To make the native python3 always used,
- Use sed one-liner instead
- Add substitution for ${S}/scripts/bpf_helpers_doc.py to fix the
following warning.
File "/usr/lib/python3.6/sysconfig.py", line 421, in _init_posix
_temp = __import__(name, globals(), locals(), ['build_time_vars'], 0)
ModuleNotFoundError: No module named '_sysconfigdata'
This issue is first reported by Joel Stanley <joel@jms.id.au>
The sed one-liner is credited to Anuj Mittal <anuj.mittal@intel.com>
(From OE-Core rev: 3f93173130a94310255389cfc62c67102a4fb21b)
(From OE-Core rev: c0bcc24ccc6d769935d7fa202a1405250d94e342)
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3a1a18ba9d28adb5562eabe9ec354f6d93154f5c)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In kernel 5.5+ there are python3 scripts that explicitly use
/usr/bin/python3 as the interpreter. That will find the host
python and produce undefined results.
We add that interpreter path to our substitutions to ensure
that our sysroot variant is used.
(From OE-Core rev: 103316d50d4947b3c3500eb5cbc4845702a62d22)
(From OE-Core rev: 3269e3d2d0258ac3788ed63fa46df4d4aae33b1e)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e5c4f3127521607742f7cdf62481b64cf4d3e828)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Utils can not detect GCC 10 correctly due to wrong regex.
It generates this error "ERROR: Can't get compiler version from gcc --version output"
Sub-version numbers should be 1 or more digits instead of 1 only.
(From OE-Core rev: d9e58aff76edf1f5fdc31785fd81fae2c7c508c8)
Signed-off-by: Charles-Antoine Couret <charles-antoine.couret@mind.be>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 186fe4a3d390a52b87282c3e694ce3251e45ee78)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: f12ea255a24d60c625d4e6ab4de0633df49679a5)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
[Rebased for v3.7.8]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We were seeing a ton of empty perl modules being created such as
"perl-module-x86-64-linux-encoding" where the name would include
${TARGET_ARCH}-linux. These files were already being filtered in an
earlier do_split_packages() expression so exclude them from the latter
one to remove the pointless empty modules in PACKAGES.
This doesn't explain why some were not deterministic but will recude
the do_package execution time and clean up the build directories
at the very least.
(From OE-Core rev: 5aaf9d3a748cbad17a4a3e5d9715ac2f289b007d)
(From OE-Core rev: 6103cc314520280e55366d00657723e90f609d70)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9f1a959d9831f43dda656e3b0c4d059db3363877)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix only updates.
suitable for Stable branch updates where applicable.
Drop CVE patches included in update
LIC_FILES_CHKSUM update copyright year to 2020
Full changes found at : https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11/CHANGES
(From OE-Core rev: c672d2b6c98607f1fda917f4a3189a53712e8fc2)
(From OE-Core rev: 74aacd292387f9a2c36381080ade5537af1d3d9e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit a6ba66cf5e754cdcd41f01d233fbef7b94a10225)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop backports.
Drop 0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch and
0001-lib-dns-gen.c-fix-too-long-error.patch as problem is fixed
upstream.
(From OE-Core rev: 6965ec5c491e71d5951dfb58fc060bd0b717e33d)
(From OE-Core rev: 3f723af6059fbfed6dac0c281f212b9a02c3e026)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This changeset fixes a feature regression in ubiformat. Older versions
of ubiformat, when invoked with a flash-image, would return 0 in the
case no error was encountered. Upon upgrading to latest, it was
discovered that ubiformat returned 255 even without encountering an
error condition.
This changeset corrects the above issue and causes ubiformat, when given an
image file, to return 0 when no errors are detected.
Backport fix from 2.1.2
(From OE-Core rev: 3ee98b6c9ddd1dd0825245ca672236b7befb9859)
(From OE-Core rev: e10f007c165ed974a0cd4d46934cd4708661aaf5)
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
(cherry picked from commit 7ebacd9cbaec98fbc406e8ae99c9805a24fdadc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Postinst script from xorg-font-common.inc doesn't apply to this recipe.
So clear the postinst script of encodings.
(From OE-Core rev: ba94c908b99713ce115e9240df525c6442a60c7a)
(From OE-Core rev: 19c87007f6f92dc94db19e3c23ad06e09f397abe)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit 99ae6dbb7278dfd264453af852c108fa56a0d4e3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Remove service templates wpa_supplicant-nl80211@.service and
wpa_supplicant-wired@.service from SYSTEMD_SERVICE that they should NOT
be started/stopped by calling 'systemctl' in postinst and prerm scripts.
(From OE-Core rev: 7910a0d6f332253608767a9576a0d521dd87efd7)
(From OE-Core rev: c6c26311e846a688f2981b541be0966c73cd69d8)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit fe9b8e50461ab00ab3ad8b065ebd32f0eea2a255)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
vim will abort in many places with this setting. Replace
it with the benign _FORTIFY_SOURCE=1.
(From OE-Core rev: d9de155f6452f916edd3131addd0c2eebaf4d639)
(From OE-Core rev: db1e93c33150e712b90e81450fd2e161ea2fad08)
Signed-off-by: Joe Slater <joe.slater@windriver.com>
(cherry picked from commit 18129cbaeddb3278efe9963718556e3765f06c1e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
patchelf can corrupt shared libraries if the program headers don't
immediately follow the elf header. Add a patch submitted upstream
to address this.
(From OE-Core rev: faaf5f34332290708f3720a5488b3d1549d9e95a)
(From OE-Core rev: 1969b67592bf1cfb0088f89ecde516abf614238f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e7811c787bbe2f5d49b3506309499acc27189988)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In the generated cve.log files, include the epoch in the product
version. This better matches how versions are displayed elsewhere,
in particular the bb.warn("Found unpatched CVE...") that appears
on the terminal when CVEs are found.
(From OE-Core rev: 99f6de1c74b581054c74c6b4598a5d47facc9964)
(From OE-Core rev: a8b69927485acbe504fcd75dc2cafc4c550cb66a)
Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
(cherry picked from commit e1c3c0b6e5b01304e2127f5058986697e82adf93)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Certain recipes e.g. bash readline ( from meta-gplv2 ) download patches instead of having them in
metadata, this could fail cve_check
ERROR: readline-5.2-r9 do_cve_check: File Not found: qemuarm/build/../downloads/readline52-001
This patch ensures that download is done before running CVE scan, even
though these will be external patches and may not contain CVE tags as it
expects, but it will fix the run failures as seen above
(From OE-Core rev: dbf143d79476e54e8da93101fc16eaedeec88362)
(From OE-Core rev: 4b65abc70e84187f666e2ea2ab4dcf6bf7216658)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e406fcb6c609a0d2456d7da0d2406d2d9fa52dd2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
file-native when built on a Debian 10 host will embed a dependency to
'libbz2.so.1.0' (instead of 'libbz2.so.1'). This can cause issues
when sharing the sstate between hosts e.g.:
recipe-sysroot-native/usr/lib/rpm/rpmdeps:
error while loading shared libraries: libbz2.so.1.0: \
cannot open shared object file: No such file or directory
To avoid this situation, let's add the bzip2-replacement-native to the
file recipe's DEPENDS_class-native .
Details in https://bugzilla.yoctoproject.org/show_bug.cgi?id=13915 .
(From OE-Core rev: 5a2bc3bfa9e1a4f37b6e26a5c40a4a9c025d03f1)
(From OE-Core rev: 693caddd3b62d0bcb76ec6d3d6faa6561b763598)
Signed-off-by: Jan-Simon Moeller <dl9pf@gmx.de>
(cherry picked from commit 4a996574464028bd5d57b90920d0887d1a81e9e9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It fails to build gcr if no commmand gpg on build host:
| meson.build:44:0: ERROR: Program(s) ['gpg2', 'gpg'] not found or not executable
Add dependency gnupg-native to fix the error.
(From OE-Core rev: da7360247995d7c8e79dfcaa0c0761952a9013f1)
(From OE-Core rev: 034f09ebd90a03a2775b44750951ce7a22e00564)
Signed-off-by: Kai Kang <kai.kang@windriver.com>
(cherry picked from commit e4a6eda4c246b2bca059defed796bdab19a7ab5f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libpam does not support 'obscure' checks to password,
there are the same checks in pam_cracklib module.
And this fix can remove the below error message while
updating password with 'passwd':
pam_unix(passwd:chauthtok):unrecognized option[obscure]
(From OE-Core rev: f5b90eeed7366432b39c7cd8c6ee8c23e2d4abe8)
Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ea761dbac90be77797308666fe1586b05e3df824)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rewrite relocatable_native_pcfiles() so that it can handle that any of
the checked pkgconfig directories are empty without causing an
exception.
(From OE-Core rev: d449e6b536c197b6723dab1d61e989706c14f19c)
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f9c5df6dc1c13e9b05ff1b47ad84ad339f6779a4)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Starting from v5.8-rc1 commit 269a535ca931 (modpost: generate
vmlinux.symvers and reuse it for the second modpost"), kernel will
generate new vmlinux.symvers instead of dumping all the vmlinux symbols
into Module.symvers in the first pass.
Error log:
'run.do_shared_workdir.16614' failed with exit code 1:
DEBUG: cp: cannot stat 'Module.symvers': No such file or directory
This change will check the file Module.symvers existence before copying it.
(From OE-Core rev: 03248953d1eacede00971289dc9fff8d97d00464)
Signed-off-by: Lili Li <lili.li@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cd2d62a08a1dfcd890a03ee55132b6d6c65f5ab7)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libjpeg-turbo 2.0.4 has a heap-based buffer over-read
in get_rgb_row() in rdppm.c via a malformed PPM input file.
Upstream-Status: Backport
[3de15e0c34]
CVE:CVE-2020-13790
(From OE-Core rev: 90f4e2f299d8cd6c839b73307dc7b0ec3d389294)
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously the readline module would have been built regardless of
readline's presence in the sysroot, and the recipe would
fail at package_qa.
(From OE-Core rev: 4a4413aa521f35414d94f883a74aec3beb628a9a)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The use case is building a gpl3-free image, without having
to rely on outdated recipes from meta-gplv2 layer.
(From OE-Core rev: 033a63507d1ccd423b8023575729ff089614303b)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream is unavailable, breaking tests. Switch to a YP mirror since
if we can't reach that there are bigger problems. This should remove
a source of intermittent failures on the autobuilder.
(Bitbake rev: fd279f857c98d492f43cc62d9ebae18ce6412b6e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The example service files are placed into /etc/avahi/services when we
run `make install` for avahi. This results in ssh and sftp-ssh services
being announced by default even if no ssh server is installed in an
image.
These example files should be moved away to another location such as
/usr/share/doc/avahi (taking inspiration from Arch Linux).
(From OE-Core rev: 3d8fdfc57d7fd846c8668daf730cf820ea5ecb13)
Signed-off-by: Paul Barker <pbarker@konsulko.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1. They need to be run under regular user.
2. Some tests genuinely need more time than 30 seconds
3. The Makefile patch erroneously introduced a test-breaking change.
(From OE-Core rev: 3d6bf58c7080c1cacf3ed1f270ff5acf4858c790)
(From OE-Core rev: 7bc11ef93b02ff3b223fc0b3b730ce7b06181156)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a5e90281ac211e912ec6bfd6873e56152ec8bd4e)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
New releases of ICU are published on github.
(From OE-Core rev: c90113c61877b35211878286cd3b60a36b8c8684)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
