Robert Joslyn [Sat, 30 Apr 2022 14:08:04 +0000 (07:08 -0700)]
powerpc: Remove invalid GLIBC_EXTRA_OECONF
OE-core previously carried patches to glibc that added optimized sqrt
implementations for various PowerPC chips. These were recently removed,
which now results in errors when compiling glibc with certian PowerPC
machine tunes:
checking sysdep dirs... configure: error: The 603e subspecies of powerpc is not supported.
Remove setting GLIBC_EXTRA_OECONF with parameters that are no longer
valid. Also remove a commented out setting of the variable that probably
isn't vaild anyway.
Fixes: 2511e937f445 ("glibc: Drop ppc sqrt optimisations") Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Change the shell of all global static users other than root (which
retains /bin/sh) and sync (as /bin/sync is rather harmless) to
/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
ptest testsuite/panic-tests.sh of sed need to be run as a non-root user
so that the expected "sed: couldn't open temporary file <filename>:
Permission denied" error can be generated. After disabling default
shell for "nobody", a shell needs to be specified for running ptest.
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Alex Kiernan [Thu, 28 Apr 2022 20:51:26 +0000 (21:51 +0100)]
eudev: Remove unused files
These files appear to have been first commented out from do_install in 14cba802f2dd ("udev: Add 141") and then removed completely in 54daad852fc3 ("udev: remove commented code from init script (no code
changes)").
Signed-off-by: Alex Kiernan <alexk@zuma.ai> Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Thu, 28 Apr 2022 12:55:59 +0000 (13:55 +0100)]
musl-locales: explicitly depend on gettext-native
The gettext class is designed for use by applications with optional NLS
support: depending on the value of USE_NLS it will either depend on
gettext-minimal-native (just the autoconf macros) or gettext-native, and
will pass --enable-nls/--disable-nls as appropriate.
However, musl-locales specifically needs to run msgfmt at runtime,
so explicitly depend on gettext-native instead.
Also remove the redundant EXTRA_OECMAKE assignment.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Robert Joslyn [Thu, 28 Apr 2022 14:13:41 +0000 (07:13 -0700)]
curl: Update to 7.83.0
This is a minor feature and bugfix release. Changes include:
* curl: add %header{name} experimental support in -w handling
* curl: add %{header_json} experimental support in -w handling
* curl: add --no-clobber
* curl: add --remove-on-error
* header api: add curl_easy_header and curl_easy_nextheader
* msh3: add support for QUIC and HTTP/3 using msh3
Full changelog at: https://curl.se/changes.html#7_83_0
Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bruce Ashfield [Thu, 28 Apr 2022 13:47:53 +0000 (09:47 -0400)]
kernel-yocto: allow patch author date to be commit date
In situations where a buid needs to be reproducible, it is
sometimes desireable to use a patches author date, versus the
time when it is applied. This generates a consistent hash
between different patch applications.
We leverage the existing KERNEL_DEBUG_TIMESTAMPS to trigger
the use of a new option to kgit-s2q. This allows us to use
the author date in a reproducible configuration, but disable
it if we need the current time/date.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The GO_WORKDIR is used only in go-mod.bbclass. As this recipe does
not inherit go-mod.bbclass, this variable is useless here.
This go-helloworld recipe was made to inherit go-mod.bbclass and build
in module-aware mode. However, it was found that we need to build go
recipes in GOPATH mode in order to support offline build. As a result,
this recipe was changed back to only inherit go.bbclass. But the GO_WORKDIR
setting was not cleaned up.
Richard Purdie [Thu, 28 Apr 2022 14:15:04 +0000 (15:15 +0100)]
lib/sstatesig: Fix find_siginfo to match sstate filename generation
sstate filename generation was changed a while ago and taskname has to be
passed into core functions for the correct filename to be generated. Update
find_siginfo to match those changes and pass in taskname via SSTATE_CURRTASK.
Thanks to Gregory Lumen <gregorylumen@microsoft.com> for spotting.
[YOCTO #14774]
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
RPi kernel has started building compressed kernel modules by default
starting 5.15, currenrly therefore meta-raspberrypi kernels are unable
to load kernel modules since kmod and kmod-native do not entertain xz
compressed modules. There is a fix proposed in meta-raspberrypi [1]
but the fix is needed for native and nativesdk recipes as well, perhaps
its best to enable it here for best out of box experience with
meta-raspberrypi
image.bbclass: allow overriding dependency on virtual/kernel:do_deploy
Since the commit fe26b2379ecd ("image.bbclass: Depend on
virtual/kernel:do_deploy"), the image.bbclass made building images
depend on virtual/kernel. For some images, including small initramfs,
this is not the case. Allow overriding this dependency in case
developers knows what they are doing.
Ross Burton [Wed, 27 Apr 2022 11:43:39 +0000 (12:43 +0100)]
cve_check: skip remote patches that haven't been fetched when searching for CVE tags
If a remote patch is compressed we need to have run the unpack task for
the file to exist locally. Currently cve_check only depends on fetch so
instead of erroring out, emit a warning that this file won't be scanned
for CVE references.
Typically, remote compressed patches won't contain our custom tags, so
this is unlikely to be an issue.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 27 Apr 2022 15:22:06 +0000 (16:22 +0100)]
staging: Ensure we filter out ourselves
Adding a dependency on ourselves in this function doesn't make sense, the hash
may change after hash equivalence is applied. Other code using BB_TASKDEPDATA does
handle the self reference correctly (which is there for a reason), update this
code to do likewise.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
busybox also installs findfs but into base_sbindir which works out to be
ok when sbindir != base_sbindir but with usrmerge distro feature enabled
this starts to cause trouble because busybox's postinst is trying to
create a symlink for findfs applet in base_sbindir which is same as
sbindir now and there already is binary from util-linux and image fails
to build
do_rootfs: Postinstall scriptlets of ['busybox'] have failed. If the intention is to defer them to first boot,
then please place them into pkg_postinst_ontarget:${PN} ().
The real reason is burried in do_rootfs logs
update-alternatives: Error: not linking /mnt/b/yoe/master/build/tmp/work/beaglebone-yoe-linux-gnueabi/yoe-sdk-image/1.0-r0/rootfs/usr/sbin/findfs to /usr/bin/busybox.suid since /mnt/b/yoe/master/build/tmp/work/beaglebone-yoe-linux-gnueabi/yoe-sdk-image/1.0-r0/rootfs/usr/sbin/findfs exists and is not a link
Creating proper u-a for findfs in util-linux fixes the issue
Nicolas Dechesne [Tue, 26 Apr 2022 19:46:18 +0000 (21:46 +0200)]
sanity: skip make 4.2.1 warning for debian
This is a follow up patch of: ad5829aa1f8a (sanity: Show a warning that make 4.2.1 is buggy on non-ubuntu systems)
Debian10 has the exact same version/sources for make as Ubuntu
(focal), e.g. https://packages.debian.org/source/buster/make-dfsg and
https://packages.ubuntu.com/source/focal/make-dfsg.
As per the corresponding changelog, the patch mentioned in ad5829aa1f8a, is included in both Debian and Ubuntu in make
4.2.1-1.1. So it's safe to use make 4.2.1 in Debian10.
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Sean Anderson [Tue, 26 Apr 2022 18:54:22 +0000 (14:54 -0400)]
wic: Add dependencies for erofs-utils
In order to build erofs filesystems, wic must have the erofs-utils
package installed into its sysroot.
Fixes: 30375ce97 ("Add support for erofs filesystems") Signed-off-by: Sean Anderson <sean.anderson@seco.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The tarball (neard-0.16.tar.xz) fetched by the recipe is incomplete.
Few plugins (e.g. tizen) and tests scripts (e.g. Test-channel, test-see,
neard-ui.py, ndef-agent etc) are missing.
Since neard did not release latest tarballs, so as per community
recommendation switching the recipe SRC_URI to git repo.
Community Discussion:
https://lists.openembedded.org/g/openembedded-core/topic/90058043#163681
Rust has been upgraded to rust-1.60.0 that uses LLVM 14.
Please refer the following link for more detailed features.
https://blog.rust-lang.org/2022/04/07/Rust-1.60.0.html
https://github.com/rust-lang/rust/blob/master/RELEASES.md
Ross Burton [Tue, 26 Apr 2022 12:07:20 +0000 (13:07 +0100)]
bitbake.conf: mark all directories as safe for git to read
Recent git releases containing [1] have an ownership check when opening
repositories, and refuse to open a repository if it is owned by a
different user.
This breaks any use of git in do_install, as that is executed by the
(fake) root user. Whilst not common, this does happen.
Setting the git configuration safe.directories=* disables this check, so
that git is usable in fakeroot tasks. This can be set globally via the
internal environment variable GIT_CONFIG_PARAMETERS, we can't use
GIT_CONFIG_*_KEY/VALUE as that isn't present in all the releases which
have the ownership check.
We already set GIT_CEILING_DIRECTORIES to ensure that git doesn't
recurse up out of the work directory, so this isn't a security issue.
create-spdx: delete virtual/kernel dependency to fix FreeRTOS build
When building FreeRTOS this dependency generates an error because
bitbake cannot find any provider for "virtual/kernel".
>From a dependency analysis the task is executed independently from
this so it can be safely removed.
This patch has been discussed in this ML thread:
https://lists.openembedded.org/g/openembedded-core/topic/90602531
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This package will provide a limited set of localedata for musl based
systems. It will fill in into images when IMAGE_LINGUAS variable is set
however the choice is limited to the given 13 locales as of now.
e.g.
IMAGE_LINGUAS ?= "de-de fr-fr en-gb"
would work fine
Default locale can be set by exporting LANG=<locale> in /etc/profile or some
such file e.g.
export LANG=de_DE.UTF-8
This will also help in ptest coverage with musl where some test packages
expect locales e.g. pango to name one.
Do not empty out IMAGE_LINGUAS forcibly for musl anymore
In bitbake commit 1ecc1d94 (process: Do not mix stderr with stdout),
bb.process.Popen() was changed to no longer combine stdout and stderr by
default. However, the Terminal class was not updated to reflect this and
subsequently only output stdout in case of failures.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Carlos Rafael Giani <crg7475@mailbox.org> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Ross Burton [Mon, 25 Apr 2022 11:24:44 +0000 (12:24 +0100)]
python3: ignore CVE-2015-20107
CVE-2015-20107 describes an arbitrary command execution in the mailcap
module, but this is by design in mailcap and needs to be worked around
by the calling application.
Upstream Python will be documenting this flaw in the library reference,
and it is likely that the mailcap module will be deprecated and removed
in the future.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some recipes are marked machine specific which need qemu usermode during
build eg. if they use meson build system, which means they wont get
right -cpu settings to run qemu-ppc/qemu-ppc64 and build fails, this
ensures that we set the right options when PACKAGE_ARCH is set to
MACHINE_ARCH on ppc/ppc64 qemu
wic: do not use PARTLABEL for msdos partition tables
When using "msdos" partition tables and "--label" but not "--use-uuid"
one can generate images which will not find their root, because
PARTLABEL does not work for "msdos".
Fix that by simply not going the PARTLABEL path in case of "msdos".
Fixes: 2fb247c5ecf0 ("wic: support rootdev identified by partition label") Signed-off-by: Henning Schild <henning.schild@siemens.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Paul Gortmaker [Wed, 20 Apr 2022 15:11:41 +0000 (11:11 -0400)]
install/devshell: Introduce git intercept script due to fakeroot issues
In a devshell, recent versions of git will complain if the repo is owned
by someone other than the current UID - consider this example:
------
bitbake -c devshell linux-yocto
[...]
kernel-source#git branch
fatal: unsafe repository ('/home/paul/poky/build-qemuarm64/tmp/work-shared/qemuarm64/kernel-source' is owned by someone else)
To add an exception for this directory, call:
Of course the devshell has UID zero and the "real" UID is for "paul" in
this case. And so recent git versions complain.
As the whole purpose of the devshell is to invoke a shell where development
can take place, having a non-functional git is clearly unacceptable.
Richard suggested we could use PSEUDO_UNLOAD=1 to evade this issue, and I
suggested we probably will see other similar instances like this and should
make use of PATH to intercept via devshell wrappers - conveniently we already
have examples of this.
Here, we copy the existing "ar" example and tune it to the needs of git to
combine Richard's suggestion and mine.
As such we now also can store commit logs and use send-email with our user
specific settings, instead of "root", so in additon to fixing basic
commands like "git branch" it should also increase general usefulness.
RP: Tweaked the patch so the PATH change only applies to the devshell task
and is a generic git intercept rather than devshell specific.
RP: Also apply the PATH change to do_install tasks since that also runs under
fakeroot and several software projects inject "git describe" output into
their binaries (systemd, iputils, llvm, ipt-gpu-tools at least) causing
reproducibility issues from systems with different git versions.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add tune include for armv8.4a. This adds support only for bare armv8.4a
(and for crypto extension). There is no support for additional
instructions added by architecture extensions (except the main crypto
extension support).
Atheros AR3011 Bluetooth devices require special ath3k-1.fw firmware
file. Package it separately from the main linux-firmware package to
allow deploying this firmware on embedded devices.
According to the WHENCE file, some a3k firmware files are licensed
under the special ar3k license, while others are licensed under the more
generic Atheros license. Document this by adding extending the
LICENSE:${PN}-ar3k and depending on both of them.
However, when checking for the presence of ${KMETA} the current
working directory is searched. This will almost always fail and
"kgit --meta" is used instead. If the user does have a path in
their current working directory that matches the ${KMETA}
variable but the path is not present within the kernel source
directory, the build will fail if it tries to write config errors/
warnings to that path.
If ${KMETA} is not set, the same problem exists with the hard-coded
"meta" directory.
Fix these issues by checking for ${KMETA} within ${S} rather than
the current working directory. Additionally, drop the hardcoded
backup directory "meta" as it hasn't been functioning and
probably has no users
package.bbclass: Prevent perform_packagecopy from removing /sysroot-only
The files in /sysroot-only are intended to make it into the
recipes sysroot output, but not into the package. However, if
do_package is run before do_populate_sysroot, the files are
removed.
Use a smaller hammer to avoid copying the files into the package so
they are still around when do_populate_sysroot runs.
seatd: Disable overflow warning as error on ppc64/musl
Disabling the warning is easier fix then trying to fix it
in musl which results in ABI breakage and disabling the Werror
gets us along by doing minimal change, also see [1]
Ross Burton [Tue, 19 Apr 2022 15:45:40 +0000 (16:45 +0100)]
qemu: backport a patch to optionally disable i8042 (AT and PS/2) hardware
Backport a patch from upstream (will be in qemu 7.0) to add an option to
disable the legacy i8042 support (AT keyboard, PS/2 mouse). These
devices are very historical and modern Linux environments use USB anyway.
Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a ptest for libgpg-error to core-image-ptest-all. Avoid refreshing the
Makefile in qemu as this would fail and is not needed. All tests passed on
a trial run.
Peter Marko [Tue, 19 Apr 2022 11:21:18 +0000 (13:21 +0200)]
openssl: extract legacy provider module to a separate package
This module contains legacy cipher suites from libcrypto.
We should not need to include base package because we want
to use this part of libcrypto.
Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
0001-gptcurses-correct-ncurses-6.3-errors.patch
removed since it's included in 1.0.9.
Changelog:
===========
- Added support for aligning partitions' end points. This feature affects the
default partition size when using n in gdisk; it affects the default
partition size in cgdisk; and it's activated by the new -I option in sgdisk.
See the programs' respective man pages for details. This feature is intended
to help with LUKS2 encryption, which reacts badly to partitions that are not
sized as exact multiples of the encryption block size.
- Added several new partition type codes:
FreeBSD nandfs (0xa506)
Apple APFS Pre-Boot (0xaf0b)
Apple APFS Recovery (0xaf0c)
ChromeOS firmware (0x7f03)
ChromeOS mini-OS (0x7f04)
ChromeOS hibernate (0x7f05)
U-Boot boot loader (0xb000)
27 (!) codes for Fuchsia (0xf100 to 0xf11a)
- Added the ability to build sgdisk and cgdisk for Windows.
- Added a check for too-small disks (most likely to be an issue when trying to
use a too-small disk image); program now aborts if this happens.
- Removed stray debugging code that caused partNum is x to be printed when
changing a partition's name with sgdisk.
- Fixed build problems with recent versions of ncurses.
- Fixed bug that caused cgdisk to report incorrect partition attributes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
refresh the following patches for new version:
0001-urandom-xauth-changes-to-options.h.patch
0005-dropbear-enable-pam.patch
dropbear-disable-weak-ciphers.patch
When gos internal linker is used, it uses hardcoded paths to the
interpreter (dynamic linker). For x86_64 this hardcoded path is
/lib64/ld-linux-x86-64.so.2, but yocto's default dynamic linker path
is /lib64/ld-linux-x86-64.so.2.
Most of the time, the internal linker is not used and binutils linker
sets the correct path, but sometimes the internal linker is used and
the resulting binary will not work on x86_64.
To ensure the path is always correct, pass it to the linker.
Khem Raj [Tue, 29 Mar 2022 23:39:52 +0000 (16:39 -0700)]
go: Disable pie in cgo for mips
This overcomes the linking errors e.g.
| /usr/lib/go/src/cmd/go/internal/base/base.go:110:(.text+0x60fef8): relocation R_MIPS_26 against `a local symbol' cannot be used when making a shared object; recompile with -fPIC | /usr/lib/go/src/cmd/go/internal/base/base.go:110:(.text+0x60ff0c): relocation R_MIPS_HI16 against `a local symbol' cannot be used when making a shared object; recompile with -fPIC
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
