +0000)] 
autotools: don't warn about obsolete usage

New autoconf warns about obsolete macro usage, but there is quite
a lot of obsolete usage in the wild which isn't really in our problem.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoautoconf: merge .bb and .inc files
Ross Burton [Thu, 4 Feb 2021 15:52:20 +0000 (15:52 +0000)] 
autoconf: merge .bb and .inc files

These files are split for historical reasons, so merge them to make
maintaining them easier.

The bb and inc had differing LICENSE assignments.  Current autoconf is
GPLv3+.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agognu-config: update to latest commit
Ross Burton [Thu, 4 Feb 2021 11:35:33 +0000 (11:35 +0000)] 
gnu-config: update to latest commit

Update gnu-config to the latest upstream commit.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoapr: Fix to work with autoconf 2.70
Richard Purdie [Thu, 28 Jan 2021 21:55:57 +0000 (21:55 +0000)] 
apr: Fix to work with autoconf 2.70

Fix an issue with autoconf 2.70 where duplicate macro includes
caused configure failures.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agounfs3: fix build with new autoconf
Ross Burton [Fri, 17 Jul 2020 09:09:45 +0000 (10:09 +0100)] 
unfs3: fix build with new autoconf

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agoRevert "lrzsz: Fix to work with autoconf 2.70"
Ross Burton [Tue, 2 Feb 2021 11:26:51 +0000 (11:26 +0000)] 
Revert "lrzsz: Fix to work with autoconf 2.70"

This change was only needed with 2.70, it is not needed with 2.71.

This reverts commit 36aef08dcd5e45c4138ccd72e8de01157f7213c4.

Signed-off-by: Ross Burton <ross.burton@arm.com>
4 years agouninative: Upgrade to 2.10
Michael Halstead [Sat, 6 Feb 2021 02:22:27 +0000 (18:22 -0800)] 
uninative: Upgrade to 2.10

Final glibc 2.32 based uninative.

Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolicense_image.bbclass: Don't attempt to symlink to the same file
Mike Looijmans [Fri, 5 Feb 2021 14:53:33 +0000 (15:53 +0100)] 
license_image.bbclass: Don't attempt to symlink to the same file

Sometimes (that is, in all my builds) the lic_manifest_dir and
lic_manifest_symlink_dir end up pointing to the same file, resulting
in an error like this:
  Exception: FileExistsError: [Errno 17] File exists: '/.../tmp-glibc/deploy/licenses/my-image-tdkz15' -> '/.../tmp-glibc/deploy/licenses/my-image-tdkz15'

First check to see if this is the case before attempting to create
the link.

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoimage_types.bbclass: tar: use posix format instead of gnu
Martin Jansa [Fri, 5 Feb 2021 19:22:34 +0000 (20:22 +0100)] 
image_types.bbclass: tar: use posix format instead of gnu

* gnu isn't compatible with  --xattrs used e.g. here:
https://github.com/advancedtelematic/meta-updater/blob/d3a832f66e8802cb45536ff278d5c77f946d341d/classes/image_types_ostree.bbclass#L16
causing do_image_tar failing with:

| tar: --xattrs can be used only on POSIX archives
| Try 'tar --help' or 'tar --usage' for more information.

* https://www.gnu.org/software/tar/manual/html_chapter/tar_8.html
  says about posix format:

  This is the most flexible and feature-rich format.
  It does not impose any restrictions on file sizes or file name lengths.
  This format is quite recent, so not all tar implementations are able to handle it properly.
  However, this format is designed in such a way that any tar implementation able to read `ustar'
  archives will be able to read most `posix' archives as well, with the only exception that any
  additional information (such as long file names etc.) will in such case be extracted as plain
  text files along with the files it refers to.

  This archive format will be the default format for future versions of GNU tar.

  and:

  The default format for GNU tar is defined at compilation time.
  You may check it by running tar --help, and examining the last lines of its output.
  Usually, GNU tar is configured to create archives in `gnu' format, however, future version will switch to `posix'.

* I've compared tar on centos7 and ubuntu-18.04:

bash-4.2$ cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)

bash-4.2$ tar --version
tar (GNU tar) 1.26
...

bash-4.2$ tar --help | tail -n 5
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/etc/rmt
--rsh-command=/usr/bin/ssh
...

bitbake@e0ee76f81c2f:/$ grep VERSION /etc/os-release
VERSION="18.04.5 LTS (Bionic Beaver)"
VERSION_ID="18.04"
VERSION_CODENAME=bionic

bitbake@e0ee76f81c2f:/$ tar --version
tar (GNU tar) 1.29
...

bitbake@e0ee76f81c2f:/$ tar --help | tail -n 5
...
*This* tar defaults to:
--format=gnu -f- -b20 --quoting-style=escape --rmt-command=/usr/lib/tar/rmt
--rsh-command=/usr/bin/rsh

Both support posix format (as pax POSIX 1003.1-2001). But centos7 version is
already too old anyway, because it doesn't support --sort=name used since:
https://git.openembedded.org/openembedded-core/commit/?id=4fa68626bbcfd9795577e1426c27d00f4d9d1c17
and
https://git.openembedded.org/openembedded-core/commit/?id=f19e43dec63a86c200e04ba14393583588550380
says that 1.28 is the minium version now and
https://git.openembedded.org/openembedded-core/commit/?id=7a66434cf11b7f051699b774e4fccd6738351368
recommends to use install-buildtools for hosts with tar < 1.28

On the other side latest tumbleweed from:
https://hub.docker.com/r/opensuse/tumbleweed
with tar-1.33 alredy defaults to posix format:

b99dbb3d86dd:/ # head -n 3 /etc/os-release
NAME="openSUSE Tumbleweed"
ID="opensuse-tumbleweed"

b99dbb3d86dd:/ # tar --version
tar (GNU tar) 1.33
...

b99dbb3d86dd:/ # tar --help | tail -n 3
*This* tar defaults to:
--format=posix -f- -b20 --quoting-style=escape --rmt-command=/usr/bin/rmt
--rsh-command=/usr/bin/ssh

I've packaged some sample rootfs directory with both tars and the result is
identical (with --format=gnu as well as --format=posix).

with ubuntu:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.ubuntu.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.ubuntu.posix.tar -C rootfs .
tumbleweed:
tar --sort=name --format=gnu --numeric-owner -cf rootfs.tumbleweed.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --sort=name --format=posix --numeric-owner -cf rootfs.tumbleweed.posix.tar -C rootfs .
centos7 (without --sort=name):
tar --format=gnu --numeric-owner -cf rootfs.centos7.gnu.tar -C rootfs .
tar --xattrs --xattrs-include=* --format=posix --numeric-owner -cf rootfs.centos7.posix.tar -C rootfs .

size is identical:
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 09:19 rootfs.ubuntu.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 10:17 rootfs.centos7.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2487480320 Feb  5 10:26 rootfs.tumbleweed.gnu.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:15 rootfs.ubuntu.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:16 rootfs.centos7.posix.tar
-rw-r--r-- 1 mjansa mjansa 2579875840 Feb  5 10:26 rootfs.tumbleweed.posix.tar

but md5s aren't:
5e3880283379dd773ac054e20562fdea  rootfs.centos7.gnu.tar
abeaf992c780aa780a27be01365d26f5  rootfs.centos7.posix.tar
0c6ee59d87ab56583293262de110bca4  rootfs.tumbleweed.gnu.tar
1555bc7276eaba924bf82a13a010fd6d  rootfs.tumbleweed.posix.tar
553d802bba351e273191bd5b2a621b66  rootfs.ubuntu.gnu.tar
b6d7b43b30174686f6625ba3c7aefdc6  rootfs.ubuntu.posix.tar

diffoscope shows some differences when using gnu format:

$ diffoscope rootfs.tumbleweed.gnu.tar rootfs.ubuntu.gnu.tar
...
-00239890: 3030 3000 3030 3737 3637 0020 4b00 0000  000.007767. K...
+00239890: 3030 3000 3031 3135 3737 0020 4b00 0000  000.011577. K...
...
-00239900: 0075 7374 6172 2020 0000 0000 0000 0000  .ustar  ........
+00239900: 0075 7374 6172 2020 0072 6f6f 7400 0000  .ustar  .root...
...
-00239920: 0000 0000 0000 0000 0000 0000 0000 0000  ................
+00239920: 0000 0000 0000 0000 0072 6f6f 7400 0000  .........root...

with posix format there are also some differences shown by diffoscope:

$ diffoscope rootfs.tumbleweed.posix.tar rootfs.ubuntu.posix.tar
 016a4c00: 2e2f 7573 722f 6269 6e2f 5061 7848 6561  ./usr/bin/PaxHea
-016a4c10: 6465 7273 2f63 6861 7474 722e 6532 6673  ders/chattr.e2fs
-016a4c20: 7072 6f67 7300 0000 0000 0000 0000 0000  progs...........
+016a4c10: 6465 7273 2e32 322f 6368 6174 7472 2e65  ders.22/chattr.e
+016a4c20: 3266 7370 726f 6773 0000 0000 0000 0000  2fsprogs........
...
 03937000: 2e2f 7573 722f 6269 6e2f 5061 7848 6561  ./usr/bin/PaxHea
-03937010: 6465 7273 2f63 6f6e 7461 696e 6572 642d  ders/containerd-
-03937020: 6374 7200 0000 0000 0000 0000 0000 0000  ctr.............
+03937010: 6465 7273 2e32 322f 636f 6e74 6169 6e65  ders.22/containe
+03937020: 7264 2d63 7472 0000 0000 0000 0000 0000  rd-ctr..........

so cannot really say which format is better for reproducible tar
archives from different distros, but posix at least supports xattrs
and it's the format for future.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolibcroco: Added CVE
saloni [Fri, 5 Feb 2021 15:42:34 +0000 (21:12 +0530)] 
libcroco: Added CVE

Added below CVE:
CVE-2020-12825
Link: CVE-2020-12825 [https://gitlab.gnome.org/Archive/libcroco/-/commit/6eb257e5c731c691eb137fca94e916ca73941a5a]
Link: https://gitlab.gnome.org/Archive/libcroco/-/issues/8
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agolibgcrypt: Whitelisted CVEs
saloni [Fri, 5 Feb 2021 15:37:12 +0000 (21:07 +0530)] 
libgcrypt: Whitelisted CVEs

Whitelisted below CVEs:

1. CVE-2018-12433
Link: https://security-tracker.debian.org/tracker/CVE-2018-12433
Link: https://nvd.nist.gov/vuln/detail/CVE-2018-12433
CVE-2018-12433 is marked disputed and ignored by NVD as it does
not impact crypt libraries for any distros and hence, can be safely
marked whitelisted.

2. CVE-2018-12438
Link: https://security-tracker.debian.org/tracker/CVE-2018-12438
Link: https://ubuntu.com/security/CVE-2018-12438
CVE-2018-12438 was reported for affecting openjdk crypt libraries
but there are no details available on which openjdk versions are
affected and does not directly affect libgcrypt or any specific
yocto distributions, hence, can be whitelisted.

Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agoe2fsprogs: upgrade 1.45.6 -> 1.45.7
Wang Mingyu [Fri, 5 Feb 2021 02:27:50 +0000 (10:27 +0800)] 
e2fsprogs: upgrade 1.45.6 -> 1.45.7

0001-fix-up-check-for-hardlinks-always-false-if-inode-0xF.patch
removed since it is included in 1.45.7

Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agobash: Disable bracketed input by default
Joshua Watt [Thu, 4 Feb 2021 21:38:41 +0000 (15:38 -0600)] 
bash: Disable bracketed input by default

Bash 5.1 enabled bracketed input mode by default, but this causes a lot
of problems with automated testing as it can inject a lot of control
sequences into non-interactive output. Disable it to cleanup the output
an preserve the pre-5.1 behavior

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
4 years agosystemd: change /bin/nologin to /sbin/nologin
Chen Qi [Fri, 5 Feb 2021 03:40:28 +0000 (11:40 +0800)] 
systemd: change /bin/nologin to /sbin/nologin

Our nologin path is /sbin/nologin instead of /bin/nologin.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>