Martin Jansa [Mon, 20 Nov 2017 18:04:58 +0000 (18:04 +0000)]
kernel.bbclass: use the consistent naming schema for initramfs
* use INITRAMFS_BASE_NAME and INITRAMFS_SYMLINK_NAME variables, like
other kernel artifacts are using
* use "${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}" instead of
"${PV}-${PR}-${MACHINE}-${DATETIME}" to be consistent with other files
* allow to modify default symlink name with INITRAMFS_SYMLINK_NAME
instead of currently used:
initramfs_symlink_name=${type}-initramfs-${MACHINE}
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit f3a28cfdc3ba6a0d9bff0ade86571b6df9d042b0) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Martin Jansa [Mon, 20 Nov 2017 12:09:25 +0000 (12:09 +0000)]
kernel-devicetree.bbclass: Fix and simplify instalation of DTB files
* add 2 new variables:
KERNEL_DTB_BASE_NAME
KERNEL_DTB_SYMLINK_NAME
instead of reusing KERNEL_IMAGE_SYMLINK_NAME and than expecting that
default value ${MACHINE} was being used in e.g.:
DTB_SYMLINK_NAME=`echo ${symlink_name} | sed "s/${MACHINE}/${DTB_BASE_NAME}/g"`
* install normal DTB files only once even if there is multiple entries
in KERNEL_IMAGETYPE_FOR_MAKE and don't prefix them with the type of
the kernel image, use the KERNEL_IMAGETYPE_FOR_MAKE as a prefix only
when installing them bundled with kernel or initramfs image.
* deploy the files from ${D}/${KERNEL_IMAGEDEST}/ instead of kernel
build directory, so that we don't need to call
DTB_PATH=`get_real_dtb_path_in_kernel "${DTB}"`
again in do_deploy
* create all links in do_deploy task, because default KERNEL_DTB_BASE_NAME
like KERNEL_IMAGE_BASE_NAME contains PKGR and PKGR is different in
do_install and do_deploy, because kernel.bbclass calls
meta/classes/kernel.bbclass:do_install[prefuncs] += "package_get_auto_pr"
meta/classes/kernel.bbclass:do_deploy[prefuncs] += "package_get_auto_pr"
* the filenames are a bit different, but with separate variable it
should be easier for other bbclasses which use these DTB files to
find them correctly, just use either the cannonical name
$dtb_base_name.$dtb_ext or $dtb_base_name-${KERNEL_DTB_SYMLINK_NAME}.$dtb_ext
because PKGR (and other PKG* variables) might be different in your
task and kernel.do_deploy task.
* fix DTB files being deployed with incorrect filenames when
KERNEL_IMAGE_SYMLINK_NAME isn't set to ${MACHINE}, e.g. instead of
the default:
-rw-r--r-- 2 bitbake bitbake 1.4K Nov 20 07:41 deploy/images/raspberrypi3-64/Image-1-4.9.59+git0+e7976b2aff-r0.2-lirc-rpi-20171120043031.dtbo
lrwxrwxrwx 2 bitbake bitbake 64 Nov 20 07:41 deploy/images/raspberrypi3-64/Image-lirc-rpi.dtbo -> Image-1-4.9.59+git0+e7976b2aff-r0.2-lirc-rpi-20171120043031.dtbo
lrwxrwxrwx 2 bitbake bitbake 64 Nov 20 07:41 deploy/images/raspberrypi3-64/lirc-rpi.dtbo -> Image-1-4.9.59+git0+e7976b2aff-r0.2-lirc-rpi-20171120043031.dtbo
I was getting:
-rw-r--r-- 2 bitbake bitbake 1348 Nov 20 10:28 deploy/images/raspberrypi3-64/Image-linux-raspberrypi-lirc-rpi.dtbo
lrwxrwxrwx 2 bitbake bitbake 37 Nov 20 10:28 deploy/images/raspberrypi3-64/Image-linux-raspberrypi-lirc-rpi-master-20171120102653.dtbo -> Image-linux-raspberrypi-lirc-rpi.dtbo
lrwxrwxrwx 2 bitbake bitbake 37 Nov 20 10:28 deploy/images/raspberrypi3-64/lirc-rpi.dtbo -> Image-linux-raspberrypi-lirc-rpi.dtbo
and e.g. sdcard_image-rpi.bbclass from meta-raspberrypi:
https://github.com/agherzan/meta-raspberrypi/blob/37e4e18f4a745ce8dc11f7e40a29da0859ff13c6/classes/sdcard_image-rpi.bbclass
was failing in:
mcopy -i ${WORKDIR}/boot.img -s ${DEPLOY_DIR_IMAGE}/${KERNEL_IMAGETYPE}-${DTB_BASE_NAME}.dtb ::${DTB_BASE_NAME}.dtb
because ${KERNEL_IMAGETYPE}-${DTB_BASE_NAME}.dtb doesn't exist in my
build, due to
DTB_SYMLINK_NAME=`echo ${symlink_name} | sed "s/${MACHINE}/${DTB_BASE_NAME}/g"`
not replacing whole "${KERNEL_IMAGE_SYMLINK_NAME}" (read ${MACHINE})
with just ${DTB_BASE_NAME}
* with this change applied the deploy dir looks like this:
-rw-r--r-- 2 bitbake bitbake 1.4K Nov 20 15:49 deploy/images/raspberrypi3-64/lirc-rpi-1-4.9.59+git0+e7976b2aff-r0.8-raspberrypi3-64-20171120154716.dtbo
lrwxrwxrwx 2 bitbake bitbake 74 Nov 20 15:49 deploy/images/raspberrypi3-64/lirc-rpi.dtbo -> lirc-rpi-1-4.9.59+git0+e7976b2aff-r0.8-raspberrypi3-64-20171120154716.dtbo
lrwxrwxrwx 2 bitbake bitbake 74 Nov 20 15:49 deploy/images/raspberrypi3-64/lirc-rpi-raspberrypi3-64.dtbo -> lirc-rpi-1-4.9.59+git0+e7976b2aff-r0.8-raspberrypi3-64-20171120154716.dtbo
and works correctly even with DISTRO using different naming scheme
* the sdcard_image-rpi.bbclass still needs to be modified, I've provided
updated version here:
https://github.com/agherzan/meta-raspberrypi/pull/159
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit 7e0e6c976396c1bc46ef3382d1d272c0ff2c765a) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Martin Jansa [Mon, 20 Nov 2017 15:43:07 +0000 (15:43 +0000)]
kernel-devicetree.bbclass: Use lowercase names for shell variables
* just to make it more clear what is local shell variable and what is
replaced by bitbake from the metadata and also to prevent the variable
to be incorrectly expanded by bitbake if someone happens to define
e.g. DTB_BASE_NAME
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
(cherry picked from commit 47dc3bd11b0fac9b50b6784aab3f3828d4ea957b) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Otavio Salvador [Thu, 21 Sep 2017 13:58:33 +0000 (10:58 -0300)]
kernel-devicetree.bbclass: Add support to generate append to kernel
The are use cases where the Device Tree appended to the kernel is
convinient, so we generate the bundle concatenating the kernel (and
potentionally the initramfs) and the Device Tree binaries.
To enable it, set KERNEL_DEVICETREE_BUNDLE variable to '1'
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit f044567326988e84e5d72040e9387c3240836ddb) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Otavio Salvador [Tue, 12 Sep 2017 20:36:06 +0000 (17:36 -0300)]
kernel: Move Device Tree support to kernel.bbclass
The Device Tree is commonly used but it is still kept as a .inc file
instead of a proper class. Instead now we move the Device Tree code to
a kernel-devicetree class and automatically enable it when the
KERNEL_DEVICETREE variable is set.
To avoid breakage in existing layers, we kept a linux-dtb.inc file
which raises a warning telling the user about the change so in next
release this can be removed.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 03a00be7f2062aefef0e51ef20a4c9737f6685e7) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Otavio Salvador [Tue, 5 Sep 2017 06:04:44 +0000 (03:04 -0300)]
kernel: Stop using update-alternatives
The update-alternatives where using relative links so not being really
in use since December 2016 (see OE-Core:c7bc46b9 "kernel: Fix
symlinks") so instead we now generate the relative symlinks during the
do_install task and drop the update-alternatives use at all.
Acked-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 10a1b293191268e6792ac8e27bd6427f1974c7ce) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
It is a small version of gpg which can only verify signatures. It
should be installable on its own. This matches the behaviour of
the gnupg 1.4 recipe, which was removed recently.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
package_manager/deb: let apt-get handle postinst scripts
With all required environment variables and configuration options in
apt.conf in place, apt-get is able to install packages offline, i.e.
when creating the rootfs, including the execution of postinst scripts
and updating the package database. This is new behaviour.
At the time the deleted code would have executed, its work was already
done by apt-get.
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
connman: Simplify and fix packaging of VPN plug-ins
- Use simple static packaging.
- Move VPN runtime dependencies from connman to the individual plug-ins.
- Create a connmann-ppp package containing libppp-plugin.so, which is
a shared library needed by l2tp and pptp plug-ins.
- Let connman suggest VPN packages instead of recommending them, so they
don't get installed by default.
- Remove unknown configure options (--with-pptp --with-l2tp)
Signed-off-by: Andreas Oberritter <obi@opendreambox.org>
Armin Kuster [Thu, 3 May 2018 16:00:59 +0000 (09:00 -0700)]
ruby: Update to 2.4.4
The dot releases are maint only.
2.4.4 included:
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
2.4.3 includes:
CVE-2017-17405: Command injection vulnerability in Net::FTP
Martin Jansa [Wed, 25 Apr 2018 14:07:05 +0000 (14:07 +0000)]
scripts/test-dependencies.sh: remove
* with RSS used in pyro this script isn't very useful anymore
* RSS makes sure that the dependencies are almost always deterministic
the only case known to me where dependencies are different based on
what was already built in TMPDIR are runtime dependencies resolved
by shlibs code in package.bbclass (which is using global pkgdata, not
specific to given recipe and its RSS) as described here:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=9217#c4
but for this case it's not worth running complete test-dependencies.sh
runs
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Martin Jansa [Wed, 25 Apr 2018 14:07:04 +0000 (14:07 +0000)]
sstate-diff-machines.sh: Replace MACHINE_ARCH only at the beginning and separated with dash
* I had some components where the MACHINE name was also included in PV of allarch recipe
which was tripping the script into saying that they have different signatures (because
for one MACHINE was the string in PV replaced with 'MACHINE' and not for other MACHINEs
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Ross Burton [Mon, 24 Jul 2017 20:34:49 +0000 (21:34 +0100)]
libpng: use SourceForge mirror
The Gentoo mirror also deletes old versions when they're not used, so revert
back to the canonical SourceForge site, adding /older-releases/ to MIRRORS to
handle new releases moving the version we want.
Original idea by Maxin B. John <maxin.john@intel.com>.
Daniel Díaz [Thu, 12 Apr 2018 22:55:08 +0000 (17:55 -0500)]
gdb: fix header ordering for TRAP_HWBKPT
This error can appear in gdb/nat/linux-ptrace.c because of
the order in which some headers are processed:
| In file included from ../../gdb-7.11.1/gdb/nat/linux-ptrace.c:20:0:
| ../../gdb-7.11.1/gdb/nat/linux-ptrace.h:175:22: error: expected identifier before numeric constant
| # define TRAP_HWBKPT 4
| ^
| Makefile:2357: recipe for target 'linux-ptrace.o' failed
| make[2]: *** [linux-ptrace.o] Error 1
| make[2]: *** Waiting for unfinished jobs....
| make[2]: Leaving directory '/oe/build/tmp-rpb-glibc/work/aarch64-linaro-linux/gdb/7.11.1-r0/build-aarch64-linaro-linux/gdb'
| Makefile:8822: recipe for target 'all-gdb' failed
| make[1]: *** [all-gdb] Error 2
| make[1]: Leaving directory '/oe/build/tmp-rpb-glibc/work/aarch64-linaro-linux/gdb/7.11.1-r0/build-aarch64-linaro-linux'
| Makefile:846: recipe for target 'all' failed
| make: *** [all] Error 2
A patch from GDB's current master solves the issue.
Armin Kuster [Fri, 23 Mar 2018 04:57:20 +0000 (21:57 -0700)]
distcc: Change SRC_URI
ERROR: distcc-3.2-r0 do_fetch: Fetcher failure: Unable to find revision d8b18df3e9dcbe4f092bed565835d3975e99432c in branch 3.2 even from upstream
ERROR: distcc-3.2-r0 do_fetch: Fetcher failure for URL: 'git://github.com/distcc/distcc.git;branch=3.2'. Unable to fetch URL from any source.
ERROR: distcc-3.2-r0 do_fetch: Function failed: base_do_fetch
[v2]
upstream deleted the branch and the hash no longer exists.
Took the git snapshot from yocto and created a copy on my github.
There was no offical 3.2 release, only rc versions.
Tanu Kaskinen [Wed, 21 Mar 2018 17:08:38 +0000 (19:08 +0200)]
e2fsprogs: fix compatibility with glibc 2.27
glibc 2.27 added function copy_file_range(), and e2fsprogs happens to
have a different function with the same name. The conflict made
e2fsprogs-native build fail.
Here's a backport of a fix from upstream, the fix was released in
e2fsprogs 1.43.8.
The master branch doesn't need this fix, since it has new enough
e2fsprogs version. At least rocko, pyro and morty need this, I haven't
checked older stable branches. Apparently the problematic function was
introduced in e2fsprogs version 1.43.
Niko Mauno [Fri, 16 Mar 2018 09:01:53 +0000 (11:01 +0200)]
package_manager.py: Explicit complementary fail
When running bitbake -c populate_sdk <image_name>, it is expected that
packages matching SDKIMAGE_INSTALL_COMPLEMENTARY name mask (unless
declared in PACKAGE_EXCLUDE_COMPLEMENTARY) are installed to resulting
SDK. Underlying mechanism issues a package manager install call for set
of complementary packages. However the mechanism doesn't seem to inform
the user all too obviously in case the package manager command behind
install_complementary() method fails -- and since it is combined with
attempt_only=True option, user might end up wondering why several *-dev,
*-dbg packages are missing from resulting SDK.
Improve associated install() method behaviour in affected OpkgPM and
DpkgPM classes so that a problematic state of affairs becomes directly
obvious for bitbake user, resulting in shell output like:
WARNING: someimage-1.0-r0 do_populate_sdk: Unable to install packages.
Command '...' returned 1:
Collected errors:
* Solver encountered 1 problem(s):
* Problem 1/1:
* - package somepkg-dev-1.0-r0.x86 requires somepkg = 1.0-r0, but
none of the providers can be installed
*
* Solution 1:
* - allow deinstallation of someotherpkg-1.1-r1.x86
* - do not ask to install a package providing somepkg-dev
* Solution 2:
* - do not ask to install a package providing somepkg-dev
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0d4459e7086fced5e9e0b4ad10378c9eddec56a8) Signed-off-by: Armin Kuster <akuster808@gmail.com>
Tanu Kaskinen [Sat, 31 Mar 2018 05:21:31 +0000 (08:21 +0300)]
libvorbis: CVE-2017-14632
Xiph.Org libvorbis 1.3.5 allows Remote Code Execution upon freeing
uninitialized memory in the function vorbis_analysis_headerout() in
info.c when vi->channels<=0, a similar issue to Mozilla bug 550184.
Tanu Kaskinen [Sat, 31 Mar 2018 05:21:30 +0000 (08:21 +0300)]
libvorbis: CVE-2017-14633
In Xiph.Org libvorbis 1.3.5, an out-of-bounds array read vulnerability
exists in the function mapping0_forward() in mapping0.c, which may lead
to DoS when operating on a crafted audio file with vorbis_analysis().
Ross Burton [Fri, 16 Mar 2018 11:28:32 +0000 (11:28 +0000)]
sdk: streamline locale removal
For some reason dnf is aborting with the fairly useless "failed to read RPMDB"
error during SDK creation. Luckily as we're just deleting locale packages we
can pass False to remove() to use RPM directly, which doesn't crash.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Ross Burton [Fri, 2 Mar 2018 20:52:54 +0000 (20:52 +0000)]
populate_sdk_base: depend on nativesdk-glibc-locale
If we're building a SDK and we're using glibc so may be installing locales,
add a build-dependency on natiesdk-glibc-locale so the locales we need will
exist.
Ross Burton [Thu, 1 Mar 2018 18:26:32 +0000 (18:26 +0000)]
populate_sdk: install UTF-8 locales in SDKs
As glibc 2.27 can't read older locale-archives, SDKs using glibc 2.27 on hosts
using glibc earlier than 2.27 won't be able to find any locales, so bitbake
won't start and Python can't use UTF-8.
So by default install all locales into the SDK. Special-case Extensible SDKs by
installing no locales as they ship glibc in a buildtools, and that will have the
locales.
Locale installation requires cross-localedef, so add that to DEPENDS.
Also remove the explicit en_US addition in buildtools-tarball as it is now
redundant.
Ross Burton [Thu, 1 Mar 2018 18:26:27 +0000 (18:26 +0000)]
glibc: relocate locale paths in nativesdk
nativesdk is built with a specific prefix but this will be different at install
time, however glibc hard-codes the path to locale files. Expand these strings to 4K and move them to a magic segment which we can relocate when the SDK is installed.
Niko Mauno [Mon, 29 Jan 2018 17:47:24 +0000 (19:47 +0200)]
bitbake.conf: Add comm to HOSTTOOLS
This mitigates following issues during u-boot do_compile() step --
otherwise, if comm is not available, they are quietly ignored:
.../scripts/check-config.sh: line 33: comm: command not found
.../scripts/check-config.sh: line 39: comm: command not found
Since 'comm' is provided by coreutils package, adding it to HOSTTOOLS
was considered a lower impact fix compared to adding coreutils-native
buildtime dependency to u-boot recipe.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Richard Purdie [Wed, 14 Mar 2018 16:52:18 +0000 (09:52 -0700)]
uninative: Add compatiblity version check
If glibc is newer on the host than in uninative, the failure mode is
pretty nasty for clusters where the sstate is shared, including the Yocto
Project autobuilder.
This check aborts the use of uninative in such scenarios where a newer
glibc version appears and avoids corruption of sstate caches.
We use ldd to check the glibc version since that is included in libc-bin
(or equivalent) which locales use so it should always be present.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
projects / thirdparty / openembedded / openembedded-core-contrib.git / log
