Age | Commit message (Collapse) | Author |
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
kernel.org now has a mirror of the downloads.yoctoproject.org sources
archive so include this in our mirrors list.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
We are still getting occassional failures to reproduce
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Previously if BUILD_REPRODUCIBLE_BINARIES was set to 0, the system would
fall back and select the default epoch (April 2011), but still perform
the reproducible build actions. This resulted in binaries that had an
unusually old date.
Simplify the functions and remove the anonymous python as no longer
necessary.
Also improve the documentation to better explain what the class is doing
and how a recipe can override the behavior if necessary.
Signed-off-by: Mark Hatle <mark.hatle@xilinx.com>
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1976013b026cfba94de32a13e994d92d7e9e39e5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This sstate task is only needed when depended upon, it can be skipped
if there are no tasks running that directly depend upon it.
This reduced the number of sstate tasks in something like an image
build.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 601cee016da5c7505915e26641a085714de175ce)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
When creating packages we build them with --clamp-mtime and use
SOURCE_DATE_EPOCH as the maximum mtime. This makes the end packages
reproducible. The data stored in sstate for do_package and the package
task doesn't benefit from this though and have varying timestamps.
This means their outhash varies and means hash equivalance isn't
effective at all and doesn't work as intended/desired.
We could create the sstate archives with the same clamping however
that would lead to different results depending on whether a task was
installed from sstate or not. Making that differ is a path to madness.
It also wouldn't fix the outhash of the task to be determninistic
without clamping of the date in the hash calculation code.
Instead, iterate over the files in sstate output and clamp them at
the code level. This isn't ideal but does make the file timestamps
determnistic everywhere and means we don't have to change the hash
calculation code.
This issue can be clearly seen looking at the do_package outhash for
a recipe which you then re-run the package task for after adding
something like whitespace to the install task. The outhash shouldn't
change but currently does.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c3b3cc4745811b48b9193f83889946b2e1788932)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This patch is a fixup for 676757f "sstate: fix touching files inside pseudo"
running the 'id' command inside the sstate_unpack_package
function shows that this funcion run inside the pseudo:
uid=0(root) gid=0(root) groups=0(root)
The check for [ -w ${SSTATE_PKG} ] and [ -O ${SSTATE_PKG}.siginfo ]
will always return true and the touch can fail when the real user
don't have permission or in readonly filesystem.
As the documentation refers:
- the file test operator "-w" check if the file has write permission
(for the user running the test).
- the file test operator "-O" check if you are owner of file
We can avoid this test running the touch and mask any return errors
that we have.
(From OE-Core rev: 29fc85997ade490ae46ffca37ef8e1a56957c876)
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5b9210d66c78bb3f79056e5586cea7b0edd714a9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
At the last nas outage, we realised that we don't have good mirrors of the
uninative tarball if our main system can't be accessed. kernel.org mirrors
some Yocto Project data so we've ensured uninative is there. Add the appropriate
mirror url to make use of that.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Update piglit to latest git revision and update the branch name,
since the original one is no longer updated. Make sure the VK
tests are only enabled if VK is also enabled in PACKAGECONFIG,
and that this is opt-in, otherwise older systems fail to build.
Cherry picked from squashed commits:
eb3a8d4c7b ("piglit: upgrade to latest revision")
a27b06f73a ("piglit: upgrade to latest revision")
bb091bc0be ("piglit: upgrade to latest revision")
394746d1cb ("piglit: upgrade to latest revision")
5aec8cff94 ("piglit: upgrade to latest revision")
fc4c82773d ("piglit: fix reproducibility")
6fbec0f12a ("piglit: update to latest revision")
8d23a0d498 ("piglit: upgrade to latest revision")
5144d515fe ("piglit: upgrade to latest revision")
dd085bd577 ("piglit: upgrade to latest revision")
9ba6df1b2c ("piglit: upgrade to latest revision")
1ccd71eb3e ("piglit: upgrade to latest revision")
Signed-off-by: Marek Vasut <marex@denx.de>
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Cc: Anuj Mittal <anuj.mittal@intel.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add fcntl64 wrapper which hopefully fixes issues seen in findutils and the find
command in the libtool removal code when built with LFS compile flags on Gentoo.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f26867fe4daec7299f59a82ae4a0d70cceb3e082)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Pulls in:
pseudo_db: Flush DB if there is a shutdown request
fcntl: Add support for fcntl F_GETPIPE_SZ and F_SETPIPE_SZ (test fix)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0882095d608ce3abbcc9814517434c21ea549063)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 73d3efbaeb2f412ab8d3491d2da3f3124fc009f3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since file-native is ASSUME_PROVIDED magic.mgc is not being staged. As
a result diffoscope-native is failing with:
magic.MagicException: b'could not find any valid magic files!
Fix this by adding dependency on file-replacement-native
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Add the missing rdepends to fix below error:
# python3
[snip]
>>> import magic
[snip]
ModuleNotFoundError: No module named 'ctypes'
ModuleNotFoundError: No module named 'tempfile'
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 115791844124bdddfbaec9d75bb887ef35c41f20)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8f08ca440b6c2ad3494808ffa4ec6091722c0339)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Diffoscope changed the --exclude-directory-metadata option to require an
argument.
Add a test to validate that diffoscope is functioning as
expected to ensure that future upgrades do not unintentionally break
the reproducibility tests.
[YOCTO #14025]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea8fbcb7978ce48d7a9a83143d09402329535f86)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Following the scripted conversion adding branches to git://
SRC_URI entries, add the remaining references, mainly in the selftests
and recipetool.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5340c0d688036c1be6c938f05d8a8c1e3b49ec38)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This update was made with the convert-scruri.py script in scripts/contrib
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This script handles two emerging issues:
1. There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
2. Github are dropping support for git:// protocol fetching, so remap github
urls as needed. For more details see:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 660f932c21fed410ad092ec610749e7090b6a324)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f171f4f528090fc108624de6049274aa4d4880eb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c479b8a810d966d7267af1b4dac38a46f55fc547)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00c590f50d6894089ff7ce8ad6e263431d9cc550)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7f4d11e8da6bb79232535c42ad41798a56162ac7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
License-Update: additional files
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8dac57dfed45a0d8a049473f2efc1711b56273a4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
License-Update: new firmware files, copyright years, file names
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bfceaba4f38771047dfdfdfdbf16b794006dfd78)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9ae740939f8315c64fe7571f912404127a29dc89)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0140df8724a1c73f7b62fbbbaee58c3eb119eeba)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Changed the following line from:
[drm] Cannot find any crtc or sizes - going 1024x768 > [drm] Cannot find any crtc or sizes
This will expand the coverage of the failure to also cover the case when fallback size is not set.
Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0569fa735458512d6e15aa3315218ecbdf8510a3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
The controller module loading code needs to be told what directories
to search for modules via the target_modules_path keyword argument, which
is set to BBPATH.
However, as the actual module loading is done via importlib this relies
on the paths being on sys.path, which it is as base.bbclass puts each
layer's lib/ in sys.path.
Simplify the code by removing this indirection, and simply search
sys.path directly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 570a19581f582f77e04d6892adb647cd649a6943)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Instead of using __import__() which is low-level and discouraged, use
importlib.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f501d22eab5dbd565f3f5783f4f484a6d1f70a2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0c192a97e3e1c015a48667d6903cc07a8b2620e4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
sstate has been sufficiently invalidated since this change was made, drop
the workaround now.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7a497d8f30f21bafc78d0f22f3442a9cc99544cb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If the function a ThreadedWorker is executing raises an exception, don't
use print() as that mostly disappears. Instead, output it to the logger.
This is done using bb.mainlogger.debug directly instead of bb.debug() as
this allows us to pass the exception instance directly, which is then
incorporated into the log stream.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f1ea25c222b344dd8b784b2bc73a6540ab30274)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since Python 3.8 visit_Num(), visit_Str() and so on are all deprecated
and replaced with visit_Constant. We can't yet remove the deprecated
functions until we require 3.8, but we can implement visit_Constant to
silence the deprecation warnings.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 875a944392a3c93f40081a14af357f70b6b8264f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Since Python 3.8 visit_Num(), visit_Str() and so on are all deprecated
and replaced with visit_Constant. We can't yet remove the deprecated
functions until we require 3.8, but we can implement visit_Constant to
silence the deprecation warnings.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit abc93390a3f19bc4cc159c5690a478b9e2270906)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If gpg is used, it will find the first gpg agent in the path, this
may lead to issues where gpg comes from the host, and the agent
comes from a gnupg-native due to package signing. The versions
being out of sync causes gpg to fail.
Signed-off-by: Daniel McGregor <daniel.mcgregor@vecima.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2b59fb9d52a405a32a1d069d4c5320b72fbd35ce)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Exceptions print more clearly using repr() instead of str(), fix
in fetch and unpack tasks.
Drop part of the test which no longer makes sense after this change.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c94816259cc1c09746353ad26ca0c811e0c962c2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
This code pattern isn't very pythonic, improve it to drop the unneeded
len() calls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 69376ac1a6147b26fe1abaa4cf68414024814d63)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If checkstatus returns an exception we should silently handle
FetchError, as this means the fetch failed for 'normal' reasons such as
file not found. However, other exceptions may be raised, and these
should be made visible.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 50d99faf88a1d82cbd939b9bd6e33ebed2b1ffd8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
If a recipe applies patches which are in machine-specific override
directories, devtool will fail to fetch the patches that don't match the
default configuration. For example where there are patches at
qemux86/x86.patch and qemuarm/arm.patch:
SRC_URI = "file://source"
SRC_URI_append_qemuarm = " file://arm.patch"
SRC_URI_append_qemux86 = " file://x86.patch"
The patch apply phase sets OVERRIDES but does not set FILESOVERRIDES, so
it cannot find the patch files as the search path isn't correct. Fix
this by setting FILESOVERRIDES too.
Also when iterating through the overrides we need to be sure that other
overrides that are used are not enabled, so extend no_overrides instead of
simply appending the current override.
Fixes most but not all of [ YOCTO #14060 ].
(From OE-Core rev: a372cdf8e175423c47faeecc98ad076ee26bbec8)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4a35bcc9d164ac038a31356a15a0f61ccdd38be2)
Signed-off-by: Enrico Jorns <ejo@pengutronix.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
running the 'id' command inside the sstate_create_package
function shows that this funcion run inside the pseudo:
uid=0(root) gid=0(root) groups=0(root)
The check for touch files [ ! -w ${SSTATE_PKG} ]
will always return true and the touch can fail
when the real user don't have permission or
in readonly filesystem.
As the documentation refers, the file test operator "-w"
check if the file has write permission (for the user running the test).
We can avoid this test running the touch and mask any return errors
that we have.
Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6e7445c94443544e92fda97a017ce93393c5f84)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
vim is vulnerable to Use After Free
Problem: Checking first character of url twice.
reference:
https://github.com/vim/vim/commit/35a9a00afcb20897d462a766793ff45534810dc3
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
CVE-2021-22897 is affecting only Windows, hence whitelisting this CVE.
Link: https://security-tracker.debian.org/tracker/CVE-2021-22897
Link: https://ubuntu.com/security/CVE-2021-22897
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
Signed-off-be: Steve Sakoman <steve@sakoman.com>
|
|
If an existing source date epoch file was found during do_unpack, it was
deleted and a new one would be written in its place. This causes a race
with check-before-use code in get_source_date_epoch_value. Resolve the
problem by making do_unpack write the new source date epoch to a
temporary file, then do an atomic rename to ensure it's always present,
and change the check-before-use code to use a EAFP exception instead of
checking for file existence.
[YOCTO #14384]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0b5e3b33187bf78a2d62cc886463e4b27d6bd228)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
SOURCE_DATE_EPOCH can be expanded early in the parsing process before
the class extensions are applied. This can mean the directory pointed
to for the SDE can be incorrect until later in parsing. Cache the file
name in the cached value and allow it to dynamically update.
This isn't ideal but avoding expansion of the variable likely isn't
possible and I'm not sure how else to handle this. This works around
the issue until a better solution can be found.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44dc97cd1223e4d2b635669627ec5f796838d42d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|