| Age | Commit message (Collapse) | Author |
|---|
|
* strip tmpdir prefix, so that we have shorter paths which aren't
builder specific
* use '#' for regexp delimiter so that we don't need to prefix
forward slashes in paths
* extend default whitelist to cover typical cases
* add parameter for external whitelist file
* use number of found paths as return code, so that CI can easily
report error when new untracked files are found
* use .txt suffix for all output files, so that they can be easily
viewed in browser
* add populate_sysroot task, because somewhere between dora and daisy
the populate-sysroot files in sstate-control were renamed to have
underscore instead of dash
* only few entries not covered by this default whitelist were found
in world build (but I'll leave these for people to whitelist, because
they are not generated in most builds)
* [^/]*/home/builder
home directory from meta/recipes-graphics/builder/builder_0.1.bb
* [^/]*/usr/src/kernel/patches
* [^/]*/usr/lib/gdk-pixbuf-2.0/.*/loaders.cache
3 places are using this, not sure which one creates it
meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb:
GDK_PIXBUF_MODULE_FILE=${STAGING_LIBDIR_NATIVE}/gdk-pixbuf-2.0/${LIBV}/loaders.cache
meta/recipes-gnome/gtk+/gtk-update-icon-cache-native_3.4.4.bb:
GDK_PIXBUF_MODULE_FILE=${STAGING_LIBDIR_NATIVE}/gdk-pixbuf-2.0/2.10.0/loaders.cache
scripts/postinst-intercepts/update_pixbuf_cache:
>$GDK_PIXBUF_MODULEDIR/../loaders.cache && \
sed -i -e "s:$D::g" $GDK_PIXBUF_MODULEDIR/../loaders.cache
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
failure detected
* this is useful when using from jenkins job where you don't want to read
output just to dectect how bad it was
* add .log suffix to all files, so they can be easily downloaded from
http servers without default mimetype set to something useful
* add recipes failed in step 1 to steps 2 and 3 to generate standalone
logs for them
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
failure detected
* add --analyze option, which is useful when using from jenkins job
where you don't want to read output just to dectect how bad it was
* I was always using something like this inside jenkins job, but better
to share it in original script
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The previous fix for this same issue (OE-Core rev
f31f6a70ec24e8c9515d69c5092e15effc5e7d4d) was not sufficient - we are
setting the PERLVERSION variable from the get_perl_version function, but
we're setting it using immediate expansion; thus the value is going into
the signature and is still different between the time the recipe is
cached on an empty TMPDIR and after perl is in the sysroot and we run
bitbake -S perf. We could remove the immediate expansion, but that would
mean the get_perl_version function would be called more often, so just set
vardepvalue on the PERLVERSION variable to fix the problem instead.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
|
* bluetooth.h is autodetected from sysroot and influences 2 python files:
/usr/include/python2.7/pyconfig-32.h
/usr/lib/python2.7/lib-dynload/_socket.so
* it doesn't link with bluez, so it wasn't detected by
test-dependencies.sh, but still causes undeterministic builds and
should be fixed
* we can use PACKAGECONFIG, but I don't expect many people to use bt
support in python-socket
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* building without x11 doesn't work, because it sets default
gdkbackend to x11 and then requires cairo-xlib to be available
* checking for CAIRO_BACKEND... no
configure: error: Package requirements (cairo-xlib >= 1.6) were not met:
No package 'cairo-xlib' found
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* has runtime dependency on TUNE_PKGARCH bash
Hash for dependent task bash_4.2.bb.do_packagedata changed from d6eafb155c37bc2da7327492afa449fb to 0ae080aaa92025af690cf16ef0cd2b7e
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* depends on TUNE_PKGARCH busybox and udev
Hash for dependent task busybox_1.20.2.bb.do_packagedata changed from b814437371de0c3253bdd3610c051f30 to 7dd9c851d5f7c675dd65cc7872c30743
Hash for dependent task udev_182.bb.do_packagedata changed from 1034300ce0e27d444e0e7d9e2a239605 to c13031b26b2a86dcf9bcce33b7823477
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* depends on some TUNE_PKGARCH recipes:
base-passwd, ppp_, shadow-sysroot, shadow
Hash for dependent task base-passwd_3.5.26.bb.do_populate_sysroot changed from ff08f0198f5424a21ccb61957325ffdf to d9d962e2d8c0d591b916ed68aa826efe
Hash for dependent task ppp_2.4.5.bb.do_populate_sysroot changed from 515251fb9d5196733f9b6ca0f6cc041b to 5cfb0b7b71f4440c3147da52c22234cc
Hash for dependent task shadow-sysroot_4.1.4.3.bb.do_populate_sysroot changed from 3e5bddc578887636c1809e4cdf28c1c2 to 8f03231a1d4bb1aea6c4adce1febc1b4
Hash for dependent task shadow_4.1.4.3.bb.do_populate_sysroot changed from 518f7edcba3545e5c60c3a13cef23169 to 7dbf1646de02a117bf0d573276b878c0
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* the recipe itself is allarch, but update-alternatives adds dependency on
virtual/${MLPREFIX}update-alternatives which can be TUNE_PKGARCH opkg
causing linux-firmware signature to be different for different TUNE_PKGARCHs
Hash for dependent task opkg_svn.bb.do_populate_sysroot changed from 8d215059308161841a84542dd1dcbf3a to 80b280c741c392cf5b30dd67b61dd56e
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* has build time dependency on TUNE_PKGARCH recipes:
bitbake-diffsigs sstate-diff/1383303628/*/all*/xuser-account/*do_configure*
Hash for dependent task base-passwd_3.5.26.bb.do_populate_sysroot changed from 09b3168865b6212269d4e5512a963b9e to ffa22dc51e42a164a7392ec719151629
Hash for dependent task shadow_4.1.4.3.bb.do_populate_sysroot changed from f426f0c93b2d341050b2547804645314 to 89bdbb151f8c200553c9a74e89504457
Hash for dependent task shadow-sysroot_4.1.4.3.bb.do_populate_sysroot changed from c42103fe54ac5109eab8de4fb0eb9a75 to f83f628e766fdbd49eb2a44cf6134339
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
* typical case where we inherit allarch and override PACKAGE_ARCH
are packagegroup recipes, but those need default dependencies
inhibited even when they are MACHINE_ARCH or TUNE_PKGARCH.
I don't know about any recipe which inherits allarch and needs
default dependencies.
* set empty TARGET_PREFIX
This has a bit weird reason caused by unsupported setup where
external-toolchain is used in some DISTRO only for some MACHINEs
and internal is used for other MACHINEs.
Because external-toolchain usually comes with different TARGET_PREFIX
it was causing allarch recipes to have different signatures even
when they don't use toolchain at all.
Empty TARGET_PREFIX also helps to find allarch recipes which still
have default dependency on e.g. virtual/${TARGET_PREFIX}gcc.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For dora, the systemtap-native do_compile failed on fedora21
...
| In file included from /usr/include/stdio.h:27:0,
| from tmp/work/x86_64-linux/systemtap-native/
2.3+gitAUTOINC+e58138572e-r0/git/staprun/staprun.h:18,
| from tmp/work/x86_64-linux/systemtap-native/
2.3+gitAUTOINC+e58138572e-r0/git/staprun/staprun.c:24:
| /usr/include/features.h:148:3: error: #warning "_BSD_SOURCE and
_SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Werror=cpp]
| # warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use
_DEFAULT_SOURCE"
...
We backport a patch from 2.6 to fix this issue
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The Makefile checks for zip during installation
[YOCTO #6699]
(From OE-Core rev: a6e8ced3fa8e8e2aa3df0798b80eb26e5ebc4b15)
(Backport to older version 20130503)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Changes to CONFFILES should change the sstate checksum. To make that happen,
it needs to be listed in the list of package specific variables, therefore
add it.
(From OE-Core rev: 9db71fa03b9d5f5307b2d09e7aa89f46f622aa09)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix for no-ssl3 configuration option
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix for session tickets memory leak.
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix for SRTP Memory Leak
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
OpenSSL_1.0.1 SSLV3 POODLE VULNERABILITY (CVE-2014-3566)
This patch is a backport from OpenSSL_1.0.1j.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277
See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278
(From OE-Core daisy rev: de596b5f31e837dcd2ce991245eb5548f12d72ae)
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
Follow up bash42-049 to parse properly function definitions in the
values of environment variables, to not allow remote attackers to
execute arbitrary code or to cause a denial of service.
See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6277
(From OE-Core daisy rev: 85961bcf81650992259cebb0ef1f1c6cdef3fefa)
Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7186
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7187
(From OE-Core daisy rev: 153d1125659df9e5c09e35a58bd51be184cb13c1)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix code execution via
specially-crafted environment
This patch changes the encoding bash uses for exported functions to avoid
clashes with shell variables and to avoid depending only on an environment
variable's contents to determine whether or not to interpret it as a shell
function.
(From OE-Core daisy rev: 6c51cc96d03df26d1c10867633e7a10dfbec7c45)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
|
|
The bash_4.2 recipe was missed when the fix was backported to the dora
branch.
Patch from OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc
by Khem Raj <raj.khem@gmail.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The bash_4.2 recipe was missed when the fix was backported to the dora
branch.
Patch based on the one from OE-Core master rev
798d833c9d4bd9ab287fa86b85b4d5f128170ed3 by Ross Burton
<ross.burton@intel.com>, with the content replaced from the
appropriate upstream patch.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is a followup patch to incomplete CVE-2014-6271 fix
code execution via specially-crafted environment
Change-Id: Ibb0a587ee6e09b8174e92d005356e822ad40d4ed
(From OE-Core master rev: 76a2d6b83472995edbe967aed80f0fcbb784b3fc)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
CVE-2014-6271 aka ShellShock.
"GNU Bash through 4.3 processes trailing strings after function definitions in
the values of environment variables, which allows remote attackers to execute
arbitrary code via a crafted environment."
(From OE-Core master rev: 798d833c9d4bd9ab287fa86b85b4d5f128170ed3)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
Prefix to EnvironmentFile should be preciding the filenamn.
(From OE-Core rev: 1f694e4cb493b0737b6009382c0957e6837ebbed)
Signed-off-by: Tobias Blom <tobias.blom@techne-dev.se>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Qt 4.8.5 was moved from http://download.qt-project.org/official_releases/qt/4.8/ to
http://download.qt-project.org/archive/qt/4.8/
Thi fix must be applied for dora and daisy branches.
Signed-off-by: Diego Sueiro <diego.sueiro@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* backported from 4.8.2, so daisy isn't affected
Signed-off-by: Martin Jansa <martin.jansa@lge.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* cairo-native was failing to build in gentoo with gcc-4.9 and LTO
enabled, more details in upstream bug
https://bugs.freedesktop.org/show_bug.cgi?id=77060
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Patches explain the issue in detail but this is exposed
with gcc 4.9 in binutils 2.23.2
(From OE-Core rev: fc5c467b680fc5aef4b0f689e6988e17a9322ae0)
(From OE-Core rev: 4dfb8847ebf8aab90ad8888933468e2899c96998)
(From OE-Core rev: af347d3298e15552d502d5b2ce497bbda9705bc7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: f0ec7f81c1951211f049c342fd6bd1cad424564a)
[YOCTO #6392]
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
`debugfs' treats spaces and "" specially. So when we are dealing with
file names, great care should be taken to make sure that `debugfs'
recognizes file names correctly.
The basic solution here is:
1. Use quotation marks to handle spaces correctly.
2. Replace "xxx" with ""xxx"" so that debugfs knows that the quotation
marks are parts of the file name.
[YOCTO #6503]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Scenario:
a) libtool script is built on system with bash as /bin/sh
b) machine B installs sstate from build a)
c) machine B has dash as /bin/sh
In this scenario, the script fails to work properly since its expecting
/bin/sh to have bash like syntax and it no longer does have it.
This patch forces the configure process to use /bin/bash, not /bin/sh
and hence allows the scripts to work correctly when used from sstate.
(From OE-Core rev: 24d5b449e5f4d91119f0d8e13c457618811aadfc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* some fundamental perf commands can work
without the dependency on perl, python or bash
make them separate packages and RSUGGEST them
* bump PR
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* TUI/GUI support was added in 2.6.35 based on libnewt
* since 3.10 slang replaced libnewt completly
* changing TUI_DEFINES is not necessary, because NO_NEWT is
still respected with newer kernels
* add comment about the gui history to the recipe
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The patch was sponsored by sysmocom
Signed-off-by: Henning Heinold <henning@itconsulting-heinold.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix the use of command dirname on ubuntu 12.04.
dirname does not accept space in file name.
Signed-off-by: Stéphane Cerveau <scerveau@connected-labs.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The SHA we use it actually on cross_prelink branch
if you do not use yocto source mirrors then the fetch
for prelink on dora fails due to missing branch in SRC_URI
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix populate-extfs.sh to keep file timestamps while generating the
ext file systems.
[YOCTO #6348]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
[YOCTO #6309]
It appears a logic issue has caused rpm -V to no longer
verify the files on the filesystem match what was installed.
(From OE-Core master rev: 117862cd0eebf6887c2ea6cc353432caee2653aa)
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
|
console-kit-log-system-start.service fails to to start if the
/var/log/ConsoleKit directory does not exist. Normally it is created
automatically but as we mount a tmpfs at /var/log, we need to add
a tmpfiles.d entry to create it.
(From OE-Core master rev: 2a9a14bf400fe0c263c58aa85b02aba7311b1328)
Signed-off-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
|
Martin Jansa
Paul Eggleton
Richard Purdie
Hongxu Jia
Alejandro Hernandez
Sona Sarmadi
Catalin Popeanga
Khem Raj
Ross Burton
Tobias Blom
Diego Sueiro
Martin Jansa
Roy Li
Chen Qi
Henning Heinold
Stéphane Cerveau
Mark Hatle
Jonathan Liu