The bzip.org domain expired and is now a holding site for adverts, so we can't
trust a tarball that appears on that site (luckily we have source checksums to
detect this).
For now, point SRC_URI at the tarball in the Yocto Project source mirror, but
set HOMEPAGE and UPSTREAM_CHECK_URI to the sourceware.org/bzip2/ page which
apparently will be resurrected as the new canonical home page.
(From OE-Core rev: 9e291d9923efc988abe8689c64bafbb29da06339)
(From OE-Core rev: aa427fd4a54f0f082705d86a487ecc601c725c3a)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this,
which can lead to problems if you have a URI that resolves to a path of / as
Bitbake will then dutifully checksum / recursively.
[ YOCTO #12883 ]
(From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8)
(From OE-Core rev: f6f54155420ae54a34f1ab87e76623c536adf2f9)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit d2aa88a6a92985f21414fceea2dc0facbf7f8779 was meant to backport build
dependencies on bc-native and openssl-native, but it also changed execution
of do_make_scripts() from calling make directly to using oe_runmake. That
change was made in master/sumo as part of a separate make-mod-scripts recipe.
Unfortunately, that doesn't work here in rocko in the context of module-base
class, as it gets executed inside out-of-tree module environment. Quite often
those out-of-tree modules provide own Makefile with custom EXTRA_OEMAKE var
defined. But do_make_scripts() gets executed within STAGING_KERNEL_DIR and
cannot simply use custom EXTRA_OEMAKE set by a module.
Move back to calling make and passing HOSTCC/HOSTCPP directly w/o using
EXTRA_OEMAKE.
For more details please see:
http://lists.openembedded.org/pipermail/openembedded-core/2018-August/154189.html
(From OE-Core rev: eb3eaa6970bb8c3647187593df23e2784dd26935)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Cc: Bruce Ashfield <bruce.ashfield@windriver.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Anuj Mittal <anuj.mittal@intel.com>
Cc: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In case something goes tragically wrong, catch a request to checksum / and
refuse.
(Bitbake rev: 8bd16328a9332c57b03198826e22b48fadcd21d9)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Opening a file in binary mode and iterating it seems like the simple solution
but will still break on newlines, which for binary files isn't really useful as
the size of the chunks could be huge or tiny.
Instead, let's be a bit more clever: we'll be MD5ing lots of files, but we don't
want to fill up memory: use mmap() to open the file and read the file in 8k
blocks.
(Bitbake rev: f3f28ec7e6cad5003014462feeb9178496107e08)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
poky.ent - updated variables for 2.4.4
mega-manual.sed - updated string from "2.4.3" to "2.4.4"
<manual>.xml - updated manual revision tables for 2.4.4 and
September 2018 date
(From yocto-docs rev: 1bba098ba20f2b1349ac840fd36f62de401f8701)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
affects: <= 1.1.14
CVE-2017-16612: Fix heap overflows when parsing malicious files
It is possible to trigger heap overflows due to an integer overflow
while parsing images and a signedness issue while parsing comments.
The integer overflow occurs because the chosen limit 0x10000 for
dimensions is too large for 32 bit systems, because each pixel takes 4 bytes.
Properly chosen values allow an overflow which in turn will lead to less
allocated memory than needed for subsequent reads.
The signedness bug is triggered by reading the length of a comment
as unsigned int, but casting it to int when calling the function
XcursorCommentCreate. Turning length into a negative value allows the
check against XCURSOR_COMMENT_MAX_LEN to pass, and the following
addition of sizeof (XcursorComment) + 1 makes it possible to allocate
less memory than needed for subsequent reads.
(From OE-Core rev: bdf13518e79ab949c4320226a399ee4a3913ee30)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It's possible that downloading file from updateserver fails. In
this case, we should error out instead of continue.
We have users reporting unexpected behavior of 'devtool sdk-update'.
When an invalid url is supplied, e.g., `devtool sdk-update http://invalid',
the program reports 'Note: Already up-to-date'.
This is obviously not expected. We should error out in such case.
(From OE-Core rev: 449564783dfb162536a2f772b3a8704973221e0f)
(From OE-Core rev: 4b022a62998e38dbefe1f882bcb9a229485ac9da)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Whenever perf got rebuilt, I was consistently getting errors such as
| find: '[...]/perf/1.0-r9/perf-1.0/plugin_mac80211.so': No such file or directory
| find: '[...]/perf/1.0-r9/perf-1.0/plugin_mac80211.so': No such file or directory
| find: find: '[...]/perf/1.0-r9/perf-1.0/libtraceevent.a''[...]/perf/1.0-r9/perf-1.0/libtraceevent.a': No such file or directory: No such file or directory
|
[...]
| find: cannot delete '/mnt/xfs/devel/pil/yocto/tmp-glibc/work/wandboard-oe-linux-gnueabi/perf/1.0-r9/perf-1.0/util/.pstack.o.cmd': No such file or directory
breaking the whole build. The root cause seems to be that the implicit
'make clean' done during do_configure ends up running in parallel, and
thus multiple find commands attempt to stat and/or delete the same
file.
A patch disabling parallelism for the clean target has been ack'ed
upstream (lkml.kernel.org/r/20180705134955.GB3686@krava), but it should
be harmless to pass JOBS=1 even with a fixed kernel. This can be removed
if and when all relevant -stable kernels have that patch.
(From OE-Core rev: bb58203b668df42fd08c2e5fa4a172cf63e37369)
(From OE-Core rev: d12722681a4c13c1a6bc9c965cc43c4544ce7aa9)
(From OE-Core rev: ad21736cf1be017af4b211b5cdd577cdf28dee20)
Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVES: CVE-2018-11236, CVE-2017-18269, CVE-2018-11237
LIC_FILES_CHKSUM for LICENSE changed do to removal of
"stdio-common/tst-printf.c is copyright C E Chew" text
changelog:
c9570bd x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]
86e0996 x86: Correct index_cpu_LZCNT [BZ #23456]
cf6deb0 conform/conformtest.pl: Escape literal braces in regular expressions
b12bed3 stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
20dc7a9 libio: Add tst-vtables, tst-vtables-interposed
4b10e69 Synchronize support/ infrastructure with master
762e9d6 NEWS: Reorder out-of-order bugs
2781bd5 libio: Disable vtable validation in case of interposition [BZ #23313]
74d16a5 Check length of ifname before copying it into to ifreq structure.
3aaf8bd getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
f958b45 Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
81b994b Fix parameter type in C++ version of iseqsig (bug 23171)
7b52c8a libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
4df8479 Add NEWS entry for CVE-2018-11236
a5bc5ec Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8 Add a test case for [BZ #23196]
6b4362f Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)
af7519f Fix path length overflow in realpath [BZ #22786]
365722a Fix stack overflow with huge PT_NOTE segment [BZ #20419]
be056fa Fix blocking pthread_join. [BZ #23137]
02f0dd8 Fix signed integer overflow in random_r (bug 17343).
3241353 i386: Fix i386 sigaction sa_restorer initialization (BZ#21269)
677e6d1 [BZ #22342] Fix netgroup cache keys.
71d339c Fix i386 memmove issue (bug 22644).
31e2d15 Fix crash in resolver on memory allocation failure (bug 23005)
1f7c474 getlogin_r: return early when linux sentinel value is set
7e7a5f0 resolv: Fully initialize struct mmsghdr in send_dg [BZ #23037]
(From OE-Core rev: 1c6b71d4ee2b12d1360d53740a1f00e05832d40d)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: cecd562742c94f223c92bf5426148967fc9a8054)
(From OE-Core rev: ce0554c6807b3a67bd770b172e81595797715e9e)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
One of the tarball mirrors is down; the other is blocked by Intel's corporate proxy
for being deemed 'suspicious' (the same problem might pop up in other
companies as well). Let's just take the source from github.
(From OE-Core rev: 69f60f6ef9061760643d6b4e378052ddad424754)
(From OE-Core rev: b5d9098b2df889c7394296eeab1fc4fab036e704)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without this compiles of 4.13 and later kernels fail.
Backport from https://github.com/cryptodev-linux/cryptodev-linux
Based on commit f0d69774afb27ffc62bf353465fba145e70cb85a
(From OE-Core rev: 317fd9814653ee22496dda63a02e628e8a16899b)
(From OE-Core rev: 8894f352fd1f2a087528808cc3dc52d7a5cc72bd)
Signed-off-by: Daniel Schultz <d.schultz@phytec.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This can fail for target, not just native.
(From OE-Core rev: 747c7dc8702d2241475894876d06a2f1f2b29fed)
(From OE-Core rev: 0d4ccd6eac41c878b5a9eec10e1a00b76241b846)
(From OE-Core rev: 7786a7d99cfe1695b4a1017021dee826b4994167)
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch tool will apply patches by default with "fuzz", which is where if the
hunk context isn't present but what is there is close enough, it will force the
patch in.
Whilst this is useful when there's just whitespace changes, when applied to
source it is possible for a patch applied with fuzz to produce broken code which
still compiles (see #10450). This is obviously bad.
We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For
that to be realistic the existing patches with fuzz need to be rebased and
reviewed.
(From OE-Core rev: 68d567bd64debc3dfb37df3c814287549da56a3b)
(From OE-Core rev: d2882641a0b4df887c0af974ce36ff50834b7f29)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* perf is failing to build for me since this oe-core commit:
commit 9b38c824961fc9dce51bda95c25dac91a69fc64f
Author: Hongxu Jia <hongxu.jia@windriver.com>
Date: Tue Apr 24 11:33:47 2018 +0800
perf: make a copy of kernel source to perf workdir
the problem is that perf sources in kernel older than 4.8 (in my case
4.4) are depending on the "global" include headers outside tools
directory, e.g. swab.h in:
kernel-source/tools$ git grep swab.h
perf/MANIFEST:include/linux/swab.h
perf/MANIFEST:include/uapi/linux/swab.h
perf/util/include/asm/byteorder.h:#include "../../../../include/uapi/linux/swab.h"
this was resolved in 4.8 with:
commit 7e3f36411342a54f1981fa97b43550b8406a3d69
Author: Arnaldo Carvalho de Melo <acme@redhat.com>
Date: Mon Jul 18 17:42:16 2016 -0300
perf tools: Remove tools/perf/util/include/asm/byteorder.h
Not used anymore. This also stops include linux/swab.h directly
from the kernel sources, remove that reference from the MANIFEST.
and few more changes to make tools/include more complete and standalone:
tools/include in 4.15:
asm asm-generic linux tools trace uapi
tools/include in 4.4:
asm asm-generic linux tools
but copying the include header even for kernels which don't really
need it doesn't add big overhead, so just copy include to perf sources
for all kernels.
(From OE-Core rev: 19fb2d11a8bb3c6dfdd5edc1b9155d642dc0f5e0)
(From OE-Core rev: 7950b1ed077eaecff1523221c297158aa54b7ecf)
(From OE-Core rev: c2fa80c4cfedd993d07b20db0315e91f9481d11c)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Since perf contaminates linux shared workdir, it probably caused
kernel-devsrc compile failure at world build.
...
|0 blocks
|cpio: ./tools/perf/arch/arm/util/sedr7ORqk: Cannot stat:
No such file or directory
|0 blocks
...
cpio tried to find a file at ${S}/tools/perf and failed
if the input list is not valid.
Make a copy of kernel shared source directory into a perf workdir
could fix the issue.
Drop `Fix for rebuilding' which is obsolete
[YOCTO #10880]
(From OE-Core rev: 9b38c824961fc9dce51bda95c25dac91a69fc64f)
(From OE-Core rev: 1a39330bf79f3d36a1a0f6d34b421de53ff36405)
(From OE-Core rev: 6f9117c0bceeedbfce08647825edf86966457bfc)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
perf needs audit-python to be able to show syscall names and for
'perf trace' to work.
Enable dependency on audit-python if present in PACKAGECONFIG. It's
disabled by default since audit as of now is in meta-selinux.
Fixes [YOCTO #3343]
Fixes [YOCTO #3358]
(From OE-Core rev: c386abacae89a148e77ffa51630c7917e90406f9)
(From OE-Core rev: 5b7550a62fa0fa7892c28ae920ee243c223bf3c2)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
