diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-25 17:41:34 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-25 17:41:44 +0300 |
| commit | 6dbb316ab9052d4dbf158377e1ffe36f205d5477 (patch) | |
| tree | 721c5dfa7946f5188240620aa7d138f8a688e9f7 /poky | |
| parent | 8410d61f39efb52ffab1dc89efb05ca3ae837907 (diff) | |
| download | openbmc-6dbb316ab9052d4dbf158377e1ffe36f205d5477.tar.xz | |
poky: subtree update:a616ffebdc..9052e5b32a
Adrian Bunk (1):
bind: Whitelist CVE-2019-6470
Alexander Kanavin (13):
python: update to 2.7.17
tiff: update to 4.1.0
librepo: upgrade 1.10.6 -> 1.11.0
btrfs-tools: upgrade 5.3 -> 5.3.1
psmisc: update to 23.3
libxslt: update to 1.1.34
Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
mpg123: upgrade 1.25.12 -> 1.25.13
vala: upgrade 0.46.3 -> 0.46.4
sysstat: upstream version check is working again
cairo: the component is dual licensed
selftest: check that 'devtool upgrade' correctly drops backported patches
runqemu: add options that enable virgl with the SDL frontend
Alistair Francis (1):
mesa: Upgrade to 19.2.4
Anuj Mittal (7):
boost: fix build for x32
rng-tools: upgrade 6.7 -> 6.8
harfbuzz: upgrade 2.6.1 -> 2.6.4
libsolv: upgrade 0.7.6 -> 0.7.8
sqlite3: upgrade 3.30.0 -> 3.30.1
stress-ng: upgrade 0.10.08 -> 0.10.10
glib-2.0: upgrade 2.62.1 -> 2.62.2
Armin Kuster (9):
oeqa/manual/bsp-hw: remove rpm -ivh test
oeqa/runtime/boot: add reboot test
oeqa/manual/bsp-hw: remove reboot test
oeqa/manual/bsp-hw: move storage tests to runtime
oeqa/manual/bsp-hw: remove usb and SDmicro tests
manual/bsd-hw: remove bash tests
oeqa/manual/compliance-test: remove crashme tests
oeqa/manual/compliance-test: move crashme to runtime
/oeqa/manual/compliance-test: remove obsolete test
Chee Yang Lee (2):
wic: rm with -r flag support
selftest/wic: test wic rm with -r flag
Denys Dmytriyenko (1):
distro_features_check: expand with MACHINE_FEATURES and COMBINED_FEATURES, rename
Kai Kang (1):
systemd: remove ${PN}-xorg-xinitrc
Khem Raj (1):
webkitgtk: Remove clang specific option
Paul Barker (1):
cdrtools-native: Don't set uid/gid during install
Paul Eggleton (1):
devtool: fix devtool upgrade with reproducible_builds class
Richard Purdie (10):
oeqa/devtool: Avoid unbound variable errors
recipetool/create: Fix to work with reproducible_builds
opkg: Add upstream fixes for empty packages
opkg-utils: Fix silent empty/broken opkg package creation
core-image-full-cmdline: Add less
bitbake: fetch2/clearcase: Fix warnings from python 3.8
bitbake: runqueue: Fix hash equivalence duplicate tasks running
sanity: Add check for tar older than 1.28
oeqa/selftest/sstatetests: Ensure we don't use hashequiv for sstatesigs tests
package_ipk: Remove pointless comment to trigger rebuild
Ross Burton (8):
cve-update-db-native: don't hardcode the database name
cve-update-db-native: add an index on the CVE ID column
cve-update-db-native: clean up proxy handling
cve-check: rewrite look to fix false negatives
cve-check: neaten get_cve_info
cve-check: fetch CVE data once at a time instead of in a single call
bitbake: tests: add test for the hashing functions
bitbake: utils: also use mmap for SHA256 and SHA1, for performance
Yi Zhao (1):
bitbake: contrib/vim/indent/bitbake.vim: move it to correct directory
Change-Id: I526155f21145180c764252a2ae5bfba33def10ff
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky')
175 files changed, 1255 insertions, 2567 deletions
diff --git a/poky/bitbake/bitbake/contrib/vim/indent/bitbake.vim b/poky/bitbake/contrib/vim/indent/bitbake.vim index 138103409..138103409 100644 --- a/poky/bitbake/bitbake/contrib/vim/indent/bitbake.vim +++ b/poky/bitbake/contrib/vim/indent/bitbake.vim diff --git a/poky/bitbake/lib/bb/fetch2/clearcase.py b/poky/bitbake/lib/bb/fetch2/clearcase.py index 3dd93ad6b..e2934ef9f 100644 --- a/poky/bitbake/lib/bb/fetch2/clearcase.py +++ b/poky/bitbake/lib/bb/fetch2/clearcase.py @@ -145,18 +145,18 @@ class ClearCase(FetchMethod): basecmd = "%s %s" % (ud.basecmd, command) - if command is 'mkview': + if command == 'mkview': if not "rcleartool" in ud.basecmd: # Cleartool needs a -snapshot view options.append("-snapshot") options.append("-tag %s" % ud.viewname) options.append(ud.viewdir) - elif command is 'rmview': + elif command == 'rmview': options.append("-force") options.append("%s" % ud.viewdir) - elif command is 'setcs': + elif command == 'setcs': options.append("-overwrite") options.append(ud.configspecfile) diff --git a/poky/bitbake/lib/bb/runqueue.py b/poky/bitbake/lib/bb/runqueue.py index 8622738fd..26492e708 100644 --- a/poky/bitbake/lib/bb/runqueue.py +++ b/poky/bitbake/lib/bb/runqueue.py @@ -2303,16 +2303,22 @@ class RunQueueExecute: for tid in changed: if tid not in self.rqdata.runq_setscene_tids: continue + if tid not in self.pending_migrations: + self.pending_migrations.add(tid) + + for tid in self.pending_migrations.copy(): if tid in self.runq_running: + # Too late, task already running, not much we can do now + self.pending_migrations.remove(tid) continue - if tid in self.scenequeue_covered: + + if tid in self.scenequeue_covered or tid in self.sq_live: + # Already ran this setscene task or it running # Potentially risky, should we report this hash as a match? logger.info("Already covered setscene for %s so ignoring rehash" % (tid)) + self.pending_migrations.remove(tid) continue - if tid not in self.pending_migrations: - self.pending_migrations.add(tid) - for tid in self.pending_migrations.copy(): valid = True # Check no tasks this covers are running for dep in self.sqdata.sq_covered_tasks[tid]: diff --git a/poky/bitbake/lib/bb/tests/utils.py b/poky/bitbake/lib/bb/tests/utils.py index f4adf1d44..5c910b4b8 100644 --- a/poky/bitbake/lib/bb/tests/utils.py +++ b/poky/bitbake/lib/bb/tests/utils.py @@ -103,6 +103,32 @@ class Path(unittest.TestCase): result = bb.utils._check_unsafe_delete_path(arg1) self.assertEqual(result, correctresult, '_check_unsafe_delete_path("%s") != %s' % (arg1, correctresult)) +class Checksum(unittest.TestCase): + filler = b"Shiver me timbers square-rigged spike Gold Road galleon bilge water boatswain wherry jack pirate. Mizzenmast rum lad Privateer jack salmagundi hang the jib piracy Pieces of Eight Corsair. Parrel marooned black spot yawl provost quarterdeck cable no prey, no pay spirits lateen sail." + + def test_md5(self): + import hashlib + with tempfile.NamedTemporaryFile() as f: + f.write(self.filler) + f.flush() + checksum = bb.utils.md5_file(f.name) + self.assertEqual(checksum, "bd572cd5de30a785f4efcb6eaf5089e3") + + def test_sha1(self): + import hashlib + with tempfile.NamedTemporaryFile() as f: + f.write(self.filler) + f.flush() + checksum = bb.utils.sha1_file(f.name) + self.assertEqual(checksum, "249eb8fd654732ea836d5e702d7aa567898eca71") + + def test_sha256(self): + import hashlib + with tempfile.NamedTemporaryFile() as f: + f.write(self.filler) + f.flush() + checksum = bb.utils.sha256_file(f.name) + self.assertEqual(checksum, "fcfbae8bf6b721dbb9d2dc6a9334a58f2031a9a9b302999243f99da4d7f12d0f") class EditMetadataFile(unittest.TestCase): _origfile = """ diff --git a/poky/bitbake/lib/bb/utils.py b/poky/bitbake/lib/bb/utils.py index d035949b3..8d40bcdf8 100644 --- a/poky/bitbake/lib/bb/utils.py +++ b/poky/bitbake/lib/bb/utils.py @@ -520,22 +520,26 @@ def unlockfile(lf): fcntl.flock(lf.fileno(), fcntl.LOCK_UN) lf.close() -def md5_file(filename): - """ - Return the hex string representation of the MD5 checksum of filename. - """ - import hashlib, mmap +def _hasher(method, filename): + import mmap with open(filename, "rb") as f: - m = hashlib.md5() try: with mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ) as mm: for chunk in iter(lambda: mm.read(8192), b''): - m.update(chunk) + method.update(chunk) except ValueError: # You can't mmap() an empty file so silence this exception pass - return m.hexdigest() + return method.hexdigest() + + +def md5_file(filename): + """ + Return the hex string representation of the MD5 checksum of filename. + """ + import hashlib + return _hasher(hashlib.md5(), filename) def sha256_file(filename): """ @@ -543,24 +547,14 @@ def sha256_file(filename): filename. """ import hashlib - - s = hashlib.sha256() - with open(filename, "rb") as f: - for line in f: - s.update(line) - return s.hexdigest() + return _hasher(hashlib.sha256(), filename) def sha1_file(filename): """ Return the hex string representation of the SHA1 checksum of the filename """ import hashlib - - s = hashlib.sha1() - with open(filename, "rb") as f: - for line in f: - s.update(line) - return s.hexdigest() + return _hasher(hashlib.sha1(), filename) def preserved_envvars_exported(): """Variables which are taken from the environment and placed in and exported diff --git a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1-1.5.3/backported.patch b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1-1.5.3/backported.patch new file mode 100644 index 000000000..c4f3f1266 --- /dev/null +++ b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1-1.5.3/backported.patch @@ -0,0 +1,37 @@ +commit ced2ec32b657a7f52604b2e16e5d5881041c517a +Author: OpenEmbedded <oe.patch@oe> +Date: Mon Nov 18 18:43:15 2019 +0100 + + Backport of the NEWS file from version 1.6.0 + +diff --git a/doc/NEWS b/doc/NEWS +index 69793fc..fd49b1c 100644 +--- a/doc/NEWS ++++ b/doc/NEWS +@@ -1,3 +1,26 @@ ++1.6.0 - 15 March 2015 ++ - fix lstat64 support when unavailable - separate patches supplied by ++ Ganael Laplanche and Peter Korsgaard ++ - (#1506) new option "-D" / "--delay-start" to only show bar after N ++ seconds (Damon Harper) ++ - new option "--fineta" / "-I" to show ETA as time of day rather than time ++ remaining - patch supplied by Erkki Seppälä (r147) ++ - (#1509) change ETA (--eta / -e) so that days are given if the hours ++ remaining are 24 or more (Jacek Wielemborek) ++ - (#1499) repeat read and write attempts on partial buffer fill/empty to ++ work around post-signal transfer rate drop reported by Ralf Ramsauer ++ - (#1507) do not try to calculate total size in line mode, due to bug ++ reported by Jacek Wielemborek and Michiel Van Herwegen ++ - cleanup: removed defunct RATS comments and unnecessary copyright notices ++ - clean up displayed lines when using --watchfd PID, when PID exits ++ - output errors on a new line to avoid overwriting transfer bar ++ ++1.5.7 - 26 August 2014 ++ - show KiB instead of incorrect kiB (Debian bug #706175) ++ - (#1284) do not gzip man page, for non-Linux OSes (Bob Friesenhahn) ++ - work around "awk" bug in tests/016-numeric-timer in decimal "," locales ++ - fix "make rpm" and "make srpm", extend "make release" to sign releases ++ + 1.5.3 - 4 May 2014 + - remove SPLICE_F_NONBLOCK to fix problem with slow splice() (Jan Seda) + diff --git a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb index 333ecac7e..fee5bee73 100644 --- a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb +++ b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb @@ -3,7 +3,9 @@ LICENSE = "Artistic-2.0" LIC_FILES_CHKSUM = "file://doc/COPYING;md5=9c50db2589ee3ef10a9b7b2e50ce1d02" SRC_URI = "http://www.ivarch.com/programs/sources/pv-${PV}.tar.gz \ - file://0001-Add-a-note-line-to-the-quick-reference.patch" + file://0001-Add-a-note-line-to-the-quick-reference.patch \ + file://backported.patch \ + " UPSTREAM_CHECK_URI = "http://www.ivarch.com/programs/pv.shtml" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb.upgraded b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb.upgraded index 9d94f671d..66e45c7e8 100644 --- a/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb.upgraded +++ b/poky/meta-selftest/recipes-test/devtool/devtool-upgrade-test1_1.5.3.bb.upgraded @@ -3,7 +3,9 @@ LICENSE = "Artistic-2.0" LIC_FILES_CHKSUM = "file://doc/COPYING;md5=9c50db2589ee3ef10a9b7b2e50ce1d02" SRC_URI = "http://www.ivarch.com/programs/sources/pv-${PV}.tar.gz \ - file://0001-Add-a-note-line-to-the-quick-reference.patch" + file://0001-Add-a-note-line-to-the-quick-reference.patch \ + file://backported.patch \ + " UPSTREAM_CHECK_URI = "http://www.ivarch.com/programs/pv.shtml" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index 3326944d7..19ed5548b 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -165,7 +165,6 @@ def check_cves(d, patched_cves): """ Connect to the NVD database and find unpatched cves. """ - import ast, csv, tempfile, subprocess, io from distutils.version import LooseVersion cves_unpatched = [] @@ -187,68 +186,74 @@ def check_cves(d, patched_cves): cve_whitelist = d.getVar("CVE_CHECK_WHITELIST").split() import sqlite3 - db_file = d.getVar("CVE_CHECK_DB_FILE") - conn = sqlite3.connect(db_file) + db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") + conn = sqlite3.connect(db_file, uri=True) + # For each of the known product names (e.g. curl has CPEs using curl and libcurl)... for product in products: - c = conn.cursor() if ":" in product: vendor, product = product.split(":", 1) - c.execute("SELECT * FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR IS ?", (product, vendor)) else: - c.execute("SELECT * FROM PRODUCTS WHERE PRODUCT IS ?", (product,)) + vendor = "%" - for row in c: - cve = row[0] - version_start = row[3] - operator_start = row[4] - version_end = row[5] - operator_end = row[6] + # Find all relevant CVE IDs. + for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)): + cve = cverow[0] if cve in cve_whitelist: bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) # TODO: this should be in the report as 'whitelisted' patched_cves.add(cve) + continue elif cve in patched_cves: bb.note("%s has been patched" % (cve)) - else: - to_append = False + continue + + vulnerable = False + for row in conn.execute("SELECT * FROM PRODUCTS WHERE ID IS ? AND PRODUCT IS ? AND VENDOR LIKE ?", (cve, product, vendor)): + (_, _, _, version_start, operator_start, version_end, operator_end) = row + #bb.debug(2, "Evaluating row " + str(row)) + if (operator_start == '=' and pv == version_start): - to_append = True + vulnerable = True else: if operator_start: try: - to_append_start = (operator_start == '>=' and LooseVersion(pv) >= LooseVersion(version_start)) - to_append_start |= (operator_start == '>' and LooseVersion(pv) > LooseVersion(version_start)) + vulnerable_start = (operator_start == '>=' and LooseVersion(pv) >= LooseVersion(version_start)) + vulnerable_start |= (operator_start == '>' and LooseVersion(pv) > LooseVersion(version_start)) except: bb.warn("%s: Failed to compare %s %s %s for %s" % (product, pv, operator_start, version_start, cve)) - to_append_start = False + vulnerable_start = False else: - to_append_start = False + vulnerable_start = False if operator_end: try: - to_append_end = (operator_end == '<=' and LooseVersion(pv) <= LooseVersion(version_end)) - to_append_end |= (operator_end == '<' and LooseVersion(pv) < LooseVersion(version_end)) + vulnerable_end = (operator_end == '<=' and LooseVersion(pv) <= LooseVersion(version_end)) + vulnerable_end |= (operator_end == '<' and LooseVersion(pv) < LooseVersion(version_end)) except: bb.warn("%s: Failed to compare %s %s %s for %s" % (product, pv, operator_end, version_end, cve)) - to_append_end = False + vulnerable_end = False else: - to_append_end = False + vulnerable_end = False if operator_start and operator_end: - to_append = to_append_start and to_append_end + vulnerable = vulnerable_start and vulnerable_end else: - to_append = to_append_start or to_append_end + vulnerable = vulnerable_start or vulnerable_end - if to_append: + if vulnerable: bb.note("%s-%s is vulnerable to %s" % (product, pv, cve)) cves_unpatched.append(cve) - else: - bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve)) - patched_cves.add(cve) + break + + if not vulnerable: + bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve)) + # TODO: not patched but not vulnerable + patched_cves.add(cve) + conn.close() return (list(patched_cves), cves_unpatched) @@ -256,31 +261,23 @@ def check_cves(d, patched_cves): def get_cve_info(d, cves): """ Get CVE information from the database. - - Unfortunately the only way to get CVE info is set the output to - html (hard to parse) or query directly the database. """ - try: - import sqlite3 - except ImportError: - from pysqlite2 import dbapi2 as sqlite3 + import sqlite3 cve_data = {} - db_file = d.getVar("CVE_CHECK_DB_FILE") - placeholder = ",".join("?" * len(cves)) - query = "SELECT * FROM NVD WHERE id IN (%s)" % placeholder - conn = sqlite3.connect(db_file) - cur = conn.cursor() - for row in cur.execute(query, tuple(cves)): - cve_data[row[0]] = {} - cve_data[row[0]]["summary"] = row[1] - cve_data[row[0]]["scorev2"] = row[2] - cve_data[row[0]]["scorev3"] = row[3] - cve_data[row[0]]["modified"] = row[4] - cve_data[row[0]]["vector"] = row[5] - conn.close() + conn = sqlite3.connect(d.getVar("CVE_CHECK_DB_FILE")) + for cve in cves: + for row in conn.execute("SELECT * FROM NVD WHERE ID IS ?", (cve,)): + cve_data[row[0]] = {} + cve_data[row[0]]["summary"] = row[1] + cve_data[row[0]]["scorev2"] = row[2] + cve_data[row[0]]["scorev3"] = row[3] + cve_data[row[0]]["modified"] = row[4] + cve_data[row[0]]["vector"] = row[5] + + conn.close() return cve_data def cve_write_data(d, patched, unpatched, cve_data): diff --git a/poky/meta/classes/distro_features_check.bbclass b/poky/meta/classes/distro_features_check.bbclass index eeaa3b44c..8124a8ca2 100644 --- a/poky/meta/classes/distro_features_check.bbclass +++ b/poky/meta/classes/distro_features_check.bbclass @@ -1,32 +1,7 @@ -# Allow checking of required and conflicting DISTRO_FEATURES -# -# ANY_OF_DISTRO_FEATURES: ensure at least one item on this list is included -# in DISTRO_FEATURES. -# REQUIRED_DISTRO_FEATURES: ensure every item on this list is included -# in DISTRO_FEATURES. -# CONFLICT_DISTRO_FEATURES: ensure no item in this list is included in -# DISTRO_FEATURES. -# -# Copyright 2013 (C) O.S. Systems Software LTDA. +# Temporarily provide fallback to the old name of the class -python () { - # Assume at least one var is set. - distro_features = set((d.getVar('DISTRO_FEATURES') or '').split()) - - any_of_distro_features = set((d.getVar('ANY_OF_DISTRO_FEATURES') or '').split()) - if any_of_distro_features: - if set.isdisjoint(any_of_distro_features, distro_features): - raise bb.parse.SkipRecipe("one of '%s' needs to be in DISTRO_FEATURES" % ' '.join(any_of_distro_features)) - - required_distro_features = set((d.getVar('REQUIRED_DISTRO_FEATURES') or '').split()) - if required_distro_features: - missing = set.difference(required_distro_features, distro_features) - if missing: - raise bb.parse.SkipRecipe("missing required distro feature%s '%s' (not in DISTRO_FEATURES)" % ('s' if len(missing) > 1 else '', ' '.join(missing))) - - conflict_distro_features = set((d.getVar('CONFLICT_DISTRO_FEATURES') or '').split()) - if conflict_distro_features: - conflicts = set.intersection(conflict_distro_features, distro_features) - if conflicts: - raise bb.parse.SkipRecipe("conflicting distro feature%s '%s' (in DISTRO_FEATURES)" % ('s' if len(conflicts) > 1 else '', ' '.join(conflicts))) +python __anonymous() { + bb.warn("distro_features_check.bbclass is deprecated, please use features_check.bbclass instead") } + +inherit features_check diff --git a/poky/meta/classes/features_check.bbclass b/poky/meta/classes/features_check.bbclass new file mode 100644 index 000000000..391fbe1c9 --- /dev/null +++ b/poky/meta/classes/features_check.bbclass @@ -0,0 +1,85 @@ +# Allow checking of required and conflicting DISTRO_FEATURES +# +# ANY_OF_DISTRO_FEATURES: ensure at least one item on this list is included +# in DISTRO_FEATURES. +# REQUIRED_DISTRO_FEATURES: ensure every item on this list is included +# in DISTRO_FEATURES. +# CONFLICT_DISTRO_FEATURES: ensure no item in this list is included in +# DISTRO_FEATURES. +# ANY_OF_MACHINE_FEATURES: ensure at least one item on this list is included +# in MACHINE_FEATURES. +# REQUIRED_MACHINE_FEATURES: ensure every item on this list is included +# in MACHINE_FEATURES. +# CONFLICT_MACHINE_FEATURES: ensure no item in this list is included in +# MACHINE_FEATURES. +# ANY_OF_COMBINED_FEATURES: ensure at least one item on this list is included +# in COMBINED_FEATURES. +# REQUIRED_COMBINED_FEATURES: ensure every item on this list is included +# in COMBINED_FEATURES. +# CONFLICT_COMBINED_FEATURES: ensure no item in this list is included in +# COMBINED_FEATURES. +# +# Copyright 2019 (C) Texas Instruments Inc. +# Copyright 2013 (C) O.S. Systems Software LTDA. + +python () { + # Assume at least one var is set. + distro_features = set((d.getVar('DISTRO_FEATURES') or '').split()) + + any_of_distro_features = set((d.getVar('ANY_OF_DISTRO_FEATURES') or '').split()) + if any_of_distro_features: + if set.isdisjoint(any_of_distro_features, distro_features): + raise bb.parse.SkipRecipe("one of '%s' needs to be in DISTRO_FEATURES" % ' '.join(any_of_distro_features)) + + required_distro_features = set((d.getVar('REQUIRED_DISTRO_FEATURES') or '').split()) + if required_distro_features: + missing = set.difference(required_distro_features, distro_features) + if missing: + raise bb.parse.SkipRecipe("missing required distro feature%s '%s' (not in DISTRO_FEATURES)" % ('s' if len(missing) > 1 else '', ' '.join(missing))) + + conflict_distro_features = set((d.getVar('CONFLICT_DISTRO_FEATURES') or '').split()) + if conflict_distro_features: + conflicts = set.intersection(conflict_distro_features, distro_features) + if conflicts: + raise bb.parse.SkipRecipe("conflicting distro feature%s '%s' (in DISTRO_FEATURES)" % ('s' if len(conflicts) > 1 else '', ' '.join(conflicts))) + + # Assume at least one var is set. + machine_features = set((d.getVar('MACHINE_FEATURES') or '').split()) + + any_of_machine_features = set((d.getVar('ANY_OF_MACHINE_FEATURES') or '').split()) + if any_of_machine_features: + if set.isdisjoint(any_of_machine_features, machine_features): + raise bb.parse.SkipRecipe("one of '%s' needs to be in MACHINE_FEATURES" % ' '.join(any_of_machine_features)) + + required_machine_features = set((d.getVar('REQUIRED_MACHINE_FEATURES') or '').split()) + if required_machine_features: + missing = set.difference(required_machine_features, machine_features) + if missing: + raise bb.parse.SkipRecipe("missing required machine feature%s '%s' (not in MACHINE_FEATURES)" % ('s' if len(missing) > 1 else '', ' '.join(missing))) + + conflict_machine_features = set((d.getVar('CONFLICT_MACHINE_FEATURES') or '').split()) + if conflict_machine_features: + conflicts = set.intersection(conflict_machine_features, machine_features) + if conflicts: + raise bb.parse.SkipRecipe("conflicting machine feature%s '%s' (in MACHINE_FEATURES)" % ('s' if len(conflicts) > 1 else '', ' '.join(conflicts))) + + # Assume at least one var is set. + combined_features = set((d.getVar('COMBINED_FEATURES') or '').split()) + + any_of_combined_features = set((d.getVar('ANY_OF_COMBINED_FEATURES') or '').split()) + if any_of_combined_features: + if set.isdisjoint(any_of_combined_features, combined_features): + raise bb.parse.SkipRecipe("one of '%s' needs to be in COMBINED_FEATURES" % ' '.join(any_of_combined_features)) + + required_combined_features = set((d.getVar('REQUIRED_COMBINED_FEATURES') or '').split()) + if required_combined_features: + missing = set.difference(required_combined_features, combined_features) + if missing: + raise bb.parse.SkipRecipe("missing required machine feature%s '%s' (not in COMBINED_FEATURES)" % ('s' if len(missing) > 1 else '', ' '.join(missing))) + + conflict_combined_features = set((d.getVar('CONFLICT_COMBINED_FEATURES') or '').split()) + if conflict_combined_features: + conflicts = set.intersection(conflict_combined_features, combined_features) + if conflicts: + raise bb.parse.SkipRecipe("conflicting machine feature%s '%s' (in COMBINED_FEATURES)" % ('s' if len(conflicts) > 1 else '', ' '.join(conflicts))) +} diff --git a/poky/meta/classes/package_ipk.bbclass b/poky/meta/classes/package_ipk.bbclass index 9f9da2f91..4f2397703 100644 --- a/poky/meta/classes/package_ipk.bbclass +++ b/poky/meta/classes/package_ipk.bbclass @@ -154,7 +154,6 @@ def ipk_write_pkg(pkg, d): ctrlfile.write('%s\n' % textwrap.fill(description, width=74, initial_indent=' ', subsequent_indent=' ')) else: ctrlfile.write(c % tuple(pullData(fs, localdata))) - # more fields custom_fields_chunk = get_package_additional_metadata("ipk", localdata) if custom_fields_chunk is not None: diff --git a/poky/meta/classes/sanity.bbclass b/poky/meta/classes/sanity.bbclass index a14bf5388..63ab6cf3d 100644 --- a/poky/meta/classes/sanity.bbclass +++ b/poky/meta/classes/sanity.bbclass @@ -523,6 +523,7 @@ def check_wsl(d): # Tar version 1.24 and onwards handle overwriting symlinks correctly # but earlier versions do not; this needs to work properly for sstate +# Version 1.28 is needed so opkg-build works correctly when reproducibile builds are enabled def check_tar_version(sanity_data): from distutils.version import LooseVersion import subprocess @@ -532,7 +533,9 @@ def check_tar_version(sanity_data): return "Unable to execute tar --version, exit code %d\n%s\n" % (e.returncode, e.output) version = result.split()[3] if LooseVersion(version) < LooseVersion("1.24"): - return "Your version of tar is older than 1.24 and has bugs which will break builds. Please install a newer version of tar.\n" + return "Your version of tar is older than 1.24 and has bugs which will break builds. Please install a newer version of tar (1.28+).\n" + if LooseVersion(version) < LooseVersion("1.28"): + return "Your version of tar is older than 1.28 and does not have the support needed to enable reproducible builds. Please install a newer version of tar (you could use the projects buildtools-tarball from our last release).\n" return None # We use git parameters and functionality only found in 1.7.8 or later diff --git a/poky/meta/conf/documentation.conf b/poky/meta/conf/documentation.conf index 550df20b0..fca36f3cf 100644 --- a/poky/meta/conf/documentation.conf +++ b/poky/meta/conf/documentation.conf @@ -113,7 +113,7 @@ COMPATIBLE_MACHINE[doc] = "A regular expression that resolves to one or more tar COMPLEMENTARY_GLOB[doc] = "Defines wildcards to match when installing a list of complementary packages for all the packages installed in an image." CONFFILES[doc] = "Identifies editable or configurable files that are part of a package." CONFIG_SITE[doc] = "A list of files that contains autoconf test results relevant to the current build. This variable is used by the Autotools utilities when running configure." -CONFLICT_DISTRO_FEATURES[doc] = "When a recipe inherits the distro_features_check class, this variable identifies distribution features that would be in conflict should the recipe be built." +CONFLICT_DISTRO_FEATURES[doc] = "When a recipe inherits the features_check class, this variable identifies distribution features that would be in conflict should the recipe be built." CORE_IMAGE_EXTRA_INSTALL[doc] = "Specifies the list of packages to be added to the image. You should only set this variable in the conf/local.conf file in the Build Directory." COREBASE[doc] = "Specifies the parent directory of the OpenEmbedded Core Metadata layer (i.e. meta)." CONF_VERSION[doc] = "Tracks the version of local.conf. Increased each time build/conf/ changes incompatibly." @@ -346,7 +346,7 @@ QMAKE_PROFILES[doc] = "Specifies your own subset of .pro files to be built for u RCONFLICTS[doc] = "The list of packages that conflict with another package. Note that the package will not be installed if the conflicting packages are not first removed." RDEPENDS[doc] = "Lists a package's runtime dependencies (i.e. other packages) that must be installed for the package to be built. They must be the names of other packages as listed in the PACKAGES variable, not recipe names (PN)." -REQUIRED_DISTRO_FEATURES[doc] = "When a recipe inherits the distro_features_check class, this variable identifies distribution features that must exist in the current configuration in order for the OpenEmbedded build system to build the recipe." +REQUIRED_DISTRO_FEATURES[doc] = "When a recipe inherits the features_check class, this variable identifies distribution features that must exist in the current configuration in order for the OpenEmbedded build system to build the recipe." RM_WORK_EXCLUDE[doc] = "With rm_work enabled, this variable specifies a list of packages whose work directories should not be removed." ROOTFS[doc] = "Indicates a filesystem image to include as the root filesystem." ROOTFS_POSTPROCESS_COMMAND[doc] = "Added by classes to run post processing commands once the OpenEmbedded build system has created the root filesystem." diff --git a/poky/meta/lib/oeqa/manual/bsp-hw.json b/poky/meta/lib/oeqa/manual/bsp-hw.json index 18cec222f..5c5b9b50b 100644 --- a/poky/meta/lib/oeqa/manual/bsp-hw.json +++ b/poky/meta/lib/oeqa/manual/bsp-hw.json @@ -1,32 +1,6 @@ [ { "test": { - "@alias": "bsps-hw.bsps-hw.rpm_-__install_dependency_package", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "Get a not previously installed RPM package or build one on local machine, which should have run-time dependency.For example, \"mc\" (Midnight Commander, which is a visual file manager) should depend on \"ncurses-terminfo\". \n\n$ bitbake mc \n\n\n", - "expected_results": "" - }, - "2": { - "action": "Copy the package into a system folder (for example /home/root/rpm_packages). \n\n\n", - "expected_results": "" - }, - "3": { - "action": "Run \"rpm -ivh package_name\" and check the output, for example \"rpm -ivh mc.rpm*\" should report the dependency on \"ncurses-terminfo\".\n\n\n\n", - "expected_results": "3 . rpm command should report message when some RPM installation depends on other packages." - } - }, - "summary": "rpm_-__install_dependency_package" - } - }, - { - "test": { "@alias": "bsps-hw.bsps-hw.boot_and_install_from_USB", "author": [ { @@ -173,28 +147,6 @@ }, { "test": { - "@alias": "bsps-hw.bsps-hw.reboot_system", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "" - }, - "2": { - "action": "launch terminal and run \"reboot\"", - "expected_results": "System can reboot successfully . " - } - }, - "summary": "reboot_system" - } - }, - { - "test": { "@alias": "bsps-hw.bsps-hw.switch_among_multi_applications_and_desktop", "author": [ { @@ -225,114 +177,6 @@ }, { "test": { - "@alias": "bsps-hw.bsps-hw.USB_-_mount", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "Boot system \n\n", - "expected_results": "" - }, - "2": { - "action": "Plug USB stick, it should be mount in /run/media/sd(x) If X-window system does not start and show USB device, then use the terminal to mount it, following the next steps: \na. Locate the usb stick (usually it is on /dev/sdb) \nb. Create a directory with \"mkdir stick\" (so you will have such a path as: /home/root/stick). \nc. Run the command \"mount /dev/sdb /home/root/stick\" to mount USB device on it. \n\n", - "expected_results": "USB device should be mounted in /run/media/sd(x) \nor in /home/root/stick \n\n" - }, - "3": { - "action": "Then you can access USB stick (/home/root/stick) via Terminal or GUI and try various commands and actions like \"cp\", \"mv\", \"touch\" and \"rm\". Type \"dmesg\" command and check for recent mounted devices.", - "expected_results": "Basic commands work properly. The system sends a notification in \"dmesg\" command, showing that the USB stick is accessible and the device is mounted ." - } - }, - "summary": "USB_-_mount" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.USB_-_read_files", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "view/copy successfully" - }, - "2": { - "action": "plug usb stick", - "expected_results": "" - }, - "3": { - "action": "view files in usb by file browser", - "expected_results": "" - }, - "4": { - "action": "copy some files from usb to local hardware", - "expected_results": "" - } - }, - "summary": "USB_-_read_files" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.USB_-_umount", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "usb directory in file browser automatically missed" - }, - "2": { - "action": "plug usb stick", - "expected_results": "" - }, - "3": { - "action": "view files in usb by file browser \n4.unplug usb", - "expected_results": "" - } - }, - "summary": "USB_-_umount" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.USB_-_write_files", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "create/copy successfully" - }, - "2": { - "action": "plug usb stick", - "expected_results": "" - }, - "3": { - "action": "create files in usb \n4.copy some files from local hardware to usb", - "expected_results": "" - } - }, - "summary": "USB_-_write_files" - } - }, - { - "test": { "@alias": "bsps-hw.bsps-hw.ethernet_static_ip_set_in_connman", "author": [ { @@ -613,136 +457,6 @@ }, { "test": { - "@alias": "bsps-hw.bsps-hw.check_bash_in_image", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "After system is up, check if bash command exists with command \"which bash\"", - "expected_results": "bash command should exist in image giving something as below \"/bin/bash\"" - } - }, - "summary": "check_bash_in_image" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.MicroSD_-__mount", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "system notify that MicroSDis accessible" - }, - "2": { - "action": "plug MicroSD card", - "expected_results": "" - } - }, - "summary": "MicroSD_-__mount" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.MicroSD_-__read_files", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "view/copy successfully" - }, - "2": { - "action": "plug MicroSD card", - "expected_results": "" - }, - "3": { - "action": "view files inMicroSD by file browser", - "expected_results": "" - }, - "4": { - "action": "copy some files fromMicroSD to local hardware", - "expected_results": "" - } - }, - "summary": "MicroSD_-__read_files" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.MicroSD_-__umount", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "MicroSD in file browser automatically missed . " - }, - "2": { - "action": "plug MicroSD card", - "expected_results": "" - }, - "3": { - "action": "view files in MicroSDby file browser", - "expected_results": "" - }, - "4": { - "action": "unplug MicroSD", - "expected_results": "" - } - }, - "summary": "MicroSD_-__umount" - } - }, - { - "test": { - "@alias": "bsps-hw.bsps-hw.MicroSD_-__write_files", - "author": [ - { - "email": "alexandru.c.georgescu@intel.com", - "name": "alexandru.c.georgescu@intel.com" - } - ], - "execution": { - "1": { - "action": "boot system", - "expected_results": "create/copy successfully" - }, - "2": { - "action": "plug MicroSD card", - "expected_results": "" - }, - "3": { - "action": "create files in MicroSD", - "expected_results": "" - }, - "4": { - "action": "copy some files from local hardware to MicroSD", - "expected_results": "" - } - }, - "summary": "MicroSD_-__write_files" - } - }, - { - "test": { "@alias": "bsps-hw.bsps-hw.video_-_libva_check_(ogg_video_play)", "author": [ { @@ -1283,4 +997,4 @@ "summary": "Boot_from_JFFS2_image" } } -]
\ No newline at end of file +] diff --git a/poky/meta/lib/oeqa/manual/compliance-test.json b/poky/meta/lib/oeqa/manual/compliance-test.json deleted file mode 100644 index 367a416f0..000000000 --- a/poky/meta/lib/oeqa/manual/compliance-test.json +++ /dev/null @@ -1,76 +0,0 @@ -[ - { - "test": { - "@alias": "compliance-test.compliance-test.stress_test_-_Genericx86-64", - "author": [ - { - "email": "corneliux.stoicescu@intel.com", - "name": "corneliux.stoicescu@intel.com" - } - ], - "execution": { - "1": { - "action": "Bootup with core-image-sato-sdk image", - "expected_results": "" - }, - "2": { - "action": "Execute the crashme test with below command \n\n./opt/ltp/runltp f crashme", - "expected_results": "The stress testing should not make the target crash. Check CPU usage and basic functionality of the system after the tests are over. " - } - }, - "summary": "stress_test_-_Genericx86-64" - } - }, - { - "test": { - "@alias": "compliance-test.compliance-test.stress_test_-_- crashme_-_-Beaglebone", - "author": [ - { - "email": "corneliux.stoicescu@intel.com", - "name": "corneliux.stoicescu@intel.com" - } - ], - "execution": { - "1": { - "action": " Get crashme from http://people.delphiforums.com/gjc/crashme.html", - "expected_results": "" - }, - "2": { - "action": "Follow the setup steps on above URL, build crashme in target", - "expected_results": "" - }, - "3": { - "action": " Run crashme for 24 hours", - "expected_results": "Target should not crash with the program." - } - }, - "summary": "stress_test_-_crashme_-Beaglebone" - } - }, - { - "test": { - "@alias": "compliance-test.compliance-test.stress_test_-_ltp_-Beaglebone", - "author": [ - { - "email": "corneliux.stoicescu@intel.com", - "name": "corneliux.stoicescu@intel.com" - } - ], - "execution": { - "1": { - "action": "Build LTP with toolchain or in sdk image", - "expected_results": "" - }, - "2": { - "action": "Copy LTP folder into target, for example, /opt/ltp. Modify script, testscripts/ltpstress.sh, set Iostat=1, NO_NETWORK=1", - "expected_results": "" - }, - "3": { - "action": "cd testscripts/ && ./ltpstress.sh", - "expected_results": "This stress case will run for 24 hours Check the result\ntarget should not crash with the program " - } - }, - "summary": "stress_test_-_-ltp_-Beaglebone" - } - } -] diff --git a/poky/meta/lib/oeqa/runtime/cases/boot.py b/poky/meta/lib/oeqa/runtime/cases/boot.py new file mode 100644 index 000000000..2142f400a --- /dev/null +++ b/poky/meta/lib/oeqa/runtime/cases/boot.py @@ -0,0 +1,33 @@ +# +# SPDX-License-Identifier: MIT +# + +from subprocess import Popen, PIPE +import time + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.core.decorator.oetimeout import OETimeout +from oeqa.core.decorator.data import skipIfQemu + +class BootTest(OERuntimeTestCase): + + @OETimeout(120) + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_reboot(self): + output = '' + count = 0 + (status, output) = self.target.run('reboot -h') + while count < 5: + time.sleep(5) + cmd = 'ping -c 1 %s' % self.target.ip + proc = Popen(cmd, shell=True, stdout=PIPE) + output += proc.communicate()[0].decode('utf-8') + if proc.poll() == 0: + count += 1 + else: + count = 0 + msg = ('Expected 5 consecutive, got %d.\n' + 'ping output is:\n%s' % (count,output)) + self.assertEqual(count, 5, msg = msg) diff --git a/poky/meta/lib/oeqa/runtime/cases/ltp_stress.py b/poky/meta/lib/oeqa/runtime/cases/ltp_stress.py new file mode 100644 index 000000000..2445ffbc9 --- /dev/null +++ b/poky/meta/lib/oeqa/runtime/cases/ltp_stress.py @@ -0,0 +1,98 @@ +# LTP Stress runtime +# +# Copyright (c) 2019 MontaVista Software, LLC +# +# SPDX-License-Identifier: MIT +# + +import time +import datetime +import pprint + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.runtime.decorator.package import OEHasPackage +from oeqa.core.decorator.data import skipIfQemu +from oeqa.utils.logparser import LtpParser + +class LtpStressBase(OERuntimeTestCase): + + @classmethod + def setUpClass(cls): + cls.ltp_startup() + + @classmethod + def tearDownClass(cls): + cls.ltp_finishup() + + @classmethod + def ltp_startup(cls): + cls.sections = {} + cls.failmsg = "" + test_log_dir = os.path.join(cls.td.get('WORKDIR', ''), 'testimage') + timestamp = datetime.datetime.now().strftime('%Y%m%d%H%M%S') + + cls.ltptest_log_dir_link = os.path.join(test_log_dir, 'ltpstress_log') + cls.ltptest_log_dir = '%s.%s' % (cls.ltptest_log_dir_link, timestamp) + os.makedirs(cls.ltptest_log_dir) + + cls.tc.target.run("mkdir -p /opt/ltp/results") + + if not hasattr(cls.tc, "extraresults"): + cls.tc.extraresults = {} + cls.extras = cls.tc.extraresults + cls.extras['ltpstressresult.rawlogs'] = {'log': ""} + + + @classmethod + def ltp_finishup(cls): + cls.extras['ltpstressresult.sections'] = cls.sections + + # update symlink to ltp_log + if os.path.exists(cls.ltptest_log_dir_link): + os.remove(cls.ltptest_log_dir_link) + + os.symlink(os.path.basename(cls.ltptest_log_dir), cls.ltptest_log_dir_link) + + if cls.failmsg: + cls.fail(cls.failmsg) + +class LtpStressTest(LtpStressBase): + + def runltp(self, stress_group): + cmd = '/opt/ltp/runltp -f %s -p -q 2>@1 | tee /opt/ltp/results/%s' % (stress_group, stress_group) + starttime = time.time() + (status, output) = self.target.run(cmd) + endtime = time.time() + with open(os.path.join(self.ltptest_log_dir, "%s" % stress_group), 'w') as f: + f.write(output) + + self.extras['ltpstressresult.rawlogs']['log'] = self.extras['ltpstressresult.rawlogs']['log'] + output + + parser = LtpParser() + results, sections = parser.parse(os.path.join(self.ltptest_log_dir, "%s" % stress_group)) + + runtime = int(endtime-starttime) + sections['duration'] = runtime + self.sections[stress_group] = sections + + failed_tests = {} + for test in results: + result = results[test] + testname = ("ltpstressresult." + stress_group + "." + test) + self.extras[testname] = {'status': result} + if result == 'FAILED': + failed_tests[stress_group] = test + + if failed_tests: + self.failmsg = self.failmsg + "Failed ptests:\n%s" % pprint.pformat(failed_tests) + + # LTP stress runtime tests + # + @skipIfQemu('qemuall', 'Test only runs on real hardware') + + @OETestDepends(['ssh.SSHTest.test_ssh']) + @OEHasPackage(["ltp"]) + def test_ltp_stress(self): + self.tc.target.run("sed -i -r 's/^fork12.*//' /opt/ltp/runtest/crashme") + self.runltp('crashme') diff --git a/poky/meta/lib/oeqa/runtime/cases/storage.py b/poky/meta/lib/oeqa/runtime/cases/storage.py new file mode 100644 index 000000000..166d26b25 --- /dev/null +++ b/poky/meta/lib/oeqa/runtime/cases/storage.py @@ -0,0 +1,149 @@ +# +# SPDX-License-Identifier: MIT +# + +import re +import time + +from oeqa.runtime.case import OERuntimeTestCase +from oeqa.core.decorator.depends import OETestDepends +from oeqa.core.decorator.data import skipIfQemu + +class StorageBase(OERuntimeTestCase): + def storage_mount(cls, tmo=1): + + (status, output) = cls.target.run('mkdir -p %s' % cls.mount_point) + (status, output) = cls.target.run('mount %s %s' % (cls.device, cls.mount_point)) + msg = ('Mount failed: %s.' % status) + cls.assertFalse(output, msg = msg) + time.sleep(tmo) + (status, output) = cls.target.run('cat /proc/mounts') + match = re.search('%s' % cls.device, output) + if match: + msg = ('Device %s not mounted.' % cls.device) + cls.assertTrue(match, msg = msg) + + (status, output) = cls.target.run('mkdir -p %s' % cls.test_dir) + + (status, output) = cls.target.run('rm -f %s/*' % cls.test_dir) + msg = ('Failed to cleanup files @ %s/*' % cls.test_dir) + cls.assertFalse(output, msg = msg) + + + def storage_basic(cls): + # create file on device + (status, output) = cls.target.run('touch %s/%s' % (cls.test_dir, cls.test_file)) + msg = ('File %s not created on %s' % (cls.test_file, cls.device)) + cls.assertFalse(status, msg = msg) + # move file + (status, output) = cls.target.run('mv %s/%s %s/%s1' % + (cls.test_dir, cls.test_file, cls.test_dir, cls.test_file)) + msg = ('File %s not moved to %s' % (cls.test_file, cls.device)) + cls.assertFalse(status, msg = msg) + # remove file + (status, output) = cls.target.run('rm %s/%s1' % (cls.test_dir, cls.test_file)) + msg = ('File %s not removed on %s' % (cls.test_file, cls.device)) + cls.assertFalse(status, msg = msg) + + def storage_read(cls): + # check if message is in file + (status, output) = cls.target.run('cat %s/%s' % + (cls.test_dir, cls.test_file)) + + match = re.search('%s' % cls.test_msg, output) + msg = ('Test message %s not in file %s.' % (cls.test_msg, cls.test_file)) + cls.assertEqual(status, 0, msg = msg) + + def storage_write(cls): + # create test message in file on device + (status, output) = cls.target.run('echo "%s" > %s/%s' % + (cls.test_msg, cls.test_dir, cls.test_file)) + msg = ('File %s not create test message on %s' % (cls.test_file, cls.device)) + cls.assertEqual(status, 0, msg = msg) + + def storage_umount(cls, tmo=1): + time.sleep(tmo) + (status, output) = cls.target.run('umount %s' % cls.mount_point) + + if status == 32: + # already unmounted, should it fail? + return + else: + msg = ('Device not unmount %s' % cls.mount_point) + cls.assertEqual(status, 0, msg = msg) + + (status, output) = cls.target.run('cat /proc/mounts') + match = re.search('%s' % cls.device, output) + if match: + msg = ('Device %s still mounted.' % cls.device) + cls.assertTrue(match, msg = msg) + + +class UsbTest(StorageBase): + ''' + This is to mimic the usb test previously done in manual bsp-hw.json + ''' + @classmethod + def setUpClass(self): + self.test_msg = "Hello World - USB" + self.mount_point = "/media/usb" + self.device = "/dev/sda1" + self.test_file = "usb.tst" + self.test_dir = os.path.join(self.mount_point, "oeqa") + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_usb_mount(self): + self.storage_umount(2) + self.storage_mount(5) + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.UsbTest.test_usb_mount']) + def test_usb_basic_operations(self): + self.storage_basic() + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.UsbTest.test_usb_basic_operations']) + def test_usb_basic_rw(self): + self.storage_write() + self.storage_read() + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.UsbTest.test_usb_mount']) + def test_usb_umount(self): + self.storage_umount(2) + + +class MMCTest(StorageBase): + ''' + This is to mimic the usb test previously done in manual bsp-hw.json + ''' + @classmethod + def setUpClass(self): + self.test_msg = "Hello World - MMC" + self.mount_point = "/media/mmc" + self.device = "/dev/mmcblk1p1" + self.test_file = "mmc.tst" + self.test_dir = os.path.join(self.mount_point, "oeqa") + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['ssh.SSHTest.test_ssh']) + def test_mmc_mount(self): + self.storage_umount(2) + self.storage_mount() + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.MMCTest.test_mmc_mount']) + def test_mmc_basic_operations(self): + self.storage_basic() + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.MMCTest.test_mmc_basic_operations']) + def test_mmc_basic_rw(self): + self.storage_write() + self.storage_read() + + @skipIfQemu('qemuall', 'Test only runs on real hardware') + @OETestDepends(['storage.MMCTest.test_mmc_mount']) + def test_mmc_umount(self): + self.storage_umount(2) diff --git a/poky/meta/lib/oeqa/selftest/cases/devtool.py b/poky/meta/lib/oeqa/selftest/cases/devtool.py index 3a25da203..57e6662e4 100644 --- a/poky/meta/lib/oeqa/selftest/cases/devtool.py +++ b/poky/meta/lib/oeqa/selftest/cases/devtool.py @@ -137,6 +137,7 @@ class DevtoolBase(OESelftestTestCase): with open(recipefile, 'r') as f: invar = None invalue = None + inherits = set() for line in f: var = None if invar: @@ -158,7 +159,7 @@ class DevtoolBase(OESelftestTestCase): invar = var continue elif line.startswith('inherit '): - inherits = line.split()[1:] + inherits.update(line.split()[1:]) if var and var in checkvars: needvalue = checkvars.pop(var) @@ -1496,11 +1497,13 @@ class DevtoolUpgradeTests(DevtoolBase): recipedir = os.path.dirname(oldrecipefile) olddir = os.path.join(recipedir, recipe + '-' + oldversion) patchfn = '0001-Add-a-note-line-to-the-quick-reference.patch' + backportedpatchfn = 'backported.patch' self.assertExists(os.path.join(olddir, patchfn), 'Original patch file does not exist') - return recipe, oldrecipefile, recipedir, olddir, newversion, patchfn + self.assertExists(os.path.join(olddir, backportedpatchfn), 'Backported patch file does not exist') + return recipe, oldrecipefile, recipedir, olddir, newversion, patchfn, backportedpatchfn def test_devtool_finish_upgrade_origlayer(self): - recipe, oldrecipefile, recipedir, olddir, newversion, patchfn = self._setup_test_devtool_finish_upgrade() + recipe, oldrecipefile, recipedir, olddir, newversion, patchfn, backportedpatchfn = self._setup_test_devtool_finish_upgrade() # Ensure the recipe is where we think it should be (so that cleanup doesn't trash things) self.assertIn('/meta-selftest/', recipedir) # Try finish to the original layer @@ -1511,14 +1514,23 @@ class DevtoolUpgradeTests(DevtoolBase): self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after finish') self.assertNotExists(oldrecipefile, 'Old recipe file should have been deleted but wasn\'t') self.assertNotExists(os.path.join(olddir, patchfn), 'Old patch file should have been deleted but wasn\'t') + self.assertNotExists(os.path.join(olddir, backportedpatchfn), 'Old backported patch file should have been deleted but wasn\'t') newrecipefile = os.path.join(recipedir, '%s_%s.bb' % (recipe, newversion)) newdir = os.path.join(recipedir, recipe + '-' + newversion) self.assertExists(newrecipefile, 'New recipe file should have been copied into existing layer but wasn\'t') self.assertExists(os.path.join(newdir, patchfn), 'Patch file should have been copied into new directory but wasn\'t') + self.assertNotExists(os.path.join(newdir, backportedpatchfn), 'Backported patch file should not have been copied into new directory but was') self.assertExists(os.path.join(newdir, '0002-Add-a-comment-to-the-code.patch'), 'New patch file should have been created but wasn\'t') + with open(newrecipefile, 'r') as f: + newcontent = f.read() + self.assertNotIn(backportedpatchfn, newcontent, "Backported patch should have been removed from the recipe but wasn't") + self.assertIn(patchfn, newcontent, "Old patch should have not been removed from the recipe but was") + self.assertIn("0002-Add-a-comment-to-the-code.patch", newcontent, "New patch should have been added to the recipe but wasn't") + self.assertIn("http://www.ivarch.com/programs/sources/pv-${PV}.tar.gz", newcontent, "New recipe no longer has upstream source in SRC_URI") + def test_devtool_finish_upgrade_otherlayer(self): - recipe, oldrecipefile, recipedir, olddir, newversion, patchfn = self._setup_test_devtool_finish_upgrade() + recipe, oldrecipefile, recipedir, olddir, newversion, patchfn, backportedpatchfn = self._setup_test_devtool_finish_upgrade() # Ensure the recipe is where we think it should be (so that cleanup doesn't trash things) self.assertIn('/meta-selftest/', recipedir) # Try finish to a different layer - should create a bbappend @@ -1534,10 +1546,18 @@ class DevtoolUpgradeTests(DevtoolBase): self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after finish') self.assertExists(oldrecipefile, 'Old recipe file should not have been deleted') self.assertExists(os.path.join(olddir, patchfn), 'Old patch file should not have been deleted') + self.assertExists(os.path.join(olddir, backportedpatchfn), 'Old backported patch file should not have been deleted') newdir = os.path.join(newrecipedir, recipe + '-' + newversion) self.assertExists(newrecipefile, 'New recipe file should have been copied into existing layer but wasn\'t') self.assertExists(os.path.join(newdir, patchfn), 'Patch file should have been copied into new directory but wasn\'t') + self.assertNotExists(os.path.join(newdir, backportedpatchfn), 'Backported patch file should not have been copied into new directory but was') self.assertExists(os.path.join(newdir, '0002-Add-a-comment-to-the-code.patch'), 'New patch file should have been created but wasn\'t') + with open(newrecipefile, 'r') as f: + newcontent = f.read() + self.assertNotIn(backportedpatchfn, newcontent, "Backported patch should have been removed from the recipe but wasn't") + self.assertIn(patchfn, newcontent, "Old patch should have not been removed from the recipe but was") + self.assertIn("0002-Add-a-comment-to-the-code.patch", newcontent, "New patch should have been added to the recipe but wasn't") + self.assertIn("http://www.ivarch.com/programs/sources/pv-${PV}.tar.gz", newcontent, "New recipe no longer has upstream source in SRC_URI") def _setup_test_devtool_finish_modify(self): # Check preconditions diff --git a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py index 2867cb78a..6757a0ec6 100644 --- a/poky/meta/lib/oeqa/selftest/cases/sstatetests.py +++ b/poky/meta/lib/oeqa/selftest/cases/sstatetests.py @@ -255,6 +255,7 @@ BUILD_ARCH = "x86_64" BUILD_OS = "linux" SDKMACHINE = "x86_64" PACKAGE_CLASSES = "package_rpm package_ipk package_deb" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash") bitbake("core-image-sato -S none") @@ -266,6 +267,7 @@ BUILD_ARCH = "i686" BUILD_OS = "linux" SDKMACHINE = "i686" PACKAGE_CLASSES = "package_rpm package_ipk package_deb" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2") bitbake("core-image-sato -S none") @@ -298,6 +300,7 @@ PACKAGE_CLASSES = "package_rpm package_ipk package_deb" TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\" TCLIBCAPPEND = \"\" NATIVELSBSTRING = \"DistroA\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash") bitbake("core-image-sato -S none") @@ -305,6 +308,7 @@ NATIVELSBSTRING = \"DistroA\" TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\" TCLIBCAPPEND = \"\" NATIVELSBSTRING = \"DistroB\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2") bitbake("core-image-sato -S none") @@ -332,11 +336,13 @@ NATIVELSBSTRING = \"DistroB\" TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\" TCLIBCAPPEND = \"\" MACHINE = \"qemux86-64\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """ configB = """ TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\" TCLIBCAPPEND = \"\" MACHINE = \"qemuarm\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """ self.sstate_allarch_samesigs(configA, configB) @@ -352,6 +358,7 @@ MACHINE = \"qemux86-64\" require conf/multilib.conf MULTILIBS = \"multilib:lib32\" DEFAULTTUNE_virtclass-multilib-lib32 = \"x86\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """ configB = """ TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\" @@ -359,6 +366,7 @@ TCLIBCAPPEND = \"\" MACHINE = \"qemuarm\" require conf/multilib.conf MULTILIBS = \"\" +BB_SIGNATURE_HANDLER = "OEBasicHash" """ self.sstate_allarch_samesigs(configA, configB) @@ -404,6 +412,7 @@ MACHINE = \"qemux86\" require conf/multilib.conf MULTILIBS = "multilib:lib32" DEFAULTTUNE_virtclass-multilib-lib32 = "x86" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash") bitbake("world meta-toolchain -S none") @@ -414,6 +423,7 @@ MACHINE = \"qemux86copy\" require conf/multilib.conf MULTILIBS = "multilib:lib32" DEFAULTTUNE_virtclass-multilib-lib32 = "x86" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2") bitbake("world meta-toolchain -S none") @@ -452,6 +462,7 @@ TIME = "111111" DATE = "20161111" INHERIT_remove = "buildstats-summary buildhistory uninative" http_proxy = "" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash") self.track_for_cleanup(self.topdir + "/download1") @@ -468,6 +479,7 @@ DATE = "20161212" INHERIT_remove = "uninative" INHERIT += "buildstats-summary buildhistory" http_proxy = "http://example.com/" +BB_SIGNATURE_HANDLER = "OEBasicHash" """) self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2") self.track_for_cleanup(self.topdir + "/download2") diff --git a/poky/meta/lib/oeqa/selftest/cases/wic.py b/poky/meta/lib/oeqa/selftest/cases/wic.py index ea7530040..0c03b4b02 100644 --- a/poky/meta/lib/oeqa/selftest/cases/wic.py +++ b/poky/meta/lib/oeqa/selftest/cases/wic.py @@ -1025,3 +1025,10 @@ class Wic2(WicTestCase): # check if it's removed result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot)) self.assertTrue('fstab' not in [line.split()[-1] for line in result.output.split('\n') if line]) + + # remove non-empty directory + runCmd("wic rm -r %s:2/etc/ -n %s" % (images[0], sysroot)) + + # check if it's removed + result = runCmd("wic ls %s:2/ -n %s" % (images[0], sysroot)) + self.assertTrue('etc' not in [line.split()[-1] for line in result.output.split('\n') if line]) diff --git a/poky/meta/recipes-bsp/usbutils/usbutils_012.bb b/poky/meta/recipes-bsp/usbutils/usbutils_012.bb index 0213e7af6..b670fa4ab 100644 --- a/poky/meta/recipes-bsp/usbutils/usbutils_012.bb +++ b/poky/meta/recipes-bsp/usbutils/usbutils_012.bb @@ -15,7 +15,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/usb/usbutils/usbutils-${PV}.tar.gz \ SRC_URI[md5sum] = "7484445cbcf04b3eacac892fe58f8d9f" SRC_URI[sha256sum] = "ae2e10aad530d95839b6f4d46cd41715eae6f0f1789310d793e9be21b3e7ae20" -inherit autotools pkgconfig distro_features_check update-alternatives +inherit autotools pkgconfig features_check update-alternatives ALTERNATIVE_${PN} = "lsusb" ALTERNATIVE_PRIORITY = "100" diff --git a/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb b/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb index 1c6e46aab..1510a0ef4 100644 --- a/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb +++ b/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb @@ -1,6 +1,6 @@ require avahi.inc -inherit distro_features_check +inherit features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" DEPENDS += "avahi" diff --git a/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb b/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb index 3e2412dfa..089770634 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb @@ -37,6 +37,10 @@ UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # stay at 9.11 until 9.16, from 9.16 follow the ESV versions divisible by 4 UPSTREAM_CHECK_REGEX = "(?P<pver>9.(11|16|20|24|28)(\.\d+)+(-P\d+)*)/" +# BIND >= 9.11.2 need dhcpd >= 4.4.0, +# don't report it here since dhcpd is already recent enough. +CVE_CHECK_WHITELIST += "CVE-2019-6470" + inherit autotools update-rc.d systemd useradd pkgconfig multilib_script MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index 170232328..484509350 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -64,7 +64,7 @@ S = "${WORKDIR}/bluez-${PV}" CVE_PRODUCT = "bluez" -inherit autotools pkgconfig systemd update-rc.d distro_features_check ptest gobject-introspection-data +inherit autotools pkgconfig systemd update-rc.d features_check ptest gobject-introspection-data EXTRA_OECONF = "\ --enable-test \ diff --git a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index a56bd3751..778bf5019 100644 --- a/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -20,7 +20,7 @@ SRC_URI = "git://github.com/connectivity/connman-gnome.git \ S = "${WORKDIR}/git" -inherit autotools-brokensep gtk-icon-cache pkgconfig distro_features_check +inherit autotools-brokensep gtk-icon-cache pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" RDEPENDS_${PN} = "connman" diff --git a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.1.bb b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.2.bb index 7897170a7..27a15a9b1 100644 --- a/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.1.bb +++ b/poky/meta/recipes-core/glib-2.0/glib-2.0_2.62.2.bb @@ -20,5 +20,5 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \ SRC_URI_append_class-native = " file://relocate-modules.patch" SRC_URI_append_class-target = " file://glib-meson.cross" -SRC_URI[md5sum] = "64c14b4fe46c478992560c2f48a5b649" -SRC_URI[sha256sum] = "3dd9024e1d0872a6da7ac509937ccf997161b11d7d35be337c7e829cbae0f9df" +SRC_URI[md5sum] = "bed3a70397a019965efac0c49f9c8164" +SRC_URI[sha256sum] = "698824a413f76df039739c2a78f45b10939d526ae7495bab4e694e6730deb3f1" diff --git a/poky/meta/recipes-core/glib-2.0/glib.inc b/poky/meta/recipes-core/glib-2.0/glib.inc index 8b95f2120..e811b42d7 100644 --- a/poky/meta/recipes-core/glib-2.0/glib.inc +++ b/poky/meta/recipes-core/glib-2.0/glib.inc @@ -28,7 +28,7 @@ PACKAGES += "${PN}-codegen ${PN}-utils" LEAD_SONAME = "libglib-2.0.*" -inherit meson gettext gtk-doc pkgconfig ptest-gnome upstream-version-is-even bash-completion gio-module-cache manpages distro_features_check +inherit meson gettext gtk-doc pkgconfig ptest-gnome upstream-version-is-even bash-completion gio-module-cache manpages features_check GTKDOC_MESON_OPTION = "gtk_doc" diff --git a/poky/meta/recipes-core/glibc/glibc.inc b/poky/meta/recipes-core/glibc/glibc.inc index 252fd56c1..ea9a04ac7 100644 --- a/poky/meta/recipes-core/glibc/glibc.inc +++ b/poky/meta/recipes-core/glibc/glibc.inc @@ -6,7 +6,7 @@ DEPENDS = "virtual/${TARGET_PREFIX}gcc libgcc-initial linux-libc-headers" PROVIDES = "virtual/libc" PROVIDES += "virtual/libintl virtual/libiconv" -inherit autotools texinfo distro_features_check systemd +inherit autotools texinfo features_check systemd LEAD_SONAME = "libc.so" diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.9.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.9.bb index c38f883e4..5a7e098f3 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.9.9.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.9.9.bb @@ -35,7 +35,7 @@ PACKAGECONFIG ??= "python \ PACKAGECONFIG[python] = "--with-python=${PYTHON},--without-python,python3" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," -inherit autotools pkgconfig binconfig-disabled ptest distro_features_check +inherit autotools pkgconfig binconfig-disabled ptest features_check inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)} diff --git a/poky/meta/recipes-core/meta/cve-update-db-native.bb b/poky/meta/recipes-core/meta/cve-update-db-native.bb index 19875a49b..db1d69a28 100644 --- a/poky/meta/recipes-core/meta/cve-update-db-native.bb +++ b/poky/meta/recipes-core/meta/cve-update-db-native.bb @@ -21,15 +21,17 @@ python do_populate_cve_db() { """ Update NVD database with json data feed """ - + import bb.utils import sqlite3, urllib, urllib.parse, shutil, gzip from datetime import date + bb.utils.export_proxies(d) + BASE_URL = "https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-" YEAR_START = 2002 - db_dir = os.path.join(d.getVar("DL_DIR"), 'CVE_CHECK') - db_file = os.path.join(db_dir, 'nvdcve_1.0.db') + db_file = d.getVar("CVE_CHECK_DB_FILE") + db_dir = os.path.dirname(db_file) json_tmpfile = os.path.join(db_dir, 'nvd.json.gz') # Don't refresh the database more than once an hour @@ -40,16 +42,6 @@ python do_populate_cve_db() { except OSError: pass - proxy = d.getVar("https_proxy") - if proxy: - # instantiate an opener but do not install it as the global - # opener unless if we're really sure it's applicable for all - # urllib requests - proxy_handler = urllib.request.ProxyHandler({'https': proxy}) - proxy_opener = urllib.request.build_opener(proxy_handler) - else: - proxy_opener = None - cve_f = open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') if not os.path.isdir(db_dir): @@ -67,15 +59,7 @@ python do_populate_cve_db() { json_url = year_url + ".json.gz" # Retrieve meta last modified date - - response = None - - if proxy_opener: - response = proxy_opener.open(meta_url) - else: - req = urllib.request.Request(meta_url) - response = urllib.request.urlopen(req) - + response = urllib.request.urlopen(meta_url) if response: for l in response.read().decode("utf-8").splitlines(): key, value = l.split(":", 1) @@ -95,12 +79,7 @@ python do_populate_cve_db() { # Update db with current year json file try: - if proxy_opener: - response = proxy_opener.open(json_url) - else: - req = urllib.request.Request(json_url) - response = urllib.request.urlopen(req) - + response = urllib.request.urlopen(json_url) if response: update_db(c, gzip.decompress(response.read()).decode('utf-8')) c.execute("insert or replace into META values (?, ?)", [year, last_modified]) @@ -120,11 +99,14 @@ python do_populate_cve_db() { def initialize_db(c): c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") + c.execute("CREATE TABLE IF NOT EXISTS NVD (ID TEXT UNIQUE, SUMMARY TEXT, \ SCOREV2 TEXT, SCOREV3 TEXT, MODIFIED INTEGER, VECTOR TEXT)") + c.execute("CREATE TABLE IF NOT EXISTS PRODUCTS (ID TEXT, \ VENDOR TEXT, PRODUCT TEXT, VERSION_START TEXT, OPERATOR_START TEXT, \ VERSION_END TEXT, OPERATOR_END TEXT)") + c.execute("CREATE INDEX IF NOT EXISTS PRODUCT_ID_IDX on PRODUCTS(ID);") def parse_node_and_insert(c, node, cveId): # Parse children node if needed diff --git a/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb b/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb index ee9d0636f..0aab23e3e 100644 --- a/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb +++ b/poky/meta/recipes-core/packagegroups/packagegroup-self-hosted.bb @@ -8,7 +8,7 @@ PR = "r13" PACKAGE_ARCH = "${TUNE_PKGARCH}" -inherit packagegroup distro_features_check +inherit packagegroup features_check # rdepends on libx11-dev REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-core/systemd/systemd-compat-units.bb b/poky/meta/recipes-core/systemd/systemd-compat-units.bb index d228a51c1..faa428b58 100644 --- a/poky/meta/recipes-core/systemd/systemd-compat-units.bb +++ b/poky/meta/recipes-core/systemd/systemd-compat-units.bb @@ -8,7 +8,7 @@ PACKAGE_WRITE_DEPS += "systemd-systemctl-native" S = "${WORKDIR}" -inherit distro_features_check +inherit features_check ALLOW_EMPTY_${PN} = "1" diff --git a/poky/meta/recipes-core/systemd/systemd-serialgetty.bb b/poky/meta/recipes-core/systemd/systemd-serialgetty.bb index 65a931f41..044c6c5b6 100644 --- a/poky/meta/recipes-core/systemd/systemd-serialgetty.bb +++ b/poky/meta/recipes-core/systemd/systemd-serialgetty.bb @@ -12,7 +12,7 @@ SRC_URI = "file://serial-getty@.service" S = "${WORKDIR}" # As this package is tied to systemd, only build it when we're also building systemd. -inherit distro_features_check +inherit features_check REQUIRED_DISTRO_FEATURES = "systemd" do_install() { diff --git a/poky/meta/recipes-core/systemd/systemd_243.bb b/poky/meta/recipes-core/systemd/systemd_243.bb index 7935380e7..b31d0b5ed 100644 --- a/poky/meta/recipes-core/systemd/systemd_243.bb +++ b/poky/meta/recipes-core/systemd/systemd_243.bb @@ -8,7 +8,7 @@ DEPENDS = "intltool-native gperf-native libcap util-linux" SECTION = "base/shell" -inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages distro_features_check +inherit useradd pkgconfig meson perlnative update-rc.d update-alternatives qemu systemd gettext bash-completion manpages features_check # As this recipe builds udev, respect systemd being in DISTRO_FEATURES so # that we don't build both udev and systemd in world builds. @@ -317,7 +317,6 @@ PACKAGES =+ "\ ${PN}-rpm-macros \ ${PN}-binfmt \ ${PN}-zsh-completion \ - ${PN}-xorg-xinitrc \ ${PN}-container \ ${PN}-journal-gatewayd \ ${PN}-journal-upload \ @@ -379,8 +378,6 @@ FILES_${PN}-kernel-install = "${bindir}/kernel-install \ FILES_${PN}-rpm-macros = "${exec_prefix}/lib/rpm \ " -FILES_${PN}-xorg-xinitrc = "${sysconfdir}/X11/xinit/xinitrc.d/*" - FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions" FILES_${PN}-binfmt = "${sysconfdir}/binfmt.d/ \ @@ -529,6 +526,7 @@ FILES_${PN} = " ${base_bindir}/* \ ${sysconfdir}/xdg/ \ ${sysconfdir}/init.d/README \ ${sysconfdir}/resolv-conf.systemd \ + ${sysconfdir}/X11/xinit/xinitrc.d/* \ ${rootlibexecdir}/systemd/* \ ${systemd_unitdir}/* \ ${base_libdir}/security/*.so \ diff --git a/poky/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb b/poky/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb index bfc1283f7..8fd6df9d6 100644 --- a/poky/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb +++ b/poky/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb @@ -29,7 +29,7 @@ SRC_URI[sha256sum] = "60bbc8c1e1792056e23761d22960b30bb13eccc2cabff8c7310a01f4d5 S = "${WORKDIR}/sysvinit-${PV}" B = "${S}/src" -inherit update-alternatives distro_features_check +inherit update-alternatives features_check DEPENDS_append = " update-rc.d-native base-passwd virtual/crypt" REQUIRED_DISTRO_FEATURES = "sysvinit" diff --git a/poky/meta/recipes-core/udev/eudev_3.2.8.bb b/poky/meta/recipes-core/udev/eudev_3.2.8.bb index eecf64e55..08729e14c 100644 --- a/poky/meta/recipes-core/udev/eudev_3.2.8.bb +++ b/poky/meta/recipes-core/udev/eudev_3.2.8.bb @@ -23,7 +23,7 @@ SRC_URI = "http://dev.gentoo.org/~blueness/${BPN}/${BP}.tar.gz \ SRC_URI[md5sum] = "ce166b3fdd910c2a4a840378f48fedaf" SRC_URI[sha256sum] = "61e4948e9e51271c3cce2bb5311a30b206dd03ef011062e6c627fb007e43f6b8" -inherit autotools update-rc.d qemu pkgconfig distro_features_check +inherit autotools update-rc.d qemu pkgconfig features_check CONFLICT_DISTRO_FEATURES = "systemd" diff --git a/poky/meta/recipes-core/volatile-binds/volatile-binds.bb b/poky/meta/recipes-core/volatile-binds/volatile-binds.bb index d861a71a6..b273293e9 100644 --- a/poky/meta/recipes-core/volatile-binds/volatile-binds.bb +++ b/poky/meta/recipes-core/volatile-binds/volatile-binds.bb @@ -11,7 +11,7 @@ SRC_URI = "\ S = "${WORKDIR}" -inherit allarch systemd distro_features_check +inherit allarch systemd features_check REQUIRED_DISTRO_FEATURES = "systemd" diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.1.bb index 12b5c4562..a44c0bc87 100644 --- a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb +++ b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.1.bb @@ -14,7 +14,7 @@ DEPENDS = "util-linux attr e2fsprogs lzo acl" DEPENDS_append_class-target = " udev" RDEPENDS_${PN} = "libgcc" -SRCREV = "de7856cee5907938441f765ebab7cc106b7faf70" +SRCREV = "f82e569b33c3c1cfd4f8f405085ff8d439a0a915" SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \ file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ " diff --git a/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb b/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb index 78e1565e4..1c602e7ce 100644 --- a/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb +++ b/poky/meta/recipes-devtools/cdrtools/cdrtools-native_3.01.bb @@ -7,7 +7,10 @@ SECTION = "console/utils" LICENSE = "GPLv2 & CDDL-1.0 & LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=32f68170be424c2cd64804337726b312" -SRC_URI = "${SOURCEFORGE_MIRROR}/project/cdrtools/cdrtools-${REALPV}.tar.bz2" +SRC_URI = " \ + ${SOURCEFORGE_MIRROR}/project/cdrtools/cdrtools-${REALPV}.tar.bz2 \ + file://0001-Don-t-set-uid-gid-during-install.patch \ + " UPSTREAM_VERSION_UNKNOWN = "1" SRC_URI[md5sum] = "7d45c5b7e1f78d85d1583b361aee6e8b" diff --git a/poky/meta/recipes-devtools/cdrtools/cdrtools/0001-Don-t-set-uid-gid-during-install.patch b/poky/meta/recipes-devtools/cdrtools/cdrtools/0001-Don-t-set-uid-gid-during-install.patch new file mode 100644 index 000000000..9d38294b4 --- /dev/null +++ b/poky/meta/recipes-devtools/cdrtools/cdrtools/0001-Don-t-set-uid-gid-during-install.patch @@ -0,0 +1,27 @@ +From 529cd5b007aa681c3ca14e5ab1e30469dd51646b Mon Sep 17 00:00:00 2001 +From: Paul Barker <paul@betafive.co.uk> +Date: Tue, 12 Nov 2019 22:17:19 +0000 +Subject: [PATCH] Don't set uid/gid during install + +Signed-off-by: Paul Barker <paul@betafive.co.uk> +Upstream-Status: Inappropriate [native] +--- + RULES/rules.prg | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/RULES/rules.prg b/RULES/rules.prg +index 023555c..f70f1a7 100644 +--- a/RULES/rules.prg ++++ b/RULES/rules.prg +@@ -94,7 +94,7 @@ INSGRP= $(__DEFINSGRP:$(_UNIQ)%=%) + + LD= @echo " ==> LINKING \"$@\""; ld + LOCALIZE= @echo " ==> LOCALIZING \"$@\""; $(RM_F) $@; cp +-INSTALL= @echo " ==> INSTALLING \"$@\""; sh $(SRCROOT)/conf/install-sh -c -m $(INSMODEINS) -o $(INSUSR) -g $(INSGRP) ++INSTALL= @echo " ==> INSTALLING \"$@\""; sh $(SRCROOT)/conf/install-sh -c -m $(INSMODEINS) + CHMOD= @echo " ==> SETTING PERMISSIONS ON \"$@\""; chmod + CHOWN= @echo " ==> SETTING OWNER ON \"$@\""; chown + CHGRP= @echo " ==> SETTING GROUP ON \"$@\""; chgrp +-- +2.24.0 + diff --git a/poky/meta/recipes-devtools/librepo/librepo_1.10.6.bb b/poky/meta/recipes-devtools/librepo/librepo_1.11.0.bb index cf4de22c4..30c8a5c55 100644 --- a/poky/meta/recipes-devtools/librepo/librepo_1.10.6.bb +++ b/poky/meta/recipes-devtools/librepo/librepo_1.11.0.bb @@ -8,7 +8,7 @@ SRC_URI = "git://github.com/rpm-software-management/librepo.git \ file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \ " -SRCREV = "2ec349f1c686c1704dc83da6c118035ff57c8dea" +SRCREV = "497f5eb2293662835bed6bdb0f43521788b2cebe" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/mtools/mtools_4.0.23.bb b/poky/meta/recipes-devtools/mtools/mtools_4.0.23.bb index 2ae69797a..2093d80db 100644 --- a/poky/meta/recipes-devtools/mtools/mtools_4.0.23.bb +++ b/poky/meta/recipes-devtools/mtools/mtools_4.0.23.bb @@ -35,7 +35,7 @@ SRC_URI = "${GNU_MIRROR}/mtools/mtools-${PV}.tar.bz2 \ SRC_URI_append_class-native = " file://disable-hardcoded-configs.patch" -inherit autotools texinfo distro_features_check +inherit autotools texinfo features_check EXTRA_OECONF = "--without-x" diff --git a/poky/meta/recipes-devtools/opkg-utils/opkg-utils/pipefail.patch b/poky/meta/recipes-devtools/opkg-utils/opkg-utils/pipefail.patch new file mode 100644 index 000000000..55ddcc1fd --- /dev/null +++ b/poky/meta/recipes-devtools/opkg-utils/opkg-utils/pipefail.patch @@ -0,0 +1,31 @@ +We need opkg-build to fail if for example the tar command is passed invalid +options. Without this, we see silently created empty packaged where data.tar +is zero bytes in size. This creates hard to debug problems. + +An example is when reproducible builds are enabled and run on old hosts like +centos7 which has tar < 1.28: + +Subprocess output:tar: unrecognized option '--clamp-mtime' +Try `tar --help' or `tar --usage' for more information. + +Upstream-Status: Pending +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: opkg-utils-0.4.1/opkg-build +=================================================================== +--- opkg-utils-0.4.1.orig/opkg-build ++++ opkg-utils-0.4.1/opkg-build +@@ -1,4 +1,4 @@ +-#!/bin/sh ++#!/bin/bash + + : <<=cut + =head1 NAME +@@ -12,6 +12,7 @@ opkg-build - construct an .opk from a di + # Updated to work on Familiar Pre0.7rc1, with busybox tar. + # Note it Requires: binutils-ar (since the busybox ar can't create) + set -e ++set -o pipefail + + version=1.0 + diff --git a/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.4.1.bb b/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.4.1.bb index cf1e4670c..eb6c7a3a6 100644 --- a/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.4.1.bb +++ b/poky/meta/recipes-devtools/opkg-utils/opkg-utils_0.4.1.bb @@ -10,6 +10,7 @@ PROVIDES += "${@bb.utils.contains('PACKAGECONFIG', 'update-alternatives', 'virtu SRC_URI = "http://git.yoctoproject.org/cgit/cgit.cgi/${BPN}/snapshot/${BPN}-${PV}.tar.gz \ file://0001-Switch-all-scripts-to-use-Python-3.x.patch \ file://0001-opkg-build-clamp-mtimes-to-SOURCE_DATE_EPOCH.patch \ + file://pipefail.patch \ " UPSTREAM_CHECK_URI = "http://git.yoctoproject.org/cgit/cgit.cgi/opkg-utils/refs/" @@ -19,6 +20,8 @@ SRC_URI[sha256sum] = "9ea9efdd9fe13661ad251e3a2860c1c93045adcfaa6659c3e86d9748ec TARGET_CC_ARCH += "${LDFLAGS}" +RDEPENDS_${PN} += "bash" + # For native builds we use the host Python PYTHONRDEPS = "python3 python3-shell python3-io python3-math python3-crypt python3-logging python3-fcntl python3-pickle python3-compression python3-stringold" PYTHONRDEPS_class-native = "" diff --git a/poky/meta/recipes-devtools/opkg/opkg/open_inner.patch b/poky/meta/recipes-devtools/opkg/opkg/open_inner.patch new file mode 100644 index 000000000..278e099e3 --- /dev/null +++ b/poky/meta/recipes-devtools/opkg/opkg/open_inner.patch @@ -0,0 +1,46 @@ +From alejandro.delcastillo@ni.com Wed Nov 20 22:35:02 2019 +From: Alejandro del Castillo <alejandro.delcastillo@ni.com> +To: <opkg-devel@googlegroups.com>, <richard.purdie@linuxfoundation.org> +CC: Alejandro del Castillo <alejandro.delcastillo@ni.com> +Subject: [opkg][PATCH 2/2] open_inner: add support for empty payloads +Date: Wed, 20 Nov 2019 16:34:48 -0600 +Message-ID: <20191120223448.26522-3-alejandro.delcastillo@ni.com> +X-Mailer: git-send-email 2.22.0 +In-Reply-To: <20191120223448.26522-1-alejandro.delcastillo@ni.com> +References: <20191120223448.26522-1-alejandro.delcastillo@ni.com> +MIME-Version: 1.0 +Content-Type: text/plain +Content-Transfer-Encoding: 8bit + +Support for empty compressed payloads need to be explicitly enabled on
+libarchive.
+
+Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
+ +Upstream-Status: Backport +---
+ libopkg/opkg_archive.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/libopkg/opkg_archive.c b/libopkg/opkg_archive.c
+index 0e9ccea..f19cece 100644
+--- a/libopkg/opkg_archive.c
++++ b/libopkg/opkg_archive.c
+@@ -618,6 +618,13 @@ static struct archive *open_inner(struct archive *outer)
+ goto err_cleanup;
+ }
+
++ r = archive_read_support_format_empty(inner);
++ if (r != ARCHIVE_OK) {
++ opkg_msg(ERROR, "Empty format not supported: %s\n",
++ archive_error_string(inner));
++ goto err_cleanup;
++ }
++
+ r = archive_read_open(inner, data, NULL, inner_read, inner_close);
+ if (r != ARCHIVE_OK) {
+ opkg_msg(ERROR, "Failed to open inner archive: %s\n",
+--
+2.22.0
+
+ diff --git a/poky/meta/recipes-devtools/opkg/opkg/opkg_archive.patch b/poky/meta/recipes-devtools/opkg/opkg/opkg_archive.patch new file mode 100644 index 000000000..3e1ebae95 --- /dev/null +++ b/poky/meta/recipes-devtools/opkg/opkg/opkg_archive.patch @@ -0,0 +1,54 @@ +From alejandro.delcastillo@ni.com Wed Nov 20 22:35:01 2019 +Return-Path: <richard.purdie+caf_=rpurdie=rpsys.net@linuxfoundation.org> +From: Alejandro del Castillo <alejandro.delcastillo@ni.com> +To: <opkg-devel@googlegroups.com>, <richard.purdie@linuxfoundation.org> +CC: Alejandro del Castillo <alejandro.delcastillo@ni.com> +Subject: [opkg][PATCH 1/2] opkg_archive.c: avoid double free on uncompress + error +Date: Wed, 20 Nov 2019 16:34:47 -0600 +Message-ID: <20191120223448.26522-2-alejandro.delcastillo@ni.com> +X-Mailer: git-send-email 2.22.0 +In-Reply-To: <20191120223448.26522-1-alejandro.delcastillo@ni.com> +References: <20191120223448.26522-1-alejandro.delcastillo@ni.com> +MIME-Version: 1.0 +Content-Type: text/plain +Content-Transfer-Encoding: 8bit + +The open-inner function calls archive_read_open. On error,
+archive_read_open calls inner_close, which also closes the outter
+archive. On error, return NULL directly to avoid double free.
+
+ +Upstream-Status: Backport + +Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com>
+---
+ libopkg/opkg_archive.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libopkg/opkg_archive.c b/libopkg/opkg_archive.c
+index 3d87db1..0e9ccea 100644
+--- a/libopkg/opkg_archive.c
++++ b/libopkg/opkg_archive.c
+@@ -622,7 +622,7 @@ static struct archive *open_inner(struct archive *outer)
+ if (r != ARCHIVE_OK) {
+ opkg_msg(ERROR, "Failed to open inner archive: %s\n",
+ archive_error_string(inner));
+- goto err_cleanup;
++ return NULL;
+ }
+
+ return inner;
+@@ -683,7 +683,7 @@ static struct archive *extract_outer(const char *filename, const char *arname)
+
+ inner = open_inner(outer);
+ if (!inner)
+- goto err_cleanup;
++ return NULL;
+
+ return inner;
+
+--
+2.22.0
+
+ diff --git a/poky/meta/recipes-devtools/opkg/opkg_0.4.1.bb b/poky/meta/recipes-devtools/opkg/opkg_0.4.1.bb index 149ee3ca1..f0ae8b36b 100644 --- a/poky/meta/recipes-devtools/opkg/opkg_0.4.1.bb +++ b/poky/meta/recipes-devtools/opkg/opkg_0.4.1.bb @@ -14,6 +14,8 @@ PE = "1" SRC_URI = "http://downloads.yoctoproject.org/releases/${BPN}/${BPN}-${PV}.tar.gz \ file://opkg.conf \ file://0001-opkg_conf-create-opkg.lock-in-run-instead-of-var-run.patch \ + file://opkg_archive.patch \ + file://open_inner.patch \ file://run-ptest \ " diff --git a/poky/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch b/poky/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch index 989818927..707ee596f 100644 --- a/poky/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch +++ b/poky/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch @@ -1,4 +1,4 @@ -From 12292444e1b3662b994bc223d92b8338fb0895ff Mon Sep 17 00:00:00 2001 +From 6cbb7529cf7ff0da3ca649fb3486facd9620d625 Mon Sep 17 00:00:00 2001 From: Changqing Li <changqing.li@windriver.com> Date: Thu, 25 Oct 2018 07:32:14 +0000 Subject: [PATCH] python-native: fix one do_populate_sysroot warning @@ -17,23 +17,24 @@ when do_populate_sysroot. use append to fix it. Upstream-Status: Inappropriate [oe-specific] Signed-off-by: Changqing Li <changqing.li@windriver.com> + --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py -index 7bf13ed..6c0f29b 100644 +index a2c8127..22f9e23 100644 --- a/setup.py +++ b/setup.py -@@ -40,7 +40,7 @@ def add_dir_to_list(dirlist, dir): - 1) 'dir' is not already in 'dirlist' - 2) 'dir' actually exists, and is a directory.""" - if dir is not None and os.path.isdir(dir) and dir not in dirlist: -- dirlist.insert(0, dir) -+ dirlist.append(dir) - - def macosx_sdk_root(): - """ +@@ -47,7 +47,7 @@ def add_dir_to_list(dirlist, dir): + else: + dir_exists = os.path.isdir(dir) + if dir_exists: +- dirlist.insert(0, dir) ++ dirlist.append(dir) + + MACOS_SDK_ROOT = None + -- -2.18.0 +2.17.1 diff --git a/poky/meta/recipes-devtools/python/python-native_2.7.16.bb b/poky/meta/recipes-devtools/python/python-native_2.7.17.bb index 90103af8b..936810d98 100644 --- a/poky/meta/recipes-devtools/python/python-native_2.7.16.bb +++ b/poky/meta/recipes-devtools/python/python-native_2.7.17.bb @@ -11,7 +11,7 @@ SRC_URI += "\ file://nohostlibs.patch \ file://multilib.patch \ file://add-md5module-support.patch \ - file://builddir.patch \ + file://0001-python-Resolve-intermediate-staging-issues.patch \ file://parallel-makeinst-create-bindir.patch \ file://revert_use_of_sysconfigdata.patch \ file://0001-python-native-fix-one-do_populate_sysroot-warning.patch \ diff --git a/poky/meta/recipes-devtools/python/python.inc b/poky/meta/recipes-devtools/python/python.inc index 1462b779e..a630c26e8 100644 --- a/poky/meta/recipes-devtools/python/python.inc +++ b/poky/meta/recipes-devtools/python/python.inc @@ -8,16 +8,10 @@ INC_PR = "r1" LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498" SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ - file://bpo-35907-cve-2019-9948.patch \ - file://bpo-35907-cve-2019-9948-fix.patch \ - file://bpo-36216-cve-2019-9636.patch \ - file://bpo-36216-cve-2019-9636-fix.patch \ - file://CVE-2019-9740.patch \ - file://CVE-2018-20852.patch \ " -SRC_URI[md5sum] = "30157d85a2c0479c09ea2cbe61f2aaf5" -SRC_URI[sha256sum] = "f222ef602647eecb6853681156d32de4450a2c39f4de93bd5b20235f2e660ed7" +SRC_URI[md5sum] = "b3b6d2c92f42a60667814358ab9f0cfd" +SRC_URI[sha256sum] = "4d43f033cdbd0aa7b7023c81b0e986fd11e653b5248dac9144d508f11812ba41" # python recipe is actually python 2.x # also, exclude pre-releases for both python 2.x and 3.x diff --git a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch deleted file mode 100644 index 5415472a3..000000000 --- a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch +++ /dev/null @@ -1,90 +0,0 @@ -From 532ed09c5454bb789a301bb6f1339a0818255610 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Roberto=20C=2E=20S=C3=A1nchez?= <roberto@connexer.com> -Date: Sat, 14 Sep 2019 13:26:38 -0400 -Subject: [PATCH] [2.7] bpo-34155: Dont parse domains containing @ (GH-13079) - (GH-16006) - -This change skips parsing of email addresses where domains include a "@" character, which can be maliciously used since the local part is returned as a complete address. - -(cherry picked from commit 8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9) - -Excludes changes to Lib/email/_header_value_parser.py, which did not -exist in 2.7. - -Co-authored-by: jpic <jpic@users.noreply.github.com> - -https://bugs.python.org/issue34155 - -Upstream-Status: Backport [https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9] - -CVE: CVE-2019-16056 - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - Lib/email/_parseaddr.py | 11 ++++++++++- - Lib/email/test/test_email.py | 14 ++++++++++++++ - .../2019-05-04-13-33-37.bpo-34155.MJll68.rst | 1 + - 3 files changed, 25 insertions(+), 1 deletion(-) - create mode 100644 Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst - -diff --git a/Lib/email/_parseaddr.py b/Lib/email/_parseaddr.py -index 690db2c22d..dc49d2e45a 100644 ---- a/Lib/email/_parseaddr.py -+++ b/Lib/email/_parseaddr.py -@@ -336,7 +336,12 @@ class AddrlistClass: - aslist.append('@') - self.pos += 1 - self.gotonext() -- return EMPTYSTRING.join(aslist) + self.getdomain() -+ domain = self.getdomain() -+ if not domain: -+ # Invalid domain, return an empty address instead of returning a -+ # local part to denote failed parsing. -+ return EMPTYSTRING -+ return EMPTYSTRING.join(aslist) + domain - - def getdomain(self): - """Get the complete domain name from an address.""" -@@ -351,6 +356,10 @@ class AddrlistClass: - elif self.field[self.pos] == '.': - self.pos += 1 - sdlist.append('.') -+ elif self.field[self.pos] == '@': -+ # bpo-34155: Don't parse domains with two `@` like -+ # `a@malicious.org@important.com`. -+ return EMPTYSTRING - elif self.field[self.pos] in self.atomends: - break - else: -diff --git a/Lib/email/test/test_email.py b/Lib/email/test/test_email.py -index 4b4dee3d34..2efe44ac5a 100644 ---- a/Lib/email/test/test_email.py -+++ b/Lib/email/test/test_email.py -@@ -2306,6 +2306,20 @@ class TestMiscellaneous(TestEmailBase): - self.assertEqual(Utils.parseaddr('<>'), ('', '')) - self.assertEqual(Utils.formataddr(Utils.parseaddr('<>')), '') - -+ def test_parseaddr_multiple_domains(self): -+ self.assertEqual( -+ Utils.parseaddr('a@b@c'), -+ ('', '') -+ ) -+ self.assertEqual( -+ Utils.parseaddr('a@b.c@c'), -+ ('', '') -+ ) -+ self.assertEqual( -+ Utils.parseaddr('a@172.17.0.1@c'), -+ ('', '') -+ ) -+ - def test_noquote_dump(self): - self.assertEqual( - Utils.formataddr(('A Silly Person', 'person@dom.ain')), -diff --git a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst -new file mode 100644 -index 0000000000..50292e29ed ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst -@@ -0,0 +1 @@ -+Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic. diff --git a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch deleted file mode 100644 index 3025cf7bc..000000000 --- a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch +++ /dev/null @@ -1,101 +0,0 @@ -From b161c89c8bd66fe928192e21364678c8e9b8fcc0 Mon Sep 17 00:00:00 2001 -From: Dong-hee Na <donghee.na92@gmail.com> -Date: Tue, 1 Oct 2019 19:58:01 +0900 -Subject: [PATCH] [2.7] bpo-38243: Escape the server title of DocXMLRPCServer - (GH-16447) - -Escape the server title of DocXMLRPCServer.DocXMLRPCServer -when rendering the document page as HTML. - -CVE: CVE-2019-16935 - -Upstream-Status: Backport [https://github.com/python/cpython/pull/16447/commits/b41cde823d026f2adc21ef14b1c2e92b1006de06] - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - Lib/DocXMLRPCServer.py | 13 +++++++++++- - Lib/test/test_docxmlrpc.py | 20 +++++++++++++++++++ - .../2019-09-25-13-21-09.bpo-38243.1pfz24.rst | 3 +++ - 3 files changed, 35 insertions(+), 1 deletion(-) - create mode 100644 Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst - -diff --git a/Lib/DocXMLRPCServer.py b/Lib/DocXMLRPCServer.py -index 4064ec2e48..90b037dd35 100644 ---- a/Lib/DocXMLRPCServer.py -+++ b/Lib/DocXMLRPCServer.py -@@ -20,6 +20,16 @@ from SimpleXMLRPCServer import (SimpleXMLRPCServer, - CGIXMLRPCRequestHandler, - resolve_dotted_attribute) - -+ -+def _html_escape_quote(s): -+ s = s.replace("&", "&") # Must be done first! -+ s = s.replace("<", "<") -+ s = s.replace(">", ">") -+ s = s.replace('"', """) -+ s = s.replace('\'', "'") -+ return s -+ -+ - class ServerHTMLDoc(pydoc.HTMLDoc): - """Class used to generate pydoc HTML document for a server""" - -@@ -210,7 +220,8 @@ class XMLRPCDocGenerator: - methods - ) - -- return documenter.page(self.server_title, documentation) -+ title = _html_escape_quote(self.server_title) -+ return documenter.page(title, documentation) - - class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): - """XML-RPC and documentation request handler class. -diff --git a/Lib/test/test_docxmlrpc.py b/Lib/test/test_docxmlrpc.py -index 4dff4159e2..c45b892b8b 100644 ---- a/Lib/test/test_docxmlrpc.py -+++ b/Lib/test/test_docxmlrpc.py -@@ -1,5 +1,6 @@ - from DocXMLRPCServer import DocXMLRPCServer - import httplib -+import re - import sys - from test import test_support - threading = test_support.import_module('threading') -@@ -176,6 +177,25 @@ class DocXMLRPCHTTPGETServer(unittest.TestCase): - self.assertIn("""Try self.<strong>add</strong>, too.""", - response.read()) - -+ def test_server_title_escape(self): -+ """Test that the server title and documentation -+ are escaped for HTML. -+ """ -+ self.serv.set_server_title('test_title<script>') -+ self.serv.set_server_documentation('test_documentation<script>') -+ self.assertEqual('test_title<script>', self.serv.server_title) -+ self.assertEqual('test_documentation<script>', -+ self.serv.server_documentation) -+ -+ generated = self.serv.generate_html_documentation() -+ title = re.search(r'<title>(.+?)</title>', generated).group() -+ documentation = re.search(r'<p><tt>(.+?)</tt></p>', generated).group() -+ self.assertEqual('<title>Python: test_title<script></title>', -+ title) -+ self.assertEqual('<p><tt>test_documentation<script></tt></p>', -+ documentation) -+ -+ - def test_main(): - test_support.run_unittest(DocXMLRPCHTTPGETServer) - -diff --git a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst -new file mode 100644 -index 0000000000..8f02baed9e ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst -@@ -0,0 +1,3 @@ -+Escape the server title of :class:`DocXMLRPCServer.DocXMLRPCServer` -+when rendering the document page as HTML. -+(Contributed by Dong-hee Na in :issue:`38243`.) --- -2.17.1 - diff --git a/poky/meta/recipes-devtools/python/python/builddir.patch b/poky/meta/recipes-devtools/python/python/0001-python-Resolve-intermediate-staging-issues.patch index ad629a022..2ff2ccc43 100644 --- a/poky/meta/recipes-devtools/python/python/builddir.patch +++ b/poky/meta/recipes-devtools/python/python/0001-python-Resolve-intermediate-staging-issues.patch @@ -1,5 +1,10 @@ -When cross compiling python, we used to need to install the Makefile, pyconfig.h -and the python library to their final location before being able to compile the +From 77bcb3238b2853d511714544e0f84a37be6c79bf Mon Sep 17 00:00:00 2001 +From: Richard Purdie <richard.purdie@linuxfoundation.org> +Date: Wed, 14 Nov 2012 14:31:24 +0000 +Subject: [PATCH] python: Resolve intermediate staging issues + +When cross compiling python, we used to need to install the Makefile, pyconfig.h +and the python library to their final location before being able to compile the rest of python. This change allows us to point python at its own source when building, avoiding a variety of sysroot staging issues and simplifying the main python recipe. @@ -7,10 +12,29 @@ python recipe. Upstream-Status: Inappropriate RP 2012/11/13 -Index: Python-2.7.9/Lib/sysconfig.py -=================================================================== ---- Python-2.7.9.orig/Lib/sysconfig.py -+++ Python-2.7.9/Lib/sysconfig.py +--- + Lib/distutils/sysconfig.py | 3 +++ + Lib/sysconfig.py | 5 ++++- + 2 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/Lib/distutils/sysconfig.py b/Lib/distutils/sysconfig.py +index 2f4b8ca..15bceb5 100644 +--- a/Lib/distutils/sysconfig.py ++++ b/Lib/distutils/sysconfig.py +@@ -31,6 +31,9 @@ else: + # sys.executable can be empty if argv[0] has been changed and Python is + # unable to retrieve the real program name + project_base = os.getcwd() ++_PYTHONBUILDDIR = os.environ.get("PYTHONBUILDDIR", None) ++if _PYTHONBUILDDIR: ++ project_base = _PYTHONBUILDDIR + if os.name == "nt" and "pcbuild" in project_base[-8:].lower(): + project_base = os.path.abspath(os.path.join(project_base, os.path.pardir)) + # PC/VS7.1 +diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py +index 9c8350d..bddbe2e 100644 +--- a/Lib/sysconfig.py ++++ b/Lib/sysconfig.py @@ -93,6 +93,7 @@ _PREFIX = os.path.normpath(sys.prefix) _EXEC_PREFIX = os.path.normpath(sys.exec_prefix) _CONFIG_VARS = None @@ -30,17 +54,6 @@ Index: Python-2.7.9/Lib/sysconfig.py _PROJECT_BASE = os.path.dirname(_safe_realpath(sys.executable)) else: # sys.executable can be empty if argv[0] has been changed and Python is -Index: Python-2.7.9/Lib/distutils/sysconfig.py -=================================================================== ---- Python-2.7.9.orig/Lib/distutils/sysconfig.py -+++ Python-2.7.9/Lib/distutils/sysconfig.py -@@ -26,6 +26,9 @@ EXEC_PREFIX = os.path.normpath(sys.exec_ - # live in project/PCBuild9. If we're dealing with an x64 Windows build, - # it'll live in project/PCbuild/amd64. - project_base = os.path.dirname(os.path.abspath(sys.executable)) -+_PYTHONBUILDDIR = os.environ.get("PYTHONBUILDDIR", None) -+if _PYTHONBUILDDIR: -+ project_base = _PYTHONBUILDDIR - if os.name == "nt" and "pcbuild" in project_base[-8:].lower(): - project_base = os.path.abspath(os.path.join(project_base, os.path.pardir)) - # PC/VS7.1 +-- +2.17.1 + diff --git a/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch b/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch deleted file mode 100644 index 23c784a21..000000000 --- a/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch +++ /dev/null @@ -1,123 +0,0 @@ -From 979daae300916adb399ab5b51410b6ebd0888f13 Mon Sep 17 00:00:00 2001 -From: Xtreak <tir.karthi@gmail.com> -Date: Sat, 15 Jun 2019 20:59:43 +0530 -Subject: [PATCH] [2.7] bpo-35121: prefix dot in domain for proper subdomain - validation (GH-10258) (GH-13426) - -This is a manual backport of ca7fe5063593958e5efdf90f068582837f07bd14 since 2.7 has `http.cookiejar` in `cookielib` - - -https://bugs.python.org/issue35121 -CVE: CVE-2018-20852 -Upstream-Status: Backport [https://github.com/python/cpython/pull/13426] -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - Lib/cookielib.py | 13 ++++++-- - Lib/test/test_cookielib.py | 30 +++++++++++++++++++ - .../2019-05-20-00-35-12.bpo-35121.RRi-HU.rst | 4 +++ - 3 files changed, 45 insertions(+), 2 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst - -diff --git a/Lib/cookielib.py b/Lib/cookielib.py -index 2dd7c48728e0..0b471a42f296 100644 ---- a/Lib/cookielib.py -+++ b/Lib/cookielib.py -@@ -1139,6 +1139,11 @@ def return_ok_domain(self, cookie, request): - req_host, erhn = eff_request_host(request) - domain = cookie.domain - -+ if domain and not domain.startswith("."): -+ dotdomain = "." + domain -+ else: -+ dotdomain = domain -+ - # strict check of non-domain cookies: Mozilla does this, MSIE5 doesn't - if (cookie.version == 0 and - (self.strict_ns_domain & self.DomainStrictNonDomain) and -@@ -1151,7 +1156,7 @@ def return_ok_domain(self, cookie, request): - _debug(" effective request-host name %s does not domain-match " - "RFC 2965 cookie domain %s", erhn, domain) - return False -- if cookie.version == 0 and not ("."+erhn).endswith(domain): -+ if cookie.version == 0 and not ("."+erhn).endswith(dotdomain): - _debug(" request-host %s does not match Netscape cookie domain " - "%s", req_host, domain) - return False -@@ -1165,7 +1170,11 @@ def domain_return_ok(self, domain, request): - req_host = "."+req_host - if not erhn.startswith("."): - erhn = "."+erhn -- if not (req_host.endswith(domain) or erhn.endswith(domain)): -+ if domain and not domain.startswith("."): -+ dotdomain = "." + domain -+ else: -+ dotdomain = domain -+ if not (req_host.endswith(dotdomain) or erhn.endswith(dotdomain)): - #_debug(" request domain %s does not match cookie domain %s", - # req_host, domain) - return False -diff --git a/Lib/test/test_cookielib.py b/Lib/test/test_cookielib.py -index f2dd9727d137..7f7ff614d61d 100644 ---- a/Lib/test/test_cookielib.py -+++ b/Lib/test/test_cookielib.py -@@ -368,6 +368,7 @@ def test_domain_return_ok(self): - ("http://foo.bar.com/", ".foo.bar.com", True), - ("http://foo.bar.com/", "foo.bar.com", True), - ("http://foo.bar.com/", ".bar.com", True), -+ ("http://foo.bar.com/", "bar.com", True), - ("http://foo.bar.com/", "com", True), - ("http://foo.com/", "rhubarb.foo.com", False), - ("http://foo.com/", ".foo.com", True), -@@ -378,6 +379,8 @@ def test_domain_return_ok(self): - ("http://foo/", "foo", True), - ("http://foo/", "foo.local", True), - ("http://foo/", ".local", True), -+ ("http://barfoo.com", ".foo.com", False), -+ ("http://barfoo.com", "foo.com", False), - ]: - request = urllib2.Request(url) - r = pol.domain_return_ok(domain, request) -@@ -938,6 +941,33 @@ def test_domain_block(self): - c.add_cookie_header(req) - self.assertFalse(req.has_header("Cookie")) - -+ c.clear() -+ -+ pol.set_blocked_domains([]) -+ req = Request("http://acme.com/") -+ res = FakeResponse(headers, "http://acme.com/") -+ cookies = c.make_cookies(res, req) -+ c.extract_cookies(res, req) -+ self.assertEqual(len(c), 1) -+ -+ req = Request("http://acme.com/") -+ c.add_cookie_header(req) -+ self.assertTrue(req.has_header("Cookie")) -+ -+ req = Request("http://badacme.com/") -+ c.add_cookie_header(req) -+ self.assertFalse(pol.return_ok(cookies[0], req)) -+ self.assertFalse(req.has_header("Cookie")) -+ -+ p = pol.set_blocked_domains(["acme.com"]) -+ req = Request("http://acme.com/") -+ c.add_cookie_header(req) -+ self.assertFalse(req.has_header("Cookie")) -+ -+ req = Request("http://badacme.com/") -+ c.add_cookie_header(req) -+ self.assertFalse(req.has_header("Cookie")) -+ - def test_secure(self): - from cookielib import CookieJar, DefaultCookiePolicy - -diff --git a/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst -new file mode 100644 -index 000000000000..77251806163b ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst -@@ -0,0 +1,4 @@ -+Don't send cookies of domain A without Domain attribute to domain B when -+domain A is a suffix match of domain B while using a cookiejar with -+:class:`cookielib.DefaultCookiePolicy` policy. Patch by Karthikeyan -+Singaravelan. diff --git a/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch b/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch deleted file mode 100644 index 95f43e038..000000000 --- a/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch +++ /dev/null @@ -1,216 +0,0 @@ -From bb8071a4cae5ab3fe321481dd3d73662ffb26052 Mon Sep 17 00:00:00 2001 -From: Victor Stinner <victor.stinner@gmail.com> -Date: Tue, 21 May 2019 15:12:33 +0200 -Subject: [PATCH] bpo-30458: Disallow control chars in http URLs (GH-12755) - (GH-13154) (GH-13315) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Disallow control chars in http URLs in urllib2.urlopen. This -addresses a potential security problem for applications that do not -sanity check their URLs where http request headers could be injected. - -Disable https related urllib tests on a build without ssl (GH-13032) -These tests require an SSL enabled build. Skip these tests when -python is built without SSL to fix test failures. - -Use httplib.InvalidURL instead of ValueError as the new error case's -exception. (GH-13044) - -Backport Co-Authored-By: Miro Hrončok <miro@hroncok.cz> - -(cherry picked from commit 7e200e0763f5b71c199aaf98bd5588f291585619) - -Notes on backport to Python 2.7: - -* test_urllib tests urllib.urlopen() which quotes the URL and so is - not vulerable to HTTP Header Injection. -* Add tests to test_urllib2 on urllib2.urlopen(). -* Reject non-ASCII characters: range 0x80-0xff. - -Upstream-Status: Backport -CVE: CVE-2019-9740 -CVE: CVE-2019-9947 -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - Lib/httplib.py | 16 ++++++ - Lib/test/test_urllib.py | 25 +++++++++ - Lib/test/test_urllib2.py | 51 ++++++++++++++++++- - Lib/test/test_xmlrpc.py | 8 ++- - .../2019-04-10-08-53-30.bpo-30458.51E-DA.rst | 1 + - 5 files changed, 99 insertions(+), 2 deletions(-) - create mode 100644 Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst - -diff --git a/Lib/httplib.py b/Lib/httplib.py -index 60a8fb4e355f..1b41c346e090 100644 ---- a/Lib/httplib.py -+++ b/Lib/httplib.py -@@ -247,6 +247,16 @@ - _is_legal_header_name = re.compile(r'\A[^:\s][^:\r\n]*\Z').match - _is_illegal_header_value = re.compile(r'\n(?![ \t])|\r(?![ \t\n])').search - -+# These characters are not allowed within HTTP URL paths. -+# See https://tools.ietf.org/html/rfc3986#section-3.3 and the -+# https://tools.ietf.org/html/rfc3986#appendix-A pchar definition. -+# Prevents CVE-2019-9740. Includes control characters such as \r\n. -+# Restrict non-ASCII characters above \x7f (0x80-0xff). -+_contains_disallowed_url_pchar_re = re.compile('[\x00-\x20\x7f-\xff]') -+# Arguably only these _should_ allowed: -+# _is_allowed_url_pchars_re = re.compile(r"^[/!$&'()*+,;=:@%a-zA-Z0-9._~-]+$") -+# We are more lenient for assumed real world compatibility purposes. -+ - # We always set the Content-Length header for these methods because some - # servers will otherwise respond with a 411 - _METHODS_EXPECTING_BODY = {'PATCH', 'POST', 'PUT'} -@@ -927,6 +937,12 @@ def putrequest(self, method, url, skip_host=0, skip_accept_encoding=0): - self._method = method - if not url: - url = '/' -+ # Prevent CVE-2019-9740. -+ match = _contains_disallowed_url_pchar_re.search(url) -+ if match: -+ raise InvalidURL("URL can't contain control characters. %r " -+ "(found at least %r)" -+ % (url, match.group())) - hdr = '%s %s %s' % (method, url, self._http_vsn_str) - - self._output(hdr) -diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py -index 1ce9201c0693..d7778d4194f3 100644 ---- a/Lib/test/test_urllib.py -+++ b/Lib/test/test_urllib.py -@@ -257,6 +257,31 @@ def test_url_fragment(self): - finally: - self.unfakehttp() - -+ def test_url_with_control_char_rejected(self): -+ for char_no in range(0, 0x21) + range(0x7f, 0x100): -+ char = chr(char_no) -+ schemeless_url = "//localhost:7777/test%s/" % char -+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.") -+ try: -+ # urllib quotes the URL so there is no injection. -+ resp = urllib.urlopen("http:" + schemeless_url) -+ self.assertNotIn(char, resp.geturl()) -+ finally: -+ self.unfakehttp() -+ -+ def test_url_with_newline_header_injection_rejected(self): -+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.") -+ host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123" -+ schemeless_url = "//" + host + ":8080/test/?test=a" -+ try: -+ # urllib quotes the URL so there is no injection. -+ resp = urllib.urlopen("http:" + schemeless_url) -+ self.assertNotIn(' ', resp.geturl()) -+ self.assertNotIn('\r', resp.geturl()) -+ self.assertNotIn('\n', resp.geturl()) -+ finally: -+ self.unfakehttp() -+ - def test_read_bogus(self): - # urlopen() should raise IOError for many error codes. - self.fakehttp('''HTTP/1.1 401 Authentication Required -diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py -index 6d24d5ddf83c..9531818e16b2 100644 ---- a/Lib/test/test_urllib2.py -+++ b/Lib/test/test_urllib2.py -@@ -15,6 +15,9 @@ - except ImportError: - ssl = None - -+from test.test_urllib import FakeHTTPMixin -+ -+ - # XXX - # Request - # CacheFTPHandler (hard to write) -@@ -1262,7 +1265,7 @@ def _test_basic_auth(self, opener, auth_handler, auth_header, - self.assertEqual(len(http_handler.requests), 1) - self.assertFalse(http_handler.requests[0].has_header(auth_header)) - --class MiscTests(unittest.TestCase): -+class MiscTests(unittest.TestCase, FakeHTTPMixin): - - def test_build_opener(self): - class MyHTTPHandler(urllib2.HTTPHandler): pass -@@ -1317,6 +1320,52 @@ def test_unsupported_algorithm(self): - "Unsupported digest authentication algorithm 'invalid'" - ) - -+ @unittest.skipUnless(ssl, "ssl module required") -+ def test_url_with_control_char_rejected(self): -+ for char_no in range(0, 0x21) + range(0x7f, 0x100): -+ char = chr(char_no) -+ schemeless_url = "//localhost:7777/test%s/" % char -+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.") -+ try: -+ # We explicitly test urllib.request.urlopen() instead of the top -+ # level 'def urlopen()' function defined in this... (quite ugly) -+ # test suite. They use different url opening codepaths. Plain -+ # urlopen uses FancyURLOpener which goes via a codepath that -+ # calls urllib.parse.quote() on the URL which makes all of the -+ # above attempts at injection within the url _path_ safe. -+ escaped_char_repr = repr(char).replace('\\', r'\\') -+ InvalidURL = httplib.InvalidURL -+ with self.assertRaisesRegexp( -+ InvalidURL, "contain control.*" + escaped_char_repr): -+ urllib2.urlopen("http:" + schemeless_url) -+ with self.assertRaisesRegexp( -+ InvalidURL, "contain control.*" + escaped_char_repr): -+ urllib2.urlopen("https:" + schemeless_url) -+ finally: -+ self.unfakehttp() -+ -+ @unittest.skipUnless(ssl, "ssl module required") -+ def test_url_with_newline_header_injection_rejected(self): -+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.") -+ host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123" -+ schemeless_url = "//" + host + ":8080/test/?test=a" -+ try: -+ # We explicitly test urllib2.urlopen() instead of the top -+ # level 'def urlopen()' function defined in this... (quite ugly) -+ # test suite. They use different url opening codepaths. Plain -+ # urlopen uses FancyURLOpener which goes via a codepath that -+ # calls urllib.parse.quote() on the URL which makes all of the -+ # above attempts at injection within the url _path_ safe. -+ InvalidURL = httplib.InvalidURL -+ with self.assertRaisesRegexp( -+ InvalidURL, r"contain control.*\\r.*(found at least . .)"): -+ urllib2.urlopen("http:" + schemeless_url) -+ with self.assertRaisesRegexp(InvalidURL, r"contain control.*\\n"): -+ urllib2.urlopen("https:" + schemeless_url) -+ finally: -+ self.unfakehttp() -+ -+ - - class RequestTests(unittest.TestCase): - -diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py -index 36b3be67fd6b..90ccb30716ff 100644 ---- a/Lib/test/test_xmlrpc.py -+++ b/Lib/test/test_xmlrpc.py -@@ -659,7 +659,13 @@ def test_dotted_attribute(self): - def test_partial_post(self): - # Check that a partial POST doesn't make the server loop: issue #14001. - conn = httplib.HTTPConnection(ADDR, PORT) -- conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye') -+ conn.send('POST /RPC2 HTTP/1.0\r\n' -+ 'Content-Length: 100\r\n\r\n' -+ 'bye HTTP/1.1\r\n' -+ 'Host: %s:%s\r\n' -+ 'Accept-Encoding: identity\r\n' -+ 'Content-Length: 0\r\n\r\n' -+ % (ADDR, PORT)) - conn.close() - - class SimpleServerEncodingTestCase(BaseServerTestCase): -diff --git a/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst -new file mode 100644 -index 000000000000..47cb899df1af ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst -@@ -0,0 +1 @@ -+Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an httplib.InvalidURL exception to be raised. diff --git a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch deleted file mode 100644 index b26723701..000000000 --- a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 179a5f75f1121dab271fe8f90eb35145f9dcbbda Mon Sep 17 00:00:00 2001 -From: Sihoon Lee <push0ebp@gmail.com> -Date: Fri, 17 May 2019 02:41:06 +0900 -Subject: [PATCH] Update test_urllib.py and urllib.py\nchange assertEqual into - assertRasies in DummyURLopener test, and simplify mitigation - -Upstream-Status: Submitted https://github.com/python/cpython/pull/11842 - -CVE: CVE-2019-9948 - -Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> ---- - Lib/test/test_urllib.py | 11 +++-------- - Lib/urllib.py | 4 ++-- - 2 files changed, 5 insertions(+), 10 deletions(-) - -diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py -index e5f210e62a18..1e23dfb0bb16 100644 ---- a/Lib/test/test_urllib.py -+++ b/Lib/test/test_urllib.py -@@ -1027,14 +1027,9 @@ def test_local_file_open(self): - class DummyURLopener(urllib.URLopener): - def open_local_file(self, url): - return url -- self.assertEqual(DummyURLopener().open( -- 'local-file://example'), '//example') -- self.assertEqual(DummyURLopener().open( -- 'local_file://example'), '//example') -- self.assertRaises(IOError, urllib.urlopen, -- 'local-file://example') -- self.assertRaises(IOError, urllib.urlopen, -- 'local_file://example') -+ for url in ('local_file://example', 'local-file://example'): -+ self.assertRaises(IOError, DummyURLopener().open, url) -+ self.assertRaises(IOError, urllib.urlopen, url) - - # Just commented them out. - # Can't really tell why keep failing in windows and sparc. -diff --git a/Lib/urllib.py b/Lib/urllib.py -index a24e9a5c68fb..39b834054e9e 100644 ---- a/Lib/urllib.py -+++ b/Lib/urllib.py -@@ -203,10 +203,10 @@ def open(self, fullurl, data=None): - name = 'open_' + urltype - self.type = urltype - name = name.replace('-', '_') -- -+ - # bpo-35907: # disallow the file reading with the type not allowed - if not hasattr(self, name) or \ -- (self == _urlopener and name == 'open_local_file'): -+ getattr(self, name) == self.open_local_file: - if proxy: - return self.open_unknown_proxy(proxy, fullurl, data) - else: diff --git a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch deleted file mode 100644 index f4c225d2f..000000000 --- a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 8f99cc799e4393bf1112b9395b2342f81b3f45ef Mon Sep 17 00:00:00 2001 -From: push0ebp <push0ebp@shl-MacBook-Pro.local> -Date: Thu, 14 Feb 2019 02:05:46 +0900 -Subject: [PATCH] bpo-35907: Avoid file reading as disallowing the unnecessary - URL scheme in urllib - -Upstream-Status: Submitted https://github.com/python/cpython/pull/11842 - -CVE: CVE-2019-9948 - -Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> ---- - Lib/test/test_urllib.py | 12 ++++++++++++ - Lib/urllib.py | 5 ++++- - 2 files changed, 16 insertions(+), 1 deletion(-) - -diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py -index 1ce9201c0693..e5f210e62a18 100644 ---- a/Lib/test/test_urllib.py -+++ b/Lib/test/test_urllib.py -@@ -1023,6 +1023,18 @@ def open_spam(self, url): - "spam://c:|windows%/:=&?~#+!$,;'@()*[]|/path/"), - "//c:|windows%/:=&?~#+!$,;'@()*[]|/path/") - -+ def test_local_file_open(self): -+ class DummyURLopener(urllib.URLopener): -+ def open_local_file(self, url): -+ return url -+ self.assertEqual(DummyURLopener().open( -+ 'local-file://example'), '//example') -+ self.assertEqual(DummyURLopener().open( -+ 'local_file://example'), '//example') -+ self.assertRaises(IOError, urllib.urlopen, -+ 'local-file://example') -+ self.assertRaises(IOError, urllib.urlopen, -+ 'local_file://example') - - # Just commented them out. - # Can't really tell why keep failing in windows and sparc. -diff --git a/Lib/urllib.py b/Lib/urllib.py -index d85504a5cb7e..a24e9a5c68fb 100644 ---- a/Lib/urllib.py -+++ b/Lib/urllib.py -@@ -203,7 +203,10 @@ def open(self, fullurl, data=None): - name = 'open_' + urltype - self.type = urltype - name = name.replace('-', '_') -- if not hasattr(self, name): -+ -+ # bpo-35907: # disallow the file reading with the type not allowed -+ if not hasattr(self, name) or \ -+ (self == _urlopener and name == 'open_local_file'): - if proxy: - return self.open_unknown_proxy(proxy, fullurl, data) - else: diff --git a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch deleted file mode 100644 index 2ce4d2cde..000000000 --- a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 06b5ee585d6e76bdbb4002f642d864d860cbbd2b Mon Sep 17 00:00:00 2001 -From: Steve Dower <steve.dower@python.org> -Date: Tue, 12 Mar 2019 08:23:33 -0700 -Subject: [PATCH] bpo-36216: Only print test messages when verbose - -CVE: CVE-2019-9636 - -Upstream-Status: Backport https://github.com/python/cpython/pull/12291/commits/06b5ee585d6e76bdbb4002f642d864d860cbbd2b - -Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> ---- - Lib/test/test_urlparse.py | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py -index 73b0228ea8e3..1830d0b28688 100644 ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -644,7 +644,8 @@ def test_urlsplit_normalization(self): - for scheme in [u"http", u"https", u"ftp"]: - for c in denorm_chars: - url = u"{}://netloc{}false.netloc/path".format(scheme, c) -- print "Checking %r" % url -+ if test_support.verbose: -+ print "Checking %r" % url - with self.assertRaises(ValueError): - urlparse.urlsplit(url) - diff --git a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch deleted file mode 100644 index 352b13ba9..000000000 --- a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch +++ /dev/null @@ -1,111 +0,0 @@ -From 3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e Mon Sep 17 00:00:00 2001 -From: Steve Dower <steve.dower@python.org> -Date: Thu, 7 Mar 2019 08:25:22 -0800 -Subject: [PATCH] bpo-36216: Add check for characters in netloc that normalize - to separators (GH-12201) - -CVE: CVE-2019-9636 - -Upstream-Status: Backport https://github.com/python/cpython/pull/12216/commits/3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e - -Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> ---- - Doc/library/urlparse.rst | 20 ++++++++++++++++ - Lib/test/test_urlparse.py | 24 +++++++++++++++++++ - Lib/urlparse.py | 17 +++++++++++++ - .../2019-03-06-09-38-40.bpo-36216.6q1m4a.rst | 3 +++ - 4 files changed, 64 insertions(+) - create mode 100644 Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst - -diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py -index 4e1ded73c266..73b0228ea8e3 100644 ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -1,4 +1,6 @@ - from test import test_support -+import sys -+import unicodedata - import unittest - import urlparse - -@@ -624,6 +626,28 @@ def test_portseparator(self): - self.assertEqual(urlparse.urlparse("http://www.python.org:80"), - ('http','www.python.org:80','','','','')) - -+ def test_urlsplit_normalization(self): -+ # Certain characters should never occur in the netloc, -+ # including under normalization. -+ # Ensure that ALL of them are detected and cause an error -+ illegal_chars = u'/:#?@' -+ hex_chars = {'{:04X}'.format(ord(c)) for c in illegal_chars} -+ denorm_chars = [ -+ c for c in map(unichr, range(128, sys.maxunicode)) -+ if (hex_chars & set(unicodedata.decomposition(c).split())) -+ and c not in illegal_chars -+ ] -+ # Sanity check that we found at least one such character -+ self.assertIn(u'\u2100', denorm_chars) -+ self.assertIn(u'\uFF03', denorm_chars) -+ -+ for scheme in [u"http", u"https", u"ftp"]: -+ for c in denorm_chars: -+ url = u"{}://netloc{}false.netloc/path".format(scheme, c) -+ print "Checking %r" % url -+ with self.assertRaises(ValueError): -+ urlparse.urlsplit(url) -+ - def test_main(): - test_support.run_unittest(UrlParseTestCase) - -diff --git a/Lib/urlparse.py b/Lib/urlparse.py -index f7c2b032b097..54eda08651ab 100644 ---- a/Lib/urlparse.py -+++ b/Lib/urlparse.py -@@ -165,6 +165,21 @@ def _splitnetloc(url, start=0): - delim = min(delim, wdelim) # use earliest delim position - return url[start:delim], url[delim:] # return (domain, rest) - -+def _checknetloc(netloc): -+ if not netloc or not isinstance(netloc, unicode): -+ return -+ # looking for characters like \u2100 that expand to 'a/c' -+ # IDNA uses NFKC equivalence, so normalize for this check -+ import unicodedata -+ netloc2 = unicodedata.normalize('NFKC', netloc) -+ if netloc == netloc2: -+ return -+ _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay -+ for c in '/?#@:': -+ if c in netloc2: -+ raise ValueError("netloc '" + netloc2 + "' contains invalid " + -+ "characters under NFKC normalization") -+ - def urlsplit(url, scheme='', allow_fragments=True): - """Parse a URL into 5 components: - <scheme>://<netloc>/<path>?<query>#<fragment> -@@ -193,6 +208,7 @@ def urlsplit(url, scheme='', allow_fragments=True): - url, fragment = url.split('#', 1) - if '?' in url: - url, query = url.split('?', 1) -+ _checknetloc(netloc) - v = SplitResult(scheme, netloc, url, query, fragment) - _parse_cache[key] = v - return v -@@ -216,6 +232,7 @@ def urlsplit(url, scheme='', allow_fragments=True): - url, fragment = url.split('#', 1) - if '?' in url: - url, query = url.split('?', 1) -+ _checknetloc(netloc) - v = SplitResult(scheme, netloc, url, query, fragment) - _parse_cache[key] = v - return v -diff --git a/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst -new file mode 100644 -index 000000000000..1e1ad92c6feb ---- /dev/null -+++ b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst -@@ -0,0 +1,3 @@ -+Changes urlsplit() to raise ValueError when the URL contains characters that -+decompose under IDNA encoding (NFKC-normalization) into characters that -+affect how the URL is parsed. -\ No newline at end of file diff --git a/poky/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch b/poky/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch deleted file mode 100644 index 1b6cb8cf3..000000000 --- a/poky/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 5a1033fe5be764a135adcfff2fdc14edc3e5f327 Mon Sep 17 00:00:00 2001 -From: Changqing Li <changqing.li@windriver.com> -Date: Thu, 10 Oct 2019 16:32:19 +0800 -Subject: [PATCH] bpo-36742: Fixes handling of pre-normalization characters in - urlsplit() bpo-36742: Corrects fix to handle decomposition in usernames - -Upstream-Status: Backport - -https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259 -https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de#diff-b577545d73dd0cdb2c337a4c5f89e1d7 - -CVE: CVE-2019-10160 - -Signed-off-by: Changqing Li <changqing.li@windriver.com> ---- - Lib/test/test_urlparse.py | 19 +++++++++++++------ - Lib/urlparse.py | 14 +++++++++----- - 2 files changed, 22 insertions(+), 11 deletions(-) - -diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py -index 1830d0b..857ed96 100644 ---- a/Lib/test/test_urlparse.py -+++ b/Lib/test/test_urlparse.py -@@ -641,13 +641,20 @@ class UrlParseTestCase(unittest.TestCase): - self.assertIn(u'\u2100', denorm_chars) - self.assertIn(u'\uFF03', denorm_chars) - -+ # bpo-36742: Verify port separators are ignored when they -+ # existed prior to decomposition -+ urlparse.urlsplit(u'http://\u30d5\u309a:80') -+ with self.assertRaises(ValueError): -+ urlparse.urlsplit(u'http://\u30d5\u309a\ufe1380') -+ - for scheme in [u"http", u"https", u"ftp"]: -- for c in denorm_chars: -- url = u"{}://netloc{}false.netloc/path".format(scheme, c) -- if test_support.verbose: -- print "Checking %r" % url -- with self.assertRaises(ValueError): -- urlparse.urlsplit(url) -+ for netloc in [u"netloc{}false.netloc", u"n{}user@netloc"]: -+ for c in denorm_chars: -+ url = u"{}://{}/path".format(scheme, netloc.format(c)) -+ if test_support.verbose: -+ print "Checking %r" % url -+ with self.assertRaises(ValueError): -+ urlparse.urlsplit(url) - - def test_main(): - test_support.run_unittest(UrlParseTestCase) -diff --git a/Lib/urlparse.py b/Lib/urlparse.py -index 54eda08..e34b368 100644 ---- a/Lib/urlparse.py -+++ b/Lib/urlparse.py -@@ -171,14 +171,18 @@ def _checknetloc(netloc): - # looking for characters like \u2100 that expand to 'a/c' - # IDNA uses NFKC equivalence, so normalize for this check - import unicodedata -- netloc2 = unicodedata.normalize('NFKC', netloc) -- if netloc == netloc2: -+ n = netloc.replace(u'@', u'') # ignore characters already included -+ n = n.replace(u':', u'') # but not the surrounding text -+ n = n.replace(u'#', u'') -+ n = n.replace(u'?', u'') -+ -+ netloc2 = unicodedata.normalize('NFKC', n) -+ if n == netloc2: - return -- _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay - for c in '/?#@:': - if c in netloc2: -- raise ValueError("netloc '" + netloc2 + "' contains invalid " + -- "characters under NFKC normalization") -+ raise ValueError(u"netloc '" + netloc + u"' contains invalid " + -+ u"characters under NFKC normalization") - - def urlsplit(url, scheme='', allow_fragments=True): - """Parse a URL into 5 components: --- -2.7.4 - diff --git a/poky/meta/recipes-devtools/python/python_2.7.16.bb b/poky/meta/recipes-devtools/python/python_2.7.17.bb index 625c5312a..5b856a509 100644 --- a/poky/meta/recipes-devtools/python/python_2.7.16.bb +++ b/poky/meta/recipes-devtools/python/python_2.7.17.bb @@ -30,9 +30,6 @@ SRC_URI += " \ file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \ file://float-endian.patch \ file://0001-python2-use-cc_basename-to-replace-CC-for-checking-c.patch \ - file://0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch \ - file://bpo-36742-cve-2019-10160.patch \ - file://0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch \ " S = "${WORKDIR}/Python-${PV}" diff --git a/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb b/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb index b0433e0e9..aef883986 100644 --- a/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb +++ b/poky/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_233.bb @@ -20,7 +20,7 @@ S = "${WORKDIR}/git" DEPENDS = "systemd libxslt-native xmlto-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native intltool" -inherit pkgconfig autotools systemd distro_features_check +inherit pkgconfig autotools systemd features_check REQUIRED_DISTRO_FEATURES = "systemd" diff --git a/poky/meta/recipes-devtools/vala/vala_0.46.3.bb b/poky/meta/recipes-devtools/vala/vala_0.46.4.bb index eda5738c0..c4cd6dd41 100644 --- a/poky/meta/recipes-devtools/vala/vala_0.46.3.bb +++ b/poky/meta/recipes-devtools/vala/vala_0.46.4.bb @@ -4,5 +4,5 @@ SRC_URI += "file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.pat file://0001-vapigen.m4-use-PKG_CONFIG_SYSROOT_DIR.patch \ " -SRC_URI[md5sum] = "809ddac69b039ef509b61993c848613f" -SRC_URI[sha256sum] = "e29c2b1f108dc22c91bb501975a77c938aef079ca7875e1fbf41191e22cc57e3" +SRC_URI[md5sum] = "b79bbaf8929ec8ed35911b3571f5a248" +SRC_URI[sha256sum] = "4bb9b60fc0230b0db2c8a0e2a80ec29f1c10b43dc78355abba78adedbc2e03a1" diff --git a/poky/meta/recipes-extended/libsolv/libsolv_0.7.6.bb b/poky/meta/recipes-extended/libsolv/libsolv_0.7.8.bb index 3df899308..8fe9ae046 100644 --- a/poky/meta/recipes-extended/libsolv/libsolv_0.7.6.bb +++ b/poky/meta/recipes-extended/libsolv/libsolv_0.7.8.bb @@ -10,7 +10,7 @@ DEPENDS = "expat zlib" SRC_URI = "git://github.com/openSUSE/libsolv.git \ " -SRCREV = "17ce4bc4fb52a0b32964f3b7d491c18177980be1" +SRCREV = "5205c5683ce2c8b8288534059ba40a318a2a161d" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-extended/packagegroups/packagegroup-core-full-cmdline.bb b/poky/meta/recipes-extended/packagegroups/packagegroup-core-full-cmdline.bb index 2d96d1ba3..15a8e6ded 100644 --- a/poky/meta/recipes-extended/packagegroups/packagegroup-core-full-cmdline.bb +++ b/poky/meta/recipes-extended/packagegroups/packagegroup-core-full-cmdline.bb @@ -81,6 +81,7 @@ RDEPENDS_packagegroup-core-full-cmdline-utils = "\ gawk \ gmp \ grep \ + less \ makedevs \ mc \ mc-fish \ diff --git a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb index a2aa1ecd1..119493382 100644 --- a/poky/meta/recipes-extended/pam/libpam_1.3.1.bb +++ b/poky/meta/recipes-extended/pam/libpam_1.3.1.bb @@ -150,7 +150,7 @@ do_install() { fi } -inherit distro_features_check +inherit features_check REQUIRED_DISTRO_FEATURES = "pam" BBCLASSEXTEND = "nativesdk native" diff --git a/poky/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch b/poky/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch index 4d44495fd..9451303dd 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch +++ b/poky/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch @@ -1,4 +1,4 @@ -From 285877b7761d74736aca2687ed9bef2f78b82c33 Mon Sep 17 00:00:00 2001 +From dac375f640fecd45e6254a8d870ee37ec8f41670 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin <alex.kanavin@gmail.com> Date: Thu, 2 Nov 2017 16:21:22 +0200 Subject: [PATCH] Makefile.am: create src directory before attempting to write @@ -8,23 +8,21 @@ Otherwise out of tree builds will fail. Upstream-Status: Pending Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> + --- Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am -index 9f61ab4..b4ced7f 100644 +index 441ae94..882969d 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -79,7 +79,7 @@ EXTRA_DIST = src/signames.c README.md +@@ -86,7 +86,7 @@ EXTRA_DIST = src/signames.c README.md misc/git-version-gen CLEANFILES = src/signames.h - src/signames.h: src/signames.c Makefile + src/signames.h: src/signames.c Makefile src/$(am__dirstamp) - export LC_ALL=C ; \ + export LC_ALL=C ; mkdir -p src ; \ @CPP@ -dM $< |\ tr -s '\t ' ' ' | sort -n -k 3 | sed \ 's:#define SIG\([A-Z][A-Z]*[0-9]*\) \([0-9][0-9]*\).*$\:{\ \2,"\1" },:p;d' | \ --- -2.14.2 - diff --git a/poky/meta/recipes-extended/psmisc/psmisc_23.2.bb b/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb index 38e0a4405..b3c3c7e5a 100644 --- a/poky/meta/recipes-extended/psmisc/psmisc_23.2.bb +++ b/poky/meta/recipes-extended/psmisc/psmisc_23.3.bb @@ -6,5 +6,5 @@ SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \ file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \ file://0001-Makefile.am-create-src-directory-before-attempting-t.patch \ " -SRCREV = "44eab9a3a63394eae6b79a7ef0a042f57e0c8a8f" +SRCREV = "78bde849041e6c914a2a517ebe1255b86dc98772" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-extended/stress-ng/stress-ng_0.10.08.bb b/poky/meta/recipes-extended/stress-ng/stress-ng_0.10.10.bb index 470f42295..47a98f3aa 100644 --- a/poky/meta/recipes-extended/stress-ng/stress-ng_0.10.08.bb +++ b/poky/meta/recipes-extended/stress-ng/stress-ng_0.10.10.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "https://kernel.ubuntu.com/~cking/tarballs/${BPN}/${BP}.tar.xz \ file://0001-Do-not-preserve-ownership-when-installing-example-jo.patch \ " -SRC_URI[md5sum] = "e02acd0bc00d3c6a81412537393c2436" -SRC_URI[sha256sum] = "4addeaabcfcb709581cbc4c61182317b8d91bcf31f529bfa899d170facfd75ce" +SRC_URI[md5sum] = "ad4de38d6ff1ccf3640573e967dfb136" +SRC_URI[sha256sum] = "031de5ebc44b49992c11633f10aae96da05a85b326aebdffd88ba8c445d23cf4" DEPENDS = "coreutils-native" diff --git a/poky/meta/recipes-extended/sysstat/sysstat.inc b/poky/meta/recipes-extended/sysstat/sysstat.inc index 62de36b44..77cc6f2cf 100644 --- a/poky/meta/recipes-extended/sysstat/sysstat.inc +++ b/poky/meta/recipes-extended/sysstat/sysstat.inc @@ -10,7 +10,6 @@ SRC_URI = "http://pagesperso-orange.fr/sebastien.godard/${BP}.tar.xz \ " UPSTREAM_CHECK_URI = "http://sebastien.godard.pagesperso-orange.fr/download.html" -UPSTREAM_VERSION_UNKNOWN = "1" DEPENDS += "base-passwd" diff --git a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index 8e4663819..7788b5f3c 100644 --- a/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/poky/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -28,7 +28,7 @@ SRC_URI[sha256sum] = "d798b08af8a8e2063ddde6c9fa3398ca81484f27dec642c5627ffcaa0d UPSTREAM_CHECK_REGEX = "xdg-utils-(?P<pver>((\d+[\.\-_]*)+)((rc|alpha|beta)\d+)?)\.(tar\.gz|tgz)" # Needs brokensep as this doesn't use automake -inherit autotools-brokensep distro_features_check +inherit autotools-brokensep features_check # The xprop requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-gnome/epiphany/epiphany_3.34.1.bb b/poky/meta/recipes-gnome/epiphany/epiphany_3.34.1.bb index d1cb515a5..cebd55dc8 100644 --- a/poky/meta/recipes-gnome/epiphany/epiphany_3.34.1.bb +++ b/poky/meta/recipes-gnome/epiphany/epiphany_3.34.1.bb @@ -8,7 +8,7 @@ DEPENDS = "libsoup-2.4 webkitgtk gtk+3 iso-codes avahi libnotify gcr \ glib-2.0 glib-2.0-native json-glib libdazzle" GNOMEBASEBUILDCLASS = "meson" -inherit gnomebase gsettings distro_features_check upstream-version-is-even gettext +inherit gnomebase gsettings features_check upstream-version-is-even gettext REQUIRED_DISTRO_FEATURES = "x11 opengl" SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV}.tar.${GNOME_COMPRESS_TYPE};name=archive \ diff --git a/poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb b/poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb index 616b0e5bf..e3e899963 100644 --- a/poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb +++ b/poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=55ca817ccb7d5b5b66355690e9abc605" DEPENDS = "gtk+3 p11-kit glib-2.0 libgcrypt \ ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'libxslt-native', '', d)}" -inherit gnomebase gtk-icon-cache gtk-doc distro_features_check upstream-version-is-even vala gobject-introspection gettext +inherit gnomebase gtk-icon-cache gtk-doc features_check upstream-version-is-even vala gobject-introspection gettext # depends on gtk+3, but also x11 through gtk+-x11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-gnome/gtk+/gtk+3.inc b/poky/meta/recipes-gnome/gtk+/gtk+3.inc index dc6768c4e..e1f1e0db3 100644 --- a/poky/meta/recipes-gnome/gtk+/gtk+3.inc +++ b/poky/meta/recipes-gnome/gtk+/gtk+3.inc @@ -10,7 +10,7 @@ DEPENDS = "glib-2.0 cairo pango atk jpeg libpng gdk-pixbuf \ LICENSE = "LGPLv2 & LGPLv2+ & LGPLv2.1+" -inherit autotools gettext pkgconfig gtk-doc update-alternatives gtk-immodules-cache gsettings distro_features_check gobject-introspection +inherit autotools gettext pkgconfig gtk-doc update-alternatives gtk-immodules-cache gsettings features_check gobject-introspection BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-gnome/libdazzle/libdazzle_3.34.1.bb b/poky/meta/recipes-gnome/libdazzle/libdazzle_3.34.1.bb index e2973905f..1c8b2c86e 100644 --- a/poky/meta/recipes-gnome/libdazzle/libdazzle_3.34.1.bb +++ b/poky/meta/recipes-gnome/libdazzle/libdazzle_3.34.1.bb @@ -8,7 +8,7 @@ BUGTRACKER = "https://gitlab.gnome.org/GNOME/libdazzle/issues" LIC_FILES_CHKSUM = "file://COPYING;md5=8f0e2cd40e05189ec81232da84bd6e1a" GNOMEBASEBUILDCLASS = "meson" -inherit gnomebase upstream-version-is-even vala distro_features_check gobject-introspection +inherit gnomebase upstream-version-is-even vala features_check gobject-introspection DEPENDS = "glib-2.0-native glib-2.0 gtk+3" diff --git a/poky/meta/recipes-gnome/libnotify/libnotify_0.7.8.bb b/poky/meta/recipes-gnome/libnotify/libnotify_0.7.8.bb index f4cda7bc7..0306b04f4 100644 --- a/poky/meta/recipes-gnome/libnotify/libnotify_0.7.8.bb +++ b/poky/meta/recipes-gnome/libnotify/libnotify_0.7.8.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" DEPENDS = "dbus gtk+3 glib-2.0" -inherit gnomebase gtk-doc distro_features_check gobject-introspection +inherit gnomebase gtk-doc features_check gobject-introspection # depends on gtk+3 ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" diff --git a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb index f32e9ba1b..e3de3f616 100644 --- a/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb +++ b/poky/meta/recipes-graphics/cairo/cairo_1.16.0.bb @@ -10,12 +10,12 @@ HOMEPAGE = "http://cairographics.org" BUGTRACKER = "http://bugs.freedesktop.org" SECTION = "libs" -LICENSE = "MPL-1.1 & LGPLv2.1 & GPLv3+" -LICENSE_${PN} = "MPL-1.1 & LGPLv2.1" -LICENSE_${PN}-dev = "MPL-1.1 & LGPLv2.1" -LICENSE_${PN}-doc = "MPL-1.1 & LGPLv2.1" -LICENSE_${PN}-gobject = "MPL-1.1 & LGPLv2.1" -LICENSE_${PN}-script-interpreter = "MPL-1.1 & LGPLv2.1" +LICENSE = "(MPL-1.1 | LGPLv2.1) & GPLv3+" +LICENSE_${PN} = "MPL-1.1 | LGPLv2.1" +LICENSE_${PN}-dev = "MPL-1.1 | LGPLv2.1" +LICENSE_${PN}-doc = "MPL-1.1 | LGPLv2.1" +LICENSE_${PN}-gobject = "MPL-1.1 | LGPLv2.1" +LICENSE_${PN}-script-interpreter = "MPL-1.1 | LGPLv2.1" LICENSE_${PN}-perf-utils = "GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=e73e999e0c72b5ac9012424fa157ad77" diff --git a/poky/meta/recipes-graphics/clutter/clutter-1.0.inc b/poky/meta/recipes-graphics/clutter/clutter-1.0.inc index 9ecdfd0a8..5dc45ebf2 100644 --- a/poky/meta/recipes-graphics/clutter/clutter-1.0.inc +++ b/poky/meta/recipes-graphics/clutter/clutter-1.0.inc @@ -5,7 +5,7 @@ box UIs, presentations, kiosk style applications and so on." HOMEPAGE = "http://www.clutter-project.org/" LICENSE = "LGPLv2.1+" -inherit clutter ptest-gnome distro_features_check upstream-version-is-even gobject-introspection +inherit clutter ptest-gnome features_check upstream-version-is-even gobject-introspection # depends on cogl-1.0 which needs opengl REQUIRED_DISTRO_FEATURES ?= "opengl" diff --git a/poky/meta/recipes-graphics/clutter/clutter-gst-3.0.inc b/poky/meta/recipes-graphics/clutter/clutter-gst-3.0.inc index 4c877982b..fc3eade88 100644 --- a/poky/meta/recipes-graphics/clutter/clutter-gst-3.0.inc +++ b/poky/meta/recipes-graphics/clutter/clutter-gst-3.0.inc @@ -2,7 +2,7 @@ SUMMARY = "GStreamer integration library for Clutter" HOMEPAGE = "http://www.clutter-project.org/" LICENSE = "LGPLv2+" -inherit clutter distro_features_check upstream-version-is-even gobject-introspection +inherit clutter features_check upstream-version-is-even gobject-introspection # depends on clutter-1.0 which depends on cogl-1.0 REQUIRED_DISTRO_FEATURES ?= "opengl" diff --git a/poky/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc b/poky/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc index 11826a6f0..7bf227855 100644 --- a/poky/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc +++ b/poky/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc @@ -3,7 +3,7 @@ HOMEPAGE = "http://www.clutter-project.org/" LICENSE = "LGPLv2+" CLUTTERBASEBUILDCLASS = "meson" -inherit clutter distro_features_check upstream-version-is-even gobject-introspection gtk-doc +inherit clutter features_check upstream-version-is-even gobject-introspection gtk-doc # depends on clutter-1.0 which depends on cogl-1.0 REQUIRED_DISTRO_FEATURES ?= "opengl" diff --git a/poky/meta/recipes-graphics/cogl/cogl-1.0.inc b/poky/meta/recipes-graphics/cogl/cogl-1.0.inc index 23661d9b6..d8d06651d 100644 --- a/poky/meta/recipes-graphics/cogl/cogl-1.0.inc +++ b/poky/meta/recipes-graphics/cogl/cogl-1.0.inc @@ -6,7 +6,7 @@ can render without stepping on each others toes." HOMEPAGE = "http://wiki.clutter-project.org/wiki/Cogl" LICENSE = "MIT" -inherit clutter distro_features_check upstream-version-is-even gobject-introspection +inherit clutter features_check upstream-version-is-even gobject-introspection # cogl-1.0 needs opengl to build REQUIRED_DISTRO_FEATURES ?= "opengl" diff --git a/poky/meta/recipes-graphics/glew/glew_2.1.0.bb b/poky/meta/recipes-graphics/glew/glew_2.1.0.bb index 18e6909aa..f6f43406f 100644 --- a/poky/meta/recipes-graphics/glew/glew_2.1.0.bb +++ b/poky/meta/recipes-graphics/glew/glew_2.1.0.bb @@ -15,7 +15,7 @@ SRC_URI[sha256sum] = "04de91e7e6763039bc11940095cd9c7f880baba82196a7765f727ac05a UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/glew/files/glew" UPSTREAM_CHECK_REGEX = "/glew/(?P<pver>(\d+[\.\-_]*)+)/" -inherit lib_package pkgconfig distro_features_check +inherit lib_package pkgconfig features_check REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.1.bb b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb index 80ab545e0..ee08c12be 100644 --- a/poky/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.1.bb +++ b/poky/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=e11f5c3149cdec4bb309babb020b32b9 \ file://src/hb-ucd.cc;beginline=1;endline=15;md5=29d4dcb6410429195df67efe3382d8bc" SRC_URI = "http://www.freedesktop.org/software/harfbuzz/release/${BP}.tar.xz" -SRC_URI[md5sum] = "89b758a2eb14d56a94406cf914b62388" -SRC_URI[sha256sum] = "c651fb3faaa338aeb280726837c2384064cdc17ef40539228d88a1260960844f" +SRC_URI[md5sum] = "2b3a4dfdb3e5e50055f941978944da9f" +SRC_URI[sha256sum] = "9413b8d96132d699687ef914ebb8c50440efc87b3f775d25856d7ec347c03c12" inherit autotools pkgconfig lib_package gtk-doc diff --git a/poky/meta/recipes-graphics/images/core-image-weston.bb b/poky/meta/recipes-graphics/images/core-image-weston.bb index e36655ffc..f5102e198 100644 --- a/poky/meta/recipes-graphics/images/core-image-weston.bb +++ b/poky/meta/recipes-graphics/images/core-image-weston.bb @@ -4,7 +4,7 @@ IMAGE_FEATURES += "splash package-management ssh-server-dropbear hwcodecs" LICENSE = "MIT" -inherit core-image distro_features_check +inherit core-image features_check REQUIRED_DISTRO_FEATURES = "wayland" diff --git a/poky/meta/recipes-graphics/images/core-image-x11.bb b/poky/meta/recipes-graphics/images/core-image-x11.bb index cd5374949..52407759f 100644 --- a/poky/meta/recipes-graphics/images/core-image-x11.bb +++ b/poky/meta/recipes-graphics/images/core-image-x11.bb @@ -4,7 +4,7 @@ IMAGE_FEATURES += "splash package-management x11-base" LICENSE = "MIT" -inherit core-image distro_features_check +inherit core-image features_check REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/kmscube/kmscube_git.bb b/poky/meta/recipes-graphics/kmscube/kmscube_git.bb index 2b6837fef..82720045b 100644 --- a/poky/meta/recipes-graphics/kmscube/kmscube_git.bb +++ b/poky/meta/recipes-graphics/kmscube/kmscube_git.bb @@ -13,7 +13,7 @@ UPSTREAM_CHECK_COMMITS = "1" S = "${WORKDIR}/git" -inherit meson pkgconfig distro_features_check +inherit meson pkgconfig features_check REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/libepoxy/libepoxy_1.5.3.bb b/poky/meta/recipes-graphics/libepoxy/libepoxy_1.5.3.bb index 834d8154e..71a2c9135 100644 --- a/poky/meta/recipes-graphics/libepoxy/libepoxy_1.5.3.bb +++ b/poky/meta/recipes-graphics/libepoxy/libepoxy_1.5.3.bb @@ -15,7 +15,7 @@ SRC_URI[md5sum] = "e2845de8d2782b2d31c01ae8d7cd4cbb" SRC_URI[sha256sum] = "002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d" UPSTREAM_CHECK_URI = "https://github.com/anholt/libepoxy/releases" -inherit meson pkgconfig distro_features_check +inherit meson pkgconfig features_check REQUIRED_DISTRO_FEATURES = "opengl" REQUIRED_DISTRO_FEATURES_class-native = "" diff --git a/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb b/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb index 4b803dbae..ab6f5ac9e 100644 --- a/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb +++ b/poky/meta/recipes-graphics/libfakekey/libfakekey_git.bb @@ -17,7 +17,7 @@ SRC_URI = "git://git.yoctoproject.org/${BPN}" S = "${WORKDIR}/git" -inherit autotools pkgconfig gettext distro_features_check +inherit autotools pkgconfig gettext features_check # The libxtst requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb b/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb index cca2d48a4..1a3167797 100644 --- a/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb +++ b/poky/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb @@ -21,7 +21,7 @@ SRC_URI = "git://git.yoctoproject.org/${BPN}" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/libva/libva-utils_2.5.0.bb b/poky/meta/recipes-graphics/libva/libva-utils_2.5.0.bb index fc013d75c..f68d0cf8b 100644 --- a/poky/meta/recipes-graphics/libva/libva-utils_2.5.0.bb +++ b/poky/meta/recipes-graphics/libva/libva-utils_2.5.0.bb @@ -25,7 +25,7 @@ UPSTREAM_CHECK_URI = "https://github.com/intel/libva-utils/releases" DEPENDS = "libva" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on libva which requires opengl REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/libva/libva_2.5.0.bb b/poky/meta/recipes-graphics/libva/libva_2.5.0.bb index e75648b2b..73e2e01c3 100644 --- a/poky/meta/recipes-graphics/libva/libva_2.5.0.bb +++ b/poky/meta/recipes-graphics/libva/libva_2.5.0.bb @@ -26,7 +26,7 @@ UPSTREAM_CHECK_URI = "https://github.com/intel/libva/releases" DEPENDS = "libdrm virtual/mesa" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb b/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb index 815a75f36..b9961c398 100644 --- a/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb +++ b/poky/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb @@ -17,7 +17,7 @@ SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager \ S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch b/poky/meta/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch index 9fba5da4b..1869e1105 100644 --- a/poky/meta/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch +++ b/poky/meta/recipes-graphics/mesa/files/0001-meson.build-check-for-all-linux-host_os-combinations.patch @@ -1,8 +1,7 @@ -From ea966884e39aae9571c038fab55f3c1663d17850 Mon Sep 17 00:00:00 2001 -From: Fabio Berton <fabio.berton@ossystems.com.br> -Date: Wed, 12 Jun 2019 13:40:20 -0300 +From b6d9bc97cb0e8c540a45dba5440b036fb940ff95 Mon Sep 17 00:00:00 2001 +From: Alistair Francis <alistair.francis@wdc.com> +Date: Mon, 11 Nov 2019 09:38:15 -0800 Subject: [PATCH] meson.build: check for all linux host_os combinations -Organization: O.S. Systems Software LTDA. Make sure that we are also looking for our host_os combinations like linux-musl etc. when assuming support for DRM/KMS. @@ -14,29 +13,31 @@ Upstream-Status: Pending Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> +Signed-off-by: Alistair Francis <alistair.francis@wdc.com> + --- meson.build | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meson.build b/meson.build -index 567a81afd6f..b33b430aed4 100644 +index d584152..a1f098c 100644 --- a/meson.build +++ b/meson.build -@@ -107,7 +107,7 @@ with_any_opengl = with_opengl or with_gles1 or with_gles2 +@@ -117,7 +117,7 @@ with_any_opengl = with_opengl or with_gles1 or with_gles2 # Only build shared_glapi if at least one OpenGL API is enabled with_shared_glapi = get_option('shared-glapi') and with_any_opengl --system_has_kms_drm = ['openbsd', 'netbsd', 'freebsd', 'gnu/kfreebsd', 'dragonfly', 'linux'].contains(host_machine.system()) +-system_has_kms_drm = ['openbsd', 'netbsd', 'freebsd', 'gnu/kfreebsd', 'dragonfly', 'linux', 'sunos'].contains(host_machine.system()) +system_has_kms_drm = ['openbsd', 'netbsd', 'freebsd', 'dragonfly'].contains(host_machine.system()) or host_machine.system().startswith('linux') dri_drivers = get_option('dri-drivers') if dri_drivers.contains('auto') -@@ -845,7 +845,7 @@ if cc.compiles('int foo(void) __attribute__((__noreturn__));', +@@ -856,7 +856,7 @@ if cc.compiles('__uint128_t foo(void) { return 0; }', endif # TODO: this is very incomplete -if ['linux', 'cygwin', 'gnu', 'gnu/kfreebsd'].contains(host_machine.system()) +if ['cygwin', 'gnu', 'gnu/kfreebsd'].contains(host_machine.system()) or host_machine.system().startswith('linux') pre_args += '-D_GNU_SOURCE' - endif - + elif host_machine.system() == 'sunos' + pre_args += '-D__EXTENSIONS__' diff --git a/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-ELF-optional.patch b/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-ELF-optional.patch new file mode 100644 index 000000000..199ed572d --- /dev/null +++ b/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-ELF-optional.patch @@ -0,0 +1,46 @@ +From af6923544de02ded648a736e07b9bd8b7c52dba9 Mon Sep 17 00:00:00 2001 +From: Alistair Francis <alistair.francis@wdc.com> +Date: Wed, 23 Oct 2019 09:46:28 -0700 +Subject: [PATCH] meson.build: make TLS ELF optional + +USE_ELF_TLS has replaced GLX_USE_TLS so this patch is the original "make +TLS GLX optional again" patch updated to the latest mesa. + +Upstream-Status: Inappropriate [configuration] +Signed-off-by: Alistair Francis <alistair.francis@wdc.com> + +--- + meson.build | 2 +- + meson_options.txt | 6 ++++++ + 2 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/meson.build b/meson.build +index a1f098c..1e31eb4 100644 +--- a/meson.build ++++ b/meson.build +@@ -378,7 +378,7 @@ if with_egl and not (with_platform_drm or with_platform_surfaceless or with_plat + endif + + # Android uses emutls for versions <= P/28. For USE_ELF_TLS we need ELF TLS. +-if not with_platform_android or get_option('platform-sdk-version') >= 29 ++if (not with_platform_android or get_option('platform-sdk-version') >= 29) and get_option('elf-tls') + pre_args += '-DUSE_ELF_TLS' + endif + +diff --git a/meson_options.txt b/meson_options.txt +index b768c15..76cef24 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -333,6 +333,12 @@ option( + value : true, + description : 'Enable direct rendering in GLX and EGL for DRI', + ) ++option( ++ 'elf-tls', ++ type : 'boolean', ++ value : true, ++ description : 'Enable TLS support in ELF', ++) + option( + 'I-love-half-baked-turnips', + type : 'boolean', diff --git a/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch b/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch deleted file mode 100644 index 641bacf1d..000000000 --- a/poky/meta/recipes-graphics/mesa/files/0002-meson.build-make-TLS-GLX-optional-again.patch +++ /dev/null @@ -1,52 +0,0 @@ -From cee8e48c5344124e5d84307cb0c48ee0c9b3e684 Mon Sep 17 00:00:00 2001 -From: Fabio Berton <fabio.berton@ossystems.com.br> -Date: Wed, 12 Jun 2019 14:15:57 -0300 -Subject: [PATCH] meson.build: make TLS GLX optional again -Organization: O.S. Systems Software LTDA. - -This was optional with autotools, and needs to be disabled -when using musl C library, for instance. - -Upstream-Status: Pending - -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> -Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> -Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> ---- - meson.build | 4 +++- - meson_options.txt | 7 +++++++ - 2 files changed, 10 insertions(+), 1 deletion(-) - -diff --git a/meson.build b/meson.build -index b33b430aed4..0e50bb26c0a 100644 ---- a/meson.build -+++ b/meson.build -@@ -369,7 +369,9 @@ if with_egl and not (with_platform_drm or with_platform_surfaceless or with_plat - endif - endif - --pre_args += '-DGLX_USE_TLS' -+if get_option('glx-tls') -+ pre_args += '-DGLX_USE_TLS' -+endif - if with_glx != 'disabled' - if not (with_platform_x11 and with_any_opengl) - error('Cannot build GLX support without X11 platform support and at least one OpenGL API') -diff --git a/meson_options.txt b/meson_options.txt -index 1f72faabee8..fcd49efea27 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -339,6 +339,13 @@ option( - value : true, - description : 'Enable direct rendering in GLX and EGL for DRI', - ) -+option( -+ 'glx-tls', -+ type : 'boolean', -+ value : true, -+ description : 'Enable TLS support in GLX', -+) -+ - option( - 'I-love-half-baked-turnips', - type : 'boolean', diff --git a/poky/meta/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch b/poky/meta/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch index 346b21758..c20a1f7c5 100644 --- a/poky/meta/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch +++ b/poky/meta/recipes-graphics/mesa/files/0003-Allow-enable-DRI-without-DRI-drivers.patch @@ -1,24 +1,24 @@ -From f1482e88c2295b9c7288f5b273335a8e18039de8 Mon Sep 17 00:00:00 2001 +From 5ad6515238bc042cccf9959abad44fdee9aeb07f Mon Sep 17 00:00:00 2001 From: Fabio Berton <fabio.berton@ossystems.com.br> Date: Wed, 12 Jun 2019 14:18:31 -0300 Subject: [PATCH] Allow enable DRI without DRI drivers -Organization: O.S. Systems Software LTDA. Upstream-Status: Pending Signed-off-by: Andrei Gherzan <andrei@gherzan.ro> Signed-off-by: Fabio Berton <fabio.berton@ossystems.com.br> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> + --- meson.build | 2 +- meson_options.txt | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/meson.build b/meson.build -index 0e50bb26c0a..de065c290d6 100644 +index 1e31eb4..512eec6 100644 --- a/meson.build +++ b/meson.build -@@ -137,7 +137,7 @@ with_dri_r200 = dri_drivers.contains('r200') +@@ -147,7 +147,7 @@ with_dri_r200 = dri_drivers.contains('r200') with_dri_nouveau = dri_drivers.contains('nouveau') with_dri_swrast = dri_drivers.contains('swrast') @@ -28,7 +28,7 @@ index 0e50bb26c0a..de065c290d6 100644 gallium_drivers = get_option('gallium-drivers') if gallium_drivers.contains('auto') diff --git a/meson_options.txt b/meson_options.txt -index fcd49efea27..0529200b3bb 100644 +index 76cef24..a8abd04 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -34,6 +34,12 @@ option( diff --git a/poky/meta/recipes-graphics/mesa/files/0004-Revert-mesa-Enable-asm-unconditionally-now-that-gen_.patch b/poky/meta/recipes-graphics/mesa/files/0004-Revert-mesa-Enable-asm-unconditionally-now-that-gen_.patch new file mode 100644 index 000000000..b5658d0c9 --- /dev/null +++ b/poky/meta/recipes-graphics/mesa/files/0004-Revert-mesa-Enable-asm-unconditionally-now-that-gen_.patch @@ -0,0 +1,147 @@ +From 1b1cb6e5ea25eaa98573328b9565728a08245997 Mon Sep 17 00:00:00 2001 +From: Alistair Francis <alistair@alistair23.me> +Date: Thu, 14 Nov 2019 09:06:02 -0800 +Subject: [PATCH] Revert "mesa: Enable asm unconditionally, now that + gen_matypes is gone." + +This reverts commit 20294dceebc23236e33b22578245f7e6f41b6997. + +Upstream-Status: Inappropriate [configuration] +Signed-off-by: Alistair Francis <alistair@alistair23.me> + +--- + meson.build | 94 ++++++++++++++++++++++++++++++----------------- + meson_options.txt | 6 +++ + 2 files changed, 67 insertions(+), 33 deletions(-) + +diff --git a/meson.build b/meson.build +index 512eec6..a2bcc3a 100644 +--- a/meson.build ++++ b/meson.build +@@ -49,6 +49,7 @@ with_vulkan_icd_dir = get_option('vulkan-icd-dir') + with_tests = get_option('build-tests') + with_valgrind = get_option('valgrind') + with_libunwind = get_option('libunwind') ++with_asm = get_option('asm') + with_glx_read_only_text = get_option('glx-read-only-text') + with_glx_direct = get_option('glx-direct') + with_osmesa = get_option('osmesa') +@@ -985,41 +986,68 @@ endif + + # TODO: shared/static? Is this even worth doing? + ++# When cross compiling we generally need to turn off the use of assembly, ++# because mesa's assembly relies on building an executable for the host system, ++# and running it to get information about struct sizes. There is at least one ++# case of cross compiling where we can use asm, and that's x86_64 -> x86 when ++# host OS == build OS, since in that case the build machine can run the host's ++# binaries. ++if with_asm and meson.is_cross_build() ++ if build_machine.system() != host_machine.system() ++ # TODO: It may be possible to do this with an exe_wrapper (like wine). ++ message('Cross compiling from one OS to another, disabling assembly.') ++ with_asm = false ++ elif not (build_machine.cpu_family().startswith('x86') and host_machine.cpu_family() == 'x86') ++ # FIXME: Gentoo always sets -m32 for x86_64 -> x86 builds, resulting in an ++ # x86 -> x86 cross compile. We use startswith rather than == to handle this ++ # case. ++ # TODO: There may be other cases where the 64 bit version of the ++ # architecture can run 32 bit binaries (aarch64 and armv7 for example) ++ message(''' ++ Cross compiling to different architectures, and the host cannot run ++ the build machine's binaries. Disabling assembly. ++ ''') ++ with_asm = false ++ endif ++endif ++ + with_asm_arch = '' +-if host_machine.cpu_family() == 'x86' +- if system_has_kms_drm or host_machine.system() == 'gnu' +- with_asm_arch = 'x86' +- pre_args += ['-DUSE_X86_ASM', '-DUSE_MMX_ASM', '-DUSE_3DNOW_ASM', +- '-DUSE_SSE_ASM'] +- +- if with_glx_read_only_text +- pre_args += ['-DGLX_X86_READONLY_TEXT'] ++if with_asm ++ if host_machine.cpu_family() == 'x86' ++ if system_has_kms_drm or host_machine.system() == 'gnu' ++ with_asm_arch = 'x86' ++ pre_args += ['-DUSE_X86_ASM', '-DUSE_MMX_ASM', '-DUSE_3DNOW_ASM', ++ '-DUSE_SSE_ASM'] ++ ++ if with_glx_read_only_text ++ pre_args += ['-DGLX_X86_READONLY_TEXT'] ++ endif ++ endif ++ elif host_machine.cpu_family() == 'x86_64' ++ if system_has_kms_drm ++ with_asm_arch = 'x86_64' ++ pre_args += ['-DUSE_X86_64_ASM'] ++ endif ++ elif host_machine.cpu_family() == 'arm' ++ if system_has_kms_drm ++ with_asm_arch = 'arm' ++ pre_args += ['-DUSE_ARM_ASM'] ++ endif ++ elif host_machine.cpu_family() == 'aarch64' ++ if system_has_kms_drm ++ with_asm_arch = 'aarch64' ++ pre_args += ['-DUSE_AARCH64_ASM'] ++ endif ++ elif host_machine.cpu_family() == 'sparc64' ++ if system_has_kms_drm ++ with_asm_arch = 'sparc' ++ pre_args += ['-DUSE_SPARC_ASM'] ++ endif ++ elif host_machine.cpu_family().startswith('ppc64') and host_machine.endian() == 'little' ++ if system_has_kms_drm ++ with_asm_arch = 'ppc64le' ++ pre_args += ['-DUSE_PPC64LE_ASM'] + endif +- endif +-elif host_machine.cpu_family() == 'x86_64' +- if system_has_kms_drm +- with_asm_arch = 'x86_64' +- pre_args += ['-DUSE_X86_64_ASM'] +- endif +-elif host_machine.cpu_family() == 'arm' +- if system_has_kms_drm +- with_asm_arch = 'arm' +- pre_args += ['-DUSE_ARM_ASM'] +- endif +-elif host_machine.cpu_family() == 'aarch64' +- if system_has_kms_drm +- with_asm_arch = 'aarch64' +- pre_args += ['-DUSE_AARCH64_ASM'] +- endif +-elif host_machine.cpu_family() == 'sparc64' +- if system_has_kms_drm +- with_asm_arch = 'sparc' +- pre_args += ['-DUSE_SPARC_ASM'] +- endif +-elif host_machine.cpu_family().startswith('ppc64') and host_machine.endian() == 'little' +- if system_has_kms_drm +- with_asm_arch = 'ppc64le' +- pre_args += ['-DUSE_PPC64LE_ASM'] + endif + endif + +diff --git a/meson_options.txt b/meson_options.txt +index a8abd04..0f4bd80 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -233,6 +233,12 @@ option( + value : false, + description : 'Enable GLVND support.' + ) ++option( ++ 'asm', ++ type : 'boolean', ++ value : true, ++ description : 'Build assembly code if possible' ++) + option( + 'glx-read-only-text', + type : 'boolean', diff --git a/poky/meta/recipes-graphics/mesa/libglu_9.0.1.bb b/poky/meta/recipes-graphics/mesa/libglu_9.0.1.bb index 068fb19e2..703f131f7 100644 --- a/poky/meta/recipes-graphics/mesa/libglu_9.0.1.bb +++ b/poky/meta/recipes-graphics/mesa/libglu_9.0.1.bb @@ -21,7 +21,7 @@ S = "${WORKDIR}/glu-${PV}" DEPENDS = "virtual/libgl" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # Requires libGL.so which is provided by mesa when x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11 opengl" diff --git a/poky/meta/recipes-graphics/mesa/mesa-demos_8.4.0.bb b/poky/meta/recipes-graphics/mesa/mesa-demos_8.4.0.bb index 129a47df4..38bdbded2 100644 --- a/poky/meta/recipes-graphics/mesa/mesa-demos_8.4.0.bb +++ b/poky/meta/recipes-graphics/mesa/mesa-demos_8.4.0.bb @@ -22,7 +22,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/demos/${BPN}-${PV}.tar.bz2 \ SRC_URI[md5sum] = "6b65a02622765522176d00f553086fa3" SRC_URI[sha256sum] = "01e99c94a0184e63e796728af89bfac559795fb2a0d6f506fa900455ca5fff7d" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/egl, virtual/libgl ... REQUIRED_DISTRO_FEATURES = "opengl x11" diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_19.1.6.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_19.2.4.bb index d4b1c1c45..d4b1c1c45 100644 --- a/poky/meta/recipes-graphics/mesa/mesa-gl_19.1.6.bb +++ b/poky/meta/recipes-graphics/mesa/mesa-gl_19.2.4.bb diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc index 9e5808ee2..5838207e6 100644 --- a/poky/meta/recipes-graphics/mesa/mesa.inc +++ b/poky/meta/recipes-graphics/mesa/mesa.inc @@ -10,7 +10,7 @@ HOMEPAGE = "http://mesa3d.org" BUGTRACKER = "https://bugs.freedesktop.org" SECTION = "x11" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://docs/license.html;md5=725f991a1cc322aa7a0cd3a2016621c4" +LIC_FILES_CHKSUM = "file://docs/license.html;md5=3a4999caf82cc503ac8b9e37c235782e" PE = "2" @@ -24,7 +24,7 @@ PROVIDES = " \ virtual/mesa \ " -inherit meson pkgconfig python3native gettext distro_features_check +inherit meson pkgconfig python3native gettext features_check # Unset these to stop python trying to report the target Python setup _PYTHON_SYSCONFIGDATA_NAME[unexport] = "1" @@ -57,12 +57,12 @@ PACKAGECONFIG_class-target ??= "${@bb.utils.filter('DISTRO_FEATURES', 'wayland v ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'opengl egl gles gbm dri gallium', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11 opengl', 'x11 dri3', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11 vulkan', 'dri3', '', d)} \ - glx-tls \ + elf-tls \ " -PACKAGECONFIG_class-native ?= "gbm dri egl opengl glx-tls" -PACKAGECONFIG_class-nativesdk ?= "gbm dri egl opengl glx-tls" +PACKAGECONFIG_class-native ?= "gbm dri egl opengl elf-tls" +PACKAGECONFIG_class-nativesdk ?= "gbm dri egl opengl elf-tls" -PACKAGECONFIG_remove_libc-musl = "glx-tls" +PACKAGECONFIG_remove_libc-musl = "elf-tls" # "gbm" requires "dri", "opengl" PACKAGECONFIG[gbm] = "-Dgbm=true,-Dgbm=false" @@ -70,7 +70,7 @@ PACKAGECONFIG[gbm] = "-Dgbm=true,-Dgbm=false" X11_DEPS = "xorgproto virtual/libx11 libxext libxxf86vm libxdamage libxfixes xrandr" # "x11" requires "opengl" PACKAGECONFIG[x11] = ",-Dglx=disabled,${X11_DEPS}" -PACKAGECONFIG[glx-tls] = "-Dglx-tls=true, -Dglx-tls=false" +PACKAGECONFIG[elf-tls] = "-Delf-tls=true, -Delf-tls=false" PACKAGECONFIG[xvmc] = "-Dgallium-xvmc=true,-Dgallium-xvmc=false,libxvmc" PACKAGECONFIG[wayland] = ",,wayland-native wayland libdrm wayland-protocols" diff --git a/poky/meta/recipes-graphics/mesa/mesa_19.1.6.bb b/poky/meta/recipes-graphics/mesa/mesa_19.2.4.bb index 19221e9e2..f4b33df22 100644 --- a/poky/meta/recipes-graphics/mesa/mesa_19.1.6.bb +++ b/poky/meta/recipes-graphics/mesa/mesa_19.2.4.bb @@ -2,12 +2,13 @@ require ${BPN}.inc SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \ file://0001-meson.build-check-for-all-linux-host_os-combinations.patch \ - file://0002-meson.build-make-TLS-GLX-optional-again.patch \ + file://0002-meson.build-make-TLS-ELF-optional.patch \ file://0003-Allow-enable-DRI-without-DRI-drivers.patch \ + file://0004-Revert-mesa-Enable-asm-unconditionally-now-that-gen_.patch \ " -SRC_URI[md5sum] = "7dbb40b8d10e89bee0a5bfc85350647b" -SRC_URI[sha256sum] = "2a369b7b48545c6486e7e44913ad022daca097c8bd937bf30dcf3f17a94d3496" +SRC_URI[md5sum] = "5c047732b81651ddb341597528b4b096" +SRC_URI[sha256sum] = "09000a0f7dbbd82e193b81a8f1bf0c118eab7ca975c0329181968596e548e30f" UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P<pver>\d+(\.\d+)+)" diff --git a/poky/meta/recipes-graphics/mx/mx.inc b/poky/meta/recipes-graphics/mx/mx.inc index d30483748..714a06f0a 100644 --- a/poky/meta/recipes-graphics/mx/mx.inc +++ b/poky/meta/recipes-graphics/mx/mx.inc @@ -1,7 +1,7 @@ SUMMARY = "Clutter based UI widget library" LICENSE = "LGPLv2.1" -inherit clutter autotools distro_features_check gobject-introspection gtk-doc +inherit clutter autotools features_check gobject-introspection gtk-doc # depends on clutter-1.0 which depends on cogl-1.0 REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-clutter.bb b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-clutter.bb index 87c700e02..2e7b47dd4 100644 --- a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-clutter.bb +++ b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-clutter.bb @@ -6,7 +6,7 @@ SUMMARY = "Clutter package groups" PR = "r6" -inherit packagegroup distro_features_check +inherit packagegroup features_check # rdepends on clutter-* REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-base.bb b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-base.bb index 7ea72d55a..9ca2705a5 100644 --- a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-base.bb +++ b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-base.bb @@ -2,7 +2,7 @@ SUMMARY = "Basic X11 session" DESCRIPTION = "Packages required to set up a basic working X11 session" PR = "r1" -inherit packagegroup distro_features_check +inherit packagegroup features_check # rdepends on matchbox-wm REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb index 97dcac5f7..a0b944a67 100644 --- a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb +++ b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11-xserver.bb @@ -7,7 +7,7 @@ PR = "r40" PACKAGE_ARCH = "${MACHINE_ARCH}" -inherit packagegroup distro_features_check +inherit packagegroup features_check # rdepends on XSERVER REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb index 001db9e5e..cddf1932f 100644 --- a/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb +++ b/poky/meta/recipes-graphics/packagegroups/packagegroup-core-x11.bb @@ -4,7 +4,7 @@ PR = "r40" -inherit packagegroup distro_features_check +inherit packagegroup features_check REQUIRED_DISTRO_FEATURES = "x11" PACKAGES = "${PN} ${PN}-utils" diff --git a/poky/meta/recipes-graphics/piglit/piglit_git.bb b/poky/meta/recipes-graphics/piglit/piglit_git.bb index 28a52cfee..696d438c5 100644 --- a/poky/meta/recipes-graphics/piglit/piglit_git.bb +++ b/poky/meta/recipes-graphics/piglit/piglit_git.bb @@ -21,7 +21,7 @@ X11_RDEPS = "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'mesa-demos', '', d) DEPENDS = "libpng waffle libxkbcommon virtual/libgl python3-mako-native python3-numpy-native python3-six-native virtual/egl" -inherit cmake pkgconfig python3native distro_features_check bash-completion +inherit cmake pkgconfig python3native features_check bash-completion # depends on virtual/libgl REQUIRED_DISTRO_FEATURES += "opengl" diff --git a/poky/meta/recipes-graphics/pong-clock/pong-clock_1.0.bb b/poky/meta/recipes-graphics/pong-clock/pong-clock_1.0.bb index cdfe38a22..c3c237eee 100644 --- a/poky/meta/recipes-graphics/pong-clock/pong-clock_1.0.bb +++ b/poky/meta/recipes-graphics/pong-clock/pong-clock_1.0.bb @@ -2,7 +2,7 @@ SUMMARY = "A clock combined with a game of pong" LICENSE = "GPLv2+" DEPENDS = "virtual/libx11 xdmcp xau" -inherit distro_features_check pkgconfig +inherit features_check pkgconfig # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/startup-notification/startup-notification_0.12.bb b/poky/meta/recipes-graphics/startup-notification/startup-notification_0.12.bb index 6c1b93cd0..a26ab44fa 100644 --- a/poky/meta/recipes-graphics/startup-notification/startup-notification_0.12.bb +++ b/poky/meta/recipes-graphics/startup-notification/startup-notification_0.12.bb @@ -17,7 +17,7 @@ SECTION = "libs" DEPENDS = "virtual/libx11 libsm xcb-util" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.0.bb b/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.0.bb index 4ac4412df..4420d84ae 100644 --- a/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.0.bb +++ b/poky/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.0.bb @@ -16,7 +16,7 @@ SRC_URI = "git://anongit.freedesktop.org/virglrenderer \ S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb index d2041d7d4..74dc2ad67 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-demos_git.bb @@ -20,7 +20,7 @@ S = "${WORKDIR}/git" REQUIRED_DISTRO_FEATURES = 'vulkan' -inherit cmake distro_features_check +inherit cmake features_check DEPENDS = "vulkan-loader assimp" do_install_append () { diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.108.bb b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.108.bb index 2fd6c4448..a539c5a3c 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.108.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-loader_1.1.108.bb @@ -16,7 +16,7 @@ S = "${WORKDIR}/git" REQUIRED_DISTRO_FEATURES = "vulkan" -inherit cmake distro_features_check +inherit cmake features_check ANY_OF_DISTRO_FEATURES = "x11 wayland" DEPENDS += "vulkan-headers" diff --git a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.108.bb b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.108.bb index 26cdee3c1..4ac1bafd1 100644 --- a/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.108.bb +++ b/poky/meta/recipes-graphics/vulkan/vulkan-tools_1.1.108.bb @@ -10,7 +10,7 @@ SRCREV = "3ccd7f6ebae3e1919adf837718c04feb6c2acc61" S = "${WORKDIR}/git" -inherit cmake distro_features_check +inherit cmake features_check ANY_OF_DISTRO_FEATURES = "x11 wayland" REQUIRED_DISTRO_FEATURES = "vulkan" diff --git a/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb b/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb index 8a1d5748f..52cb1df89 100644 --- a/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb +++ b/poky/meta/recipes-graphics/waffle/waffle_1.6.0.bb @@ -9,7 +9,7 @@ SRC_URI[sha256sum] = "d9c899f710c50cfdd00f5f4cdfeaef0687d8497362239bdde93bed6c90 UPSTREAM_CHECK_URI = "http://www.waffle-gl.org/releases.html" -inherit meson distro_features_check lib_package bash-completion +inherit meson features_check lib_package bash-completion # This should be overridden per-machine to reflect the capabilities of the GL # stack. diff --git a/poky/meta/recipes-graphics/wayland/weston-init.bb b/poky/meta/recipes-graphics/wayland/weston-init.bb index 8b6689717..e3e739e2b 100644 --- a/poky/meta/recipes-graphics/wayland/weston-init.bb +++ b/poky/meta/recipes-graphics/wayland/weston-init.bb @@ -30,7 +30,7 @@ do_install() { sed -i 's,@LOCALSTATEDIR@,${localstatedir},g' ${D}${bindir}/weston-start } -inherit update-rc.d distro_features_check systemd +inherit update-rc.d features_check systemd # rdepends on weston which depends on virtual/egl REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/wayland/weston_7.0.0.bb b/poky/meta/recipes-graphics/wayland/weston_7.0.0.bb index d21275414..e6548d354 100644 --- a/poky/meta/recipes-graphics/wayland/weston_7.0.0.bb +++ b/poky/meta/recipes-graphics/wayland/weston_7.0.0.bb @@ -16,7 +16,7 @@ SRC_URI[sha256sum] = "a00a6d207b6a45f95f4401c604772a307c3767e5e2beecf3d879110c43 UPSTREAM_CHECK_URI = "https://wayland.freedesktop.org/releases.html" -inherit meson pkgconfig useradd distro_features_check +inherit meson pkgconfig useradd features_check # depends on virtual/egl REQUIRED_DISTRO_FEATURES = "opengl" diff --git a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb index a77c56445..385fea5e8 100644 --- a/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb +++ b/poky/meta/recipes-graphics/x11-common/xserver-nodm-init_3.0.bb @@ -17,7 +17,7 @@ S = "${WORKDIR}" # Since we refer to ROOTLESS_X which is normally enabled per-machine PACKAGE_ARCH = "${MACHINE_ARCH}" -inherit update-rc.d systemd distro_features_check +inherit update-rc.d systemd features_check REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb index 9873d3f33..4f831932e 100644 --- a/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb +++ b/poky/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb @@ -7,7 +7,7 @@ DEPENDS = "virtual/libx11 libxi libxrandr" PV = "0.7.5+git${SRCPV}" PR = "r6" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc b/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc index 3529cb26e..101b3dfff 100644 --- a/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc +++ b/poky/meta/recipes-graphics/xorg-app/xorg-app-common.inc @@ -12,6 +12,6 @@ INC_PR = "r8" SRC_URI = "${XORG_MIRROR}/individual/app/${BPN}-${PV}.tar.bz2" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check FILES_${PN} += " ${libdir}/X11/${BPN} ${datadir}/X11/app-defaults/" diff --git a/poky/meta/recipes-graphics/xorg-driver/xorg-driver-common.inc b/poky/meta/recipes-graphics/xorg-driver/xorg-driver-common.inc index e657c65b4..54f04b11e 100644 --- a/poky/meta/recipes-graphics/xorg-driver/xorg-driver-common.inc +++ b/poky/meta/recipes-graphics/xorg-driver/xorg-driver-common.inc @@ -13,7 +13,7 @@ SRC_URI = "${XORG_MIRROR}/individual/driver/${BPN}-${PV}.tar.bz2" FILES_${PN} += " ${libdir}/xorg/modules/drivers/*.so" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/xserver REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc b/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc index cdbebcf78..f18c8aefc 100644 --- a/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc +++ b/poky/meta/recipes-graphics/xorg-font/xorg-font-common.inc @@ -14,7 +14,7 @@ INC_PR = "r2" SRC_URI = "${XORG_MIRROR}/individual/font/${XORG_PN}-${PV}.tar.bz2" S = "${WORKDIR}/${XORG_PN}-${PV}" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # The mkfontscale-native requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb b/poky/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb index 9bcd1b2fa..1ea08a6c9 100644 --- a/poky/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb +++ b/poky/meta/recipes-graphics/xorg-font/xorg-minimal-fonts.bb @@ -13,7 +13,7 @@ SRC_URI = "file://misc" PE = "1" PR = "r2" -inherit allarch distro_features_check +inherit allarch features_check # The font-alias requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-lib/libxcb_1.13.1.bb b/poky/meta/recipes-graphics/xorg-lib/libxcb_1.13.1.bb index b0afc01df..9befc51b5 100644 --- a/poky/meta/recipes-graphics/xorg-lib/libxcb_1.13.1.bb +++ b/poky/meta/recipes-graphics/xorg-lib/libxcb_1.13.1.bb @@ -25,7 +25,7 @@ PACKAGES_DYNAMIC = "^libxcb-.*" FILES_${PN} = "${libdir}/libxcb.so.*" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # The libxau and others requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-lib/xcb-util.inc b/poky/meta/recipes-graphics/xorg-lib/xcb-util.inc index 99d04f9d4..0e5ab70b2 100644 --- a/poky/meta/recipes-graphics/xorg-lib/xcb-util.inc +++ b/poky/meta/recipes-graphics/xorg-lib/xcb-util.inc @@ -18,6 +18,6 @@ DEPENDS += "gperf-native" SRC_URI = "http://xcb.freedesktop.org/dist/${BPN}-${PV}.tar.bz2" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-graphics/xorg-lib/xorg-lib-common.inc b/poky/meta/recipes-graphics/xorg-lib/xorg-lib-common.inc index 09df0109c..a566eaa45 100644 --- a/poky/meta/recipes-graphics/xorg-lib/xorg-lib-common.inc +++ b/poky/meta/recipes-graphics/xorg-lib/xorg-lib-common.inc @@ -11,7 +11,7 @@ SRC_URI = "${XORG_MIRROR}/individual/lib/${XORG_PN}-${PV}.tar.bz2" S = "${WORKDIR}/${XORG_PN}-${PV}" -inherit autotools distro_features_check pkgconfig +inherit autotools features_check pkgconfig EXTRA_OECONF = "--disable-specs --without-groff --without-ps2pdf --without-fop" diff --git a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index 44315f59d..a0ae65c78 100644 --- a/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/poky/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -24,7 +24,7 @@ S = "${WORKDIR}/${XORG_PN}-${PV}" inherit autotools pkgconfig -inherit distro_features_check +inherit features_check REQUIRED_DISTRO_FEATURES = "x11" LIB_DEPS = "pixman libxfont2 xtrans libxau libxext libxdmcp libdrm libxkbfile libpciaccess" diff --git a/poky/meta/recipes-graphics/xrestop/xrestop_0.4.bb b/poky/meta/recipes-graphics/xrestop/xrestop_0.4.bb index ce5df0393..c7b8716f6 100644 --- a/poky/meta/recipes-graphics/xrestop/xrestop_0.4.bb +++ b/poky/meta/recipes-graphics/xrestop/xrestop_0.4.bb @@ -19,6 +19,6 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/xrestop/xrestop-${PV}.tar. SRC_URI[md5sum] = "d8a54596cbaf037e62b80c4585a3ca9b" SRC_URI[sha256sum] = "67c2fc94a7ecedbaae0d1837e82e93d1d98f4a6d759828860e552119af3ce257" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb b/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb index e83ea8cb7..cc7a7e78e 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb @@ -13,7 +13,7 @@ SRCREV = "d953c127c1146b50d5676618299933950685dcd7" S = "${WORKDIR}/git" -inherit meson pkgconfig distro_features_check +inherit meson pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.1.bb index 5a950f183..c722f028b 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.1.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.1.bb @@ -20,7 +20,7 @@ S = "${WORKDIR}/${PNREAL}-${PV}" REQUIRED_DISTRO_FEATURES = "gobject-introspection-data" UNKNOWN_CONFIGURE_WHITELIST_append = " --enable-introspection --disable-introspection" -inherit autotools pkgconfig distutils3-base upstream-version-is-even gobject-introspection distro_features_check +inherit autotools pkgconfig distutils3-base upstream-version-is-even gobject-introspection features_check EXTRA_OECONF += "--with-libpython-dir=${libdir}" diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.1.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.1.bb index 61cf705fd..b8c2126d9 100644 --- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.1.bb +++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.1.bb @@ -19,7 +19,7 @@ SRC_URI[sha256sum] = "cb570f6f1e78cb364fbe3c4fb8751824ee9db0c942ba61b62380b9b5ab S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" -inherit autotools pkgconfig gtk-doc distro_features_check upstream-version-is-even +inherit autotools pkgconfig gtk-doc features_check upstream-version-is-even REQUIRED_DISTRO_FEATURES ?= "opengl" diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch deleted file mode 100644 index 8345295d0..000000000 --- a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch +++ /dev/null @@ -1,415 +0,0 @@ -From 95ac1e3fcc6b643b5bd100f2ea54faca0a003315 Mon Sep 17 00:00:00 2001 -From: Trevor Gamblin <trevor.gamblin@windriver.com> -Date: Fri, 20 Sep 2019 09:33:22 -0400 -Subject: [PATCH] libtiff-fix-CVE-2019-14973 - -Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/commit/2218055ca67d84be596a13080e8f50f22116555c] -CVE: CVE-2019-14973 - -Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> ---- - libtiff/tif_aux.c | 49 +++++++++++++++++++++++++++++++++++++----- - libtiff/tif_getimage.c | 6 ++---- - libtiff/tif_luv.c | 8 +------ - libtiff/tif_pixarlog.c | 7 +----- - libtiff/tif_read.c | 38 +++++++++----------------------- - libtiff/tif_strip.c | 35 ++++-------------------------- - libtiff/tif_tile.c | 27 +++-------------------- - libtiff/tiffiop.h | 7 +++++- - 8 files changed, 71 insertions(+), 106 deletions(-) - -diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c -index 4ece162f..33fb8a44 100644 ---- a/libtiff/tif_aux.c -+++ b/libtiff/tif_aux.c -@@ -57,18 +57,57 @@ _TIFFMultiply64(TIFF* tif, uint64 first, uint64 second, const char* where) - return bytes; - } - -+tmsize_t -+_TIFFMultiplySSize(TIFF* tif, tmsize_t first, tmsize_t second, const char* where) -+{ -+ if( first <= 0 || second <= 0 ) -+ { -+ if( tif != NULL && where != NULL ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, where, -+ "Invalid argument to _TIFFMultiplySSize() in %s", where); -+ } -+ return 0; -+ } -+ -+ if( first > TIFF_TMSIZE_T_MAX / second ) -+ { -+ if( tif != NULL && where != NULL ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, where, -+ "Integer overflow in %s", where); -+ } -+ return 0; -+ } -+ return first * second; -+} -+ -+tmsize_t _TIFFCastUInt64ToSSize(TIFF* tif, uint64 val, const char* module) -+{ -+ if( val > (uint64)TIFF_TMSIZE_T_MAX ) -+ { -+ if( tif != NULL && module != NULL ) -+ { -+ TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -+ } -+ return 0; -+ } -+ return (tmsize_t)val; -+} -+ - void* - _TIFFCheckRealloc(TIFF* tif, void* buffer, - tmsize_t nmemb, tmsize_t elem_size, const char* what) - { - void* cp = NULL; -- tmsize_t bytes = nmemb * elem_size; -- -+ tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL); - /* -- * XXX: Check for integer overflow. -+ * Check for integer overflow. - */ -- if (nmemb && elem_size && bytes / elem_size == nmemb) -- cp = _TIFFrealloc(buffer, bytes); -+ if (count != 0) -+ { -+ cp = _TIFFrealloc(buffer, count); -+ } - - if (cp == NULL) { - TIFFErrorExt(tif->tif_clientdata, tif->tif_name, -diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c -index 6a9d5a7c..2106ca21 100644 ---- a/libtiff/tif_getimage.c -+++ b/libtiff/tif_getimage.c -@@ -755,9 +755,8 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - uint32 leftmost_tw; - - tilesize = TIFFTileSize(tif); -- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize); -+ bufsize = _TIFFMultiplySSize(tif, alpha?4:3,tilesize, "gtTileSeparate"); - if (bufsize == 0) { -- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate"); - return (0); - } - -@@ -1019,9 +1018,8 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - uint16 colorchannels; - - stripsize = TIFFStripSize(tif); -- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize); -+ bufsize = _TIFFMultiplySSize(tif,alpha?4:3,stripsize, "gtStripSeparate"); - if (bufsize == 0) { -- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate"); - return (0); - } - -diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c -index aa35ea07..46d2dff2 100644 ---- a/libtiff/tif_luv.c -+++ b/libtiff/tif_luv.c -@@ -1264,16 +1264,10 @@ LogL16GuessDataFmt(TIFFDirectory *td) - return (SGILOGDATAFMT_UNKNOWN); - } - -- --#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) --#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) -- - static tmsize_t - multiply_ms(tmsize_t m1, tmsize_t m2) - { -- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) -- return 0; -- return m1 * m2; -+ return _TIFFMultiplySSize(NULL, m1, m2, NULL); - } - - static int -diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c -index 7438d692..b52a3ee4 100644 ---- a/libtiff/tif_pixarlog.c -+++ b/libtiff/tif_pixarlog.c -@@ -634,15 +634,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td) - return guess; - } - --#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) --#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) -- - static tmsize_t - multiply_ms(tmsize_t m1, tmsize_t m2) - { -- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 ) -- return 0; -- return m1 * m2; -+ return _TIFFMultiplySSize(NULL, m1, m2, NULL); - } - - static tmsize_t -diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c -index e63810cc..8db39d7a 100644 ---- a/libtiff/tif_read.c -+++ b/libtiff/tif_read.c -@@ -29,9 +29,6 @@ - #include "tiffiop.h" - #include <stdio.h> - --#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) --#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) -- - int TIFFFillStrip(TIFF* tif, uint32 strip); - int TIFFFillTile(TIFF* tif, uint32 tile); - static int TIFFStartStrip(TIFF* tif, uint32 strip); -@@ -49,6 +46,8 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m - #define THRESHOLD_MULTIPLIER 10 - #define MAX_THRESHOLD (THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * INITIAL_THRESHOLD) - -+#define TIFF_INT64_MAX ((((int64)0x7FFFFFFF) << 32) | 0xFFFFFFFF) -+ - /* Read 'size' bytes in tif_rawdata buffer starting at offset 'rawdata_offset' - * Returns 1 in case of success, 0 otherwise. */ - static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size, -@@ -734,23 +733,8 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size) - return ((tmsize_t)(-1)); - } - bytecount = td->td_stripbytecount[strip]; -- if ((int64)bytecount <= 0) { --#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) -- TIFFErrorExt(tif->tif_clientdata, module, -- "%I64u: Invalid strip byte count, strip %lu", -- (unsigned __int64) bytecount, -- (unsigned long) strip); --#else -- TIFFErrorExt(tif->tif_clientdata, module, -- "%llu: Invalid strip byte count, strip %lu", -- (unsigned long long) bytecount, -- (unsigned long) strip); --#endif -- return ((tmsize_t)(-1)); -- } -- bytecountm = (tmsize_t)bytecount; -- if ((uint64)bytecountm!=bytecount) { -- TIFFErrorExt(tif->tif_clientdata, module, "Integer overflow"); -+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount, module); -+ if (bytecountm == 0) { - return ((tmsize_t)(-1)); - } - if (size != (tmsize_t)(-1) && size < bytecountm) -@@ -774,7 +758,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) - if ((tif->tif_flags&TIFF_NOREADRAW)==0) - { - uint64 bytecount = td->td_stripbytecount[strip]; -- if ((int64)bytecount <= 0) { -+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, - "Invalid strip byte count %I64u, strip %lu", -@@ -801,7 +785,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip) - (bytecount - 4096) / 10 > (uint64)stripsize ) - { - uint64 newbytecount = (uint64)stripsize * 10 + 4096; -- if( (int64)newbytecount >= 0 ) -+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) - { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFWarningExt(tif->tif_clientdata, module, -@@ -1196,10 +1180,8 @@ TIFFReadRawTile(TIFF* tif, uint32 tile, void* buf, tmsize_t size) - bytecount64 = td->td_stripbytecount[tile]; - if (size != (tmsize_t)(-1) && (uint64)size < bytecount64) - bytecount64 = (uint64)size; -- bytecountm = (tmsize_t)bytecount64; -- if ((uint64)bytecountm!=bytecount64) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module); -+ if( bytecountm == 0 ) { - return ((tmsize_t)(-1)); - } - return (TIFFReadRawTile1(tif, tile, buf, bytecountm, module)); -@@ -1221,7 +1203,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) - if ((tif->tif_flags&TIFF_NOREADRAW)==0) - { - uint64 bytecount = td->td_stripbytecount[tile]; -- if ((int64)bytecount <= 0) { -+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFErrorExt(tif->tif_clientdata, module, - "%I64u: Invalid tile byte count, tile %lu", -@@ -1248,7 +1230,7 @@ TIFFFillTile(TIFF* tif, uint32 tile) - (bytecount - 4096) / 10 > (uint64)stripsize ) - { - uint64 newbytecount = (uint64)stripsize * 10 + 4096; -- if( (int64)newbytecount >= 0 ) -+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX ) - { - #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__)) - TIFFWarningExt(tif->tif_clientdata, module, -diff --git a/libtiff/tif_strip.c b/libtiff/tif_strip.c -index 5b76fba5..2366acf0 100644 ---- a/libtiff/tif_strip.c -+++ b/libtiff/tif_strip.c -@@ -129,15 +129,8 @@ TIFFVStripSize(TIFF* tif, uint32 nrows) - { - static const char module[] = "TIFFVStripSize"; - uint64 m; -- tmsize_t n; - m=TIFFVStripSize64(tif,nrows); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -@@ -211,15 +204,8 @@ TIFFStripSize(TIFF* tif) - { - static const char module[] = "TIFFStripSize"; - uint64 m; -- tmsize_t n; - m=TIFFStripSize64(tif); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -@@ -330,14 +316,8 @@ TIFFScanlineSize(TIFF* tif) - { - static const char module[] = "TIFFScanlineSize"; - uint64 m; -- tmsize_t n; - m=TIFFScanlineSize64(tif); -- n=(tmsize_t)m; -- if ((uint64)n!=m) { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -@@ -366,15 +346,8 @@ TIFFRasterScanlineSize(TIFF* tif) - { - static const char module[] = "TIFFRasterScanlineSize"; - uint64 m; -- tmsize_t n; - m=TIFFRasterScanlineSize64(tif); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* vim: set ts=8 sts=8 sw=8 noet: */ -diff --git a/libtiff/tif_tile.c b/libtiff/tif_tile.c -index 58fe9354..661cc771 100644 ---- a/libtiff/tif_tile.c -+++ b/libtiff/tif_tile.c -@@ -181,15 +181,8 @@ TIFFTileRowSize(TIFF* tif) - { - static const char module[] = "TIFFTileRowSize"; - uint64 m; -- tmsize_t n; - m=TIFFTileRowSize64(tif); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -@@ -248,15 +241,8 @@ TIFFVTileSize(TIFF* tif, uint32 nrows) - { - static const char module[] = "TIFFVTileSize"; - uint64 m; -- tmsize_t n; - m=TIFFVTileSize64(tif,nrows); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -@@ -272,15 +258,8 @@ TIFFTileSize(TIFF* tif) - { - static const char module[] = "TIFFTileSize"; - uint64 m; -- tmsize_t n; - m=TIFFTileSize64(tif); -- n=(tmsize_t)m; -- if ((uint64)n!=m) -- { -- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow"); -- n=0; -- } -- return(n); -+ return _TIFFCastUInt64ToSSize(tif, m, module); - } - - /* -diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h -index 186c291f..558484fe 100644 ---- a/libtiff/tiffiop.h -+++ b/libtiff/tiffiop.h -@@ -77,6 +77,9 @@ extern int snprintf(char* str, size_t size, const char* format, ...); - #define FALSE 0 - #endif - -+#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0)) -+#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1) -+ - typedef struct client_info { - struct client_info *next; - void *data; -@@ -258,7 +261,7 @@ struct tiff { - #define TIFFhowmany8_64(x) (((x)&0x07)?((uint64)(x)>>3)+1:(uint64)(x)>>3) - #define TIFFroundup_64(x, y) (TIFFhowmany_64(x,y)*(y)) - --/* Safe multiply which returns zero if there is an integer overflow */ -+/* Safe multiply which returns zero if there is an *unsigned* integer overflow. This macro is not safe for *signed* integer types */ - #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0) - - #define TIFFmax(A,B) ((A)>(B)?(A):(B)) -@@ -368,6 +371,8 @@ extern TIFFErrorHandlerExt _TIFFerrorHandlerExt; - - extern uint32 _TIFFMultiply32(TIFF*, uint32, uint32, const char*); - extern uint64 _TIFFMultiply64(TIFF*, uint64, uint64, const char*); -+extern tmsize_t _TIFFMultiplySSize(TIFF*, tmsize_t, tmsize_t, const char*); -+extern tmsize_t _TIFFCastUInt64ToSSize(TIFF*, uint64, const char*); - extern void* _TIFFCheckMalloc(TIFF*, tmsize_t, tmsize_t, const char*); - extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*); - --- -2.17.1 - diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch deleted file mode 100644 index 04c541093..000000000 --- a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch +++ /dev/null @@ -1,103 +0,0 @@ -libtiff: fix CVE-2019-17546 - -Added after 4.0.10 release. - -CVE: CVE-2019-17546 -Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff] -Signed-off-by: Joe Slater <joe.slater@windriver.com> - -commit 4bb584a35f87af42d6cf09d15e9ce8909a839145 -Author: Even Rouault <even.rouault@spatialys.com> -Date: Thu Aug 15 15:05:28 2019 +0200 - - RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz - -diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c -index c88b5fa..4da785d 100644 ---- a/libtiff/tif_getimage.c -+++ b/libtiff/tif_getimage.c -@@ -949,16 +949,23 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - fromskew = (w < imagewidth ? imagewidth - w : 0); - for (row = 0; row < h; row += nrow) - { -+ uint32 temp; - rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip; - nrow = (row + rowstoread > h ? h - row : rowstoread); - nrowsub = nrow; - if ((nrowsub%subsamplingver)!=0) - nrowsub+=subsamplingver-nrowsub%subsamplingver; -+ temp = (row + img->row_offset)%rowsperstrip + nrowsub; -+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripContig"); -+ return 0; -+ } - if (_TIFFReadEncodedStripAndAllocBuffer(tif, - TIFFComputeStrip(tif,row+img->row_offset, 0), - (void**)(&buf), - maxstripsize, -- ((row + img->row_offset)%rowsperstrip + nrowsub) * scanline)==(tmsize_t)(-1) -+ temp * scanline)==(tmsize_t)(-1) - && (buf == NULL || img->stoponerr)) - { - ret = 0; -@@ -1051,15 +1058,22 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - fromskew = (w < imagewidth ? imagewidth - w : 0); - for (row = 0; row < h; row += nrow) - { -+ uint32 temp; - rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip; - nrow = (row + rowstoread > h ? h - row : rowstoread); - offset_row = row + img->row_offset; -+ temp = (row + img->row_offset)%rowsperstrip + nrow; -+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) ) -+ { -+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripSeparate"); -+ return 0; -+ } - if( buf == NULL ) - { - if (_TIFFReadEncodedStripAndAllocBuffer( - tif, TIFFComputeStrip(tif, offset_row, 0), - (void**) &buf, bufsize, -- ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) -+ temp * scanline)==(tmsize_t)(-1) - && (buf == NULL || img->stoponerr)) - { - ret = 0; -@@ -1079,7 +1093,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - } - } - else if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 0), -- p0, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) -+ p0, temp * scanline)==(tmsize_t)(-1) - && img->stoponerr) - { - ret = 0; -@@ -1087,7 +1101,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - } - if (colorchannels > 1 - && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 1), -- p1, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1) -+ p1, temp * scanline) == (tmsize_t)(-1) - && img->stoponerr) - { - ret = 0; -@@ -1095,7 +1109,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - } - if (colorchannels > 1 - && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 2), -- p2, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1) -+ p2, temp * scanline) == (tmsize_t)(-1) - && img->stoponerr) - { - ret = 0; -@@ -1104,7 +1118,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h) - if (alpha) - { - if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, colorchannels), -- pa, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1) -+ pa, temp * scanline)==(tmsize_t)(-1) - && img->stoponerr) - { - ret = 0; diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch deleted file mode 100644 index 6f1fd4d44..000000000 --- a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch +++ /dev/null @@ -1,52 +0,0 @@ -CVE: CVE-2019-6128 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001 -From: Scott Gayou <github.scott@gmail.com> -Date: Wed, 23 Jan 2019 15:03:53 -0500 -Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128. - -pal2rgb failed to free memory on a few errors. This was reported -here: http://bugzilla.maptools.org/show_bug.cgi?id=2836. ---- - tools/pal2rgb.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c -index 01d8502ec..9492f1cf1 100644 ---- a/tools/pal2rgb.c -+++ b/tools/pal2rgb.c -@@ -118,12 +118,14 @@ main(int argc, char* argv[]) - shortv != PHOTOMETRIC_PALETTE) { - fprintf(stderr, "%s: Expecting a palette image.\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) { - fprintf(stderr, - "%s: No colormap (not a valid palette image).\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - bitspersample = 0; -@@ -131,11 +133,14 @@ main(int argc, char* argv[]) - if (bitspersample != 8) { - fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n", - argv[optind]); -+ (void) TIFFClose(in); - return (-1); - } - out = TIFFOpen(argv[optind+1], "w"); -- if (out == NULL) -+ if (out == NULL) { -+ (void) TIFFClose(in); - return (-2); -+ } - cpTags(in, out); - TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth); - TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength); --- -2.21.0 diff --git a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch b/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch deleted file mode 100644 index f244fb2f3..000000000 --- a/poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch +++ /dev/null @@ -1,77 +0,0 @@ -CVE: CVE-2019-7663 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From c6fc6c1fa895024c86285c58efd6424cf8078f32 Mon Sep 17 00:00:00 2001 -From: Thomas Bernard <miniupnp@free.fr> -Date: Mon, 11 Feb 2019 10:05:33 +0100 -Subject: [PATCH 1/2] check that (Tile Width)*(Samples/Pixel) do no overflow - -fixes bug 2833 ---- - tools/tiffcp.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index 2f406e2d..f0ee2c02 100644 ---- a/tools/tiffcp.c -+++ b/tools/tiffcp.c -@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - int status = 1; - uint32 imagew = TIFFRasterScanlineSize(in); - uint32 tilew = TIFFTileRowSize(in); -- int iskew = imagew - tilew*spp; -+ int iskew; - tsize_t tilesize = TIFFTileSize(in); - tdata_t tilebuf; - uint8* bufp = (uint8*) buf; -@@ -1416,6 +1416,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - uint32 row; - uint16 bps = 0, bytes_per_sample; - -+ if (spp > (0x7fffffff / tilew)) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); -+ return 0; -+ } -+ iskew = imagew - tilew*spp; - tilebuf = _TIFFmalloc(tilesize); - if (tilebuf == 0) - return 0; --- -2.20.1 - - -From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001 -From: Thomas Bernard <miniupnp@free.fr> -Date: Mon, 11 Feb 2019 21:42:03 +0100 -Subject: [PATCH 2/2] tiffcp.c: use INT_MAX - ---- - tools/tiffcp.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/tools/tiffcp.c b/tools/tiffcp.c -index f0ee2c02..8c81aa4f 100644 ---- a/tools/tiffcp.c -+++ b/tools/tiffcp.c -@@ -41,6 +41,7 @@ - #include <stdio.h> - #include <stdlib.h> - #include <string.h> -+#include <limits.h> - - #include <ctype.h> - -@@ -1416,7 +1417,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) - uint32 row; - uint16 bps = 0, bytes_per_sample; - -- if (spp > (0x7fffffff / tilew)) -+ if (spp > (INT_MAX / tilew)) - { - TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); - return 0; --- -2.20.1 - diff --git a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb b/poky/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb index 5c008c53f..1f92c1851 100644 --- a/poky/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb +++ b/poky/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb @@ -5,13 +5,9 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf" CVE_PRODUCT = "libtiff" SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ - file://CVE-2019-6128.patch \ - file://CVE-2019-7663.patch \ - file://CVE-2019-14973.patch \ - file://CVE-2019-17546.patch \ -" -SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd" -SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4" + " +SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424" +SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634" # exclude betas UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar" diff --git a/poky/meta/recipes-multimedia/mpg123/mpg123_1.25.12.bb b/poky/meta/recipes-multimedia/mpg123/mpg123_1.25.13.bb index a18b2f441..125574fcf 100644 --- a/poky/meta/recipes-multimedia/mpg123/mpg123_1.25.12.bb +++ b/poky/meta/recipes-multimedia/mpg123/mpg123_1.25.13.bb @@ -11,8 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1e86753638d3cf2512528b99079bc4f3" SRC_URI = "https://www.mpg123.de/download/${BP}.tar.bz2 \ file://sdl2.patch" -SRC_URI[md5sum] = "ddb38254966eb38c77f220d456a1839d" -SRC_URI[sha256sum] = "1ffec7c9683dfb86ea9040d6a53d6ea819ecdda215df347f79def08f1fe731d1" +SRC_URI[md5sum] = "294a6c30546504ec3d0deac2b2ea22be" +SRC_URI[sha256sum] = "90306848359c793fd43b9906e52201df18775742dc3c81c06ab67a806509890a" inherit autotools pkgconfig diff --git a/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb b/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb index ccfda2658..8906c748e 100644 --- a/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb +++ b/poky/meta/recipes-sato/l3afpad/l3afpad_git.bb @@ -17,7 +17,7 @@ SRCREV ="3cdccdc9505643e50f8208171d9eee5de11a42ff" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" diff --git a/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb b/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb index b993a9454..547e851c1 100644 --- a/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb +++ b/poky/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb @@ -17,7 +17,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # The settings-daemon requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb b/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb index b0cdfa2ae..5c23e8520 100644 --- a/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb +++ b/poky/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb @@ -20,7 +20,7 @@ EXTRA_OECONF = "--enable-startup-notification --with-dbus" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # The startup-notification requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-sato/matchbox-keyboard/matchbox-keyboard_0.1.1.bb b/poky/meta/recipes-sato/matchbox-keyboard/matchbox-keyboard_0.1.1.bb index 465f1349a..dfc7fbad5 100644 --- a/poky/meta/recipes-sato/matchbox-keyboard/matchbox-keyboard_0.1.1.bb +++ b/poky/meta/recipes-sato/matchbox-keyboard/matchbox-keyboard_0.1.1.bb @@ -18,7 +18,7 @@ SRC_URI = "git://git.yoctoproject.org/${BPN};branch=matchbox-keyboard-0-1 \ S = "${WORKDIR}/git" -inherit autotools pkgconfig gettext gtk-immodules-cache distro_features_check +inherit autotools pkgconfig gettext gtk-immodules-cache features_check # The libxft, libfakekey and matchbox-panel-2 requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb b/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb index 421740f98..2e6f5b708 100644 --- a/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb +++ b/poky/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb @@ -37,4 +37,4 @@ FILES_${PN} += "${libdir}/matchbox-panel/*.so \ ${datadir}/icons/" FILES_${PN}-dev += "${libdir}/matchbox-panel/*.la" -inherit autotools pkgconfig distro_features_check gettext +inherit autotools pkgconfig features_check gettext diff --git a/poky/meta/recipes-sato/matchbox-sato/matchbox-session-sato_0.1.bb b/poky/meta/recipes-sato/matchbox-sato/matchbox-session-sato_0.1.bb index 8230e9514..966c5b5b9 100644 --- a/poky/meta/recipes-sato/matchbox-sato/matchbox-session-sato_0.1.bb +++ b/poky/meta/recipes-sato/matchbox-sato/matchbox-session-sato_0.1.bb @@ -13,7 +13,7 @@ PR = "r30" # based on the machine architecture. PACKAGE_ARCH = "${MACHINE_ARCH}" -inherit distro_features_check +inherit features_check # The matchbox-theme-sato requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb b/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb index 7f5eda304..9f00281dd 100644 --- a/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb +++ b/poky/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb @@ -16,6 +16,6 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" diff --git a/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato.inc b/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato.inc index d947e1ab0..ce683e963 100644 --- a/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato.inc +++ b/poky/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato.inc @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=aae86bb34b0a83716ca09f4e783d6ba4" DEPENDS = "matchbox-wm" SECTION = "x11/wm" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check FILES_${PN} += "${datadir}/themes" diff --git a/poky/meta/recipes-sato/packagegroups/packagegroup-core-x11-sato.bb b/poky/meta/recipes-sato/packagegroups/packagegroup-core-x11-sato.bb index 7e14ece93..ed3f1a69a 100644 --- a/poky/meta/recipes-sato/packagegroups/packagegroup-core-x11-sato.bb +++ b/poky/meta/recipes-sato/packagegroups/packagegroup-core-x11-sato.bb @@ -7,7 +7,7 @@ PR = "r33" PACKAGE_ARCH = "${MACHINE_ARCH}" -inherit packagegroup distro_features_check +inherit packagegroup features_check REQUIRED_DISTRO_FEATURES = "x11" PACKAGES = "${PN} ${PN}-base ${PN}-apps ${PN}-games" diff --git a/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.1.bb b/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.1.bb index a5e3a1ad3..c88e1ed8d 100644 --- a/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.1.bb +++ b/poky/meta/recipes-sato/pcmanfm/pcmanfm_1.3.1.bb @@ -21,7 +21,7 @@ SRC_URI[sha256sum] = "6804043b3ee3a703edde41c724946174b505fe958703eadbd7e0876ece UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/pcmanfm/files/PCManFM%20%2B%20Libfm%20%28tarball%20release%29/PCManFM/" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # The startup-notification requires x11 in DISTRO_FEATURES REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-sato/puzzles/puzzles_git.bb b/poky/meta/recipes-sato/puzzles/puzzles_git.bb index 59b952522..5ee9164b8 100644 --- a/poky/meta/recipes-sato/puzzles/puzzles_git.bb +++ b/poky/meta/recipes-sato/puzzles/puzzles_git.bb @@ -24,7 +24,7 @@ PV = "0.0+git${SRCPV}" S = "${WORKDIR}/git" -inherit autotools distro_features_check pkgconfig +inherit autotools features_check pkgconfig PACKAGECONFIG ??= "gtk3" PACKAGECONFIG[gtk2] = "--with-gtk=2,,gtk+," diff --git a/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb b/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb index f3305aef7..f6dac2cf8 100644 --- a/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb +++ b/poky/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb @@ -16,7 +16,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check FILES_${PN} += "${libdir}/matchbox-panel/*.so" diff --git a/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb b/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb index bb6b69b90..227fd54b7 100644 --- a/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb +++ b/poky/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb @@ -17,7 +17,7 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" -inherit autotools pkgconfig gconf distro_features_check +inherit autotools pkgconfig gconf features_check FILES_${PN} = "${bindir}/* ${sysconfdir}" diff --git a/poky/meta/recipes-sato/webkit/webkitgtk_2.26.2.bb b/poky/meta/recipes-sato/webkit/webkitgtk_2.26.2.bb index c3560e811..0139f0101 100644 --- a/poky/meta/recipes-sato/webkit/webkitgtk_2.26.2.bb +++ b/poky/meta/recipes-sato/webkit/webkitgtk_2.26.2.bb @@ -24,7 +24,7 @@ SRC_URI = "http://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ SRC_URI[md5sum] = "65e06fe73ee166447894aaea95038e3b" SRC_URI[sha256sum] = "6b80f0637a80818559ac8fd50db3b394f41cb61904fb9b3ed65fa51635806512" -inherit cmake pkgconfig gobject-introspection perlnative distro_features_check upstream-version-is-even gtk-doc +inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc REQUIRED_DISTRO_FEATURES = "x11 opengl" @@ -99,8 +99,6 @@ EXTRA_OECMAKE_append_x86-x32 = " -DENABLE_JIT=OFF " SECURITY_CFLAGS_remove_aarch64 = "-fpie" SECURITY_CFLAGS_append_aarch64 = " -fPIE" -LDFLAGS_append_toolchain-clang = " -rtlib=compiler-rt" - FILES_${PN} += "${libdir}/webkit2gtk-4.0/injected-bundle/libwebkit2gtkinjectedbundle.so" RRECOMMENDS_${PN} += "ca-certificates shared-mime-info" diff --git a/poky/meta/recipes-support/atk/at-spi2-atk_2.32.0.bb b/poky/meta/recipes-support/atk/at-spi2-atk_2.32.0.bb index bcf1c9c77..d3a9de1e4 100644 --- a/poky/meta/recipes-support/atk/at-spi2-atk_2.32.0.bb +++ b/poky/meta/recipes-support/atk/at-spi2-atk_2.32.0.bb @@ -9,7 +9,7 @@ SRC_URI[archive.sha256sum] = "0b51e6d339fa2bcca3a3e3159ccea574c67b107f1ac8b00047 DEPENDS = "dbus glib-2.0 glib-2.0-native atk at-spi2-core libxml2" GNOMEBASEBUILDCLASS = "meson" -inherit gnomebase distro_features_check upstream-version-is-even +inherit gnomebase features_check upstream-version-is-even PACKAGES =+ "${PN}-gnome ${PN}-gtk2" diff --git a/poky/meta/recipes-support/boost/boost/0001-dont-setup-compiler-flags-m32-m64.patch b/poky/meta/recipes-support/boost/boost/0001-dont-setup-compiler-flags-m32-m64.patch new file mode 100644 index 000000000..78b19225d --- /dev/null +++ b/poky/meta/recipes-support/boost/boost/0001-dont-setup-compiler-flags-m32-m64.patch @@ -0,0 +1,42 @@ +From 59402e3a61d14eb7ce8c2019ea1a87ad4bd28605 Mon Sep 17 00:00:00 2001 +From: Anuj Mittal <anuj.mittal@intel.com> +Date: Thu, 14 Nov 2019 10:13:53 +0800 +Subject: [PATCH] dont setup compiler flags -m32/-m64 + +We don't want these to be setup by boost as we pass our own flags. + +Upstream-Status: Inappropriate [OE-specific] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + tools/build/src/tools/gcc.jam | 14 -------------- + 1 file changed, 14 deletions(-) + +diff --git a/tools/build/src/tools/gcc.jam b/tools/build/src/tools/gcc.jam +index c7e3cf3..24486e0 100644 +--- a/tools/build/src/tools/gcc.jam ++++ b/tools/build/src/tools/gcc.jam +@@ -430,20 +430,6 @@ local rule compile-link-flags ( * ) + } + + { +- # Handle address-model +- compile-link-flags <target-os>aix/<address-model>32 : -maix32 ; +- compile-link-flags <target-os>aix/<address-model>64 : -maix64 ; +- +- compile-link-flags <target-os>hpux/<address-model>32 : -milp32 ; +- compile-link-flags <target-os>hpux/<address-model>64 : -mlp64 ; +- +- local generic-os = [ set.difference $(all-os) : aix hpux ] ; +- local arch = power sparc x86 ; +- compile-link-flags <target-os>$(generic-os)/<architecture>$(arch)/<address-model>32 : -m32 ; +- compile-link-flags <target-os>$(generic-os)/<architecture>$(arch)/<address-model>64 : -m64 ; +-} +- +-{ + # Handle threading + local rule threading-flags ( * ) + { +-- +2.7.4 + diff --git a/poky/meta/recipes-support/boost/boost_1.71.0.bb b/poky/meta/recipes-support/boost/boost_1.71.0.bb index 324b46f16..5e9e0d87d 100644 --- a/poky/meta/recipes-support/boost/boost_1.71.0.bb +++ b/poky/meta/recipes-support/boost/boost_1.71.0.bb @@ -6,4 +6,5 @@ SRC_URI += "file://arm-intrinsics.patch \ file://boost-math-disable-pch-for-gcc.patch \ file://0001-Apply-boost-1.62.0-no-forced-flags.patch.patch \ file://0001-Don-t-set-up-arch-instruction-set-flags-we-do-that-o.patch \ + file://0001-dont-setup-compiler-flags-m32-m64.patch \ " diff --git a/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb b/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb index a17f739d4..89f2d77b6 100644 --- a/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb +++ b/poky/meta/recipes-support/consolekit/consolekit_0.4.6.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \ DEPENDS = "glib-2.0 glib-2.0-native dbus dbus-glib virtual/libx11" RDEPENDS_${PN} += "base-files" -inherit autotools pkgconfig distro_features_check +inherit autotools pkgconfig features_check # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" diff --git a/poky/meta/recipes-support/libfm/libfm_1.3.1.bb b/poky/meta/recipes-support/libfm/libfm_1.3.1.bb index 65a6f8e78..918fe3ece 100644 --- a/poky/meta/recipes-support/libfm/libfm_1.3.1.bb +++ b/poky/meta/recipes-support/libfm/libfm_1.3.1.bb @@ -19,7 +19,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/pcmanfm/libfm-${PV}.tar.xz \ SRC_URI[md5sum] = "c15ecd2c9317e2c385cd3f046d0b61ba" SRC_URI[sha256sum] = "96b1244bde41ca0eef0332cfb5c67bb16725dfd102128f3e6f74fadc13a1cfe4" -inherit autotools pkgconfig gtk-doc gettext distro_features_check +inherit autotools pkgconfig gtk-doc gettext features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" EXTRA_OECONF = "--with-gtk=3" diff --git a/poky/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch b/poky/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch deleted file mode 100644 index 89b647ddb..000000000 --- a/poky/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch +++ /dev/null @@ -1,124 +0,0 @@ -From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Sun, 24 Mar 2019 09:51:39 +0100 -Subject: Fix security framework bypass - -xsltCheckRead and xsltCheckWrite return -1 in case of error but callers -don't check for this condition and allow access. With a specially -crafted URL, xsltCheckRead could be tricked into returning an error -because of a supposedly invalid URL that would still be loaded -succesfully later on. - -Fixes #12. - -Thanks to Felix Wilhelm for the report. - -Signed-off-by: Adrian Bunk <bunk@stusta.de> -Upstream-Status: Backport -CVE: CVE-2019-11068 ---- - libxslt/documents.c | 18 ++++++++++-------- - libxslt/imports.c | 9 +++++---- - libxslt/transform.c | 9 +++++---- - libxslt/xslt.c | 9 +++++---- - 4 files changed, 25 insertions(+), 20 deletions(-) - -diff --git a/libxslt/documents.c b/libxslt/documents.c -index 3f3a7312..4aad11bb 100644 ---- a/libxslt/documents.c -+++ b/libxslt/documents.c -@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) { - int res; - - res = xsltCheckRead(ctxt->sec, ctxt, URI); -- if (res == 0) { -- xsltTransformError(ctxt, NULL, NULL, -- "xsltLoadDocument: read rights for %s denied\n", -- URI); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(ctxt, NULL, NULL, -+ "xsltLoadDocument: read rights for %s denied\n", -+ URI); - return(NULL); - } - } -@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) { - int res; - - res = xsltCheckRead(sec, NULL, URI); -- if (res == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsltLoadStyleDocument: read rights for %s denied\n", -- URI); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsltLoadStyleDocument: read rights for %s denied\n", -+ URI); - return(NULL); - } - } -diff --git a/libxslt/imports.c b/libxslt/imports.c -index 874870cc..3783b247 100644 ---- a/libxslt/imports.c -+++ b/libxslt/imports.c -@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) { - int secres; - - secres = xsltCheckRead(sec, NULL, URI); -- if (secres == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsl:import: read rights for %s denied\n", -- URI); -+ if (secres <= 0) { -+ if (secres == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsl:import: read rights for %s denied\n", -+ URI); - goto error; - } - } -diff --git a/libxslt/transform.c b/libxslt/transform.c -index 13793914..0636dbd0 100644 ---- a/libxslt/transform.c -+++ b/libxslt/transform.c -@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node, - */ - if (ctxt->sec != NULL) { - ret = xsltCheckWrite(ctxt->sec, ctxt, filename); -- if (ret == 0) { -- xsltTransformError(ctxt, NULL, inst, -- "xsltDocumentElem: write rights for %s denied\n", -- filename); -+ if (ret <= 0) { -+ if (ret == 0) -+ xsltTransformError(ctxt, NULL, inst, -+ "xsltDocumentElem: write rights for %s denied\n", -+ filename); - xmlFree(URL); - xmlFree(filename); - return; -diff --git a/libxslt/xslt.c b/libxslt/xslt.c -index 780a5ad7..a234eb79 100644 ---- a/libxslt/xslt.c -+++ b/libxslt/xslt.c -@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) { - int res; - - res = xsltCheckRead(sec, NULL, filename); -- if (res == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsltParseStylesheetFile: read rights for %s denied\n", -- filename); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsltParseStylesheetFile: read rights for %s denied\n", -+ filename); - return(NULL); - } - } --- -2.20.1 - diff --git a/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch b/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch deleted file mode 100644 index ef3f2709f..000000000 --- a/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch +++ /dev/null @@ -1,33 +0,0 @@ -From c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Sat, 27 Apr 2019 11:19:48 +0200 -Subject: [PATCH] Fix uninitialized read of xsl:number token - -Found by OSS-Fuzz. - -CVE: CVE-2019-13117 -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1] -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - libxslt/numbers.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/libxslt/numbers.c b/libxslt/numbers.c -index 89e1f668..75c31eba 100644 ---- a/libxslt/numbers.c -+++ b/libxslt/numbers.c -@@ -382,7 +382,10 @@ xsltNumberFormatTokenize(const xmlChar *format, - tokens->tokens[tokens->nTokens].token = val - 1; - ix += len; - val = xmlStringCurrentChar(NULL, format+ix, &len); -- } -+ } else { -+ tokens->tokens[tokens->nTokens].token = (xmlChar)'0'; -+ tokens->tokens[tokens->nTokens].width = 1; -+ } - } else if ( (val == (xmlChar)'A') || - (val == (xmlChar)'a') || - (val == (xmlChar)'I') || --- -2.21.0 - diff --git a/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch b/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch deleted file mode 100644 index 595e6c2f3..000000000 --- a/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 6ce8de69330783977dd14f6569419489875fb71b Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Mon, 3 Jun 2019 13:14:45 +0200 -Subject: [PATCH] Fix uninitialized read with UTF-8 grouping chars - -The character type in xsltFormatNumberConversion was too narrow and -an invalid character/length combination could be passed to -xsltNumberFormatDecimal, resulting in an uninitialized read. - -Found by OSS-Fuzz. - -CVE: CVE-2019-13118 -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b] -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> - ---- - libxslt/numbers.c | 5 +++-- - tests/docs/bug-222.xml | 1 + - tests/general/bug-222.out | 2 ++ - tests/general/bug-222.xsl | 6 ++++++ - 4 files changed, 12 insertions(+), 2 deletions(-) - create mode 100644 tests/docs/bug-222.xml - create mode 100644 tests/general/bug-222.out - create mode 100644 tests/general/bug-222.xsl - -diff --git a/libxslt/numbers.c b/libxslt/numbers.c -index f1ed8846..20b99d5a 100644 ---- a/libxslt/numbers.c -+++ b/libxslt/numbers.c -@@ -1298,13 +1298,14 @@ OUTPUT_NUMBER: - number = floor((scale * number + 0.5)) / scale; - if ((self->grouping != NULL) && - (self->grouping[0] != 0)) { -+ int gchar; - - len = xmlStrlen(self->grouping); -- pchar = xsltGetUTF8Char(self->grouping, &len); -+ gchar = xsltGetUTF8Char(self->grouping, &len); - xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0], - format_info.integer_digits, - format_info.group, -- pchar, len); -+ gchar, len); - } else - xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0], - format_info.integer_digits, -diff --git a/tests/docs/bug-222.xml b/tests/docs/bug-222.xml -new file mode 100644 -index 00000000..69d62f2c ---- /dev/null -+++ b/tests/docs/bug-222.xml -@@ -0,0 +1 @@ -+<doc/> -diff --git a/tests/general/bug-222.out b/tests/general/bug-222.out -new file mode 100644 -index 00000000..e3139698 ---- /dev/null -+++ b/tests/general/bug-222.out -@@ -0,0 +1,2 @@ -+<?xml version="1.0"?> -+1⠢0 -diff --git a/tests/general/bug-222.xsl b/tests/general/bug-222.xsl -new file mode 100644 -index 00000000..e32dc473 ---- /dev/null -+++ b/tests/general/bug-222.xsl -@@ -0,0 +1,6 @@ -+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> -+ <xsl:decimal-format name="f" grouping-separator="⠢"/> -+ <xsl:template match="/"> -+ <xsl:value-of select="format-number(10,'#⠢0','f')"/> -+ </xsl:template> -+</xsl:stylesheet> --- -2.21.0 - diff --git a/poky/meta/recipes-support/libxslt/files/CVE-2019-18197.patch b/poky/meta/recipes-support/libxslt/files/CVE-2019-18197.patch deleted file mode 100644 index 5f2b62039..000000000 --- a/poky/meta/recipes-support/libxslt/files/CVE-2019-18197.patch +++ /dev/null @@ -1,33 +0,0 @@ -libxslt: fix CVE-2019-18197 - -Added after 1.1.33 release. - -CVE: CVE-2019-18197 -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt.git] -Signed-off-by: Joe Slater <joe.slater@windriver.com> - -commit 2232473733b7313d67de8836ea3b29eec6e8e285 -Author: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Sat Aug 17 16:51:53 2019 +0200 - - Fix dangling pointer in xsltCopyText - - xsltCopyText didn't reset ctxt->lasttext in some cases which could - lead to various memory errors in relation with CDATA sections in input - documents. - - Found by OSS-Fuzz. - -diff --git a/libxslt/transform.c b/libxslt/transform.c -index 95ebd07..d7ab0b6 100644 ---- a/libxslt/transform.c -+++ b/libxslt/transform.c -@@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target, - if ((copy->content = xmlStrdup(cur->content)) == NULL) - return NULL; - } -+ -+ ctxt->lasttext = NULL; - } else { - /* - * normal processing. keep counters to extend the text node diff --git a/poky/meta/recipes-support/libxslt/libxslt_1.1.33.bb b/poky/meta/recipes-support/libxslt/libxslt_1.1.34.bb index 9f268e7bb..ad37b5a44 100644 --- a/poky/meta/recipes-support/libxslt/libxslt_1.1.33.bb +++ b/poky/meta/recipes-support/libxslt/libxslt_1.1.34.bb @@ -9,14 +9,10 @@ SECTION = "libs" DEPENDS = "libxml2" SRC_URI = "http://xmlsoft.org/sources/libxslt-${PV}.tar.gz \ - file://0001-Fix-security-framework-bypass.patch \ - file://CVE-2019-13117.patch \ - file://CVE-2019-13118.patch \ - file://CVE-2019-18197.patch \ -" - -SRC_URI[md5sum] = "b3bd254a03e46d58f8ad1e4559cd2c2f" -SRC_URI[sha256sum] = "8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8" + " + +SRC_URI[md5sum] = "db8765c8d076f1b6caafd9f2542a304a" +SRC_URI[sha256sum] = "98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f" UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-support/nss-myhostname/nss-myhostname_0.3.bb b/poky/meta/recipes-support/nss-myhostname/nss-myhostname_0.3.bb index 244d9e204..074f71320 100644 --- a/poky/meta/recipes-support/nss-myhostname/nss-myhostname_0.3.bb +++ b/poky/meta/recipes-support/nss-myhostname/nss-myhostname_0.3.bb @@ -12,7 +12,7 @@ SRC_URI = "http://0pointer.de/lennart/projects/nss-myhostname/nss-myhostname-${P SRC_URI[md5sum] = "d4ab9ac36c053ab8fb836db1cbd4a48f" SRC_URI[sha256sum] = "2ba744ea8d578d1c57c85884e94a3042ee17843a5294434d3a7f6c4d67e7caf2" -inherit autotools distro_features_check +inherit autotools features_check COMPATIBLE_HOST_libc-musl = 'null' diff --git a/poky/meta/recipes-support/rng-tools/rng-tools_6.7.bb b/poky/meta/recipes-support/rng-tools/rng-tools_6.8.bb index b4e453f67..83a48a4ec 100644 --- a/poky/meta/recipes-support/rng-tools/rng-tools_6.7.bb +++ b/poky/meta/recipes-support/rng-tools/rng-tools_6.8.bb @@ -14,7 +14,7 @@ SRC_URI = "\ file://default \ file://rngd.service \ " -SRCREV = "9fc873c5af0e392632e6b736938b811f7ca97251" +SRCREV = "eb5e34c7fb05594760f99d863fbe0401fe297b93" S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-support/sqlite/sqlite3_3.30.0.bb b/poky/meta/recipes-support/sqlite/sqlite3_3.30.1.bb index feeee8af0..f18eeb19e 100644 --- a/poky/meta/recipes-support/sqlite/sqlite3_3.30.0.bb +++ b/poky/meta/recipes-support/sqlite/sqlite3_3.30.1.bb @@ -4,5 +4,5 @@ LICENSE = "PD" LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66" SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz" -SRC_URI[md5sum] = "84230638d5b80b61843e43b5efcb9e53" -SRC_URI[sha256sum] = "e0a8cf4c7a87455e55e10413d16f358ca121ccec687fe1301eac95e2d340fc58" +SRC_URI[md5sum] = "51252dc6bc9094ba11ab151ba650ff3c" +SRC_URI[sha256sum] = "8c5a50db089bd2a1b08dbc5b00d2027602ca7ff238ba7658fabca454d4298e60" diff --git a/poky/meta/recipes-support/vte/vte_0.58.2.bb b/poky/meta/recipes-support/vte/vte_0.58.2.bb index 9e27f6978..0ed382a5f 100644 --- a/poky/meta/recipes-support/vte/vte_0.58.2.bb +++ b/poky/meta/recipes-support/vte/vte_0.58.2.bb @@ -14,7 +14,7 @@ DEPENDS = "glib-2.0 gtk+3 libpcre2 libxml2-native gperf-native" GNOMEBASEBUILDCLASS = "meson" GIR_MESON_OPTION = 'gir' -inherit gnomebase gtk-doc distro_features_check upstream-version-is-even gobject-introspection +inherit gnomebase gtk-doc features_check upstream-version-is-even gobject-introspection # vapigen.m4 is required when vala is not present (but the one from vala should be used normally) SRC_URI += "file://0001-app.cc-use-old-school-asignment-to-avoid-gcc-4.8-err.patch \ diff --git a/poky/scripts/lib/devtool/standard.py b/poky/scripts/lib/devtool/standard.py index 8d9c1a302..1c0cd8ab5 100644 --- a/poky/scripts/lib/devtool/standard.py +++ b/poky/scripts/lib/devtool/standard.py @@ -2021,7 +2021,7 @@ def finish(args, config, basepath, workspace): remove_work=args.remove_work tinfoil = setup_tinfoil(basepath=basepath, tracking=True) try: - rd = parse_recipe(config, tinfoil, args.recipename, True, False) + rd = parse_recipe(config, tinfoil, args.recipename, True) if not rd: return 1 diff --git a/poky/scripts/lib/devtool/upgrade.py b/poky/scripts/lib/devtool/upgrade.py index 18c5b66a2..cb6dce378 100644 --- a/poky/scripts/lib/devtool/upgrade.py +++ b/poky/scripts/lib/devtool/upgrade.py @@ -32,7 +32,7 @@ def _run(cmd, cwd=''): def _get_srctree(tmpdir): srctree = tmpdir - dirs = os.listdir(tmpdir) + dirs = scriptutils.filter_src_subdirs(tmpdir) if len(dirs) == 1: srctree = os.path.join(tmpdir, dirs[0]) return srctree @@ -281,7 +281,8 @@ def _extract_new_source(newpv, srctree, no_patch, srcrev, srcbranch, branch, kee logger.info('Preserving temporary directory %s' % tmpsrctree) else: shutil.rmtree(tmpsrctree) - shutil.rmtree(tmpdir) + if tmpdir != tmpsrctree: + shutil.rmtree(tmpdir) return (rev, md5, sha256, srcbranch, srcsubdir_rel) diff --git a/poky/scripts/lib/recipetool/create.py b/poky/scripts/lib/recipetool/create.py index 1fb6b5553..4c4bbadb4 100644 --- a/poky/scripts/lib/recipetool/create.py +++ b/poky/scripts/lib/recipetool/create.py @@ -495,9 +495,7 @@ def create_recipe(args): if ftmpdir and args.keep_temp: logger.info('Fetch temp directory is %s' % ftmpdir) - dirlist = os.listdir(srctree) - filterout = ['git.indirectionsymlink'] - dirlist = [x for x in dirlist if x not in filterout] + dirlist = scriptutils.filter_src_subdirs(srctree) logger.debug('Directory listing (excluding filtered out):\n %s' % '\n '.join(dirlist)) if len(dirlist) == 1: singleitem = os.path.join(srctree, dirlist[0]) diff --git a/poky/scripts/lib/scriptutils.py b/poky/scripts/lib/scriptutils.py index c573dc7f6..45bdaf5f4 100644 --- a/poky/scripts/lib/scriptutils.py +++ b/poky/scripts/lib/scriptutils.py @@ -268,3 +268,13 @@ def is_src_url(param): elif param.startswith('git@') or ('@' in param and param.endswith('.git')): return True return False + +def filter_src_subdirs(pth): + """ + Filter out subdirectories of initial unpacked source trees that we do not care about. + Used by devtool and recipetool. + """ + dirlist = os.listdir(pth) + filterout = ['git.indirectionsymlink', 'source-date-epoch'] + dirlist = [x for x in dirlist if x not in filterout] + return dirlist diff --git a/poky/scripts/lib/wic/engine.py b/poky/scripts/lib/wic/engine.py index 18776fa8a..7e6620747 100644 --- a/poky/scripts/lib/wic/engine.py +++ b/poky/scripts/lib/wic/engine.py @@ -19,6 +19,7 @@ import os import tempfile import json import subprocess +import re from collections import namedtuple, OrderedDict from distutils.spawn import find_executable @@ -335,25 +336,52 @@ class Disk: exec_cmd(cmd, as_shell=True) self._put_part_image(pnum) - def remove(self, pnum, path): + def remove_ext(self, pnum, path, recursive): + """ + Remove files/dirs and their contents from the partition. + This only applies to ext* partition. + """ + abs_path = re.sub('\/\/+', '/', path) + cmd = "{} {} -wR 'rm \"{}\"'".format(self.debugfs, + self._get_part_image(pnum), + abs_path) + out = exec_cmd(cmd , as_shell=True) + for line in out.splitlines(): + if line.startswith("rm:"): + if "file is a directory" in line: + if recursive: + # loop through content and delete them one by one if + # flaged with -r + subdirs = iter(self.dir(pnum, abs_path).splitlines()) + next(subdirs) + for subdir in subdirs: + dir = subdir.split(':')[1].split(" ", 1)[1] + if not dir == "." and not dir == "..": + self.remove_ext(pnum, "%s/%s" % (abs_path, dir), recursive) + + rmdir_out = exec_cmd("{} {} -wR 'rmdir \"{}\"'".format(self.debugfs, + self._get_part_image(pnum), + abs_path.rstrip('/')) + , as_shell=True) + + for rmdir_line in rmdir_out.splitlines(): + if "directory not empty" in rmdir_line: + raise WicError("Could not complete operation: \n%s \n" + "use -r to remove non-empty directory" % rmdir_line) + if rmdir_line.startswith("rmdir:"): + raise WicError("Could not complete operation: \n%s " + "\n%s" % (str(line), rmdir_line)) + + else: + raise WicError("Could not complete operation: \n%s " + "\nUnable to remove %s" % (str(line), abs_path)) + + def remove(self, pnum, path, recursive): """Remove files/dirs from the partition.""" partimg = self._get_part_image(pnum) if self.partitions[pnum].fstype.startswith('ext'): - cmd = "{} {} -wR 'rm {}'".format(self.debugfs, - self._get_part_image(pnum), - path) - out = exec_cmd(cmd , as_shell=True) - for line in out.splitlines(): - if line.startswith("rm:"): - if "file is a directory" in line: - # Try rmdir to see if this is an empty directory. This won't delete - # any non empty directory so let user know about any error that this might - # generate. - print(exec_cmd("{} {} -wR 'rmdir {}'".format(self.debugfs, - self._get_part_image(pnum), - path), as_shell=True)) - else: - raise WicError("Could not complete operation: wic %s" % str(line)) + self.remove_ext(pnum, path, recursive) + else: # fat cmd = "{} -i {} ::{}".format(self.mdel, partimg, path) try: @@ -535,7 +563,7 @@ def wic_rm(args, native_sysroot): partitioned image. """ disk = Disk(args.path.image, native_sysroot) - disk.remove(args.path.part, args.path.path) + disk.remove(args.path.part, args.path.path, args.recursive_delete) def wic_write(args, native_sysroot): """ diff --git a/poky/scripts/lib/wic/help.py b/poky/scripts/lib/wic/help.py index 968cc0ed6..812ebe3ec 100644 --- a/poky/scripts/lib/wic/help.py +++ b/poky/scripts/lib/wic/help.py @@ -422,6 +422,7 @@ NAME SYNOPSIS wic rm <src> <image>:<partition><path> wic rm <src> <image>:<partition><path> --native-sysroot <path> + wic rm -r <image>:<partition><path> DESCRIPTION This command removes files or directories from the vfat or ext* partition of the @@ -456,6 +457,9 @@ DESCRIPTION The -n option is used to specify the path to the native sysroot containing the tools(parted and mtools) to use. + + The -r option is used to remove directories and their contents + recursively,this only applies to ext* partition. """ wic_write_usage = """ diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu index a05facd0d..5c56c3fe6 100755 --- a/poky/scripts/runqemu +++ b/poky/scripts/runqemu @@ -67,9 +67,9 @@ of the following environment variables (in any order): nographic - disable video console sdl - choose the SDL UI frontend gtk - choose the Gtk UI frontend - gl - enable virgl-based GL acceleration (also needs gtk option) - gl-es - enable virgl-based GL acceleration, using OpenGL ES (also needs gtk option) - egl-headless - enable headless EGL output; use vnc or spice to see it + gl - enable virgl-based GL acceleration (also needs gtk or sdl options) + gl-es - enable virgl-based GL acceleration, using OpenGL ES (also needs gtk or sdl options) + egl-headless - enable headless EGL output; use vnc (via publicvnc option) or spice to see it serial - enable a serial console on /dev/ttyS0 serialstdio - enable a serial console on the console (regardless of graphics mode) slirp - enable user networking, no root privileges is required @@ -437,7 +437,12 @@ class BaseConfig(object): self.qemu_opt_script += ' -nographic' self.kernel_cmdline_script += ' console=ttyS0' elif arg == 'sdl': - self.qemu_opt_script += ' -display sdl' + if 'gl' in sys.argv[1:]: + self.qemu_opt_script += ' -vga virtio -display sdl,gl=on' + elif 'gl-es' in sys.argv[1:]: + self.qemu_opt_script += ' -vga virtio -display sdl,gl=es' + else: + self.qemu_opt_script += ' -display sdl' elif arg == 'gtk': if 'gl' in sys.argv[1:]: self.qemu_opt_script += ' -vga virtio -display gtk,gl=on' diff --git a/poky/scripts/wic b/poky/scripts/wic index 1a717300f..ea614100c 100755 --- a/poky/scripts/wic +++ b/poky/scripts/wic @@ -403,6 +403,9 @@ def wic_init_parser_rm(subparser): help="path: <image>:<vfat partition><path>") subparser.add_argument("-n", "--native-sysroot", help="path to the native sysroot containing the tools") + subparser.add_argument("-r", dest="recursive_delete", action="store_true", default=False, + help="remove directories and their contents recursively, " + " this only applies to ext* partition") def expandtype(rules): """ |