From 64c979e88e6d0917b6fe45e52e381affec150afd Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Mon, 4 Nov 2019 13:55:29 -0500 Subject: poky: subtree update:52a625582e..7035b4b21e MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adrian Bunk (9): squashfs-tools: Upgrade to 4.4 screen: Upgrade 4.6.2 -> 4.7.0 stress-ng: Upgrade 0.10.00 -> 0.10.08 nspr: Upgrade 4.21 -> 4.23 gcc: Remove stale gcc 8 patchfile gnu-efi: Upgrade 3.0.9 -> 3.0.10 python3-numpy: Stop shipping manual config files coreutils: Move stdbuf into an own package coreutils-stdbuf gnu-efi: Upgrade 3.0.10 -> 3.0.11 Alessio Igor Bogani (1): systemtap: support usrmerge Alexander Hirsch (1): libksba: Fix license specification Alexander Kanavin (6): gcr: update to 3.34.0 btrfs-tools: update to 5.3 libmodulemd-v1: update to 1.8.16 selftest: skip virgl test on centos 7 entirely nfs-utils: do not depend on bash unnecessarily selftest: add a test for gpl3-free images Alistair Francis (4): opensbi: Bump from 0.4 to 0.5 u-boot: Bump from 2019.07 to 2019.10 qemuriscv64: Build smode U-Boot libsdl2: Fix build failure when using mesa 19.2.1 Andreas Müller (4): adwaita-icon-theme: upgrade 3.32.0 -> 3.34.0 gsettings-desktop-schemas: upgrade 3.32.0 -> 3.34.0 IMAGE_LINGUAS_COMPLEMENTARY: auto-add language packages other than locales libical: add PACKAGECONFIG glib and enable it by default André Draszik (10): testimage.bbclass: support hardware-controlled targets testimage.bbclass: enable ssh agent forwarding oeqa/runtime/df: don't fail on long device names oeqa/core/decorator: add skipIfFeature oeqa/runtime/opkg: skip install on read-only-rootfs oeqa/runtime/systemd: skip unit enable/disable on read-only-rootfs ruby: update to v2.6.4 ruby: some ptest fixes oeqa/runtime/context.py: ignore more files when loading controllers connman: mark connman-wait-online as SYSTEMD_PACKAGE Bruce Ashfield (6): linux-yocto/4.19: update to v4.19.78 linux-yocto/5.2: update to v5.2.20 perf: fix v5.4+ builds perf: create directories before copying single files perf: add 'cap' PACKAGECONFIG perf: drop 'include' copy Carlos Rafael Giani (12): gstreamer1.0: upgrade to version 1.16.1 gstreamer1.0-plugins-base: upgrade to version 1.16.1 gstreamer1.0-plugins-good: upgrade to version 1.16.1 gstreamer1.0-plugins-bad: upgrade to version 1.16.1 gstreamer1.0-plugins-ugly: upgrade to version 1.16.1 gstreamer1.0-libav: upgrade to version 1.16.1 gstreamer1.0-vaapi: upgrade to version 1.16.1 gstreamer1.0-omx: upgrade to version 1.16.1 gstreamer1.0-python: upgrade to version 1.16.1 gstreamer1.0-rtsp-server: upgrade to version 1.16.1 gst-validate: upgrade to version 1.16.1 gstreamer: Change SRC_URI to use HTTPS access instead of HTTP Changqing Li (4): qemu: Fix CVE-2019-12068 python: Fix CVE-2019-10160 sudo: fix CVE-2019-14287 mdadm: fix do_package failed when changed local.conf but not cleaned Chee Yang Lee (2): wic/help: change 'wic write' help description wic/engine: use 'linux-swap' for swap file system Chen Qi (3): go: fix CVE-2019-16276 python3: fix CVE-2019-16935 python: fix CVE-2019-16935 Chris Laplante via bitbake-devel (2): bitbake: bitbake: contrib/vim: initial commit, with unmodified code from indent/python.vim bitbake: bitbake: contrib/vim: Modify Python indentation to work with 'python do_task {' Christopher Larson (2): bitbake: fetch2/git: fetch shallow revs when needed bitbake: tests/fetch: add test for fetching shallow revs Dan Callaghan (1): elfutils: add PACKAGECONFIG for compression algorithms Douglas Royds via Openembedded-core (1): icecc: Export ICECC_CC and friends via wrapper-script Eduardo Abinader (1): devtool: add ssh key option to deploy-target param Eugene Smirnov (1): wic/rawcopy: Support files in sub-directories Ferry Toth (1): sudo: Fix fetching sources Frazer Leslie Clews (2): makedevs: fix format strings in makedevs.c in print statements makedevs: fix invalidScanfFormatWidth to prevent overflowing usr_buf George McCollister (1): openssl: make OPENSSL_ENGINES match install path Haiqing Bai (1): unfs3: fixed the issue that unfsd consumes 100% CPU He Zhe (1): ltp: Fix overcommit_memory failure Hongxu Jia (1): openssh: fix CVE-2019-16905 Joe Slater (2): libtiff: fix CVE-2019-17546 libxslt: fix CVE-2019-18197 Kai Kang (1): bind: fix CVE-2019-6471 and CVE-2018-5743 Liwei Song (1): util-linux: fix PKNAME name is NULL when use lsblk [LIN1019-2963] Mattias Hansson (1): base.bbclass: add dependency on pseudo from do_prepare_recipe_sysroot Max Tomago (1): python-native: Remove debug.patch Maxime Roussin-Bélanger (2): meta: update and add missing homepage/bugtracker links meta: add missing description in recipes-gnome Michael Ho (1): cmake.bbclass: add HOSTTOOLS_DIR to CMAKE_FIND_ROOT_PATH Mike Crowe (2): kernel-fitimage: Cope with non-standard kernel deploy subdirectory kernel-devicetree: Cope with non-standard kernel deploy subdirectory Mikko Rapeli (1): systemd.bbclass: enable all services specified in ${SYSTEMD_SERVICE} Nicola Lunghi (1): ofono: tidy up the recipe Ola x Nilsson (10): oeqa/selftest/recipetool: Use with to control file handle lifetime oe.types.path: Use with to control file handle lifetime lib/oe/packagedata: Use with to control file handle lifetime lib/oe/package_manager: Use with to control file handle lifetime report-error.bbclass: Use with to control file handle lifetime package.bbclass: Use with to manage file handle lifetimes devtool-source.bbclass: Use with to manage file handle lifetime libc-package.bbclass: Use with to manage filehandle in do_spit_gconvs bitbake: bitbake: prserv/serv: Use with while reading pidfile bitbake: bitbake: ConfHandler: Use with to manage filehandle lifetime Oleksandr Kravchuk (4): ell: update to 0.23 ell: update to 0.25 ell: update to 0.26 ofono: update to 1.31 Ricardo Ribalda Delgado (1): i2c-tools: Add missing RDEPEND Richard Leitner (1): kernel-fitimage: introduce FIT_SIGN_ALG Richard Purdie (4): tinderclient: Drop obsolete class meson: Backport fix to assist meta-oe breakage nfs-utils: Improve handling when no exported fileysystems qemu: Avoid potential build configuration contamination Robert Yang (1): bluez5: Fix for --enable-btpclient Ross Burton (29): sanity: check the format of SDK_VENDOR file: explicitly disable seccomp python3: -dev should depend on distutils gawk: add PACKAGECONFIG for readline python3: alternative name is python3-config not python-config python3: ensure that all forms of python3-config are in python3-dev oeqa/selftest: use specialist assert* methods bluez5: refresh upstreamed patches xorgproto: fix summary libx11: upgrade to 1.6.9 xorgproto: upgrade to 2019.2 llvm: add missing Upstream-Status tags buildhistory-analysis: filter out -src changes by default squashfs-tools: remove redundant source checksums squashfs-tools: clean up compile/install tasks wpa-supplicant: fix CVE-2019-16275 gcr: remove intltool-native elfutils: disable bzip cve-check: ensure all known CVEs are in the report git: some tools are no longer perl, so move to main recipe git: cleanup man install qemu-helper-native: add missing option to getopt() call qemu-helper-native: showing help shouldn't be an error qemu-helper-native: pass compiler flags oeqa/selftest: add test for oe-run-native cve-check: failure to parse versions should be more visible gst-examples: rename so PV is in filename sanity: check for more bits of Python recipeutils-test: use a small dependency in the dummy recipe Sai Hari Chandana Kalluri (1): devtool: Add --remove-work option for devtool reset command Scott Rifenbark (9): ref-manual: First pass of 2.8 migration changes (WIP) poky.ent: Updated the release date to October 2019 dev-manual: Added info to "Selecting an Initialization Manager" ref-manual: 2nd pass 3.0 migration documenation: Changed "2.8" to "3.0". ref-manual: Removed deprecated link to ref-classes-bluetooth ref-manual, dev-manual: Clean up of a commit ref-manual: Updated the BUSYBOX_SPLIT_SUID variable. ref-manual, dev-manual: Added CMake toolchain files. Stefan Agner (1): uninative: check .done file instead of tarball Tom Benn (1): dbus: update dbus-1.init to reflect new PID file Trevor Gamblin (5): aspell: upgrade from 0.60.7 to 0.60.8 binutils: fix CVE-2019-17450 binutils: fix CVE-2019-17451 ncurses: fix CVE-2019-17594, CVE-2019-17595 libgcrypt: upgrade 1.8.4 -> 1.8.5 Trevor Woerner (1): libcap-ng: undefined reference to `pthread_atfork' Wenlin Kang (1): sysstat: fix CVE-2019-16167 Yann Dirson (1): mesa: fix meson configure fix when 'dri' is excluded from PACKAGECONFIG Yeoh Ee Peng (1): scripts/oe-pkgdata-util: Enable list-pkgs to print ordered packages Yi Zhao (2): libsdl2: fix CVE-2019-13616 libgcrypt: fix CVE-2019-12904 Zang Ruochen (6): bison:upgrade 3.4.1 -> 3.4.2 e2fsprogs:upgrade 1.45.3 -> 1.45.4 libxvmc:upgrade 1.0.11 -> 1.0.12 python3-pip:upgrade 19.2.3 -> 19.3.1 python-setuptools:upgrade 41.2.0 -> 41.4.0 libcap-ng:upgrade 0.7.9 -> 0.7.10 Signed-off-by: Brad Bishop Change-Id: I50bc42f74dffdc406ffc0dea034e41462fe6e06b --- poky/bitbake/bitbake/contrib/vim/bitbake.vim | 248 ++++++ poky/bitbake/lib/bb/fetch2/git.py | 23 +- poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py | 46 +- poky/bitbake/lib/bb/tests/fetch.py | 20 + poky/bitbake/lib/prserv/serv.py | 5 +- poky/documentation/bsp-guide/bsp-guide.xml | 4 +- .../dev-manual/dev-manual-common-tasks.xml | 90 +- poky/documentation/dev-manual/dev-manual.xml | 4 +- poky/documentation/kernel-dev/kernel-dev.xml | 4 +- poky/documentation/mega-manual/mega-manual.xml | 4 +- .../overview-manual/overview-manual.xml | 4 +- poky/documentation/poky.ent | 10 +- .../profile-manual/profile-manual.xml | 4 +- poky/documentation/ref-manual/migration.xml | 105 ++- poky/documentation/ref-manual/ref-classes.xml | 8 + poky/documentation/ref-manual/ref-manual.xml | 4 +- poky/documentation/ref-manual/ref-variables.xml | 9 +- poky/documentation/sdk-manual/sdk-manual.xml | 4 +- .../toaster-manual/toaster-manual.xml | 4 +- poky/documentation/tools/mega-manual.sed | 46 +- poky/meta-selftest/lib/oeqa/runtime/cases/virgl.py | 5 - .../recipes-test/aspell/aspell_0.60.7.bbappend | 2 - .../recipes-test/aspell/aspell_0.60.8.bbappend | 2 + .../recipeutils/recipeutils-test_1.2.bb | 2 +- poky/meta/classes/base.bbclass | 1 + poky/meta/classes/cmake.bbclass | 3 +- poky/meta/classes/cve-check.bbclass | 13 +- poky/meta/classes/devtool-source.bbclass | 8 +- poky/meta/classes/icecc.bbclass | 32 +- poky/meta/classes/image.bbclass | 2 +- poky/meta/classes/kernel-devicetree.bbclass | 20 +- poky/meta/classes/kernel-fitimage.bbclass | 24 +- poky/meta/classes/libc-package.bbclass | 15 +- poky/meta/classes/package.bbclass | 76 +- poky/meta/classes/report-error.bbclass | 8 +- poky/meta/classes/sanity.bbclass | 17 +- poky/meta/classes/systemd.bbclass | 6 +- poky/meta/classes/testimage.bbclass | 18 + poky/meta/classes/tinderclient.bbclass | 368 --------- poky/meta/classes/uninative.bbclass | 2 +- poky/meta/conf/machine/qemuriscv64.conf | 2 +- poky/meta/lib/oe/buildhistory_analysis.py | 2 +- poky/meta/lib/oe/package_manager.py | 10 +- poky/meta/lib/oe/packagedata.py | 5 +- poky/meta/lib/oe/types.py | 4 +- poky/meta/lib/oeqa/core/decorator/data.py | 18 + poky/meta/lib/oeqa/runtime/cases/df.py | 2 +- poky/meta/lib/oeqa/runtime/cases/opkg.py | 4 +- poky/meta/lib/oeqa/runtime/cases/systemd.py | 16 +- poky/meta/lib/oeqa/runtime/context.py | 2 +- poky/meta/lib/oeqa/selftest/cases/bblayers.py | 8 +- poky/meta/lib/oeqa/selftest/cases/bbtests.py | 17 +- poky/meta/lib/oeqa/selftest/cases/imagefeatures.py | 2 +- .../lib/oeqa/selftest/cases/incompatible_lic.py | 18 + poky/meta/lib/oeqa/selftest/cases/oescripts.py | 6 + poky/meta/lib/oeqa/selftest/cases/recipetool.py | 4 +- poky/meta/lib/oeqa/selftest/cases/runtime_test.py | 2 + .../gnu-efi/gnu-efi/parallel-make-archives.patch | 18 - poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb | 71 ++ poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.9.bb | 71 -- poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb | 53 -- poky/meta/recipes-bsp/opensbi/opensbi_0.5.bb | 53 ++ .../u-boot/files/0001-CVE-2019-13103.patch | 69 -- ...001-include-env.h-Ensure-ulong-is-defined.patch | 31 + .../u-boot/files/0002-CVE-2019-13104.patch | 49 -- .../u-boot/files/0003-CVE-2019-13105.patch | 37 - .../u-boot/files/0004-CVE-2019-13106.patch | 56 -- .../files/0005-CVE-2019-14192-14193-14199.patch | 43 - ...-2019-14197-14200-14201-14202-14203-14204.patch | 44 - .../u-boot/files/0007-CVE-2019-14194-14198.patch | 42 - .../u-boot/files/0008-CVE-2019-14195.patch | 42 - .../u-boot/files/0009-CVE-2019-14196.patch | 48 -- poky/meta/recipes-bsp/u-boot/u-boot-common.inc | 13 +- .../recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb | 34 - .../recipes-bsp/u-boot/u-boot-fw-utils_2019.10.bb | 36 + .../recipes-bsp/u-boot/u-boot-tools_2019.07.bb | 67 -- .../recipes-bsp/u-boot/u-boot-tools_2019.10.bb | 67 ++ poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb | 4 - poky/meta/recipes-bsp/u-boot/u-boot_2019.10.bb | 4 + .../bind/bind/0001-bind-fix-CVE-2019-6471.patch | 64 ++ .../0001-fix-enforcement-of-tcp-clients-v1.patch | 60 ++ ...02-tcp-clients-could-still-be-exceeded-v2.patch | 670 +++++++++++++++ ...-reference-counter-for-pipeline-groups-v3.patch | 278 +++++++ ...uota-accounting-and-client-mortality-chec.patch | 512 ++++++++++++ ...pquota-and-pipeline-refs-allow-special-ca.patch | 911 +++++++++++++++++++++ ...tore-allowance-for-tcp-clients-interfaces.patch | 80 ++ ...mic-operations-in-bin-named-client.c-with.patch | 140 ++++ .../recipes-connectivity/bind/bind_9.11.5-P4.bb | 8 + poky/meta/recipes-connectivity/bluez5/bluez5.inc | 1 + ...01-Makefile.am-Fix-a-race-issue-for-tools.patch | 28 +- .../0001-tools-btpclient.c-include-signal.h.patch | 30 + .../bluez5/bluez5/out-of-tree.patch | 2 +- poky/meta/recipes-connectivity/connman/connman.inc | 2 +- .../nfs-utils/nfs-utils/nfsserver | 2 +- .../nfs-utils/nfs-utils_2.4.1.bb | 2 +- poky/meta/recipes-connectivity/ofono/ofono.inc | 39 - poky/meta/recipes-connectivity/ofono/ofono_1.30.bb | 9 - poky/meta/recipes-connectivity/ofono/ofono_1.31.bb | 50 ++ ...x-integer-overflow-in-XMSS-private-key-pa.patch | 40 + .../recipes-connectivity/openssh/openssh_8.0p1.bb | 1 + .../recipes-connectivity/openssl/openssl_1.1.1d.bb | 2 +- ...-ignore-management-frame-from-unexpected-.patch | 82 ++ .../wpa-supplicant/wpa-supplicant_2.9.bb | 1 + poky/meta/recipes-core/coreutils/coreutils_8.31.bb | 6 +- poky/meta/recipes-core/dbus/dbus/dbus-1.init | 4 +- poky/meta/recipes-core/ell/ell_0.22.bb | 22 - poky/meta/recipes-core/ell/ell_0.26.bb | 22 + ...rses-selective-backport-of-20191012-patch.patch | 169 ++++ .../recipes-core/ncurses/ncurses_6.1+20190803.bb | 1 + ...lsblk-force-to-print-PKNAME-for-partition.patch | 36 + .../recipes-core/util-linux/util-linux_2.34.bb | 1 + .../recipes-devtools/binutils/binutils-2.32.inc | 2 + .../binutils/binutils/CVE-2019-17450.patch | 99 +++ .../binutils/binutils/CVE-2019-17451.patch | 51 ++ poky/meta/recipes-devtools/bison/bison_3.4.1.bb | 40 - poky/meta/recipes-devtools/bison/bison_3.4.2.bb | 40 + .../btrfs-tools/btrfs-tools_5.2.2.bb | 52 -- .../btrfs-tools/btrfs-tools_5.3.bb | 52 ++ .../recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb | 138 ---- .../recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb | 138 ++++ .../recipes-devtools/elfutils/elfutils_0.177.bb | 13 +- poky/meta/recipes-devtools/file/file_5.37.bb | 2 + .../gcc/gcc-8.3/CVE-2019-14250.patch | 44 - poky/meta/recipes-devtools/git/git.inc | 18 +- poky/meta/recipes-devtools/go/go-1.12.inc | 1 + ...nch.go1.12-security-net-textproto-don-t-n.patch | 163 ++++ .../recipes-devtools/i2c-tools/i2c-tools_4.1.bb | 1 + ...Do-not-generate-gtkdoc-or-python-bindings.patch | 60 -- .../libmodulemd/libmodulemd-v1_git.bb | 7 +- ...LibraryInfo-Undefine-libc-functions-if-th.patch | 3 + .../0007-llvm-allow-env-override-of-exe-path.patch | 3 + .../recipes-devtools/makedevs/makedevs/makedevs.c | 10 +- poky/meta/recipes-devtools/meson/meson.inc | 1 + .../dbc9e971bd320f3df15c1ee74f54858e6792b183.patch | 95 +++ .../python-numpy/files/aarch64/_numpyconfig.h | 32 - .../python-numpy/files/aarch64/config.h | 139 ---- .../python-numpy/files/arm/config.h | 21 - .../python-numpy/files/arm/numpyconfig.h | 17 - .../python-numpy/files/armeb/config.h | 21 - .../python-numpy/files/armeb/numpyconfig.h | 17 - .../files/mipsarchn32eb/_numpyconfig.h | 32 - .../python-numpy/files/mipsarchn32eb/config.h | 139 ---- .../files/mipsarchn32el/_numpyconfig.h | 31 - .../python-numpy/files/mipsarchn32el/config.h | 138 ---- .../files/mipsarchn64eb/_numpyconfig.h | 32 - .../python-numpy/files/mipsarchn64eb/config.h | 139 ---- .../files/mipsarchn64el/_numpyconfig.h | 32 - .../python-numpy/files/mipsarchn64el/config.h | 138 ---- .../files/mipsarcho32eb/_numpyconfig.h | 32 - .../python-numpy/files/mipsarcho32eb/config.h | 139 ---- .../python-numpy/files/mipsarcho32el/config.h | 21 - .../python-numpy/files/mipsarcho32el/numpyconfig.h | 18 - .../python-numpy/files/powerpc/_numpyconfig.h | 32 - .../python-numpy/files/powerpc/config.h | 139 ---- .../python-numpy/files/powerpc64/_numpyconfig.h | 32 - .../python-numpy/files/powerpc64/config.h | 139 ---- .../python-numpy/files/riscv64/_numpyconfig.h | 32 - .../python-numpy/files/riscv64/config.h | 139 ---- .../python-numpy/files/x86-64/_numpyconfig.h | 32 - .../python-numpy/files/x86-64/config.h | 139 ---- .../python-numpy/files/x86/config.h | 108 --- .../python-numpy/files/x86/numpyconfig.h | 24 - .../recipes-devtools/python-numpy/python-numpy.inc | 68 -- .../python/python-native/debug.patch | 32 - .../python/python-native_2.7.16.bb | 1 - .../recipes-devtools/python/python-setuptools.inc | 4 +- .../python/python-setuptools_41.2.0.bb | 9 - .../python/python-setuptools_41.4.0.bb | 9 + ...43-Escape-the-server-title-of-DocXMLRPCSe.patch | 101 +++ .../python/python/bpo-36742-cve-2019-10160.patch | 81 ++ .../recipes-devtools/python/python3-pip_19.2.3.bb | 31 - .../recipes-devtools/python/python3-pip_19.3.1.bb | 31 + .../python/python3-setuptools_41.2.0.bb | 6 - .../python/python3-setuptools_41.4.0.bb | 6 + ...mlrpc.server-Escape-the-server_title-GH-1.patch | 86 ++ .../python/python3/python3-manifest.json | 10 +- poky/meta/recipes-devtools/python/python3_3.7.4.bb | 12 +- poky/meta/recipes-devtools/python/python_2.7.16.bb | 2 + .../qemu/qemu-helper-native_1.0.bb | 2 +- .../recipes-devtools/qemu/qemu-helper/tunctl.c | 16 +- poky/meta/recipes-devtools/qemu/qemu.inc | 2 + .../qemu/qemu/CVE-2019-12068.patch | 108 +++ poky/meta/recipes-devtools/ruby/ruby.inc | 6 +- ...c-check-finite-isinf-isnan-as-macros-firs.patch | 101 --- ...mk-fix-cross-compilation-of-external-gems.patch | 34 + ...0002-Obey-LDFLAGS-for-the-link-of-libruby.patch | 22 +- ...c-check-finite-isinf-isnan-as-macros-firs.patch | 103 +++ poky/meta/recipes-devtools/ruby/ruby/extmk.patch | 16 - poky/meta/recipes-devtools/ruby/ruby_2.5.5.bb | 74 -- poky/meta/recipes-devtools/ruby/ruby_2.6.4.bb | 77 ++ .../squashfs-tools-4.3-sysmacros.patch | 32 - .../squashfs-tools/squashfs-tools_git.bb | 15 +- .../0001-Add-listen-action-for-a-tcp-socket.patch | 54 ++ poky/meta/recipes-devtools/unfs3/unfs3_git.bb | 1 + poky/meta/recipes-extended/gawk/gawk_5.0.1.bb | 4 +- ...memory-update-for-mm-fix-false-positive-O.patch | 57 ++ poky/meta/recipes-extended/ltp/ltp_20190517.bb | 1 + poky/meta/recipes-extended/mdadm/mdadm_4.1.bb | 5 +- ...c-fix-configure-failed-while-build-dir-ha.patch | 109 --- .../Avoid-mis-identifying-systems-as-SVR4.patch | 57 -- ...cross-compile-alternatives-for-AC_TRY_RUN.patch | 137 ---- .../Remove-redundant-compiler-sanity-checks.patch | 65 -- ...t-file-system-checks-when-cross-compiling.patch | 135 --- poky/meta/recipes-extended/screen/screen_4.6.2.bb | 54 -- poky/meta/recipes-extended/screen/screen_4.7.0.bb | 49 ++ ...ompletion-remove-the-shebang-at-the-start.patch | 23 - .../stress-ng/stress-ng_0.10.00.bb | 26 - .../stress-ng/stress-ng_0.10.08.bb | 25 + .../sudo/sudo/CVE-2019-14287-1.patch | 178 ++++ .../sudo/sudo/CVE-2019-14287-2.patch | 112 +++ poky/meta/recipes-extended/sudo/sudo_1.8.27.bb | 4 +- ...ory-corruption-bug-due-to-Integer-Overflo.patch | 46 ++ .../recipes-extended/sysstat/sysstat_12.1.6.bb | 4 +- .../meta/recipes-gnome/epiphany/epiphany_3.34.1.bb | 1 + poky/meta/recipes-gnome/gcr/gcr_3.28.1.bb | 32 - poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb | 35 + .../recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.38.2.bb | 7 +- .../0001-Don-t-use-AC_CANONICAL_HOST.patch | 2 +- .../gnome/adwaita-icon-theme_3.32.0.bb | 41 - .../gnome/adwaita-icon-theme_3.34.0.bb | 41 + poky/meta/recipes-gnome/gnome/gconf_3.2.6.bb | 3 + .../gobject-introspection_1.62.0.bb | 10 +- .../gsettings-desktop-schemas_3.32.0.bb | 16 - .../gsettings-desktop-schemas_3.34.0.bb | 18 + .../hicolor-icon-theme/hicolor-icon-theme_0.17.bb | 4 +- .../recipes-gnome/json-glib/json-glib_1.4.4.bb | 3 +- .../recipes-gnome/libdazzle/libdazzle_3.34.1.bb | 5 + poky/meta/recipes-gnome/libgudev/libgudev_233.bb | 5 + .../recipes-gnome/libnotify/libnotify_0.7.8.bb | 3 +- poky/meta/recipes-gnome/librsvg/librsvg_2.40.20.bb | 8 +- .../recipes-gnome/libsecret/libsecret_0.19.1.bb | 5 + ...538-validate-image-size-when-loading-BMP-.patch | 34 + ...797-SDL-fails-to-compile-with-Mesa-Master.patch | 41 + .../recipes-graphics/libsdl2/libsdl2_2.0.10.bb | 2 + ...0003-Allow-enable-DRI-without-DRI-drivers.patch | 2 +- poky/meta/recipes-graphics/xorg-lib/libx11.inc | 42 - .../xorg-lib/libx11/no-host-libtool.patch | 45 - .../xorg-lib/libx11/no-host-x.patch | 40 - .../meta/recipes-graphics/xorg-lib/libx11_1.6.8.bb | 7 - .../meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb | 45 + .../recipes-graphics/xorg-lib/libxvmc_1.0.11.bb | 19 - .../recipes-graphics/xorg-lib/libxvmc_1.0.12.bb | 19 + .../xorg-proto/xorgproto_2019.1.bb | 14 - .../xorg-proto/xorgproto_2019.2.bb | 14 + .../recipes-kernel/linux/linux-yocto-rt_4.19.bb | 6 +- .../recipes-kernel/linux/linux-yocto-rt_5.2.bb | 6 +- .../recipes-kernel/linux/linux-yocto-tiny_4.19.bb | 8 +- .../recipes-kernel/linux/linux-yocto-tiny_5.2.bb | 8 +- poky/meta/recipes-kernel/linux/linux-yocto_4.19.bb | 20 +- poky/meta/recipes-kernel/linux/linux-yocto_5.2.bb | 22 +- poky/meta/recipes-kernel/perf/perf.bb | 9 +- .../meta/recipes-kernel/systemtap/systemtap_git.bb | 11 +- .../gstreamer/gst-examples_1.16.0.bb | 31 + .../gstreamer/gst-examples_git.bb | 32 - .../gstreamer/gst-validate_1.16.0.bb | 25 - .../gstreamer/gst-validate_1.16.1.bb | 25 + .../gstreamer1.0-libav/gtkdoc-no-tree.patch | 35 - .../gstreamer/gstreamer1.0-libav_1.16.0.bb | 71 -- .../gstreamer/gstreamer1.0-libav_1.16.1.bb | 70 ++ .../gstreamer/gstreamer1.0-omx_1.16.0.bb | 57 -- .../gstreamer/gstreamer1.0-omx_1.16.1.bb | 57 ++ .../gstreamer/gstreamer1.0-plugins-bad_1.16.0.bb | 145 ---- .../gstreamer/gstreamer1.0-plugins-bad_1.16.1.bb | 145 ++++ .../gstreamer/gstreamer1.0-plugins-base_1.16.0.bb | 73 -- .../gstreamer/gstreamer1.0-plugins-base_1.16.1.bb | 73 ++ ...Advertise-interleaved-layout-in-caps-temp.patch | 37 - .../gstreamer1.0-plugins-good/headerfix.patch | 43 - .../gstreamer/gstreamer1.0-plugins-good_1.16.0.bb | 78 -- .../gstreamer/gstreamer1.0-plugins-good_1.16.1.bb | 76 ++ .../gstreamer/gstreamer1.0-plugins-ugly_1.16.0.bb | 40 - .../gstreamer/gstreamer1.0-plugins-ugly_1.16.1.bb | 40 + .../gstreamer/gstreamer1.0-python_1.16.0.bb | 37 - .../gstreamer/gstreamer1.0-python_1.16.1.bb | 37 + .../gstreamer/gstreamer1.0-rtsp-server_1.16.0.bb | 34 - .../gstreamer/gstreamer1.0-rtsp-server_1.16.1.bb | 34 + .../gstreamer/gstreamer1.0-vaapi_1.16.0.bb | 49 -- .../gstreamer/gstreamer1.0-vaapi_1.16.1.bb | 49 ++ .../gstreamer/gstreamer1.0_1.16.0.bb | 91 -- .../gstreamer/gstreamer1.0_1.16.1.bb | 91 ++ .../libtiff/tiff/CVE-2019-17546.patch | 103 +++ .../meta/recipes-multimedia/libtiff/tiff_4.0.10.bb | 1 + poky/meta/recipes-support/aspell/aspell_0.60.7.bb | 32 - poky/meta/recipes-support/aspell/aspell_0.60.8.bb | 30 + .../libcap-ng/libcap-ng-python_0.7.10.bb | 29 + .../libcap-ng/libcap-ng-python_0.7.9.bb | 29 - poky/meta/recipes-support/libcap-ng/libcap-ng.inc | 6 +- .../recipes-support/libcap-ng/libcap-ng_0.7.10.bb | 18 + .../recipes-support/libcap-ng/libcap-ng_0.7.9.bb | 17 - ...-pkg-config-for-libgcrypt-instead-of-conf.patch | 183 ----- .../files/0001-Prefetch-GCM-look-up-tables.patch | 90 ++ .../0001-libgcrypt-fix-m4-file-for-oe-core.patch | 149 ++++ ...ok-up-tables-to-.data-section-and-unshare.patch | 332 ++++++++ ...ok-up-table-to-.data-section-and-unshare-.patch | 178 ++++ .../recipes-support/libgcrypt/libgcrypt_1.8.4.bb | 54 -- .../recipes-support/libgcrypt/libgcrypt_1.8.5.bb | 57 ++ ...1-Use-our-hand-build-native-src-generator.patch | 33 + poky/meta/recipes-support/libical/libical_3.0.6.bb | 24 +- poky/meta/recipes-support/libksba/libksba_1.3.5.bb | 4 +- .../libxslt/files/CVE-2019-18197.patch | 33 + .../meta/recipes-support/libxslt/libxslt_1.1.33.bb | 1 + .../nspr/nspr/0004-Add-ARC-support.patch | 88 -- poky/meta/recipes-support/nspr/nspr_4.21.bb | 194 ----- poky/meta/recipes-support/nspr/nspr_4.23.bb | 193 +++++ poky/scripts/lib/devtool/deploy.py | 8 + poky/scripts/lib/devtool/standard.py | 26 +- poky/scripts/lib/wic/engine.py | 2 +- poky/scripts/lib/wic/help.py | 4 +- poky/scripts/lib/wic/plugins/source/rawcopy.py | 3 + poky/scripts/oe-pkgdata-util | 17 +- 309 files changed, 8499 insertions(+), 6516 deletions(-) create mode 100644 poky/bitbake/bitbake/contrib/vim/bitbake.vim delete mode 100644 poky/meta-selftest/recipes-test/aspell/aspell_0.60.7.bbappend create mode 100644 poky/meta-selftest/recipes-test/aspell/aspell_0.60.8.bbappend delete mode 100644 poky/meta/classes/tinderclient.bbclass create mode 100644 poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb delete mode 100644 poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.9.bb delete mode 100644 poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb create mode 100644 poky/meta/recipes-bsp/opensbi/opensbi_0.5.bb delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch create mode 100644 poky/meta/recipes-bsp/u-boot/files/0001-include-env.h-Ensure-ulong-is-defined.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch delete mode 100644 poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb create mode 100644 poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.10.bb delete mode 100644 poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb create mode 100644 poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.10.bb delete mode 100644 poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb create mode 100644 poky/meta/recipes-bsp/u-boot/u-boot_2019.10.bb create mode 100644 poky/meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch create mode 100644 poky/meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch create mode 100644 poky/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch delete mode 100644 poky/meta/recipes-connectivity/ofono/ofono.inc delete mode 100644 poky/meta/recipes-connectivity/ofono/ofono_1.30.bb create mode 100644 poky/meta/recipes-connectivity/ofono/ofono_1.31.bb create mode 100644 poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch create mode 100644 poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch delete mode 100644 poky/meta/recipes-core/ell/ell_0.22.bb create mode 100644 poky/meta/recipes-core/ell/ell_0.26.bb create mode 100644 poky/meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch create mode 100644 poky/meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch create mode 100644 poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17450.patch create mode 100644 poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17451.patch delete mode 100644 poky/meta/recipes-devtools/bison/bison_3.4.1.bb create mode 100644 poky/meta/recipes-devtools/bison/bison_3.4.2.bb delete mode 100644 poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.2.2.bb create mode 100644 poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb delete mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb create mode 100644 poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb delete mode 100644 poky/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch create mode 100644 poky/meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch delete mode 100644 poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1/0001-Do-not-generate-gtkdoc-or-python-bindings.patch create mode 100644 poky/meta/recipes-devtools/meson/meson/dbc9e971bd320f3df15c1ee74f54858e6792b183.patch delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/aarch64/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/arm/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/armeb/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/powerpc/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/powerpc64/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/riscv64/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/x86-64/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/x86/config.h delete mode 100644 poky/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h delete mode 100644 poky/meta/recipes-devtools/python/python-native/debug.patch delete mode 100644 poky/meta/recipes-devtools/python/python-setuptools_41.2.0.bb create mode 100644 poky/meta/recipes-devtools/python/python-setuptools_41.4.0.bb create mode 100644 poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch create mode 100644 poky/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch delete mode 100644 poky/meta/recipes-devtools/python/python3-pip_19.2.3.bb create mode 100644 poky/meta/recipes-devtools/python/python3-pip_19.3.1.bb delete mode 100644 poky/meta/recipes-devtools/python/python3-setuptools_41.2.0.bb create mode 100644 poky/meta/recipes-devtools/python/python3-setuptools_41.4.0.bb create mode 100644 poky/meta/recipes-devtools/python/python3/0001-bpo-38243-xmlrpc.server-Escape-the-server_title-GH-1.patch create mode 100644 poky/meta/recipes-devtools/qemu/qemu/CVE-2019-12068.patch delete mode 100644 poky/meta/recipes-devtools/ruby/ruby/0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch create mode 100644 poky/meta/recipes-devtools/ruby/ruby/0001-extmk-fix-cross-compilation-of-external-gems.patch create mode 100644 poky/meta/recipes-devtools/ruby/ruby/0003-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch delete mode 100644 poky/meta/recipes-devtools/ruby/ruby/extmk.patch delete mode 100644 poky/meta/recipes-devtools/ruby/ruby_2.5.5.bb create mode 100644 poky/meta/recipes-devtools/ruby/ruby_2.6.4.bb delete mode 100644 poky/meta/recipes-devtools/squashfs-tools/squashfs-tools/squashfs-tools-4.3-sysmacros.patch create mode 100644 poky/meta/recipes-devtools/unfs3/unfs3/0001-Add-listen-action-for-a-tcp-socket.patch create mode 100644 poky/meta/recipes-extended/ltp/ltp/0001-overcommit_memory-update-for-mm-fix-false-positive-O.patch delete mode 100644 poky/meta/recipes-extended/screen/screen/0001-configure.ac-fix-configure-failed-while-build-dir-ha.patch delete mode 100644 poky/meta/recipes-extended/screen/screen/Avoid-mis-identifying-systems-as-SVR4.patch delete mode 100644 poky/meta/recipes-extended/screen/screen/Provide-cross-compile-alternatives-for-AC_TRY_RUN.patch delete mode 100644 poky/meta/recipes-extended/screen/screen/Remove-redundant-compiler-sanity-checks.patch delete mode 100644 poky/meta/recipes-extended/screen/screen/Skip-host-file-system-checks-when-cross-compiling.patch delete mode 100644 poky/meta/recipes-extended/screen/screen_4.6.2.bb create mode 100644 poky/meta/recipes-extended/screen/screen_4.7.0.bb delete mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng/0001-bash-completion-remove-the-shebang-at-the-start.patch delete mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng_0.10.00.bb create mode 100644 poky/meta/recipes-extended/stress-ng/stress-ng_0.10.08.bb create mode 100644 poky/meta/recipes-extended/sudo/sudo/CVE-2019-14287-1.patch create mode 100644 poky/meta/recipes-extended/sudo/sudo/CVE-2019-14287-2.patch create mode 100644 poky/meta/recipes-extended/sysstat/sysstat/0001-Fix-232-Memory-corruption-bug-due-to-Integer-Overflo.patch delete mode 100644 poky/meta/recipes-gnome/gcr/gcr_3.28.1.bb create mode 100644 poky/meta/recipes-gnome/gcr/gcr_3.34.0.bb delete mode 100644 poky/meta/recipes-gnome/gnome/adwaita-icon-theme_3.32.0.bb create mode 100644 poky/meta/recipes-gnome/gnome/adwaita-icon-theme_3.34.0.bb delete mode 100644 poky/meta/recipes-gnome/gsettings-desktop-schemas/gsettings-desktop-schemas_3.32.0.bb create mode 100644 poky/meta/recipes-gnome/gsettings-desktop-schemas/gsettings-desktop-schemas_3.34.0.bb create mode 100644 poky/meta/recipes-graphics/libsdl2/libsdl2/0001-Fixed-bug-4538-validate-image-size-when-loading-BMP-.patch create mode 100644 poky/meta/recipes-graphics/libsdl2/libsdl2/0002-Fixed-bug-4797-SDL-fails-to-compile-with-Mesa-Master.patch delete mode 100644 poky/meta/recipes-graphics/xorg-lib/libx11.inc delete mode 100644 poky/meta/recipes-graphics/xorg-lib/libx11/no-host-libtool.patch delete mode 100644 poky/meta/recipes-graphics/xorg-lib/libx11/no-host-x.patch delete mode 100644 poky/meta/recipes-graphics/xorg-lib/libx11_1.6.8.bb create mode 100644 poky/meta/recipes-graphics/xorg-lib/libx11_1.6.9.bb delete mode 100644 poky/meta/recipes-graphics/xorg-lib/libxvmc_1.0.11.bb create mode 100644 poky/meta/recipes-graphics/xorg-lib/libxvmc_1.0.12.bb delete mode 100644 poky/meta/recipes-graphics/xorg-proto/xorgproto_2019.1.bb create mode 100644 poky/meta/recipes-graphics/xorg-proto/xorgproto_2019.2.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gst-examples_1.16.0.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gst-examples_git.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gst-validate_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gst-validate_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav/gtkdoc-no-tree.patch delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0001-scaletempo-Advertise-interleaved-layout-in-caps-temp.patch delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/headerfix.patch delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.16.1.bb delete mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.0.bb create mode 100644 poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.16.1.bb create mode 100644 poky/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch delete mode 100644 poky/meta/recipes-support/aspell/aspell_0.60.7.bb create mode 100644 poky/meta/recipes-support/aspell/aspell_0.60.8.bb create mode 100644 poky/meta/recipes-support/libcap-ng/libcap-ng-python_0.7.10.bb delete mode 100644 poky/meta/recipes-support/libcap-ng/libcap-ng-python_0.7.9.bb create mode 100644 poky/meta/recipes-support/libcap-ng/libcap-ng_0.7.10.bb delete mode 100644 poky/meta/recipes-support/libcap-ng/libcap-ng_0.7.9.bb delete mode 100644 poky/meta/recipes-support/libgcrypt/files/0001-Add-and-use-pkg-config-for-libgcrypt-instead-of-conf.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/0001-Prefetch-GCM-look-up-tables.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/0001-libgcrypt-fix-m4-file-for-oe-core.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/0002-AES-move-look-up-tables-to-.data-section-and-unshare.patch create mode 100644 poky/meta/recipes-support/libgcrypt/files/0003-GCM-move-look-up-table-to-.data-section-and-unshare-.patch delete mode 100644 poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.4.bb create mode 100644 poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.5.bb create mode 100644 poky/meta/recipes-support/libical/libical/0001-Use-our-hand-build-native-src-generator.patch create mode 100644 poky/meta/recipes-support/libxslt/files/CVE-2019-18197.patch delete mode 100644 poky/meta/recipes-support/nspr/nspr/0004-Add-ARC-support.patch delete mode 100644 poky/meta/recipes-support/nspr/nspr_4.21.bb create mode 100644 poky/meta/recipes-support/nspr/nspr_4.23.bb (limited to 'poky') diff --git a/poky/bitbake/bitbake/contrib/vim/bitbake.vim b/poky/bitbake/bitbake/contrib/vim/bitbake.vim new file mode 100644 index 000000000..ff86c19fa --- /dev/null +++ b/poky/bitbake/bitbake/contrib/vim/bitbake.vim @@ -0,0 +1,248 @@ +if exists("b:did_indent") + finish +endif + +runtime! indent/sh.vim +unlet b:did_indent + +setlocal indentexpr=BitbakeIndent(v:lnum) +setlocal autoindent nolisp + +function s:is_python_func_def(lnum) + let stack = synstack(a:lnum, 1) + if len(stack) == 0 + return 0 + endif + + let top = synIDattr(stack[0], "name") + echo top + + return synIDattr(stack[0], "name") == "bbPyFuncDef" +endfunction + +"""" begin modified from indent/python.vim, upstream commit 7a9bd7c1e0ce1baf5a02daf36eeae3638aa315c7 +"""" This copied code is licensed the same as Vim itself. +setlocal indentkeys+=<:>,=elif,=except + +let s:keepcpo= &cpo +set cpo&vim + +let s:maxoff = 50 " maximum number of lines to look backwards for () + +function GetPythonIndent(lnum) + + " If this line is explicitly joined: If the previous line was also joined, + " line it up with that one, otherwise add two 'shiftwidth' + if getline(a:lnum - 1) =~ '\\$' + if a:lnum > 1 && getline(a:lnum - 2) =~ '\\$' + return indent(a:lnum - 1) + endif + return indent(a:lnum - 1) + (exists("g:pyindent_continue") ? eval(g:pyindent_continue) : (shiftwidth() * 2)) + endif + + " If the start of the line is in a string don't change the indent. + if has('syntax_items') + \ && synIDattr(synID(a:lnum, 1, 1), "name") =~ "String$" + return -1 + endif + + " Search backwards for the previous non-empty line. + let plnum = prevnonblank(v:lnum - 1) + + if plnum == 0 + " This is the first non-empty line, use zero indent. + return 0 + endif + + call cursor(plnum, 1) + + " Identing inside parentheses can be very slow, regardless of the searchpair() + " timeout, so let the user disable this feature if he doesn't need it + let disable_parentheses_indenting = get(g:, "pyindent_disable_parentheses_indenting", 0) + + if disable_parentheses_indenting == 1 + let plindent = indent(plnum) + let plnumstart = plnum + else + " searchpair() can be slow sometimes, limit the time to 150 msec or what is + " put in g:pyindent_searchpair_timeout + let searchpair_stopline = 0 + let searchpair_timeout = get(g:, 'pyindent_searchpair_timeout', 150) + + " If the previous line is inside parenthesis, use the indent of the starting + " line. + " Trick: use the non-existing "dummy" variable to break out of the loop when + " going too far back. + let parlnum = searchpair('(\|{\|\[', '', ')\|}\|\]', 'nbW', + \ "line('.') < " . (plnum - s:maxoff) . " ? dummy :" + \ . " synIDattr(synID(line('.'), col('.'), 1), 'name')" + \ . " =~ '\\(Comment\\|Todo\\|String\\)$'", + \ searchpair_stopline, searchpair_timeout) + if parlnum > 0 + if s:is_python_func_def(parlnum) + let parlnum = 0 + let plindent = indent(plnum) + let plnumstart = plnum + else + let plindent = indent(parlnum) + let plnumstart = parlnum + endif + else + let plindent = indent(plnum) + let plnumstart = plnum + endif + + " When inside parenthesis: If at the first line below the parenthesis add + " two 'shiftwidth', otherwise same as previous line. + " i = (a + " + b + " + c) + call cursor(a:lnum, 1) + let p = searchpair('(\|{\|\[', '', ')\|}\|\]', 'bW', + \ "line('.') < " . (a:lnum - s:maxoff) . " ? dummy :" + \ . " synIDattr(synID(line('.'), col('.'), 1), 'name')" + \ . " =~ '\\(Comment\\|Todo\\|String\\)$'", + \ searchpair_stopline, searchpair_timeout) + if p > 0 + if s:is_python_func_def(p) + let p = 0 + else + if p == plnum + " When the start is inside parenthesis, only indent one 'shiftwidth'. + let pp = searchpair('(\|{\|\[', '', ')\|}\|\]', 'bW', + \ "line('.') < " . (a:lnum - s:maxoff) . " ? dummy :" + \ . " synIDattr(synID(line('.'), col('.'), 1), 'name')" + \ . " =~ '\\(Comment\\|Todo\\|String\\)$'", + \ searchpair_stopline, searchpair_timeout) + if pp > 0 + return indent(plnum) + (exists("g:pyindent_nested_paren") ? eval(g:pyindent_nested_paren) : shiftwidth()) + endif + return indent(plnum) + (exists("g:pyindent_open_paren") ? eval(g:pyindent_open_paren) : (shiftwidth() * 2)) + endif + if plnumstart == p + return indent(plnum) + endif + return plindent + endif + endif + + endif + + + " Get the line and remove a trailing comment. + " Use syntax highlighting attributes when possible. + let pline = getline(plnum) + let pline_len = strlen(pline) + if has('syntax_items') + " If the last character in the line is a comment, do a binary search for + " the start of the comment. synID() is slow, a linear search would take + " too long on a long line. + if synIDattr(synID(plnum, pline_len, 1), "name") =~ "\\(Comment\\|Todo\\)$" + let min = 1 + let max = pline_len + while min < max + let col = (min + max) / 2 + if synIDattr(synID(plnum, col, 1), "name") =~ "\\(Comment\\|Todo\\)$" + let max = col + else + let min = col + 1 + endif + endwhile + let pline = strpart(pline, 0, min - 1) + endif + else + let col = 0 + while col < pline_len + if pline[col] == '#' + let pline = strpart(pline, 0, col) + break + endif + let col = col + 1 + endwhile + endif + + " If the previous line ended with a colon, indent this line + if pline =~ ':\s*$' + return plindent + shiftwidth() + endif + + " If the previous line was a stop-execution statement... + if getline(plnum) =~ '^\s*\(break\|continue\|raise\|return\|pass\)\>' + " See if the user has already dedented + if indent(a:lnum) > indent(plnum) - shiftwidth() + " If not, recommend one dedent + return indent(plnum) - shiftwidth() + endif + " Otherwise, trust the user + return -1 + endif + + " If the current line begins with a keyword that lines up with "try" + if getline(a:lnum) =~ '^\s*\(except\|finally\)\>' + let lnum = a:lnum - 1 + while lnum >= 1 + if getline(lnum) =~ '^\s*\(try\|except\)\>' + let ind = indent(lnum) + if ind >= indent(a:lnum) + return -1 " indent is already less than this + endif + return ind " line up with previous try or except + endif + let lnum = lnum - 1 + endwhile + return -1 " no matching "try"! + endif + + " If the current line begins with a header keyword, dedent + if getline(a:lnum) =~ '^\s*\(elif\|else\)\>' + + " Unless the previous line was a one-liner + if getline(plnumstart) =~ '^\s*\(for\|if\|try\)\>' + return plindent + endif + + " Or the user has already dedented + if indent(a:lnum) <= plindent - shiftwidth() + return -1 + endif + + return plindent - shiftwidth() + endif + + " When after a () construct we probably want to go back to the start line. + " a = (b + " + c) + " here + if parlnum > 0 + return plindent + endif + + return -1 + +endfunction + +let &cpo = s:keepcpo +unlet s:keepcpo + +""" end of stuff from indent/python.vim + + +let b:did_indent = 1 + + +function BitbakeIndent(lnum) + let stack = synstack(a:lnum, col(".")) + if len(stack) == 0 + return -1 + endif + + let name = synIDattr(stack[0], "name") + + if index(["bbPyDefRegion", "bbPyFuncRegion"], name) != -1 + let ret = GetPythonIndent(a:lnum) + return ret + endif + + return -1 + "return s:pythonIndentExpr() +endfunction diff --git a/poky/bitbake/lib/bb/fetch2/git.py b/poky/bitbake/lib/bb/fetch2/git.py index 2d1d2cabd..fa41b078f 100644 --- a/poky/bitbake/lib/bb/fetch2/git.py +++ b/poky/bitbake/lib/bb/fetch2/git.py @@ -292,11 +292,21 @@ class Git(FetchMethod): def clonedir_need_update(self, ud, d): if not os.path.exists(ud.clonedir): return True + if ud.shallow and ud.write_shallow_tarballs and self.clonedir_need_shallow_revs(ud, d): + return True for name in ud.names: if not self._contains_ref(ud, d, name, ud.clonedir): return True return False + def clonedir_need_shallow_revs(self, ud, d): + for rev in ud.shallow_revs: + try: + runfetchcmd('%s rev-parse -q --verify %s' % (ud.basecmd, rev), d, quiet=True, workdir=ud.clonedir) + except bb.fetch2.FetchError: + return rev + return None + def shallow_tarball_need_update(self, ud): return ud.shallow and ud.write_shallow_tarballs and not os.path.exists(ud.fullshallow) @@ -339,13 +349,7 @@ class Git(FetchMethod): runfetchcmd(clone_cmd, d, log=progresshandler) # Update the checkout if needed - needupdate = False - for name in ud.names: - if not self._contains_ref(ud, d, name, ud.clonedir): - needupdate = True - break - - if needupdate: + if self.clonedir_need_update(ud, d): output = runfetchcmd("%s remote" % ud.basecmd, d, quiet=True, workdir=ud.clonedir) if "origin" in output: runfetchcmd("%s remote rm origin" % ud.basecmd, d, workdir=ud.clonedir) @@ -369,6 +373,11 @@ class Git(FetchMethod): if not self._contains_ref(ud, d, name, ud.clonedir): raise bb.fetch2.FetchError("Unable to find revision %s in branch %s even from upstream" % (ud.revisions[name], ud.branches[name])) + if ud.shallow and ud.write_shallow_tarballs: + missing_rev = self.clonedir_need_shallow_revs(ud, d) + if missing_rev: + raise bb.fetch2.FetchError("Unable to find revision %s even from upstream" % missing_rev) + def build_mirror_data(self, ud, d): if ud.shallow and ud.write_shallow_tarballs: if not os.path.exists(ud.fullshallow): diff --git a/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py b/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py index 2e84b913d..af64d3446 100644 --- a/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py +++ b/poky/bitbake/lib/bb/parse/parse_py/ConfHandler.py @@ -119,30 +119,30 @@ def handle(fn, data, include): oldfile = data.getVar('FILE', False) abs_fn = resolve_file(fn, data) - f = open(abs_fn, 'r') - - statements = ast.StatementGroup() - lineno = 0 - while True: - lineno = lineno + 1 - s = f.readline() - if not s: - break - w = s.strip() - # skip empty lines - if not w: - continue - s = s.rstrip() - while s[-1] == '\\': - s2 = f.readline().rstrip() + with open(abs_fn, 'r') as f: + + statements = ast.StatementGroup() + lineno = 0 + while True: lineno = lineno + 1 - if (not s2 or s2 and s2[0] != "#") and s[0] == "#" : - bb.fatal("There is a confusing multiline, partially commented expression on line %s of file %s (%s).\nPlease clarify whether this is all a comment or should be parsed." % (lineno, fn, s)) - s = s[:-1] + s2 - # skip comments - if s[0] == '#': - continue - feeder(lineno, s, abs_fn, statements) + s = f.readline() + if not s: + break + w = s.strip() + # skip empty lines + if not w: + continue + s = s.rstrip() + while s[-1] == '\\': + s2 = f.readline().rstrip() + lineno = lineno + 1 + if (not s2 or s2 and s2[0] != "#") and s[0] == "#" : + bb.fatal("There is a confusing multiline, partially commented expression on line %s of file %s (%s).\nPlease clarify whether this is all a comment or should be parsed." % (lineno, fn, s)) + s = s[:-1] + s2 + # skip comments + if s[0] == '#': + continue + feeder(lineno, s, abs_fn, statements) # DONE WITH PARSING... time to evaluate data.setVar('FILE', abs_fn) diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py index a0b656b61..83fad3ff0 100644 --- a/poky/bitbake/lib/bb/tests/fetch.py +++ b/poky/bitbake/lib/bb/tests/fetch.py @@ -1863,6 +1863,26 @@ class GitShallowTest(FetcherTest): with self.assertRaises(bb.fetch2.FetchError): self.fetch() + def test_shallow_fetch_missing_revs(self): + self.add_empty_file('a') + self.add_empty_file('b') + fetcher, ud = self.fetch(self.d.getVar('SRC_URI')) + self.git('tag v0.0 master', cwd=self.srcdir) + self.d.setVar('BB_GIT_SHALLOW_DEPTH', '0') + self.d.setVar('BB_GIT_SHALLOW_REVS', 'v0.0') + self.fetch_shallow() + + def test_shallow_fetch_missing_revs_fails(self): + self.add_empty_file('a') + self.add_empty_file('b') + fetcher, ud = self.fetch(self.d.getVar('SRC_URI')) + self.d.setVar('BB_GIT_SHALLOW_DEPTH', '0') + self.d.setVar('BB_GIT_SHALLOW_REVS', 'v0.0') + + with self.assertRaises(bb.fetch2.FetchError), self.assertLogs("BitBake.Fetcher", level="ERROR") as cm: + self.fetch_shallow() + self.assertIn("Unable to find revision v0.0 even from upstream", cm.output[0]) + @skipIfNoNetwork() def test_bitbake(self): self.git('remote add --mirror=fetch origin git://github.com/openembedded/bitbake', cwd=self.srcdir) diff --git a/poky/bitbake/lib/prserv/serv.py b/poky/bitbake/lib/prserv/serv.py index be3acec36..2bc68904f 100644 --- a/poky/bitbake/lib/prserv/serv.py +++ b/poky/bitbake/lib/prserv/serv.py @@ -379,9 +379,8 @@ def stop_daemon(host, port): ip = socket.gethostbyname(host) pidfile = PIDPREFIX % (ip, port) try: - pf = open(pidfile,'r') - pid = int(pf.readline().strip()) - pf.close() + with open(pidfile) as pf: + pid = int(pf.readline().strip()) except IOError: pid = None diff --git a/poky/documentation/bsp-guide/bsp-guide.xml b/poky/documentation/bsp-guide/bsp-guide.xml index addb42118..dd0c76add 100644 --- a/poky/documentation/bsp-guide/bsp-guide.xml +++ b/poky/documentation/bsp-guide/bsp-guide.xml @@ -132,9 +132,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/dev-manual/dev-manual-common-tasks.xml b/poky/documentation/dev-manual/dev-manual-common-tasks.xml index f72f81f55..00741ee45 100644 --- a/poky/documentation/dev-manual/dev-manual-common-tasks.xml +++ b/poky/documentation/dev-manual/dev-manual-common-tasks.xml @@ -2349,7 +2349,7 @@ Most software provides some means of setting build-time configuration options before compilation. Typically, setting these options is accomplished by running a - configure script with some options, or by modifying a build + configure script with options, or by modifying a build configuration file. As of Yocto Project Release 1.7, some of the core recipes @@ -2389,6 +2389,7 @@ software is built using Autotools. If this is the case, you just need to worry about modifying the configuration. + When using Autotools, your recipe needs to inherit the autotools @@ -2401,13 +2402,15 @@ or PACKAGECONFIG_CONFARGS to pass any needed configure options that are specific - to the recipe. + to the recipe. + CMake: If your source files have a CMakeLists.txt file, then your software is built using CMake. If this is the case, you just need to worry about modifying the configuration. + When you use CMake, your recipe needs to inherit the cmake @@ -2417,7 +2420,16 @@ You can make some adjustments by setting EXTRA_OECMAKE to pass any needed configure options that are specific - to the recipe. + to the recipe. + + If you need to install one or more custom CMake + toolchain files that are supplied by the + application you are building, install the files to + ${D}${datadir}/cmake/ Modules + during + do_install. + + Other: If your source files do not have a configure.ac or @@ -2780,6 +2792,14 @@ PARALLEL_MAKEINST for additional information. + + If you need to install one or more custom CMake + toolchain files that are supplied by the + application you are building, install the files to + ${D}${datadir}/cmake/ Modules + during + do_install. + @@ -5420,12 +5440,16 @@ BBMULTICONFIG = "x86 arm" - - - Please note, that a "default" configuration already exists by definition, - this configuration is named: "" (empty string) and is defined by the variables - coming from your local.conf file. So, the previous example actually adds two - additional configurations to your build "arm" and "x86" along with "". + + A "default" configuration already exists by + definition. + This configuration is named: "" (i.e. empty + string) and is defined by the variables coming + from your local.conf file. + Consequently, the previous example actually + adds two additional configurations to your + build: "arm" and "x86" along with "". + Launch BitBake: @@ -5445,9 +5469,10 @@ x86.conf configuration file, a core-image-sato image that is configured through the - arm.conf configuration file and a - core-image-base that is configured - through your local.conf configuration file. + arm.conf configuration file + and a core-image-base that is + configured through your + local.conf configuration file. @@ -10819,6 +10844,47 @@ features that are used by many distributions. + + By default, the Yocto Project uses SysVinit as the initialization + manager. + However, support also exists for systemd, + which is a full replacement for init with + parallel starting of services, reduced shell overhead and other + features that are used by many distributions. + + + + Within the system, SysVinit treats system components as services. + These services are maintained as shell scripts stored in the + /etc/init.d/ directory. + Services organize into different run levels. + This organization is maintained by putting links to the services + in the /etc/rcN.d/ directories, where + N/ is one of the following options: + "S", "0", "1", "2", "3", "4", "5", or "6". + + Each runlevel has a dependency on the previous runlevel. + This dependency allows the services to work properly. + + + + + In comparison, systemd treats components as units. + Using units is a broader concept as compared to using a service. + A unit includes several different types of entities. + Service is one of the types of entities. + The runlevel concept in SysVinit corresponds to the concept of a + target in systemd, where target is also a type of supported unit. + + + + In a SysVinit-based system, services load sequentially (i.e. one + by one) during and parallelization is not supported. + With systemd, services start in parallel. + Needless to say, the method can have an impact on system startup + performance. + + If you want to use SysVinit, you do not have to do anything. diff --git a/poky/documentation/dev-manual/dev-manual.xml b/poky/documentation/dev-manual/dev-manual.xml index 42deff102..04fa1e4f9 100644 --- a/poky/documentation/dev-manual/dev-manual.xml +++ b/poky/documentation/dev-manual/dev-manual.xml @@ -117,9 +117,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/kernel-dev/kernel-dev.xml b/poky/documentation/kernel-dev/kernel-dev.xml index c43330a31..4c5881b07 100644 --- a/poky/documentation/kernel-dev/kernel-dev.xml +++ b/poky/documentation/kernel-dev/kernel-dev.xml @@ -102,9 +102,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/mega-manual/mega-manual.xml b/poky/documentation/mega-manual/mega-manual.xml index b66b9334f..eac5ea7be 100644 --- a/poky/documentation/mega-manual/mega-manual.xml +++ b/poky/documentation/mega-manual/mega-manual.xml @@ -88,9 +88,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/overview-manual/overview-manual.xml b/poky/documentation/overview-manual/overview-manual.xml index 728cad57f..c7716e460 100644 --- a/poky/documentation/overview-manual/overview-manual.xml +++ b/poky/documentation/overview-manual/overview-manual.xml @@ -47,9 +47,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/poky.ent b/poky/documentation/poky.ent index 192b9418f..7af47df72 100644 --- a/poky/documentation/poky.ent +++ b/poky/documentation/poky.ent @@ -1,14 +1,14 @@ - - + + - + - + - + diff --git a/poky/documentation/profile-manual/profile-manual.xml b/poky/documentation/profile-manual/profile-manual.xml index c6e8baf02..c1f461f43 100644 --- a/poky/documentation/profile-manual/profile-manual.xml +++ b/poky/documentation/profile-manual/profile-manual.xml @@ -102,9 +102,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/ref-manual/migration.xml b/poky/documentation/ref-manual/migration.xml index ade8787b4..aa4495789 100644 --- a/poky/documentation/ref-manual/migration.xml +++ b/poky/documentation/ref-manual/migration.xml @@ -2103,10 +2103,9 @@ - Additionally, a - bluetooth - class has been added to make selection of the appropriate bluetooth - support within a recipe a little easier. + Additionally, a bluetooth class has been added + to make selection of the appropriate bluetooth support within a + recipe a little easier. If you wish to make use of this class in a recipe, add something such as the following: @@ -6597,6 +6596,104 @@ id=f4d4f99cfbc2396e49c1613a7d237b9e57f06f81'>commit message. + + + + + + + + + +
+ Moving to the Yocto Project 3.0 Release + + + This section provides migration information for moving to the + Yocto Project 3.0 Release from the prior release. + + +
+ LSB Support Removed + + + LSB support has been removed. + +
+ +
+ <filename>poky-lsb</filename> Replaced + + + poky-lsb replaced by + poky-altcfg for alternate configurations to + be tested on the autobuilder. + As well as an example of subclassing a distro config. + +
+ +
+ OpenSSL 1.0.X removed + + + OpenSSL 1.0.X removed. + +
+ +
+ Hash Equivalence Added + + + Hash Equivalence added. + See + for setup information. + +
+ +
+ <filename>gcc/glibc/binutls</filename> GNU Tests Added + + + gcc/glibc/binutls GNU tests added. + +
+ +
+ Removed Recipes + + + Some topic... + +
+ +
+ Removed Classes + + + Some topic... + +
+ +
+ Miscellaneous Changes + + + Some topic... + +
+
+ + + + + + + + + + + + - Specifies each additional separate configuration when you are - building targets with multiple configurations. + Specifies each additional separate configuration when you + are building targets with multiple configurations. Use this variable in your conf/local.conf configuration file. Specify a multiconfigname for @@ -2182,9 +2182,10 @@ The BUSYBOX_SPLIT_SUID variable - defaults to "1", which results in a single output + defaults to "1", which results in splitting the output executable file. - Set the variable to "0" to split the output file. + Set the variable to "0" to get a single output executable + file. diff --git a/poky/documentation/sdk-manual/sdk-manual.xml b/poky/documentation/sdk-manual/sdk-manual.xml index 7edd2c46a..8d5f6ec4d 100644 --- a/poky/documentation/sdk-manual/sdk-manual.xml +++ b/poky/documentation/sdk-manual/sdk-manual.xml @@ -67,9 +67,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/toaster-manual/toaster-manual.xml b/poky/documentation/toaster-manual/toaster-manual.xml index b31659ffb..d7b4bcee6 100644 --- a/poky/documentation/toaster-manual/toaster-manual.xml +++ b/poky/documentation/toaster-manual/toaster-manual.xml @@ -77,9 +77,9 @@ Released with the Yocto Project 2.7 Release. - 2.8 + 3.0 &REL_MONTH_YEAR; - Released with the Yocto Project 2.8 Release. + Released with the Yocto Project 3.0 Release. diff --git a/poky/documentation/tools/mega-manual.sed b/poky/documentation/tools/mega-manual.sed index 9c4f4e2ed..374d8e7b0 100644 --- a/poky/documentation/tools/mega-manual.sed +++ b/poky/documentation/tools/mega-manual.sed @@ -1,36 +1,36 @@ # Processes bitbake-user-manual (-- style). # This style is for manual three-word folders, which currently is only the BitBake User Manual. # We used to have the "yocto-project-qs" and "poky-ref-manual" folders but no longer do. -# s@"ulink" href="http://www.yoctoproject.org/docs/2.8/[a-z]*-[a-z]*-[a-z]*/[a-z]*-[a-z]*-[a-z]*.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/bitbake-user-manual/bitbake-user-manual.html#@"link" href="#@g +# s@"ulink" href="http://www.yoctoproject.org/docs/3.0/[a-z]*-[a-z]*-[a-z]*/[a-z]*-[a-z]*-[a-z]*.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/bitbake-user-manual/bitbake-user-manual.html#@"link" href="#@g # Processes all other manuals (- style). # This style is for manual folders that use two word, which is the standard now (e.g. "ref-manual"). # Here is the one-liner: -# s@"ulink" href="http://www.yoctoproject.org/docs/2.8/[a-z]*-[a-z]*/[a-z]*-[a-z]*.html#@"link" href="#@g +# s@"ulink" href="http://www.yoctoproject.org/docs/3.0/[a-z]*-[a-z]*/[a-z]*-[a-z]*.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/sdk-manual/sdk-manual.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/bsp-guide/bsp-guide.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/dev-manual/dev-manual.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/overview-manual/overview-manual.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/brief-yoctoprojectqs/brief-yoctoprojectqs.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/kernel-dev/kernel-dev.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/profile-manual/profile-manual.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/ref-manual/ref-manual.html#@"link" href="#@g -s@"ulink" href="http://www.yoctoproject.org/docs/2.8/toaster-manual/toaster-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/sdk-manual/sdk-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/bsp-guide/bsp-guide.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/dev-manual/dev-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/overview-manual/overview-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/brief-yoctoprojectqs/brief-yoctoprojectqs.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/kernel-dev/kernel-dev.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/profile-manual/profile-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/ref-manual/ref-manual.html#@"link" href="#@g +s@"ulink" href="http://www.yoctoproject.org/docs/3.0/toaster-manual/toaster-manual.html#@"link" href="#@g # Process cases where just an external manual is referenced without an id anchor -s@Yocto Project Quick Build@Yocto Project Quick Build@g -s@BitBake User Manual@BitBake User Manual@g -s@Yocto Project Development Tasks Manual@Yocto Project Development Tasks Manual@g -s@Yocto Project Overview and Concepts Manual@Yocto project Overview and Concepts Manual@g -s@Yocto Project Application Development and the Extensible Software Development Kit (eSDK)@Yocto Project Application Development and the Extensible Software Development Kit (eSDK)@g -s@Yocto Project Board Support Package (BSP) Developer's Guide@Yocto Project Board Support Package (BSP) Developer's Guide@g -s@Yocto Project Profiling and Tracing Manual@Yocto Project Profiling and Tracing Manual@g -s@Yocto Project Linux Kernel Development Manual@Yocto Project Linux Kernel Development Manual@g -s@Yocto Project Reference Manual@Yocto Project Reference Manual@g -s@Toaster User Manual@Toaster User Manual@g +s@Yocto Project Quick Build@Yocto Project Quick Build@g +s@BitBake User Manual@BitBake User Manual@g +s@Yocto Project Development Tasks Manual@Yocto Project Development Tasks Manual@g +s@Yocto Project Overview and Concepts Manual@Yocto project Overview and Concepts Manual@g +s@Yocto Project Application Development and the Extensible Software Development Kit (eSDK)@Yocto Project Application Development and the Extensible Software Development Kit (eSDK)@g +s@Yocto Project Board Support Package (BSP) Developer's Guide@Yocto Project Board Support Package (BSP) Developer's Guide@g +s@Yocto Project Profiling and Tracing Manual@Yocto Project Profiling and Tracing Manual@g +s@Yocto Project Linux Kernel Development Manual@Yocto Project Linux Kernel Development Manual@g +s@Yocto Project Reference Manual@Yocto Project Reference Manual@g +s@Toaster User Manual@Toaster User Manual@g # Process a single, rouge occurrence of a linked reference to the Mega-Manual. -s@Yocto Project Mega-Manual@Yocto Project Mega-Manual@g +s@Yocto Project Mega-Manual@Yocto Project Mega-Manual@g diff --git a/poky/meta-selftest/lib/oeqa/runtime/cases/virgl.py b/poky/meta-selftest/lib/oeqa/runtime/cases/virgl.py index d301a19fa..c0abfd1b1 100644 --- a/poky/meta-selftest/lib/oeqa/runtime/cases/virgl.py +++ b/poky/meta-selftest/lib/oeqa/runtime/cases/virgl.py @@ -13,11 +13,6 @@ class VirglTest(OERuntimeTestCase): @OETestDepends(['virgl.VirglTest.test_kernel_driver']) def test_kmscube(self): - - distro = oe.lsb.distro_identifier() - if distro and distro == 'centos-7': - self.skipTest('kmscube is not working when centos 7 is the host OS') - status, output = self.target.run('kmscube', timeout=30) self.assertEqual(status, 0, "kmscube exited with non-zero status %d and output:\n%s" %(status, output)) self.assertIn('renderer: "virgl"', output, "kmscube does not seem to use virgl:\n%s" %(output)) diff --git a/poky/meta-selftest/recipes-test/aspell/aspell_0.60.7.bbappend b/poky/meta-selftest/recipes-test/aspell/aspell_0.60.7.bbappend deleted file mode 100644 index 205720982..000000000 --- a/poky/meta-selftest/recipes-test/aspell/aspell_0.60.7.bbappend +++ /dev/null @@ -1,2 +0,0 @@ -# This bbappend is used to alter the recipe using the test_recipe.inc file created by tests. -include test_recipe.inc diff --git a/poky/meta-selftest/recipes-test/aspell/aspell_0.60.8.bbappend b/poky/meta-selftest/recipes-test/aspell/aspell_0.60.8.bbappend new file mode 100644 index 000000000..205720982 --- /dev/null +++ b/poky/meta-selftest/recipes-test/aspell/aspell_0.60.8.bbappend @@ -0,0 +1,2 @@ +# This bbappend is used to alter the recipe using the test_recipe.inc file created by tests. +include test_recipe.inc diff --git a/poky/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb b/poky/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb index 7c20d9a68..0cd0494da 100644 --- a/poky/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb +++ b/poky/meta-selftest/recipes-test/recipeutils/recipeutils-test_1.2.bb @@ -4,7 +4,7 @@ require recipeutils-test.inc LICENSE = "Proprietary" LIC_FILES_CHKSUM = "file://${WORKDIR}/somefile;md5=d41d8cd98f00b204e9800998ecf8427e" -DEPENDS += "virtual/libx11" +DEPENDS += "zlib" BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/classes/base.bbclass b/poky/meta/classes/base.bbclass index d3184ecf7..1cea3a221 100644 --- a/poky/meta/classes/base.bbclass +++ b/poky/meta/classes/base.bbclass @@ -482,6 +482,7 @@ python () { # If we're building a target package we need to use fakeroot (pseudo) # in order to capture permissions, owners, groups and special files if not bb.data.inherits_class('native', d) and not bb.data.inherits_class('cross', d): + d.appendVarFlag('do_prepare_recipe_sysroot', 'depends', ' virtual/fakeroot-native:do_populate_sysroot') d.setVarFlag('do_unpack', 'umask', '022') d.setVarFlag('do_configure', 'umask', '022') d.setVarFlag('do_compile', 'umask', '022') diff --git a/poky/meta/classes/cmake.bbclass b/poky/meta/classes/cmake.bbclass index 2b317c832..291f1e8d4 100644 --- a/poky/meta/classes/cmake.bbclass +++ b/poky/meta/classes/cmake.bbclass @@ -106,11 +106,12 @@ set( CMAKE_CXX_LINK_FLAGS "${OECMAKE_CXX_LINK_FLAGS}" CACHE STRING "LDFLAGS" ) # only search in the paths provided so cmake doesnt pick # up libraries and tools from the native build machine -set( CMAKE_FIND_ROOT_PATH ${STAGING_DIR_HOST} ${STAGING_DIR_NATIVE} ${CROSS_DIR} ${OECMAKE_PERLNATIVE_DIR} ${OECMAKE_EXTRA_ROOT_PATH} ${EXTERNAL_TOOLCHAIN}) +set( CMAKE_FIND_ROOT_PATH ${STAGING_DIR_HOST} ${STAGING_DIR_NATIVE} ${CROSS_DIR} ${OECMAKE_PERLNATIVE_DIR} ${OECMAKE_EXTRA_ROOT_PATH} ${EXTERNAL_TOOLCHAIN} ${HOSTTOOLS_DIR}) set( CMAKE_FIND_ROOT_PATH_MODE_PACKAGE ONLY ) set( CMAKE_FIND_ROOT_PATH_MODE_PROGRAM ${OECMAKE_FIND_ROOT_PATH_MODE_PROGRAM} ) set( CMAKE_FIND_ROOT_PATH_MODE_LIBRARY ONLY ) set( CMAKE_FIND_ROOT_PATH_MODE_INCLUDE ONLY ) +set( CMAKE_PROGRAM_PATH "/" ) # Use qt.conf settings set( ENV{QT_CONF_PATH} ${WORKDIR}/qt.conf ) diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index c00d2910b..1c8b2223a 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -208,19 +208,21 @@ def check_cves(d, patched_cves): if cve in cve_whitelist: bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) + # TODO: this should be in the report as 'whitelisted' + patched_cves.add(cve) elif cve in patched_cves: bb.note("%s has been patched" % (cve)) else: to_append = False if (operator_start == '=' and pv == version_start): - cves_unpatched.append(cve) + to_append = True else: if operator_start: try: to_append_start = (operator_start == '>=' and LooseVersion(pv) >= LooseVersion(version_start)) to_append_start |= (operator_start == '>' and LooseVersion(pv) > LooseVersion(version_start)) except: - bb.note("%s: Failed to compare %s %s %s for %s" % + bb.warn("%s: Failed to compare %s %s %s for %s" % (product, pv, operator_start, version_start, cve)) to_append_start = False else: @@ -231,7 +233,7 @@ def check_cves(d, patched_cves): to_append_end = (operator_end == '<=' and LooseVersion(pv) <= LooseVersion(version_end)) to_append_end |= (operator_end == '<' and LooseVersion(pv) < LooseVersion(version_end)) except: - bb.note("%s: Failed to compare %s %s %s for %s" % + bb.warn("%s: Failed to compare %s %s %s for %s" % (product, pv, operator_end, version_end, cve)) to_append_end = False else: @@ -243,8 +245,11 @@ def check_cves(d, patched_cves): to_append = to_append_start or to_append_end if to_append: + bb.note("%s-%s is vulnerable to %s" % (product, pv, cve)) cves_unpatched.append(cve) - bb.debug(2, "%s-%s is not patched for %s" % (product, pv, cve)) + else: + bb.note("%s-%s is not vulnerable to %s" % (product, pv, cve)) + patched_cves.add(cve) conn.close() return (list(patched_cves), cves_unpatched) diff --git a/poky/meta/classes/devtool-source.bbclass b/poky/meta/classes/devtool-source.bbclass index a8110006f..280d6009f 100644 --- a/poky/meta/classes/devtool-source.bbclass +++ b/poky/meta/classes/devtool-source.bbclass @@ -97,17 +97,15 @@ python devtool_post_unpack() { local_files = oe.recipeutils.get_recipe_local_files(d) if is_kernel_yocto: - for key in local_files.copy(): - if key.endswith('scc'): - sccfile = open(local_files[key], 'r') + for key in [f for f in local_files if f.endswith('scc')]: + with open(local_files[key], 'r') as sccfile: for l in sccfile: line = l.split() if line and line[0] in ('kconf', 'patch'): cfg = os.path.join(os.path.dirname(local_files[key]), line[-1]) - if not cfg in local_files.values(): + if cfg not in local_files.values(): local_files[line[-1]] = cfg shutil.copy2(cfg, workdir) - sccfile.close() # Ignore local files with subdir={BP} srcabspath = os.path.abspath(srcsubdir) diff --git a/poky/meta/classes/icecc.bbclass b/poky/meta/classes/icecc.bbclass index 4376aa37d..bc3d6f4cc 100644 --- a/poky/meta/classes/icecc.bbclass +++ b/poky/meta/classes/icecc.bbclass @@ -356,17 +356,6 @@ set_icecc_env() { return fi - # Create symlinks to icecc in the recipe-sysroot directory - mkdir -p ${ICE_PATH} - if [ -n "${KERNEL_CC}" ]; then - compilers="${@get_cross_kernel_cc(bb,d)}" - else - compilers="${HOST_PREFIX}gcc ${HOST_PREFIX}g++" - fi - for compiler in $compilers; do - ln -sf ${ICECC_BIN} ${ICE_PATH}/$compiler - done - ICECC_CC="${@icecc_get_and_check_tool(bb, d, "gcc")}" ICECC_CXX="${@icecc_get_and_check_tool(bb, d, "g++")}" # cannot use icecc_get_and_check_tool here because it assumes as without target_sys prefix @@ -385,6 +374,26 @@ set_icecc_env() { return fi + # Create symlinks to icecc and wrapper-scripts in the recipe-sysroot directory + mkdir -p $ICE_PATH/symlinks + if [ -n "${KERNEL_CC}" ]; then + compilers="${@get_cross_kernel_cc(bb,d)}" + else + compilers="${HOST_PREFIX}gcc ${HOST_PREFIX}g++" + fi + for compiler in $compilers; do + ln -sf $ICECC_BIN $ICE_PATH/symlinks/$compiler + rm -f $ICE_PATH/$compiler + cat <<-__EOF__ > $ICE_PATH/$compiler + #!/bin/sh -e + export ICECC_VERSION=$ICECC_VERSION + export ICECC_CC=$ICECC_CC + export ICECC_CXX=$ICECC_CXX + $ICE_PATH/symlinks/$compiler "\$@" + __EOF__ + chmod 775 $ICE_PATH/$compiler + done + ICECC_AS="`${ICECC_CC} -print-prog-name=as`" # for target recipes should return something like: # /OE/tmp-eglibc/sysroots/x86_64-linux/usr/libexec/arm920tt-oe-linux-gnueabi/gcc/arm-oe-linux-gnueabi/4.8.2/as @@ -417,7 +426,6 @@ set_icecc_env() { export CCACHE_PATH="$PATH" export CCACHE_DISABLE="1" - export ICECC_VERSION ICECC_CC ICECC_CXX export PATH="$ICE_PATH:$PATH" bbnote "Using icecc path: $ICE_PATH" diff --git a/poky/meta/classes/image.bbclass b/poky/meta/classes/image.bbclass index f4633da3d..c2824395c 100644 --- a/poky/meta/classes/image.bbclass +++ b/poky/meta/classes/image.bbclass @@ -124,7 +124,7 @@ python () { def rootfs_variables(d): from oe.rootfs import variable_depends variables = ['IMAGE_DEVICE_TABLE','IMAGE_DEVICE_TABLES','BUILD_IMAGES_FROM_FEEDS','IMAGE_TYPES_MASKED','IMAGE_ROOTFS_ALIGNMENT','IMAGE_OVERHEAD_FACTOR','IMAGE_ROOTFS_SIZE','IMAGE_ROOTFS_EXTRA_SPACE', - 'IMAGE_ROOTFS_MAXSIZE','IMAGE_NAME','IMAGE_LINK_NAME','IMAGE_MANIFEST','DEPLOY_DIR_IMAGE','IMAGE_FSTYPES','IMAGE_INSTALL_COMPLEMENTARY','IMAGE_LINGUAS', + 'IMAGE_ROOTFS_MAXSIZE','IMAGE_NAME','IMAGE_LINK_NAME','IMAGE_MANIFEST','DEPLOY_DIR_IMAGE','IMAGE_FSTYPES','IMAGE_INSTALL_COMPLEMENTARY','IMAGE_LINGUAS', 'IMAGE_LINGUAS_COMPLEMENTARY', 'MULTILIBRE_ALLOW_REP','MULTILIB_TEMP_ROOTFS','MULTILIB_VARIANTS','MULTILIBS','ALL_MULTILIB_PACKAGE_ARCHS','MULTILIB_GLOBAL_VARIANTS','BAD_RECOMMENDATIONS','NO_RECOMMENDATIONS', 'PACKAGE_ARCHS','PACKAGE_CLASSES','TARGET_VENDOR','TARGET_ARCH','TARGET_OS','OVERRIDES','BBEXTENDVARIANT','FEED_DEPLOYDIR_BASE_URI','INTERCEPT_DIR','USE_DEVFS', 'CONVERSIONTYPES', 'IMAGE_GEN_DEBUGFS', 'ROOTFS_RO_UNNEEDED', 'IMGDEPLOYDIR', 'PACKAGE_EXCLUDE_COMPLEMENTARY', 'REPRODUCIBLE_TIMESTAMP_ROOTFS', 'IMAGE_INSTALL_DEBUGFS'] diff --git a/poky/meta/classes/kernel-devicetree.bbclass b/poky/meta/classes/kernel-devicetree.bbclass index 8a81c850f..522c46575 100644 --- a/poky/meta/classes/kernel-devicetree.bbclass +++ b/poky/meta/classes/kernel-devicetree.bbclass @@ -71,23 +71,23 @@ do_deploy_append() { dtb=`normalize_dtb "$dtbf"` dtb_ext=${dtb##*.} dtb_base_name=`basename $dtb .$dtb_ext` - install -d ${DEPLOYDIR} - install -m 0644 ${D}/${KERNEL_IMAGEDEST}/$dtb_base_name.$dtb_ext ${DEPLOYDIR}/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext - ln -sf $dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext ${DEPLOYDIR}/$dtb_base_name.$dtb_ext - ln -sf $dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext ${DEPLOYDIR}/$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext + install -d $deployDir + install -m 0644 ${D}/${KERNEL_IMAGEDEST}/$dtb_base_name.$dtb_ext $deployDir/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext + ln -sf $dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext $deployDir/$dtb_base_name.$dtb_ext + ln -sf $dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext $deployDir/$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext for type in ${KERNEL_IMAGETYPE_FOR_MAKE}; do if [ "$type" = "zImage" ] && [ "${KERNEL_DEVICETREE_BUNDLE}" = "1" ]; then cat ${D}/${KERNEL_IMAGEDEST}/$type \ - ${DEPLOYDIR}/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext \ - > ${DEPLOYDIR}/$type-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin + $deployDir/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext \ + > $deployDir/$type-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin ln -sf $type-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin \ - ${DEPLOYDIR}/$type-$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext.bin + $deployDir/$type-$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext.bin if [ -e "${KERNEL_OUTPUT_DIR}/${type}.initramfs" ]; then cat ${KERNEL_OUTPUT_DIR}/${type}.initramfs \ - ${DEPLOYDIR}/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext \ - > ${DEPLOYDIR}/${type}-${INITRAMFS_NAME}-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin + $deployDir/$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext \ + > $deployDir/${type}-${INITRAMFS_NAME}-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin ln -sf ${type}-${INITRAMFS_NAME}-$dtb_base_name-${KERNEL_DTB_NAME}.$dtb_ext.bin \ - ${DEPLOYDIR}/${type}-${INITRAMFS_NAME}-$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext.bin + $deployDir/${type}-${INITRAMFS_NAME}-$dtb_base_name-${KERNEL_DTB_LINK_NAME}.$dtb_ext.bin fi fi done diff --git a/poky/meta/classes/kernel-fitimage.bbclass b/poky/meta/classes/kernel-fitimage.bbclass index 1bcb09c59..ec18a3d69 100644 --- a/poky/meta/classes/kernel-fitimage.bbclass +++ b/poky/meta/classes/kernel-fitimage.bbclass @@ -53,6 +53,9 @@ UBOOT_MKIMAGE_DTCOPTS ??= "" # fitImage Hash Algo FIT_HASH_ALG ?= "sha256" +# fitImage Signature Algo +FIT_SIGN_ALG ?= "rsa2048" + # # Emit the fitImage ITS header # @@ -246,6 +249,7 @@ EOF fitimage_emit_section_config() { conf_csum="${FIT_HASH_ALG}" + conf_sign_algo="${FIT_SIGN_ALG}" if [ -n "${UBOOT_SIGN_ENABLE}" ] ; then conf_sign_keyname="${UBOOT_SIGN_KEYNAME}" fi @@ -327,7 +331,7 @@ EOF cat << EOF >> ${1} signature@1 { - algo = "${conf_csum},rsa2048"; + algo = "${conf_csum},${conf_sign_algo}"; key-name-hint = "${conf_sign_keyname}"; ${sign_line} }; @@ -500,27 +504,27 @@ kernel_do_deploy_append() { # Update deploy directory if echo ${KERNEL_IMAGETYPES} | grep -wq "fitImage"; then echo "Copying fit-image.its source file..." - install -m 0644 ${B}/fit-image.its ${DEPLOYDIR}/fitImage-its-${KERNEL_FIT_NAME}.its - ln -snf fitImage-its-${KERNEL_FIT_NAME}.its ${DEPLOYDIR}/fitImage-its-${KERNEL_FIT_LINK_NAME} + install -m 0644 ${B}/fit-image.its "$deployDir/fitImage-its-${KERNEL_FIT_NAME}.its" + ln -snf fitImage-its-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${KERNEL_FIT_LINK_NAME}" echo "Copying linux.bin file..." - install -m 0644 ${B}/linux.bin ${DEPLOYDIR}/fitImage-linux.bin-${KERNEL_FIT_NAME}.bin - ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}.bin ${DEPLOYDIR}/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME} + install -m 0644 ${B}/linux.bin $deployDir/fitImage-linux.bin-${KERNEL_FIT_NAME}.bin + ln -snf fitImage-linux.bin-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-linux.bin-${KERNEL_FIT_LINK_NAME}" if [ -n "${INITRAMFS_IMAGE}" ]; then echo "Copying fit-image-${INITRAMFS_IMAGE}.its source file..." - install -m 0644 ${B}/fit-image-${INITRAMFS_IMAGE}.its ${DEPLOYDIR}/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its - ln -snf fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its ${DEPLOYDIR}/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME} + install -m 0644 ${B}/fit-image-${INITRAMFS_IMAGE}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its" + ln -snf fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.its "$deployDir/fitImage-its-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}" echo "Copying fitImage-${INITRAMFS_IMAGE} file..." - install -m 0644 ${B}/arch/${ARCH}/boot/fitImage-${INITRAMFS_IMAGE} ${DEPLOYDIR}/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin - ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin ${DEPLOYDIR}/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME} + install -m 0644 ${B}/arch/${ARCH}/boot/fitImage-${INITRAMFS_IMAGE} "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin" + ln -snf fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_NAME}.bin "$deployDir/fitImage-${INITRAMFS_IMAGE_NAME}-${KERNEL_FIT_LINK_NAME}" fi if [ "${UBOOT_SIGN_ENABLE}" = "1" -a -n "${UBOOT_DTB_BINARY}" ] ; then # UBOOT_DTB_IMAGE is a realfile, but we can't use # ${UBOOT_DTB_IMAGE} since it contains ${PV} which is aimed # for u-boot, but we are in kernel env now. - install -m 0644 ${B}/u-boot-${MACHINE}*.dtb ${DEPLOYDIR}/ + install -m 0644 ${B}/u-boot-${MACHINE}*.dtb "$deployDir/" fi fi } diff --git a/poky/meta/classes/libc-package.bbclass b/poky/meta/classes/libc-package.bbclass index a66e54088..de816bcec 100644 --- a/poky/meta/classes/libc-package.bbclass +++ b/poky/meta/classes/libc-package.bbclass @@ -346,14 +346,13 @@ python package_do_split_gconvs () { if use_bin == "compile": makefile = oe.path.join(d.getVar("WORKDIR"), "locale-tree", "Makefile") - m = open(makefile, "w") - m.write("all: %s\n\n" % " ".join(commands.keys())) - total = len(commands) - for i, cmd in enumerate(commands): - m.write(cmd + ":\n") - m.write("\t@echo 'Progress %d/%d'\n" % (i, total)) - m.write("\t" + commands[cmd] + "\n\n") - m.close() + with open(makefile, "w") as m: + m.write("all: %s\n\n" % " ".join(commands.keys())) + total = len(commands) + for i, (maketarget, makerecipe) in enumerate(commands.items()): + m.write(maketarget + ":\n") + m.write("\t@echo 'Progress %d/%d'\n" % (i, total)) + m.write("\t" + makerecipe + "\n\n") d.setVar("EXTRA_OEMAKE", "-C %s ${PARALLEL_MAKE}" % (os.path.dirname(makefile))) d.setVarFlag("oe_runmake", "progress", "outof:Progress\s(\d+)/(\d+)") bb.note("Executing binary locale generation makefile") diff --git a/poky/meta/classes/package.bbclass b/poky/meta/classes/package.bbclass index d8bef3afb..f955df111 100644 --- a/poky/meta/classes/package.bbclass +++ b/poky/meta/classes/package.bbclass @@ -826,8 +826,9 @@ python fixup_perms () { # Now we actually load from the configuration files for conf in get_fs_perms_list(d).split(): - if os.path.exists(conf): - f = open(conf) + if not os.path.exists(conf): + continue + with open(conf) as f: for line in f: if line.startswith('#'): continue @@ -848,7 +849,6 @@ python fixup_perms () { fs_perms_table[entry.path] = entry if entry.path in fs_link_table: fs_link_table.pop(entry.path) - f.close() # Debug -- list out in-memory table #for dir in fs_perms_table: @@ -1424,10 +1424,9 @@ fi pkgdest = d.getVar('PKGDEST') pkgdatadir = d.getVar('PKGDESTWORK') - data_file = pkgdatadir + d.expand("/${PN}" ) - f = open(data_file, 'w') - f.write("PACKAGES: %s\n" % packages) - f.close() + data_file = pkgdatadir + d.expand("/${PN}") + with open(data_file, 'w') as fd: + fd.write("PACKAGES: %s\n" % packages) pn = d.getVar('PN') global_variants = (d.getVar('MULTILIB_GLOBAL_VARIANTS') or "").split() @@ -1778,21 +1777,20 @@ python package_do_shlibs() { bb.note("Renaming %s to %s" % (old, new)) os.rename(old, new) pkgfiles[pkg].remove(old) - + shlibs_file = os.path.join(shlibswork_dir, pkg + ".list") if len(sonames): - fd = open(shlibs_file, 'w') - for s in sonames: - if s[0] in shlib_provider and s[1] in shlib_provider[s[0]]: - (old_pkg, old_pkgver) = shlib_provider[s[0]][s[1]] - if old_pkg != pkg: - bb.warn('%s-%s was registered as shlib provider for %s, changing it to %s-%s because it was built later' % (old_pkg, old_pkgver, s[0], pkg, pkgver)) - bb.debug(1, 'registering %s-%s as shlib provider for %s' % (pkg, pkgver, s[0])) - fd.write(s[0] + ':' + s[1] + ':' + s[2] + '\n') - if s[0] not in shlib_provider: - shlib_provider[s[0]] = {} - shlib_provider[s[0]][s[1]] = (pkg, pkgver) - fd.close() + with open(shlibs_file, 'w') as fd: + for s in sonames: + if s[0] in shlib_provider and s[1] in shlib_provider[s[0]]: + (old_pkg, old_pkgver) = shlib_provider[s[0]][s[1]] + if old_pkg != pkg: + bb.warn('%s-%s was registered as shlib provider for %s, changing it to %s-%s because it was built later' % (old_pkg, old_pkgver, s[0], pkg, pkgver)) + bb.debug(1, 'registering %s-%s as shlib provider for %s' % (pkg, pkgver, s[0])) + fd.write(s[0] + ':' + s[1] + ':' + s[2] + '\n') + if s[0] not in shlib_provider: + shlib_provider[s[0]] = {} + shlib_provider[s[0]][s[1]] = (pkg, pkgver) if needs_ldconfig and use_ldconfig: bb.debug(1, 'adding ldconfig call to postinst for %s' % pkg) postinst = d.getVar('pkg_postinst_%s' % pkg) @@ -1864,11 +1862,10 @@ python package_do_shlibs() { deps_file = os.path.join(pkgdest, pkg + ".shlibdeps") if os.path.exists(deps_file): os.remove(deps_file) - if len(deps): - fd = open(deps_file, 'w') - for dep in sorted(deps): - fd.write(dep + '\n') - fd.close() + if deps: + with open(deps_file, 'w') as fd: + for dep in sorted(deps): + fd.write(dep + '\n') } python package_do_pkgconfig () { @@ -1898,9 +1895,8 @@ python package_do_pkgconfig () { pkgconfig_provided[pkg].append(name) if not os.access(file, os.R_OK): continue - f = open(file, 'r') - lines = f.readlines() - f.close() + with open(file, 'r') as f: + lines = f.readlines() for l in lines: m = var_re.match(l) if m: @@ -1918,10 +1914,9 @@ python package_do_pkgconfig () { for pkg in packages.split(): pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist") if pkgconfig_provided[pkg] != []: - f = open(pkgs_file, 'w') - for p in pkgconfig_provided[pkg]: - f.write('%s\n' % p) - f.close() + with open(pkgs_file, 'w') as f: + for p in pkgconfig_provided[pkg]: + f.write('%s\n' % p) # Go from least to most specific since the last one found wins for dir in reversed(shlibs_dirs): @@ -1931,9 +1926,8 @@ python package_do_pkgconfig () { m = re.match(r'^(.*)\.pclist$', file) if m: pkg = m.group(1) - fd = open(os.path.join(dir, file)) - lines = fd.readlines() - fd.close() + with open(os.path.join(dir, file)) as fd: + lines = fd.readlines() pkgconfig_provided[pkg] = [] for l in lines: pkgconfig_provided[pkg].append(l.rstrip()) @@ -1951,10 +1945,9 @@ python package_do_pkgconfig () { bb.note("couldn't find pkgconfig module '%s' in any package" % n) deps_file = os.path.join(pkgdest, pkg + ".pcdeps") if len(deps): - fd = open(deps_file, 'w') - for dep in deps: - fd.write(dep + '\n') - fd.close() + with open(deps_file, 'w') as fd: + for dep in deps: + fd.write(dep + '\n') } def read_libdep_files(d): @@ -1965,9 +1958,8 @@ def read_libdep_files(d): for extension in ".shlibdeps", ".pcdeps", ".clilibdeps": depsfile = d.expand("${PKGDEST}/" + pkg + extension) if os.access(depsfile, os.R_OK): - fd = open(depsfile) - lines = fd.readlines() - fd.close() + with open(depsfile) as fd: + lines = fd.readlines() for l in lines: l.rstrip() deps = bb.utils.explode_dep_versions2(l) diff --git a/poky/meta/classes/report-error.bbclass b/poky/meta/classes/report-error.bbclass index ea043b23e..1a12db120 100644 --- a/poky/meta/classes/report-error.bbclass +++ b/poky/meta/classes/report-error.bbclass @@ -78,19 +78,15 @@ python errorreport_handler () { taskdata['task'] = task if log: try: - logFile = codecs.open(log, 'r', 'utf-8') - logdata = logFile.read() - + with codecs.open(log, encoding='utf-8') as logFile: + logdata = logFile.read() # Replace host-specific paths so the logs are cleaner for d in ("TOPDIR", "TMPDIR"): s = e.data.getVar(d) if s: logdata = logdata.replace(s, d) - - logFile.close() except: logdata = "Unable to read log file" - else: logdata = "No Log" diff --git a/poky/meta/classes/sanity.bbclass b/poky/meta/classes/sanity.bbclass index 2d3f49eb1..a14bf5388 100644 --- a/poky/meta/classes/sanity.bbclass +++ b/poky/meta/classes/sanity.bbclass @@ -622,13 +622,14 @@ def check_sanity_version_change(status, d): # In other words, these tests run once in a given build directory and then # never again until the sanity version or host distrubution id/version changes. - # Check the python install is complete. glib-2.0-natives requries - # xml.parsers.expat + # Check the python install is complete. Examples that are often removed in + # minimal installations: glib-2.0-natives requries # xml.parsers.expat and icu + # requires distutils.sysconfig. try: import xml.parsers.expat - except ImportError: - status.addresult('Your python is not a full install. Please install the module xml.parsers.expat (python-xml on openSUSE and SUSE Linux).\n') - import stat + import distutils.sysconfig + except ImportError as e: + status.addresult('Your Python 3 is not a full install. Please install the module %s (see the Getting Started guide for further information).\n' % e.name) status.addresult(check_make_version(d)) status.addresult(check_patch_version(d)) @@ -664,6 +665,7 @@ def check_sanity_version_change(status, d): status.addresult('Please use ASSUME_PROVIDED +=, not ASSUME_PROVIDED = in your local.conf\n') # Check that TMPDIR isn't on a filesystem with limited filename length (eg. eCryptFS) + import stat tmpdir = d.getVar('TMPDIR') status.addresult(check_create_long_filename(tmpdir, "TMPDIR")) tmpdirmode = os.stat(tmpdir).st_mode @@ -798,6 +800,11 @@ def check_sanity_everybuild(status, d): elif d.getVar('SDK_ARCH', False) == "${BUILD_ARCH}": status.addresult('SDKMACHINE is set, but SDK_ARCH has not been changed as a result - SDKMACHINE may have been set too late (e.g. in the distro configuration)\n') + # If SDK_VENDOR looks like "-my-sdk" then the triples are badly formed so fail early + sdkvendor = d.getVar("SDK_VENDOR") + if not (sdkvendor.startswith("-") and sdkvendor.count("-") == 1): + status.addresult("SDK_VENDOR should be of the form '-foosdk' with a single dash\n") + check_supported_distro(d) omask = os.umask(0o022) diff --git a/poky/meta/classes/systemd.bbclass b/poky/meta/classes/systemd.bbclass index 1dca09964..9e8a82c9f 100644 --- a/poky/meta/classes/systemd.bbclass +++ b/poky/meta/classes/systemd.bbclass @@ -32,11 +32,7 @@ if type systemctl >/dev/null 2>/dev/null; then if [ "${SYSTEMD_AUTO_ENABLE}" = "enable" ]; then for service in ${SYSTEMD_SERVICE_ESCAPED}; do - case "${service}" in - *@*) - systemctl ${OPTS} enable "${service}" - ;; - esac + systemctl ${OPTS} enable "$service" done fi diff --git a/poky/meta/classes/testimage.bbclass b/poky/meta/classes/testimage.bbclass index 525c5a617..844ed8794 100644 --- a/poky/meta/classes/testimage.bbclass +++ b/poky/meta/classes/testimage.bbclass @@ -262,6 +262,24 @@ def testimage_main(d): # It would be better to find these modules using instrospection. target_kwargs['target_modules_path'] = d.getVar('BBPATH') + # hardware controlled targets might need further access + target_kwargs['powercontrol_cmd'] = d.getVar("TEST_POWERCONTROL_CMD") or None + target_kwargs['powercontrol_extra_args'] = d.getVar("TEST_POWERCONTROL_EXTRA_ARGS") or "" + target_kwargs['serialcontrol_cmd'] = d.getVar("TEST_SERIALCONTROL_CMD") or None + target_kwargs['serialcontrol_extra_args'] = d.getVar("TEST_SERIALCONTROL_EXTRA_ARGS") or "" + + def export_ssh_agent(d): + import os + + variables = ['SSH_AGENT_PID', 'SSH_AUTH_SOCK'] + for v in variables: + if v not in os.environ.keys(): + val = d.getVar(v) + if val is not None: + os.environ[v] = val + + export_ssh_agent(d) + # runtime use network for download projects for build export_proxies(d) diff --git a/poky/meta/classes/tinderclient.bbclass b/poky/meta/classes/tinderclient.bbclass deleted file mode 100644 index 00f453cec..000000000 --- a/poky/meta/classes/tinderclient.bbclass +++ /dev/null @@ -1,368 +0,0 @@ -def tinder_http_post(server, selector, content_type, body): - import httplib - # now post it - for i in range(0,5): - try: - h = httplib.HTTP(server) - h.putrequest('POST', selector) - h.putheader('content-type', content_type) - h.putheader('content-length', str(len(body))) - h.endheaders() - h.send(body) - errcode, errmsg, headers = h.getreply() - #print(errcode, errmsg, headers) - return (errcode,errmsg, headers, h.file) - except: - print("Error sending the report!") - # try again - pass - - # return some garbage - return (-1, "unknown", "unknown", None) - -def tinder_form_data(bound, dict, log): - output = [] - # for each key in the dictionary - for name in dict: - assert dict[name] - output.append( "--" + bound ) - output.append( 'Content-Disposition: form-data; name="%s"' % name ) - output.append( "" ) - output.append( dict[name] ) - if log: - output.append( "--" + bound ) - output.append( 'Content-Disposition: form-data; name="log"; filename="log.txt"' ) - output.append( '' ) - output.append( log ) - output.append( '--' + bound + '--' ) - output.append( '' ) - - return "\r\n".join(output) - -def tinder_time_string(): - """ - Return the time as GMT - """ - return "" - -def tinder_format_http_post(d,status,log): - """ - Format the Tinderbox HTTP post with the data needed - for the tinderbox to be happy. - """ - - import random - - # the variables we will need to send on this form post - variables = { - "tree" : d.getVar('TINDER_TREE'), - "machine_name" : d.getVar('TINDER_MACHINE'), - "os" : os.uname()[0], - "os_version" : os.uname()[2], - "compiler" : "gcc", - "clobber" : d.getVar('TINDER_CLOBBER') or "0", - "srcdate" : d.getVar('SRCDATE'), - "PN" : d.getVar('PN'), - "PV" : d.getVar('PV'), - "PR" : d.getVar('PR'), - "FILE" : d.getVar('FILE') or "N/A", - "TARGETARCH" : d.getVar('TARGET_ARCH'), - "TARGETFPU" : d.getVar('TARGET_FPU') or "Unknown", - "TARGETOS" : d.getVar('TARGET_OS') or "Unknown", - "MACHINE" : d.getVar('MACHINE') or "Unknown", - "DISTRO" : d.getVar('DISTRO') or "Unknown", - "zecke-rocks" : "sure", - } - - # optionally add the status - if status: - variables["status"] = str(status) - - # try to load the machine id - # we only need on build_status.pl but sending it - # always does not hurt - try: - f = open(d.getVar('TMPDIR')+'/tinder-machine.id', 'r') - id = f.read() - variables['machine_id'] = id - except: - pass - - # the boundary we will need - boundary = "----------------------------------%d" % int(random.random()*1000000000000) - - # now format the body - body = tinder_form_data( boundary, variables, log ) - - return ("multipart/form-data; boundary=%s" % boundary),body - - -def tinder_build_start(d): - """ - Inform the tinderbox that a build is starting. We do this - by posting our name and tree to the build_start.pl script - on the server. - """ - - # get the body and type - content_type, body = tinder_format_http_post(d,None,None) - server = d.getVar('TINDER_HOST') - url = d.getVar('TINDER_URL') - - selector = url + "/xml/build_start.pl" - - #print("selector %s and url %s" % (selector, url)) - - # now post it - errcode, errmsg, headers, h_file = tinder_http_post(server,selector,content_type, body) - #print(errcode, errmsg, headers) - report = h_file.read() - - # now let us find the machine id that was assigned to us - search = " 0: - content_type, body = tinder_format_http_post(d,status,new_log[0:18000]) - errcode, errmsg, headers, h_file = tinder_http_post(server,selector,content_type, body) - #print(errcode, errmsg, headers) - #print(h.file.read()) - new_log = new_log[18000:] - - -def tinder_print_info(d): - """ - Print the TinderBox Info - Including informations of the BaseSystem and the Tree - we use. - """ - - # get the local vars - time = tinder_time_string() - ops = os.uname()[0] - version = os.uname()[2] - url = d.getVar('TINDER_URL') - tree = d.getVar('TINDER_TREE') - branch = d.getVar('TINDER_BRANCH') - srcdate = d.getVar('SRCDATE') - machine = d.getVar('MACHINE') - distro = d.getVar('DISTRO') - bbfiles = d.getVar('BBFILES') - tarch = d.getVar('TARGET_ARCH') - fpu = d.getVar('TARGET_FPU') - oerev = d.getVar('OE_REVISION') or "unknown" - - # there is a bug with tipple quoted strings - # i will work around but will fix the original - # bug as well - output = [] - output.append("== Tinderbox Info" ) - output.append("Time: %(time)s" ) - output.append("OS: %(ops)s" ) - output.append("%(version)s" ) - output.append("Compiler: gcc" ) - output.append("Tinderbox Client: 0.1" ) - output.append("Tinderbox Client Last Modified: yesterday" ) - output.append("Tinderbox Protocol: 0.1" ) - output.append("URL: %(url)s" ) - output.append("Tree: %(tree)s" ) - output.append("Config:" ) - output.append("branch = '%(branch)s'" ) - output.append("TARGET_ARCH = '%(tarch)s'" ) - output.append("TARGET_FPU = '%(fpu)s'" ) - output.append("SRCDATE = '%(srcdate)s'" ) - output.append("MACHINE = '%(machine)s'" ) - output.append("DISTRO = '%(distro)s'" ) - output.append("BBFILES = '%(bbfiles)s'" ) - output.append("OEREV = '%(oerev)s'" ) - output.append("== End Tinderbox Client Info" ) - - # now create the real output - return "\n".join(output) % vars() - - -def tinder_print_env(): - """ - Print the environment variables of this build - """ - time_start = tinder_time_string() - time_end = tinder_time_string() - - # build the environment - env = "" - for var in os.environ: - env += "%s=%s\n" % (var, os.environ[var]) - - output = [] - output.append( "---> TINDERBOX RUNNING env %(time_start)s" ) - output.append( env ) - output.append( "<--- TINDERBOX FINISHED (SUCCESS) %(time_end)s" ) - - return "\n".join(output) % vars() - -def tinder_tinder_start(d, event): - """ - PRINT the configuration of this build - """ - - time_start = tinder_time_string() - config = tinder_print_info(d) - #env = tinder_print_env() - time_end = tinder_time_string() - packages = " ".join( event.getPkgs() ) - - output = [] - output.append( "---> TINDERBOX PRINTING CONFIGURATION %(time_start)s" ) - output.append( config ) - #output.append( env ) - output.append( "<--- TINDERBOX FINISHED PRINTING CONFIGURATION %(time_end)s" ) - output.append( "---> TINDERBOX BUILDING '%(packages)s'" ) - output.append( "<--- TINDERBOX STARTING BUILD NOW" ) - - output.append( "" ) - - return "\n".join(output) % vars() - -def tinder_do_tinder_report(event): - """ - Report to the tinderbox: - On the BuildStart we will inform the box directly - On the other events we will write to the TINDER_LOG and - when the Task is finished we will send the report. - - The above is not yet fully implemented. Currently we send - information immediately. The caching/queuing needs to be - implemented. Also sending more or less information is not - implemented yet. - - We have two temporary files stored in the TMP directory. One file - contains the assigned machine id for the tinderclient. This id gets - assigned when we connect the box and start the build process the second - file is used to workaround an EventHandler limitation. If BitBake is ran - with the continue option we want the Build to fail even if we get the - BuildCompleted Event. In this case we have to look up the status and - send it instead of 100/success. - """ - import glob - - # variables - name = bb.event.getName(event) - log = "" - status = 1 - # Check what we need to do Build* shows we start or are done - if name == "BuildStarted": - tinder_build_start(event.data) - log = tinder_tinder_start(event.data,event) - - try: - # truncate the tinder log file - f = open(event.data.getVar('TINDER_LOG'), 'w') - f.write("") - f.close() - except: - pass - - try: - # write a status to the file. This is needed for the -k option - # of BitBake - g = open(event.data.getVar('TMPDIR')+"/tinder-status", 'w') - g.write("") - g.close() - except IOError: - pass - - # Append the Task-Log (compile,configure...) to the log file - # we will send to the server - if name == "TaskSucceeded" or name == "TaskFailed": - log_file = glob.glob("%s/log.%s.*" % (event.data.getVar('T'), event.task)) - - if len(log_file) != 0: - to_file = event.data.getVar('TINDER_LOG') - log += "".join(open(log_file[0], 'r').readlines()) - - # set the right 'HEADER'/Summary for the TinderBox - if name == "TaskStarted": - log += "---> TINDERBOX Task %s started\n" % event.task - elif name == "TaskSucceeded": - log += "<--- TINDERBOX Task %s done (SUCCESS)\n" % event.task - elif name == "TaskFailed": - log += "<--- TINDERBOX Task %s failed (FAILURE)\n" % event.task - elif name == "PkgStarted": - log += "---> TINDERBOX Package %s started\n" % event.data.getVar('PF') - elif name == "PkgSucceeded": - log += "<--- TINDERBOX Package %s done (SUCCESS)\n" % event.data.getVar('PF') - elif name == "PkgFailed": - if not event.data.getVar('TINDER_AUTOBUILD') == "0": - build.exec_task('do_clean', event.data) - log += "<--- TINDERBOX Package %s failed (FAILURE)\n" % event.data.getVar('PF') - status = 200 - # remember the failure for the -k case - h = open(event.data.getVar('TMPDIR')+"/tinder-status", 'w') - h.write("200") - elif name == "BuildCompleted": - log += "Build Completed\n" - status = 100 - # Check if we have a old status... - try: - h = open(event.data.getVar('TMPDIR')+'/tinder-status', 'r') - status = int(h.read()) - except: - pass - - elif name == "MultipleProviders": - log += "---> TINDERBOX Multiple Providers\n" - log += "multiple providers are available (%s);\n" % ", ".join(event.getCandidates()) - log += "consider defining PREFERRED_PROVIDER_%s\n" % event.getItem() - log += "is runtime: %d\n" % event.isRuntime() - log += "<--- TINDERBOX Multiple Providers\n" - elif name == "NoProvider": - log += "Error: No Provider for: %s\n" % event.getItem() - log += "Error:Was Runtime: %d\n" % event.isRuntime() - status = 200 - # remember the failure for the -k case - h = open(event.data.getVar('TMPDIR')+"/tinder-status", 'w') - h.write("200") - - # now post the log - if len(log) == 0: - return - - # for now we will use the http post method as it is the only one - log_post_method = tinder_send_http - log_post_method(event.data, status, log) - - -# we want to be an event handler -addhandler tinderclient_eventhandler -python tinderclient_eventhandler() { - if e.data is None or bb.event.getName(e) == "MsgNote": - return - - do_tinder_report = e.data.getVar('TINDER_REPORT') - if do_tinder_report and do_tinder_report == "1": - tinder_do_tinder_report(e) - - return -} diff --git a/poky/meta/classes/uninative.bbclass b/poky/meta/classes/uninative.bbclass index 3326c0db3..9f8645a36 100644 --- a/poky/meta/classes/uninative.bbclass +++ b/poky/meta/classes/uninative.bbclass @@ -45,7 +45,7 @@ python uninative_event_fetchloader() { tarballdir = os.path.join(d.getVar("UNINATIVE_DLDIR"), chksum) tarballpath = os.path.join(tarballdir, tarball) - if not os.path.exists(tarballpath): + if not os.path.exists(tarballpath + ".done"): bb.utils.mkdirhier(tarballdir) if d.getVar("UNINATIVE_URL") == "unset": bb.fatal("Uninative selected but not configured, please set UNINATIVE_URL") diff --git a/poky/meta/conf/machine/qemuriscv64.conf b/poky/meta/conf/machine/qemuriscv64.conf index 99b48b309..b45fdd556 100644 --- a/poky/meta/conf/machine/qemuriscv64.conf +++ b/poky/meta/conf/machine/qemuriscv64.conf @@ -5,5 +5,5 @@ require conf/machine/include/riscv/qemuriscv.inc EXTRA_IMAGEDEPENDS += "u-boot" -UBOOT_MACHINE = "qemu-riscv64_defconfig" +UBOOT_MACHINE = "qemu-riscv64_smode_defconfig" UBOOT_ELF = "u-boot" diff --git a/poky/meta/lib/oe/buildhistory_analysis.py b/poky/meta/lib/oe/buildhistory_analysis.py index 708e1b388..5b28774c9 100644 --- a/poky/meta/lib/oe/buildhistory_analysis.py +++ b/poky/meta/lib/oe/buildhistory_analysis.py @@ -413,7 +413,7 @@ def compare_dict_blobs(path, ablob, bblob, report_all, report_ver): if abs(percentchg) < monitor_numeric_threshold: continue elif (not report_all) and key in list_fields: - if key == "FILELIST" and path.endswith("-dbg") and bstr.strip() != '': + if key == "FILELIST" and (path.endswith("-dbg") or path.endswith("-src")) and bstr.strip() != '': continue if key in ['RPROVIDES', 'RDEPENDS', 'RRECOMMENDS', 'RSUGGESTS', 'RREPLACES', 'RCONFLICTS']: (depvera, depverb) = compare_pkg_lists(astr, bstr) diff --git a/poky/meta/lib/oe/package_manager.py b/poky/meta/lib/oe/package_manager.py index 7c373715a..c7135ce91 100644 --- a/poky/meta/lib/oe/package_manager.py +++ b/poky/meta/lib/oe/package_manager.py @@ -298,7 +298,7 @@ class DpkgIndexer(Indexer): release.write("Label: %s\n" % arch) cmd += "PSEUDO_UNLOAD=1 %s release . >> Release" % apt_ftparchive - + index_cmds.append(cmd) deb_dirs_found = True @@ -570,6 +570,8 @@ class PackageManager(object, metaclass=ABCMeta): for lang in split_linguas: globs += " *-locale-%s" % lang + for complementary_linguas in (self.d.getVar('IMAGE_LINGUAS_COMPLEMENTARY') or "").split(): + globs += (" " + complementary_linguas) % lang if globs is None: return @@ -655,7 +657,7 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie pn = d.getVar("PN") seendirs = set() multilibs = {} - + bb.utils.remove(subrepo_dir, recurse=True) bb.utils.mkdirhier(subrepo_dir) @@ -1006,8 +1008,8 @@ class RpmPM(PackageManager): def load_old_install_solution(self): if not os.path.exists(self.solution_manifest): return [] - - return open(self.solution_manifest, 'r').read().split() + with open(self.solution_manifest, 'r') as fd: + return fd.read().split() def _script_num_prefix(self, path): files = os.listdir(path) diff --git a/poky/meta/lib/oe/packagedata.py b/poky/meta/lib/oe/packagedata.py index cbde380b0..a82085a79 100644 --- a/poky/meta/lib/oe/packagedata.py +++ b/poky/meta/lib/oe/packagedata.py @@ -17,9 +17,8 @@ def read_pkgdatafile(fn): if os.access(fn, os.R_OK): import re - f = open(fn, 'r') - lines = f.readlines() - f.close() + with open(fn, 'r') as f: + lines = f.readlines() r = re.compile("([^:]+):\s*(.*)") for l in lines: m = r.match(l) diff --git a/poky/meta/lib/oe/types.py b/poky/meta/lib/oe/types.py index 77ee7ee54..bbbabafbf 100644 --- a/poky/meta/lib/oe/types.py +++ b/poky/meta/lib/oe/types.py @@ -154,7 +154,8 @@ def path(value, relativeto='', normalize='true', mustexist='false'): if boolean(mustexist): try: - open(value, 'r') + with open(value, 'r'): + pass except IOError as exc: if exc.errno == errno.ENOENT: raise ValueError("{0}: {1}".format(value, os.strerror(errno.ENOENT))) @@ -183,4 +184,3 @@ def qemu_use_kvm(kvm, target_arch): elif build_arch == target_arch: use_kvm = True return use_kvm - diff --git a/poky/meta/lib/oeqa/core/decorator/data.py b/poky/meta/lib/oeqa/core/decorator/data.py index babc9789d..12d462f20 100644 --- a/poky/meta/lib/oeqa/core/decorator/data.py +++ b/poky/meta/lib/oeqa/core/decorator/data.py @@ -113,3 +113,21 @@ class skipIfNotFeature(OETestDecorator): self.logger.debug(msg) if not has_feature(self.case.td, self.value): self.case.skipTest(self.msg) + +@registerDecorator +class skipIfFeature(OETestDecorator): + """ + Skip test based on DISTRO_FEATURES. + + value must not be in distro features or it will skip the test + with msg as the reason. + """ + + attrs = ('value', 'msg') + + def setUpDecorator(self): + msg = ('Checking if %s is not in DISTRO_FEATURES ' + 'or IMAGE_FEATURES' % (self.value)) + self.logger.debug(msg) + if has_feature(self.case.td, self.value): + self.case.skipTest(self.msg) diff --git a/poky/meta/lib/oeqa/runtime/cases/df.py b/poky/meta/lib/oeqa/runtime/cases/df.py index d8d79f32e..89fd0fb90 100644 --- a/poky/meta/lib/oeqa/runtime/cases/df.py +++ b/poky/meta/lib/oeqa/runtime/cases/df.py @@ -11,7 +11,7 @@ class DfTest(OERuntimeTestCase): @OETestDepends(['ssh.SSHTest.test_ssh']) @OEHasPackage(['coreutils', 'busybox']) def test_df(self): - cmd = "df / | sed -n '2p' | awk '{print $4}'" + cmd = "df -P / | sed -n '2p' | awk '{print $4}'" (status,output) = self.target.run(cmd) msg = 'Not enough space on image. Current size is %s' % output self.assertTrue(int(output)>5120, msg=msg) diff --git a/poky/meta/lib/oeqa/runtime/cases/opkg.py b/poky/meta/lib/oeqa/runtime/cases/opkg.py index bb8b6d99d..750706161 100644 --- a/poky/meta/lib/oeqa/runtime/cases/opkg.py +++ b/poky/meta/lib/oeqa/runtime/cases/opkg.py @@ -5,7 +5,7 @@ import os from oeqa.utils.httpserver import HTTPService from oeqa.runtime.case import OERuntimeTestCase -from oeqa.core.decorator.data import skipIfNotDataVar, skipIfNotFeature +from oeqa.core.decorator.data import skipIfNotDataVar, skipIfNotFeature, skipIfFeature from oeqa.runtime.decorator.package import OEHasPackage class OpkgTest(OERuntimeTestCase): @@ -45,6 +45,8 @@ class OpkgRepoTest(OpkgTest): 'Test requires package-management to be in IMAGE_FEATURES') @skipIfNotDataVar('IMAGE_PKGTYPE', 'ipk', 'IPK is not the primary package manager') + @skipIfFeature('read-only-rootfs', + 'Test does not work with read-only-rootfs in IMAGE_FEATURES') @OEHasPackage(['opkg']) def test_opkg_install_from_repo(self): self.setup_source_config_for_package_install() diff --git a/poky/meta/lib/oeqa/runtime/cases/systemd.py b/poky/meta/lib/oeqa/runtime/cases/systemd.py index c11fa49b0..7c44abe8e 100644 --- a/poky/meta/lib/oeqa/runtime/cases/systemd.py +++ b/poky/meta/lib/oeqa/runtime/cases/systemd.py @@ -9,7 +9,7 @@ from oeqa.runtime.case import OERuntimeTestCase from oeqa.core.decorator.depends import OETestDepends from oeqa.core.decorator.data import skipIfDataVar, skipIfNotDataVar from oeqa.runtime.decorator.package import OEHasPackage -from oeqa.core.decorator.data import skipIfNotFeature +from oeqa.core.decorator.data import skipIfNotFeature, skipIfFeature class SystemdTest(OERuntimeTestCase): @@ -114,12 +114,26 @@ class SystemdServiceTests(SystemdTest): self.systemctl('is-active', 'avahi-daemon.service', verbose=True) @OETestDepends(['systemd.SystemdServiceTests.test_systemd_status']) + @skipIfFeature('read-only-rootfs', + 'Test is only meant to run without read-only-rootfs in IMAGE_FEATURES') def test_systemd_disable_enable(self): self.systemctl('disable', 'avahi-daemon.service') self.systemctl('is-enabled', 'avahi-daemon.service', expected=1) self.systemctl('enable', 'avahi-daemon.service') self.systemctl('is-enabled', 'avahi-daemon.service') + @OETestDepends(['systemd.SystemdServiceTests.test_systemd_status']) + @skipIfNotFeature('read-only-rootfs', + 'Test is only meant to run with read-only-rootfs in IMAGE_FEATURES') + def test_systemd_disable_enable_ro(self): + status = self.target.run('mount -orw,remount /')[0] + self.assertTrue(status == 0, msg='Remounting / as r/w failed') + try: + self.test_systemd_disable_enable() + finally: + status = self.target.run('mount -oro,remount /')[0] + self.assertTrue(status == 0, msg='Remounting / as r/o failed') + class SystemdJournalTests(SystemdTest): @OETestDepends(['systemd.SystemdBasicTests.test_systemd_basic']) diff --git a/poky/meta/lib/oeqa/runtime/context.py b/poky/meta/lib/oeqa/runtime/context.py index 77d58eefa..ef738a335 100644 --- a/poky/meta/lib/oeqa/runtime/context.py +++ b/poky/meta/lib/oeqa/runtime/context.py @@ -138,7 +138,7 @@ class OERuntimeTestContextExecutor(OETestContextExecutor): def add_controller_list(path): if not os.path.exists(os.path.join(path, '__init__.py')): raise OSError('Controllers directory %s exists but is missing __init__.py' % path) - files = sorted([f for f in os.listdir(path) if f.endswith('.py') and not f.startswith('_')]) + files = sorted([f for f in os.listdir(path) if f.endswith('.py') and not f.startswith('_') and not f.startswith('.#')]) for f in files: module = 'oeqa.controllers.' + f[:-3] if module not in controllerslist: diff --git a/poky/meta/lib/oeqa/selftest/cases/bblayers.py b/poky/meta/lib/oeqa/selftest/cases/bblayers.py index 954488dfd..f131d9856 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bblayers.py +++ b/poky/meta/lib/oeqa/selftest/cases/bblayers.py @@ -14,21 +14,21 @@ class BitbakeLayers(OESelftestTestCase): def test_bitbakelayers_showcrossdepends(self): result = runCmd('bitbake-layers show-cross-depends') - self.assertTrue('aspell' in result.output, msg = "No dependencies were shown. bitbake-layers show-cross-depends output: %s" % result.output) + self.assertIn('aspell', result.output) def test_bitbakelayers_showlayers(self): result = runCmd('bitbake-layers show-layers') - self.assertTrue('meta-selftest' in result.output, msg = "No layers were shown. bitbake-layers show-layers output: %s" % result.output) + self.assertIn('meta-selftest', result.output) def test_bitbakelayers_showappends(self): recipe = "xcursor-transparent-theme" bb_file = self.get_recipe_basename(recipe) result = runCmd('bitbake-layers show-appends') - self.assertTrue(bb_file in result.output, msg="%s file was not recognised. bitbake-layers show-appends output: %s" % (bb_file, result.output)) + self.assertIn(bb_file, result.output) def test_bitbakelayers_showoverlayed(self): result = runCmd('bitbake-layers show-overlayed') - self.assertTrue('aspell' in result.output, msg="aspell overlayed recipe was not recognised bitbake-layers show-overlayed %s" % result.output) + self.assertIn('aspell', result.output) def test_bitbakelayers_flatten(self): recipe = "xcursor-transparent-theme" diff --git a/poky/meta/lib/oeqa/selftest/cases/bbtests.py b/poky/meta/lib/oeqa/selftest/cases/bbtests.py index 9461c7ed1..dc423ec43 100644 --- a/poky/meta/lib/oeqa/selftest/cases/bbtests.py +++ b/poky/meta/lib/oeqa/selftest/cases/bbtests.py @@ -44,7 +44,7 @@ class BitbakeTests(OESelftestTestCase): find_build_completed = re.search(r"Tasks Summary:.*(\n.*)*NOTE: Test for bb\.event\.BuildCompleted", result.output) self.assertTrue(find_build_started, msg = "Match failed in:\n%s" % result.output) self.assertTrue(find_build_completed, msg = "Match failed in:\n%s" % result.output) - self.assertFalse('Test for bb.event.InvalidEvent' in result.output, msg = "\"Test for bb.event.InvalidEvent\" message found during bitbake process. bitbake output: %s" % result.output) + self.assertNotIn('Test for bb.event.InvalidEvent', result.output) def test_local_sstate(self): bitbake('m4-native') @@ -59,7 +59,7 @@ class BitbakeTests(OESelftestTestCase): def test_bitbake_invalid_target(self): result = bitbake('asdf', ignore_status=True) - self.assertTrue("ERROR: Nothing PROVIDES 'asdf'" in result.output, msg = "Though no 'asdf' target exists, bitbake didn't output any err. message. bitbake output: %s" % result.output) + self.assertIn("ERROR: Nothing PROVIDES 'asdf'", result.output) def test_warnings_errors(self): result = bitbake('-b asdf', ignore_status=True) @@ -123,7 +123,7 @@ class BitbakeTests(OESelftestTestCase): for f in ['pn-buildlist', 'task-depends.dot']: self.addCleanup(os.remove, f) self.assertTrue('Task dependencies saved to \'task-depends.dot\'' in result.output, msg = "No task dependency \"task-depends.dot\" file was generated for the given task target. bitbake output: %s" % result.output) - self.assertTrue(recipe in ftools.read_file(os.path.join(self.builddir, 'task-depends.dot')), msg = "No \"%s\" dependency found in task-depends.dot file." % recipe) + self.assertIn(recipe, ftools.read_file(os.path.join(self.builddir, 'task-depends.dot'))) def test_image_manifest(self): bitbake('core-image-minimal') @@ -147,8 +147,7 @@ INHERIT_remove = \"report-error\" bitbake('-ccleanall man-db') self.delete_recipeinc('man-db') self.assertEqual(result.status, 1, msg="Command succeded when it should have failed. bitbake output: %s" % result.output) - self.assertTrue('Fetcher failure: Unable to find file file://invalid anywhere. The paths that were searched were:' in result.output, msg = "\"invalid\" file \ -doesn't exist, yet no error message encountered. bitbake output: %s" % result.output) + self.assertIn('Fetcher failure: Unable to find file file://invalid anywhere. The paths that were searched were:', result.output) line = self.getline(result, 'Fetcher failure for URL: \'file://invalid\'. Unable to fetch URL from any source.') self.assertTrue(line and line.startswith("ERROR:"), msg = "\"invalid\" file \ doesn't exist, yet fetcher didn't report any error. bitbake output: %s" % result.output) @@ -173,7 +172,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" def test_environment(self): self.write_config("TEST_ENV=\"localconf\"") result = runCmd('bitbake -e | grep TEST_ENV=') - self.assertTrue('localconf' in result.output, msg = "bitbake didn't report any value for TEST_ENV variable. To test, run 'bitbake -e | grep TEST_ENV='") + self.assertIn('localconf', result.output) def test_dry_run(self): result = runCmd('bitbake -n m4-native') @@ -193,10 +192,10 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" self.track_for_cleanup(preconf) ftools.write_file(preconf ,"TEST_PREFILE=\"prefile\"") result = runCmd('bitbake -r conf/prefile.conf -e | grep TEST_PREFILE=') - self.assertTrue('prefile' in result.output, "Preconfigure file \"prefile.conf\"was not taken into consideration. ") + self.assertIn('prefile', result.output) self.write_config("TEST_PREFILE=\"localconf\"") result = runCmd('bitbake -r conf/prefile.conf -e | grep TEST_PREFILE=') - self.assertTrue('localconf' in result.output, "Preconfigure file \"prefile.conf\"was not taken into consideration.") + self.assertIn('localconf', result.output) def test_postfile(self): postconf = os.path.join(self.builddir, 'conf/postfile.conf') @@ -204,7 +203,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" ftools.write_file(postconf , "TEST_POSTFILE=\"postfile\"") self.write_config("TEST_POSTFILE=\"localconf\"") result = runCmd('bitbake -R conf/postfile.conf -e | grep TEST_POSTFILE=') - self.assertTrue('postfile' in result.output, "Postconfigure file \"postfile.conf\"was not taken into consideration.") + self.assertIn('postfile', result.output) def test_checkuri(self): result = runCmd('bitbake -c checkuri m4') diff --git a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py index cf2a42aab..ef2eefa86 100644 --- a/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py +++ b/poky/meta/lib/oeqa/selftest/cases/imagefeatures.py @@ -124,7 +124,7 @@ class ImageFeatures(OESelftestTestCase): # check if result image is sparse image_stat = os.stat(image_path) - self.assertTrue(image_stat.st_size > image_stat.st_blocks * 512) + self.assertGreater(image_stat.st_size, image_stat.st_blocks * 512) # check if the resulting gzip is valid self.assertTrue(runCmd('gzip -t %s' % gzip_path)) diff --git a/poky/meta/lib/oeqa/selftest/cases/incompatible_lic.py b/poky/meta/lib/oeqa/selftest/cases/incompatible_lic.py index 424a9e69c..904b5b409 100644 --- a/poky/meta/lib/oeqa/selftest/cases/incompatible_lic.py +++ b/poky/meta/lib/oeqa/selftest/cases/incompatible_lic.py @@ -73,3 +73,21 @@ INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" bitbake('core-image-minimal') +class NoGPL3InImagesTests(OESelftestTestCase): + def test_core_image_minimal(self): + self.write_config(""" +INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" +""") + bitbake('core-image-minimal') + + def test_core_image_full_cmdline(self): + self.write_config(""" +INHERIT += "testimage"\n +INCOMPATIBLE_LICENSE_pn-core-image-full-cmdline = "GPL-3.0 LGPL-3.0"\n +RDEPENDS_packagegroup-core-full-cmdline-utils_remove = "bash bc coreutils cpio ed findutils gawk grep mc mc-fish mc-helpers mc-helpers-perl sed tar time"\n +RDEPENDS_packagegroup-core-full-cmdline-dev-utils_remove = "diffutils m4 make patch"\n +RDEPENDS_packagegroup-core-full-cmdline-multiuser_remove = "gzip"\n +""") + bitbake('core-image-full-cmdline') + bitbake('-c testimage core-image-full-cmdline') + diff --git a/poky/meta/lib/oeqa/selftest/cases/oescripts.py b/poky/meta/lib/oeqa/selftest/cases/oescripts.py index c169885cf..80d8b2c4c 100644 --- a/poky/meta/lib/oeqa/selftest/cases/oescripts.py +++ b/poky/meta/lib/oeqa/selftest/cases/oescripts.py @@ -121,3 +121,9 @@ class OEGitproxyTests(OESelftestTestCase): if dash is None: self.skipTest("No \"dash\" found on test system.") self.run_oegitproxy(custom_shell=dash) + +class OeRunNativeTest(OESelftestTestCase): + def test_oe_run_native(self): + bitbake("qemu-helper-native -c addto_recipe_sysroot") + result = runCmd("oe-run-native qemu-helper-native tunctl -h") + self.assertIn("Delete: tunctl -d device-name [-f tun-clone-device]", result.output) diff --git a/poky/meta/lib/oeqa/selftest/cases/recipetool.py b/poky/meta/lib/oeqa/selftest/cases/recipetool.py index 1c701a40b..c1562c63b 100644 --- a/poky/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/poky/meta/lib/oeqa/selftest/cases/recipetool.py @@ -685,7 +685,9 @@ class RecipetoolAppendsrcTests(RecipetoolAppendsrcBase): self._test_appendsrcfile(testrecipe, filepath, srcdir=subdir) bitbake('%s:do_unpack' % testrecipe) - self.assertEqual(open(self.testfile, 'r').read(), open(os.path.join(srcdir, filepath), 'r').read()) + with open(self.testfile, 'r') as testfile: + with open(os.path.join(srcdir, filepath), 'r') as makefilein: + self.assertEqual(testfile.read(), makefilein.read()) def test_recipetool_appendsrcfiles_basic(self, destdir=None): newfiles = [self.testfile] diff --git a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py index 3f212bd0e..7d3922ce4 100644 --- a/poky/meta/lib/oeqa/selftest/cases/runtime_test.py +++ b/poky/meta/lib/oeqa/selftest/cases/runtime_test.py @@ -179,6 +179,8 @@ class TestImage(OESelftestTestCase): distro = oe.lsb.distro_identifier() if distro and distro == 'debian-8': self.skipTest('virgl isn\'t working with Debian 8') + if distro and distro == 'centos-7': + self.skipTest('virgl isn\'t working with Centos 7') qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native') features = 'INHERIT += "testimage"\n' diff --git a/poky/meta/recipes-bsp/gnu-efi/gnu-efi/parallel-make-archives.patch b/poky/meta/recipes-bsp/gnu-efi/gnu-efi/parallel-make-archives.patch index a9806cfdf..8a0138bbe 100644 --- a/poky/meta/recipes-bsp/gnu-efi/gnu-efi/parallel-make-archives.patch +++ b/poky/meta/recipes-bsp/gnu-efi/gnu-efi/parallel-make-archives.patch @@ -19,25 +19,7 @@ Signed-off-by: Darren Hart Signed-off-by: California Sullivan [Rebased for 3.0.8] Signed-off-by: Yi Zhao ---- - gnuefi/Makefile | 3 ++- - lib/Makefile | 2 +- - 2 files changed, 3 insertions(+), 2 deletions(-) -diff --git a/gnuefi/Makefile b/gnuefi/Makefile -index 2a61699..89b560a 100644 ---- a/gnuefi/Makefile -+++ b/gnuefi/Makefile -@@ -54,7 +54,8 @@ TARGETS = crt0-efi-$(ARCH).o libgnuefi.a - - all: $(TARGETS) - --libgnuefi.a: $(patsubst %,libgnuefi.a(%),$(OBJS)) -+libgnuefi.a: $(OBJS) -+ $(AR) $(ARFLAGS) $@ $(OBJS) - - clean: - rm -f $(TARGETS) *~ *.o $(OBJS) diff --git a/lib/Makefile b/lib/Makefile index 0e6410d..048751a 100644 --- a/lib/Makefile diff --git a/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb b/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb new file mode 100644 index 000000000..9954d7f57 --- /dev/null +++ b/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.11.bb @@ -0,0 +1,71 @@ +SUMMARY = "Libraries for producing EFI binaries" +HOMEPAGE = "http://sourceforge.net/projects/gnu-efi/" +SECTION = "devel" +LICENSE = "GPLv2+ | BSD-2-Clause" +LIC_FILES_CHKSUM = "file://gnuefi/crt0-efi-arm.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \ + file://gnuefi/crt0-efi-aarch64.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \ + file://inc/efishellintf.h;beginline=13;endline=20;md5=202766b79d708eff3cc70fce15fb80c7 \ + file://inc/efishellparm.h;beginline=4;endline=11;md5=468b1231b05bbc84bae3a0d5774e3bb5 \ + file://lib/arm/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ + file://lib/arm/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ + file://lib/aarch64/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ + file://lib/aarch64/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ + " + +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \ + file://parallel-make-archives.patch \ + file://lib-Makefile-fix-parallel-issue.patch \ + file://gnu-efi-3.0.9-fix-clang-build.patch \ + " + +SRC_URI[md5sum] = "21148bbcccec385a9bfdf5f678959577" +SRC_URI[sha256sum] = "f28da792a2532e91e18e0101468811739a22cde9eee5eacfd0efb9bf3a61d6b9" + +COMPATIBLE_HOST = "(x86_64.*|i.86.*|aarch64.*|arm.*)-linux" +COMPATIBLE_HOST_armv4 = 'null' + +do_configure_linux-gnux32_prepend() { + cp ${STAGING_INCDIR}/gnu/stubs-x32.h ${STAGING_INCDIR}/gnu/stubs-64.h + cp ${STAGING_INCDIR}/bits/long-double-32.h ${STAGING_INCDIR}/bits/long-double-64.h +} + +def gnu_efi_arch(d): + import re + tarch = d.getVar("TARGET_ARCH") + if re.match("i[3456789]86", tarch): + return "ia32" + return tarch + +EXTRA_OEMAKE = "'ARCH=${@gnu_efi_arch(d)}' 'CC=${CC}' 'AS=${AS}' 'LD=${LD}' 'AR=${AR}' \ + 'RANLIB=${RANLIB}' 'OBJCOPY=${OBJCOPY}' 'PREFIX=${prefix}' 'LIBDIR=${libdir}' \ + " + +# gnu-efi's Makefile treats prefix as toolchain prefix, so don't +# export it. +prefix[unexport] = "1" + +do_install() { + oe_runmake install INSTALLROOT="${D}" +} + +FILES_${PN} += "${libdir}/*.lds" + +# 64-bit binaries are expected for EFI when targeting X32 +INSANE_SKIP_${PN}-dev_append_linux-gnux32 = " arch" +INSANE_SKIP_${PN}-dev_append_linux-muslx32 = " arch" + +BBCLASSEXTEND = "native" + +# It doesn't support sse, its make.defaults sets: +# CFLAGS += -mno-mmx -mno-sse +# So also remove -mfpmath=sse from TUNE_CCARGS +TUNE_CCARGS_remove = "-mfpmath=sse" + +python () { + ccargs = d.getVar('TUNE_CCARGS').split() + if '-mx32' in ccargs: + # use x86_64 EFI ABI + ccargs.remove('-mx32') + ccargs.append('-m64') + d.setVar('TUNE_CCARGS', ' '.join(ccargs)) +} diff --git a/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.9.bb b/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.9.bb deleted file mode 100644 index 6d4c30335..000000000 --- a/poky/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.9.bb +++ /dev/null @@ -1,71 +0,0 @@ -SUMMARY = "Libraries for producing EFI binaries" -HOMEPAGE = "http://sourceforge.net/projects/gnu-efi/" -SECTION = "devel" -LICENSE = "GPLv2+ | BSD-2-Clause" -LIC_FILES_CHKSUM = "file://gnuefi/crt0-efi-arm.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \ - file://gnuefi/crt0-efi-aarch64.S;beginline=4;endline=16;md5=e582764a4776e60c95bf9ab617343d36 \ - file://inc/efishellintf.h;beginline=13;endline=20;md5=202766b79d708eff3cc70fce15fb80c7 \ - file://inc/efishellparm.h;beginline=4;endline=11;md5=468b1231b05bbc84bae3a0d5774e3bb5 \ - file://lib/arm/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ - file://lib/arm/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ - file://lib/aarch64/math.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ - file://lib/aarch64/initplat.c;beginline=2;endline=15;md5=8ed772501da77b2b3345aa6df8744c9e \ - " - -SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \ - file://parallel-make-archives.patch \ - file://lib-Makefile-fix-parallel-issue.patch \ - file://gnu-efi-3.0.9-fix-clang-build.patch \ - " - -SRC_URI[md5sum] = "32af17b917545a693e549af2439c4a99" -SRC_URI[sha256sum] = "6715ea7eae1c7e4fc5041034bd3f107ec2911962ed284a081e491646b12277f0" - -COMPATIBLE_HOST = "(x86_64.*|i.86.*|aarch64.*|arm.*)-linux" -COMPATIBLE_HOST_armv4 = 'null' - -do_configure_linux-gnux32_prepend() { - cp ${STAGING_INCDIR}/gnu/stubs-x32.h ${STAGING_INCDIR}/gnu/stubs-64.h - cp ${STAGING_INCDIR}/bits/long-double-32.h ${STAGING_INCDIR}/bits/long-double-64.h -} - -def gnu_efi_arch(d): - import re - tarch = d.getVar("TARGET_ARCH") - if re.match("i[3456789]86", tarch): - return "ia32" - return tarch - -EXTRA_OEMAKE = "'ARCH=${@gnu_efi_arch(d)}' 'CC=${CC}' 'AS=${AS}' 'LD=${LD}' 'AR=${AR}' \ - 'RANLIB=${RANLIB}' 'OBJCOPY=${OBJCOPY}' 'PREFIX=${prefix}' 'LIBDIR=${libdir}' \ - " - -# gnu-efi's Makefile treats prefix as toolchain prefix, so don't -# export it. -prefix[unexport] = "1" - -do_install() { - oe_runmake install INSTALLROOT="${D}" -} - -FILES_${PN} += "${libdir}/*.lds" - -# 64-bit binaries are expected for EFI when targeting X32 -INSANE_SKIP_${PN}-dev_append_linux-gnux32 = " arch" -INSANE_SKIP_${PN}-dev_append_linux-muslx32 = " arch" - -BBCLASSEXTEND = "native" - -# It doesn't support sse, its make.defaults sets: -# CFLAGS += -mno-mmx -mno-sse -# So also remove -mfpmath=sse from TUNE_CCARGS -TUNE_CCARGS_remove = "-mfpmath=sse" - -python () { - ccargs = d.getVar('TUNE_CCARGS').split() - if '-mx32' in ccargs: - # use x86_64 EFI ABI - ccargs.remove('-mx32') - ccargs.append('-m64') - d.setVar('TUNE_CCARGS', ' '.join(ccargs)) -} diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb b/poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb deleted file mode 100644 index b03043668..000000000 --- a/poky/meta/recipes-bsp/opensbi/opensbi_0.4.bb +++ /dev/null @@ -1,53 +0,0 @@ -SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)" -DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration." -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5" -DEPENDS += "dtc-native" - -require opensbi-payloads.inc - -inherit autotools-brokensep deploy - -SRCREV = "ce228ee0919deb9957192d723eecc8aaae2697c6" -SRC_URI = "git://github.com/riscv/opensbi.git \ - file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ - " - -S = "${WORKDIR}/git" - -SRC_URI[md5sum] = "621f38d8205ef5fb185e4055025e73df" -SRC_URI[sha256sum] = "07f18b73abf3b85aabe5bead19a923716c100d30eb58033459f39c3a224be300" - -EXTRA_OEMAKE += "PLATFORM=${RISCV_SBI_PLAT} I=${D}" -# If RISCV_SBI_PAYLOAD is set then include it as a payload -EXTRA_OEMAKE_append = " ${@riscv_get_extra_oemake_image(d)} ${@riscv_get_extra_oemake_fdt(d)}" - -# Required if specifying a custom payload -do_compile[depends] += "${@riscv_get_do_compile_depends(d)}" - -do_install_append() { - # In the future these might be required as a dependency for other packages. - # At the moment just delete them to avoid warnings - rm -r ${D}/include - rm -r ${D}/platform/${RISCV_SBI_PLAT}/lib - rm -r ${D}/platform/${RISCV_SBI_PLAT}/firmware/payloads - rm -r ${D}/lib -} - -do_deploy () { - install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.* ${DEPLOYDIR}/ - install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.* ${DEPLOYDIR}/ - install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.* ${DEPLOYDIR}/ -} - -addtask deploy before do_build after do_install - -FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.*" -FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.*" -FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.*" - - -COMPATIBLE_HOST = "(riscv64|riscv32).*" -INHIBIT_PACKAGE_STRIP = "1" - -SECURITY_CFLAGS = "" diff --git a/poky/meta/recipes-bsp/opensbi/opensbi_0.5.bb b/poky/meta/recipes-bsp/opensbi/opensbi_0.5.bb new file mode 100644 index 000000000..759bbbfda --- /dev/null +++ b/poky/meta/recipes-bsp/opensbi/opensbi_0.5.bb @@ -0,0 +1,53 @@ +SUMMARY = "RISC-V Open Source Supervisor Binary Interface (OpenSBI)" +DESCRIPTION = "OpenSBI aims to provide an open-source and extensible implementation of the RISC-V SBI specification for a platform specific firmware (M-mode) and a general purpose OS, hypervisor or bootloader (S-mode or HS-mode). OpenSBI implementation can be easily extended by RISC-V platform or System-on-Chip vendors to fit a particular hadware configuration." +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://COPYING.BSD;md5=42dd9555eb177f35150cf9aa240b61e5" +DEPENDS += "dtc-native" + +require opensbi-payloads.inc + +inherit autotools-brokensep deploy + +SRCREV = "be92da280d87c38a2e0adc5d3f43bab7b5468f09" +SRC_URI = "git://github.com/riscv/opensbi.git \ + file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ + " + +S = "${WORKDIR}/git" + +SRC_URI[md5sum] = "621f38d8205ef5fb185e4055025e73df" +SRC_URI[sha256sum] = "07f18b73abf3b85aabe5bead19a923716c100d30eb58033459f39c3a224be300" + +EXTRA_OEMAKE += "PLATFORM=${RISCV_SBI_PLAT} I=${D}" +# If RISCV_SBI_PAYLOAD is set then include it as a payload +EXTRA_OEMAKE_append = " ${@riscv_get_extra_oemake_image(d)} ${@riscv_get_extra_oemake_fdt(d)}" + +# Required if specifying a custom payload +do_compile[depends] += "${@riscv_get_do_compile_depends(d)}" + +do_install_append() { + # In the future these might be required as a dependency for other packages. + # At the moment just delete them to avoid warnings + rm -r ${D}/include + rm -r ${D}/platform/${RISCV_SBI_PLAT}/lib + rm -r ${D}/platform/${RISCV_SBI_PLAT}/firmware/payloads + rm -r ${D}/lib +} + +do_deploy () { + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.* ${DEPLOYDIR}/ + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.* ${DEPLOYDIR}/ + install -m 755 ${D}/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.* ${DEPLOYDIR}/ +} + +addtask deploy before do_build after do_install + +FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_jump.*" +FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_payload.*" +FILES_${PN} += "/platform/${RISCV_SBI_PLAT}/firmware/fw_dynamic.*" + + +COMPATIBLE_HOST = "(riscv64|riscv32).*" +INHIBIT_PACKAGE_STRIP = "1" + +SECURITY_CFLAGS = "" diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch b/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch deleted file mode 100644 index 1a5d1eb99..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0001-CVE-2019-13103.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 39a759494f734c4cdc3e2b919671bfb3134b41ae Mon Sep 17 00:00:00 2001 -From: Paul Emge -Date: Mon, 8 Jul 2019 16:37:03 -0700 -Subject: [PATCH 1/9] CVE-2019-13103: disk: stop infinite recursion in DOS - Partitions - -part_get_info_extended and print_partition_extended can recurse infinitely -while parsing a self-referential filesystem or one with a silly number of -extended partitions. This patch adds a limit to the number of recursive -partitions. - -Signed-off-by: Paul Emge - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=232e2f4fd9a24bf08215ddc8c53ccadffc841fb5] - -CVE: CVE-2019-13103 - -Signed-off-by: Meng Li ---- - disk/part_dos.c | 18 ++++++++++++++++++ - 1 file changed, 18 insertions(+) - -diff --git a/disk/part_dos.c b/disk/part_dos.c -index 936cee0d36..aae9d95906 100644 ---- a/disk/part_dos.c -+++ b/disk/part_dos.c -@@ -23,6 +23,10 @@ - - #define DOS_PART_DEFAULT_SECTOR 512 - -+/* should this be configurable? It looks like it's not very common at all -+ * to use large numbers of partitions */ -+#define MAX_EXT_PARTS 256 -+ - /* Convert char[4] in little endian format to the host format integer - */ - static inline unsigned int le32_to_int(unsigned char *le32) -@@ -126,6 +130,13 @@ static void print_partition_extended(struct blk_desc *dev_desc, - dos_partition_t *pt; - int i; - -+ /* set a maximum recursion level */ -+ if (part_num > MAX_EXT_PARTS) -+ { -+ printf("** Nested DOS partitions detected, stopping **\n"); -+ return; -+ } -+ - if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) { - printf ("** Can't read partition table on %d:" LBAFU " **\n", - dev_desc->devnum, ext_part_sector); -@@ -191,6 +202,13 @@ static int part_get_info_extended(struct blk_desc *dev_desc, - int i; - int dos_type; - -+ /* set a maximum recursion level */ -+ if (part_num > MAX_EXT_PARTS) -+ { -+ printf("** Nested DOS partitions detected, stopping **\n"); -+ return -1; -+ } -+ - if (blk_dread(dev_desc, ext_part_sector, 1, (ulong *)buffer) != 1) { - printf ("** Can't read partition table on %d:" LBAFU " **\n", - dev_desc->devnum, ext_part_sector); --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0001-include-env.h-Ensure-ulong-is-defined.patch b/poky/meta/recipes-bsp/u-boot/files/0001-include-env.h-Ensure-ulong-is-defined.patch new file mode 100644 index 000000000..b9118164d --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0001-include-env.h-Ensure-ulong-is-defined.patch @@ -0,0 +1,31 @@ +From 0565a080d153d5baaaacfeb5045a832e126f4f9e Mon Sep 17 00:00:00 2001 +From: Alistair Francis +Date: Mon, 14 Oct 2019 17:37:30 -0700 +Subject: [PATCH] include/env.h: Ensure ulong is defined + +To fix these failures when building with musl: + include/env.h:166:1: error: unknown type name 'ulong'; did you mean 'long'? +ensure that ulong is defined. + +Upstream-Status: Pending +Signed-off-by: Alistair Francis +--- + include/env.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/include/env.h b/include/env.h +index b72239f6a5..5ca49a3456 100644 +--- a/include/env.h ++++ b/include/env.h +@@ -13,6 +13,8 @@ + #include + #include + ++typedef unsigned long ulong; ++ + struct environment_s; + + /* Value for environment validity */ +-- +2.23.0 + diff --git a/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch b/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch deleted file mode 100644 index de122b27d..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 1d36545e43003f4b1bb3a303a3b468abd482fa2f Mon Sep 17 00:00:00 2001 -From: Paul Emge -Date: Mon, 8 Jul 2019 16:37:05 -0700 -Subject: [PATCH 2/9] CVE-2019-13104: ext4: check for underflow in - ext4fs_read_file - -in ext4fs_read_file, it is possible for a broken/malicious file -system to cause a memcpy of a negative number of bytes, which -overflows all memory. This patch fixes the issue by checking for -a negative length. - -Signed-off-by: Paul Emge - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=878269dbe74229005dd7f27aca66c554e31dad8e] - -CVE: CVE-2019-13104 - -Signed-off-by: Meng Li ---- - fs/ext4/ext4fs.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c -index 26db677a1f..c8c8655ed8 100644 ---- a/fs/ext4/ext4fs.c -+++ b/fs/ext4/ext4fs.c -@@ -66,13 +66,15 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, - - ext_cache_init(&cache); - -- if (blocksize <= 0) -- return -1; -- - /* Adjust len so it we can't read past the end of the file. */ - if (len + pos > filesize) - len = (filesize - pos); - -+ if (blocksize <= 0 || len <= 0) { -+ ext_cache_fini(&cache); -+ return -1; -+ } -+ - blockcnt = lldiv(((len + pos) + blocksize - 1), blocksize); - - for (i = lldiv(pos, blocksize); i < blockcnt; i++) { --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch b/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch deleted file mode 100644 index f525147e5..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0003-CVE-2019-13105.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 4e937d0de669ee69cf41c20494cbf66c339c3174 Mon Sep 17 00:00:00 2001 -From: Paul Emge -Date: Mon, 8 Jul 2019 16:37:04 -0700 -Subject: [PATCH 3/9] CVE-2019-13105: ext4: fix double-free in ext4_cache_read - -ext_cache_read doesn't null cache->buf, after freeing, which results -in a later function double-freeing it. This patch fixes -ext_cache_read to call ext_cache_fini instead of free. - -Signed-off-by: Paul Emge - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=6e5a79de658cb1c8012c86e0837379aa6eabd024] - -CVE: CVE-2019-13105 - -Signed-off-by: Meng Li ---- - fs/ext4/ext4fs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c -index c8c8655ed8..e2b740cac4 100644 ---- a/fs/ext4/ext4fs.c -+++ b/fs/ext4/ext4fs.c -@@ -288,7 +288,7 @@ int ext_cache_read(struct ext_block_cache *cache, lbaint_t block, int size) - if (!cache->buf) - return 0; - if (!ext4fs_devread(block, 0, size, cache->buf)) { -- free(cache->buf); -+ ext_cache_fini(cache); - return 0; - } - cache->block = block; --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch b/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch deleted file mode 100644 index 8e1a1a994..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 1307dabf5422372483f840dda3963f9dbd2e8e6f Mon Sep 17 00:00:00 2001 -From: Paul Emge -Date: Mon, 8 Jul 2019 16:37:07 -0700 -Subject: [PATCH 4/9] CVE-2019-13106: ext4: fix out-of-bounds memset - -In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of -the destination memory region. This patch adds a check to disallow -this. - -Signed-off-by: Paul Emge - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=e205896c5383c938274262524adceb2775fb03ba] - -CVE: CVE-2019-13106 - -Signed-off-by: Meng Li ---- - fs/ext4/ext4fs.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c -index e2b740cac4..37b31d9f0f 100644 ---- a/fs/ext4/ext4fs.c -+++ b/fs/ext4/ext4fs.c -@@ -61,6 +61,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, - lbaint_t delayed_skipfirst = 0; - lbaint_t delayed_next = 0; - char *delayed_buf = NULL; -+ char *start_buf = buf; - short status; - struct ext_block_cache cache; - -@@ -139,6 +140,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, - } - } else { - int n; -+ int n_left; - if (previous_block_number != -1) { - /* spill */ - status = ext4fs_devread(delayed_start, -@@ -153,8 +155,9 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, - } - /* Zero no more than `len' bytes. */ - n = blocksize - skipfirst; -- if (n > len) -- n = len; -+ n_left = len - ( buf - start_buf ); -+ if (n > n_left) -+ n = n_left; - memset(buf, 0, n); - } - buf += blocksize - skipfirst; --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch b/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch deleted file mode 100644 index a19545a2d..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0005-CVE-2019-14192-14193-14199.patch +++ /dev/null @@ -1,43 +0,0 @@ -From e8e602f4a4b2aacfb3da32bb8a838be15ea70e7b Mon Sep 17 00:00:00 2001 -From: "liucheng (G)" -Date: Thu, 29 Aug 2019 13:47:33 +0000 -Subject: [PATCH 5/9] CVE: net: fix unbounded memcpy of UDP packet -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch adds a check to udp_len to fix unbounded memcpy for -CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199. - -Signed-off-by: Cheng Liu -Reviewed-by: Simon Goldschmidt -Reported-by: Fermín Serna -Acked-by: Joe Hershberger - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=fe7288069d2e6659117049f7d27e261b550bb725] - -CVE: CVE-2019-14192, CVE-2019-14193 and CVE-2019-14199 - -Signed-off-by: Meng Li ---- - net/net.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/net/net.c b/net/net.c -index 58b0417cbe..38105f1142 100644 ---- a/net/net.c -+++ b/net/net.c -@@ -1252,6 +1252,9 @@ void net_process_received_packet(uchar *in_packet, int len) - return; - } - -+ if (ntohs(ip->udp_len) < UDP_HDR_SIZE || ntohs(ip->udp_len) > ntohs(ip->ip_len)) -+ return; -+ - debug_cond(DEBUG_DEV_PKT, - "received UDP (to=%pI4, from=%pI4, len=%d)\n", - &dst_ip, &src_ip, len); --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch b/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch deleted file mode 100644 index 04a09e46d..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001 -From: "liucheng (G)" -Date: Thu, 29 Aug 2019 13:47:40 +0000 -Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some - nfs_handler reply helper functions -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197, -CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204. - -Signed-off-by: Cheng Liu -Reported-by: Fermín Serna -Acked-by: Joe Hershberger - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21] - -CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, - CVE-2019-14203 and CVE-2019-14204 - -Signed-off-by: Meng Li ---- - net/nfs.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/net/nfs.c b/net/nfs.c -index d6a7f8e827..b7cf3b3a18 100644 ---- a/net/nfs.c -+++ b/net/nfs.c -@@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip, - - debug("%s\n", __func__); - -+ if (len > sizeof(struct rpc_t)) -+ return; -+ - if (dest != nfs_our_port) - return; - --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch b/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch deleted file mode 100644 index b3e3b72eb..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0007-CVE-2019-14194-14198.patch +++ /dev/null @@ -1,42 +0,0 @@ -From fb6dc193bf2685b7574b218f7ca558aa54659e11 Mon Sep 17 00:00:00 2001 -From: "liucheng (G)" -Date: Thu, 29 Aug 2019 13:47:48 +0000 -Subject: [PATCH 7/9] CVE-2019-14194/CVE-2019-14198: nfs: fix unbounded memcpy - with a failed length check at nfs_read_reply -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch adds a check to rpc_pkt.u.reply.data at nfs_read_reply. - -Signed-off-by: Cheng Liu -Reported-by: Fermín Serna -Acked-by: Joe Hershberger - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=aa207cf3a6d68f39d64cd29057a4fb63943e9078] - -CVE: CVE-2019-14194 and CVE-2019-14198 - -Signed-off-by: Meng Li ---- - net/nfs.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/net/nfs.c b/net/nfs.c -index b7cf3b3a18..11941fad1a 100644 ---- a/net/nfs.c -+++ b/net/nfs.c -@@ -701,6 +701,9 @@ static int nfs_read_reply(uchar *pkt, unsigned len) - &(rpc_pkt.u.reply.data[4 + nfsv3_data_offset]); - } - -+ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len) -+ return -9999; -+ - if (store_block(data_ptr, nfs_offset, rlen)) - return -9999; - --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch b/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch deleted file mode 100644 index bf9fb0ef5..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0008-CVE-2019-14195.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 2236973b8a173ff54ae1ebf8ec2300928e69bd1b Mon Sep 17 00:00:00 2001 -From: "liucheng (G)" -Date: Thu, 29 Aug 2019 13:47:54 +0000 -Subject: [PATCH 8/9] CVE-2019-14195: nfs: fix unbounded memcpy with - unvalidated length at nfs_readlink_reply -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch adds a check to rpc_pkt.u.reply.data at nfs_readlink_reply. - -Signed-off-by: Cheng Liu -Reported-by: Fermín Serna -Acked-by: Joe Hershberger - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=cf3a4f1e86ecdd24f87b615051b49d8e1968c230] - -CVE: CVE-2019-14195 - -Signed-off-by: Meng Li ---- - net/nfs.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/net/nfs.c b/net/nfs.c -index 11941fad1a..915acd95cf 100644 ---- a/net/nfs.c -+++ b/net/nfs.c -@@ -634,6 +634,9 @@ static int nfs_readlink_reply(uchar *pkt, unsigned len) - /* new path length */ - rlen = ntohl(rpc_pkt.u.reply.data[1 + nfsv3_data_offset]); - -+ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + rlen) > len) -+ return -NFS_RPC_DROP; -+ - if (*((char *)&(rpc_pkt.u.reply.data[2 + nfsv3_data_offset])) != '/') { - int pathlen; - --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch b/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch deleted file mode 100644 index f06e02529..000000000 --- a/poky/meta/recipes-bsp/u-boot/files/0009-CVE-2019-14196.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 74c468caa95c86cdb12c4b8073e154c435ac0bf7 Mon Sep 17 00:00:00 2001 -From: "liucheng (G)" -Date: Thu, 29 Aug 2019 13:48:02 +0000 -Subject: [PATCH 9/9] CVE-2019-14196: nfs: fix unbounded memcpy with a failed - length check at nfs_lookup_reply -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This patch adds a check to rpc_pkt.u.reply.data at nfs_lookup_reply. - -Signed-off-by: Cheng Liu -Reported-by: Fermín Serna -Acked-by: Joe Hershberger - -Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; - h=5d14ee4e53a81055d34ba280cb8fd90330f22a96] - -CVE: CVE-2019-14196 - -Signed-off-by: Meng Li ---- - net/nfs.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/net/nfs.c b/net/nfs.c -index 915acd95cf..89952aeb66 100644 ---- a/net/nfs.c -+++ b/net/nfs.c -@@ -566,11 +566,15 @@ static int nfs_lookup_reply(uchar *pkt, unsigned len) - } - - if (supported_nfs_versions & NFSV2_FLAG) { -+ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + NFS_FHSIZE) > len) -+ return -NFS_RPC_DROP; - memcpy(filefh, rpc_pkt.u.reply.data + 1, NFS_FHSIZE); - } else { /* NFSV3_FLAG */ - filefh3_length = ntohl(rpc_pkt.u.reply.data[1]); - if (filefh3_length > NFS3_FHSIZE) - filefh3_length = NFS3_FHSIZE; -+ if (((uchar *)&(rpc_pkt.u.reply.data[0]) - (uchar *)(&rpc_pkt) + filefh3_length) > len) -+ return -NFS_RPC_DROP; - memcpy(filefh, rpc_pkt.u.reply.data + 2, filefh3_length); - } - --- -2.17.1 - diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc index f63dfa3b7..c3e458e92 100644 --- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -12,18 +12,9 @@ PE = "1" # We use the revision in order to avoid having to fetch it from the # repo during parse -SRCREV = "e5aee22e4be75e75a854ab64503fc80598bc2004" +SRCREV = "61ba1244b548463dbfb3c5285b6b22e7c772c5bd" SRC_URI = "git://git.denx.de/u-boot.git \ - file://0001-CVE-2019-13103.patch \ - file://0002-CVE-2019-13104.patch \ - file://0003-CVE-2019-13105.patch \ - file://0004-CVE-2019-13106.patch \ - file://0005-CVE-2019-14192-14193-14199.patch \ - file://0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch \ - file://0007-CVE-2019-14194-14198.patch \ - file://0008-CVE-2019-14195.patch \ - file://0009-CVE-2019-14196.patch \ -" + " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb b/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb deleted file mode 100644 index b5ce56847..000000000 --- a/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.07.bb +++ /dev/null @@ -1,34 +0,0 @@ -require u-boot-common.inc - -SUMMARY = "U-Boot bootloader fw_printenv/setenv utilities" -DEPENDS += "mtd-utils" - -INSANE_SKIP_${PN} = "already-stripped" -EXTRA_OEMAKE_class-target = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" V=1' -EXTRA_OEMAKE_class-cross = 'HOSTCC="${CC} ${CFLAGS} ${LDFLAGS}" V=1' - -inherit uboot-config - -do_compile () { - oe_runmake ${UBOOT_MACHINE} - oe_runmake envtools -} - -do_install () { - install -d ${D}${base_sbindir} - install -d ${D}${sysconfdir} - install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_printenv - install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_setenv - install -m 0644 ${S}/tools/env/fw_env.config ${D}${sysconfdir}/fw_env.config -} - -do_install_class-cross () { - install -d ${D}${bindir_cross} - install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_printenv - install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_setenv -} - -SYSROOT_DIRS_append_class-cross = " ${bindir_cross}" - -PACKAGE_ARCH = "${MACHINE_ARCH}" -BBCLASSEXTEND = "cross" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.10.bb b/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.10.bb new file mode 100644 index 000000000..04321b7b6 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/u-boot-fw-utils_2019.10.bb @@ -0,0 +1,36 @@ +require u-boot-common.inc + +SUMMARY = "U-Boot bootloader fw_printenv/setenv utilities" +DEPENDS += "mtd-utils" + +SRC_URI += "file://0001-include-env.h-Ensure-ulong-is-defined.patch" + +INSANE_SKIP_${PN} = "already-stripped" +EXTRA_OEMAKE_class-target = 'CROSS_COMPILE=${TARGET_PREFIX} CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" V=1' +EXTRA_OEMAKE_class-cross = 'HOSTCC="${CC} ${CFLAGS} ${LDFLAGS}" V=1' + +inherit uboot-config + +do_compile () { + oe_runmake ${UBOOT_MACHINE} + oe_runmake envtools +} + +do_install () { + install -d ${D}${base_sbindir} + install -d ${D}${sysconfdir} + install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_printenv + install -m 755 ${S}/tools/env/fw_printenv ${D}${base_sbindir}/fw_setenv + install -m 0644 ${S}/tools/env/fw_env.config ${D}${sysconfdir}/fw_env.config +} + +do_install_class-cross () { + install -d ${D}${bindir_cross} + install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_printenv + install -m 755 ${S}/tools/env/fw_printenv ${D}${bindir_cross}/fw_setenv +} + +SYSROOT_DIRS_append_class-cross = " ${bindir_cross}" + +PACKAGE_ARCH = "${MACHINE_ARCH}" +BBCLASSEXTEND = "cross" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb deleted file mode 100644 index bede984ef..000000000 --- a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.07.bb +++ /dev/null @@ -1,67 +0,0 @@ -require u-boot-common.inc - -SUMMARY = "U-Boot bootloader tools" -DEPENDS += "openssl" - -PROVIDES = "${MLPREFIX}u-boot-mkimage ${MLPREFIX}u-boot-mkenvimage" -PROVIDES_class-native = "u-boot-mkimage-native u-boot-mkenvimage-native" - -PACKAGES += "${PN}-mkimage ${PN}-mkenvimage" - -# Required for backward compatibility with "u-boot-mkimage-xxx.bb" -RPROVIDES_${PN}-mkimage = "u-boot-mkimage" -RREPLACES_${PN}-mkimage = "u-boot-mkimage" -RCONFLICTS_${PN}-mkimage = "u-boot-mkimage" - -EXTRA_OEMAKE_class-target = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' -EXTRA_OEMAKE_class-native = 'CC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' -EXTRA_OEMAKE_class-nativesdk = 'CROSS_COMPILE="${HOST_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' - -SED_CONFIG_EFI = '-e "s/CONFIG_EFI_LOADER=.*/# CONFIG_EFI_LOADER is not set/"' -SED_CONFIG_EFI_x86 = '' -SED_CONFIG_EFI_x86-64 = '' -SED_CONFIG_EFI_arm = '' -SED_CONFIG_EFI_armeb = '' -SED_CONFIG_EFI_aarch64 = '' - -do_compile () { - oe_runmake sandbox_defconfig - - # Disable CONFIG_CMD_LICENSE, license.h is not used by tools and - # generating it requires bin2header tool, which for target build - # is built with target tools and thus cannot be executed on host. - sed -i -e "s/CONFIG_CMD_LICENSE=.*/# CONFIG_CMD_LICENSE is not set/" ${SED_CONFIG_EFI} .config - - oe_runmake cross_tools NO_SDL=1 -} - -do_install () { - install -d ${D}${bindir} - - # mkimage - install -m 0755 tools/mkimage ${D}${bindir}/uboot-mkimage - ln -sf uboot-mkimage ${D}${bindir}/mkimage - - # mkenvimage - install -m 0755 tools/mkenvimage ${D}${bindir}/uboot-mkenvimage - ln -sf uboot-mkenvimage ${D}${bindir}/mkenvimage - - # dumpimage - install -m 0755 tools/dumpimage ${D}${bindir}/uboot-dumpimage - ln -sf uboot-dumpimage ${D}${bindir}/dumpimage - - # fit_check_sign - install -m 0755 tools/fit_check_sign ${D}${bindir}/uboot-fit_check_sign - ln -sf uboot-fit_check_sign ${D}${bindir}/fit_check_sign -} - -ALLOW_EMPTY_${PN} = "1" -FILES_${PN} = "" -FILES_${PN}-mkimage = "${bindir}/uboot-mkimage ${bindir}/mkimage ${bindir}/uboot-dumpimage ${bindir}/dumpimage ${bindir}/uboot-fit_check_sign ${bindir}/fit_check_sign" -FILES_${PN}-mkenvimage = "${bindir}/uboot-mkenvimage ${bindir}/mkenvimage" - -RDEPENDS_${PN}-mkimage += "dtc" -RDEPENDS_${PN} += "${PN}-mkimage ${PN}-mkenvimage" -RDEPENDS_${PN}_class-native = "" - -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.10.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.10.bb new file mode 100644 index 000000000..bede984ef --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2019.10.bb @@ -0,0 +1,67 @@ +require u-boot-common.inc + +SUMMARY = "U-Boot bootloader tools" +DEPENDS += "openssl" + +PROVIDES = "${MLPREFIX}u-boot-mkimage ${MLPREFIX}u-boot-mkenvimage" +PROVIDES_class-native = "u-boot-mkimage-native u-boot-mkenvimage-native" + +PACKAGES += "${PN}-mkimage ${PN}-mkenvimage" + +# Required for backward compatibility with "u-boot-mkimage-xxx.bb" +RPROVIDES_${PN}-mkimage = "u-boot-mkimage" +RREPLACES_${PN}-mkimage = "u-boot-mkimage" +RCONFLICTS_${PN}-mkimage = "u-boot-mkimage" + +EXTRA_OEMAKE_class-target = 'CROSS_COMPILE="${TARGET_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' +EXTRA_OEMAKE_class-native = 'CC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' +EXTRA_OEMAKE_class-nativesdk = 'CROSS_COMPILE="${HOST_PREFIX}" CC="${CC} ${CFLAGS} ${LDFLAGS}" HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" STRIP=true V=1' + +SED_CONFIG_EFI = '-e "s/CONFIG_EFI_LOADER=.*/# CONFIG_EFI_LOADER is not set/"' +SED_CONFIG_EFI_x86 = '' +SED_CONFIG_EFI_x86-64 = '' +SED_CONFIG_EFI_arm = '' +SED_CONFIG_EFI_armeb = '' +SED_CONFIG_EFI_aarch64 = '' + +do_compile () { + oe_runmake sandbox_defconfig + + # Disable CONFIG_CMD_LICENSE, license.h is not used by tools and + # generating it requires bin2header tool, which for target build + # is built with target tools and thus cannot be executed on host. + sed -i -e "s/CONFIG_CMD_LICENSE=.*/# CONFIG_CMD_LICENSE is not set/" ${SED_CONFIG_EFI} .config + + oe_runmake cross_tools NO_SDL=1 +} + +do_install () { + install -d ${D}${bindir} + + # mkimage + install -m 0755 tools/mkimage ${D}${bindir}/uboot-mkimage + ln -sf uboot-mkimage ${D}${bindir}/mkimage + + # mkenvimage + install -m 0755 tools/mkenvimage ${D}${bindir}/uboot-mkenvimage + ln -sf uboot-mkenvimage ${D}${bindir}/mkenvimage + + # dumpimage + install -m 0755 tools/dumpimage ${D}${bindir}/uboot-dumpimage + ln -sf uboot-dumpimage ${D}${bindir}/dumpimage + + # fit_check_sign + install -m 0755 tools/fit_check_sign ${D}${bindir}/uboot-fit_check_sign + ln -sf uboot-fit_check_sign ${D}${bindir}/fit_check_sign +} + +ALLOW_EMPTY_${PN} = "1" +FILES_${PN} = "" +FILES_${PN}-mkimage = "${bindir}/uboot-mkimage ${bindir}/mkimage ${bindir}/uboot-dumpimage ${bindir}/dumpimage ${bindir}/uboot-fit_check_sign ${bindir}/fit_check_sign" +FILES_${PN}-mkenvimage = "${bindir}/uboot-mkenvimage ${bindir}/mkenvimage" + +RDEPENDS_${PN}-mkimage += "dtc" +RDEPENDS_${PN} += "${PN}-mkimage ${PN}-mkenvimage" +RDEPENDS_${PN}_class-native = "" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb deleted file mode 100644 index 02d67c0db..000000000 --- a/poky/meta/recipes-bsp/u-boot/u-boot_2019.07.bb +++ /dev/null @@ -1,4 +0,0 @@ -require u-boot-common.inc -require u-boot.inc - -DEPENDS += "bc-native dtc-native" diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2019.10.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2019.10.bb new file mode 100644 index 000000000..02d67c0db --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/u-boot_2019.10.bb @@ -0,0 +1,4 @@ +require u-boot-common.inc +require u-boot.inc + +DEPENDS += "bc-native dtc-native" diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch b/poky/meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch new file mode 100644 index 000000000..2fed99e1b --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0001-bind-fix-CVE-2019-6471.patch @@ -0,0 +1,64 @@ +Backport patch to fix CVE-2019-6471. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2019-6471 + +CVE: CVE-2019-6471 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/3a9c7bb] + +Signed-off-by: Kai Kang + +From 3a9c7bb80d4a609b86427406d9dd783199920b5b Mon Sep 17 00:00:00 2001 +From: Mark Andrews +Date: Tue, 19 Mar 2019 14:14:21 +1100 +Subject: [PATCH] move item_out test inside lock in dns_dispatch_getnext() + +(cherry picked from commit 60c42f849d520564ed42e5ed0ba46b4b69c07712) +--- + lib/dns/dispatch.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/lib/dns/dispatch.c b/lib/dns/dispatch.c +index 408beda367..3278db4a07 100644 +--- a/lib/dns/dispatch.c ++++ b/lib/dns/dispatch.c +@@ -134,7 +134,7 @@ struct dns_dispentry { + isc_task_t *task; + isc_taskaction_t action; + void *arg; +- bool item_out; ++ bool item_out; + dispsocket_t *dispsocket; + ISC_LIST(dns_dispatchevent_t) items; + ISC_LINK(dns_dispentry_t) link; +@@ -3422,13 +3422,14 @@ dns_dispatch_getnext(dns_dispentry_t *resp, dns_dispatchevent_t **sockevent) { + disp = resp->disp; + REQUIRE(VALID_DISPATCH(disp)); + +- REQUIRE(resp->item_out == true); +- resp->item_out = false; +- + ev = *sockevent; + *sockevent = NULL; + + LOCK(&disp->lock); ++ ++ REQUIRE(resp->item_out == true); ++ resp->item_out = false; ++ + if (ev->buffer.base != NULL) + free_buffer(disp, ev->buffer.base, ev->buffer.length); + free_devent(disp, ev); +@@ -3573,6 +3574,9 @@ dns_dispatch_removeresponse(dns_dispentry_t **resp, + isc_task_send(disp->task[0], &disp->ctlevent); + } + ++/* ++ * disp must be locked. ++ */ + static void + do_cancel(dns_dispatch_t *disp) { + dns_dispatchevent_t *ev; +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch b/poky/meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch new file mode 100644 index 000000000..48ae125f8 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0001-fix-enforcement-of-tcp-clients-v1.patch @@ -0,0 +1,60 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/ec2d50d] + +Signed-off-by: Kai Kang + +From ec2d50da8d81814640e28593d912f4b96c7efece Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Witold=20Kr=C4=99cicki?= +Date: Thu, 3 Jan 2019 14:17:43 +0100 +Subject: [PATCH 1/6] fix enforcement of tcp-clients (v1) + +tcp-clients settings could be exceeded in some cases by +creating more and more active TCP clients that are over +the set quota limit, which in the end could lead to a +DoS attack by e.g. exhaustion of file descriptors. + +If TCP client we're closing went over the quota (so it's +not attached to a quota) mark it as mortal - so that it +will be destroyed and not set up to listen for new +connections - unless it's the last client for a specific +interface. + +(cherry picked from commit f97131d21b97381cef72b971b157345c1f9b4115) +(cherry picked from commit 9689ffc485df8f971f0ad81ab8ab1f5389493776) +--- + bin/named/client.c | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index d482da7121..0739dd48af 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -421,8 +421,19 @@ exit_check(ns_client_t *client) { + isc_socket_detach(&client->tcpsocket); + } + +- if (client->tcpquota != NULL) ++ if (client->tcpquota != NULL) { + isc_quota_detach(&client->tcpquota); ++ } else { ++ /* ++ * We went over quota with this client, we don't ++ * want to restart listening unless this is the ++ * last client on this interface, which is ++ * checked later. ++ */ ++ if (TCP_CLIENT(client)) { ++ client->mortal = true; ++ } ++ } + + if (client->timerset) { + (void)isc_timer_reset(client->timer, +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch b/poky/meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch new file mode 100644 index 000000000..ca4e8b1a6 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0002-tcp-clients-could-still-be-exceeded-v2.patch @@ -0,0 +1,670 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/719f604] + +Signed-off-by: Kai Kang + +From 719f604e3fad5b7479bd14e2fa0ef4413f0a8fdc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Witold=20Kr=C4=99cicki?= +Date: Fri, 4 Jan 2019 12:50:51 +0100 +Subject: [PATCH 2/6] tcp-clients could still be exceeded (v2) + +the TCP client quota could still be ineffective under some +circumstances. this change: + +- improves quota accounting to ensure that TCP clients are + properly limited, while still guaranteeing that at least one client + is always available to serve TCP connections on each interface. +- uses more descriptive names and removes one (ntcptarget) that + was no longer needed +- adds comments + +(cherry picked from commit 924651f1d5e605cd186d03f4f7340bcc54d77cc2) +(cherry picked from commit 55a7a458e30e47874d34bdf1079eb863a0512396) +--- + bin/named/client.c | 311 ++++++++++++++++++++----- + bin/named/include/named/client.h | 14 +- + bin/named/include/named/interfacemgr.h | 11 +- + bin/named/interfacemgr.c | 8 +- + 4 files changed, 267 insertions(+), 77 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index 0739dd48af..a7b49a0f71 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -246,10 +246,11 @@ static void ns_client_dumpmessage(ns_client_t *client, const char *reason); + static isc_result_t get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, + dns_dispatch_t *disp, bool tcp); + static isc_result_t get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, +- isc_socket_t *sock); ++ isc_socket_t *sock, ns_client_t *oldclient); + static inline bool +-allowed(isc_netaddr_t *addr, dns_name_t *signer, isc_netaddr_t *ecs_addr, +- uint8_t ecs_addrlen, uint8_t *ecs_scope, dns_acl_t *acl); ++allowed(isc_netaddr_t *addr, dns_name_t *signer, ++ isc_netaddr_t *ecs_addr, uint8_t ecs_addrlen, ++ uint8_t *ecs_scope, dns_acl_t *acl) + static void compute_cookie(ns_client_t *client, uint32_t when, + uint32_t nonce, const unsigned char *secret, + isc_buffer_t *buf); +@@ -405,8 +406,11 @@ exit_check(ns_client_t *client) { + */ + INSIST(client->recursionquota == NULL); + INSIST(client->newstate <= NS_CLIENTSTATE_READY); +- if (client->nreads > 0) ++ ++ if (client->nreads > 0) { + dns_tcpmsg_cancelread(&client->tcpmsg); ++ } ++ + if (client->nreads != 0) { + /* Still waiting for read cancel completion. */ + return (true); +@@ -416,25 +420,58 @@ exit_check(ns_client_t *client) { + dns_tcpmsg_invalidate(&client->tcpmsg); + client->tcpmsg_valid = false; + } ++ + if (client->tcpsocket != NULL) { + CTRACE("closetcp"); + isc_socket_detach(&client->tcpsocket); ++ ++ if (client->tcpactive) { ++ LOCK(&client->interface->lock); ++ INSIST(client->interface->ntcpactive > 0); ++ client->interface->ntcpactive--; ++ UNLOCK(&client->interface->lock); ++ client->tcpactive = false; ++ } + } + + if (client->tcpquota != NULL) { +- isc_quota_detach(&client->tcpquota); +- } else { + /* +- * We went over quota with this client, we don't +- * want to restart listening unless this is the +- * last client on this interface, which is +- * checked later. ++ * If we are not in a pipeline group, or ++ * we are the last client in the group, detach from ++ * tcpquota; otherwise, transfer the quota to ++ * another client in the same group. + */ +- if (TCP_CLIENT(client)) { +- client->mortal = true; ++ if (!ISC_LINK_LINKED(client, glink) || ++ (client->glink.next == NULL && ++ client->glink.prev == NULL)) ++ { ++ isc_quota_detach(&client->tcpquota); ++ } else if (client->glink.next != NULL) { ++ INSIST(client->glink.next->tcpquota == NULL); ++ client->glink.next->tcpquota = client->tcpquota; ++ client->tcpquota = NULL; ++ } else { ++ INSIST(client->glink.prev->tcpquota == NULL); ++ client->glink.prev->tcpquota = client->tcpquota; ++ client->tcpquota = NULL; + } + } + ++ /* ++ * Unlink from pipeline group. ++ */ ++ if (ISC_LINK_LINKED(client, glink)) { ++ if (client->glink.next != NULL) { ++ client->glink.next->glink.prev = ++ client->glink.prev; ++ } ++ if (client->glink.prev != NULL) { ++ client->glink.prev->glink.next = ++ client->glink.next; ++ } ++ ISC_LINK_INIT(client, glink); ++ } ++ + if (client->timerset) { + (void)isc_timer_reset(client->timer, + isc_timertype_inactive, +@@ -455,15 +492,16 @@ exit_check(ns_client_t *client) { + * that already. Check whether this client needs to remain + * active and force it to go inactive if not. + * +- * UDP clients go inactive at this point, but TCP clients +- * may remain active if we have fewer active TCP client +- * objects than desired due to an earlier quota exhaustion. ++ * UDP clients go inactive at this point, but a TCP client ++ * will needs to remain active if no other clients are ++ * listening for TCP requests on this interface, to ++ * prevent this interface from going nonresponsive. + */ + if (client->mortal && TCP_CLIENT(client) && !ns_g_clienttest) { + LOCK(&client->interface->lock); +- if (client->interface->ntcpcurrent < +- client->interface->ntcptarget) ++ if (client->interface->ntcpaccepting == 0) { + client->mortal = false; ++ } + UNLOCK(&client->interface->lock); + } + +@@ -472,15 +510,17 @@ exit_check(ns_client_t *client) { + * queue for recycling. + */ + if (client->mortal) { +- if (client->newstate > NS_CLIENTSTATE_INACTIVE) ++ if (client->newstate > NS_CLIENTSTATE_INACTIVE) { + client->newstate = NS_CLIENTSTATE_INACTIVE; ++ } + } + + if (NS_CLIENTSTATE_READY == client->newstate) { + if (TCP_CLIENT(client)) { + client_accept(client); +- } else ++ } else { + client_udprecv(client); ++ } + client->newstate = NS_CLIENTSTATE_MAX; + return (true); + } +@@ -492,41 +532,57 @@ exit_check(ns_client_t *client) { + /* + * We are trying to enter the inactive state. + */ +- if (client->naccepts > 0) ++ if (client->naccepts > 0) { + isc_socket_cancel(client->tcplistener, client->task, + ISC_SOCKCANCEL_ACCEPT); ++ } + + /* Still waiting for accept cancel completion. */ +- if (! (client->naccepts == 0)) ++ if (! (client->naccepts == 0)) { + return (true); ++ } + + /* Accept cancel is complete. */ +- if (client->nrecvs > 0) ++ if (client->nrecvs > 0) { + isc_socket_cancel(client->udpsocket, client->task, + ISC_SOCKCANCEL_RECV); ++ } + + /* Still waiting for recv cancel completion. */ +- if (! (client->nrecvs == 0)) ++ if (! (client->nrecvs == 0)) { + return (true); ++ } + + /* Still waiting for control event to be delivered */ +- if (client->nctls > 0) ++ if (client->nctls > 0) { + return (true); +- +- /* Deactivate the client. */ +- if (client->interface) +- ns_interface_detach(&client->interface); ++ } + + INSIST(client->naccepts == 0); + INSIST(client->recursionquota == NULL); +- if (client->tcplistener != NULL) ++ if (client->tcplistener != NULL) { + isc_socket_detach(&client->tcplistener); + +- if (client->udpsocket != NULL) ++ if (client->tcpactive) { ++ LOCK(&client->interface->lock); ++ INSIST(client->interface->ntcpactive > 0); ++ client->interface->ntcpactive--; ++ UNLOCK(&client->interface->lock); ++ client->tcpactive = false; ++ } ++ } ++ if (client->udpsocket != NULL) { + isc_socket_detach(&client->udpsocket); ++ } + +- if (client->dispatch != NULL) ++ /* Deactivate the client. */ ++ if (client->interface != NULL) { ++ ns_interface_detach(&client->interface); ++ } ++ ++ if (client->dispatch != NULL) { + dns_dispatch_detach(&client->dispatch); ++ } + + client->attributes = 0; + client->mortal = false; +@@ -551,10 +607,13 @@ exit_check(ns_client_t *client) { + client->newstate = NS_CLIENTSTATE_MAX; + if (!ns_g_clienttest && manager != NULL && + !manager->exiting) ++ { + ISC_QUEUE_PUSH(manager->inactive, client, + ilink); +- if (client->needshutdown) ++ } ++ if (client->needshutdown) { + isc_task_shutdown(client->task); ++ } + return (true); + } + } +@@ -675,7 +734,6 @@ client_start(isc_task_t *task, isc_event_t *event) { + } + } + +- + /*% + * The client's task has received a shutdown event. + */ +@@ -2507,17 +2565,12 @@ client_request(isc_task_t *task, isc_event_t *event) { + /* + * Pipeline TCP query processing. + */ +- if (client->message->opcode != dns_opcode_query) ++ if (client->message->opcode != dns_opcode_query) { + client->pipelined = false; ++ } + if (TCP_CLIENT(client) && client->pipelined) { +- result = isc_quota_reserve(&ns_g_server->tcpquota); +- if (result == ISC_R_SUCCESS) +- result = ns_client_replace(client); ++ result = ns_client_replace(client); + if (result != ISC_R_SUCCESS) { +- ns_client_log(client, NS_LOGCATEGORY_CLIENT, +- NS_LOGMODULE_CLIENT, ISC_LOG_WARNING, +- "no more TCP clients(read): %s", +- isc_result_totext(result)); + client->pipelined = false; + } + } +@@ -3087,6 +3140,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + client->filter_aaaa = dns_aaaa_ok; + #endif + client->needshutdown = ns_g_clienttest; ++ client->tcpactive = false; + + ISC_EVENT_INIT(&client->ctlevent, sizeof(client->ctlevent), 0, NULL, + NS_EVENT_CLIENTCONTROL, client_start, client, client, +@@ -3100,6 +3154,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + client->formerrcache.id = 0; + ISC_LINK_INIT(client, link); + ISC_LINK_INIT(client, rlink); ++ ISC_LINK_INIT(client, glink); + ISC_QLINK_INIT(client, ilink); + client->keytag = NULL; + client->keytag_len = 0; +@@ -3193,12 +3248,19 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + + INSIST(client->state == NS_CLIENTSTATE_READY); + ++ /* ++ * The accept() was successful and we're now establishing a new ++ * connection. We need to make note of it in the client and ++ * interface objects so client objects can do the right thing ++ * when going inactive in exit_check() (see comments in ++ * client_accept() for details). ++ */ + INSIST(client->naccepts == 1); + client->naccepts--; + + LOCK(&client->interface->lock); +- INSIST(client->interface->ntcpcurrent > 0); +- client->interface->ntcpcurrent--; ++ INSIST(client->interface->ntcpaccepting > 0); ++ client->interface->ntcpaccepting--; + UNLOCK(&client->interface->lock); + + /* +@@ -3232,6 +3294,9 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), + "accept failed: %s", + isc_result_totext(nevent->result)); ++ if (client->tcpquota != NULL) { ++ isc_quota_detach(&client->tcpquota); ++ } + } + + if (exit_check(client)) +@@ -3270,18 +3335,12 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + * deny service to legitimate TCP clients. + */ + client->pipelined = false; +- result = isc_quota_attach(&ns_g_server->tcpquota, +- &client->tcpquota); +- if (result == ISC_R_SUCCESS) +- result = ns_client_replace(client); +- if (result != ISC_R_SUCCESS) { +- ns_client_log(client, NS_LOGCATEGORY_CLIENT, +- NS_LOGMODULE_CLIENT, ISC_LOG_WARNING, +- "no more TCP clients(accept): %s", +- isc_result_totext(result)); +- } else if (ns_g_server->keepresporder == NULL || +- !allowed(&netaddr, NULL, NULL, 0, NULL, +- ns_g_server->keepresporder)) { ++ result = ns_client_replace(client); ++ if (result == ISC_R_SUCCESS && ++ (client->sctx->keepresporder == NULL || ++ !allowed(&netaddr, NULL, NULL, 0, NULL, ++ ns_g_server->keepresporder))) ++ { + client->pipelined = true; + } + +@@ -3298,12 +3357,80 @@ client_accept(ns_client_t *client) { + + CTRACE("accept"); + ++ /* ++ * The tcpquota object can only be simultaneously referenced a ++ * pre-defined number of times; this is configured by 'tcp-clients' ++ * in named.conf. If we can't attach to it here, that means the TCP ++ * client quota has been exceeded. ++ */ ++ result = isc_quota_attach(&client->sctx->tcpquota, ++ &client->tcpquota); ++ if (result != ISC_R_SUCCESS) { ++ bool exit; ++ ++ ns_client_log(client, NS_LOGCATEGORY_CLIENT, ++ NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(1), ++ "no more TCP clients: %s", ++ isc_result_totext(result)); ++ ++ /* ++ * We have exceeded the system-wide TCP client ++ * quota. But, we can't just block this accept ++ * in all cases, because if we did, a heavy TCP ++ * load on other interfaces might cause this ++ * interface to be starved, with no clients able ++ * to accept new connections. ++ * ++ * So, we check here to see if any other client ++ * is already servicing TCP queries on this ++ * interface (whether accepting, reading, or ++ * processing). ++ * ++ * If so, then it's okay *not* to call ++ * accept - we can let this client to go inactive ++ * and the other one handle the next connection ++ * when it's ready. ++ * ++ * But if not, then we need to be a little bit ++ * flexible about the quota. We allow *one* extra ++ * TCP client through, to ensure we're listening on ++ * every interface. ++ * ++ * (Note: In practice this means that the *real* ++ * TCP client quota is tcp-clients plus the number ++ * of interfaces.) ++ */ ++ LOCK(&client->interface->lock); ++ exit = (client->interface->ntcpactive > 0); ++ UNLOCK(&client->interface->lock); ++ ++ if (exit) { ++ client->newstate = NS_CLIENTSTATE_INACTIVE; ++ (void)exit_check(client); ++ return; ++ } ++ } ++ ++ /* ++ * By incrementing the interface's ntcpactive counter we signal ++ * that there is at least one client servicing TCP queries for the ++ * interface. ++ * ++ * We also make note of the fact in the client itself with the ++ * tcpactive flag. This ensures proper accounting by preventing ++ * us from accidentally incrementing or decrementing ntcpactive ++ * more than once per client object. ++ */ ++ if (!client->tcpactive) { ++ LOCK(&client->interface->lock); ++ client->interface->ntcpactive++; ++ UNLOCK(&client->interface->lock); ++ client->tcpactive = true; ++ } ++ + result = isc_socket_accept(client->tcplistener, client->task, + client_newconn, client); + if (result != ISC_R_SUCCESS) { +- UNEXPECTED_ERROR(__FILE__, __LINE__, +- "isc_socket_accept() failed: %s", +- isc_result_totext(result)); + /* + * XXXRTH What should we do? We're trying to accept but + * it didn't work. If we just give up, then TCP +@@ -3311,12 +3438,39 @@ client_accept(ns_client_t *client) { + * + * For now, we just go idle. + */ ++ UNEXPECTED_ERROR(__FILE__, __LINE__, ++ "isc_socket_accept() failed: %s", ++ isc_result_totext(result)); ++ if (client->tcpquota != NULL) { ++ isc_quota_detach(&client->tcpquota); ++ } + return; + } ++ ++ /* ++ * The client's 'naccepts' counter indicates that this client has ++ * called accept() and is waiting for a new connection. It should ++ * never exceed 1. ++ */ + INSIST(client->naccepts == 0); + client->naccepts++; ++ ++ /* ++ * The interface's 'ntcpaccepting' counter is incremented when ++ * any client calls accept(), and decremented in client_newconn() ++ * once the connection is established. ++ * ++ * When the client object is shutting down after handling a TCP ++ * request (see exit_check()), it looks to see whether this value is ++ * non-zero. If so, that means another client has already called ++ * accept() and is waiting to establish the next connection, which ++ * means the first client is free to go inactive. Otherwise, ++ * the first client must come back and call accept() again; this ++ * guarantees there will always be at least one client listening ++ * for new TCP connections on each interface. ++ */ + LOCK(&client->interface->lock); +- client->interface->ntcpcurrent++; ++ client->interface->ntcpaccepting++; + UNLOCK(&client->interface->lock); + } + +@@ -3390,13 +3544,14 @@ ns_client_replace(ns_client_t *client) { + tcp = TCP_CLIENT(client); + if (tcp && client->pipelined) { + result = get_worker(client->manager, client->interface, +- client->tcpsocket); ++ client->tcpsocket, client); + } else { + result = get_client(client->manager, client->interface, + client->dispatch, tcp); + } +- if (result != ISC_R_SUCCESS) ++ if (result != ISC_R_SUCCESS) { + return (result); ++ } + + /* + * The responsibility for listening for new requests is hereby +@@ -3585,6 +3740,7 @@ get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, + client->attributes |= NS_CLIENTATTR_TCP; + isc_socket_attach(ifp->tcpsocket, + &client->tcplistener); ++ + } else { + isc_socket_t *sock; + +@@ -3602,7 +3758,8 @@ get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, + } + + static isc_result_t +-get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock) ++get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, ++ ns_client_t *oldclient) + { + isc_result_t result = ISC_R_SUCCESS; + isc_event_t *ev; +@@ -3610,6 +3767,7 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock) + MTRACE("get worker"); + + REQUIRE(manager != NULL); ++ REQUIRE(oldclient != NULL); + + if (manager->exiting) + return (ISC_R_SHUTTINGDOWN); +@@ -3642,7 +3800,28 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock) + ns_interface_attach(ifp, &client->interface); + client->newstate = client->state = NS_CLIENTSTATE_WORKING; + INSIST(client->recursionquota == NULL); +- client->tcpquota = &ns_g_server->tcpquota; ++ ++ /* ++ * Transfer TCP quota to the new client. ++ */ ++ INSIST(client->tcpquota == NULL); ++ INSIST(oldclient->tcpquota != NULL); ++ client->tcpquota = oldclient->tcpquota; ++ oldclient->tcpquota = NULL; ++ ++ /* ++ * Link to a pipeline group, creating it if needed. ++ */ ++ if (!ISC_LINK_LINKED(oldclient, glink)) { ++ oldclient->glink.next = NULL; ++ oldclient->glink.prev = NULL; ++ } ++ client->glink.next = oldclient->glink.next; ++ client->glink.prev = oldclient; ++ if (oldclient->glink.next != NULL) { ++ oldclient->glink.next->glink.prev = client; ++ } ++ oldclient->glink.next = client; + + client->dscp = ifp->dscp; + +@@ -3656,6 +3835,12 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock) + (void)isc_socket_getpeername(client->tcpsocket, &client->peeraddr); + client->peeraddr_valid = true; + ++ LOCK(&client->interface->lock); ++ client->interface->ntcpactive++; ++ UNLOCK(&client->interface->lock); ++ ++ client->tcpactive = true; ++ + INSIST(client->tcpmsg_valid == false); + dns_tcpmsg_init(client->mctx, client->tcpsocket, &client->tcpmsg); + client->tcpmsg_valid = true; +diff --git a/bin/named/include/named/client.h b/bin/named/include/named/client.h +index b23a7b191d..1f7973f9c5 100644 +--- a/bin/named/include/named/client.h ++++ b/bin/named/include/named/client.h +@@ -94,7 +94,8 @@ struct ns_client { + int nupdates; + int nctls; + int references; +- bool needshutdown; /* ++ bool tcpactive; ++ bool needshutdown; /* + * Used by clienttest to get + * the client to go from + * inactive to free state +@@ -130,9 +131,9 @@ struct ns_client { + isc_stdtime_t now; + isc_time_t tnow; + dns_name_t signername; /*%< [T]SIG key name */ +- dns_name_t * signer; /*%< NULL if not valid sig */ +- bool mortal; /*%< Die after handling request */ +- bool pipelined; /*%< TCP queries not in sequence */ ++ dns_name_t *signer; /*%< NULL if not valid sig */ ++ bool mortal; /*%< Die after handling request */ ++ bool pipelined; /*%< TCP queries not in sequence */ + isc_quota_t *tcpquota; + isc_quota_t *recursionquota; + ns_interface_t *interface; +@@ -143,8 +144,8 @@ struct ns_client { + isc_sockaddr_t destsockaddr; + + isc_netaddr_t ecs_addr; /*%< EDNS client subnet */ +- uint8_t ecs_addrlen; +- uint8_t ecs_scope; ++ uint8_t ecs_addrlen; ++ uint8_t ecs_scope; + + struct in6_pktinfo pktinfo; + isc_dscp_t dscp; +@@ -166,6 +167,7 @@ struct ns_client { + + ISC_LINK(ns_client_t) link; + ISC_LINK(ns_client_t) rlink; ++ ISC_LINK(ns_client_t) glink; + ISC_QLINK(ns_client_t) ilink; + unsigned char cookie[8]; + uint32_t expire; +diff --git a/bin/named/include/named/interfacemgr.h b/bin/named/include/named/interfacemgr.h +index 7d1883e1e8..61b08826a6 100644 +--- a/bin/named/include/named/interfacemgr.h ++++ b/bin/named/include/named/interfacemgr.h +@@ -77,9 +77,14 @@ struct ns_interface { + /*%< UDP dispatchers. */ + isc_socket_t * tcpsocket; /*%< TCP socket. */ + isc_dscp_t dscp; /*%< "listen-on" DSCP value */ +- int ntcptarget; /*%< Desired number of concurrent +- TCP accepts */ +- int ntcpcurrent; /*%< Current ditto, locked */ ++ int ntcpaccepting; /*%< Number of clients ++ ready to accept new ++ TCP connections on this ++ interface */ ++ int ntcpactive; /*%< Number of clients ++ servicing TCP queries ++ (whether accepting or ++ connected) */ + int nudpdispatch; /*%< Number of UDP dispatches */ + ns_clientmgr_t * clientmgr; /*%< Client manager. */ + ISC_LINK(ns_interface_t) link; +diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c +index 419927bf54..955096ef47 100644 +--- a/bin/named/interfacemgr.c ++++ b/bin/named/interfacemgr.c +@@ -386,8 +386,8 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr, + * connections will be handled in parallel even though there is + * only one client initially. + */ +- ifp->ntcptarget = 1; +- ifp->ntcpcurrent = 0; ++ ifp->ntcpaccepting = 0; ++ ifp->ntcpactive = 0; + ifp->nudpdispatch = 0; + + ifp->dscp = -1; +@@ -522,9 +522,7 @@ ns_interface_accepttcp(ns_interface_t *ifp) { + */ + (void)isc_socket_filter(ifp->tcpsocket, "dataready"); + +- result = ns_clientmgr_createclients(ifp->clientmgr, +- ifp->ntcptarget, ifp, +- true); ++ result = ns_clientmgr_createclients(ifp->clientmgr, 1, ifp, true); + if (result != ISC_R_SUCCESS) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "TCP ns_clientmgr_createclients(): %s", +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch b/poky/meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch new file mode 100644 index 000000000..032cfb8c4 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0003-use-reference-counter-for-pipeline-groups-v3.patch @@ -0,0 +1,278 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/366b4e1] + +Signed-off-by: Kai Kang + +From 366b4e1ede8aed690e981e07137cb1cb77879c36 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= +Date: Thu, 17 Jan 2019 15:53:38 +0100 +Subject: [PATCH 3/6] use reference counter for pipeline groups (v3) + +Track pipeline groups using a shared reference counter +instead of a linked list. + +(cherry picked from commit 513afd33eb17d5dc41a3f0d2d38204ef8c5f6f91) +(cherry picked from commit 9446629b730c59c4215f08d37fbaf810282fbccb) +--- + bin/named/client.c | 171 ++++++++++++++++++++----------- + bin/named/include/named/client.h | 2 +- + 2 files changed, 110 insertions(+), 63 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index a7b49a0f71..277656cef0 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -299,6 +299,75 @@ ns_client_settimeout(ns_client_t *client, unsigned int seconds) { + } + } + ++/*% ++ * Allocate a reference counter that will track the number of client structures ++ * using the TCP connection that 'client' called accept() for. This counter ++ * will be shared between all client structures associated with this TCP ++ * connection. ++ */ ++static void ++pipeline_init(ns_client_t *client) { ++ isc_refcount_t *refs; ++ ++ REQUIRE(client->pipeline_refs == NULL); ++ ++ /* ++ * A global memory context is used for the allocation as different ++ * client structures may have different memory contexts assigned and a ++ * reference counter allocated here might need to be freed by a ++ * different client. The performance impact caused by memory context ++ * contention here is expected to be negligible, given that this code ++ * is only executed for TCP connections. ++ */ ++ refs = isc_mem_allocate(client->sctx->mctx, sizeof(*refs)); ++ isc_refcount_init(refs, 1); ++ client->pipeline_refs = refs; ++} ++ ++/*% ++ * Increase the count of client structures using the TCP connection that ++ * 'source' is associated with and put a pointer to that count in 'target', ++ * thus associating it with the same TCP connection. ++ */ ++static void ++pipeline_attach(ns_client_t *source, ns_client_t *target) { ++ int old_refs; ++ ++ REQUIRE(source->pipeline_refs != NULL); ++ REQUIRE(target->pipeline_refs == NULL); ++ ++ old_refs = isc_refcount_increment(source->pipeline_refs); ++ INSIST(old_refs > 0); ++ target->pipeline_refs = source->pipeline_refs; ++} ++ ++/*% ++ * Decrease the count of client structures using the TCP connection that ++ * 'client' is associated with. If this is the last client using this TCP ++ * connection, free the reference counter and return true; otherwise, return ++ * false. ++ */ ++static bool ++pipeline_detach(ns_client_t *client) { ++ isc_refcount_t *refs; ++ int old_refs; ++ ++ REQUIRE(client->pipeline_refs != NULL); ++ ++ refs = client->pipeline_refs; ++ client->pipeline_refs = NULL; ++ ++ old_refs = isc_refcount_decrement(refs); ++ INSIST(old_refs > 0); ++ ++ if (old_refs == 1) { ++ isc_mem_free(client->sctx->mctx, refs); ++ return (true); ++ } ++ ++ return (false); ++} ++ + /*% + * Check for a deactivation or shutdown request and take appropriate + * action. Returns true if either is in progress; in this case +@@ -421,6 +490,40 @@ exit_check(ns_client_t *client) { + client->tcpmsg_valid = false; + } + ++ if (client->tcpquota != NULL) { ++ if (client->pipeline_refs == NULL || ++ pipeline_detach(client)) ++ { ++ /* ++ * Only detach from the TCP client quota if ++ * there are no more client structures using ++ * this TCP connection. ++ * ++ * Note that we check 'pipeline_refs' and not ++ * 'pipelined' because in some cases (e.g. ++ * after receiving a request with an opcode ++ * different than QUERY) 'pipelined' is set to ++ * false after the reference counter gets ++ * allocated in pipeline_init() and we must ++ * still drop our reference as failing to do so ++ * would prevent the reference counter itself ++ * from being freed. ++ */ ++ isc_quota_detach(&client->tcpquota); ++ } else { ++ /* ++ * There are other client structures using this ++ * TCP connection, so we cannot detach from the ++ * TCP client quota to prevent excess TCP ++ * connections from being accepted. However, ++ * this client structure might later be reused ++ * for accepting new connections and thus must ++ * have its 'tcpquota' field set to NULL. ++ */ ++ client->tcpquota = NULL; ++ } ++ } ++ + if (client->tcpsocket != NULL) { + CTRACE("closetcp"); + isc_socket_detach(&client->tcpsocket); +@@ -434,44 +537,6 @@ exit_check(ns_client_t *client) { + } + } + +- if (client->tcpquota != NULL) { +- /* +- * If we are not in a pipeline group, or +- * we are the last client in the group, detach from +- * tcpquota; otherwise, transfer the quota to +- * another client in the same group. +- */ +- if (!ISC_LINK_LINKED(client, glink) || +- (client->glink.next == NULL && +- client->glink.prev == NULL)) +- { +- isc_quota_detach(&client->tcpquota); +- } else if (client->glink.next != NULL) { +- INSIST(client->glink.next->tcpquota == NULL); +- client->glink.next->tcpquota = client->tcpquota; +- client->tcpquota = NULL; +- } else { +- INSIST(client->glink.prev->tcpquota == NULL); +- client->glink.prev->tcpquota = client->tcpquota; +- client->tcpquota = NULL; +- } +- } +- +- /* +- * Unlink from pipeline group. +- */ +- if (ISC_LINK_LINKED(client, glink)) { +- if (client->glink.next != NULL) { +- client->glink.next->glink.prev = +- client->glink.prev; +- } +- if (client->glink.prev != NULL) { +- client->glink.prev->glink.next = +- client->glink.next; +- } +- ISC_LINK_INIT(client, glink); +- } +- + if (client->timerset) { + (void)isc_timer_reset(client->timer, + isc_timertype_inactive, +@@ -3130,6 +3195,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + dns_name_init(&client->signername, NULL); + client->mortal = false; + client->pipelined = false; ++ client->pipeline_refs = NULL; + client->tcpquota = NULL; + client->recursionquota = NULL; + client->interface = NULL; +@@ -3154,7 +3220,6 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + client->formerrcache.id = 0; + ISC_LINK_INIT(client, link); + ISC_LINK_INIT(client, rlink); +- ISC_LINK_INIT(client, glink); + ISC_QLINK_INIT(client, ilink); + client->keytag = NULL; + client->keytag_len = 0; +@@ -3341,6 +3406,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + !allowed(&netaddr, NULL, NULL, 0, NULL, + ns_g_server->keepresporder))) + { ++ pipeline_init(client); + client->pipelined = true; + } + +@@ -3800,35 +3866,16 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, + ns_interface_attach(ifp, &client->interface); + client->newstate = client->state = NS_CLIENTSTATE_WORKING; + INSIST(client->recursionquota == NULL); +- +- /* +- * Transfer TCP quota to the new client. +- */ +- INSIST(client->tcpquota == NULL); +- INSIST(oldclient->tcpquota != NULL); +- client->tcpquota = oldclient->tcpquota; +- oldclient->tcpquota = NULL; +- +- /* +- * Link to a pipeline group, creating it if needed. +- */ +- if (!ISC_LINK_LINKED(oldclient, glink)) { +- oldclient->glink.next = NULL; +- oldclient->glink.prev = NULL; +- } +- client->glink.next = oldclient->glink.next; +- client->glink.prev = oldclient; +- if (oldclient->glink.next != NULL) { +- oldclient->glink.next->glink.prev = client; +- } +- oldclient->glink.next = client; ++ client->tcpquota = &client->sctx->tcpquota; + + client->dscp = ifp->dscp; + + client->attributes |= NS_CLIENTATTR_TCP; +- client->pipelined = true; + client->mortal = true; + ++ pipeline_attach(oldclient, client); ++ client->pipelined = true; ++ + isc_socket_attach(ifp->tcpsocket, &client->tcplistener); + isc_socket_attach(sock, &client->tcpsocket); + isc_socket_setname(client->tcpsocket, "worker-tcp", NULL); +diff --git a/bin/named/include/named/client.h b/bin/named/include/named/client.h +index 1f7973f9c5..aeed9ccdda 100644 +--- a/bin/named/include/named/client.h ++++ b/bin/named/include/named/client.h +@@ -134,6 +134,7 @@ struct ns_client { + dns_name_t *signer; /*%< NULL if not valid sig */ + bool mortal; /*%< Die after handling request */ + bool pipelined; /*%< TCP queries not in sequence */ ++ isc_refcount_t *pipeline_refs; + isc_quota_t *tcpquota; + isc_quota_t *recursionquota; + ns_interface_t *interface; +@@ -167,7 +168,6 @@ struct ns_client { + + ISC_LINK(ns_client_t) link; + ISC_LINK(ns_client_t) rlink; +- ISC_LINK(ns_client_t) glink; + ISC_QLINK(ns_client_t) ilink; + unsigned char cookie[8]; + uint32_t expire; +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch b/poky/meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch new file mode 100644 index 000000000..034ab1330 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0004-better-tcpquota-accounting-and-client-mortality-chec.patch @@ -0,0 +1,512 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/2ab8a08] + +Signed-off-by: Kai Kang + +From 2ab8a085b3c666f28f1f9229bd6ecb59915b26c3 Mon Sep 17 00:00:00 2001 +From: Evan Hunt +Date: Fri, 5 Apr 2019 16:12:18 -0700 +Subject: [PATCH 4/6] better tcpquota accounting and client mortality checks + +- ensure that tcpactive is cleaned up correctly when accept() fails. +- set 'client->tcpattached' when the client is attached to the tcpquota. + carry this value on to new clients sharing the same pipeline group. + don't call isc_quota_detach() on the tcpquota unless tcpattached is + set. this way clients that were allowed to accept TCP connections + despite being over quota (and therefore, were never attached to the + quota) will not inadvertently detach from it and mess up the + accounting. +- simplify the code for tcpquota disconnection by using a new function + tcpquota_disconnect(). +- before deciding whether to reject a new connection due to quota + exhaustion, check to see whether there are at least two active + clients. previously, this was "at least one", but that could be + insufficient if there was one other client in READING state (waiting + for messages on an open connection) but none in READY (listening + for new connections). +- before deciding whether a TCP client object can to go inactive, we + must ensure there are enough other clients to maintain service + afterward -- both accepting new connections and reading/processing new + queries. A TCP client can't shut down unless at least one + client is accepting new connections and (in the case of pipelined + clients) at least one additional client is waiting to read. + +(cherry picked from commit c7394738b2445c16f728a88394864dd61baad900) +(cherry picked from commit e965d5f11d3d0f6d59704e614fceca2093cb1856) +(cherry picked from commit 87d431161450777ea093821212abfb52d51b36e3) +--- + bin/named/client.c | 244 +++++++++++++++++++------------ + bin/named/include/named/client.h | 3 +- + 2 files changed, 152 insertions(+), 95 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index 277656cef0..61e96dd28c 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -244,13 +244,14 @@ static void client_start(isc_task_t *task, isc_event_t *event); + static void client_request(isc_task_t *task, isc_event_t *event); + static void ns_client_dumpmessage(ns_client_t *client, const char *reason); + static isc_result_t get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, +- dns_dispatch_t *disp, bool tcp); ++ dns_dispatch_t *disp, ns_client_t *oldclient, ++ bool tcp); + static isc_result_t get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, + isc_socket_t *sock, ns_client_t *oldclient); + static inline bool + allowed(isc_netaddr_t *addr, dns_name_t *signer, + isc_netaddr_t *ecs_addr, uint8_t ecs_addrlen, +- uint8_t *ecs_scope, dns_acl_t *acl) ++ uint8_t *ecs_scope, dns_acl_t *acl); + static void compute_cookie(ns_client_t *client, uint32_t when, + uint32_t nonce, const unsigned char *secret, + isc_buffer_t *buf); +@@ -319,7 +320,7 @@ pipeline_init(ns_client_t *client) { + * contention here is expected to be negligible, given that this code + * is only executed for TCP connections. + */ +- refs = isc_mem_allocate(client->sctx->mctx, sizeof(*refs)); ++ refs = isc_mem_allocate(ns_g_mctx, sizeof(*refs)); + isc_refcount_init(refs, 1); + client->pipeline_refs = refs; + } +@@ -331,13 +332,13 @@ pipeline_init(ns_client_t *client) { + */ + static void + pipeline_attach(ns_client_t *source, ns_client_t *target) { +- int old_refs; ++ int refs; + + REQUIRE(source->pipeline_refs != NULL); + REQUIRE(target->pipeline_refs == NULL); + +- old_refs = isc_refcount_increment(source->pipeline_refs); +- INSIST(old_refs > 0); ++ isc_refcount_increment(source->pipeline_refs, &refs); ++ INSIST(refs > 1); + target->pipeline_refs = source->pipeline_refs; + } + +@@ -349,25 +350,51 @@ pipeline_attach(ns_client_t *source, ns_client_t *target) { + */ + static bool + pipeline_detach(ns_client_t *client) { +- isc_refcount_t *refs; +- int old_refs; ++ isc_refcount_t *refcount; ++ int refs; + + REQUIRE(client->pipeline_refs != NULL); + +- refs = client->pipeline_refs; ++ refcount = client->pipeline_refs; + client->pipeline_refs = NULL; + +- old_refs = isc_refcount_decrement(refs); +- INSIST(old_refs > 0); ++ isc_refcount_decrement(refcount, refs); + +- if (old_refs == 1) { +- isc_mem_free(client->sctx->mctx, refs); ++ if (refs == 0) { ++ isc_mem_free(ns_g_mctx, refs); + return (true); + } + + return (false); + } + ++/* ++ * Detach a client from the TCP client quota if appropriate, and set ++ * the quota pointer to NULL. ++ * ++ * Sometimes when the TCP client quota is exhausted but there are no other ++ * clients servicing the interface, a client will be allowed to continue ++ * running despite not having been attached to the quota. In this event, ++ * the TCP quota was never attached to the client, so when the client (or ++ * associated pipeline group) shuts down, the quota must NOT be detached. ++ * ++ * Otherwise, if the quota pointer is set, it should be detached. If not ++ * set at all, we just return without doing anything. ++ */ ++static void ++tcpquota_disconnect(ns_client_t *client) { ++ if (client->tcpquota == NULL) { ++ return; ++ } ++ ++ if (client->tcpattached) { ++ isc_quota_detach(&client->tcpquota); ++ client->tcpattached = false; ++ } else { ++ client->tcpquota = NULL; ++ } ++} ++ + /*% + * Check for a deactivation or shutdown request and take appropriate + * action. Returns true if either is in progress; in this case +@@ -490,38 +517,31 @@ exit_check(ns_client_t *client) { + client->tcpmsg_valid = false; + } + +- if (client->tcpquota != NULL) { +- if (client->pipeline_refs == NULL || +- pipeline_detach(client)) +- { +- /* +- * Only detach from the TCP client quota if +- * there are no more client structures using +- * this TCP connection. +- * +- * Note that we check 'pipeline_refs' and not +- * 'pipelined' because in some cases (e.g. +- * after receiving a request with an opcode +- * different than QUERY) 'pipelined' is set to +- * false after the reference counter gets +- * allocated in pipeline_init() and we must +- * still drop our reference as failing to do so +- * would prevent the reference counter itself +- * from being freed. +- */ +- isc_quota_detach(&client->tcpquota); +- } else { +- /* +- * There are other client structures using this +- * TCP connection, so we cannot detach from the +- * TCP client quota to prevent excess TCP +- * connections from being accepted. However, +- * this client structure might later be reused +- * for accepting new connections and thus must +- * have its 'tcpquota' field set to NULL. +- */ +- client->tcpquota = NULL; +- } ++ /* ++ * Detach from pipeline group and from TCP client quota, ++ * if appropriate. ++ * ++ * - If no pipeline group is active, attempt to ++ * detach from the TCP client quota. ++ * ++ * - If a pipeline group is active, detach from it; ++ * if the return code indicates that there no more ++ * clients left if this pipeline group, we also detach ++ * from the TCP client quota. ++ * ++ * - Otherwise we don't try to detach, we just set the ++ * TCP quota pointer to NULL if it wasn't NULL already. ++ * ++ * tcpquota_disconnect() will set tcpquota to NULL, either ++ * by detaching it or by assignment, depending on the ++ * needs of the client. See the comments on that function ++ * for further information. ++ */ ++ if (client->pipeline_refs == NULL || pipeline_detach(client)) { ++ tcpquota_disconnect(client); ++ } else { ++ client->tcpquota = NULL; ++ client->tcpattached = false; + } + + if (client->tcpsocket != NULL) { +@@ -544,8 +564,6 @@ exit_check(ns_client_t *client) { + client->timerset = false; + } + +- client->pipelined = false; +- + client->peeraddr_valid = false; + + client->state = NS_CLIENTSTATE_READY; +@@ -558,18 +576,27 @@ exit_check(ns_client_t *client) { + * active and force it to go inactive if not. + * + * UDP clients go inactive at this point, but a TCP client +- * will needs to remain active if no other clients are +- * listening for TCP requests on this interface, to +- * prevent this interface from going nonresponsive. ++ * may need to remain active and go into ready state if ++ * no other clients are available to listen for TCP ++ * requests on this interface or (in the case of pipelined ++ * clients) to read for additional messages on the current ++ * connection. + */ + if (client->mortal && TCP_CLIENT(client) && !ns_g_clienttest) { + LOCK(&client->interface->lock); +- if (client->interface->ntcpaccepting == 0) { ++ if ((client->interface->ntcpaccepting == 0 || ++ (client->pipelined && ++ client->interface->ntcpactive < 2)) && ++ client->newstate != NS_CLIENTSTATE_FREED) ++ { + client->mortal = false; ++ client->newstate = NS_CLIENTSTATE_READY; + } + UNLOCK(&client->interface->lock); + } + ++ client->pipelined = false; ++ + /* + * We don't need the client; send it to the inactive + * queue for recycling. +@@ -2634,6 +2661,18 @@ client_request(isc_task_t *task, isc_event_t *event) { + client->pipelined = false; + } + if (TCP_CLIENT(client) && client->pipelined) { ++ /* ++ * We're pipelining. Replace the client; the ++ * the replacement can read the TCP socket looking ++ * for new messages and this client can process the ++ * current message asynchronously. ++ * ++ * There are now at least three clients using this ++ * TCP socket - one accepting new connections, ++ * one reading an existing connection to get new ++ * messages, and one answering the message already ++ * received. ++ */ + result = ns_client_replace(client); + if (result != ISC_R_SUCCESS) { + client->pipelined = false; +@@ -3197,6 +3236,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + client->pipelined = false; + client->pipeline_refs = NULL; + client->tcpquota = NULL; ++ client->tcpattached = false; + client->recursionquota = NULL; + client->interface = NULL; + client->peeraddr_valid = false; +@@ -3359,9 +3399,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), + "accept failed: %s", + isc_result_totext(nevent->result)); +- if (client->tcpquota != NULL) { +- isc_quota_detach(&client->tcpquota); +- } ++ tcpquota_disconnect(client); + } + + if (exit_check(client)) +@@ -3402,7 +3440,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + client->pipelined = false; + result = ns_client_replace(client); + if (result == ISC_R_SUCCESS && +- (client->sctx->keepresporder == NULL || ++ (ns_g_server->keepresporder == NULL || + !allowed(&netaddr, NULL, NULL, 0, NULL, + ns_g_server->keepresporder))) + { +@@ -3429,7 +3467,7 @@ client_accept(ns_client_t *client) { + * in named.conf. If we can't attach to it here, that means the TCP + * client quota has been exceeded. + */ +- result = isc_quota_attach(&client->sctx->tcpquota, ++ result = isc_quota_attach(&ns_g_server->tcpquota, + &client->tcpquota); + if (result != ISC_R_SUCCESS) { + bool exit; +@@ -3447,27 +3485,27 @@ client_accept(ns_client_t *client) { + * interface to be starved, with no clients able + * to accept new connections. + * +- * So, we check here to see if any other client +- * is already servicing TCP queries on this ++ * So, we check here to see if any other clients ++ * are already servicing TCP queries on this + * interface (whether accepting, reading, or +- * processing). +- * +- * If so, then it's okay *not* to call +- * accept - we can let this client to go inactive +- * and the other one handle the next connection +- * when it's ready. ++ * processing). If there are at least two ++ * (one reading and one processing a request) ++ * then it's okay *not* to call accept - we ++ * can let this client go inactive and another ++ * one will resume accepting when it's done. + * +- * But if not, then we need to be a little bit +- * flexible about the quota. We allow *one* extra +- * TCP client through, to ensure we're listening on +- * every interface. ++ * If there aren't enough active clients on the ++ * interface, then we can be a little bit ++ * flexible about the quota. We'll allow *one* ++ * extra client through to ensure we're listening ++ * on every interface. + * +- * (Note: In practice this means that the *real* +- * TCP client quota is tcp-clients plus the number +- * of interfaces.) ++ * (Note: In practice this means that the real ++ * TCP client quota is tcp-clients plus the ++ * number of listening interfaces plus 2.) + */ + LOCK(&client->interface->lock); +- exit = (client->interface->ntcpactive > 0); ++ exit = (client->interface->ntcpactive > 1); + UNLOCK(&client->interface->lock); + + if (exit) { +@@ -3475,6 +3513,9 @@ client_accept(ns_client_t *client) { + (void)exit_check(client); + return; + } ++ ++ } else { ++ client->tcpattached = true; + } + + /* +@@ -3507,9 +3548,16 @@ client_accept(ns_client_t *client) { + UNEXPECTED_ERROR(__FILE__, __LINE__, + "isc_socket_accept() failed: %s", + isc_result_totext(result)); +- if (client->tcpquota != NULL) { +- isc_quota_detach(&client->tcpquota); ++ ++ tcpquota_disconnect(client); ++ ++ if (client->tcpactive) { ++ LOCK(&client->interface->lock); ++ client->interface->ntcpactive--; ++ UNLOCK(&client->interface->lock); ++ client->tcpactive = false; + } ++ + return; + } + +@@ -3527,13 +3575,12 @@ client_accept(ns_client_t *client) { + * once the connection is established. + * + * When the client object is shutting down after handling a TCP +- * request (see exit_check()), it looks to see whether this value is +- * non-zero. If so, that means another client has already called +- * accept() and is waiting to establish the next connection, which +- * means the first client is free to go inactive. Otherwise, +- * the first client must come back and call accept() again; this +- * guarantees there will always be at least one client listening +- * for new TCP connections on each interface. ++ * request (see exit_check()), if this value is at least one, that ++ * means another client has called accept() and is waiting to ++ * establish the next connection. That means the client may be ++ * be free to become inactive; otherwise it may need to start ++ * listening for connections itself to prevent the interface ++ * going dead. + */ + LOCK(&client->interface->lock); + client->interface->ntcpaccepting++; +@@ -3613,19 +3660,19 @@ ns_client_replace(ns_client_t *client) { + client->tcpsocket, client); + } else { + result = get_client(client->manager, client->interface, +- client->dispatch, tcp); ++ client->dispatch, client, tcp); ++ ++ /* ++ * The responsibility for listening for new requests is hereby ++ * transferred to the new client. Therefore, the old client ++ * should refrain from listening for any more requests. ++ */ ++ client->mortal = true; + } + if (result != ISC_R_SUCCESS) { + return (result); + } + +- /* +- * The responsibility for listening for new requests is hereby +- * transferred to the new client. Therefore, the old client +- * should refrain from listening for any more requests. +- */ +- client->mortal = true; +- + return (ISC_R_SUCCESS); + } + +@@ -3759,7 +3806,7 @@ ns_clientmgr_destroy(ns_clientmgr_t **managerp) { + + static isc_result_t + get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, +- dns_dispatch_t *disp, bool tcp) ++ dns_dispatch_t *disp, ns_client_t *oldclient, bool tcp) + { + isc_result_t result = ISC_R_SUCCESS; + isc_event_t *ev; +@@ -3803,6 +3850,16 @@ get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, + client->dscp = ifp->dscp; + + if (tcp) { ++ client->tcpattached = false; ++ if (oldclient != NULL) { ++ client->tcpattached = oldclient->tcpattached; ++ } ++ ++ LOCK(&client->interface->lock); ++ client->interface->ntcpactive++; ++ UNLOCK(&client->interface->lock); ++ client->tcpactive = true; ++ + client->attributes |= NS_CLIENTATTR_TCP; + isc_socket_attach(ifp->tcpsocket, + &client->tcplistener); +@@ -3866,7 +3923,8 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, + ns_interface_attach(ifp, &client->interface); + client->newstate = client->state = NS_CLIENTSTATE_WORKING; + INSIST(client->recursionquota == NULL); +- client->tcpquota = &client->sctx->tcpquota; ++ client->tcpquota = &ns_g_server->tcpquota; ++ client->tcpattached = oldclient->tcpattached; + + client->dscp = ifp->dscp; + +@@ -3885,7 +3943,6 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, + LOCK(&client->interface->lock); + client->interface->ntcpactive++; + UNLOCK(&client->interface->lock); +- + client->tcpactive = true; + + INSIST(client->tcpmsg_valid == false); +@@ -3913,7 +3970,8 @@ ns_clientmgr_createclients(ns_clientmgr_t *manager, unsigned int n, + MTRACE("createclients"); + + for (disp = 0; disp < n; disp++) { +- result = get_client(manager, ifp, ifp->udpdispatch[disp], tcp); ++ result = get_client(manager, ifp, ifp->udpdispatch[disp], ++ NULL, tcp); + if (result != ISC_R_SUCCESS) + break; + } +diff --git a/bin/named/include/named/client.h b/bin/named/include/named/client.h +index aeed9ccdda..e2c40acd28 100644 +--- a/bin/named/include/named/client.h ++++ b/bin/named/include/named/client.h +@@ -9,8 +9,6 @@ + * information regarding copyright ownership. + */ + +-/* $Id: client.h,v 1.96 2012/01/31 23:47:31 tbox Exp $ */ +- + #ifndef NAMED_CLIENT_H + #define NAMED_CLIENT_H 1 + +@@ -136,6 +134,7 @@ struct ns_client { + bool pipelined; /*%< TCP queries not in sequence */ + isc_refcount_t *pipeline_refs; + isc_quota_t *tcpquota; ++ bool tcpattached; + isc_quota_t *recursionquota; + ns_interface_t *interface; + +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch b/poky/meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch new file mode 100644 index 000000000..987e75bc0 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch @@ -0,0 +1,911 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/c47ccf6] + +Signed-off-by: Kai Kang + +From c47ccf630f147378568b33e8fdb7b754f228c346 Mon Sep 17 00:00:00 2001 +From: Evan Hunt +Date: Fri, 5 Apr 2019 16:26:05 -0700 +Subject: [PATCH 5/6] refactor tcpquota and pipeline refs; allow special-case + overrun in isc_quota + +- if the TCP quota has been exceeded but there are no clients listening + for new connections on the interface, we can now force attachment to the + quota using isc_quota_force(), instead of carrying on with the quota not + attached. +- the TCP client quota is now referenced via a reference-counted + 'ns_tcpconn' object, one of which is created whenever a client begins + listening for new connections, and attached to by members of that + client's pipeline group. when the last reference to the tcpconn + object is detached, it is freed and the TCP quota slot is released. +- reduce code duplication by adding mark_tcp_active() function. +- convert counters to atomic. + +(cherry picked from commit 7e8222378ca24f1302a0c1c638565050ab04681b) +(cherry picked from commit 4939451275722bfda490ea86ca13e84f6bc71e46) +(cherry picked from commit 13f7c918b8720d890408f678bd73c20e634539d9) +--- + bin/named/client.c | 444 +++++++++++-------------- + bin/named/include/named/client.h | 12 +- + bin/named/include/named/interfacemgr.h | 6 +- + bin/named/interfacemgr.c | 1 + + lib/isc/include/isc/quota.h | 7 + + lib/isc/quota.c | 33 +- + lib/isc/win32/libisc.def.in | 1 + + 7 files changed, 236 insertions(+), 268 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index 61e96dd28c..d826ab32bf 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -244,8 +244,7 @@ static void client_start(isc_task_t *task, isc_event_t *event); + static void client_request(isc_task_t *task, isc_event_t *event); + static void ns_client_dumpmessage(ns_client_t *client, const char *reason); + static isc_result_t get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, +- dns_dispatch_t *disp, ns_client_t *oldclient, +- bool tcp); ++ dns_dispatch_t *disp, bool tcp); + static isc_result_t get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, + isc_socket_t *sock, ns_client_t *oldclient); + static inline bool +@@ -301,16 +300,32 @@ ns_client_settimeout(ns_client_t *client, unsigned int seconds) { + } + + /*% +- * Allocate a reference counter that will track the number of client structures +- * using the TCP connection that 'client' called accept() for. This counter +- * will be shared between all client structures associated with this TCP +- * connection. ++ * Allocate a reference-counted object that will maintain a single pointer to ++ * the (also reference-counted) TCP client quota, shared between all the ++ * clients processing queries on a single TCP connection, so that all ++ * clients sharing the one socket will together consume only one slot in ++ * the 'tcp-clients' quota. + */ +-static void +-pipeline_init(ns_client_t *client) { +- isc_refcount_t *refs; ++static isc_result_t ++tcpconn_init(ns_client_t *client, bool force) { ++ isc_result_t result; ++ isc_quota_t *quota = NULL; ++ ns_tcpconn_t *tconn = NULL; + +- REQUIRE(client->pipeline_refs == NULL); ++ REQUIRE(client->tcpconn == NULL); ++ ++ /* ++ * Try to attach to the quota first, so we won't pointlessly ++ * allocate memory for a tcpconn object if we can't get one. ++ */ ++ if (force) { ++ result = isc_quota_force(&ns_g_server->tcpquota, "a); ++ } else { ++ result = isc_quota_attach(&ns_g_server->tcpquota, "a); ++ } ++ if (result != ISC_R_SUCCESS) { ++ return (result); ++ } + + /* + * A global memory context is used for the allocation as different +@@ -320,78 +335,80 @@ pipeline_init(ns_client_t *client) { + * contention here is expected to be negligible, given that this code + * is only executed for TCP connections. + */ +- refs = isc_mem_allocate(ns_g_mctx, sizeof(*refs)); +- isc_refcount_init(refs, 1); +- client->pipeline_refs = refs; ++ tconn = isc_mem_allocate(ns_g_mctx, sizeof(*tconn)); ++ ++ isc_refcount_init(&tconn->refs, 1); ++ tconn->tcpquota = quota; ++ quota = NULL; ++ tconn->pipelined = false; ++ ++ client->tcpconn = tconn; ++ ++ return (ISC_R_SUCCESS); + } + + /*% +- * Increase the count of client structures using the TCP connection that +- * 'source' is associated with and put a pointer to that count in 'target', +- * thus associating it with the same TCP connection. ++ * Increase the count of client structures sharing the TCP connection ++ * that 'source' is associated with; add a pointer to the same tcpconn ++ * to 'target', thus associating it with the same TCP connection. + */ + static void +-pipeline_attach(ns_client_t *source, ns_client_t *target) { ++tcpconn_attach(ns_client_t *source, ns_client_t *target) { + int refs; + +- REQUIRE(source->pipeline_refs != NULL); +- REQUIRE(target->pipeline_refs == NULL); ++ REQUIRE(source->tcpconn != NULL); ++ REQUIRE(target->tcpconn == NULL); ++ REQUIRE(source->tcpconn->pipelined); + +- isc_refcount_increment(source->pipeline_refs, &refs); ++ isc_refcount_increment(&source->tcpconn->refs, &refs); + INSIST(refs > 1); +- target->pipeline_refs = source->pipeline_refs; ++ target->tcpconn = source->tcpconn; + } + + /*% +- * Decrease the count of client structures using the TCP connection that ++ * Decrease the count of client structures sharing the TCP connection that + * 'client' is associated with. If this is the last client using this TCP +- * connection, free the reference counter and return true; otherwise, return +- * false. ++ * connection, we detach from the TCP quota and free the tcpconn ++ * object. Either way, client->tcpconn is set to NULL. + */ +-static bool +-pipeline_detach(ns_client_t *client) { +- isc_refcount_t *refcount; ++static void ++tcpconn_detach(ns_client_t *client) { ++ ns_tcpconn_t *tconn = NULL; + int refs; + +- REQUIRE(client->pipeline_refs != NULL); +- +- refcount = client->pipeline_refs; +- client->pipeline_refs = NULL; ++ REQUIRE(client->tcpconn != NULL); + +- isc_refcount_decrement(refcount, refs); ++ tconn = client->tcpconn; ++ client->tcpconn = NULL; + ++ isc_refcount_decrement(&tconn->refs, &refs); + if (refs == 0) { +- isc_mem_free(ns_g_mctx, refs); +- return (true); ++ isc_quota_detach(&tconn->tcpquota); ++ isc_mem_free(ns_g_mctx, tconn); + } +- +- return (false); + } + +-/* +- * Detach a client from the TCP client quota if appropriate, and set +- * the quota pointer to NULL. +- * +- * Sometimes when the TCP client quota is exhausted but there are no other +- * clients servicing the interface, a client will be allowed to continue +- * running despite not having been attached to the quota. In this event, +- * the TCP quota was never attached to the client, so when the client (or +- * associated pipeline group) shuts down, the quota must NOT be detached. ++/*% ++ * Mark a client as active and increment the interface's 'ntcpactive' ++ * counter, as a signal that there is at least one client servicing ++ * TCP queries for the interface. If we reach the TCP client quota at ++ * some point, this will be used to determine whether a quota overrun ++ * should be permitted. + * +- * Otherwise, if the quota pointer is set, it should be detached. If not +- * set at all, we just return without doing anything. ++ * Marking the client active with the 'tcpactive' flag ensures proper ++ * accounting, by preventing us from incrementing or decrementing ++ * 'ntcpactive' more than once per client. + */ + static void +-tcpquota_disconnect(ns_client_t *client) { +- if (client->tcpquota == NULL) { +- return; +- } +- +- if (client->tcpattached) { +- isc_quota_detach(&client->tcpquota); +- client->tcpattached = false; +- } else { +- client->tcpquota = NULL; ++mark_tcp_active(ns_client_t *client, bool active) { ++ if (active && !client->tcpactive) { ++ isc_atomic_xadd(&client->interface->ntcpactive, 1); ++ client->tcpactive = active; ++ } else if (!active && client->tcpactive) { ++ uint32_t old = ++ isc_atomic_xadd(&client->interface->ntcpactive, -1); ++ INSIST(old > 0); ++ client->tcpactive = active; + } + } + +@@ -484,7 +501,8 @@ exit_check(ns_client_t *client) { + INSIST(client->recursionquota == NULL); + + if (NS_CLIENTSTATE_READING == client->newstate) { +- if (!client->pipelined) { ++ INSIST(client->tcpconn != NULL); ++ if (!client->tcpconn->pipelined) { + client_read(client); + client->newstate = NS_CLIENTSTATE_MAX; + return (true); /* We're done. */ +@@ -507,8 +525,8 @@ exit_check(ns_client_t *client) { + dns_tcpmsg_cancelread(&client->tcpmsg); + } + +- if (client->nreads != 0) { +- /* Still waiting for read cancel completion. */ ++ /* Still waiting for read cancel completion. */ ++ if (client->nreads > 0) { + return (true); + } + +@@ -518,43 +536,45 @@ exit_check(ns_client_t *client) { + } + + /* +- * Detach from pipeline group and from TCP client quota, +- * if appropriate. ++ * Soon the client will be ready to accept a new TCP ++ * connection or UDP request, but we may have enough ++ * clients doing that already. Check whether this client ++ * needs to remain active and allow it go inactive if ++ * not. + * +- * - If no pipeline group is active, attempt to +- * detach from the TCP client quota. ++ * UDP clients always go inactive at this point, but a TCP ++ * client may need to stay active and return to READY ++ * state if no other clients are available to listen ++ * for TCP requests on this interface. + * +- * - If a pipeline group is active, detach from it; +- * if the return code indicates that there no more +- * clients left if this pipeline group, we also detach +- * from the TCP client quota. +- * +- * - Otherwise we don't try to detach, we just set the +- * TCP quota pointer to NULL if it wasn't NULL already. +- * +- * tcpquota_disconnect() will set tcpquota to NULL, either +- * by detaching it or by assignment, depending on the +- * needs of the client. See the comments on that function +- * for further information. ++ * Regardless, if we're going to FREED state, that means ++ * the system is shutting down and we don't need to ++ * retain clients. + */ +- if (client->pipeline_refs == NULL || pipeline_detach(client)) { +- tcpquota_disconnect(client); +- } else { +- client->tcpquota = NULL; +- client->tcpattached = false; ++ if (client->mortal && TCP_CLIENT(client) && ++ client->newstate != NS_CLIENTSTATE_FREED && ++ !ns_g_clienttest && ++ isc_atomic_xadd(&client->interface->ntcpaccepting, 0) == 0) ++ { ++ /* Nobody else is accepting */ ++ client->mortal = false; ++ client->newstate = NS_CLIENTSTATE_READY; ++ } ++ ++ /* ++ * Detach from TCP connection and TCP client quota, ++ * if appropriate. If this is the last reference to ++ * the TCP connection in our pipeline group, the ++ * TCP quota slot will be released. ++ */ ++ if (client->tcpconn) { ++ tcpconn_detach(client); + } + + if (client->tcpsocket != NULL) { + CTRACE("closetcp"); + isc_socket_detach(&client->tcpsocket); +- +- if (client->tcpactive) { +- LOCK(&client->interface->lock); +- INSIST(client->interface->ntcpactive > 0); +- client->interface->ntcpactive--; +- UNLOCK(&client->interface->lock); +- client->tcpactive = false; +- } ++ mark_tcp_active(client, false); + } + + if (client->timerset) { +@@ -567,35 +587,6 @@ exit_check(ns_client_t *client) { + client->peeraddr_valid = false; + + client->state = NS_CLIENTSTATE_READY; +- INSIST(client->recursionquota == NULL); +- +- /* +- * Now the client is ready to accept a new TCP connection +- * or UDP request, but we may have enough clients doing +- * that already. Check whether this client needs to remain +- * active and force it to go inactive if not. +- * +- * UDP clients go inactive at this point, but a TCP client +- * may need to remain active and go into ready state if +- * no other clients are available to listen for TCP +- * requests on this interface or (in the case of pipelined +- * clients) to read for additional messages on the current +- * connection. +- */ +- if (client->mortal && TCP_CLIENT(client) && !ns_g_clienttest) { +- LOCK(&client->interface->lock); +- if ((client->interface->ntcpaccepting == 0 || +- (client->pipelined && +- client->interface->ntcpactive < 2)) && +- client->newstate != NS_CLIENTSTATE_FREED) +- { +- client->mortal = false; +- client->newstate = NS_CLIENTSTATE_READY; +- } +- UNLOCK(&client->interface->lock); +- } +- +- client->pipelined = false; + + /* + * We don't need the client; send it to the inactive +@@ -630,7 +621,7 @@ exit_check(ns_client_t *client) { + } + + /* Still waiting for accept cancel completion. */ +- if (! (client->naccepts == 0)) { ++ if (client->naccepts > 0) { + return (true); + } + +@@ -641,7 +632,7 @@ exit_check(ns_client_t *client) { + } + + /* Still waiting for recv cancel completion. */ +- if (! (client->nrecvs == 0)) { ++ if (client->nrecvs > 0) { + return (true); + } + +@@ -654,14 +645,7 @@ exit_check(ns_client_t *client) { + INSIST(client->recursionquota == NULL); + if (client->tcplistener != NULL) { + isc_socket_detach(&client->tcplistener); +- +- if (client->tcpactive) { +- LOCK(&client->interface->lock); +- INSIST(client->interface->ntcpactive > 0); +- client->interface->ntcpactive--; +- UNLOCK(&client->interface->lock); +- client->tcpactive = false; +- } ++ mark_tcp_active(client, false); + } + if (client->udpsocket != NULL) { + isc_socket_detach(&client->udpsocket); +@@ -816,7 +800,7 @@ client_start(isc_task_t *task, isc_event_t *event) { + return; + + if (TCP_CLIENT(client)) { +- if (client->pipelined) { ++ if (client->tcpconn != NULL) { + client_read(client); + } else { + client_accept(client); +@@ -2470,6 +2454,7 @@ client_request(isc_task_t *task, isc_event_t *event) { + client->nrecvs--; + } else { + INSIST(TCP_CLIENT(client)); ++ INSIST(client->tcpconn != NULL); + REQUIRE(event->ev_type == DNS_EVENT_TCPMSG); + REQUIRE(event->ev_sender == &client->tcpmsg); + buffer = &client->tcpmsg.buffer; +@@ -2657,17 +2642,19 @@ client_request(isc_task_t *task, isc_event_t *event) { + /* + * Pipeline TCP query processing. + */ +- if (client->message->opcode != dns_opcode_query) { +- client->pipelined = false; ++ if (TCP_CLIENT(client) && ++ client->message->opcode != dns_opcode_query) ++ { ++ client->tcpconn->pipelined = false; + } +- if (TCP_CLIENT(client) && client->pipelined) { ++ if (TCP_CLIENT(client) && client->tcpconn->pipelined) { + /* + * We're pipelining. Replace the client; the +- * the replacement can read the TCP socket looking +- * for new messages and this client can process the ++ * replacement can read the TCP socket looking ++ * for new messages and this one can process the + * current message asynchronously. + * +- * There are now at least three clients using this ++ * There will now be at least three clients using this + * TCP socket - one accepting new connections, + * one reading an existing connection to get new + * messages, and one answering the message already +@@ -2675,7 +2662,7 @@ client_request(isc_task_t *task, isc_event_t *event) { + */ + result = ns_client_replace(client); + if (result != ISC_R_SUCCESS) { +- client->pipelined = false; ++ client->tcpconn->pipelined = false; + } + } + +@@ -3233,10 +3220,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) { + client->signer = NULL; + dns_name_init(&client->signername, NULL); + client->mortal = false; +- client->pipelined = false; +- client->pipeline_refs = NULL; +- client->tcpquota = NULL; +- client->tcpattached = false; ++ client->tcpconn = NULL; + client->recursionquota = NULL; + client->interface = NULL; + client->peeraddr_valid = false; +@@ -3341,9 +3325,10 @@ client_read(ns_client_t *client) { + + static void + client_newconn(isc_task_t *task, isc_event_t *event) { ++ isc_result_t result; + ns_client_t *client = event->ev_arg; + isc_socket_newconnev_t *nevent = (isc_socket_newconnev_t *)event; +- isc_result_t result; ++ uint32_t old; + + REQUIRE(event->ev_type == ISC_SOCKEVENT_NEWCONN); + REQUIRE(NS_CLIENT_VALID(client)); +@@ -3363,10 +3348,8 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + INSIST(client->naccepts == 1); + client->naccepts--; + +- LOCK(&client->interface->lock); +- INSIST(client->interface->ntcpaccepting > 0); +- client->interface->ntcpaccepting--; +- UNLOCK(&client->interface->lock); ++ old = isc_atomic_xadd(&client->interface->ntcpaccepting, -1); ++ INSIST(old > 0); + + /* + * We must take ownership of the new socket before the exit +@@ -3399,7 +3382,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(3), + "accept failed: %s", + isc_result_totext(nevent->result)); +- tcpquota_disconnect(client); ++ tcpconn_detach(client); + } + + if (exit_check(client)) +@@ -3437,15 +3420,13 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + * telnetting to port 53 (once per CPU) will + * deny service to legitimate TCP clients. + */ +- client->pipelined = false; + result = ns_client_replace(client); + if (result == ISC_R_SUCCESS && + (ns_g_server->keepresporder == NULL || + !allowed(&netaddr, NULL, NULL, 0, NULL, + ns_g_server->keepresporder))) + { +- pipeline_init(client); +- client->pipelined = true; ++ client->tcpconn->pipelined = true; + } + + client_read(client); +@@ -3462,78 +3443,59 @@ client_accept(ns_client_t *client) { + CTRACE("accept"); + + /* +- * The tcpquota object can only be simultaneously referenced a +- * pre-defined number of times; this is configured by 'tcp-clients' +- * in named.conf. If we can't attach to it here, that means the TCP +- * client quota has been exceeded. ++ * Set up a new TCP connection. This means try to attach to the ++ * TCP client quota (tcp-clients), but fail if we're over quota. + */ +- result = isc_quota_attach(&ns_g_server->tcpquota, +- &client->tcpquota); ++ result = tcpconn_init(client, false); + if (result != ISC_R_SUCCESS) { +- bool exit; ++ bool exit; + +- ns_client_log(client, NS_LOGCATEGORY_CLIENT, +- NS_LOGMODULE_CLIENT, ISC_LOG_DEBUG(1), +- "no more TCP clients: %s", +- isc_result_totext(result)); +- +- /* +- * We have exceeded the system-wide TCP client +- * quota. But, we can't just block this accept +- * in all cases, because if we did, a heavy TCP +- * load on other interfaces might cause this +- * interface to be starved, with no clients able +- * to accept new connections. +- * +- * So, we check here to see if any other clients +- * are already servicing TCP queries on this +- * interface (whether accepting, reading, or +- * processing). If there are at least two +- * (one reading and one processing a request) +- * then it's okay *not* to call accept - we +- * can let this client go inactive and another +- * one will resume accepting when it's done. +- * +- * If there aren't enough active clients on the +- * interface, then we can be a little bit +- * flexible about the quota. We'll allow *one* +- * extra client through to ensure we're listening +- * on every interface. +- * +- * (Note: In practice this means that the real +- * TCP client quota is tcp-clients plus the +- * number of listening interfaces plus 2.) +- */ +- LOCK(&client->interface->lock); +- exit = (client->interface->ntcpactive > 1); +- UNLOCK(&client->interface->lock); ++ ns_client_log(client, NS_LOGCATEGORY_CLIENT, ++ NS_LOGMODULE_CLIENT, ISC_LOG_WARNING, ++ "TCP client quota reached: %s", ++ isc_result_totext(result)); + +- if (exit) { +- client->newstate = NS_CLIENTSTATE_INACTIVE; +- (void)exit_check(client); +- return; +- } ++ /* ++ * We have exceeded the system-wide TCP client quota. But, ++ * we can't just block this accept in all cases, because if ++ * we did, a heavy TCP load on other interfaces might cause ++ * this interface to be starved, with no clients able to ++ * accept new connections. ++ * ++ * So, we check here to see if any other clients are ++ * already servicing TCP queries on this interface (whether ++ * accepting, reading, or processing). If we find at least ++ * one, then it's okay *not* to call accept - we can let this ++ * client go inactive and another will take over when it's ++ * done. ++ * ++ * If there aren't enough active clients on the interface, ++ * then we can be a little bit flexible about the quota. ++ * We'll allow *one* extra client through to ensure we're ++ * listening on every interface; we do this by setting the ++ * 'force' option to tcpconn_init(). ++ * ++ * (Note: In practice this means that the real TCP client ++ * quota is tcp-clients plus the number of listening ++ * interfaces plus 1.) ++ */ ++ exit = (isc_atomic_xadd(&client->interface->ntcpactive, 0) > 0); ++ if (exit) { ++ client->newstate = NS_CLIENTSTATE_INACTIVE; ++ (void)exit_check(client); ++ return; ++ } + +- } else { +- client->tcpattached = true; ++ result = tcpconn_init(client, true); ++ RUNTIME_CHECK(result == ISC_R_SUCCESS); + } + + /* +- * By incrementing the interface's ntcpactive counter we signal +- * that there is at least one client servicing TCP queries for the +- * interface. +- * +- * We also make note of the fact in the client itself with the +- * tcpactive flag. This ensures proper accounting by preventing +- * us from accidentally incrementing or decrementing ntcpactive +- * more than once per client object. ++ * If this client was set up using get_client() or get_worker(), ++ * then TCP is already marked active. However, if it was restarted ++ * from exit_check(), it might not be, so we take care of it now. + */ +- if (!client->tcpactive) { +- LOCK(&client->interface->lock); +- client->interface->ntcpactive++; +- UNLOCK(&client->interface->lock); +- client->tcpactive = true; +- } ++ mark_tcp_active(client, true); + + result = isc_socket_accept(client->tcplistener, client->task, + client_newconn, client); +@@ -3549,15 +3511,8 @@ client_accept(ns_client_t *client) { + "isc_socket_accept() failed: %s", + isc_result_totext(result)); + +- tcpquota_disconnect(client); +- +- if (client->tcpactive) { +- LOCK(&client->interface->lock); +- client->interface->ntcpactive--; +- UNLOCK(&client->interface->lock); +- client->tcpactive = false; +- } +- ++ tcpconn_detach(client); ++ mark_tcp_active(client, false); + return; + } + +@@ -3582,9 +3537,7 @@ client_accept(ns_client_t *client) { + * listening for connections itself to prevent the interface + * going dead. + */ +- LOCK(&client->interface->lock); +- client->interface->ntcpaccepting++; +- UNLOCK(&client->interface->lock); ++ isc_atomic_xadd(&client->interface->ntcpaccepting, 1); + } + + static void +@@ -3655,24 +3608,25 @@ ns_client_replace(ns_client_t *client) { + REQUIRE(client->manager != NULL); + + tcp = TCP_CLIENT(client); +- if (tcp && client->pipelined) { ++ if (tcp && client->tcpconn != NULL && client->tcpconn->pipelined) { + result = get_worker(client->manager, client->interface, + client->tcpsocket, client); + } else { + result = get_client(client->manager, client->interface, +- client->dispatch, client, tcp); ++ client->dispatch, tcp); + +- /* +- * The responsibility for listening for new requests is hereby +- * transferred to the new client. Therefore, the old client +- * should refrain from listening for any more requests. +- */ +- client->mortal = true; + } + if (result != ISC_R_SUCCESS) { + return (result); + } + ++ /* ++ * The responsibility for listening for new requests is hereby ++ * transferred to the new client. Therefore, the old client ++ * should refrain from listening for any more requests. ++ */ ++ client->mortal = true; ++ + return (ISC_R_SUCCESS); + } + +@@ -3806,7 +3760,7 @@ ns_clientmgr_destroy(ns_clientmgr_t **managerp) { + + static isc_result_t + get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, +- dns_dispatch_t *disp, ns_client_t *oldclient, bool tcp) ++ dns_dispatch_t *disp, bool tcp) + { + isc_result_t result = ISC_R_SUCCESS; + isc_event_t *ev; +@@ -3850,15 +3804,7 @@ get_client(ns_clientmgr_t *manager, ns_interface_t *ifp, + client->dscp = ifp->dscp; + + if (tcp) { +- client->tcpattached = false; +- if (oldclient != NULL) { +- client->tcpattached = oldclient->tcpattached; +- } +- +- LOCK(&client->interface->lock); +- client->interface->ntcpactive++; +- UNLOCK(&client->interface->lock); +- client->tcpactive = true; ++ mark_tcp_active(client, true); + + client->attributes |= NS_CLIENTATTR_TCP; + isc_socket_attach(ifp->tcpsocket, +@@ -3923,16 +3869,14 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, + ns_interface_attach(ifp, &client->interface); + client->newstate = client->state = NS_CLIENTSTATE_WORKING; + INSIST(client->recursionquota == NULL); +- client->tcpquota = &ns_g_server->tcpquota; +- client->tcpattached = oldclient->tcpattached; + + client->dscp = ifp->dscp; + + client->attributes |= NS_CLIENTATTR_TCP; + client->mortal = true; + +- pipeline_attach(oldclient, client); +- client->pipelined = true; ++ tcpconn_attach(oldclient, client); ++ mark_tcp_active(client, true); + + isc_socket_attach(ifp->tcpsocket, &client->tcplistener); + isc_socket_attach(sock, &client->tcpsocket); +@@ -3940,11 +3884,6 @@ get_worker(ns_clientmgr_t *manager, ns_interface_t *ifp, isc_socket_t *sock, + (void)isc_socket_getpeername(client->tcpsocket, &client->peeraddr); + client->peeraddr_valid = true; + +- LOCK(&client->interface->lock); +- client->interface->ntcpactive++; +- UNLOCK(&client->interface->lock); +- client->tcpactive = true; +- + INSIST(client->tcpmsg_valid == false); + dns_tcpmsg_init(client->mctx, client->tcpsocket, &client->tcpmsg); + client->tcpmsg_valid = true; +@@ -3970,8 +3909,7 @@ ns_clientmgr_createclients(ns_clientmgr_t *manager, unsigned int n, + MTRACE("createclients"); + + for (disp = 0; disp < n; disp++) { +- result = get_client(manager, ifp, ifp->udpdispatch[disp], +- NULL, tcp); ++ result = get_client(manager, ifp, ifp->udpdispatch[disp], tcp); + if (result != ISC_R_SUCCESS) + break; + } +diff --git a/bin/named/include/named/client.h b/bin/named/include/named/client.h +index e2c40acd28..969ee4c08f 100644 +--- a/bin/named/include/named/client.h ++++ b/bin/named/include/named/client.h +@@ -78,6 +78,13 @@ + *** Types + ***/ + ++/*% reference-counted TCP connection object */ ++typedef struct ns_tcpconn { ++ isc_refcount_t refs; ++ isc_quota_t *tcpquota; ++ bool pipelined; ++} ns_tcpconn_t; ++ + /*% nameserver client structure */ + struct ns_client { + unsigned int magic; +@@ -131,10 +138,7 @@ struct ns_client { + dns_name_t signername; /*%< [T]SIG key name */ + dns_name_t *signer; /*%< NULL if not valid sig */ + bool mortal; /*%< Die after handling request */ +- bool pipelined; /*%< TCP queries not in sequence */ +- isc_refcount_t *pipeline_refs; +- isc_quota_t *tcpquota; +- bool tcpattached; ++ ns_tcpconn_t *tcpconn; + isc_quota_t *recursionquota; + ns_interface_t *interface; + +diff --git a/bin/named/include/named/interfacemgr.h b/bin/named/include/named/interfacemgr.h +index 61b08826a6..3535ef22a8 100644 +--- a/bin/named/include/named/interfacemgr.h ++++ b/bin/named/include/named/interfacemgr.h +@@ -9,8 +9,6 @@ + * information regarding copyright ownership. + */ + +-/* $Id: interfacemgr.h,v 1.35 2011/07/28 23:47:58 tbox Exp $ */ +- + #ifndef NAMED_INTERFACEMGR_H + #define NAMED_INTERFACEMGR_H 1 + +@@ -77,11 +75,11 @@ struct ns_interface { + /*%< UDP dispatchers. */ + isc_socket_t * tcpsocket; /*%< TCP socket. */ + isc_dscp_t dscp; /*%< "listen-on" DSCP value */ +- int ntcpaccepting; /*%< Number of clients ++ int32_t ntcpaccepting; /*%< Number of clients + ready to accept new + TCP connections on this + interface */ +- int ntcpactive; /*%< Number of clients ++ int32_t ntcpactive; /*%< Number of clients + servicing TCP queries + (whether accepting or + connected) */ +diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c +index 955096ef47..d9f6df5802 100644 +--- a/bin/named/interfacemgr.c ++++ b/bin/named/interfacemgr.c +@@ -388,6 +388,7 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr, + */ + ifp->ntcpaccepting = 0; + ifp->ntcpactive = 0; ++ + ifp->nudpdispatch = 0; + + ifp->dscp = -1; +diff --git a/lib/isc/include/isc/quota.h b/lib/isc/include/isc/quota.h +index b9bf59877a..36c5830242 100644 +--- a/lib/isc/include/isc/quota.h ++++ b/lib/isc/include/isc/quota.h +@@ -100,6 +100,13 @@ isc_quota_attach(isc_quota_t *quota, isc_quota_t **p); + * quota if successful (ISC_R_SUCCESS or ISC_R_SOFTQUOTA). + */ + ++isc_result_t ++isc_quota_force(isc_quota_t *quota, isc_quota_t **p); ++/*%< ++ * Like isc_quota_attach, but will attach '*p' to the quota ++ * even if the hard quota has been exceeded. ++ */ ++ + void + isc_quota_detach(isc_quota_t **p); + /*%< +diff --git a/lib/isc/quota.c b/lib/isc/quota.c +index 3ddff0d875..556a61f21d 100644 +--- a/lib/isc/quota.c ++++ b/lib/isc/quota.c +@@ -74,20 +74,39 @@ isc_quota_release(isc_quota_t *quota) { + UNLOCK("a->lock); + } + +-isc_result_t +-isc_quota_attach(isc_quota_t *quota, isc_quota_t **p) +-{ ++static isc_result_t ++doattach(isc_quota_t *quota, isc_quota_t **p, bool force) { + isc_result_t result; +- INSIST(p != NULL && *p == NULL); ++ REQUIRE(p != NULL && *p == NULL); ++ + result = isc_quota_reserve(quota); +- if (result == ISC_R_SUCCESS || result == ISC_R_SOFTQUOTA) ++ if (result == ISC_R_SUCCESS || result == ISC_R_SOFTQUOTA) { ++ *p = quota; ++ } else if (result == ISC_R_QUOTA && force) { ++ /* attach anyway */ ++ LOCK("a->lock); ++ quota->used++; ++ UNLOCK("a->lock); ++ + *p = quota; ++ result = ISC_R_SUCCESS; ++ } ++ + return (result); + } + ++isc_result_t ++isc_quota_attach(isc_quota_t *quota, isc_quota_t **p) { ++ return (doattach(quota, p, false)); ++} ++ ++isc_result_t ++isc_quota_force(isc_quota_t *quota, isc_quota_t **p) { ++ return (doattach(quota, p, true)); ++} ++ + void +-isc_quota_detach(isc_quota_t **p) +-{ ++isc_quota_detach(isc_quota_t **p) { + INSIST(p != NULL && *p != NULL); + isc_quota_release(*p); + *p = NULL; +diff --git a/lib/isc/win32/libisc.def.in b/lib/isc/win32/libisc.def.in +index a82facec0f..7b9f23d776 100644 +--- a/lib/isc/win32/libisc.def.in ++++ b/lib/isc/win32/libisc.def.in +@@ -519,6 +519,7 @@ isc_portset_removerange + isc_quota_attach + isc_quota_destroy + isc_quota_detach ++isc_quota_force + isc_quota_init + isc_quota_max + isc_quota_release +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch b/poky/meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch new file mode 100644 index 000000000..3821d1850 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0006-restore-allowance-for-tcp-clients-interfaces.patch @@ -0,0 +1,80 @@ +Backport patch to fix CVE-2018-5743. + +Ref: +https://security-tracker.debian.org/tracker/CVE-2018-5743 + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/59434b9] + +Signed-off-by: Kai Kang + +From 59434b987e8eb436b08c24e559ee094c4e939daa Mon Sep 17 00:00:00 2001 +From: Evan Hunt +Date: Fri, 5 Apr 2019 16:26:19 -0700 +Subject: [PATCH 6/6] restore allowance for tcp-clients < interfaces + +in the "refactor tcpquota and pipeline refs" commit, the counting +of active interfaces was tightened in such a way that named could +fail to listen on an interface if there were more interfaces than +tcp-clients. when checking the quota to start accepting on an +interface, if the number of active clients was above zero, then +it was presumed that some other client was able to handle accepting +new connections. this, however, ignored the fact that the current client +could be included in that count, so if the quota was already exceeded +before all the interfaces were listening, some interfaces would never +listen. + +we now check whether the current client has been marked active; if so, +then the number of active clients on the interface must be greater +than 1, not 0. + +(cherry picked from commit 0b4e2cd4c3192ba88569dd344f542a8cc43742b5) +(cherry picked from commit d01023aaac35543daffbdf48464e320150235d41) +--- + bin/named/client.c | 8 +++++--- + doc/arm/Bv9ARM-book.xml | 3 ++- + 2 files changed, 7 insertions(+), 4 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index d826ab32bf..845326abc0 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -3464,8 +3464,9 @@ client_accept(ns_client_t *client) { + * + * So, we check here to see if any other clients are + * already servicing TCP queries on this interface (whether +- * accepting, reading, or processing). If we find at least +- * one, then it's okay *not* to call accept - we can let this ++ * accepting, reading, or processing). If we find that at ++ * least one client other than this one is active, then ++ * it's okay *not* to call accept - we can let this + * client go inactive and another will take over when it's + * done. + * +@@ -3479,7 +3480,8 @@ client_accept(ns_client_t *client) { + * quota is tcp-clients plus the number of listening + * interfaces plus 1.) + */ +- exit = (isc_atomic_xadd(&client->interface->ntcpactive, 0) > 0); ++ exit = (isc_atomic_xadd(&client->interface->ntcpactive, 0) > ++ (client->tcpactive ? 1 : 0)); + if (exit) { + client->newstate = NS_CLIENTSTATE_INACTIVE; + (void)exit_check(client); +diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml +index 381768d540..9c76d3cd6f 100644 +--- a/doc/arm/Bv9ARM-book.xml ++++ b/doc/arm/Bv9ARM-book.xml +@@ -8493,7 +8493,8 @@ avoid-v6-udp-ports { 40000; range 50000 60000; }; + + The number of file descriptors reserved for TCP, stdio, + etc. This needs to be big enough to cover the number of +- interfaces named listens on, tcp-clients as well as ++ interfaces named listens on plus ++ tcp-clients, as well as + to provide room for outgoing TCP queries and incoming zone + transfers. The default is 512. + The minimum value is 128 and the +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch b/poky/meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch new file mode 100644 index 000000000..1a84eca58 --- /dev/null +++ b/poky/meta/recipes-connectivity/bind/bind/0007-Replace-atomic-operations-in-bin-named-client.c-with.patch @@ -0,0 +1,140 @@ +Backport commit to fix compile error on arm caused by commits which are +to fix CVE-2018-5743. + +CVE: CVE-2018-5743 +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/commit/ef49780] + +Signed-off-by: Kai Kang + +From ef49780d30d3ddc5735cfc32561b678a634fa72f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= +Date: Wed, 17 Apr 2019 15:22:27 +0200 +Subject: [PATCH] Replace atomic operations in bin/named/client.c with + isc_refcount reference counting + +--- + bin/named/client.c | 18 +++++++----------- + bin/named/include/named/interfacemgr.h | 5 +++-- + bin/named/interfacemgr.c | 7 +++++-- + 3 files changed, 15 insertions(+), 15 deletions(-) + +diff --git a/bin/named/client.c b/bin/named/client.c +index 845326abc0..29fecadca8 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -402,12 +402,10 @@ tcpconn_detach(ns_client_t *client) { + static void + mark_tcp_active(ns_client_t *client, bool active) { + if (active && !client->tcpactive) { +- isc_atomic_xadd(&client->interface->ntcpactive, 1); ++ isc_refcount_increment0(&client->interface->ntcpactive, NULL); + client->tcpactive = active; + } else if (!active && client->tcpactive) { +- uint32_t old = +- isc_atomic_xadd(&client->interface->ntcpactive, -1); +- INSIST(old > 0); ++ isc_refcount_decrement(&client->interface->ntcpactive, NULL); + client->tcpactive = active; + } + } +@@ -554,7 +552,7 @@ exit_check(ns_client_t *client) { + if (client->mortal && TCP_CLIENT(client) && + client->newstate != NS_CLIENTSTATE_FREED && + !ns_g_clienttest && +- isc_atomic_xadd(&client->interface->ntcpaccepting, 0) == 0) ++ isc_refcount_current(&client->interface->ntcpaccepting) == 0) + { + /* Nobody else is accepting */ + client->mortal = false; +@@ -3328,7 +3326,6 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + isc_result_t result; + ns_client_t *client = event->ev_arg; + isc_socket_newconnev_t *nevent = (isc_socket_newconnev_t *)event; +- uint32_t old; + + REQUIRE(event->ev_type == ISC_SOCKEVENT_NEWCONN); + REQUIRE(NS_CLIENT_VALID(client)); +@@ -3348,8 +3345,7 @@ client_newconn(isc_task_t *task, isc_event_t *event) { + INSIST(client->naccepts == 1); + client->naccepts--; + +- old = isc_atomic_xadd(&client->interface->ntcpaccepting, -1); +- INSIST(old > 0); ++ isc_refcount_decrement(&client->interface->ntcpaccepting, NULL); + + /* + * We must take ownership of the new socket before the exit +@@ -3480,8 +3476,8 @@ client_accept(ns_client_t *client) { + * quota is tcp-clients plus the number of listening + * interfaces plus 1.) + */ +- exit = (isc_atomic_xadd(&client->interface->ntcpactive, 0) > +- (client->tcpactive ? 1 : 0)); ++ exit = (isc_refcount_current(&client->interface->ntcpactive) > ++ (client->tcpactive ? 1U : 0U)); + if (exit) { + client->newstate = NS_CLIENTSTATE_INACTIVE; + (void)exit_check(client); +@@ -3539,7 +3535,7 @@ client_accept(ns_client_t *client) { + * listening for connections itself to prevent the interface + * going dead. + */ +- isc_atomic_xadd(&client->interface->ntcpaccepting, 1); ++ isc_refcount_increment0(&client->interface->ntcpaccepting, NULL); + } + + static void +diff --git a/bin/named/include/named/interfacemgr.h b/bin/named/include/named/interfacemgr.h +index 3535ef22a8..6e10f210fd 100644 +--- a/bin/named/include/named/interfacemgr.h ++++ b/bin/named/include/named/interfacemgr.h +@@ -45,6 +45,7 @@ + #include + #include + #include ++#include + + #include + +@@ -75,11 +76,11 @@ struct ns_interface { + /*%< UDP dispatchers. */ + isc_socket_t * tcpsocket; /*%< TCP socket. */ + isc_dscp_t dscp; /*%< "listen-on" DSCP value */ +- int32_t ntcpaccepting; /*%< Number of clients ++ isc_refcount_t ntcpaccepting; /*%< Number of clients + ready to accept new + TCP connections on this + interface */ +- int32_t ntcpactive; /*%< Number of clients ++ isc_refcount_t ntcpactive; /*%< Number of clients + servicing TCP queries + (whether accepting or + connected) */ +diff --git a/bin/named/interfacemgr.c b/bin/named/interfacemgr.c +index d9f6df5802..135533be6b 100644 +--- a/bin/named/interfacemgr.c ++++ b/bin/named/interfacemgr.c +@@ -386,8 +386,8 @@ ns_interface_create(ns_interfacemgr_t *mgr, isc_sockaddr_t *addr, + * connections will be handled in parallel even though there is + * only one client initially. + */ +- ifp->ntcpaccepting = 0; +- ifp->ntcpactive = 0; ++ isc_refcount_init(&ifp->ntcpaccepting, 0); ++ isc_refcount_init(&ifp->ntcpactive, 0); + + ifp->nudpdispatch = 0; + +@@ -618,6 +618,9 @@ ns_interface_destroy(ns_interface_t *ifp) { + + ns_interfacemgr_detach(&ifp->mgr); + ++ isc_refcount_destroy(&ifp->ntcpactive); ++ isc_refcount_destroy(&ifp->ntcpaccepting); ++ + ifp->magic = 0; + isc_mem_put(mctx, ifp, sizeof(*ifp)); + } +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb b/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb index f4e985036..3e2412dfa 100644 --- a/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb +++ b/poky/meta/recipes-connectivity/bind/bind_9.11.5-P4.bb @@ -20,6 +20,14 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ file://0001-avoid-start-failure-with-bind-user.patch \ + file://0001-bind-fix-CVE-2019-6471.patch \ + file://0001-fix-enforcement-of-tcp-clients-v1.patch \ + file://0002-tcp-clients-could-still-be-exceeded-v2.patch \ + file://0003-use-reference-counter-for-pipeline-groups-v3.patch \ + file://0004-better-tcpquota-accounting-and-client-mortality-chec.patch \ + file://0005-refactor-tcpquota-and-pipeline-refs-allow-special-ca.patch \ + file://0006-restore-allowance-for-tcp-clients-interfaces.patch \ + file://0007-Replace-atomic-operations-in-bin-named-client.c-with.patch \ " SRC_URI[md5sum] = "8ddab4b61fa4516fe404679c74e37960" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc index f582a07e2..170232328 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -58,6 +58,7 @@ SRC_URI = "\ file://CVE-2018-10910.patch \ file://gcc9-fixes.patch \ file://0001-tools-Fix-build-after-y2038-changes-in-glibc.patch \ + file://0001-tools-btpclient.c-include-signal.h.patch \ " S = "${WORKDIR}/bluez-${PV}" diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch index 3c227a8ea..b6cb97839 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Makefile.am-Fix-a-race-issue-for-tools.patch @@ -1,32 +1,30 @@ -From 048e1844092cb4b3afd23f16fc2cc70dd2e122b7 Mon Sep 17 00:00:00 2001 -From: Robert Yang -Date: Mon, 24 Dec 2018 17:57:14 -0800 -Subject: [PATCH] Makefile.am: Fix a race issue for tools +Upstream-Status: Backport +Signed-off-by: Ross Burton -Fixed: -cp ../bluez-5.50/tools/hid2hci.rules tools/97-hid2hci.rules -cp: cannot create regular file tools/97-hid2hci.rules: No such file or directory -make[1]: *** [tools/97-hid2hci.rules] Error 1 +From 117c41242c01e057295aed80ed973c6dc7e35fe2 Mon Sep 17 00:00:00 2001 +From: Ross Burton +Date: Tue, 8 Oct 2019 11:01:56 +0100 +Subject: [PATCH BlueZ] Makefile.am: add missing mkdir in rules generation -Upstream-Status: Submitted[https://www.spinics.net/lists/linux-bluetooth/msg78361.html] - -Signed-off-by: Robert Yang +In parallel out-of-tree builds it's possible that tools/*.rules are +generated before the target directory has been implicitly created. Solve this by +creating the directory before writing into it. --- Makefile.am | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile.am b/Makefile.am -index 6d1ff11..35a01f2 100644 +index 2ac28b23d..e7bcd2366 100644 --- a/Makefile.am +++ b/Makefile.am -@@ -504,6 +504,7 @@ src/builtin.h: src/genbuiltin $(builtin_sources) +@@ -589,6 +589,7 @@ src/builtin.h: src/genbuiltin $(builtin_sources) $(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_modules) > $@ tools/%.rules: -+ [ -e tools ] || $(MKDIR_P) tools ++ $(AM_V_at)$(MKDIR_P) tools $(AM_V_GEN)cp $(srcdir)/$(subst 97-,,$@) $@ $(lib_libbluetooth_la_OBJECTS): $(local_headers) -- -2.10.2 +2.20.1 diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch new file mode 100644 index 000000000..620aaabc6 --- /dev/null +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tools-btpclient.c-include-signal.h.patch @@ -0,0 +1,30 @@ +From 0b1766514f6847c7367fce07f19a750ec74c11a6 Mon Sep 17 00:00:00 2001 +From: Robert Yang +Date: Thu, 26 Sep 2019 16:19:34 +0800 +Subject: [PATCH] tools/btpclient.c: include signal.h + +Fix compile failure when configure --enable-btpclient: +btpclient.c:2834:7: error: 'SIGINT' undeclared (first use in this function) + +Upstream-Status: Backport [A subset of the full fix that went upstream] + +Signed-off-by: Robert Yang +--- + tools/btpclient.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tools/btpclient.c b/tools/btpclient.c +index b217df5..aece7fe 100644 +--- a/tools/btpclient.c ++++ b/tools/btpclient.c +@@ -29,6 +29,7 @@ + #include + #include + #include ++#include + + #include + +-- +2.7.4 + diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch index 3ee79d704..76ed77925 100644 --- a/poky/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch +++ b/poky/meta/recipes-connectivity/bluez5/bluez5/out-of-tree.patch @@ -7,7 +7,7 @@ In parallel out-of-tree builds it's possible that obexd/src/builtin.h is generated before the target directory has been implicitly created. Solve this by creating the directory before writing into it. -Upstream-Status: Submitted +Upstream-Status: Backport Signed-off-by: Ross Burton --- Makefile.obexd | 1 + diff --git a/poky/meta/recipes-connectivity/connman/connman.inc b/poky/meta/recipes-connectivity/connman/connman.inc index ee0047992..fb38ab4fc 100644 --- a/poky/meta/recipes-connectivity/connman/connman.inc +++ b/poky/meta/recipes-connectivity/connman/connman.inc @@ -59,7 +59,7 @@ INITSCRIPT_NAME = "connman" INITSCRIPT_PARAMS = "start 05 5 2 3 . stop 22 0 1 6 ." python __anonymous () { - systemd_packages = "${PN}" + systemd_packages = "${PN} ${PN}-wait-online" pkgconfig = d.getVar('PACKAGECONFIG') if ('openvpn' or 'vpnc' or 'l2tp' or 'pptp') in pkgconfig.split(): systemd_packages += " ${PN}-vpn" diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver index d5e9c38a9..0f5747cc6 100644 --- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver +++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver @@ -107,7 +107,7 @@ stop_nfsd(){ #FIXME: need to create the /var/lib/nfs/... directories case "$1" in start) - exportfs -r + test -r /etc/exports && exportfs -r start_nfsd "$NFS_SERVERS" start_mountd test -r /etc/exports && exportfs -a;; diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb index 7e80354e4..eb32bccb5 100644 --- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb +++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.4.1.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" # util-linux for libblkid DEPENDS = "libcap libevent util-linux sqlite3 libtirpc" -RDEPENDS_${PN} = "${PN}-client bash" +RDEPENDS_${PN} = "${PN}-client" RRECOMMENDS_${PN} = "kernel-module-nfsd" inherit useradd diff --git a/poky/meta/recipes-connectivity/ofono/ofono.inc b/poky/meta/recipes-connectivity/ofono/ofono.inc deleted file mode 100644 index bdbb0b5bc..000000000 --- a/poky/meta/recipes-connectivity/ofono/ofono.inc +++ /dev/null @@ -1,39 +0,0 @@ -HOMEPAGE = "http://www.ofono.org" -SUMMARY = "open source telephony" -DESCRIPTION = "oFono is a stack for mobile telephony devices on Linux. oFono supports speaking to telephony devices through specific drivers, or with generic AT commands." -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ - file://src/ofono.h;beginline=1;endline=20;md5=3ce17d5978ef3445def265b98899c2ee" - -inherit autotools pkgconfig update-rc.d systemd gobject-introspection-data - -DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" - -INITSCRIPT_NAME = "ofono" -INITSCRIPT_PARAMS = "defaults 22" - -PACKAGECONFIG ??= "\ - ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ - " -PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" -PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5" - -EXTRA_OECONF += "--enable-test --enable-external-ell" - -SYSTEMD_SERVICE_${PN} = "ofono.service" - -do_install_append() { - install -d ${D}${sysconfdir}/init.d/ - install -m 0755 ${WORKDIR}/ofono ${D}${sysconfdir}/init.d/ofono -} - -PACKAGES =+ "${PN}-tests" - -RDEPENDS_${PN} += "dbus" -RRECOMMENDS_${PN} += "kernel-module-tun mobile-broadband-provider-info" - -FILES_${PN} += "${systemd_unitdir}" -FILES_${PN}-tests = "${libdir}/${BPN}/test" -RDEPENDS_${PN}-tests = "python3-core python3-dbus" -RDEPENDS_${PN}-tests += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)}" diff --git a/poky/meta/recipes-connectivity/ofono/ofono_1.30.bb b/poky/meta/recipes-connectivity/ofono/ofono_1.30.bb deleted file mode 100644 index c916cb1b2..000000000 --- a/poky/meta/recipes-connectivity/ofono/ofono_1.30.bb +++ /dev/null @@ -1,9 +0,0 @@ -require ofono.inc - -SRC_URI = "\ - ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ - file://ofono \ - file://0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch \ -" -SRC_URI[md5sum] = "2b1ce11a4db1f4b5c8cd96eb7e96ba0c" -SRC_URI[sha256sum] = "8079735efc5d7f33be9e792e791f2f7ff75c31ce67d477b994673e32319eec5c" diff --git a/poky/meta/recipes-connectivity/ofono/ofono_1.31.bb b/poky/meta/recipes-connectivity/ofono/ofono_1.31.bb new file mode 100644 index 000000000..7d0976ad7 --- /dev/null +++ b/poky/meta/recipes-connectivity/ofono/ofono_1.31.bb @@ -0,0 +1,50 @@ +SUMMARY = "open source telephony" +DESCRIPTION = "oFono is a stack for mobile telephony devices on Linux. oFono supports speaking to telephony devices through specific drivers, or with generic AT commands." +HOMEPAGE = "http://www.ofono.org" +BUGTRACKER = "https://01.org/jira/browse/OF" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ + file://src/ofono.h;beginline=1;endline=20;md5=3ce17d5978ef3445def265b98899c2ee" +DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" + +SRC_URI = "\ + ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ + file://ofono \ + file://0001-mbim-add-an-optional-TEMP_FAILURE_RETRY-macro-copy.patch \ +" +SRC_URI[md5sum] = "1c26340e3c6ed132cc812595081bb3dc" +SRC_URI[sha256sum] = "a15c5d28096c10eb30e47a68b6dc2e7c4a5a99d7f4cfedf0b69624f33d859e9b" + +inherit autotools pkgconfig update-rc.d systemd gobject-introspection-data + +INITSCRIPT_NAME = "ofono" +INITSCRIPT_PARAMS = "defaults 22" +SYSTEMD_SERVICE_${PN} = "ofono.service" + +PACKAGECONFIG ??= "\ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \ +" +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" +PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5" + +EXTRA_OECONF += "--enable-test --enable-external-ell" + +do_install_append() { + install -d ${D}${sysconfdir}/init.d/ + install -m 0755 ${WORKDIR}/ofono ${D}${sysconfdir}/init.d/ofono +} + +PACKAGES =+ "${PN}-tests" + +FILES_${PN} += "${systemd_unitdir}" +FILES_${PN}-tests = "${libdir}/${BPN}/test" + +RDEPENDS_${PN} += "dbus" +RDEPENDS_${PN}-tests = "\ + python3-core \ + python3-dbus \ + ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)} \ +" + +RRECOMMENDS_${PN} += "kernel-module-tun mobile-broadband-provider-info" diff --git a/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch b/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch new file mode 100644 index 000000000..3265be348 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssh/openssh/0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch @@ -0,0 +1,40 @@ +From 2014fad3d28090b59d2f8a0971166c06e5fa6da6 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia +Date: Fri, 18 Oct 2019 14:56:58 +0800 +Subject: [PATCH] upstream: fix integer overflow in XMSS private key parsing. + +Reported by Adam Zabrocki via SecuriTeam's SSH program. + +Note that this code is experimental and not compiled by default. + +ok markus@ + +OpenBSD-Commit-ID: cd0361896d15e8a1bac495ac583ff065ffca2be1 + +Signed-off-by: "djm@openbsd.org" + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/a546b17bbaeb12beac4c9aeed56f74a42b18a93a] +CVE: CVE-2019-16905 + +Signed-off-by: Hongxu Jia +--- + sshkey-xmss.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sshkey-xmss.c b/sshkey-xmss.c +index aaae702..c57681a 100644 +--- a/sshkey-xmss.c ++++ b/sshkey-xmss.c +@@ -977,7 +977,8 @@ sshkey_xmss_decrypt_state(const struct sshkey *k, struct sshbuf *encoded, + goto out; + } + /* check that an appropriate amount of auth data is present */ +- if (sshbuf_len(encoded) < encrypted_len + authlen) { ++ if (sshbuf_len(encoded) < authlen || ++ sshbuf_len(encoded) - authlen < encrypted_len) { + r = SSH_ERR_INVALID_FORMAT; + goto out; + } +-- +2.7.4 + diff --git a/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb index 01eaecd4e..2ffbc9a95 100644 --- a/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb +++ b/poky/meta/recipes-connectivity/openssh/openssh_8.0p1.bb @@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ + file://0001-upstream-fix-integer-overflow-in-XMSS-private-key-pa.patch \ " SRC_URI[md5sum] = "bf050f002fe510e1daecd39044e1122d" SRC_URI[sha256sum] = "bd943879e69498e8031eb6b7f44d08cdc37d59a7ab689aa0b437320c3481fd68" diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb index 072f727e0..8819e19ec 100644 --- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb +++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1d.bb @@ -148,7 +148,7 @@ do_install_append_class-native () { OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \ SSL_CERT_DIR=${libdir}/ssl-1.1/certs \ SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \ - OPENSSL_ENGINES=${libdir}/ssl-1.1/engines + OPENSSL_ENGINES=${libdir}/engines-1.1 } do_install_append_class-nativesdk () { diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch new file mode 100644 index 000000000..7b0713cf6 --- /dev/null +++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch @@ -0,0 +1,82 @@ +hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication +of disconnection in certain situations because source address validation is +mishandled. This is a denial of service that should have been prevented by PMF +(aka management frame protection). The attacker must send a crafted 802.11 frame +from a location that is within the 802.11 communications range. + +CVE: CVE-2019-16275 +Upstream-Status: Backport +Signed-off-by: Ross Burton + +From 8c07fa9eda13e835f3f968b2e1c9a8be3a851ff9 Mon Sep 17 00:00:00 2001 +From: Jouni Malinen +Date: Thu, 29 Aug 2019 11:52:04 +0300 +Subject: [PATCH] AP: Silently ignore management frame from unexpected source + address + +Do not process any received Management frames with unexpected/invalid SA +so that we do not add any state for unexpected STA addresses or end up +sending out frames to unexpected destination. This prevents unexpected +sequences where an unprotected frame might end up causing the AP to send +out a response to another device and that other device processing the +unexpected response. + +In particular, this prevents some potential denial of service cases +where the unexpected response frame from the AP might result in a +connected station dropping its association. + +Signed-off-by: Jouni Malinen +--- + src/ap/drv_callbacks.c | 13 +++++++++++++ + src/ap/ieee802_11.c | 12 ++++++++++++ + 2 files changed, 25 insertions(+) + +diff --git a/src/ap/drv_callbacks.c b/src/ap/drv_callbacks.c +index 31587685fe3b..34ca379edc3d 100644 +--- a/src/ap/drv_callbacks.c ++++ b/src/ap/drv_callbacks.c +@@ -131,6 +131,19 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr, + "hostapd_notif_assoc: Skip event with no address"); + return -1; + } ++ ++ if (is_multicast_ether_addr(addr) || ++ is_zero_ether_addr(addr) || ++ os_memcmp(addr, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "%s: Invalid SA=" MACSTR ++ " in received indication - ignore this indication silently", ++ __func__, MAC2STR(addr)); ++ return 0; ++ } ++ + random_add_randomness(addr, ETH_ALEN); + + hostapd_logger(hapd, addr, HOSTAPD_MODULE_IEEE80211, +diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c +index c85a28db44b7..e7065372e158 100644 +--- a/src/ap/ieee802_11.c ++++ b/src/ap/ieee802_11.c +@@ -4626,6 +4626,18 @@ int ieee802_11_mgmt(struct hostapd_data *hapd, const u8 *buf, size_t len, + fc = le_to_host16(mgmt->frame_control); + stype = WLAN_FC_GET_STYPE(fc); + ++ if (is_multicast_ether_addr(mgmt->sa) || ++ is_zero_ether_addr(mgmt->sa) || ++ os_memcmp(mgmt->sa, hapd->own_addr, ETH_ALEN) == 0) { ++ /* Do not process any frames with unexpected/invalid SA so that ++ * we do not add any state for unexpected STA addresses or end ++ * up sending out frames to unexpected destination. */ ++ wpa_printf(MSG_DEBUG, "MGMT: Invalid SA=" MACSTR ++ " in received frame - ignore this frame silently", ++ MAC2STR(mgmt->sa)); ++ return 0; ++ } ++ + if (stype == WLAN_FC_STYPE_BEACON) { + handle_beacon(hapd, mgmt, len, fi); + return 1; +-- +2.20.1 diff --git a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb index ad9e6ea4b..3e92427bb 100644 --- a/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb +++ b/poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.9.bb @@ -25,6 +25,7 @@ SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ file://wpa_supplicant.conf-sane \ file://99_wpa_supplicant \ file://0001-replace-systemd-install-Alias-with-WantedBy.patch \ + file://0001-AP-Silently-ignore-management-frame-from-unexpected-.patch \ " SRC_URI[md5sum] = "2d2958c782576dc9901092fbfecb4190" SRC_URI[sha256sum] = "fcbdee7b4a64bea8177973299c8c824419c413ec2e3a95db63dd6a5dc3541f17" diff --git a/poky/meta/recipes-core/coreutils/coreutils_8.31.bb b/poky/meta/recipes-core/coreutils/coreutils_8.31.bb index 4a74f619a..57b2c1bdb 100644 --- a/poky/meta/recipes-core/coreutils/coreutils_8.31.bb +++ b/poky/meta/recipes-core/coreutils/coreutils_8.31.bb @@ -49,7 +49,7 @@ bindir_progs = "arch basename chcon cksum comm csplit cut dir dircolors dirname env expand expr factor fmt fold groups head hostid id install \ join link logname md5sum mkfifo nl nohup nproc od paste pathchk \ pinky pr printf ptx readlink realpath runcon seq sha1sum sha224sum sha256sum \ - sha384sum sha512sum shred shuf sort split stdbuf sum tac tail tee test timeout \ + sha384sum sha512sum shred shuf sort split sum tac tail tee test timeout \ tr truncate tsort tty unexpand uniq unlink uptime users vdir wc who whoami yes" # hostname gets a special treatment and is not included in this @@ -58,6 +58,10 @@ base_bindir_progs = "cat chgrp chmod chown cp date dd echo false hostname kill l sbindir_progs= "chroot" +PACKAGE_BEFORE_PN_class-target += "coreutils-stdbuf" +FILES_coreutils-stdbuf = "${bindir}/stdbuf ${libdir}/coreutils/libstdbuf.so" +RDEPENDS_coreutils_class-target += "coreutils-stdbuf" + # Let aclocal use the relative path for the m4 file rather than the # absolute since coreutils has a lot of m4 files, otherwise there might # be an "Argument list too long" error when it is built in a long/deep diff --git a/poky/meta/recipes-core/dbus/dbus/dbus-1.init b/poky/meta/recipes-core/dbus/dbus/dbus-1.init index 42c86297c..90e167e57 100644 --- a/poky/meta/recipes-core/dbus/dbus/dbus-1.init +++ b/poky/meta/recipes-core/dbus/dbus/dbus-1.init @@ -21,8 +21,8 @@ DAEMON=@bindir@/dbus-daemon NAME=dbus -DAEMONUSER=messagebus # must match /etc/dbus-1/system.conf -PIDFILE=/var/run/messagebus.pid # must match /etc/dbus-1/system.conf +DAEMONUSER=messagebus # must match /usr/share/dbus-1/system.conf +PIDFILE=/var/run/dbus/pid # must match /usr/share/dbus-1/system.conf UUIDDIR=/var/lib/dbus DESC="system message bus" EVENTDIR=/etc/dbus-1/event.d diff --git a/poky/meta/recipes-core/ell/ell_0.22.bb b/poky/meta/recipes-core/ell/ell_0.22.bb deleted file mode 100644 index b3942fc30..000000000 --- a/poky/meta/recipes-core/ell/ell_0.22.bb +++ /dev/null @@ -1,22 +0,0 @@ -SUMMARY = "Embedded Linux Library" -DESCRIPTION = "The Embedded Linux Library (ELL) provides core, \ -low-level functionality for system daemons. It typically has no \ -dependencies other than the Linux kernel, C standard library, and \ -libdl (for dynamic linking). While ELL is designed to be efficient \ -and compact enough for use on embedded Linux platforms, it is not \ -limited to resource-constrained systems." -SECTION = "libs" -LICENSE = "LGPLv2.1" -LIC_FILES_CHKSUM = "file://COPYING;md5=fb504b67c50331fc78734fed90fb0e09" - -DEPENDS = "dbus" - -inherit autotools pkgconfig - -SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/libs/${BPN}/${BPN}-${PV}.tar.xz" -SRC_URI[md5sum] = "a4e7d74404f11e71775b89f53a8f1c33" -SRC_URI[sha256sum] = "3c1d6d997e17dfcbe4ebcd1331d9a7be5c64f2f0a0813bc223790e570d8da2e3" - -do_configure_prepend () { - mkdir -p ${S}/build-aux -} diff --git a/poky/meta/recipes-core/ell/ell_0.26.bb b/poky/meta/recipes-core/ell/ell_0.26.bb new file mode 100644 index 000000000..f1f252ce4 --- /dev/null +++ b/poky/meta/recipes-core/ell/ell_0.26.bb @@ -0,0 +1,22 @@ +SUMMARY = "Embedded Linux Library" +DESCRIPTION = "The Embedded Linux Library (ELL) provides core, \ +low-level functionality for system daemons. It typically has no \ +dependencies other than the Linux kernel, C standard library, and \ +libdl (for dynamic linking). While ELL is designed to be efficient \ +and compact enough for use on embedded Linux platforms, it is not \ +limited to resource-constrained systems." +SECTION = "libs" +LICENSE = "LGPLv2.1" +LIC_FILES_CHKSUM = "file://COPYING;md5=fb504b67c50331fc78734fed90fb0e09" + +DEPENDS = "dbus" + +inherit autotools pkgconfig + +SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/libs/${BPN}/${BPN}-${PV}.tar.xz" +SRC_URI[md5sum] = "4660e25541071e933a2bb02ef2f94e7d" +SRC_URI[sha256sum] = "7855b4b8f271ba6ee67d87d0965b975a9a8dbeaa616665ca2248afa3b5fcbc77" + +do_configure_prepend () { + mkdir -p ${S}/build-aux +} diff --git a/poky/meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch b/poky/meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch new file mode 100644 index 000000000..7870c4ba3 --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/0001-ncurses-selective-backport-of-20191012-patch.patch @@ -0,0 +1,169 @@ +From 064b77f173337aa790f1cec0d741bfbc61a33d31 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin +Date: Fri, 18 Oct 2019 09:57:43 -0400 +Subject: [PATCH] ncurses: selective backport of 20191012 patch + +Upstream-Status: Backport [https://salsa.debian.org/debian/ncurses/commit/243908b1e3d81] + +Contents of the upstream patch that are not applied to comp_hash.c, +parse_entry.c, or dump_entry.c have been omitted. + +CVE: CVE-2019-17594 +CVE: CVE-2019-17595 + +Signed-off-by: Trevor Gamblin + +--- + ncurses/tinfo/comp_hash.c | 14 ++++++++++---- + ncurses/tinfo/parse_entry.c | 32 ++++++++++++++++---------------- + progs/dump_entry.c | 7 ++++--- + 3 files changed, 30 insertions(+), 23 deletions(-) + +diff --git a/ncurses/tinfo/comp_hash.c b/ncurses/tinfo/comp_hash.c +index 21f165ca..a62d38f9 100644 +--- a/ncurses/tinfo/comp_hash.c ++++ b/ncurses/tinfo/comp_hash.c +@@ -44,7 +44,7 @@ + #include + #include + +-MODULE_ID("$Id: comp_hash.c,v 1.49 2019/03/10 00:06:48 tom Exp $") ++MODULE_ID("$Id: comp_hash.c,v 1.51 2019/10/12 16:32:13 tom Exp $") + + /* + * Finds the entry for the given string in the hash table if present. +@@ -63,7 +63,9 @@ _nc_find_entry(const char *string, + + hashvalue = data->hash_of(string); + +- if (data->table_data[hashvalue] >= 0) { ++ if (hashvalue >= 0 ++ && (unsigned) hashvalue < data->table_size ++ && data->table_data[hashvalue] >= 0) { + + real_table = _nc_get_table(termcap); + ptr = real_table + data->table_data[hashvalue]; +@@ -96,7 +98,9 @@ _nc_find_type_entry(const char *string, + const HashData *data = _nc_get_hash_info(termcap); + int hashvalue = data->hash_of(string); + +- if (data->table_data[hashvalue] >= 0) { ++ if (hashvalue >= 0 ++ && (unsigned) hashvalue < data->table_size ++ && data->table_data[hashvalue] >= 0) { + const struct name_table_entry *const table = _nc_get_table(termcap); + + ptr = table + data->table_data[hashvalue]; +@@ -124,7 +128,9 @@ _nc_find_user_entry(const char *string) + + hashvalue = data->hash_of(string); + +- if (data->table_data[hashvalue] >= 0) { ++ if (hashvalue >= 0 ++ && (unsigned) hashvalue < data->table_size ++ && data->table_data[hashvalue] >= 0) { + + real_table = _nc_get_userdefs_table(); + ptr = real_table + data->table_data[hashvalue]; +diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c +index f8cca8b5..064376c5 100644 +--- a/ncurses/tinfo/parse_entry.c ++++ b/ncurses/tinfo/parse_entry.c +@@ -47,7 +47,7 @@ + #include + #include + +-MODULE_ID("$Id: parse_entry.c,v 1.97 2019/08/03 23:10:38 tom Exp $") ++MODULE_ID("$Id: parse_entry.c,v 1.98 2019/10/12 00:50:31 tom Exp $") + + #ifdef LINT + static short const parametrized[] = +@@ -654,12 +654,12 @@ _nc_capcmp(const char *s, const char *t) + } + + static void +-append_acs0(string_desc * dst, int code, int src) ++append_acs0(string_desc * dst, int code, char *src, size_t off) + { +- if (src != 0) { ++ if (src != 0 && off < strlen(src)) { + char temp[3]; + temp[0] = (char) code; +- temp[1] = (char) src; ++ temp[1] = src[off]; + temp[2] = 0; + _nc_safe_strcat(dst, temp); + } +@@ -669,7 +669,7 @@ static void + append_acs(string_desc * dst, int code, char *src) + { + if (VALID_STRING(src) && strlen(src) == 1) { +- append_acs0(dst, code, *src); ++ append_acs0(dst, code, src, 0); + } + } + +@@ -1038,17 +1038,17 @@ postprocess_terminfo(TERMTYPE2 *tp) + _nc_str_init(&result, buf2, sizeof(buf2)); + _nc_safe_strcat(&result, acs_chars); + +- append_acs0(&result, 'l', box_chars_1[0]); /* ACS_ULCORNER */ +- append_acs0(&result, 'q', box_chars_1[1]); /* ACS_HLINE */ +- append_acs0(&result, 'k', box_chars_1[2]); /* ACS_URCORNER */ +- append_acs0(&result, 'x', box_chars_1[3]); /* ACS_VLINE */ +- append_acs0(&result, 'j', box_chars_1[4]); /* ACS_LRCORNER */ +- append_acs0(&result, 'm', box_chars_1[5]); /* ACS_LLCORNER */ +- append_acs0(&result, 'w', box_chars_1[6]); /* ACS_TTEE */ +- append_acs0(&result, 'u', box_chars_1[7]); /* ACS_RTEE */ +- append_acs0(&result, 'v', box_chars_1[8]); /* ACS_BTEE */ +- append_acs0(&result, 't', box_chars_1[9]); /* ACS_LTEE */ +- append_acs0(&result, 'n', box_chars_1[10]); /* ACS_PLUS */ ++ append_acs0(&result, 'l', box_chars_1, 0); /* ACS_ULCORNER */ ++ append_acs0(&result, 'q', box_chars_1, 1); /* ACS_HLINE */ ++ append_acs0(&result, 'k', box_chars_1, 2); /* ACS_URCORNER */ ++ append_acs0(&result, 'x', box_chars_1, 3); /* ACS_VLINE */ ++ append_acs0(&result, 'j', box_chars_1, 4); /* ACS_LRCORNER */ ++ append_acs0(&result, 'm', box_chars_1, 5); /* ACS_LLCORNER */ ++ append_acs0(&result, 'w', box_chars_1, 6); /* ACS_TTEE */ ++ append_acs0(&result, 'u', box_chars_1, 7); /* ACS_RTEE */ ++ append_acs0(&result, 'v', box_chars_1, 8); /* ACS_BTEE */ ++ append_acs0(&result, 't', box_chars_1, 9); /* ACS_LTEE */ ++ append_acs0(&result, 'n', box_chars_1, 10); /* ACS_PLUS */ + + if (buf2[0]) { + acs_chars = _nc_save_str(buf2); +diff --git a/progs/dump_entry.c b/progs/dump_entry.c +index d0e420ec..8a47084a 100644 +--- a/progs/dump_entry.c ++++ b/progs/dump_entry.c +@@ -39,7 +39,7 @@ + #include "termsort.c" /* this C file is generated */ + #include /* so is this */ + +-MODULE_ID("$Id: dump_entry.c,v 1.173 2019/05/11 21:02:24 tom Exp $") ++MODULE_ID("$Id: dump_entry.c,v 1.175 2019/10/12 15:59:07 tom Exp $") + + #define DISCARD(string) string = ABSENT_STRING + #define PRINTF (void) printf +@@ -1136,7 +1136,8 @@ fmt_entry(TERMTYPE2 *tterm, + *d++ = '\\'; + *d = ':'; + } else if (*d == '\\') { +- *++d = *s++; ++ if ((*++d = *s++) == '\0') ++ break; + } + d++; + *d = '\0'; +@@ -1396,7 +1397,7 @@ one_one_mapping(const char *mapping) + + if (VALID_STRING(mapping)) { + int n = 0; +- while (mapping[n] != '\0') { ++ while (mapping[n] != '\0' && mapping[n + 1] != '\0') { + if (isLine(mapping[n]) && + mapping[n] != mapping[n + 1]) { + result = FALSE; +-- +2.17.1 + diff --git a/poky/meta/recipes-core/ncurses/ncurses_6.1+20190803.bb b/poky/meta/recipes-core/ncurses/ncurses_6.1+20190803.bb index a44d78e4f..e638a3737 100644 --- a/poky/meta/recipes-core/ncurses/ncurses_6.1+20190803.bb +++ b/poky/meta/recipes-core/ncurses/ncurses_6.1+20190803.bb @@ -3,6 +3,7 @@ require ncurses.inc SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://config.cache \ + file://0001-ncurses-selective-backport-of-20191012-patch.patch \ " # commit id corresponds to the revision in package version SRCREV = "3c9b2677c96c645496997321bf2fe465a5e7e21f" diff --git a/poky/meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch b/poky/meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch new file mode 100644 index 000000000..5d4c148fb --- /dev/null +++ b/poky/meta/recipes-core/util-linux/util-linux/0001-lsblk-force-to-print-PKNAME-for-partition.patch @@ -0,0 +1,36 @@ +From e3bb9bfb76c17b1d05814436ced62c05c4011f48 Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 27 Jun 2019 09:22:18 +0200 +Subject: [PATCH] lsblk: force to print PKNAME for partition + +PKNAME (parent kernel device name) is based on printed tree according +to parent -> child relationship. The tree is optional and not printed +if partition specified (.e.g "lsblk -o+PKNAME /dev/sda1"), but old +versions print the PKNAME also in this case. + +Upstream-Status: Backport [https://github.com/karelzak/util-linux/commit/e3bb9bfb76c17b1d05814436ced62c05c4011f48] + +Addresses: https://github.com/karelzak/util-linux/issues/813 +Signed-off-by: Karel Zak +Signed-off-by: Liwei Song +--- + misc-utils/lsblk.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/misc-utils/lsblk.c b/misc-utils/lsblk.c +index e95af7af0256..3ce6da730264 100644 +--- a/misc-utils/lsblk.c ++++ b/misc-utils/lsblk.c +@@ -1019,6 +1019,9 @@ static void device_to_scols( + DBG(DEV, ul_debugobj(dev, "add '%s' to scols", dev->name)); + ON_DBG(DEV, if (ul_path_isopen_dirfd(dev->sysfs)) ul_debugobj(dev, " %s ---> is open!", dev->name)); + ++ if (!parent && dev->wholedisk) ++ parent = dev->wholedisk; ++ + /* Do not print device more than one in --list mode */ + if (!(lsblk->flags & LSBLK_TREE) && dev->is_printed) + return; +-- +2.17.1 + diff --git a/poky/meta/recipes-core/util-linux/util-linux_2.34.bb b/poky/meta/recipes-core/util-linux/util-linux_2.34.bb index 262f4bacb..e9c2d80e9 100644 --- a/poky/meta/recipes-core/util-linux/util-linux_2.34.bb +++ b/poky/meta/recipes-core/util-linux/util-linux_2.34.bb @@ -7,6 +7,7 @@ SRC_URI += "file://configure-sbindir.patch \ file://run-ptest \ file://display_testname_for_subtest.patch \ file://avoid_parallel_tests.patch \ + file://0001-lsblk-force-to-print-PKNAME-for-partition.patch \ " SRC_URI[md5sum] = "a78cbeaed9c39094b96a48ba8f891d50" SRC_URI[sha256sum] = "743f9d0c7252b6db246b659c1e1ce0bd45d8d4508b4dfa427bbb4a3e9b9f62b5" diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.32.inc b/poky/meta/recipes-devtools/binutils/binutils-2.32.inc index 19baf8a88..349c3e115 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.32.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.32.inc @@ -49,6 +49,8 @@ SRC_URI = "\ file://CVE-2019-12972.patch \ file://CVE-2019-14250.patch \ file://CVE-2019-14444.patch \ + file://CVE-2019-17450.patch \ + file://CVE-2019-17451.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17450.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17450.patch new file mode 100644 index 000000000..a6ce0b9a8 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17450.patch @@ -0,0 +1,99 @@ +From 09dd135df9ebc7a4b640537e23e26a03a288a789 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Wed, 9 Oct 2019 00:07:29 +1030 +Subject: [PATCH] PR25078, stack overflow in function find_abstract_instance + +Selectively backporting fix for bfd/dwarf2.c, but not the ChangeLog +file. There are newer versions of binutils, but none of them contain the +commit fixing CVE-2019-17450, so backport it to master and zeus. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=063c511bd79] +CVE: CVE-2019-17450 +Signed-off-by: Trevor Gamblin + + PR 25078 + * dwarf2.c (find_abstract_instance): Delete orig_info_ptr, add + recur_count. Error on recur_count reaching 100 rather than + info_ptr matching orig_info_ptr. Adjust calls. + +--- + bfd/dwarf2.c | 35 +++++++++++++++++------------------ + 1 file changed, 17 insertions(+), 18 deletions(-) + +diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c +index 0b4e485582..20ec9e2e56 100644 +--- a/bfd/dwarf2.c ++++ b/bfd/dwarf2.c +@@ -2803,13 +2803,13 @@ lookup_symbol_in_variable_table (struct comp_unit *unit, + } + + static bfd_boolean +-find_abstract_instance (struct comp_unit * unit, +- bfd_byte * orig_info_ptr, +- struct attribute * attr_ptr, +- const char ** pname, +- bfd_boolean * is_linkage, +- char ** filename_ptr, +- int * linenumber_ptr) ++find_abstract_instance (struct comp_unit *unit, ++ struct attribute *attr_ptr, ++ unsigned int recur_count, ++ const char **pname, ++ bfd_boolean *is_linkage, ++ char **filename_ptr, ++ int *linenumber_ptr) + { + bfd *abfd = unit->abfd; + bfd_byte *info_ptr; +@@ -2820,6 +2820,14 @@ find_abstract_instance (struct comp_unit * unit, + struct attribute attr; + const char *name = NULL; + ++ if (recur_count == 100) ++ { ++ _bfd_error_handler ++ (_("DWARF error: abstract instance recursion detected")); ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } ++ + /* DW_FORM_ref_addr can reference an entry in a different CU. It + is an offset from the .debug_info section, not the current CU. */ + if (attr_ptr->form == DW_FORM_ref_addr) +@@ -2939,15 +2947,6 @@ find_abstract_instance (struct comp_unit * unit, + info_ptr, info_ptr_end); + if (info_ptr == NULL) + break; +- /* It doesn't ever make sense for DW_AT_specification to +- refer to the same DIE. Stop simple recursion. */ +- if (info_ptr == orig_info_ptr) +- { +- _bfd_error_handler +- (_("DWARF error: abstract instance recursion detected")); +- bfd_set_error (bfd_error_bad_value); +- return FALSE; +- } + switch (attr.name) + { + case DW_AT_name: +@@ -2961,7 +2960,7 @@ find_abstract_instance (struct comp_unit * unit, + } + break; + case DW_AT_specification: +- if (!find_abstract_instance (unit, info_ptr, &attr, ++ if (!find_abstract_instance (unit, &attr, recur_count + 1, + &name, is_linkage, + filename_ptr, linenumber_ptr)) + return FALSE; +@@ -3175,7 +3174,7 @@ scan_unit_for_symbols (struct comp_unit *unit) + + case DW_AT_abstract_origin: + case DW_AT_specification: +- if (!find_abstract_instance (unit, info_ptr, &attr, ++ if (!find_abstract_instance (unit, &attr, 0, + &func->name, + &func->is_linkage, + &func->file, +-- +2.23.0 + diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17451.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17451.patch new file mode 100644 index 000000000..b36a53266 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-17451.patch @@ -0,0 +1,51 @@ +From 0192438051a7e781585647d5581a2a6f62fda362 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Wed, 9 Oct 2019 10:47:13 +1030 +Subject: [PATCH] PR25070, SEGV in function _bfd_dwarf2_find_nearest_line + +Selectively backporting fix for bfd/dwarf2.c, but not the ChangeLog +file. There are newer versions of binutils, but none of them contain the +commit fixing CVE-2019-17451, so backport it to master and zeus. + +Upstream-Status: Backport +[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848] +CVE: CVE-2019-17451 +Signed-off-by: Trevor Gamblin + + +Evil testcase with two debug info sections, with sizes of 2aaaabac4ec1 +and ffffd5555453b140 result in a total size of 1. Reading the first +section of course overflows the buffer and tramples on other memory. + + PR 25070 + * dwarf2.c (_bfd_dwarf2_slurp_debug_info): Catch overflow of + total_size calculation. +--- + bfd/dwarf2.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c +index 0b4e485582..a91597b1d0 100644 +--- a/bfd/dwarf2.c ++++ b/bfd/dwarf2.c +@@ -4426,7 +4426,16 @@ _bfd_dwarf2_slurp_debug_info (bfd *abfd, bfd *debug_bfd, + for (total_size = 0; + msec; + msec = find_debug_info (debug_bfd, debug_sections, msec)) +- total_size += msec->size; ++ { ++ /* Catch PR25070 testcase overflowing size calculation here. */ ++ if (total_size + msec->size < total_size ++ || total_size + msec->size < msec->size) ++ { ++ bfd_set_error (bfd_error_no_memory); ++ return FALSE; ++ } ++ total_size += msec->size; ++ } + + stash->info_ptr_memory = (bfd_byte *) bfd_malloc (total_size); + if (stash->info_ptr_memory == NULL) +-- +2.23.0 + diff --git a/poky/meta/recipes-devtools/bison/bison_3.4.1.bb b/poky/meta/recipes-devtools/bison/bison_3.4.1.bb deleted file mode 100644 index 7946e20c5..000000000 --- a/poky/meta/recipes-devtools/bison/bison_3.4.1.bb +++ /dev/null @@ -1,40 +0,0 @@ -SUMMARY = "GNU Project parser generator (yacc replacement)" -DESCRIPTION = "Bison is a general-purpose parser generator that converts an annotated context-free grammar into \ -an LALR(1) or GLR parser for that grammar. Bison is upward compatible with Yacc: all properly-written Yacc \ -grammars ought to work with Bison with no change. Anyone familiar with Yacc should be able to use Bison with \ -little trouble." -HOMEPAGE = "http://www.gnu.org/software/bison/" -LICENSE = "GPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SECTION = "devel" -DEPENDS = "bison-native flex-native" - -SRC_URI = "${GNU_MIRROR}/bison/bison-${PV}.tar.xz \ - file://dont-depend-on-help2man.patch.patch \ - file://add-with-bisonlocaledir.patch \ -" - -# No point in hardcoding path to m4, just use PATH -EXTRA_OECONF += "M4=m4" - -SRC_URI[md5sum] = "201286a573b12da109df96282fe4ff4a" -SRC_URI[sha256sum] = "27159ac5ebf736dffd5636fd2cd625767c9e437de65baa63cb0de83570bd820d" - -inherit autotools gettext texinfo - -# The automatic m4 path detection gets confused, so force the right value -acpaths = "-I ${S}/m4" - -do_compile_prepend() { - for i in mfcalc calc++ rpcalc; do mkdir -p ${B}/examples/$i; done -} - -do_install_append_class-native() { - create_wrapper ${D}/${bindir}/bison \ - BISON_PKGDATADIR=${STAGING_DATADIR_NATIVE}/bison -} -do_install_append_class-nativesdk() { - create_wrapper ${D}/${bindir}/bison \ - BISON_PKGDATADIR=${datadir}/bison -} -BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/bison/bison_3.4.2.bb b/poky/meta/recipes-devtools/bison/bison_3.4.2.bb new file mode 100644 index 000000000..46f0f908d --- /dev/null +++ b/poky/meta/recipes-devtools/bison/bison_3.4.2.bb @@ -0,0 +1,40 @@ +SUMMARY = "GNU Project parser generator (yacc replacement)" +DESCRIPTION = "Bison is a general-purpose parser generator that converts an annotated context-free grammar into \ +an LALR(1) or GLR parser for that grammar. Bison is upward compatible with Yacc: all properly-written Yacc \ +grammars ought to work with Bison with no change. Anyone familiar with Yacc should be able to use Bison with \ +little trouble." +HOMEPAGE = "http://www.gnu.org/software/bison/" +LICENSE = "GPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" +SECTION = "devel" +DEPENDS = "bison-native flex-native" + +SRC_URI = "${GNU_MIRROR}/bison/bison-${PV}.tar.xz \ + file://dont-depend-on-help2man.patch.patch \ + file://add-with-bisonlocaledir.patch \ +" + +# No point in hardcoding path to m4, just use PATH +EXTRA_OECONF += "M4=m4" + +SRC_URI[md5sum] = "d1ceb9dfde2d03b24a4c1137f7f1b572" +SRC_URI[sha256sum] = "27d05534699735dc69e86add5b808d6cb35900ad3fd63fa82e3eb644336abfa0" + +inherit autotools gettext texinfo + +# The automatic m4 path detection gets confused, so force the right value +acpaths = "-I ${S}/m4" + +do_compile_prepend() { + for i in mfcalc calc++ rpcalc; do mkdir -p ${B}/examples/$i; done +} + +do_install_append_class-native() { + create_wrapper ${D}/${bindir}/bison \ + BISON_PKGDATADIR=${STAGING_DATADIR_NATIVE}/bison +} +do_install_append_class-nativesdk() { + create_wrapper ${D}/${bindir}/bison \ + BISON_PKGDATADIR=${datadir}/bison +} +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.2.2.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.2.2.bb deleted file mode 100644 index 6b73c01dc..000000000 --- a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.2.2.bb +++ /dev/null @@ -1,52 +0,0 @@ -SUMMARY = "Checksumming Copy on Write Filesystem utilities" -DESCRIPTION = "Btrfs is a new copy on write filesystem for Linux aimed at \ -implementing advanced features while focusing on fault tolerance, repair and \ -easy administration. \ -This package contains utilities (mkfs, fsck, btrfsctl) used to work with \ -btrfs and an utility (btrfs-convert) to make a btrfs filesystem from an ext3." - -HOMEPAGE = "https://btrfs.wiki.kernel.org" - -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=fcb02dc552a041dee27e4b85c7396067" -SECTION = "base" -DEPENDS = "util-linux attr e2fsprogs lzo acl" -DEPENDS_append_class-target = " udev" -RDEPENDS_${PN} = "libgcc" - -SRCREV = "55a8c9626fb906c20c3206f8fd39b9a8fb259b79" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \ - file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ - " - -PACKAGECONFIG ??= "python" -PACKAGECONFIG[manpages] = "--enable-documentation, --disable-documentation, asciidoc-native xmlto-native" -PACKAGECONFIG[python] = "--enable-python,--disable-python,python3-setuptools-native" -PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd" - -inherit autotools-brokensep pkgconfig manpages -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'distutils3-base', '', d)} - -CLEANBROKEN = "1" - -EXTRA_OECONF_append_libc-musl = " --disable-backtrace " -EXTRA_PYTHON_CFLAGS = "${DEBUG_PREFIX_MAP}" -EXTRA_PYTHON_CFLAGS_class-native = "" -EXTRA_PYTHON_LDFLAGS = "${LDFLAGS}" -EXTRA_OEMAKE = "V=1 'EXTRA_PYTHON_CFLAGS=${EXTRA_PYTHON_CFLAGS}' 'EXTRA_PYTHON_LDFLAGS=${EXTRA_PYTHON_LDFLAGS}'" - -do_configure_prepend() { - # Upstream doesn't ship this and autoreconf won't install it as automake isn't used. - mkdir -p ${S}/config - cp -f $(automake --print-libdir)/install-sh ${S}/config/ -} - -S = "${WORKDIR}/git" - -do_install_append() { - if [ "${@bb.utils.filter('PACKAGECONFIG', 'python', d)}" ]; then - oe_runmake 'DESTDIR=${D}' 'PYTHON_SITEPACKAGES_DIR=${PYTHON_SITEPACKAGES_DIR}' install_python - fi -} - -BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb new file mode 100644 index 000000000..12b5c4562 --- /dev/null +++ b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb @@ -0,0 +1,52 @@ +SUMMARY = "Checksumming Copy on Write Filesystem utilities" +DESCRIPTION = "Btrfs is a new copy on write filesystem for Linux aimed at \ +implementing advanced features while focusing on fault tolerance, repair and \ +easy administration. \ +This package contains utilities (mkfs, fsck, btrfsctl) used to work with \ +btrfs and an utility (btrfs-convert) to make a btrfs filesystem from an ext3." + +HOMEPAGE = "https://btrfs.wiki.kernel.org" + +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=fcb02dc552a041dee27e4b85c7396067" +SECTION = "base" +DEPENDS = "util-linux attr e2fsprogs lzo acl" +DEPENDS_append_class-target = " udev" +RDEPENDS_${PN} = "libgcc" + +SRCREV = "de7856cee5907938441f765ebab7cc106b7faf70" +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \ + file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ + " + +PACKAGECONFIG ??= "python" +PACKAGECONFIG[manpages] = "--enable-documentation, --disable-documentation, asciidoc-native xmlto-native" +PACKAGECONFIG[python] = "--enable-python,--disable-python,python3-setuptools-native" +PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd" + +inherit autotools-brokensep pkgconfig manpages +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'distutils3-base', '', d)} + +CLEANBROKEN = "1" + +EXTRA_OECONF_append_libc-musl = " --disable-backtrace " +EXTRA_PYTHON_CFLAGS = "${DEBUG_PREFIX_MAP}" +EXTRA_PYTHON_CFLAGS_class-native = "" +EXTRA_PYTHON_LDFLAGS = "${LDFLAGS}" +EXTRA_OEMAKE = "V=1 'EXTRA_PYTHON_CFLAGS=${EXTRA_PYTHON_CFLAGS}' 'EXTRA_PYTHON_LDFLAGS=${EXTRA_PYTHON_LDFLAGS}'" + +do_configure_prepend() { + # Upstream doesn't ship this and autoreconf won't install it as automake isn't used. + mkdir -p ${S}/config + cp -f $(automake --print-libdir)/install-sh ${S}/config/ +} + +S = "${WORKDIR}/git" + +do_install_append() { + if [ "${@bb.utils.filter('PACKAGECONFIG', 'python', d)}" ]; then + oe_runmake 'DESTDIR=${D}' 'PYTHON_SITEPACKAGES_DIR=${PYTHON_SITEPACKAGES_DIR}' install_python + fi +} + +BBCLASSEXTEND = "native" diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb deleted file mode 100644 index fdc9454b5..000000000 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb +++ /dev/null @@ -1,138 +0,0 @@ -require e2fsprogs.inc - -SRC_URI += "file://remove.ldconfig.call.patch \ - file://run-ptest \ - file://ptest.patch \ - file://mkdir_p.patch \ - file://0001-misc-create_inode.c-set-dir-s-mode-correctly.patch \ - " - -SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \ - file://quiet-debugfs.patch \ -" - -SRCREV = "1f56fb81236fe3e25e2c60c1e89ea0aa7cb36260" -UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+\.\d+(\.\d+)*)$" - -EXTRA_OECONF += "--libdir=${base_libdir} --sbindir=${base_sbindir} \ - --enable-elf-shlibs --disable-libuuid --disable-uuidd \ - --disable-libblkid --enable-verbose-makecmds \ - --with-crond-dir=no" - -EXTRA_OECONF_darwin = "--libdir=${base_libdir} --sbindir=${base_sbindir} --enable-bsd-shlibs" - -PACKAGECONFIG ??= "" -PACKAGECONFIG[fuse] = '--enable-fuse2fs,--disable-fuse2fs,fuse' - -# make locale rules sometimes fire, sometimes don't as git doesn't preserve -# file mktime. Touch the files introducing non-determinism to the build -do_compile_prepend (){ - find ${S}/po -type f -name "*.po" -exec touch {} + -} - -do_install () { - oe_runmake 'DESTDIR=${D}' install - oe_runmake 'DESTDIR=${D}' install-libs - # We use blkid from util-linux now so remove from here - rm -f ${D}${base_libdir}/libblkid* - rm -rf ${D}${includedir}/blkid - rm -f ${D}${base_libdir}/pkgconfig/blkid.pc - rm -f ${D}${base_sbindir}/blkid - rm -f ${D}${base_sbindir}/fsck - rm -f ${D}${base_sbindir}/findfs - - # e2initrd_helper and the pkgconfig files belong in libdir - if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then - install -d ${D}${libdir} - mv ${D}${base_libdir}/e2initrd_helper ${D}${libdir} - mv ${D}${base_libdir}/pkgconfig ${D}${libdir} - fi - - oe_multilib_header ext2fs/ext2_types.h - install -d ${D}${base_bindir} - mv ${D}${bindir}/chattr ${D}${base_bindir}/chattr.e2fsprogs - - install -v -m 755 ${S}/contrib/populate-extfs.sh ${D}${base_sbindir}/ - - # Clean host path (build directory) in compile_et, mk_cmds - sed -i -e "s,\(ET_DIR=.*\)${S}/lib/et\(.*\),\1${datadir}/et\2,g" ${D}${bindir}/compile_et - sed -i -e "s,\(SS_DIR=.*\)${S}/lib/ss\(.*\),\1${datadir}/ss\2,g" ${D}${bindir}/mk_cmds -} - -# Need to find the right mke2fs.conf file -e2fsprogs_conf_fixup () { - for i in mke2fs mkfs.ext2 mkfs.ext3 mkfs.ext4; do - create_wrapper ${D}${base_sbindir}/$i MKE2FS_CONFIG=${sysconfdir}/mke2fs.conf - done -} - -do_install_append_class-native() { - e2fsprogs_conf_fixup -} - -do_install_append_class-nativesdk() { - e2fsprogs_conf_fixup -} - -do_install_append_class-target() { - mv ${D}${base_sbindir}/mke2fs ${D}${base_sbindir}/mke2fs.e2fsprogs - mv ${D}${base_sbindir}/mkfs.ext2 ${D}${base_sbindir}/mkfs.ext2.e2fsprogs - mv ${D}${base_sbindir}/tune2fs ${D}${base_sbindir}/tune2fs.e2fsprogs -} - -RDEPENDS_e2fsprogs = "e2fsprogs-badblocks" -RRECOMMENDS_e2fsprogs = "e2fsprogs-mke2fs e2fsprogs-e2fsck" - -PACKAGES =+ "e2fsprogs-e2fsck e2fsprogs-e2scrub e2fsprogs-mke2fs e2fsprogs-tune2fs e2fsprogs-badblocks e2fsprogs-resize2fs" -PACKAGES =+ "libcomerr libss libe2p libext2fs" - -FILES_e2fsprogs-resize2fs = "${base_sbindir}/resize2fs*" -FILES_e2fsprogs-e2fsck = "${base_sbindir}/e2fsck ${base_sbindir}/fsck.ext*" -FILES_e2fsprogs-e2scrub = "${base_sbindir}/e2scrub*" -FILES_e2fsprogs-mke2fs = "${base_sbindir}/mke2fs.e2fsprogs ${base_sbindir}/mkfs.ext* ${sysconfdir}/mke2fs.conf" -FILES_e2fsprogs-tune2fs = "${base_sbindir}/tune2fs.e2fsprogs ${base_sbindir}/e2label" -FILES_e2fsprogs-badblocks = "${base_sbindir}/badblocks" -FILES_libcomerr = "${base_libdir}/libcom_err.so.*" -FILES_libss = "${base_libdir}/libss.so.*" -FILES_libe2p = "${base_libdir}/libe2p.so.*" -FILES_libext2fs = "${libdir}/e2initrd_helper ${base_libdir}/libext2fs.so.*" -FILES_${PN}-dev += "${datadir}/*/*.awk ${datadir}/*/*.sed ${base_libdir}/*.so ${bindir}/compile_et ${bindir}/mk_cmds" - -ALTERNATIVE_${PN} = "chattr" -ALTERNATIVE_PRIORITY = "100" -ALTERNATIVE_LINK_NAME[chattr] = "${base_bindir}/chattr" -ALTERNATIVE_TARGET[chattr] = "${base_bindir}/chattr.e2fsprogs" - -ALTERNATIVE_${PN}-doc = "fsck.8" -ALTERNATIVE_LINK_NAME[fsck.8] = "${mandir}/man8/fsck.8" - -ALTERNATIVE_${PN}-mke2fs = "mke2fs mkfs.ext2" -ALTERNATIVE_LINK_NAME[mke2fs] = "${base_sbindir}/mke2fs" -ALTERNATIVE_LINK_NAME[mkfs.ext2] = "${base_sbindir}/mkfs.ext2" - -ALTERNATIVE_${PN}-tune2fs = "tune2fs" -ALTERNATIVE_LINK_NAME[tune2fs] = "${base_sbindir}/tune2fs" - -RDEPENDS_e2fsprogs-e2scrub = "bash" -RDEPENDS_${PN}-ptest += "coreutils procps bash bzip2 diffutils perl sed" -RDEPENDS_${PN}-ptest += "e2fsprogs-e2fsck e2fsprogs-mke2fs e2fsprogs-tune2fs e2fsprogs-badblocks e2fsprogs-resize2fs" - -do_compile_ptest() { - oe_runmake -C ${B}/tests -} - -do_install_ptest() { - cp -R --no-dereference --preserve=mode,links -v ${B}/tests ${D}${PTEST_PATH}/test - cp -R --no-dereference --preserve=mode,links -v ${S}/tests/* ${D}${PTEST_PATH}/test - sed -e 's!../e2fsck/e2fsck!e2fsck!g' \ - -e 's!../misc/tune2fs!tune2fs!g' -i ${D}${PTEST_PATH}/test/*/expect* - sed -e 's!../e2fsck/e2fsck!${base_sbindir}/e2fsck!g' -i ${D}${PTEST_PATH}/test/*/script - - # Remove various files - find "${D}${PTEST_PATH}" -type f \ - \( -name 'Makefile' -o -name 'Makefile.in' -o -name '*.o' -o -name '*.c' -o -name '*.h' \)\ - -exec rm -f {} + - - install -d ${D}${PTEST_PATH}/lib - install -m 0644 ${B}/lib/config.h ${D}${PTEST_PATH}/lib/ -} diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb new file mode 100644 index 000000000..90db71df0 --- /dev/null +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb @@ -0,0 +1,138 @@ +require e2fsprogs.inc + +SRC_URI += "file://remove.ldconfig.call.patch \ + file://run-ptest \ + file://ptest.patch \ + file://mkdir_p.patch \ + file://0001-misc-create_inode.c-set-dir-s-mode-correctly.patch \ + " + +SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \ + file://quiet-debugfs.patch \ +" + +SRCREV = "984ff8d6a0a1d5dc300505f67b38ed5047d51dac" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+\.\d+(\.\d+)*)$" + +EXTRA_OECONF += "--libdir=${base_libdir} --sbindir=${base_sbindir} \ + --enable-elf-shlibs --disable-libuuid --disable-uuidd \ + --disable-libblkid --enable-verbose-makecmds \ + --with-crond-dir=no" + +EXTRA_OECONF_darwin = "--libdir=${base_libdir} --sbindir=${base_sbindir} --enable-bsd-shlibs" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[fuse] = '--enable-fuse2fs,--disable-fuse2fs,fuse' + +# make locale rules sometimes fire, sometimes don't as git doesn't preserve +# file mktime. Touch the files introducing non-determinism to the build +do_compile_prepend (){ + find ${S}/po -type f -name "*.po" -exec touch {} + +} + +do_install () { + oe_runmake 'DESTDIR=${D}' install + oe_runmake 'DESTDIR=${D}' install-libs + # We use blkid from util-linux now so remove from here + rm -f ${D}${base_libdir}/libblkid* + rm -rf ${D}${includedir}/blkid + rm -f ${D}${base_libdir}/pkgconfig/blkid.pc + rm -f ${D}${base_sbindir}/blkid + rm -f ${D}${base_sbindir}/fsck + rm -f ${D}${base_sbindir}/findfs + + # e2initrd_helper and the pkgconfig files belong in libdir + if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then + install -d ${D}${libdir} + mv ${D}${base_libdir}/e2initrd_helper ${D}${libdir} + mv ${D}${base_libdir}/pkgconfig ${D}${libdir} + fi + + oe_multilib_header ext2fs/ext2_types.h + install -d ${D}${base_bindir} + mv ${D}${bindir}/chattr ${D}${base_bindir}/chattr.e2fsprogs + + install -v -m 755 ${S}/contrib/populate-extfs.sh ${D}${base_sbindir}/ + + # Clean host path (build directory) in compile_et, mk_cmds + sed -i -e "s,\(ET_DIR=.*\)${S}/lib/et\(.*\),\1${datadir}/et\2,g" ${D}${bindir}/compile_et + sed -i -e "s,\(SS_DIR=.*\)${S}/lib/ss\(.*\),\1${datadir}/ss\2,g" ${D}${bindir}/mk_cmds +} + +# Need to find the right mke2fs.conf file +e2fsprogs_conf_fixup () { + for i in mke2fs mkfs.ext2 mkfs.ext3 mkfs.ext4; do + create_wrapper ${D}${base_sbindir}/$i MKE2FS_CONFIG=${sysconfdir}/mke2fs.conf + done +} + +do_install_append_class-native() { + e2fsprogs_conf_fixup +} + +do_install_append_class-nativesdk() { + e2fsprogs_conf_fixup +} + +do_install_append_class-target() { + mv ${D}${base_sbindir}/mke2fs ${D}${base_sbindir}/mke2fs.e2fsprogs + mv ${D}${base_sbindir}/mkfs.ext2 ${D}${base_sbindir}/mkfs.ext2.e2fsprogs + mv ${D}${base_sbindir}/tune2fs ${D}${base_sbindir}/tune2fs.e2fsprogs +} + +RDEPENDS_e2fsprogs = "e2fsprogs-badblocks" +RRECOMMENDS_e2fsprogs = "e2fsprogs-mke2fs e2fsprogs-e2fsck" + +PACKAGES =+ "e2fsprogs-e2fsck e2fsprogs-e2scrub e2fsprogs-mke2fs e2fsprogs-tune2fs e2fsprogs-badblocks e2fsprogs-resize2fs" +PACKAGES =+ "libcomerr libss libe2p libext2fs" + +FILES_e2fsprogs-resize2fs = "${base_sbindir}/resize2fs*" +FILES_e2fsprogs-e2fsck = "${base_sbindir}/e2fsck ${base_sbindir}/fsck.ext*" +FILES_e2fsprogs-e2scrub = "${base_sbindir}/e2scrub*" +FILES_e2fsprogs-mke2fs = "${base_sbindir}/mke2fs.e2fsprogs ${base_sbindir}/mkfs.ext* ${sysconfdir}/mke2fs.conf" +FILES_e2fsprogs-tune2fs = "${base_sbindir}/tune2fs.e2fsprogs ${base_sbindir}/e2label" +FILES_e2fsprogs-badblocks = "${base_sbindir}/badblocks" +FILES_libcomerr = "${base_libdir}/libcom_err.so.*" +FILES_libss = "${base_libdir}/libss.so.*" +FILES_libe2p = "${base_libdir}/libe2p.so.*" +FILES_libext2fs = "${libdir}/e2initrd_helper ${base_libdir}/libext2fs.so.*" +FILES_${PN}-dev += "${datadir}/*/*.awk ${datadir}/*/*.sed ${base_libdir}/*.so ${bindir}/compile_et ${bindir}/mk_cmds" + +ALTERNATIVE_${PN} = "chattr" +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_LINK_NAME[chattr] = "${base_bindir}/chattr" +ALTERNATIVE_TARGET[chattr] = "${base_bindir}/chattr.e2fsprogs" + +ALTERNATIVE_${PN}-doc = "fsck.8" +ALTERNATIVE_LINK_NAME[fsck.8] = "${mandir}/man8/fsck.8" + +ALTERNATIVE_${PN}-mke2fs = "mke2fs mkfs.ext2" +ALTERNATIVE_LINK_NAME[mke2fs] = "${base_sbindir}/mke2fs" +ALTERNATIVE_LINK_NAME[mkfs.ext2] = "${base_sbindir}/mkfs.ext2" + +ALTERNATIVE_${PN}-tune2fs = "tune2fs" +ALTERNATIVE_LINK_NAME[tune2fs] = "${base_sbindir}/tune2fs" + +RDEPENDS_e2fsprogs-e2scrub = "bash" +RDEPENDS_${PN}-ptest += "coreutils procps bash bzip2 diffutils perl sed" +RDEPENDS_${PN}-ptest += "e2fsprogs-e2fsck e2fsprogs-mke2fs e2fsprogs-tune2fs e2fsprogs-badblocks e2fsprogs-resize2fs" + +do_compile_ptest() { + oe_runmake -C ${B}/tests +} + +do_install_ptest() { + cp -R --no-dereference --preserve=mode,links -v ${B}/tests ${D}${PTEST_PATH}/test + cp -R --no-dereference --preserve=mode,links -v ${S}/tests/* ${D}${PTEST_PATH}/test + sed -e 's!../e2fsck/e2fsck!e2fsck!g' \ + -e 's!../misc/tune2fs!tune2fs!g' -i ${D}${PTEST_PATH}/test/*/expect* + sed -e 's!../e2fsck/e2fsck!${base_sbindir}/e2fsck!g' -i ${D}${PTEST_PATH}/test/*/script + + # Remove various files + find "${D}${PTEST_PATH}" -type f \ + \( -name 'Makefile' -o -name 'Makefile.in' -o -name '*.o' -o -name '*.c' -o -name '*.h' \)\ + -exec rm -f {} + + + install -d ${D}${PTEST_PATH}/lib + install -m 0644 ${B}/lib/config.h ${D}${PTEST_PATH}/lib/ +} diff --git a/poky/meta/recipes-devtools/elfutils/elfutils_0.177.bb b/poky/meta/recipes-devtools/elfutils/elfutils_0.177.bb index 818794266..e7740c7fb 100644 --- a/poky/meta/recipes-devtools/elfutils/elfutils_0.177.bb +++ b/poky/meta/recipes-devtools/elfutils/elfutils_0.177.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://sourceware.org/elfutils" SECTION = "base" LICENSE = "GPLv2 & LGPLv3+ & GPLv3+" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -DEPENDS = "bzip2 zlib virtual/libintl" +DEPENDS = "zlib virtual/libintl" DEPENDS_append_libc-musl = " argp-standalone fts musl-obstack " # The Debian patches below are from: # http://ftp.de.debian.org/debian/pool/main/e/elfutils/elfutils_0.176-1.debian.tar.xz @@ -46,8 +46,15 @@ SRC_URI[sha256sum] = "fa489deccbcae7d8c920f60d85906124c1989c591196d90e0fd668e3dc inherit autotools gettext ptest -EXTRA_OECONF = "--program-prefix=eu- --without-lzma" -EXTRA_OECONF_append_class-native = " --without-bzlib" +EXTRA_OECONF = "--program-prefix=eu-" + +DEPENDS_BZIP2 = "bzip2-replacement-native" +DEPENDS_BZIP2_class-target = "bzip2" + +PACKAGECONFIG ??= "" +PACKAGECONFIG[bzip2] = "--with-bzlib,--without-bzlib,${DEPENDS_BZIP2}" +PACKAGECONFIG[xz] = "--with-lzma,--without-lzma,xz" + RDEPENDS_${PN}-ptest += "libasm libelf bash make coreutils ${PN}-binutils" EXTRA_OECONF_append_class-target += "--disable-tests-rpath" diff --git a/poky/meta/recipes-devtools/file/file_5.37.bb b/poky/meta/recipes-devtools/file/file_5.37.bb index a840dbc01..c53a120b8 100644 --- a/poky/meta/recipes-devtools/file/file_5.37.bb +++ b/poky/meta/recipes-devtools/file/file_5.37.bb @@ -21,6 +21,8 @@ S = "${WORKDIR}/git" inherit autotools update-alternatives +EXTRA_OECONF += "--disable-libseccomp" + ALTERNATIVE_${PN} = "file" ALTERNATIVE_LINK_NAME[file] = "${bindir}/file" diff --git a/poky/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch b/poky/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch deleted file mode 100644 index e327684e1..000000000 --- a/poky/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch +++ /dev/null @@ -1,44 +0,0 @@ -From a4f1b58eb48b349a5f353bc69c30be553506d33b Mon Sep 17 00:00:00 2001 -From: rguenth -Date: Thu, 25 Jul 2019 10:48:26 +0000 -Subject: [PATCH] 2019-07-25 Richard Biener - - PR lto/90924 - Backport from mainline - 2019-07-12 Ren Kimura - - * simple-object-elf.c (simple_object_elf_match): Check zero value - shstrndx. - - -git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-8-branch@273794 138bc75d-0d04-0410-961f-82ee72b054a4 - -Upstream-Status: Backport -Affectes: < 9.2 -CVE: CVE-2019-14250 -Dropped changelog -Signed-off-by: Armin Kuster - ---- - libiberty/simple-object-elf.c | 8 ++++++++ - 2 files changed, 17 insertions(+) - -Index: gcc-8.2.0/libiberty/simple-object-elf.c -=================================================================== ---- gcc-8.2.0.orig/libiberty/simple-object-elf.c -+++ gcc-8.2.0/libiberty/simple-object-elf.c -@@ -549,6 +549,14 @@ simple_object_elf_match (unsigned char h - return NULL; - } - -+ if (eor->shstrndx == 0) -+ { -+ *errmsg = "invalid ELF shstrndx == 0"; -+ *err = 0; -+ XDELETE (eor); -+ return NULL; -+ } -+ - return (void *) eor; - } - diff --git a/poky/meta/recipes-devtools/git/git.inc b/poky/meta/recipes-devtools/git/git.inc index 6e137432f..95ab397f6 100644 --- a/poky/meta/recipes-devtools/git/git.inc +++ b/poky/meta/recipes-devtools/git/git.inc @@ -39,12 +39,12 @@ do_compile_prepend () { do_install () { oe_runmake install DESTDIR="${D}" bindir=${bindir} \ template_dir=${datadir}/git-core/templates - install -d ${D}/${mandir}/man1 - install -d ${D}/${mandir}/man5 - install -d ${D}/${mandir}/man7 - install -t ${D}/${mandir}/man1 ${WORKDIR}/man1/* - install -t ${D}/${mandir}/man5 ${WORKDIR}/man5/* - install -t ${D}/${mandir}/man7 ${WORKDIR}/man7/* + + for section in man1 man5 man7; do + install -d ${D}/${mandir}/$section + install -t ${D}/${mandir}/$section ${WORKDIR}/$section/* + done + install -d ${D}/${datadir}/bash-completion/completions/ install -m 644 ${S}/contrib/completion/git-completion.bash ${D}/${datadir}/bash-completion/completions/git } @@ -94,19 +94,15 @@ do_install_append_class-nativesdk() { FILES_${PN} += "${datadir}/git-core ${libexecdir}/git-core/" PERLTOOLS = " \ + ${bindir}/git-cvsserver \ ${libexecdir}/git-core/git-add--interactive \ ${libexecdir}/git-core/git-archimport \ ${libexecdir}/git-core/git-cvsexportcommit \ ${libexecdir}/git-core/git-cvsimport \ ${libexecdir}/git-core/git-cvsserver \ - ${bindir}/git-cvsserver \ - ${libexecdir}/git-core/git-difftool \ ${libexecdir}/git-core/git-send-email \ ${libexecdir}/git-core/git-svn \ ${libexecdir}/git-core/git-instaweb \ - ${libexecdir}/git-core/git-submodule \ - ${libexecdir}/git-core/git-am \ - ${libexecdir}/git-core/git-request-pull \ ${datadir}/gitweb/gitweb.cgi \ ${datadir}/git-core/templates/hooks/prepare-commit-msg.sample \ ${datadir}/git-core/templates/hooks/pre-rebase.sample \ diff --git a/poky/meta/recipes-devtools/go/go-1.12.inc b/poky/meta/recipes-devtools/go/go-1.12.inc index 39157ff88..ed14b175e 100644 --- a/poky/meta/recipes-devtools/go/go-1.12.inc +++ b/poky/meta/recipes-devtools/go/go-1.12.inc @@ -16,6 +16,7 @@ SRC_URI += "\ file://0006-cmd-dist-separate-host-and-target-builds.patch \ file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ + file://0001-release-branch.go1.12-security-net-textproto-don-t-n.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/poky/meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch b/poky/meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch new file mode 100644 index 000000000..7b39dbd73 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.12/0001-release-branch.go1.12-security-net-textproto-don-t-n.patch @@ -0,0 +1,163 @@ +From 265b691ac440bfb711d8de323346f7d72e620efe Mon Sep 17 00:00:00 2001 +From: Filippo Valsorda +Date: Thu, 12 Sep 2019 12:37:36 -0400 +Subject: [PATCH] [release-branch.go1.12-security] net/textproto: don't + normalize headers with spaces before the colon + +RFC 7230 is clear about headers with a space before the colon, like + +X-Answer : 42 + +being invalid, but we've been accepting and normalizing them for compatibility +purposes since CL 5690059 in 2012. + +On the client side, this is harmless and indeed most browsers behave the same +to this day. On the server side, this becomes a security issue when the +behavior doesn't match that of a reverse proxy sitting in front of the server. + +For example, if a WAF accepts them without normalizing them, it might be +possible to bypass its filters, because the Go server would interpret the +header differently. Worse, if the reverse proxy coalesces requests onto a +single HTTP/1.1 connection to a Go server, the understanding of the request +boundaries can get out of sync between them, allowing an attacker to tack an +arbitrary method and path onto a request by other clients, including +authentication headers unknown to the attacker. + +This was recently presented at multiple security conferences: +https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn + +net/http servers already reject header keys with invalid characters. +Simply stop normalizing extra spaces in net/textproto, let it return them +unchanged like it does for other invalid headers, and let net/http enforce +RFC 7230, which is HTTP specific. This loses us normalization on the client +side, but there's no right answer on the client side anyway, and hiding the +issue sounds worse than letting the application decide. + +Fixes CVE-2019-16276 + +Change-Id: I6d272de827e0870da85d93df770d6a0e161bbcf1 +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/549719 +Reviewed-by: Brad Fitzpatrick +(cherry picked from commit 1280b868e82bf173ea3e988be3092d160ee66082) +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/558776 +Reviewed-by: Dmitri Shuralyov + +CVE: CVE-2019-16276 + +Upstream-Status: Backport [https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8] + +Signed-off-by: Chen Qi +--- + src/net/http/serve_test.go | 4 ++++ + src/net/http/transport_test.go | 27 +++++++++++++++++++++++++++ + src/net/textproto/reader.go | 10 ++-------- + src/net/textproto/reader_test.go | 13 ++++++------- + 4 files changed, 39 insertions(+), 15 deletions(-) + +diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go +index 6eb0088a96..89bfdfbb82 100644 +--- a/src/net/http/serve_test.go ++++ b/src/net/http/serve_test.go +@@ -4748,6 +4748,10 @@ func TestServerValidatesHeaders(t *testing.T) { + {"foo\xffbar: foo\r\n", 400}, // binary in header + {"foo\x00bar: foo\r\n", 400}, // binary in header + {"Foo: " + strings.Repeat("x", 1<<21) + "\r\n", 431}, // header too large ++ // Spaces between the header key and colon are not allowed. ++ // See RFC 7230, Section 3.2.4. ++ {"Foo : bar\r\n", 400}, ++ {"Foo\t: bar\r\n", 400}, + + {"foo: foo foo\r\n", 200}, // LWS space is okay + {"foo: foo\tfoo\r\n", 200}, // LWS tab is okay +diff --git a/src/net/http/transport_test.go b/src/net/http/transport_test.go +index 5c329543e2..5e5438a708 100644 +--- a/src/net/http/transport_test.go ++++ b/src/net/http/transport_test.go +@@ -5133,3 +5133,30 @@ func TestTransportIgnores408(t *testing.T) { + } + t.Fatalf("timeout after %v waiting for Transport connections to die off", time.Since(t0)) + } ++ ++func TestInvalidHeaderResponse(t *testing.T) { ++ setParallel(t) ++ defer afterTest(t) ++ cst := newClientServerTest(t, h1Mode, HandlerFunc(func(w ResponseWriter, r *Request) { ++ conn, buf, _ := w.(Hijacker).Hijack() ++ buf.Write([]byte("HTTP/1.1 200 OK\r\n" + ++ "Date: Wed, 30 Aug 2017 19:09:27 GMT\r\n" + ++ "Content-Type: text/html; charset=utf-8\r\n" + ++ "Content-Length: 0\r\n" + ++ "Foo : bar\r\n\r\n")) ++ buf.Flush() ++ conn.Close() ++ })) ++ defer cst.close() ++ res, err := cst.c.Get(cst.ts.URL) ++ if err != nil { ++ t.Fatal(err) ++ } ++ defer res.Body.Close() ++ if v := res.Header.Get("Foo"); v != "" { ++ t.Errorf(`unexpected "Foo" header: %q`, v) ++ } ++ if v := res.Header.Get("Foo "); v != "bar" { ++ t.Errorf(`bad "Foo " header value: %q, want %q`, v, "bar") ++ } ++} +diff --git a/src/net/textproto/reader.go b/src/net/textproto/reader.go +index 2c4f25d5ae..1a5e364cf7 100644 +--- a/src/net/textproto/reader.go ++++ b/src/net/textproto/reader.go +@@ -493,18 +493,12 @@ func (r *Reader) ReadMIMEHeader() (MIMEHeader, error) { + return m, err + } + +- // Key ends at first colon; should not have trailing spaces +- // but they appear in the wild, violating specs, so we remove +- // them if present. ++ // Key ends at first colon. + i := bytes.IndexByte(kv, ':') + if i < 0 { + return m, ProtocolError("malformed MIME header line: " + string(kv)) + } +- endKey := i +- for endKey > 0 && kv[endKey-1] == ' ' { +- endKey-- +- } +- key := canonicalMIMEHeaderKey(kv[:endKey]) ++ key := canonicalMIMEHeaderKey(kv[:i]) + + // As per RFC 7230 field-name is a token, tokens consist of one or more chars. + // We could return a ProtocolError here, but better to be liberal in what we +diff --git a/src/net/textproto/reader_test.go b/src/net/textproto/reader_test.go +index f85fbdc36d..b92fdcd3c7 100644 +--- a/src/net/textproto/reader_test.go ++++ b/src/net/textproto/reader_test.go +@@ -188,11 +188,10 @@ func TestLargeReadMIMEHeader(t *testing.T) { + } + } + +-// Test that we read slightly-bogus MIME headers seen in the wild, +-// with spaces before colons, and spaces in keys. ++// TestReadMIMEHeaderNonCompliant checks that we don't normalize headers ++// with spaces before colons, and accept spaces in keys. + func TestReadMIMEHeaderNonCompliant(t *testing.T) { +- // Invalid HTTP response header as sent by an Axis security +- // camera: (this is handled by IE, Firefox, Chrome, curl, etc.) ++ // These invalid headers will be rejected by net/http according to RFC 7230. + r := reader("Foo: bar\r\n" + + "Content-Language: en\r\n" + + "SID : 0\r\n" + +@@ -202,9 +201,9 @@ func TestReadMIMEHeaderNonCompliant(t *testing.T) { + want := MIMEHeader{ + "Foo": {"bar"}, + "Content-Language": {"en"}, +- "Sid": {"0"}, +- "Audio Mode": {"None"}, +- "Privilege": {"127"}, ++ "SID ": {"0"}, ++ "Audio Mode ": {"None"}, ++ "Privilege ": {"127"}, + } + if !reflect.DeepEqual(m, want) || err != nil { + t.Fatalf("ReadMIMEHeader =\n%v, %v; want:\n%v", m, err, want) diff --git a/poky/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb b/poky/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb index dcbd05aed..c5761170a 100644 --- a/poky/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb +++ b/poky/meta/recipes-devtools/i2c-tools/i2c-tools_4.1.bb @@ -31,6 +31,7 @@ FILES_${PN}-misc = "${sbindir}/i2c-stub-from-dump \ RDEPENDS_${PN}-misc = "${PN} perl perl-module-posix \ perl-module-constant perl-module-file-basename \ perl-module-fcntl perl-module-strict perl-module-vars \ + perl-module-carp \ " ALTERNATIVE_PRIORITY = "100" diff --git a/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1/0001-Do-not-generate-gtkdoc-or-python-bindings.patch b/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1/0001-Do-not-generate-gtkdoc-or-python-bindings.patch deleted file mode 100644 index d950ad586..000000000 --- a/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1/0001-Do-not-generate-gtkdoc-or-python-bindings.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 71c51206e037c0bb5759e01b307b7ce1d5934703 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Fri, 6 Sep 2019 17:07:00 +0200 -Subject: [PATCH] Do not generate gtkdoc or python bindings - -All of these really need a configuration option. - -Upstream-Status: Inappropriate [oe-core specific] -Signed-off-by: Alexander Kanavin ---- - meson.build | 12 ------------ - modulemd/meson.build | 8 -------- - 2 files changed, 20 deletions(-) - -diff --git a/meson.build b/meson.build -index 155c9e7..fe35d5e 100644 ---- a/meson.build -+++ b/meson.build -@@ -51,25 +51,13 @@ gnome = import('gnome') - pkg = import('pkgconfig') - gobject = dependency('gobject-2.0') - yaml = dependency('yaml-0.1') --gtkdoc = dependency('gtk-doc') - - glib_prefix = dependency('glib-2.0').get_pkgconfig_variable('prefix') --glib_docpath = join_paths(glib_prefix, 'share', 'gtk-doc', 'html') - - sh = find_program('sh') - sed = find_program('sed') - test = find_program('test') - --ret = run_command ([test, '-e', join_paths(glib_docpath, 'glib/index.html')]) --if ret.returncode() != 0 -- error('Missing documentation for GLib.') --endif -- --ret = run_command ([test, '-e', join_paths(glib_docpath, 'gobject/index.html')]) --if ret.returncode() != 0 -- error('Missing documentation for GObject.') --endif -- - python_name = get_option('python_name') - - if python_name != '' -diff --git a/modulemd/meson.build b/modulemd/meson.build -index 9a164b5..349c982 100644 ---- a/modulemd/meson.build -+++ b/modulemd/meson.build -@@ -523,11 +523,3 @@ configure_file( - configuration : xcdata - ) - --gnome.gtkdoc( -- 'modulemd-1.0', -- install_dir: 'modulemd-1.0', -- src_dir : './modulemd', -- main_xml : 'modulemd-docs.xml', -- install : true, --) -- diff --git a/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1_git.bb b/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1_git.bb index 9790470f4..5409051d7 100644 --- a/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1_git.bb +++ b/poky/meta/recipes-devtools/libmodulemd/libmodulemd-v1_git.bb @@ -4,18 +4,17 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=25a3927bff3ee4f5b21bcb0ed3fcd6bb" SRC_URI = "git://github.com/fedora-modularity/libmodulemd;protocol=https;branch=1.x-maint \ file://0001-spec_tmpl.sh-use-bin-sh-not-usr-bin-sh.patch \ - file://0001-Do-not-generate-gtkdoc-or-python-bindings.patch \ " -PV = "1.8.15" -SRCREV = "2d461725f781c6fdcf32893d8dcfa40bcef8dda5" +PV = "1.8.16" +SRCREV = "d0dcf7b373b3cf85cd39eb3bc23d31e06195a75a" UPSTREAM_CHECK_GITTAGREGEX = "libmodulemd-(?P1.*\d)" S = "${WORKDIR}/git" inherit meson gobject-introspection -EXTRA_OEMESON = "-Ddeveloper_build=false" +EXTRA_OEMESON = "-Ddeveloper_build=false -Dwith_docs=false" DEPENDS += "glib-2.0 libyaml glib-2.0-native python3" diff --git a/poky/meta/recipes-devtools/llvm/llvm/0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch b/poky/meta/recipes-devtools/llvm/llvm/0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch index d75c94e9e..d02b7ba6a 100644 --- a/poky/meta/recipes-devtools/llvm/llvm/0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch +++ b/poky/meta/recipes-devtools/llvm/llvm/0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch @@ -1,3 +1,6 @@ +Upstream-Status: Pending +Signed-off-by: Khem Raj + From dbeecdb307be8b783b42cbc89dcb9c5e7f528989 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 21 May 2016 00:33:20 +0000 diff --git a/poky/meta/recipes-devtools/llvm/llvm/0007-llvm-allow-env-override-of-exe-path.patch b/poky/meta/recipes-devtools/llvm/llvm/0007-llvm-allow-env-override-of-exe-path.patch index 58dce513c..b01b8647c 100644 --- a/poky/meta/recipes-devtools/llvm/llvm/0007-llvm-allow-env-override-of-exe-path.patch +++ b/poky/meta/recipes-devtools/llvm/llvm/0007-llvm-allow-env-override-of-exe-path.patch @@ -1,3 +1,6 @@ +Upstream-Status: Pending +Signed-off-by: Khem Raj + From 61b00e1e051e367f5483d7b5253b6c85a9e8a90f Mon Sep 17 00:00:00 2001 From: Martin Kelly Date: Fri, 19 May 2017 00:22:57 -0700 diff --git a/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c b/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c index cba768141..32b987293 100644 --- a/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c +++ b/poky/meta/recipes-devtools/makedevs/makedevs/makedevs.c @@ -230,7 +230,7 @@ static void add_new_directory(char *name, char *path, unsigned long uid, unsigned long gid, unsigned long mode) { if (trace) - fprintf(stderr, "Directory: %s %s UID: %ld GID %ld MODE: %04lo", path, name, uid, gid, mode); + fprintf(stderr, "Directory: %s %s UID: %lu GID %lu MODE: %04lo", path, name, uid, gid, mode); if (mkdir(path, mode) < 0) { if (EEXIST == errno) { @@ -251,7 +251,7 @@ static void add_new_device(char *name, char *path, unsigned long uid, struct stat sb; if (trace) { - fprintf(stderr, "Device: %s %s UID: %ld GID: %ld MODE: %04lo MAJOR: %d MINOR: %d", + fprintf(stderr, "Device: %s %s UID: %lu GID: %lu MODE: %04lo MAJOR: %d MINOR: %d", path, name, uid, gid, mode, (short)(rdev >> 8), (short)(rdev & 0xff)); } @@ -292,7 +292,7 @@ static void add_new_file(char *name, char *path, unsigned long uid, unsigned long gid, unsigned long mode) { if (trace) { - fprintf(stderr, "File: %s %s UID: %ld GID: %ld MODE: %04lo\n", + fprintf(stderr, "File: %s %s UID: %lu GID: %lu MODE: %04lo\n", path, name, gid, uid, mode); } @@ -311,7 +311,7 @@ static void add_new_fifo(char *name, char *path, unsigned long uid, unsigned long gid, unsigned long mode) { if (trace) { - printf("Fifo: %s %s UID: %ld GID: %ld MODE: %04lo\n", + printf("Fifo: %s %s UID: %lu GID: %lu MODE: %04lo\n", path, name, gid, uid, mode); } @@ -360,7 +360,7 @@ static int interpret_table_entry(char *line) unsigned long mode = 0755, uid = 0, gid = 0, major = 0, minor = 0; unsigned long start = 0, increment = 1, count = 0; - if (0 > sscanf(line, "%4095s %c %lo %40s %40s %lu %lu %lu %lu %lu", path, + if (0 > sscanf(line, "%4095s %c %lo %39s %39s %lu %lu %lu %lu %lu", path, &type, &mode, usr_buf, grp_buf, &major, &minor, &start, &increment, &count)) { diff --git a/poky/meta/recipes-devtools/meson/meson.inc b/poky/meta/recipes-devtools/meson/meson.inc index ae0091c05..84bcc8409 100644 --- a/poky/meta/recipes-devtools/meson/meson.inc +++ b/poky/meta/recipes-devtools/meson/meson.inc @@ -16,6 +16,7 @@ SRC_URI = "https://github.com/mesonbuild/meson/releases/download/${PV}/meson-${P file://cross-prop-default.patch \ file://0001-mesonbuild-environment.py-check-environment-for-vari.patch \ file://0001-modules-python.py-do-not-substitute-python-s-install.patch \ + file://dbc9e971bd320f3df15c1ee74f54858e6792b183.patch \ " SRC_URI[sha256sum] = "d60f75f0dedcc4fd249dbc7519d6f3ce6df490033d276ef1cf27453ef4938d32" SRC_URI[md5sum] = "7ea7772414dda8ae11072244bf7ba991" diff --git a/poky/meta/recipes-devtools/meson/meson/dbc9e971bd320f3df15c1ee74f54858e6792b183.patch b/poky/meta/recipes-devtools/meson/meson/dbc9e971bd320f3df15c1ee74f54858e6792b183.patch new file mode 100644 index 000000000..7ea8a133e --- /dev/null +++ b/poky/meta/recipes-devtools/meson/meson/dbc9e971bd320f3df15c1ee74f54858e6792b183.patch @@ -0,0 +1,95 @@ +From dbc9e971bd320f3df15c1ee74f54858e6792b183 Mon Sep 17 00:00:00 2001 +From: Xavier Claessens +Date: Fri, 11 Oct 2019 11:01:22 -0400 +Subject: [PATCH] Remove duplicated object files in static libraries + +When a static library link_whole to a bunch of other static libraries, +we have to extract all their objects recursively. But that could +introduce duplicated objects. ar is dumb enough to allow this without +error, but once the resulting static library is linked into an +executable or shared library, the linker will complain about duplicated +symbols. + +Upstream-Status: Backport +Signed-off-by: Richard Purdie + +--- + mesonbuild/backend/backends.py | 3 ++- + test cases/unit/69 static link/lib/func17.c | 4 ++++ + test cases/unit/69 static link/lib/func18.c | 6 ++++++ + test cases/unit/69 static link/lib/func19.c | 7 +++++++ + test cases/unit/69 static link/lib/meson.build | 12 ++++++++++++ + 5 files changed, 31 insertions(+), 1 deletion(-) + create mode 100644 test cases/unit/69 static link/lib/func17.c + create mode 100644 test cases/unit/69 static link/lib/func18.c + create mode 100644 test cases/unit/69 static link/lib/func19.c + +diff --git a/mesonbuild/backend/backends.py b/mesonbuild/backend/backends.py +index 947be1cbef..e54809657f 100644 +--- a/mesonbuild/backend/backends.py ++++ b/mesonbuild/backend/backends.py +@@ -281,7 +281,8 @@ def relpath(self, todir, fromdir): + os.path.join('dummyprefixdir', fromdir)) + + def flatten_object_list(self, target, proj_dir_to_build_root=''): +- return self._flatten_object_list(target, target.get_objects(), proj_dir_to_build_root) ++ obj_list = self._flatten_object_list(target, target.get_objects(), proj_dir_to_build_root) ++ return list(dict.fromkeys(obj_list)) + + def _flatten_object_list(self, target, objects, proj_dir_to_build_root): + obj_list = [] +diff --git a/test cases/unit/69 static link/lib/func17.c b/test cases/unit/69 static link/lib/func17.c +new file mode 100644 +index 0000000000..d1d8ec498c +--- /dev/null ++++ b/test cases/unit/69 static link/lib/func17.c +@@ -0,0 +1,4 @@ ++int func17() ++{ ++ return 1; ++} +diff --git a/test cases/unit/69 static link/lib/func18.c b/test cases/unit/69 static link/lib/func18.c +new file mode 100644 +index 0000000000..c149085ba4 +--- /dev/null ++++ b/test cases/unit/69 static link/lib/func18.c +@@ -0,0 +1,6 @@ ++int func17(); ++ ++int func18() ++{ ++ return func17() + 1; ++} +diff --git a/test cases/unit/69 static link/lib/func19.c b/test cases/unit/69 static link/lib/func19.c +new file mode 100644 +index 0000000000..69120e4bf8 +--- /dev/null ++++ b/test cases/unit/69 static link/lib/func19.c +@@ -0,0 +1,7 @@ ++int func17(); ++int func18(); ++ ++int func19() ++{ ++ return func17() + func18(); ++} +diff --git a/test cases/unit/69 static link/lib/meson.build b/test cases/unit/69 static link/lib/meson.build +index 5f04aab6a1..8f95fc4546 100644 +--- a/test cases/unit/69 static link/lib/meson.build ++++ b/test cases/unit/69 static link/lib/meson.build +@@ -66,3 +66,15 @@ libfunc15 = static_library('func15', 'func15.c', + libfunc16 = static_library('func16', 'func16.c', + link_with : libfunc15, + install : true) ++ ++# Verify func17.c.o gets included only once into libfunc19, otherwise ++# func19-shared would failed with duplicated symbol. ++libfunc17 = static_library('func17', 'func17.c', ++ install : false) ++libfunc18 = static_library('func18', 'func18.c', ++ link_with : libfunc17, ++ install : false) ++libfunc19 = static_library('func19', 'func19.c', ++ link_whole : [libfunc17, libfunc18], ++ install : false) ++shared_library('func19-shared', link_whole : [libfunc19]) diff --git a/poky/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h deleted file mode 100644 index 109deb043..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/aarch64/config.h b/poky/meta/recipes-devtools/python-numpy/files/aarch64/config.h deleted file mode 100644 index c30b868f2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/aarch64/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/arm/config.h b/poky/meta/recipes-devtools/python-numpy/files/arm/config.h deleted file mode 100644 index 17ef186d5..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/arm/config.h +++ /dev/null @@ -1,21 +0,0 @@ -/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */ -/* #define SIZEOF_SHORT 2 */ -/* #define SIZEOF_INT 4 */ -/* #define SIZEOF_LONG 4 */ -/* #define SIZEOF_FLOAT 4 */ -/* #define SIZEOF_DOUBLE 8 */ -#define SIZEOF_LONG_DOUBLE 12 -#define SIZEOF_PY_INTPTR_T 4 -/* #define SIZEOF_LONG_LONG 8 */ -#define SIZEOF_PY_LONG_LONG 8 -/* #define CHAR_BIT 8 */ -#define MATHLIB m -#define HAVE_FLOAT_FUNCS -#define HAVE_LOG1P -#define HAVE_EXPM1 -#define HAVE_INVERSE_HYPERBOLIC -#define HAVE_INVERSE_HYPERBOLIC_FLOAT -#define HAVE_ISNAN -#define HAVE_ISINF -#define HAVE_RINT - diff --git a/poky/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h deleted file mode 100644 index c4bf6547f..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h +++ /dev/null @@ -1,17 +0,0 @@ -/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */ -/* - * * This file is generated by numpy/core/setup.pyc. DO NOT EDIT - * */ -#define NPY_SIZEOF_SHORT 2 -#define NPY_SIZEOF_INT 4 -#define NPY_SIZEOF_LONG 4 -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_LONGDOUBLE 12 -#define NPY_SIZEOF_PY_INTPTR_T 4 -#define NPY_NO_SMP 0 - -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -/* #define CHAR_BIT 8 */ - diff --git a/poky/meta/recipes-devtools/python-numpy/files/armeb/config.h b/poky/meta/recipes-devtools/python-numpy/files/armeb/config.h deleted file mode 100644 index 17ef186d5..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/armeb/config.h +++ /dev/null @@ -1,21 +0,0 @@ -/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */ -/* #define SIZEOF_SHORT 2 */ -/* #define SIZEOF_INT 4 */ -/* #define SIZEOF_LONG 4 */ -/* #define SIZEOF_FLOAT 4 */ -/* #define SIZEOF_DOUBLE 8 */ -#define SIZEOF_LONG_DOUBLE 12 -#define SIZEOF_PY_INTPTR_T 4 -/* #define SIZEOF_LONG_LONG 8 */ -#define SIZEOF_PY_LONG_LONG 8 -/* #define CHAR_BIT 8 */ -#define MATHLIB m -#define HAVE_FLOAT_FUNCS -#define HAVE_LOG1P -#define HAVE_EXPM1 -#define HAVE_INVERSE_HYPERBOLIC -#define HAVE_INVERSE_HYPERBOLIC_FLOAT -#define HAVE_ISNAN -#define HAVE_ISINF -#define HAVE_RINT - diff --git a/poky/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h deleted file mode 100644 index c4bf6547f..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h +++ /dev/null @@ -1,17 +0,0 @@ -/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */ -/* - * * This file is generated by numpy/core/setup.pyc. DO NOT EDIT - * */ -#define NPY_SIZEOF_SHORT 2 -#define NPY_SIZEOF_INT 4 -#define NPY_SIZEOF_LONG 4 -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_LONGDOUBLE 12 -#define NPY_SIZEOF_PY_INTPTR_T 4 -#define NPY_NO_SMP 0 - -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -/* #define CHAR_BIT 8 */ - diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h deleted file mode 100644 index debb39009..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h deleted file mode 100644 index c30b868f2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h deleted file mode 100644 index 8e2b5d094..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h +++ /dev/null @@ -1,31 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h deleted file mode 100644 index 48727039a..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h +++ /dev/null @@ -1,138 +0,0 @@ -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h deleted file mode 100644 index debb39009..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h deleted file mode 100644 index c30b868f2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h deleted file mode 100644 index debb39009..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h deleted file mode 100644 index 48727039a..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h +++ /dev/null @@ -1,138 +0,0 @@ -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h deleted file mode 100644 index 4c465c216..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 8 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 16 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 4 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h deleted file mode 100644 index 2f6135adc..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 4 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_DOUBLE_BE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h deleted file mode 100644 index 17ef186d5..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h +++ /dev/null @@ -1,21 +0,0 @@ -/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */ -/* #define SIZEOF_SHORT 2 */ -/* #define SIZEOF_INT 4 */ -/* #define SIZEOF_LONG 4 */ -/* #define SIZEOF_FLOAT 4 */ -/* #define SIZEOF_DOUBLE 8 */ -#define SIZEOF_LONG_DOUBLE 12 -#define SIZEOF_PY_INTPTR_T 4 -/* #define SIZEOF_LONG_LONG 8 */ -#define SIZEOF_PY_LONG_LONG 8 -/* #define CHAR_BIT 8 */ -#define MATHLIB m -#define HAVE_FLOAT_FUNCS -#define HAVE_LOG1P -#define HAVE_EXPM1 -#define HAVE_INVERSE_HYPERBOLIC -#define HAVE_INVERSE_HYPERBOLIC_FLOAT -#define HAVE_ISNAN -#define HAVE_ISINF -#define HAVE_RINT - diff --git a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h deleted file mode 100644 index 0b7cd51af..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h +++ /dev/null @@ -1,18 +0,0 @@ -/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */ -/* - * * This file is generated by numpy/core/setup.pyc. DO NOT EDIT - * */ -#define NPY_SIZEOF_SHORT 2 -#define NPY_SIZEOF_INT 4 -#define NPY_SIZEOF_LONG 4 -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_LONGDOUBLE 12 -#define NPY_SIZEOF_PY_INTPTR_T 4 -#define NPY_NO_SMP 0 - -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_OFF_T 8 -/* #define CHAR_BIT 8 */ - diff --git a/poky/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h deleted file mode 100644 index 6e7262ad9..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 4 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/powerpc/config.h b/poky/meta/recipes-devtools/python-numpy/files/powerpc/config.h deleted file mode 100644 index f65d39d5d..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/powerpc/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 4 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_DOUBLE_DOUBLE_BE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h deleted file mode 100644 index debb39009..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/powerpc64/config.h b/poky/meta/recipes-devtools/python-numpy/files/powerpc64/config.h deleted file mode 100644 index c30b868f2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/powerpc64/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h deleted file mode 100644 index 109deb043..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/riscv64/config.h b/poky/meta/recipes-devtools/python-numpy/files/riscv64/config.h deleted file mode 100644 index c30b868f2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/riscv64/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_IEEE_QUAD_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h deleted file mode 100644 index b33036164..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h +++ /dev/null @@ -1,32 +0,0 @@ -#define NPY_HAVE_ENDIAN_H 1 -#define NPY_SIZEOF_SHORT SIZEOF_SHORT -#define NPY_SIZEOF_INT SIZEOF_INT -#define NPY_SIZEOF_LONG SIZEOF_LONG -#define NPY_SIZEOF_FLOAT 4 -#define NPY_SIZEOF_COMPLEX_FLOAT 8 -#define NPY_SIZEOF_DOUBLE 8 -#define NPY_SIZEOF_OFF_T 8 -#define NPY_SIZEOF_COMPLEX_DOUBLE 16 -#define NPY_SIZEOF_LONGDOUBLE 16 -#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32 -#define NPY_ENABLE_SEPARATE_COMPILATION 1 -#define NPY_SIZEOF_PY_INTPTR_T 8 -#define NPY_SIZEOF_PY_LONG_LONG 8 -#define NPY_SIZEOF_LONGLONG 8 -#define NPY_NO_SMP 0 -#define NPY_HAVE_DECL_ISNAN -#define NPY_HAVE_DECL_ISINF -#define NPY_HAVE_DECL_ISFINITE -#define NPY_HAVE_DECL_SIGNBIT -#define NPY_USE_C99_COMPLEX 1 -#define NPY_HAVE_COMPLEX_DOUBLE 1 -#define NPY_HAVE_COMPLEX_FLOAT 1 -#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1 -#define NPY_USE_C99_FORMATS 1 -#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden"))) -#define NPY_ABI_VERSION 0x01000009 -#define NPY_API_VERSION 0x0000000A - -#ifndef __STDC_FORMAT_MACROS -#define __STDC_FORMAT_MACROS 1 -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/x86-64/config.h b/poky/meta/recipes-devtools/python-numpy/files/x86-64/config.h deleted file mode 100644 index 0ce63b7d2..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/x86-64/config.h +++ /dev/null @@ -1,139 +0,0 @@ -#define HAVE_ENDIAN_H 1 -#define SIZEOF_PY_INTPTR_T 8 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN 1 -#define HAVE_COS 1 -#define HAVE_TAN 1 -#define HAVE_SINH 1 -#define HAVE_COSH 1 -#define HAVE_TANH 1 -#define HAVE_FABS 1 -#define HAVE_FLOOR 1 -#define HAVE_CEIL 1 -#define HAVE_SQRT 1 -#define HAVE_LOG10 1 -#define HAVE_LOG 1 -#define HAVE_EXP 1 -#define HAVE_ASIN 1 -#define HAVE_ACOS 1 -#define HAVE_ATAN 1 -#define HAVE_FMOD 1 -#define HAVE_MODF 1 -#define HAVE_FREXP 1 -#define HAVE_LDEXP 1 -#define HAVE_RINT 1 -#define HAVE_TRUNC 1 -#define HAVE_EXP2 1 -#define HAVE_LOG2 1 -#define HAVE_ATAN2 1 -#define HAVE_POW 1 -#define HAVE_NEXTAFTER 1 -#define HAVE_SINF 1 -#define HAVE_COSF 1 -#define HAVE_TANF 1 -#define HAVE_SINHF 1 -#define HAVE_COSHF 1 -#define HAVE_TANHF 1 -#define HAVE_FABSF 1 -#define HAVE_FLOORF 1 -#define HAVE_CEILF 1 -#define HAVE_RINTF 1 -#define HAVE_TRUNCF 1 -#define HAVE_SQRTF 1 -#define HAVE_LOG10F 1 -#define HAVE_LOGF 1 -#define HAVE_LOG1PF 1 -#define HAVE_EXPF 1 -#define HAVE_EXPM1F 1 -#define HAVE_ASINF 1 -#define HAVE_ACOSF 1 -#define HAVE_ATANF 1 -#define HAVE_ASINHF 1 -#define HAVE_ACOSHF 1 -#define HAVE_ATANHF 1 -#define HAVE_HYPOTF 1 -#define HAVE_ATAN2F 1 -#define HAVE_POWF 1 -#define HAVE_FMODF 1 -#define HAVE_MODFF 1 -#define HAVE_FREXPF 1 -#define HAVE_LDEXPF 1 -#define HAVE_EXP2F 1 -#define HAVE_LOG2F 1 -#define HAVE_COPYSIGNF 1 -#define HAVE_NEXTAFTERF 1 -#define HAVE_SINL 1 -#define HAVE_COSL 1 -#define HAVE_TANL 1 -#define HAVE_SINHL 1 -#define HAVE_COSHL 1 -#define HAVE_TANHL 1 -#define HAVE_FABSL 1 -#define HAVE_FLOORL 1 -#define HAVE_CEILL 1 -#define HAVE_RINTL 1 -#define HAVE_TRUNCL 1 -#define HAVE_SQRTL 1 -#define HAVE_LOG10L 1 -#define HAVE_LOGL 1 -#define HAVE_LOG1PL 1 -#define HAVE_EXPL 1 -#define HAVE_EXPM1L 1 -#define HAVE_ASINL 1 -#define HAVE_ACOSL 1 -#define HAVE_ATANL 1 -#define HAVE_ASINHL 1 -#define HAVE_ACOSHL 1 -#define HAVE_ATANHL 1 -#define HAVE_HYPOTL 1 -#define HAVE_ATAN2L 1 -#define HAVE_POWL 1 -#define HAVE_FMODL 1 -#define HAVE_MODFL 1 -#define HAVE_FREXPL 1 -#define HAVE_LDEXPL 1 -#define HAVE_EXP2L 1 -#define HAVE_LOG2L 1 -#define HAVE_COPYSIGNL 1 -#define HAVE_NEXTAFTERL 1 -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H 1 -#define HAVE_CREAL 1 -#define HAVE_CIMAG 1 -#define HAVE_CABS 1 -#define HAVE_CARG 1 -#define HAVE_CEXP 1 -#define HAVE_CSQRT 1 -#define HAVE_CLOG 1 -#define HAVE_CCOS 1 -#define HAVE_CSIN 1 -#define HAVE_CPOW 1 -#define HAVE_CREALF 1 -#define HAVE_CIMAGF 1 -#define HAVE_CABSF 1 -#define HAVE_CARGF 1 -#define HAVE_CEXPF 1 -#define HAVE_CSQRTF 1 -#define HAVE_CLOGF 1 -#define HAVE_CCOSF 1 -#define HAVE_CSINF 1 -#define HAVE_CPOWF 1 -#define HAVE_CREALL 1 -#define HAVE_CIMAGL 1 -#define HAVE_CABSL 1 -#define HAVE_CARGL 1 -#define HAVE_CEXPL 1 -#define HAVE_CSQRTL 1 -#define HAVE_CLOGL 1 -#define HAVE_CCOSL 1 -#define HAVE_CSINL 1 -#define HAVE_CPOWL 1 -#define HAVE_LDOUBLE_INTEL_EXTENDED_16_BYTES_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/x86/config.h b/poky/meta/recipes-devtools/python-numpy/files/x86/config.h deleted file mode 100644 index 08e41e3d9..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/x86/config.h +++ /dev/null @@ -1,108 +0,0 @@ -#define SIZEOF_PY_INTPTR_T 4 -#define SIZEOF_PY_LONG_LONG 8 -#define MATHLIB m -#define HAVE_SIN -#define HAVE_COS -#define HAVE_TAN -#define HAVE_SINH -#define HAVE_COSH -#define HAVE_TANH -#define HAVE_FABS -#define HAVE_FLOOR -#define HAVE_CEIL -#define HAVE_SQRT -#define HAVE_LOG10 -#define HAVE_LOG -#define HAVE_EXP -#define HAVE_ASIN -#define HAVE_ACOS -#define HAVE_ATAN -#define HAVE_FMOD -#define HAVE_MODF -#define HAVE_FREXP -#define HAVE_LDEXP -#define HAVE_RINT -#define HAVE_TRUNC -#define HAVE_EXP2 -#define HAVE_LOG2 -#define HAVE_ATAN2 -#define HAVE_POW -#define HAVE_NEXTAFTER -#define HAVE_SINF -#define HAVE_COSF -#define HAVE_TANF -#define HAVE_SINHF -#define HAVE_COSHF -#define HAVE_TANHF -#define HAVE_FABSF -#define HAVE_FLOORF -#define HAVE_CEILF -#define HAVE_RINTF -#define HAVE_TRUNCF -#define HAVE_SQRTF -#define HAVE_LOG10F -#define HAVE_LOGF -#define HAVE_LOG1PF -#define HAVE_EXPF -#define HAVE_EXPM1F -#define HAVE_ASINF -#define HAVE_ACOSF -#define HAVE_ATANF -#define HAVE_ASINHF -#define HAVE_ACOSHF -#define HAVE_ATANHF -#define HAVE_HYPOTF -#define HAVE_ATAN2F -#define HAVE_POWF -#define HAVE_FMODF -#define HAVE_MODFF -#define HAVE_FREXPF -#define HAVE_LDEXPF -#define HAVE_EXP2F -#define HAVE_LOG2F -#define HAVE_COPYSIGNF -#define HAVE_NEXTAFTERF -#define HAVE_SINL -#define HAVE_COSL -#define HAVE_TANL -#define HAVE_SINHL -#define HAVE_COSHL -#define HAVE_TANHL -#define HAVE_FABSL -#define HAVE_FLOORL -#define HAVE_CEILL -#define HAVE_RINTL -#define HAVE_TRUNCL -#define HAVE_SQRTL -#define HAVE_LOG10L -#define HAVE_LOGL -#define HAVE_LOG1PL -#define HAVE_EXPL -#define HAVE_EXPM1L -#define HAVE_ASINL -#define HAVE_ACOSL -#define HAVE_ATANL -#define HAVE_ASINHL -#define HAVE_ACOSHL -#define HAVE_ATANHL -#define HAVE_HYPOTL -#define HAVE_ATAN2L -#define HAVE_POWL -#define HAVE_FMODL -#define HAVE_MODFL -#define HAVE_FREXPL -#define HAVE_LDEXPL -#define HAVE_EXP2L -#define HAVE_LOG2L -#define HAVE_COPYSIGNL -#define HAVE_NEXTAFTERL -#define HAVE_DECL_SIGNBIT -#define HAVE_COMPLEX_H -#define HAVE_LDOUBLE_INTEL_EXTENDED_12_BYTES_LE 1 -#ifndef __cplusplus -/* #undef inline */ -#endif - -#ifndef _NPY_NPY_CONFIG_H_ -#error config.h should never be included directly, include npy_config.h instead -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h b/poky/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h deleted file mode 100644 index ff7938cd9..000000000 --- a/poky/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h +++ /dev/null @@ -1,24 +0,0 @@ -#ifndef _NPY_NUMPYCONFIG_H_ -#define _NPY_NUMPYCONFIG_H_ - -#include "_numpyconfig.h" - -/* - * On Mac OS X, because there is only one configuration stage for all the archs - * in universal builds, any macro which depends on the arch needs to be - * harcoded - */ -#ifdef __APPLE__ - #undef NPY_SIZEOF_LONG - #undef NPY_SIZEOF_PY_INTPTR_T - - #ifdef __LP64__ - #define NPY_SIZEOF_LONG 8 - #define NPY_SIZEOF_PY_INTPTR_T 8 - #else - #define NPY_SIZEOF_LONG 4 - #define NPY_SIZEOF_PY_INTPTR_T 4 - #endif -#endif - -#endif diff --git a/poky/meta/recipes-devtools/python-numpy/python-numpy.inc b/poky/meta/recipes-devtools/python-numpy/python-numpy.inc index a12e72f96..f68b90e6b 100644 --- a/poky/meta/recipes-devtools/python-numpy/python-numpy.inc +++ b/poky/meta/recipes-devtools/python-numpy/python-numpy.inc @@ -8,7 +8,6 @@ SRCNAME = "numpy" SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${SRCNAME}-${PV}.tar.gz \ file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ file://0001-npy_cpu-Add-riscv-support.patch \ - ${CONFIGFILESURI} \ file://0001-numpy-random-setup.py-remove-the-detection-of-x86-ta.patch \ " SRC_URI[md5sum] = "c48b2ad785f82cdfe28c907ce35e2a71" @@ -20,77 +19,10 @@ UPSTREAM_CHECK_REGEX = "(?P\d+(\.\d+)+)\.tar" # Needed for building with gcc 4.x from centos 7 CFLAGS_append_class-native = " -std=c99" -CONFIGFILESURI ?= "" - -CONFIGFILESURI_aarch64 = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_arm = " \ - file://config.h \ - file://numpyconfig.h \ -" -CONFIGFILESURI_armeb = " \ - file://config.h \ - file://numpyconfig.h \ -" -CONFIGFILESURI_mipsarcho32el = " \ - file://config.h \ - file://numpyconfig.h \ -" -CONFIGFILESURI_x86 = " \ - file://config.h \ - file://numpyconfig.h \ -" -CONFIGFILESURI_x86-64 = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_mipsarcho32eb = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_powerpc = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_powerpc64 = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_mipsarchn64eb = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_mipsarchn64el = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_mipsarchn32eb = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_mipsarchn32el = " \ - file://config.h \ - file://_numpyconfig.h \ -" -CONFIGFILESURI_riscv64 = " \ - file://config.h \ - file://_numpyconfig.h \ -" - S = "${WORKDIR}/numpy-${PV}" CLEANBROKEN = "1" -# Make the build fail and replace *config.h with proper one -# This is a ugly, ugly hack - Koen -do_compile_prepend_class-target() { - ${STAGING_BINDIR_NATIVE}/${PYTHON_PN}-native/${PYTHON_PN} setup.py build ${DISTUTILS_BUILD_ARGS} || \ - true - cp ${WORKDIR}/*config.h ${S}/build/$(ls ${S}/build | grep src)/numpy/core/include/numpy/ -} - FILES_${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/numpy/core/lib/*.a" # install what is needed for numpy.test() diff --git a/poky/meta/recipes-devtools/python/python-native/debug.patch b/poky/meta/recipes-devtools/python/python-native/debug.patch deleted file mode 100644 index 361788264..000000000 --- a/poky/meta/recipes-devtools/python/python-native/debug.patch +++ /dev/null @@ -1,32 +0,0 @@ -Upstream-Status: Pending - -Index: Python-2.7.12/Lib/distutils/unixccompiler.py -=================================================================== ---- Python-2.7.12.orig/Lib/distutils/unixccompiler.py -+++ Python-2.7.12/Lib/distutils/unixccompiler.py -@@ -278,6 +278,8 @@ class UnixCCompiler(CCompiler): - - - -+ print "Looking in %s for %s" % (lib, dirs) -+ - for dir in dirs: - shared = os.path.join(dir, shared_f) - dylib = os.path.join(dir, dylib_f) -@@ -298,12 +300,16 @@ class UnixCCompiler(CCompiler): - # assuming that *all* Unix C compilers do. And of course I'm - # ignoring even GCC's "-static" option. So sue me. - if os.path.exists(dylib): -+ print "Found %s" % (dylib) - return dylib - elif os.path.exists(xcode_stub): -+ print "Found %s" % (xcode_stub) - return xcode_stub - elif os.path.exists(shared): -+ print "Found %s" % (shared) - return shared - elif os.path.exists(static): -+ print "Found %s" % (static) - return static - - # Oops, didn't find it in *any* of 'dirs' diff --git a/poky/meta/recipes-devtools/python/python-native_2.7.16.bb b/poky/meta/recipes-devtools/python/python-native_2.7.16.bb index b7442800d..90103af8b 100644 --- a/poky/meta/recipes-devtools/python/python-native_2.7.16.bb +++ b/poky/meta/recipes-devtools/python/python-native_2.7.16.bb @@ -7,7 +7,6 @@ SRC_URI += "\ file://10-distutils-fix-swig-parameter.patch \ file://11-distutils-never-modify-shebang-line.patch \ file://0001-distutils-set-the-prefix-to-be-inside-staging-direct.patch \ - file://debug.patch \ file://unixccompiler.patch \ file://nohostlibs.patch \ file://multilib.patch \ diff --git a/poky/meta/recipes-devtools/python/python-setuptools.inc b/poky/meta/recipes-devtools/python/python-setuptools.inc index 322197eed..027e259be 100644 --- a/poky/meta/recipes-devtools/python/python-setuptools.inc +++ b/poky/meta/recipes-devtools/python/python-setuptools.inc @@ -10,8 +10,8 @@ inherit pypi SRC_URI_append_class-native = " file://0001-conditionally-do-not-fetch-code-by-easy_install.patch" -SRC_URI[md5sum] = "a3470ce184da33f0fa6c9f44f6221bc0" -SRC_URI[sha256sum] = "66b86bbae7cc7ac2e867f52dc08a6bd064d938bac59dfec71b9b565dd36d6012" +SRC_URI[md5sum] = "89a592d733b31e180a4b6ad760c0685a" +SRC_URI[sha256sum] = "7eae782ccf36b790c21bde7d86a4f303a441cd77036b25c559a602cf5186ce4d" DEPENDS += "${PYTHON_PN}" diff --git a/poky/meta/recipes-devtools/python/python-setuptools_41.2.0.bb b/poky/meta/recipes-devtools/python/python-setuptools_41.2.0.bb deleted file mode 100644 index cf9440495..000000000 --- a/poky/meta/recipes-devtools/python/python-setuptools_41.2.0.bb +++ /dev/null @@ -1,9 +0,0 @@ -require python-setuptools.inc - -PROVIDES = "python-distribute" - -inherit setuptools - -RREPLACES_${PN} = "python-distribute" -RPROVIDES_${PN} = "python-distribute" -RCONFLICTS_${PN} = "python-distribute" diff --git a/poky/meta/recipes-devtools/python/python-setuptools_41.4.0.bb b/poky/meta/recipes-devtools/python/python-setuptools_41.4.0.bb new file mode 100644 index 000000000..cf9440495 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python-setuptools_41.4.0.bb @@ -0,0 +1,9 @@ +require python-setuptools.inc + +PROVIDES = "python-distribute" + +inherit setuptools + +RREPLACES_${PN} = "python-distribute" +RPROVIDES_${PN} = "python-distribute" +RCONFLICTS_${PN} = "python-distribute" diff --git a/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch new file mode 100644 index 000000000..3025cf7bc --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch @@ -0,0 +1,101 @@ +From b161c89c8bd66fe928192e21364678c8e9b8fcc0 Mon Sep 17 00:00:00 2001 +From: Dong-hee Na +Date: Tue, 1 Oct 2019 19:58:01 +0900 +Subject: [PATCH] [2.7] bpo-38243: Escape the server title of DocXMLRPCServer + (GH-16447) + +Escape the server title of DocXMLRPCServer.DocXMLRPCServer +when rendering the document page as HTML. + +CVE: CVE-2019-16935 + +Upstream-Status: Backport [https://github.com/python/cpython/pull/16447/commits/b41cde823d026f2adc21ef14b1c2e92b1006de06] + +Signed-off-by: Chen Qi +--- + Lib/DocXMLRPCServer.py | 13 +++++++++++- + Lib/test/test_docxmlrpc.py | 20 +++++++++++++++++++ + .../2019-09-25-13-21-09.bpo-38243.1pfz24.rst | 3 +++ + 3 files changed, 35 insertions(+), 1 deletion(-) + create mode 100644 Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst + +diff --git a/Lib/DocXMLRPCServer.py b/Lib/DocXMLRPCServer.py +index 4064ec2e48..90b037dd35 100644 +--- a/Lib/DocXMLRPCServer.py ++++ b/Lib/DocXMLRPCServer.py +@@ -20,6 +20,16 @@ from SimpleXMLRPCServer import (SimpleXMLRPCServer, + CGIXMLRPCRequestHandler, + resolve_dotted_attribute) + ++ ++def _html_escape_quote(s): ++ s = s.replace("&", "&") # Must be done first! ++ s = s.replace("<", "<") ++ s = s.replace(">", ">") ++ s = s.replace('"', """) ++ s = s.replace('\'', "'") ++ return s ++ ++ + class ServerHTMLDoc(pydoc.HTMLDoc): + """Class used to generate pydoc HTML document for a server""" + +@@ -210,7 +220,8 @@ class XMLRPCDocGenerator: + methods + ) + +- return documenter.page(self.server_title, documentation) ++ title = _html_escape_quote(self.server_title) ++ return documenter.page(title, documentation) + + class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler): + """XML-RPC and documentation request handler class. +diff --git a/Lib/test/test_docxmlrpc.py b/Lib/test/test_docxmlrpc.py +index 4dff4159e2..c45b892b8b 100644 +--- a/Lib/test/test_docxmlrpc.py ++++ b/Lib/test/test_docxmlrpc.py +@@ -1,5 +1,6 @@ + from DocXMLRPCServer import DocXMLRPCServer + import httplib ++import re + import sys + from test import test_support + threading = test_support.import_module('threading') +@@ -176,6 +177,25 @@ class DocXMLRPCHTTPGETServer(unittest.TestCase): + self.assertIn("""Try self.add, too.""", + response.read()) + ++ def test_server_title_escape(self): ++ """Test that the server title and documentation ++ are escaped for HTML. ++ """ ++ self.serv.set_server_title('test_title