Re: [OE-core] [PATCH V2 1/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Denys Dmytriyenko 
On Tue, Oct 17, 2017 at 10:31:11AM +0800, ChenQi wrote:
> On 10/17/2017 10:18 AM, Denys Dmytriyenko wrote:
> >On Tue, Oct 17, 2017 at 09:46:32AM +0800, Chen Qi wrote:
> >>We changed to make tools required by testimage to be included conditionally.
> >>This resulted in users who use ssh for git fetching having failures.
> >>
> >>Add ssh to HOSTTOOLS_NONFATAL to make things work for the above situation.
> >>
> >>[YOCTO #12227]
> >>
> >>Signed-off-by: Chen Qi 
> >>---
> >1. Why don't people specify what has changed between v1 and v2 of the patch?
> 
> It's in [OE-core] [PATCH V2 0/1] bitbake.conf: add ssh to
> HOSTTOOLS_NONFATAL.

The changelog between patch revisions?


> >2. A corrected/sorted patch already went in earlier:
> >http://cgit.openembedded.org/openembedded-core/commit/?id=50e7619aebae5351e9a41fe1b909a31b9e383f0a
> 
> Sorry. My carelessness.
> I should have checked the latest master.
> 
> Best Regards,
> Chen Qi
> >
> >>  meta/conf/bitbake.conf | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >>diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
> >>index 0eefb86..4fba9d6 100644
> >>--- a/meta/conf/bitbake.conf
> >>+++ b/meta/conf/bitbake.conf
> >>@@ -487,7 +487,7 @@ HOSTTOOLS += " \
> >>  HOSTTOOLS += "${@['', 'ip ping ps scp ssh 
> >> stty'][bb.data.inherits_class('testimage', d)]}"
> >>  # Link to these if present
> >>-HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat 
> >>sudo"
> >>+HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat 
> >>ssh sudo"
> >>  # Temporary add few more detected in bitbake world
> >>  HOSTTOOLS_NONFATAL += "join nl size yes zcat"
> >>-- 
> >>1.9.1
> >>
> >>-- 
> >>___
> >>Openembedded-core mailing list
> >>Openembedded-core@lists.openembedded.org
> >>http://lists.openembedded.org/mailman/listinfo/openembedded-core
> 
> 
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH V2 1/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread ChenQi 

On 10/17/2017 10:18 AM, Denys Dmytriyenko wrote:

On Tue, Oct 17, 2017 at 09:46:32AM +0800, Chen Qi wrote:

We changed to make tools required by testimage to be included conditionally.
This resulted in users who use ssh for git fetching having failures.

Add ssh to HOSTTOOLS_NONFATAL to make things work for the above situation.

[YOCTO #12227]

Signed-off-by: Chen Qi 
---

1. Why don't people specify what has changed between v1 and v2 of the patch?


It's in [OE-core] [PATCH V2 0/1] bitbake.conf: add ssh to 
HOSTTOOLS_NONFATAL.




2. A corrected/sorted patch already went in earlier:
http://cgit.openembedded.org/openembedded-core/commit/?id=50e7619aebae5351e9a41fe1b909a31b9e383f0a


Sorry. My carelessness.
I should have checked the latest master.

Best Regards,
Chen Qi



  meta/conf/bitbake.conf | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 0eefb86..4fba9d6 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -487,7 +487,7 @@ HOSTTOOLS += " \
  HOSTTOOLS += "${@['', 'ip ping ps scp ssh 
stty'][bb.data.inherits_class('testimage', d)]}"
  
  # Link to these if present

-HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat sudo"
+HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat ssh 
sudo"
  
  # Temporary add few more detected in bitbake world

  HOSTTOOLS_NONFATAL += "join nl size yes zcat"
--
1.9.1

--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core



--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] kexec-tools: add systemd support for kdump

2017-10-16 Thread Wenlin Kang 
Add file kdump.service to support kdump in systemd.

Signed-off-by: Wenlin Kang 
---
 meta/recipes-kernel/kexec/kexec-tools.inc  |  1 +
 .../recipes-kernel/kexec/kexec-tools/kdump.service | 12 +++
 meta/recipes-kernel/kexec/kexec-tools_2.0.14.bb| 23 +-
 3 files changed, 31 insertions(+), 5 deletions(-)
 create mode 100644 meta/recipes-kernel/kexec/kexec-tools/kdump.service

diff --git a/meta/recipes-kernel/kexec/kexec-tools.inc 
b/meta/recipes-kernel/kexec/kexec-tools.inc
index bdfe024..c689bec 100644
--- a/meta/recipes-kernel/kexec/kexec-tools.inc
+++ b/meta/recipes-kernel/kexec/kexec-tools.inc
@@ -11,6 +11,7 @@ DEPENDS = "zlib xz"
 SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/kernel/kexec/kexec-tools-${PV}.tar.gz \
file://kdump \
file://kdump.conf \
+   file://kdump.service \
 "
 
 PR = "r1"
diff --git a/meta/recipes-kernel/kexec/kexec-tools/kdump.service 
b/meta/recipes-kernel/kexec/kexec-tools/kdump.service
new file mode 100644
index 000..4e65a46
--- /dev/null
+++ b/meta/recipes-kernel/kexec/kexec-tools/kdump.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Reboot and dump vmcore via kexec
+DefaultDependencies=no
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@LIBEXECDIR@/kdump-helper start
+ExecStop=@LIBEXECDIR@/kdump-helper stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta/recipes-kernel/kexec/kexec-tools_2.0.14.bb 
b/meta/recipes-kernel/kexec/kexec-tools_2.0.14.bb
index bd89720..0f6398f1 100644
--- a/meta/recipes-kernel/kexec/kexec-tools_2.0.14.bb
+++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.14.bb
@@ -34,19 +34,32 @@ ALLOW_EMPTY_${PN} = "1"
 RRECOMMENDS_${PN} = "kexec kdump vmcore-dmesg"
 
 FILES_kexec = "${sbindir}/kexec"
-FILES_kdump = "${sbindir}/kdump ${sysconfdir}/init.d/kdump \
-   ${sysconfdir}/sysconfig/kdump.conf"
+FILES_kdump = "${sbindir}/kdump \
+   ${sysconfdir}/sysconfig/kdump.conf \
+   ${sysconfdir}/init.d/kdump \
+   ${libexecdir}/kdump-helper \
+   ${systemd_unitdir}/system/kdump.service \
+"
+
 FILES_vmcore-dmesg = "${sbindir}/vmcore-dmesg"
 
-inherit update-rc.d
+inherit update-rc.d systemd
 
 INITSCRIPT_PACKAGES = "kdump"
 INITSCRIPT_NAME_kdump = "kdump"
 INITSCRIPT_PARAMS_kdump = "start 56 2 3 4 5 . stop 56 0 1 6 ."
 
 do_install_append () {
-install -d ${D}${sysconfdir}/init.d
-install -m 0755 ${WORKDIR}/kdump ${D}${sysconfdir}/init.d/kdump
 install -d ${D}${sysconfdir}/sysconfig
 install -m 0644 ${WORKDIR}/kdump.conf ${D}${sysconfdir}/sysconfig
+
+if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 
'false', d)}; then
+install -D -m 0755 ${WORKDIR}/kdump 
${D}${sysconfdir}/init.d/kdump
+fi
+
+if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', 
d)}; then
+install -D -m 0755 ${WORKDIR}/kdump 
${D}${libexecdir}/kdump-helper
+install -D -m 0644 ${WORKDIR}/kdump.service 
${D}${systemd_unitdir}/system/kdump.service
+sed -i -e 's,@LIBEXECDIR@,${libexecdir},g' 
${D}${systemd_unitdir}/system/kdump.service
+fi
 }
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH V2 1/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Denys Dmytriyenko 
On Tue, Oct 17, 2017 at 09:46:32AM +0800, Chen Qi wrote:
> We changed to make tools required by testimage to be included conditionally.
> This resulted in users who use ssh for git fetching having failures.
> 
> Add ssh to HOSTTOOLS_NONFATAL to make things work for the above situation.
> 
> [YOCTO #12227]
> 
> Signed-off-by: Chen Qi 
> ---

1. Why don't people specify what has changed between v1 and v2 of the patch?

2. A corrected/sorted patch already went in earlier:
http://cgit.openembedded.org/openembedded-core/commit/?id=50e7619aebae5351e9a41fe1b909a31b9e383f0a


>  meta/conf/bitbake.conf | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
> index 0eefb86..4fba9d6 100644
> --- a/meta/conf/bitbake.conf
> +++ b/meta/conf/bitbake.conf
> @@ -487,7 +487,7 @@ HOSTTOOLS += " \
>  HOSTTOOLS += "${@['', 'ip ping ps scp ssh 
> stty'][bb.data.inherits_class('testimage', d)]}"
>  
>  # Link to these if present
> -HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat 
> sudo"
> +HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat 
> ssh sudo"
>  
>  # Temporary add few more detected in bitbake world
>  HOSTTOOLS_NONFATAL += "join nl size yes zcat"
> -- 
> 1.9.1
> 
> -- 
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] ✗ patchtest: failure for bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Patchwork 
== Series Details ==

Series: bitbake.conf: add ssh to HOSTTOOLS_NONFATAL
Revision: 1
URL   : https://patchwork.openembedded.org/series/9370/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Series does not apply on top of target branch 
[test_series_merge_on_head] 
  Suggested fixRebase your series on top of targeted branch
  Targeted branch  master (currently at 3b413a8057)



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH V2 1/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Chen Qi 
We changed to make tools required by testimage to be included conditionally.
This resulted in users who use ssh for git fetching having failures.

Add ssh to HOSTTOOLS_NONFATAL to make things work for the above situation.

[YOCTO #12227]

Signed-off-by: Chen Qi 
---
 meta/conf/bitbake.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index 0eefb86..4fba9d6 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -487,7 +487,7 @@ HOSTTOOLS += " \
 HOSTTOOLS += "${@['', 'ip ping ps scp ssh 
stty'][bb.data.inherits_class('testimage', d)]}"
 
 # Link to these if present
-HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat sudo"
+HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat ssh 
sudo"
 
 # Temporary add few more detected in bitbake world
 HOSTTOOLS_NONFATAL += "join nl size yes zcat"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH V2 0/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Chen Qi 
 V2 *
Change to keep the alphabetical order.

The following changes since commit 96967261993f8b583b51cdeccbb1fd06042d2192:

  bitbake: toaster/highlight.pack.js: Fix corrupted file (2017-10-10 11:05:08 
+0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib ChenQi/bug12227
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=ChenQi/bug12227

Chen Qi (1):
  bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

 meta/conf/bitbake.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v5 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Denys Dmytriyenko 
On Mon, Oct 16, 2017 at 09:34:04PM +0100, Burton, Ross wrote:
> On 16 October 2017 at 18:30, Otavio Salvador <
> otavio.salva...@ossystems.com.br> wrote:
> 
> >
> > > +  
> > > file://weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> > \
> > > +  file://fix-missing-header.patch \
> >
> > Those should be documented on commit log
> >
> >
> Agreed.  The missing header one should say what platform causes it to be a
> problem (in case it never gets upstreamed and someone tests it again on
> just glibc).  


> And is the pitch patch sufficiently broken that we need to backport it?

My point exactly - doesn't seem to be a very broad problem...
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] ✗ patchtest: failure for "[v2] perl-native: upgrade from..." and 4 more

2017-10-16 Thread Patchwork 
== Series Details ==

Series: "[v2] perl-native: upgrade from..." and 4 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9366/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Upstream-Status is in incorrect format 
[test_upstream_status_format] 
  Suggested fixFix Upstream-Status format in 
meta/recipes-devtools/perl/perl/PPPort_pm-fix-require.patch so it is one of: 
Pending, Submitted, Accepted, Backport, Denied, Inappropriate

* Issue Added patch file is missing Upstream-Status in the header 
[test_upstream_status_presence] 
  Suggested fixAdd Upstream-Status:  to the header of 
meta/recipes-devtools/perl/perl/native-nopacklist-native.patch (possible 
values: Pending, Submitted, Accepted, Backport, Denied, Inappropriate)



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH][krogoth] wpa_supplicant: fix WPA2 key replay security bug

2017-10-16 Thread Ross Burton 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

Signed-off-by: Ross Burton 
---
 .../wpa-supplicant/key-replay-cve-multiple.patch   | 939 +
 .../wpa-supplicant/wpa-supplicant_2.5.bb   |   1 +
 2 files changed, 940 insertions(+)
 create mode 100644 
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch

diff --git 
a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
new file mode 100644
index 000..32fad29cf63
--- /dev/null
+++ 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
@@ -0,0 +1,939 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+
+Backport a number of patches from upstream to fix this.
+
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+
+Thanks to Wind River for the backport from upstream master to wpa_supplicant
+2.5.
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton 
+
+From 9a4a0f78bb2ad516d4a295fb5d042f8a61bd3f47 Mon Sep 17 00:00:00 2001
+From: Haiqing Bai 
+Date: Thu, 12 Oct 2017 10:13:17 +0800
+Subject: [PATCH 1/7] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef 
+
+Upstream-Status: Backport
+
+Signed-off-by: Haiqing Bai 
+---
+ src/ap/wpa_auth.c|  9 +
+ src/ap/wpa_auth.h|  3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h  |  1 +
+ 4 files changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 2760a3f..b38a64d 100644
+--- a/src/ap/wpa_auth.c
 b/src/ap/wpa_auth.c
+@@ -1740,6 +1740,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum 
wpa_event event)
+ #else /* CONFIG_IEEE80211R */
+   break;
+ #endif /* CONFIG_IEEE80211R */
++  case WPA_DRV_STA_REMOVED:
++  sm->tk_already_set = FALSE;
++  return 0;
+   }
+ 
+ #ifdef CONFIG_IEEE80211R
+@@ -3208,6 +3211,12 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine 
*sm)
+   return sm->wpa;
+ }
+ 
++int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
++{
++  if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
++  return 0;
++  return sm->tk_already_set;
++}
+ 
+ int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
+struct rsn_pmksa_cache_entry *entry)
+diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
+index fd04f16..3e53461 100644
+--- a/src/ap/wpa_auth.h
 b/src/ap/wpa_auth.h
+@@ -258,7 +258,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
+u8 *data, size_t data_len);
+ enum wpa_event {
+   WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
+-  WPA_REAUTH_EAPOL, WPA_ASSOC_FT
++  WPA_REAUTH_EAPOL, WPA_ASSOC_FT,

[OE-core] [PATCH v2 5/5] ruby: upgrade to 2.4.2

2017-10-16 Thread leonardo . sandoval . gonzalez 
From: Leonardo Sandoval 

The CVE-2017-14064 patch is already at 2.4.2 as explained on
project's commit, so removing from the recipe & repo.

commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153
Author: hsbt 
Date:   Wed Apr 12 00:21:18 2017 +

Merge json-2.0.4.

  * https://github.com/flori/json/releases/tag/v2.0.4
  * 
https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 
b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Signed-off-by: Leonardo Sandoval 
---
 .../ruby/ruby/ruby-CVE-2017-14064.patch| 87 --
 .../ruby/{ruby_2.4.1.bb => ruby_2.4.2.bb}  |  5 +-
 2 files changed, 2 insertions(+), 90 deletions(-)
 delete mode 100644 meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-14064.patch
 rename meta/recipes-devtools/ruby/{ruby_2.4.1.bb => ruby_2.4.2.bb} (88%)

diff --git a/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-14064.patch 
b/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-14064.patch
deleted file mode 100644
index 88e693c94e..00
--- a/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-14064.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 8f782fd8e181d9cfe9387ded43a5ca9692266b85 Mon Sep 17 00:00:00 2001
-From: Florian Frank 
-Date: Thu, 2 Mar 2017 12:12:33 +0100
-Subject: [PATCH] Fix arbitrary heap exposure problem
-
-Upstream-Status: Backport
-CVE: CVE-2017-14064
-
-Signed-off-by: Ovidiu Panait 

- ext/json/generator/generator.c | 12 ++--
- ext/json/generator/generator.h |  1 -
- 2 files changed, 6 insertions(+), 7 deletions(-)
-
-diff --git a/ext/json/generator/generator.c b/ext/json/generator/generator.c
-index ef85bb7..c88818c 100644
 a/ext/json/generator/generator.c
-+++ b/ext/json/generator/generator.c
-@@ -308,7 +308,7 @@ static char *fstrndup(const char *ptr, unsigned long len) {
-   char *result;
-   if (len <= 0) return NULL;
-   result = ALLOC_N(char, len);
--  memccpy(result, ptr, 0, len);
-+  memcpy(result, ptr, len);
-   return result;
- }
- 
-@@ -1062,7 +1062,7 @@ static VALUE cState_indent_set(VALUE self, VALUE indent)
- }
- } else {
- if (state->indent) ruby_xfree(state->indent);
--state->indent = strdup(RSTRING_PTR(indent));
-+state->indent = fstrndup(RSTRING_PTR(indent), len);
- state->indent_len = len;
- }
- return Qnil;
-@@ -1100,7 +1100,7 @@ static VALUE cState_space_set(VALUE self, VALUE space)
- }
- } else {
- if (state->space) ruby_xfree(state->space);
--state->space = strdup(RSTRING_PTR(space));
-+state->space = fstrndup(RSTRING_PTR(space), len);
- state->space_len = len;
- }
- return Qnil;
-@@ -1136,7 +1136,7 @@ static VALUE cState_space_before_set(VALUE self, VALUE 
space_before)
- }
- } else {
- if (state->space_before) ruby_xfree(state->space_before);
--state->space_before = strdup(RSTRING_PTR(space_before));
-+state->space_before = fstrndup(RSTRING_PTR(space_before), len);
- state->space_before_len = len;
- }
- return Qnil;
-@@ -1173,7 +1173,7 @@ static VALUE cState_object_nl_set(VALUE self, VALUE 
object_nl)
- }
- } else {
- if (state->object_nl) ruby_xfree(state->object_nl);
--state->object_nl = strdup(RSTRING_PTR(object_nl));
-+state->object_nl = fstrndup(RSTRING_PTR(object_nl), len);
- state->object_nl_len = len;
- }
- return Qnil;
-@@ -1208,7 +1208,7 @@ static VALUE cState_array_nl_set(VALUE self, VALUE 
array_nl)
- }
- } else {
- if (state->array_nl) ruby_xfree(state->array_nl);
--state->array_nl = strdup(RSTRING_PTR(array_nl));
-+state->array_nl = fstrndup(RSTRING_PTR(array_nl), len);
- state->array_nl_len = len;
- }
- return Qnil;
-diff --git a/ext/json/generator/generator.h b/ext/json/generator/generator.h
-index 900b4d5..c367a62 100644
 a/ext/json/generator/generator.h
-+++ b/ext/json/generator/generator.h
-@@ -1,7 +1,6 @@
- #ifndef _GENERATOR_H_
- #define _GENERATOR_H_
- 
--#include 
- #include 
- #include 
- 
--- 
-2.10.2
-
diff --git a/meta/recipes-devtools/ruby/ruby_2.4.1.bb 
b/meta/recipes-devtools/ruby/ruby_2.4.2.bb
similarity index 88%
rename from meta/recipes-devtools/ruby/ruby_2.4.1.bb
rename to meta/recipes-devtools/ruby/ruby_2.4.2.bb
index 7d27ac84ec..b471154a22 100644
--- a/meta/recipes-devtools/ruby/ruby_2.4.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.4.2.bb
@@ -6,11 +6,10 @@ SRC_URI += " \
file://ruby-CVE-2017-9227.patch \
file://ruby-CVE-2017-9228.patch \
file://ruby-CVE-2017-9229.patch \
-   file://ruby-CVE-2017-14064.patch \
"
 
-SRC_URI[md5sum] =

[OE-core] [PATCH v2 3/5] git.inc: remove sed statement removing SVN lines from .packlist

2017-10-16 Thread leonardo . sandoval . gonzalez 
From: Leonardo Sandoval 

The git-perltools package created with perl 5.26.1 does not contain
the  .packlist file thus there is no need to sed on this file.

More general, the buildhistory-diff tool shows the following changes on
the related package, clearly indicating that .packlist is not there anymore.

diff --git 
a/packages/i586-poky-linux/git/git-perltools/files-in-package.txt 
b/packages/i586-poky-linux/git/git-perltools/files-in-package.txt
index 0780bf9..f5b70f6 100644
--- a/packages/i586-poky-linux/git/git-perltools/files-in-package.txt
+++ b/packages/i586-poky-linux/git/git-perltools/files-in-package.txt
@@ -1,7 +1,7 @@
 drwxr-xr-x root   root   61 ./usr
 drwxr-xr-x root   root   26 ./usr/lib
 drwxr-xr-x root   root   30 ./usr/libexec
-drwxr-xr-x root   root  269 ./usr/libexec/git-core
+drwxr-xr-x root   root  288 ./usr/libexec/git-core
 -rwxr-xr-x root   root42296 
./usr/libexec/git-core/git-add--interactive
 -rwxr-xr-x root   root  2323504 ./usr/libexec/git-core/git-am
 -rwxr-xr-x root   root36973 
./usr/libexec/git-core/git-archimport
@@ -12,18 +12,28 @@ drwxr-xr-x root   root  269 
./usr/libexec/git-core
 -rwxr-xr-x root   root 3702 
./usr/libexec/git-core/git-request-pull
 -rwxr-xr-x root   root52159 
./usr/libexec/git-core/git-send-email
 -rwxr-xr-x root   root28086 
./usr/libexec/git-core/git-submodule
+-rwxr-xr-x root   root64175 ./usr/libexec/git-core/git-svn
 drwxr-xr-x root   root   31 ./usr/lib/perl
 drwxr-xr-x root   root   28 ./usr/lib/perl/site_perl
-drwxr-xr-x root   root  104 ./usr/lib/perl/site_perl/5.24.1
-drwxr-xr-x root   root   25 
./usr/lib/perl/site_perl/5.24.1/auto
-drwxr-xr-x root   root   31 
./usr/lib/perl/site_perl/5.24.1/auto/Git
--rw-r--r-- root   root 1115 
./usr/lib/perl/site_perl/5.24.1/auto/Git/.packlist
--r--r--r-- root   root19087 
./usr/lib/perl/site_perl/5.24.1/Error.pm
-drwxr-xr-x root   root   53 
./usr/lib/perl/site_perl/5.24.1/Git
--r--r--r-- root   root 2473 
./usr/lib/perl/site_perl/5.24.1/Git/I18N.pm
--r--r--r-- root   root  644 
./usr/lib/perl/site_perl/5.24.1/Git/IndexInfo.pm
--r--r--r-- root   root48000 
./usr/lib/perl/site_perl/5.24.1/Git.pm
--rw-r--r-- root   root  226 
./usr/lib/perl/site_perl/5.24.1/perllocal.pod
+drwxr-xr-x root   root   88 ./usr/lib/perl/site_perl/5.26.1
+-r--r--r-- root   root19087 
./usr/lib/perl/site_perl/5.26.1/Error.pm
+drwxr-xr-x root   root   86 
./usr/lib/perl/site_perl/5.26.1/Git
+-r--r--r-- root   root 2473 
./usr/lib/perl/site_perl/5.26.1/Git/I18N.pm
+-r--r--r-- root   root  644 
./usr/lib/perl/site_perl/5.26.1/Git/IndexInfo.pm
+-r--r--r-- root   root48000 
./usr/lib/perl/site_perl/5.26.1/Git.pm
+drwxr-xr-x root   root  195 
./usr/lib/perl/site_perl/5.26.1/Git/SVN
+-r--r--r-- root   root16945 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Editor.pm
+-r--r--r-- root   root18575 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Fetcher.pm
+-r--r--r-- root   root 1798 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/GlobSpec.pm
+-r--r--r-- root   root 9564 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Log.pm
+drwxr-xr-x root   root   29 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Memoize
+-r--r--r-- root   root 1748 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Memoize/YAML.pm
+-r--r--r-- root   root 8145 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Migration.pm
+-r--r--r-- root   root71721 
./usr/lib/perl/site_perl/5.26.1/Git/SVN.pm
+-r--r--r-- root   root 5319 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Prompt.pm
+-r--r--r-- root   root19358 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Ra.pm
+-r--r--r-- root   root 4586 
./usr/lib/perl/site_perl/5.26.1/Git/SVN/Utils.pm
+-rw-r--r-- root   root  226 
./usr/lib/perl/site_perl/5.26.1/perllocal.pod

Signed-off-by: Leonardo Sandoval 
---
 meta/recipes-devtools/git/git.inc | 1 -
 1 file changed, 1 deletion(-)

diff --git a/meta/recipes-devtools/git/git.inc 
b/meta/recipes-devtools/git/git.inc
index 9b4c1284d2..06ff27c70b 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -73,7 +73,6 @@ perl_native_fixup () {

[OE-core] [PATCH v2 1/5] perl-native: upgrade from 5.24.1 to 5.26.1

2017-10-16 Thread leonardo . sandoval . gonzalez 
From: Leonardo Sandoval 

Patch Name # Status at 5.26.1

file://Configure-multilib.patch# Already merged in 5.26.1, so removed it
file://perl-configpm-switch.patch  # Applies as it is
file://native-nopacklist.patch # Rebased it to 5.26.1
file://native-perlinc.patch# Already merged in 5.26.1, so removed it
file://MM_Unix.pm.patch# Rebased it to 5.26.1
file://debian/errno_ver.diff   # Applies as it is
file://dynaloaderhack.patch# Applies as it is
lfile://perl-PathTools-don-t-filter-out-blib-from-INC.patch# 
Already merged in 5.26.1, so removed it
file://0001-Configure-Remove-fstack-protector-strong-for-native-.patch # 
Applies as it is

Signed-off-by: Leonardo Sandoval 
---
 ...perl-native_5.24.1.bb => perl-native_5.26.1.bb} | 10 +++---
 ...emove-fstack-protector-strong-for-native-.patch |  1 +
 meta/recipes-devtools/perl/perl/MM_Unix.pm.patch   |  9 ++---
 .../perl/perl/native-nopacklist.patch  | 40 +++---
 4 files changed, 37 insertions(+), 23 deletions(-)
 rename meta/recipes-devtools/perl/{perl-native_5.24.1.bb => 
perl-native_5.26.1.bb} (93%)

diff --git a/meta/recipes-devtools/perl/perl-native_5.24.1.bb 
b/meta/recipes-devtools/perl/perl-native_5.26.1.bb
similarity index 93%
rename from meta/recipes-devtools/perl/perl-native_5.24.1.bb
rename to meta/recipes-devtools/perl/perl-native_5.26.1.bb
index e01d11fbed..8f5b872cbc 100644
--- a/meta/recipes-devtools/perl/perl-native_5.24.1.bb
+++ b/meta/recipes-devtools/perl/perl-native_5.26.1.bb
@@ -7,19 +7,17 @@ DEPENDS += "gdbm-native zlib-native"
 EXTRA_OEMAKE = "-e MAKEFLAGS="
 
 SRC_URI += "\
-   file://Configure-multilib.patch \
file://perl-configpm-switch.patch \
file://native-nopacklist.patch \
-   file://native-perlinc.patch \
file://MM_Unix.pm.patch \
file://debian/errno_ver.diff \
file://dynaloaderhack.patch \
-   file://perl-PathTools-don-t-filter-out-blib-from-INC.patch \

file://0001-Configure-Remove-fstack-protector-strong-for-native-.patch \
-  "
+   "
+
+SRC_URI[md5sum] = "70e988b4318739b0cf3ad5e120bfde88"
+SRC_URI[sha256sum] = 
"fe8208133e73e47afc3251c08d2c21c5a60160165a8ab8b669c43a420e4ec680"
 
-SRC_URI[md5sum] = "af6a84c7c3e2b8b269c105a5db2f6d53"
-SRC_URI[sha256sum] = 
"03a77bac4505c270f1890ece75afc7d4b555090b41aa41ea478747e23b2afb3f"
 
 inherit native
 
diff --git 
a/meta/recipes-devtools/perl/perl/0001-Configure-Remove-fstack-protector-strong-for-native-.patch
 
b/meta/recipes-devtools/perl/perl/0001-Configure-Remove-fstack-protector-strong-for-native-.patch
index 14a05d291b..36cd8939c3 100644
--- 
a/meta/recipes-devtools/perl/perl/0001-Configure-Remove-fstack-protector-strong-for-native-.patch
+++ 
b/meta/recipes-devtools/perl/perl/0001-Configure-Remove-fstack-protector-strong-for-native-.patch
@@ -15,6 +15,7 @@ Upstream-Status: Inappropriate [configuration]
 [1] http://errors.yoctoproject.org/Errors/Details/109589/
 
 Signed-off-by: Aníbal Limón 
+Signed-off-by: Leonardo Sandoval 
 ---
  Configure | 54 --
  1 file changed, 54 deletions(-)
diff --git a/meta/recipes-devtools/perl/perl/MM_Unix.pm.patch 
b/meta/recipes-devtools/perl/perl/MM_Unix.pm.patch
index eb92ccb678..cdae438d2c 100644
--- a/meta/recipes-devtools/perl/perl/MM_Unix.pm.patch
+++ b/meta/recipes-devtools/perl/perl/MM_Unix.pm.patch
@@ -7,16 +7,17 @@ To get the MakeMaker.pm works in this case, we need perl 
wrapper here
 instead of real perl binary.
 
 Signed-off-by: Wenzong Fan 
+Signed-off-by: Leonardo Sandoval 
 ===
 --- perl-5.12.3/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm.orig   
2011-08-12 16:07:30.0 +0800
 +++ perl-5.12.3/cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm
2011-08-12 16:08:56.0 +0800
-@@ -1019,6 +1019,9 @@
+@@ -1110,6 +1110,9 @@ WARNING
  }
  
  foreach my $name (@$names){
 +# Getting MakeMaker.pm use perl wrapper instead of 'perl.real' 
directly
 +$name =~ s/perl\.real/perl/ if ($name =~ /perl\.real/);
 +
- foreach my $dir (@$dirs){
- next unless defined $dir; # $self->{PERL_SRC} may be undefined
- my ($abs, $val);
+ my ($abs, $use_dir);
+ if ($self->file_name_is_absolute($name)) { # /foo/bar
+ $abs = $name;
diff --git a/meta/recipes-devtools/perl/perl/native-nopacklist.patch 
b/meta/recipes-devtools/perl/perl/native-nopacklist.patch
index 5482dcb79c..993f3302bf 100644
--- a/meta/recipes-devtools/perl/perl/native-nopacklist.patch
+++

[OE-core] [PATCH v2 4/5] libxml-namespacesupport-perl: upgrade to 1.12.9

2017-10-16 Thread leonardo . sandoval . gonzalez 
From: Leonardo Sandoval 

Signed-off-by: Leonardo Sandoval 
---
 .../perl/libxml-namespacesupport-perl_1.12.9.bb| 35 ++
 .../perl/libxml-namespacesupport-perl_1.12.bb  | 23 --
 2 files changed, 35 insertions(+), 23 deletions(-)
 create mode 100644 
meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.9.bb
 delete mode 100644 
meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.bb

diff --git a/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.9.bb 
b/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.9.bb
new file mode 100644
index 00..a7d26ea38c
--- /dev/null
+++ b/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.9.bb
@@ -0,0 +1,35 @@
+SUMMARY = "Perl module for supporting simple generic namespaces"
+HOMEPAGE = "http://veillard.com/XML/;
+DESCRIPTION = "XML::NamespaceSupport offers a simple way to process 
namespace-based XML names. \
+It also helps maintain a prefix-to-namespace URI map, and 
provides a number of \
+basic checks. "
+
+SECTION = "libs"
+LICENSE = "Artistic-1.0 | GPL-1.0+"
+PR = "r3"
+
+LIC_FILES_CHKSUM = 
"file://META.yml;beginline=22;endline=22;md5=9ca1a4a941496e7feedac72c4fb8b137"
+
+# the upstream project complicate a bit url generartion on point release, 
using a underscore
+# instead of a point on URL, i.e 1.12_9 instead of 1.12.9
+python () {
+baseurl = 
"http://search.cpan.org/CPAN/authors/id/P/PE/PERIGRIN/XML-NamespaceSupport;
+pv = d.getVar('PV')
+pvsplit = pv.split('.')
+
+if len(pvsplit) != 3:
+d.setVar('SRC_URI', "%s-%s.tar.gz" % (baseurl, pv))
+d.setVar('S', "${WORKDIR}/XML-NamespaceSupport-${PV}")
+else:
+pvx, pvy, pvz = pvsplit
+d.setVar('SRC_URI', "%s-%s.%s_%s.tar.gz" % (baseurl, pvx, pvy, pvz))
+d.setVar('S', "${WORKDIR}/XML-NamespaceSupport-%s.%s_%s" % (pvx, pvy, 
pvz))
+}
+
+SRC_URI[md5sum] = "165927a311fb640961b28607035beab8"
+SRC_URI[sha256sum] = 
"2e84a057f0a8c845a612d212742cb94fca4fc8a433150b5721bd448f77d1e4a9"
+
+inherit cpan
+
+BBCLASSEXTEND="native"
+
diff --git a/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.bb 
b/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.bb
deleted file mode 100644
index 3498a286d4..00
--- a/meta/recipes-extended/perl/libxml-namespacesupport-perl_1.12.bb
+++ /dev/null
@@ -1,23 +0,0 @@
-SUMMARY = "Perl module for supporting simple generic namespaces"
-HOMEPAGE = "http://veillard.com/XML/;
-DESCRIPTION = "XML::NamespaceSupport offers a simple way to process 
namespace-based XML names. \
-It also helps maintain a prefix-to-namespace URI map, and 
provides a number of \
-basic checks. "
-
-SECTION = "libs"
-LICENSE = "Artistic-1.0 | GPL-1.0+"
-PR = "r3"
-
-LIC_FILES_CHKSUM = 
"file://META.yml;beginline=22;endline=22;md5=9ca1a4a941496e7feedac72c4fb8b137"
-
-SRC_URI = 
"http://search.cpan.org/CPAN/authors/id/P/PE/PERIGRIN/XML-NamespaceSupport-${PV}.tar.gz;
-SRC_URI[md5sum] = "a8916c6d095bcf073e1108af02e78c97"
-SRC_URI[sha256sum] = 
"47e995859f8dd0413aa3f22d350c4a62da652e854267aa0586ae544ae2bae5ef"
-
-
-S = "${WORKDIR}/XML-NamespaceSupport-${PV}"
-
-inherit cpan
-
-BBCLASSEXTEND="native"
-
-- 
2.12.3

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2 2/5] perl: upgrade to 5.26.1

2017-10-16 Thread leonardo . sandoval . gonzalez 
From: Leonardo Sandoval 

Highlights:

* Patches rebased to 5.26.1 and just one removed

* Several configs values taken from upstream script uconfig[64].sh were 
introduced in
config.sh, avoiding pre-processor issues.

* Several libraries paths now included a './' as prefix, because by 
default, @INC does not
include the dot-slash anymore. More info at [1]

* Manifypods is excluded from compilation due to compilation errors (see 
patch for
more info)

* New perl creates a static library 
(/auto/Unicode/Normalize/Normalize.a) thus
there is a new staticdev package

New packages included (compared to previous version):

perl-module-math-bigint-lib
perl-module-test2
perl-module-test2-api
perl-module-test2-api-breakage
perl-module-test2-api-context
perl-module-test2-api-instance
perl-module-test2-api-stack
perl-module-test2-event
perl-module-test2-event-bail
perl-module-test2-event-diag
perl-module-test2-event-encoding
perl-module-test2-event-exception
perl-module-test2-event-generic
perl-module-test2-event-info
perl-module-test2-event-note
perl-module-test2-event-ok
perl-module-test2-event-plan
perl-module-test2-event-skip
perl-module-test2-event-subtest
perl-module-test2-event-tap-version
perl-module-test2-event-waiting
perl-module-test2-formatter
perl-module-test2-formatter-tap
perl-module-test2-hub
perl-module-test2-hub-interceptor
perl-module-test2-hub-interceptor-terminator
perl-module-test2-hub-subtest
perl-module-test2-ipc
perl-module-test2-ipc-driver
perl-module-test2-ipc-driver-files
perl-module-test2-tools-tiny
perl-module-test2-util
perl-module-test2-util-externalmeta
perl-module-test2-util-hashbase
perl-module-test2-util-trace
perl-module-test-builder-formatter
perl-module-test-builder-tododiag
perl-module-unicode-collate-locale-de-at-ph
perl-module-unicode-collate-locale-fr-ca
perl-module-unicode-collate-locale-he
perl-module-unicode-collate-locale-ug-cyrl
perl-module-unicode-collate-locale-vo
perl-module-unicode-normalize-staticdev

[1] https://wiki.gentoo.org/wiki/Project:Perl/5.26_Known_Issues

Signed-off-by: Leonardo Sandoval 
---
 ...depends_5.24.1.inc => perl-rdepends_5.26.1.inc} |   0
 meta/recipes-devtools/perl/perl/Makefile.SH.patch  |  82 +-
 .../perl/perl/PPPort_pm-fix-require.patch  |  28 
 .../perl/perl/PPPort_xs-fix-require.patch  |  36 
 .../perl/perl/avoid-manifypods.patch   |  28 
 .../perl/collade-makefile-use-local-mkheader.patch |  29 
 meta/recipes-devtools/perl/perl/config.sh  |  83 ++
 meta/recipes-devtools/perl/perl/config.sh-32   |   2 +
 meta/recipes-devtools/perl/perl/config.sh-64   |   2 +
 .../perl/perl/debian/fixes/respect_umask.diff  |  26 +--
 .../perl/perl/debian/no_packlist_perllocal.diff|  25 +--
 .../perl/perl/debian/prefix_changes.diff   |  33 ++--
 .../perl/perl/debian/writable_site_dirs.diff   |  14 +-
 .../perl/perl/letgcc-find-errno.patch  |  26 ++-
 .../perl/perl/native-nopacklist-native.patch   |  29 
 .../perl/perl/native-nopacklist-partial.patch  |  95 +++
 ...-PathTools-don-t-filter-out-blib-from-INC.patch |  22 +--
 ...erl-fix-conflict-between-skip_all-and-END.patch | 181 -
 .../perl/perl/perl-test-customized.patch   | 123 +++---
 .../perl/perl/pport_h-fix-require.patch|  42 +
 .../perl/perl/utils-Makefile-force-miniperl.patch  |  28 
 .../perl/perl/write_buildcustomize.patch   |  40 +
 .../perl/{perl_5.24.1.bb => perl_5.26.1.bb}|  14 +-
 23 files changed, 621 insertions(+), 367 deletions(-)
 rename meta/recipes-devtools/perl/{perl-rdepends_5.24.1.inc => 
perl-rdepends_5.26.1.inc} (100%)
 create mode 100644 meta/recipes-devtools/perl/perl/PPPort_pm-fix-require.patch
 create mode 100644 meta/recipes-devtools/perl/perl/PPPort_xs-fix-require.patch
 create mode 100644 meta/recipes-devtools/perl/perl/avoid-manifypods.patch
 create mode 100644 
meta/recipes-devtools/perl/perl/collade-makefile-use-local-mkheader.patch
 create mode 100644 
meta/recipes-devtools/perl/perl/native-nopacklist-native.patch
 create mode 100644 
meta/recipes-devtools/perl/perl/native-nopacklist-partial.patch
 delete mode 100644 
meta/recipes-devtools/perl/perl/perl-fix-conflict-between-skip_all-and-END.patch
 create mode 100644 meta/recipes-devtools/perl/perl/pport_h-fix-require.patch
 create mode 100644 
meta/recipes-devtools/perl/perl/utils-Makefile-force-miniperl.patch
 create mode 100644 meta/recipes-devtools/perl/perl/write_buildcustomize.patch
 rename meta/recipes-devtools/perl/{perl_5.24.1.bb => perl_5.26.1.bb} (94%)

diff --git a/meta/recipes-devtools/perl/perl-rdepends_5.24.1.inc

Re: [OE-core] [PATCH] python3-numpy: upgrade to 1.13.3

2017-10-16 Thread Jose Lamego 


On 10/16/2017 04:45 PM, Burton, Ross wrote:
> On 11 October 2017 at 22:15, Jose Lamego 
> wrote:
>
>> -SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"
>> -SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf
>> 8d4c2525379900f9cb478cc613a1e7cd93"
>> +SRC_URI[md5sum] = "c1d433e5973e548809e80c9118474b73"
>> +SRC_URI[sha256sum] = "4c6b4eef790528bebb7ec9590d74cc
>> 193868940fe68e4109a91c196df"
>>
> ERROR: python3-numpy-1.13.3-r0 do_fetch: Fetcher failure for URL: '
> https://github.com/numpy/numpy/releases/download/v1.13.3/numpy-1.13.3.tar.gz'.
> Checksum mismatch!
> File: '/home/ross/Yocto/downloads/numpy-1.13.3.tar.gz' has sha256 checksum
> 4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df72d8094 when
> 4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df was expected
> If this change is expected (e.g. you have upgraded to a new version without
> updating the checksums) then you can use these lines within the recipe:
> SRC_URI[md5sum] = "c1d433e5973e548809e80c9118474b73"
> SRC_URI[sha256sum] =
> "4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df72d8094"
>
> Looks like the copy/paste for the checksum was truncated, no idea how this
> built!
>
> I've fixed locally and am build testing now.

I'm pretty sure this was my mistake. Thanks

>
> Ross
>

-- 
Jose Lamego | OTC Embedded Platform & Tools | GDC

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] python3-numpy: upgrade to 1.13.3

2017-10-16 Thread Burton, Ross 
On 11 October 2017 at 22:15, Jose Lamego 
wrote:

> -SRC_URI[md5sum] = "6d459e4a24f5035f720dda3c57716a92"
> -SRC_URI[sha256sum] = "de020ec06f1e9ce1115a50161a38bf
> 8d4c2525379900f9cb478cc613a1e7cd93"
> +SRC_URI[md5sum] = "c1d433e5973e548809e80c9118474b73"
> +SRC_URI[sha256sum] = "4c6b4eef790528bebb7ec9590d74cc
> 193868940fe68e4109a91c196df"
>

ERROR: python3-numpy-1.13.3-r0 do_fetch: Fetcher failure for URL: '
https://github.com/numpy/numpy/releases/download/v1.13.3/numpy-1.13.3.tar.gz'.
Checksum mismatch!
File: '/home/ross/Yocto/downloads/numpy-1.13.3.tar.gz' has sha256 checksum
4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df72d8094 when
4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df was expected
If this change is expected (e.g. you have upgraded to a new version without
updating the checksums) then you can use these lines within the recipe:
SRC_URI[md5sum] = "c1d433e5973e548809e80c9118474b73"
SRC_URI[sha256sum] =
"4c6b4eef790528bebb7ec9590d74cc193868940fe68e4109a91c196df72d8094"

Looks like the copy/paste for the checksum was truncated, no idea how this
built!

I've fixed locally and am build testing now.

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] wayland-protocols: upgrade to 1.11

2017-10-16 Thread Burton, Ross 
On 16 October 2017 at 21:54, Denys Dmytriyenko  wrote:

> On Mon, Oct 16, 2017 at 09:31:49PM +0100, Burton, Ross wrote:
> > On 16 October 2017 at 18:48, Denys Dmytriyenko  wrote:
> >
> > > On Fri, Oct 13, 2017 at 12:28:25PM -0400, Denys Dmytriyenko wrote:
> > > > On Fri, Oct 13, 2017 at 12:33:35PM +0100, Burton, Ross wrote:
> > > > > On 12 October 2017 at 20:35, Denys Dmytriyenko 
> > > wrote:
> > > > >
> > > > > > From: Denys Dmytriyenko 
> > > > > >
> > > > > > Signed-off-by: Denys Dmytriyenko 
> > > > > >
> > > > >
> > > > > One day I'll figure out why quilt appears to be non-deterministic
> about
> > > > > this but:
> > > > >
> > > > > ERROR: wayland-protocols-1.11-r0 do_patch: Command Error: 'quilt
> > > --quiltrc
> > > > > /data/poky-tmp/master/build/work/all-poky-linux/wayland-
> > > protocols/1.11-r0/recipe-sysroot-native/etc/quiltrc
> > > > > push' exited with 0  Output:
> > > > > Applying patch usesysrootprefixforpkgdatadirvariable.patch
> > > >
> > > > I don't see this patch in master. Works fine in distroless and poky
> from
> > > > master.
> > >
> > > Ping.
> >
> > The patch fails here, so I'm waiting for a v2.
>
> As I said above - there's no usesysrootprefixforpkgdatadirvariable.patch
> in
> wayland-protocols recipe in master, master-next or rocko branches:
>
> http://cgit.openembedded.org/openembedded-core/tree/meta/
> recipes-graphics/wayland/wayland-protocols_1.10.bb
>
> Are you sure you don't have something in your local tree?
>

Damnit, yes.  There's an earlier series to remove the nasty hacks. I
realised this when I saw your first reply to my patch but then forgot
again, sorry!

One of them needs to land first, and they won.  Wait for master to re-open,
or rebase on top of ross/mut.

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] wayland-protocols: upgrade to 1.11

2017-10-16 Thread Denys Dmytriyenko 
On Mon, Oct 16, 2017 at 09:31:49PM +0100, Burton, Ross wrote:
> On 16 October 2017 at 18:48, Denys Dmytriyenko  wrote:
> 
> > On Fri, Oct 13, 2017 at 12:28:25PM -0400, Denys Dmytriyenko wrote:
> > > On Fri, Oct 13, 2017 at 12:33:35PM +0100, Burton, Ross wrote:
> > > > On 12 October 2017 at 20:35, Denys Dmytriyenko 
> > wrote:
> > > >
> > > > > From: Denys Dmytriyenko 
> > > > >
> > > > > Signed-off-by: Denys Dmytriyenko 
> > > > >
> > > >
> > > > One day I'll figure out why quilt appears to be non-deterministic about
> > > > this but:
> > > >
> > > > ERROR: wayland-protocols-1.11-r0 do_patch: Command Error: 'quilt
> > --quiltrc
> > > > /data/poky-tmp/master/build/work/all-poky-linux/wayland-
> > protocols/1.11-r0/recipe-sysroot-native/etc/quiltrc
> > > > push' exited with 0  Output:
> > > > Applying patch usesysrootprefixforpkgdatadirvariable.patch
> > >
> > > I don't see this patch in master. Works fine in distroless and poky from
> > > master.
> >
> > Ping.
> 
> The patch fails here, so I'm waiting for a v2.

As I said above - there's no usesysrootprefixforpkgdatadirvariable.patch in 
wayland-protocols recipe in master, master-next or rocko branches:

http://cgit.openembedded.org/openembedded-core/tree/meta/recipes-graphics/wayland/wayland-protocols_1.10.bb

Are you sure you don't have something in your local tree?

-- 
Denys
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v5 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Burton, Ross 
On 16 October 2017 at 18:30, Otavio Salvador <
otavio.salva...@ossystems.com.br> wrote:

>
> > +  
> > file://weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> \
> > +  file://fix-missing-header.patch \
>
> Those should be documented on commit log
>
>
Agreed.  The missing header one should say what platform causes it to be a
problem (in case it never gets upstreamed and someone tests it again on
just glibc).  And is the pitch patch sufficiently broken that we need to
backport it?

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] wayland-protocols: upgrade to 1.11

2017-10-16 Thread Burton, Ross 
On 16 October 2017 at 18:48, Denys Dmytriyenko  wrote:

> On Fri, Oct 13, 2017 at 12:28:25PM -0400, Denys Dmytriyenko wrote:
> > On Fri, Oct 13, 2017 at 12:33:35PM +0100, Burton, Ross wrote:
> > > On 12 October 2017 at 20:35, Denys Dmytriyenko 
> wrote:
> > >
> > > > From: Denys Dmytriyenko 
> > > >
> > > > Signed-off-by: Denys Dmytriyenko 
> > > >
> > >
> > > One day I'll figure out why quilt appears to be non-deterministic about
> > > this but:
> > >
> > > ERROR: wayland-protocols-1.11-r0 do_patch: Command Error: 'quilt
> --quiltrc
> > > /data/poky-tmp/master/build/work/all-poky-linux/wayland-
> protocols/1.11-r0/recipe-sysroot-native/etc/quiltrc
> > > push' exited with 0  Output:
> > > Applying patch usesysrootprefixforpkgdatadirvariable.patch
> >
> > I don't see this patch in master. Works fine in distroless and poky from
> > master.
>
> Ping.
>

The patch fails here, so I'm waiting for a v2.

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v5 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Denys Dmytriyenko 
On Mon, Oct 16, 2017 at 03:30:34PM -0200, Otavio Salvador wrote:
> On Mon, Oct 16, 2017 at 3:21 PM, Fabien Lahoudere
>  wrote:
> > Signed-off-by: Fabien Lahoudere 
> > ---
> >  .../wayland/weston/fix-missing-header.patch| 18 +++
> >  ...t-pitch-correctly-for-subsampled-textures.patch | 55 
> > ++
> >  .../wayland/{weston_2.0.0.bb => weston_3.0.0.bb}   | 17 +++
> >  3 files changed, 82 insertions(+), 8 deletions(-)
> >  create mode 100644 
> > meta/recipes-graphics/wayland/weston/fix-missing-header.patch
> >  create mode 100644 
> > meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> >  rename meta/recipes-graphics/wayland/{weston_2.0.0.bb => weston_3.0.0.bb} 
> > (89%)
> >
> > diff --git a/meta/recipes-graphics/wayland/weston/fix-missing-header.patch 
> > b/meta/recipes-graphics/wayland/weston/fix-missing-header.patch
> > new file mode 100644
> > index 00..5db3a17393
> > --- /dev/null
> > +++ b/meta/recipes-graphics/wayland/weston/fix-missing-header.patch
> > @@ -0,0 +1,18 @@
> > +Fix missing header
> > +
> > +Upstream-Status: Pending
> > +
> > +Signed-off-by: Fabien Lahoudere 
> > +
> > +Index: weston-3.0.0/shared/timespec-util.h
> > +===
> > +--- weston-3.0.0.orig/shared/timespec-util.h
> >  weston-3.0.0/shared/timespec-util.h
> > +@@ -28,6 +28,7 @@
> > +
> > + #include 
> > + #include 
> > ++#include 
> > +
> > + #define NSEC_PER_SEC 10
> > +
> > diff --git 
> > a/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> >  
> > b/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> > new file mode 100644
> > index 00..69284a9616
> > --- /dev/null
> > +++ 
> > b/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> > @@ -0,0 +1,55 @@
> > +Multi-plane sub-sampled textures have partial width/height, e.g.
> > +YUV420/I420 has a full-size Y plane, followed by a half-width/height U
> > +plane, and a half-width/height V plane.
> > +
> > +zwp_linux_dmabuf_v1 allows clients to pass an explicit pitch for each
> > +plane, but for wl_shm this must be inferred. gl-renderer was correctly
> > +accounting for the width and height when subsampling, but the pitch was
> > +being taken as the pitch for the first plane.
> > +
> > +This does not match the requirements for GStreamer's waylandsink, in
> > +particular, as well as other clients. Fix the SHM upload path to
> > +correctly set the pitch for each plane, according to subsampling.
> > +
> > +Tested with:
> > +  $ gst-launch-1.0 videotestsrc ! waylandsink
> > +
> > +Upstream-status: Backport [https://patchwork.freedesktop.org/patch/180767/]
> > +
> > +Signed-off-by: Daniel Stone 
> > +Fixes: fdeefe42418 ("gl-renderer: add support of WL_SHM_FORMAT_YUV420")
> > +Reported-by: Fabien Lahoudere 
> > +Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=103063
> > +
> > +---
> > + libweston/gl-renderer.c | 4 ++--
> > + 1 file changed, 2 insertions(+), 2 deletions(-)
> > +
> > +diff --git a/libweston/gl-renderer.c b/libweston/gl-renderer.c
> > +index 244ce309..40bf0bb6 100644
> > +--- a/libweston/gl-renderer.c
> >  b/libweston/gl-renderer.c
> > +@@ -1445,14 +1445,13 @@ gl_renderer_flush_damage(struct weston_surface 
> > *surface)
> > +   goto done;
> > +   }
> > +
> > +-  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch);
> > +-
> > +   if (gs->needs_full_upload) {
> > +   glPixelStorei(GL_UNPACK_SKIP_PIXELS_EXT, 0);
> > +   glPixelStorei(GL_UNPACK_SKIP_ROWS_EXT, 0);
> > +   wl_shm_buffer_begin_access(buffer->shm_buffer);
> > +   for (j = 0; j < gs->num_textures; j++) {
> > +   glBindTexture(GL_TEXTURE_2D, gs->textures[j]);
> > ++  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch / 
> > gs->hsub[j]);
> > +   glTexImage2D(GL_TEXTURE_2D, 0,
> > +gs->gl_format[j],
> > +gs->pitch / gs->hsub[j],
> > +@@ -1477,6 +1476,7 @@ gl_renderer_flush_damage(struct weston_surface 
> > *surface)
> > +   glPixelStorei(GL_UNPACK_SKIP_ROWS_EXT, r.y1);
> > +   for (j = 0; j < gs->num_textures; j++) {
> > +   glBindTexture(GL_TEXTURE_2D, gs->textures[j]);
> > ++  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch / 
> > gs->hsub[j]);
> > +   glTexSubImage2D(GL_TEXTURE_2D, 0,
> > +   r.x1 / gs->hsub[j],
> > +   r.y1 / gs->vsub[j],
> > diff --git

Re: [OE-core] ✗ patchtest: failure for "README.qemu: qemuppc64 is not ..." and 1 more

2017-10-16 Thread Leonardo Sandoval 
On Mon, 16 Oct 2017 14:39:45 -0400
Randy MacLeod  wrote:

> On 2017-10-16 12:00 PM, Patchwork wrote:
> > == Series Details ==
> > 
> > Series: "README.qemu: qemuppc64 is not ..." and 1 more
> > Revision: 1
> > URL   : https://patchwork.openembedded.org/series/9358/
> > State : failure
> > 
> > == Summary ==
> > 
> > 
> > Thank you for submitting this patch series to OpenEmbedded Core. This is
> > an automated response. Several tests have been executed on the proposed
> > series by patchtest resulting in the following failures:
> > 
> > 
> > 
> > * Issue Added patch file is missing Upstream-Status in the 
> > header [test_upstream_status_presence]
> >Suggested fixAdd Upstream-Status:  to the header of 
> > meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
> >  (possible values: Pending, Submitted, Accepted, Backport, Denied, 
> > Inappropriate)
> > 
> 
> I have:
> Upstream-status: Inappropriate [build rules rewrite in progress]
> 
> patchtest rules should be case insensitive most of the time and
> particularly for the first character of words in a labels so
>   [Uu]pstream-[Ss]tatus: is okay but not uPsTrEaM-sTaTuS:

This is a topic what have been discussed before and agreed to be strict and 
make it case sensitive. One of the reason (perhaps not the strongest) for the 
latter is that it makes much easier the scripting part but there may be other 
reasons that I can recall.

> 
> Also is there a list server for privately reviewing a patch by email?
> I looked at setting up patchtest locally but got distracted when the
> setup seemed to take more than a few minutes. Maybe I just need
> to focus for longer...

on your current branch, just run the patchtest script located at 
scripts/contrib/, that would provide basically the same log as the one gotten 
from patchwork.

> 
> 
> ../Randy
> 
> > 
> > 
> > If you believe any of these test results are incorrect, please reply to the
> > mailing list (openembedded-core@lists.openembedded.org) raising your 
> > concerns.
> > Otherwise we would appreciate you correcting the issues and submitting a new
> > version of the patchset if applicable. Please ensure you add/increment the
> > version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
> > [PATCH v3] -> ...).
> > 
> > ---
> > Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
> > Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
> > 
> > 
> 
> 
> -- 
> # Randy MacLeod.  WR Linux
> # Wind River an Intel Company
> -- 
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core


-- 
Leonardo Sandoval 
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH][pyro] wpa_supplicant: fix WPA2 key replay security bug

2017-10-16 Thread Ross Burton 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

Signed-off-by: Ross Burton 
---
 .../wpa-supplicant/key-replay-cve-multiple.patch   | 1025 
 .../wpa-supplicant/wpa-supplicant_2.6.bb   |1 +
 2 files changed, 1026 insertions(+)
 create mode 100644 
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch

diff --git 
a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
new file mode 100644
index 000..436520fe64b
--- /dev/null
+++ 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
@@ -0,0 +1,1025 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+
+Backport a number of patches from upstream to fix this.
+
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton 
+
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef 
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef 
+---
+ src/ap/ieee802_11.c  | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h|  3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h  |  1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
 b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+   struct ieee80211_ht_capabilities ht_cap;
+   struct ieee80211_vht_capabilities vht_cap;
++  int set = 1;
+ 
+   /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++   *
++   * Skip this if the STA has already completed FT reassociation and the
++   * TK has been configured since the TX/RX PN must not be reset to 0 for
++   * the same key.
+*/
+-  if (!sta->added_unassoc)
++  if (!sta->added_unassoc &&
++  (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++   !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+   hostapd_drv_sta_remove(hapd, sta->addr);
++  wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++  set = 0;
++  }
+ 
+ #ifdef CONFIG_IEEE80211N
+   if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data 
*hapd,
+

[OE-core] [PATCH][morty] wpa_supplicant: fix WPA2 key replay security bug

2017-10-16 Thread Ross Burton 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

Signed-off-by: Ross Burton 
---
 .../wpa-supplicant/key-replay-cve-multiple.patch   | 939 +
 .../wpa-supplicant/wpa-supplicant_2.5.bb   |   1 +
 2 files changed, 940 insertions(+)
 create mode 100644 
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch

diff --git 
a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
new file mode 100644
index 000..32fad29cf63
--- /dev/null
+++ 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
@@ -0,0 +1,939 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+
+Backport a number of patches from upstream to fix this.
+
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+
+Thanks to Wind River for the backport from upstream master to wpa_supplicant
+2.5.
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton 
+
+From 9a4a0f78bb2ad516d4a295fb5d042f8a61bd3f47 Mon Sep 17 00:00:00 2001
+From: Haiqing Bai 
+Date: Thu, 12 Oct 2017 10:13:17 +0800
+Subject: [PATCH 1/7] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef 
+
+Upstream-Status: Backport
+
+Signed-off-by: Haiqing Bai 
+---
+ src/ap/wpa_auth.c|  9 +
+ src/ap/wpa_auth.h|  3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h  |  1 +
+ 4 files changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/src/ap/wpa_auth.c b/src/ap/wpa_auth.c
+index 2760a3f..b38a64d 100644
+--- a/src/ap/wpa_auth.c
 b/src/ap/wpa_auth.c
+@@ -1740,6 +1740,9 @@ int wpa_auth_sm_event(struct wpa_state_machine *sm, enum 
wpa_event event)
+ #else /* CONFIG_IEEE80211R */
+   break;
+ #endif /* CONFIG_IEEE80211R */
++  case WPA_DRV_STA_REMOVED:
++  sm->tk_already_set = FALSE;
++  return 0;
+   }
+ 
+ #ifdef CONFIG_IEEE80211R
+@@ -3208,6 +3211,12 @@ int wpa_auth_sta_wpa_version(struct wpa_state_machine 
*sm)
+   return sm->wpa;
+ }
+ 
++int wpa_auth_sta_ft_tk_already_set(struct wpa_state_machine *sm)
++{
++  if (!sm || !wpa_key_mgmt_ft(sm->wpa_key_mgmt))
++  return 0;
++  return sm->tk_already_set;
++}
+ 
+ int wpa_auth_sta_clear_pmksa(struct wpa_state_machine *sm,
+struct rsn_pmksa_cache_entry *entry)
+diff --git a/src/ap/wpa_auth.h b/src/ap/wpa_auth.h
+index fd04f16..3e53461 100644
+--- a/src/ap/wpa_auth.h
 b/src/ap/wpa_auth.h
+@@ -258,7 +258,7 @@ void wpa_receive(struct wpa_authenticator *wpa_auth,
+u8 *data, size_t data_len);
+ enum wpa_event {
+   WPA_AUTH, WPA_ASSOC, WPA_DISASSOC, WPA_DEAUTH, WPA_REAUTH,
+-  WPA_REAUTH_EAPOL, WPA_ASSOC_FT
++  WPA_REAUTH_EAPOL, WPA_ASSOC_FT,

Re: [OE-core] ✗ patchtest: failure for "README.qemu: qemuppc64 is not ..." and 1 more

2017-10-16 Thread Randy MacLeod 

On 2017-10-16 12:00 PM, Patchwork wrote:

== Series Details ==

Series: "README.qemu: qemuppc64 is not ..." and 1 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9358/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Added patch file is missing Upstream-Status in the header 
[test_upstream_status_presence]
   Suggested fixAdd Upstream-Status:  to the header of 
meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 (possible values: Pending, Submitted, Accepted, Backport, Denied, Inappropriate)



I have:
   Upstream-status: Inappropriate [build rules rewrite in progress]

patchtest rules should be case insensitive most of the time and
particularly for the first character of words in a labels so
 [Uu]pstream-[Ss]tatus: is okay but not uPsTrEaM-sTaTuS:

Also is there a list server for privately reviewing a patch by email?
I looked at setting up patchtest locally but got distracted when the
setup seemed to take more than a few minutes. Maybe I just need
to focus for longer...


../Randy




If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe





--
# Randy MacLeod.  WR Linux
# Wind River an Intel Company
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] nettle-ptest: fix a failing test

2017-10-16 Thread Bystricky, Juro 

> It should look in paths relative to LD_LIBRARY_PATH, do you see it
> doesn't happen ?
> 

The problem is, for dlopen relative/absolute names LD_LIBRARY_PATH
is not used. 

The man for dlopen says:
If filename contains a slash ("/"), then it is interpreted as a (relative or 
absolute) pathname.  Otherwise <...> if the dynamic linker at  the  time  that  
the  program  was started, the environment variable LD_LIBRARY_PATH was defined 
to contain a colon-separated list of directories, then these are searched.

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] systemctl-native: add target.wants to target regex

2017-10-16 Thread Martin Kelly 
The regex for acceptable systemd WantedBy/RequiredBy targets does not include
target.wants, so a line like this:

WantedBy=multi-user.target.wants

gets silently ignored, even though it works fine on a real system.

Signed-off-by: Martin Kelly 
---
 meta/recipes-core/systemd/systemd-systemctl/systemctl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl 
b/meta/recipes-core/systemd/systemd-systemctl/systemctl
index efad14ce17..6e5a1b7181 100755
--- a/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -108,7 +108,7 @@ for service in $services; do
 
# If any new unit types are added to systemd they should be added
# to this regular expression.
-   
unit_types_re='\.\(service\|socket\|device\|mount\|automount\|swap\|target\|path\|timer\|snapshot\)\s*$'
+   
unit_types_re='\.\(service\|socket\|device\|mount\|automount\|swap\|target\|target\.wants\|path\|timer\|snapshot\)\s*$'
if [ "$action" = "preset" ]; then
action=`egrep -sh  $service 
$ROOT/etc/systemd/user-preset/*.preset | cut -f1 -d' '`
if [ -z "$action" ]; then
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] wayland-protocols: upgrade to 1.11

2017-10-16 Thread Denys Dmytriyenko 
On Fri, Oct 13, 2017 at 12:28:25PM -0400, Denys Dmytriyenko wrote:
> On Fri, Oct 13, 2017 at 12:33:35PM +0100, Burton, Ross wrote:
> > On 12 October 2017 at 20:35, Denys Dmytriyenko  wrote:
> > 
> > > From: Denys Dmytriyenko 
> > >
> > > Signed-off-by: Denys Dmytriyenko 
> > >
> > 
> > One day I'll figure out why quilt appears to be non-deterministic about
> > this but:
> > 
> > ERROR: wayland-protocols-1.11-r0 do_patch: Command Error: 'quilt --quiltrc
> > /data/poky-tmp/master/build/work/all-poky-linux/wayland-protocols/1.11-r0/recipe-sysroot-native/etc/quiltrc
> > push' exited with 0  Output:
> > Applying patch usesysrootprefixforpkgdatadirvariable.patch
> 
> I don't see this patch in master. Works fine in distroless and poky from 
> master.

Ping.


> > patching file wayland-protocols.pc.in
> > Hunk #1 FAILED at 1.
> > 1 out of 1 hunk FAILED -- rejects in file wayland-protocols.pc.in
> > Patch usesysrootprefixforpkgdatadirvariable.patch can be reverse-applied
> > 
> > Ross
> -- 
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] feature-arm-vfp.inc: drop unnecessary extra space from TUNE_CCARGS

2017-10-16 Thread Andre McCurdy 
The trailing space added to TUNE_CCARGS when appending -mfpu=XXX is
unnecessary and leads to a double space in the final value.

Signed-off-by: Andre McCurdy 
---
 meta/conf/machine/include/arm/feature-arm-vfp.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/conf/machine/include/arm/feature-arm-vfp.inc 
b/meta/conf/machine/include/arm/feature-arm-vfp.inc
index 667b609..7ae7456 100644
--- a/meta/conf/machine/include/arm/feature-arm-vfp.inc
+++ b/meta/conf/machine/include/arm/feature-arm-vfp.inc
@@ -5,8 +5,8 @@
 TUNEVALID[vfp] = "Enable Vector Floating Point (vfp) unit."
 TUNE_CCARGS_MFPU .= "${@bb.utils.contains('TUNE_FEATURES', 'vfp', ' vfp', '', 
d)}"
 
-TUNE_CCARGS  .= "${@ (' -mfpu=%s ' % d.getVar('TUNE_CCARGS_MFPU').split()[-1]) 
if (d.getVar('TUNE_CCARGS_MFPU') != '') else ''}"
-ARMPKGSFX_FPU = "${@ ('-%s'% 
d.getVar('TUNE_CCARGS_MFPU').split()[-1].replace('vfpv3-d16', 'vfpv3d16')) if 
(d.getVar('TUNE_CCARGS_MFPU') != '') else ''}"
+TUNE_CCARGS  .= "${@ (' -mfpu=%s' % d.getVar('TUNE_CCARGS_MFPU').split()[-1]) 
if (d.getVar('TUNE_CCARGS_MFPU') != '') else ''}"
+ARMPKGSFX_FPU = "${@ ('-%s'   % 
d.getVar('TUNE_CCARGS_MFPU').split()[-1].replace('vfpv3-d16', 'vfpv3d16')) if 
(d.getVar('TUNE_CCARGS_MFPU') != '') else ''}"
 
 TUNEVALID[callconvention-hard] = "Enable EABI hard float call convention, 
requires VFP."
 TUNE_CCARGS_MFLOAT = "${@ bb.utils.contains('TUNE_FEATURES', 
'callconvention-hard', 'hard', 'softfp', d) if (d.getVar('TUNE_CCARGS_MFPU') != 
'') else '' }"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v5 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Otavio Salvador 
On Mon, Oct 16, 2017 at 3:21 PM, Fabien Lahoudere
 wrote:
> Signed-off-by: Fabien Lahoudere 
> ---
>  .../wayland/weston/fix-missing-header.patch| 18 +++
>  ...t-pitch-correctly-for-subsampled-textures.patch | 55 
> ++
>  .../wayland/{weston_2.0.0.bb => weston_3.0.0.bb}   | 17 +++
>  3 files changed, 82 insertions(+), 8 deletions(-)
>  create mode 100644 
> meta/recipes-graphics/wayland/weston/fix-missing-header.patch
>  create mode 100644 
> meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
>  rename meta/recipes-graphics/wayland/{weston_2.0.0.bb => weston_3.0.0.bb} 
> (89%)
>
> diff --git a/meta/recipes-graphics/wayland/weston/fix-missing-header.patch 
> b/meta/recipes-graphics/wayland/weston/fix-missing-header.patch
> new file mode 100644
> index 00..5db3a17393
> --- /dev/null
> +++ b/meta/recipes-graphics/wayland/weston/fix-missing-header.patch
> @@ -0,0 +1,18 @@
> +Fix missing header
> +
> +Upstream-Status: Pending
> +
> +Signed-off-by: Fabien Lahoudere 
> +
> +Index: weston-3.0.0/shared/timespec-util.h
> +===
> +--- weston-3.0.0.orig/shared/timespec-util.h
>  weston-3.0.0/shared/timespec-util.h
> +@@ -28,6 +28,7 @@
> +
> + #include 
> + #include 
> ++#include 
> +
> + #define NSEC_PER_SEC 10
> +
> diff --git 
> a/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
>  
> b/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> new file mode 100644
> index 00..69284a9616
> --- /dev/null
> +++ 
> b/meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
> @@ -0,0 +1,55 @@
> +Multi-plane sub-sampled textures have partial width/height, e.g.
> +YUV420/I420 has a full-size Y plane, followed by a half-width/height U
> +plane, and a half-width/height V plane.
> +
> +zwp_linux_dmabuf_v1 allows clients to pass an explicit pitch for each
> +plane, but for wl_shm this must be inferred. gl-renderer was correctly
> +accounting for the width and height when subsampling, but the pitch was
> +being taken as the pitch for the first plane.
> +
> +This does not match the requirements for GStreamer's waylandsink, in
> +particular, as well as other clients. Fix the SHM upload path to
> +correctly set the pitch for each plane, according to subsampling.
> +
> +Tested with:
> +  $ gst-launch-1.0 videotestsrc ! waylandsink
> +
> +Upstream-status: Backport [https://patchwork.freedesktop.org/patch/180767/]
> +
> +Signed-off-by: Daniel Stone 
> +Fixes: fdeefe42418 ("gl-renderer: add support of WL_SHM_FORMAT_YUV420")
> +Reported-by: Fabien Lahoudere 
> +Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=103063
> +
> +---
> + libweston/gl-renderer.c | 4 ++--
> + 1 file changed, 2 insertions(+), 2 deletions(-)
> +
> +diff --git a/libweston/gl-renderer.c b/libweston/gl-renderer.c
> +index 244ce309..40bf0bb6 100644
> +--- a/libweston/gl-renderer.c
>  b/libweston/gl-renderer.c
> +@@ -1445,14 +1445,13 @@ gl_renderer_flush_damage(struct weston_surface 
> *surface)
> +   goto done;
> +   }
> +
> +-  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch);
> +-
> +   if (gs->needs_full_upload) {
> +   glPixelStorei(GL_UNPACK_SKIP_PIXELS_EXT, 0);
> +   glPixelStorei(GL_UNPACK_SKIP_ROWS_EXT, 0);
> +   wl_shm_buffer_begin_access(buffer->shm_buffer);
> +   for (j = 0; j < gs->num_textures; j++) {
> +   glBindTexture(GL_TEXTURE_2D, gs->textures[j]);
> ++  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch / 
> gs->hsub[j]);
> +   glTexImage2D(GL_TEXTURE_2D, 0,
> +gs->gl_format[j],
> +gs->pitch / gs->hsub[j],
> +@@ -1477,6 +1476,7 @@ gl_renderer_flush_damage(struct weston_surface 
> *surface)
> +   glPixelStorei(GL_UNPACK_SKIP_ROWS_EXT, r.y1);
> +   for (j = 0; j < gs->num_textures; j++) {
> +   glBindTexture(GL_TEXTURE_2D, gs->textures[j]);
> ++  glPixelStorei(GL_UNPACK_ROW_LENGTH_EXT, gs->pitch / 
> gs->hsub[j]);
> +   glTexSubImage2D(GL_TEXTURE_2D, 0,
> +   r.x1 / gs->hsub[j],
> +   r.y1 / gs->vsub[j],
> diff --git a/meta/recipes-graphics/wayland/weston_2.0.0.bb 
> b/meta/recipes-graphics/wayland/weston_3.0.0.bb
> similarity index 89%
> rename from meta/recipes-graphics/wayland/weston_2.0.0.bb
> rename to meta/recipes-graphics/wayland/weston_3.0.0.bb
> index 8160f5556d..ad0cdc2b0f 100644
> ---

[OE-core] ✗ patchtest: failure for "[v5] wayland : Bump to version..." and 2 more

2017-10-16 Thread Patchwork 
== Series Details ==

Series: "[v5] wayland : Bump to version..." and 2 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9362/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Added patch file is missing Upstream-Status in the header 
[test_upstream_status_presence] 
  Suggested fixAdd Upstream-Status:  to the header of 
meta/recipes-graphics/wayland/weston/weston-gl-renderer-Set-pitch-correctly-for-subsampled-textures.patch
 (possible values: Pending, Submitted, Accepted, Backport, Denied, 
Inappropriate)

* Issue A patch file has been added, but does not have a 
Signed-off-by tag [test_signed_off_by_presence] 
  Suggested fixSign off the added patch file 
(meta/recipes-graphics/wayland/wayland-protocols/usesysrootprefixforpkgdatadirvariable.patch)



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v5 1/3] wayland : Bump to version 1.14.0

2017-10-16 Thread Fabien Lahoudere 
Bad serie please ignore.

Sorry

On Mon, 2017-10-16 at 19:21 +0200, Fabien Lahoudere wrote:
> Signed-off-by: Fabien Lahoudere 
> ---
>  .../recipes-graphics/wayland/{wayland_1.13.0.bb => wayland_1.14.0.bb} | 4 
> ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>  rename meta/recipes-graphics/wayland/{wayland_1.13.0.bb => 
> wayland_1.14.0.bb} (92%)
> 
> diff --git a/meta/recipes-graphics/wayland/wayland_1.13.0.bb b/meta/recipes-
> graphics/wayland/wayland_1.14.0.bb
> similarity index 92%
> rename from meta/recipes-graphics/wayland/wayland_1.13.0.bb
> rename to meta/recipes-graphics/wayland/wayland_1.14.0.bb
> index b9396b6c75..2a2489d658 100644
> --- a/meta/recipes-graphics/wayland/wayland_1.13.0.bb
> +++ b/meta/recipes-graphics/wayland/wayland_1.14.0.bb
> @@ -14,8 +14,8 @@ DEPENDS = "expat libxml2 libffi wayland-native"
>  
>  SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
> "
> -SRC_URI[md5sum] = "cae152ed956da6de53f9727bc1c45039"
> -SRC_URI[sha256sum] = 
> "69b052c031a61e89af7cc8780893d0da1e301492352aa449dee9345043e6fe51"
> +SRC_URI[md5sum] = "0235f6075c32c3be61cff94fa0b9f108"
> +SRC_URI[sha256sum] = 
> "ed80cabc0961a759a42092e2c39aabfc1ec9a13c86c98bbe2b812f008da27ab8"
>  
>  inherit autotools pkgconfig
>  
-- 
Fabien
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v5 2/3] wayland-protocols: Fix installation patch issue

2017-10-16 Thread Fabien Lahoudere 
This patch also remove workaround to find wayland-protocols:

WAYLAND_PROTOCOLS_SYSROOT_DIR=${RECIPE_SYSROOT}

in:

- gtk+3
- libsdl2
- xserver-xorg
- gstreamer1.0-plugins-bad
- weston-2.0.0

Signed-off-by: Fabien Lahoudere 
---
 meta/recipes-gnome/gtk+/gtk+3.inc  |  1 -
 meta/recipes-graphics/libsdl2/libsdl2_2.0.5.bb |  2 +-
 .../usesysrootprefixforpkgdatadirvariable.patch| 27 ++
 .../wayland/wayland-protocols_1.10.bb  |  1 +
 meta/recipes-graphics/wayland/weston_2.0.0.bb  |  1 -
 .../recipes-graphics/xorg-xserver/xserver-xorg.inc |  1 -
 .../gstreamer/gstreamer1.0-plugins-bad_1.12.2.bb   |  1 -
 7 files changed, 29 insertions(+), 5 deletions(-)
 create mode 100644 
meta/recipes-graphics/wayland/wayland-protocols/usesysrootprefixforpkgdatadirvariable.patch

diff --git a/meta/recipes-gnome/gtk+/gtk+3.inc 
b/meta/recipes-gnome/gtk+/gtk+3.inc
index 0a357db049..420ead2ca2 100644
--- a/meta/recipes-gnome/gtk+/gtk+3.inc
+++ b/meta/recipes-gnome/gtk+/gtk+3.inc
@@ -35,7 +35,6 @@ EXTRA_OECONF += " \
  --enable-modules \
  --disable-cups \
  --disable-colord \
- WAYLAND_PROTOCOLS_SYSROOT_DIR=${RECIPE_SYSROOT} \
  ${@bb.utils.contains("DISTRO_FEATURES", "x11", "", 
"--disable-gtk-doc", d)} \
  "
 
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.5.bb 
b/meta/recipes-graphics/libsdl2/libsdl2_2.0.5.bb
index 12d3aaf6f0..6bfa13200b 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.5.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.5.bb
@@ -35,7 +35,7 @@ EXTRA_OECONF = "--disable-oss --disable-esd --disable-arts \
 --enable-pthreads \
 --enable-sdl-dlopen \
 --disable-rpath \
-WAYLAND_PROTOCOLS_SYSROOT_DIR=${RECIPE_SYSROOT}"
+"
 
 # opengl packageconfig factored out to make it easy for distros
 # and BSP layers to pick either (desktop) opengl, gles2, or no GL
diff --git 
a/meta/recipes-graphics/wayland/wayland-protocols/usesysrootprefixforpkgdatadirvariable.patch
 
b/meta/recipes-graphics/wayland/wayland-protocols/usesysrootprefixforpkgdatadirvariable.patch
new file mode 100644
index 00..0922a4d2c2
--- /dev/null
+++ 
b/meta/recipes-graphics/wayland/wayland-protocols/usesysrootprefixforpkgdatadirvariable.patch
@@ -0,0 +1,27 @@
+From 875130ee3cbcf62266901ef4b91b9a0fb6adad43 Mon Sep 17 00:00:00 2001
+From: Tomek Bury 
+Date: Fri, 4 Aug 2017 16:16:38 +0100
+Subject: Use sysroot prefix for pkgdatadir variable
+
+The pc_sysroot is automatically added to cflags and libs but not
+to 'pkg-config --variable'
+
+Upstream-Status: Backport 
[https://cgit.freedesktop.org/wayland/wayland-protocols/commit/?id=875130ee3cbcf62266901ef4b91b9a0fb6adad43]
+
+Reviewed-by: Daniel Stone 
+
+diff --git a/wayland-protocols.pc.in b/wayland-protocols.pc.in
+index a26744c..379be06 100644
+--- a/wayland-protocols.pc.in
 b/wayland-protocols.pc.in
+@@ -1,6 +1,6 @@
+ prefix=@prefix@
+ datarootdir=@datarootdir@
+-pkgdatadir=@datadir@/@PACKAGE@
++pkgdatadir=${pc_sysrootdir}@datadir@/@PACKAGE@
+ 
+ Name: Wayland Protocols
+ Description: Wayland protocol files
+-- 
+cgit v0.10.2
+
diff --git a/meta/recipes-graphics/wayland/wayland-protocols_1.10.bb 
b/meta/recipes-graphics/wayland/wayland-protocols_1.10.bb
index 4f9e9f32bf..1ff12c607b 100644
--- a/meta/recipes-graphics/wayland/wayland-protocols_1.10.bb
+++ b/meta/recipes-graphics/wayland/wayland-protocols_1.10.bb
@@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=c7b12b6702da38ca028ace54aae3d484 \
 
file://stable/presentation-time/presentation-time.xml;endline=26;md5=4646cd7d9edc9fa55db941f2d3a7dc53"
 
 SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
+  file://usesysrootprefixforpkgdatadirvariable.patch \
"
 SRC_URI[md5sum] = "84a7846c2b6a6a3e265fc9be36453e60"
 SRC_URI[sha256sum] = 
"5719c51d7354864983171c5083e93a72ac99229e2b460c4bb10513de08839c0a"
diff --git a/meta/recipes-graphics/wayland/weston_2.0.0.bb 
b/meta/recipes-graphics/wayland/weston_2.0.0.bb
index 54b07bd6b9..8160f5556d 100644
--- a/meta/recipes-graphics/wayland/weston_2.0.0.bb
+++ b/meta/recipes-graphics/wayland/weston_2.0.0.bb
@@ -25,7 +25,6 @@ DEPENDS += "wayland wayland-protocols libinput virtual/egl 
pango wayland-native"
 
 EXTRA_OECONF = "--enable-setuid-install \
 --disable-rdp-compositor \
-WAYLAND_PROTOCOLS_SYSROOT_DIR=${RECIPE_SYSROOT} \
 "
 EXTRA_OECONF_append_qemux86 = "\
WESTON_NATIVE_BACKEND=fbdev-backend.so \
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 863d80ce43..e8025de55f 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++

[OE-core] [PATCH v5 1/3] wayland : Bump to version 1.14.0

2017-10-16 Thread Fabien Lahoudere 
Signed-off-by: Fabien Lahoudere 
---
 .../recipes-graphics/wayland/{wayland_1.13.0.bb => wayland_1.14.0.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-graphics/wayland/{wayland_1.13.0.bb => wayland_1.14.0.bb} 
(92%)

diff --git a/meta/recipes-graphics/wayland/wayland_1.13.0.bb 
b/meta/recipes-graphics/wayland/wayland_1.14.0.bb
similarity index 92%
rename from meta/recipes-graphics/wayland/wayland_1.13.0.bb
rename to meta/recipes-graphics/wayland/wayland_1.14.0.bb
index b9396b6c75..2a2489d658 100644
--- a/meta/recipes-graphics/wayland/wayland_1.13.0.bb
+++ b/meta/recipes-graphics/wayland/wayland_1.14.0.bb
@@ -14,8 +14,8 @@ DEPENDS = "expat libxml2 libffi wayland-native"
 
 SRC_URI = "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
"
-SRC_URI[md5sum] = "cae152ed956da6de53f9727bc1c45039"
-SRC_URI[sha256sum] = 
"69b052c031a61e89af7cc8780893d0da1e301492352aa449dee9345043e6fe51"
+SRC_URI[md5sum] = "0235f6075c32c3be61cff94fa0b9f108"
+SRC_URI[sha256sum] = 
"ed80cabc0961a759a42092e2c39aabfc1ec9a13c86c98bbe2b812f008da27ab8"
 
 inherit autotools pkgconfig
 
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/2] systemctl-native: explicitly check target validity

2017-10-16 Thread Martin Kelly 
Currently, we parse systemd service files looking for valid WantedBy and
RequiredBy lines. However, invalid lines get silently rejected, causing recipes
to build correctly but then not get enabled in the rootfs.

Add explicit checks for validity and print a message when an invalid target is
found so that the user can fix these issues.

Signed-off-by: Martin Kelly 
---
 .../systemd/systemd-systemctl/systemctl| 37 ++
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/meta/recipes-core/systemd/systemd-systemctl/systemctl 
b/meta/recipes-core/systemd/systemd-systemctl/systemctl
index 6e5a1b7181..3bed407d9e 100755
--- a/meta/recipes-core/systemd/systemd-systemctl/systemctl
+++ b/meta/recipes-core/systemd/systemd-systemctl/systemctl
@@ -1,4 +1,24 @@
 #!/bin/sh
+
+check_target_validity() {
+local line_reg="$1"
+local service_file="$2"
+local unit_types_re="$3"
+
+local line="$(sed $line_reg "$service_file")"
+if [ -z "$line" ]; then
+# Line was not found; there's nothing to check.
+return
+fi
+
+if ! echo $line | grep -q $unit_types_re; then
+echo "One or more of the target types in the service were not 
recognized as valid."
+echo "Service: $service_file"
+echo "Targets: $line"
+exit 1
+fi
+}
+
 echo "Started $0 $*"
 
 ROOT=
@@ -120,15 +140,18 @@ for service in $services; do
fi
fi
fi
-   # create the required symbolic links
-   wanted_by=$(sed '/^WantedBy[[:space:]]*=/s,[^=]*=,,p;d' 
"$ROOT/$service_file" \
-   | tr ',' '\n' \
-   | grep "$unit_types_re")
 
-   required_by=$(sed '/^RequiredBy[[:space:]]*=/s,[^=]*=,,p;d' 
"$ROOT/$service_file" \
-   | tr ',' '\n' \
-   | grep "$unit_types_re")
+check_target_validity \
+'/^WantedBy[[:space:]]*=/s,[^=]*=,,p;d' \
+"$ROOT/$service_file" \
+"$unit_types_re"
 
+check_target_validity \
+'/^RequiredBy[[:space:]]*=/s,[^=]*=,,p;d' \
+"$ROOT/$service_file" \
+"$unit_types_re"
+
+   # create the required symbolic links
for dependency in WantedBy RequiredBy; do
if [ "$dependency" = "WantedBy" ]; then
suffix="wants"
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v4 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Fabien Lahoudere 
Hi Ross
I fix this by adding "#include " in shared/timespec-util.hI will send a 
v5
Thanks
Fabien
On Mon, 2017-10-16 at 13:14 +0100, Burton, Ross wrote:
> Fails on the autobuilder when build against musl:
> http://errors.yoctoproject.org/Errors/Details/157183/
> 
> Ross
> On 28 September 2017 at 17:01, Fabien Lahoudere 
>  wrote:
> > Signed-off-by: Fabien Lahoudere 
> > 
> > ---
> > 
> >  .../wayland/{weston_2.0.0.bb => weston_3.0.0.bb}          | 15 
> > +++
> > 
> >  1 file changed, 7 insertions(+), 8 deletions(-)
> > 
> >  rename meta/recipes-graphics/wayland/{weston_2.0.0.bb => weston_3.0.0.bb} 
> > (90%)
> > 
> > 
> > 
> > diff --git a/meta/recipes-graphics/wayland/weston_2.0.0.bb b/meta/recipes-
> > graphics/wayland/weston_3.0.0.bb
> > 
> > similarity index 90%
> > 
> > rename from meta/recipes-graphics/wayland/weston_2.0.0.bb
> > 
> > rename to meta/recipes-graphics/wayland/weston_3.0.0.bb
> > 
> > index 8160f55..6b3fad7 100644
> > 
> > --- a/meta/recipes-graphics/wayland/weston_2.0.0.bb
> > 
> > +++ b/meta/recipes-graphics/wayland/weston_3.0.0.bb
> > 
> > @@ -9,12 +9,11 @@ SRC_URI = 
> > "https://wayland.freedesktop.org/releases/${BPN}-${PV}.tar.xz \
> > 
> >             file://weston.png \
> > 
> >             file://weston.desktop \
> > 
> >             file://0001-make-error-portable.patch \
> > 
> > -           file://0001-configure.ac-Fix-wayland-protocols-path.patch \
> > 
> >             file://xwayland.weston-start \
> > 
> >             
> > file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch \
> > 
> >  "
> > 
> > -SRC_URI[md5sum] = "15f38945942bf2a91fe2687145fb4c7d"
> > 
> > -SRC_URI[sha256sum] = 
> > "b4e446ac27f118196f1609dab89bb3cb3e81652d981414ad860e733b355365d8"
> > 
> > +SRC_URI[md5sum] = "9c42a4c51a1b9f35d040fa9d45ada36d"
> > 
> > +SRC_URI[sha256sum] = 
> > "cde1d55e8dd70c3cbb3d1ec72f60e6041579caa1d6a262bd9c35e93723a5"
> > 
> > 
> > 
> >  inherit autotools pkgconfig useradd distro_features_check
> > 
> >  # depends on virtual/egl
> > 
> > @@ -76,7 +75,7 @@ PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam"
> > 
> > 
> > 
> >  do_install_append() {
> > 
> >         # Weston doesn't need the .la files to load modules, so wipe them
> > 
> > -       rm -f ${D}/${libdir}/libweston-2/*.la
> > 
> > +       rm -f ${D}/${libdir}/libweston-3/*.la
> > 
> > 
> > 
> >         # If X11, ship a desktop file to launch it
> > 
> >         if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then
> > 
> > @@ -93,16 +92,16 @@ do_install_append() {
> > 
> >  }
> > 
> > 
> > 
> >  PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'xwayland', 
> > '${PN}-xwayland', '', d)} \
> > 
> > -             libweston-2 ${PN}-examples"
> > 
> > +             libweston-3 ${PN}-examples"
> > 
> > 
> > 
> >  FILES_${PN} = "${bindir}/weston ${bindir}/weston-terminal 
> > ${bindir}/weston-info
> > ${bindir}/weston-launch ${bindir}/wcap-decode ${libexecdir} 
> > ${libdir}/${BPN}/*.so ${datadir}"
> > 
> > 
> > 
> > -FILES_libweston-2 = "${libdir}/lib*${SOLIBS} ${libdir}/libweston-2/*.so"
> > 
> > -SUMMARY_libweston-2 = "Helper library for implementing 'wayland window 
> > managers'."
> > 
> > +FILES_libweston-3 = "${libdir}/lib*${SOLIBS} ${libdir}/libweston-3/*.so"
> > 
> > +SUMMARY_libweston-3 = "Helper library for implementing 'wayland window 
> > managers'."
> > 
> > 
> > 
> >  FILES_${PN}-examples = "${bindir}/*"
> > 
> > 
> > 
> > -FILES_${PN}-xwayland = "${libdir}/libweston-2/xwayland.so"
> > 
> > +FILES_${PN}-xwayland = "${libdir}/libweston-3/xwayland.so"
> > 
> >  RDEPENDS_${PN}-xwayland += "xserver-xorg-xwayland"
> > 
> > 
> > 
> >  RDEPENDS_${PN} += "xkeyboard-config"
> > 
> > --
> > 
> > 1.8.3.1
> > 
> > 
> > 
> > --
> > 
> > ___
> > 
> > Openembedded-core mailing list
> > 
> > Openembedded-core@lists.openembedded.org
> > 
> > http://lists.openembedded.org/mailman/listinfo/openembedded-core
> > 
> > -- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 6/7] gcc6: Upgrade to 6.4

2017-10-16 Thread Otavio Salvador 
On Mon, Oct 16, 2017 at 1:50 PM, Khem Raj  wrote:
> On Mon, Oct 16, 2017 at 4:53 AM, Otavio Salvador
>  wrote:
>> On Sun, Oct 15, 2017 at 5:06 PM, Andre McCurdy  wrote:
>>> On Sat, Oct 14, 2017 at 10:21 PM, akuster808  wrote:
 why do we continue to maintain 2 versions of gcc?
>>>
>>> Probably the same reason why Buildroot continues to maintain 4
>>> versions of gcc, it's useful for end users.
>>>
>>>   https://git.buildroot.net/buildroot/tree/package/gcc
>>
>> We keep all user space and toolchain up to date so upgrading the GCC
>> is straightforward.  That said the gcc cannot vary from one machine to
>> another so if a vendor wants to use an old release, it can be done
>> using their distro.
>>
>> I am against maintaining two GCC versions as it increases the amount
>> of testing needed. Instead I'd prefer to have clang merged on oe-core
>> instead and easy its adoption / test.
>
> In practice, there are a large set of applications that customers have porting
> to do when major compiler version changes (e.g. 6 to 7), unless there
> is a feasible path for upgrade people
> will refrain from upgrading to newer versions of releases. Its not a
> trivial task
> to upgrade systemdwide compiler in any distro. So its a good strategy to have
> two versions overlapping for few releases, this smoothens the migration for
> large application bases.

Agreed and rocko has this; for 2.5 we don't need to provide two
versions one more time.

-- 
Otavio Salvador O.S. Systems
http://www.ossystems.com.brhttp://code.ossystems.com.br
Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] wpa_supplicant: fix WPA2 key replay security bug

2017-10-16 Thread Ross Burton 
WPA2 is vulnerable to replay attacks which result in unauthenticated users
having access to the network.

* CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake

* CVE-2017-13078: reinstallation of the group key in the Four-way handshake

* CVE-2017-13079: reinstallation of the integrity group key in the Four-way
handshake

* CVE-2017-13080: reinstallation of the group key in the Group Key handshake

* CVE-2017-13081: reinstallation of the integrity group key in the Group Key
handshake

* CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation
Request and reinstalling the pairwise key while processing it

* CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS)
PeerKey (TPK) key in the TDLS handshake

* CVE-2017-13087: reinstallation of the group key (GTK) when processing a
Wireless Network Management (WNM) Sleep Mode Response frame

* CVE-2017-13088: reinstallation of the integrity group key (IGTK) when
processing a Wireless Network Management (WNM) Sleep Mode Response frame

Backport patches from upstream to resolve these CVEs.

Signed-off-by: Ross Burton 
---
 .../wpa-supplicant/key-replay-cve-multiple.patch   | 1025 
 .../wpa-supplicant/wpa-supplicant_2.6.bb   |1 +
 2 files changed, 1026 insertions(+)
 create mode 100644 
meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch

diff --git 
a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
new file mode 100644
index 000..436520fe64b
--- /dev/null
+++ 
b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/key-replay-cve-multiple.patch
@@ -0,0 +1,1025 @@
+The WPA2 four-way handshake protocol is vulnerable to replay attacks which can
+result in unauthenticated clients gaining access to the network.
+
+Backport a number of patches from upstream to fix this.
+
+CVE: CVE-2017-13077
+CVE: CVE-2017-13078
+CVE: CVE-2017-13079
+CVE: CVE-2017-13080
+CVE: CVE-2017-13081
+CVE: CVE-2017-13082
+CVE: CVE-2017-13086
+CVE: CVE-2017-13087
+CVE: CVE-2017-13088
+
+Upstream-Status: Backport
+Signed-off-by: Ross Burton 
+
+From cf4cab804c7afd5c45505528a8d16e46163243a2 Mon Sep 17 00:00:00 2001
+From: Mathy Vanhoef 
+Date: Fri, 14 Jul 2017 15:15:35 +0200
+Subject: [PATCH 1/8] hostapd: Avoid key reinstallation in FT handshake
+
+Do not reinstall TK to the driver during Reassociation Response frame
+processing if the first attempt of setting the TK succeeded. This avoids
+issues related to clearing the TX/RX PN that could result in reusing
+same PN values for transmitted frames (e.g., due to CCM nonce reuse and
+also hitting replay protection on the receiver) and accepting replayed
+frames on RX side.
+
+This issue was introduced by the commit
+0e84c25434e6a1f283c7b4e62e483729085b78d2 ('FT: Fix PTK configuration in
+authenticator') which allowed wpa_ft_install_ptk() to be called multiple
+times with the same PTK. While the second configuration attempt is
+needed with some drivers, it must be done only if the first attempt
+failed.
+
+Signed-off-by: Mathy Vanhoef 
+---
+ src/ap/ieee802_11.c  | 16 +---
+ src/ap/wpa_auth.c| 11 +++
+ src/ap/wpa_auth.h|  3 ++-
+ src/ap/wpa_auth_ft.c | 10 ++
+ src/ap/wpa_auth_i.h  |  1 +
+ 5 files changed, 37 insertions(+), 4 deletions(-)
+
+diff --git a/src/ap/ieee802_11.c b/src/ap/ieee802_11.c
+index 4e04169..333035f 100644
+--- a/src/ap/ieee802_11.c
 b/src/ap/ieee802_11.c
+@@ -1841,6 +1841,7 @@ static int add_associated_sta(struct hostapd_data *hapd,
+ {
+   struct ieee80211_ht_capabilities ht_cap;
+   struct ieee80211_vht_capabilities vht_cap;
++  int set = 1;
+ 
+   /*
+* Remove the STA entry to ensure the STA PS state gets cleared and
+@@ -1848,9 +1849,18 @@ static int add_associated_sta(struct hostapd_data *hapd,
+* FT-over-the-DS, where a station re-associates back to the same AP but
+* skips the authentication flow, or if working with a driver that
+* does not support full AP client state.
++   *
++   * Skip this if the STA has already completed FT reassociation and the
++   * TK has been configured since the TX/RX PN must not be reset to 0 for
++   * the same key.
+*/
+-  if (!sta->added_unassoc)
++  if (!sta->added_unassoc &&
++  (!(sta->flags & WLAN_STA_AUTHORIZED) ||
++   !wpa_auth_sta_ft_tk_already_set(sta->wpa_sm))) {
+   hostapd_drv_sta_remove(hapd, sta->addr);
++  wpa_auth_sm_event(sta->wpa_sm, WPA_DRV_STA_REMOVED);
++  set = 0;
++  }
+ 
+ #ifdef CONFIG_IEEE80211N
+   if (sta->flags & WLAN_STA_HT)
+@@ -1873,11 +1883,11 @@ static int add_associated_sta(struct hostapd_data 
*hapd,
+

[OE-core] ✗ patchtest: failure for "README.qemu: qemuppc64 is not ..." and 1 more

2017-10-16 Thread Patchwork 
== Series Details ==

Series: "README.qemu: qemuppc64 is not ..." and 1 more
Revision: 1
URL   : https://patchwork.openembedded.org/series/9358/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Added patch file is missing Upstream-Status in the header 
[test_upstream_status_presence] 
  Suggested fixAdd Upstream-Status:  to the header of 
meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 (possible values: Pending, Submitted, Accepted, Backport, Denied, 
Inappropriate)



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] nettle-ptest: fix a failing test

2017-10-16 Thread Khem Raj 
On Mon, Oct 16, 2017 at 8:48 AM, Bystricky, Juro
 wrote:
> I don’t think you can use LD_LIBRARY_PATH due to the hardcoded relative path
> in "../libnettle.so”.

It should look in paths relative to LD_LIBRARY_PATH, do you see it
doesn't happen ?

>
> I could, however, change the  patch from "/usr/lib/libnettle.so" to
> “libnettle.so”, removing any paths.
>
> That way LD_LIBRARY_PATH can be used if needed. But in the end it will load
> the library from /usr/lib/nettle.so anyway.
>
>
>
>
>
>
>
> I think it would be preferred if you could use LD_LIBRARY_PATH to search for
> it
>
>
>
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 6/7] gcc6: Upgrade to 6.4

2017-10-16 Thread Khem Raj 
On Mon, Oct 16, 2017 at 4:53 AM, Otavio Salvador
 wrote:
> On Sun, Oct 15, 2017 at 5:06 PM, Andre McCurdy  wrote:
>> On Sat, Oct 14, 2017 at 10:21 PM, akuster808  wrote:
>>> why do we continue to maintain 2 versions of gcc?
>>
>> Probably the same reason why Buildroot continues to maintain 4
>> versions of gcc, it's useful for end users.
>>
>>   https://git.buildroot.net/buildroot/tree/package/gcc
>
> We keep all user space and toolchain up to date so upgrading the GCC
> is straightforward.  That said the gcc cannot vary from one machine to
> another so if a vendor wants to use an old release, it can be done
> using their distro.
>
> I am against maintaining two GCC versions as it increases the amount
> of testing needed. Instead I'd prefer to have clang merged on oe-core
> instead and easy its adoption / test.

In practice, there are a large set of applications that customers have porting
to do when major compiler version changes (e.g. 6 to 7), unless there
is a feasible path for upgrade people
will refrain from upgrading to newer versions of releases. Its not a
trivial task
to upgrade systemdwide compiler in any distro. So its a good strategy to have
two versions overlapping for few releases, this smoothens the migration for
large application bases.
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [RFC][PATCHv2] insane.bbclass: Add do_qa_pseudo function to check for common errors listed in pseudo.log

2017-10-16 Thread Martin Jansa 
Yes, package-output.lock is very often the cause for "^inode mismatch":

martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep '^inode mismatch' | wc
-l
1485
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep '^inode mismatch' |
grep package-output.lock | wc -l
1168

log.do_install also causes "^inode mismatch" in many cases:

martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep '^inode mismatch' |
grep -v package-output.lock | wc -l
317
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep '^inode mismatch' |
grep -v package-output.lock | grep temp/log.do_install | wc -l
309

That leaves only couple other files:
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep '^inode mismatch' |
grep -v package-output.lock | grep -v temp/log.do_install
inode mismatch:
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/qtbase/5.9.2+gitAUTOINC+73573fce29-r0/image/usr/include/qt5/QtNetwork/qt_temp.rhjRGj'
ino 691255 in db, 691256 in request.
inode mismatch: '/home/jenkins/.python-history' ino 1066494 in db, 1066493
in request.
inode mismatch: '/home/jenkins/.python-history' ino 1066494 in db, 1066493
in request.
inode mismatch: '/home/jenkins/.python-history' ino 1066729 in db, 1062665
in request.
inode mismatch: '/home/jenkins/.python-history' ino 1066729 in db, 1062665
in request.
inode mismatch:
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/qt3d/5.9.2+gitAUTOINC+9d8c9ada16-r0/image/usr/include/qt5/Qt3DInput/qt_temp.rhjRGj'
ino 520536 in db, 520539 in request.
inode mismatch:
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/libqofono/0.87+gitrAUTOINC+54435de3be-r0/image/usr/lib/libqofono-qt5/tests/qt_temp.rhjRGj'
ino 876399 in db, 876404 in request.
inode mismatch:
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/libqofono/0.87+gitrAUTOINC+54435de3be-r0/image/usr/lib/libqofono-qt5/tests/qt_temp.rhjRGj'
ino 876404 in db, 876408 in request.

Similarly with "creat for", but there is more wide selection of files
triggering this one:
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces'  | wc -l
1771
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for'  | grep package-output.lock | wc -l
198

for "creat for" the log.do_install appears only twice, but various
temp/run.* files are quite common cause:
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces'  | grep temp/run | wc -l
294

pm-qa is triggering this on many files,
e.g. 
/home/jenkins/oe/world/shr-core/tmp-glibc/work/core2-64-oe-linux/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_07.sh
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces'  | grep temp/run -v  | grep
pm-qa | wc -l
229

martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces'  | grep temp/run -v  | grep
pm-qa | grep cpuhotplug_05.sh
creat for
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_05.sh'
replaces existing 902737 ['NAMELESS FILE'].
creat for
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/armv5te-oe-linux-gnueabi/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_05.sh'
replaces existing 1264757 ['NAMELESS FILE'].
creat for
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/i586-oe-linux/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_05.sh'
replaces existing 976636 ['NAMELESS FILE'].
creat for
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/core2-64-oe-linux/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_05.sh'
replaces existing 576004 ['NAMELESS FILE'].
creat for
'/home/jenkins/oe/world/shr-core/tmp-glibc/work/core2-64-oe-linux/pm-qa/0.5.2-r0/image/usr/bin/cpuhotplug_05.sh'
replaces existing 986226 ['NAMELESS FILE'].

then stamps files
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces'  | grep temp/run -v  | grep
-v pm-qa | grep -v package-output.lock | grep glibc/stamps | wc -l
130

so it looks pretty rancom, but most of these errors are replacing 'NAMELESS
FILE'
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces' | grep 'NAMELESS FILE' | wc
-l
1632

which leaves only 139 other files:
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces' | grep 'replaces.*NAMELESS
FILE' -v | wc -l
139

from which couple of them are package-output.lock again:
martin@jama ~/pseudo-qa $ cat log.world.qemu* | grep -v "grep -e" | grep -v
'inode mismatch' | grep 'creat for.* replaces' | grep 'replaces.*NAMELESS
FILE' -v | grep replaces.*package-output.lock | wc -l
31

and then random selection of builds, most of them from glibc-locale:
martin@jama

Re: [OE-core] [PATCH] nettle-ptest: fix a failing test

2017-10-16 Thread Bystricky, Juro 
I don’t think you can use LD_LIBRARY_PATH due to the hardcoded relative path in 
"../libnettle.so”.
I could, however, change the  patch from "/usr/lib/libnettle.so" to  
“libnettle.so”, removing any paths.
That way LD_LIBRARY_PATH can be used if needed. But in the end it will load  
the library from /usr/lib/nettle.so anyway.



I think it would be preferred if you could use LD_LIBRARY_PATH to search for it


-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 2/2] openssl: force soft link to avoid rare race

2017-10-16 Thread Randy MacLeod 

On 2017-10-16 11:00 AM, Randy MacLeod wrote:

This patch works around a rare parallel build race condition using
the force option when soft linking.


Rare here means a few times out of > 5000 builds.

I pushed this change into the WR oe-core branch 3 weeks ago (Sept 25th)
and haven't see any build failures of this type since then
whereas I would expect to see about 5-10 without the work-around.

../Randy



The error seen is:

ln: failed to create symbolic link 'libssl.so': File exists
make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
make[4]: Leaving directory
'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'

Just add the -f flag to the platform independent soft link code to
avoid the collision.  This is reasonable since this Makefile removes
the link target before creating a new soft link. The Makefile was
written this way to support platforms that don't allow forcing a
softlink to overwrite an existing link. Only builds on Linux are
supported so that's not a requirement for oe-core recipes.

The openssl team is rewriting their build files so it's not appropriate
for openssl upstream and fixing the root cause of the race condition
was also not pursued.

Signed-off-by: Randy MacLeod 
---
  ...penssl-force-soft-link-to-avoid-rare-race.patch | 48 ++
  .../recipes-connectivity/openssl/openssl_1.0.2l.bb |  1 +
  2 files changed, 49 insertions(+)
  create mode 100644 
meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch

diff --git 
a/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 
b/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
new file mode 100644
index 000..f3c1ac7
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
@@ -0,0 +1,48 @@
+From 3d9199423d48766649a2b2ebb3924e892ed16fa4 Mon Sep 17 00:00:00 2001
+From: Randy MacLeod 
+Date: Tue, 20 Jun 2017 15:32:08 -0400
+Subject: [PATCH] openssl: Force soft link to avoid rare race
+
+This patch works around a rare parallel build race condition.
+The error seen is:
+
+ln: failed to create symbolic link 'libssl.so': File exists
+make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
+make[4]: Leaving directory
+'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'
+
+The openssl team is rewriting their build files so it's not
+appropriate for openssl upstream and fixing the root cause of
+the Makefile race condition was also not pursued.
+
+Upstream-status: Inappropriate [build rules rewrite in progress]
+
+Signed-off-by: Randy MacLeod 
+---
+ Makefile.shared | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.shared b/Makefile.shared
+index e8d222a..1bff92f 100644
+--- a/Makefile.shared
 b/Makefile.shared
+@@ -118,14 +118,14 @@
+   if [ -n "$$SHLIB_COMPAT" ]; then \
+   for x in $$SHLIB_COMPAT; do \
+   ( $(SET_X); rm -f $$SHLIB$$x$$SHLIB_SUFFIX; \
+-ln -s $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
++ln -sf $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
+   prev=$$SHLIB$$x$$SHLIB_SUFFIX; \
+   done; \
+   fi; \
+   if [ -n "$$SHLIB_SOVER" ]; then \
+   [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
+   ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+-ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
++ln -sf $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+   fi; \
+   fi
+
+--
+2.9.3
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb 
b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
index 8c34ea6..c537aa4 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
@@ -41,6 +41,7 @@ SRC_URI += "file://find.pl;subdir=openssl-${PV}/util/ \
  file://openssl-util-perlpath.pl-cwd.patch \
  file://Use-SHA256-not-MD5-as-default-digest.patch \
  file://0001-Fix-build-with-clang-using-external-assembler.patch \
+file://0001-openssl-force-soft-link-to-avoid-rare-race.patch  \
  "
  SRC_URI[md5sum] = "f85123cd390e864dfbe517e7616e6566"
  SRC_URI[sha256sum] = 
"ce07195b659e75f4e1db43552860070061f156a98bb37b672b101ba6e3ddf30c"




--
# Randy MacLeod.  WR Linux
# Wind River an Intel Company
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [RFC][PATCHv2] insane.bbclass: Add do_qa_pseudo function to check for common errors listed in pseudo.log

2017-10-16 Thread Burton, Ross 
On 16 October 2017 at 16:01, Martin Jansa  wrote:

> The world builds with this check applied show that *a lot* of components
> report one of these errors and often many of errors, the most complete logs
> from last couple days:
>

A lot of the errors in my logs were due to package-output.lock being
accessed inside/outside pseudo context.  Can you grep all of your logs and
collate some common patterns?

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [RFC][PATCHv2] insane.bbclass: Add do_qa_pseudo function to check for common errors listed in pseudo.log

2017-10-16 Thread Martin Jansa 
The world builds with this check applied show that *a lot* of components
report one of these errors and often many of errors, the most complete logs
from last couple days:

366 in:
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.report.20171012_161223.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemuarm.20171010_225937.log/qa.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemux86.20171011_084917.log/qa.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemux86-64.20171010_012728.log/qa.log


376 in:
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.report.20171001_085046.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemuarm.20170926_004402.log/qa.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemux86.20170926_004401.log/qa.log
http://logs.nslu2-linux.org/buildlogs/oe/world/rocko/log.world.qemux86-64.20170927_070922.log/qa.log

The number of errors differs in various builds, e.g.:
tcl-8.6.7: This
/work/armv5te-oe-linux-gnueabi/tcl/8.6.7-r0/pseudo/pseudo.log indicates 7
errors [qa_pseudo]
tcl-8.6.7: This
/work/armv5te-oe-linux-gnueabi/tcl/8.6.7-r0/pseudo/pseudo.log indicates 5
errors [qa_pseudo]
tcl-8.6.7: This /work/i586-oe-linux/tcl/8.6.7-r0/pseudo/pseudo.log
indicates 7 errors [qa_pseudo]
tcl-8.6.7: This /work/i586-oe-linux/tcl/8.6.7-r0/pseudo/pseudo.log
indicates 8 errors [qa_pseudo]
tcl-8.6.7: This /work/core2-64-oe-linux/tcl/8.6.7-r0/pseudo/pseudo.log
indicates 6 errors [qa_pseudo]
tcl-8.6.7: This /work/core2-64-oe-linux/tcl/8.6.7-r0/pseudo/pseudo.log
indicates 6 errors [qa_pseudo]

glibc-locale-2.26: This
/work/armv5e-oe-linux-gnueabi/glibc-locale/2.26-r0/pseudo/pseudo.log
indicates 17 errors [qa_pseudo]
glibc-locale-2.26: This
/work/armv5e-oe-linux-gnueabi/glibc-locale/2.26-r0/pseudo/pseudo.log
indicates 5 errors [qa_pseudo]
glibc-locale-2.26: This
/work/i586-oe-linux/glibc-locale/2.26-r0/pseudo/pseudo.log indicates 12
errors [qa_pseudo]
glibc-locale-2.26: This
/work/i586-oe-linux/glibc-locale/2.26-r0/pseudo/pseudo.log indicates 10
errors [qa_pseudo]
glibc-locale-2.26: This
/work/core2-64-oe-linux/glibc-locale/2.26-r0/pseudo/pseudo.log indicates 11
errors [qa_pseudo]
glibc-locale-2.26: This
/work/core2-64-oe-linux/glibc-locale/2.26-r0/pseudo/pseudo.log indicates 16
errors [qa_pseudo]

If I filter out the architecture specific path to pseudo.log and the number
of errors it still gives 368 different builds with errors:

acl-2.2.52 alsa-oss-1.0.17 alsa-plugins-1.1.4 apache2-2.4.27 apmd-3.2.2-15
aspell-0.60.6.1 attr-2.4.47 aufs-util-4.4+gitAUTOINC+89afb1806c
autofs-5.1.2 avahi-ui-0.6.32 base-passwd-3.5.29 binutils-2.29
blktrace-1.1.0+gitAUTOINC+43fc870ce0 bluez5-5.46 bmap-tools-3.4
bonnie++-1.03e boost-1.64.0 bootchart2-0.14.8 busybox-1.24.1
cantarell-fonts-0.0.24 can-utils-0.0+gitrAUTOINC+4c8fb05cb4 canutils-4.0.6
cdparanoia-10.2 chrony-2.4 ckermit-302 connman-1.34 conntrack-tools-1.4.4
console-tools-0.3.2 coreutils-8.27 corosync-2.4.2 cpufrequtils-008
cryptodev-module-1.9 ctdb-2.5.6 cups-2.2.4 curlpp-0.8.1
cwautomacros-20110201 cxxtest-4.3 daemontools-0.76 dbus-test-1.10.20
ddrescue-1.19 dfu-util-0.9 dhcp-4.3.6 diffutils-3.6 dmidecode-3.1
docbook-xml-dtd4-4.5 dovecot-2.2.29 ebtables-2.0.10-4 efivar-0.31
eglinfo-fb-1.0.0 espeak-1.48.04 evtest-1.33+AUTOINC+ab140a2dab expat-2.2.3
f2fs-tools-1.8.0 firefox-l10n-ff-45.9.0esr firefox-l10n-si-45.9.0esr
flac-1.3.2 flatbuffers-1.7.1 fontforge-20170731 frame-2.5.0
freeradius-3.0.15 fribidi-0.19.7 fuse-2.9.7
gateone-1.2+gitAUTOINC+f7a9be46cb gawk-4.1.4 gd-2.2.4 gdb-8.0 gegl-0.3.18
geoip-1.6.9 gettext-0.19.8.1 giflib-5.1.4 git-2.13.3 glade-3.20.0
glib-2.0-2.52.3 glibc-2.26 glibc-locale-2.26 glib-networking-2.50.0
gnupg-2.2.0 gnuplot-5.0.5 go-1.9 gobject-introspection-1.52.1
gptfdisk-1.0.3 gstreamer-0.10.36 gtkmm-2.24.5 hiredis-0.13.1 hplip-3.12.6
icon-slicer-0.3 icu-59.1 inetutils-1.9.4 init-ifupdown-1.0 iotop-0.6
iperf3-3.2 ipsec-tools-0.8.2 iptables-1.6.1 iputils-s20151218
iscsitarget-1.4.20.3+svn502 jack-1.9.10+gitAUTOINC+2d1d323505 kbd-2.0.4
kconfig-frontends-4.11.0.1 kexec-tools-2.0.14 konkretcmpi-0.9.2 krb5-1.15.1
lcdproc-0.5.8+gitAUTOINC+f5156e2e41 less-487 libatasmart-0.19
libatomic-ops-7.6.0+gitAUTOINC+73c60c5ef1 libbsd-0.8.6 libcanberra-0.30
libconnman-qt5-1.1.10+gitAUTOINC+4d6def3053
libcrypt-openssl-random-perl-0.11 libdrm-2.4.83 libencode-perl-2.83
libevdev-1.5.7 libfastjson-0.99.4 libgnome-2.32.1 libiec61883-1.2.0
libinput-1.8.1 libldb-1.1.29 liblogging-1.0.5 libmms-0.6.4 libotr-4.1.1
libpciaccess-0.13.5 libqofono-0.87+gitrAUTOINC+54435de3be librelp-1.2.14
librsvg-2.40.18 libsombok3-2.4.0 libtext-wrapi18n-perl-0.06
libtool-cross-2.4.6 libusb-compat-0.1.5 libusbg-0.1.0 libuser-0.62
libvncserver-0.9.11 libwmf-0.2.8.4 libwnck3-3.20.1 libxcursor-1.1.14
libxml2-2.9.4 libxml-perl-0.08 libxslt-1.1.29 libxxf86vm-1.1.4
linux-atm-2.5.2 linux-yocto-4.12.12+gitAUTOINC+eda4d18ce4_16de014967
linux-yocto-4.12.12+gitAUTOINC+eda4d18ce4_67b62d8d7b

[OE-core] [PATCH 2/2] openssl: force soft link to avoid rare race

2017-10-16 Thread Randy MacLeod 
This patch works around a rare parallel build race condition using
the force option when soft linking.

The error seen is:

ln: failed to create symbolic link 'libssl.so': File exists
make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
make[4]: Leaving directory
'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'

Just add the -f flag to the platform independent soft link code to
avoid the collision.  This is reasonable since this Makefile removes
the link target before creating a new soft link. The Makefile was
written this way to support platforms that don't allow forcing a
softlink to overwrite an existing link. Only builds on Linux are
supported so that's not a requirement for oe-core recipes.

The openssl team is rewriting their build files so it's not appropriate
for openssl upstream and fixing the root cause of the race condition
was also not pursued.

Signed-off-by: Randy MacLeod 
---
 ...penssl-force-soft-link-to-avoid-rare-race.patch | 48 ++
 .../recipes-connectivity/openssl/openssl_1.0.2l.bb |  1 +
 2 files changed, 49 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch

diff --git 
a/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
 
b/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
new file mode 100644
index 000..f3c1ac7
--- /dev/null
+++ 
b/meta/recipes-connectivity/openssl/openssl-1.0.2l/0001-openssl-force-soft-link-to-avoid-rare-race.patch
@@ -0,0 +1,48 @@
+From 3d9199423d48766649a2b2ebb3924e892ed16fa4 Mon Sep 17 00:00:00 2001
+From: Randy MacLeod 
+Date: Tue, 20 Jun 2017 15:32:08 -0400
+Subject: [PATCH] openssl: Force soft link to avoid rare race
+
+This patch works around a rare parallel build race condition. 
+The error seen is:
+
+ln: failed to create symbolic link 'libssl.so': File exists
+make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1
+make[4]: Leaving directory
+'/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k'
+
+The openssl team is rewriting their build files so it's not
+appropriate for openssl upstream and fixing the root cause of
+the Makefile race condition was also not pursued.
+
+Upstream-status: Inappropriate [build rules rewrite in progress]
+
+Signed-off-by: Randy MacLeod 
+---
+ Makefile.shared | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.shared b/Makefile.shared
+index e8d222a..1bff92f 100644
+--- a/Makefile.shared
 b/Makefile.shared
+@@ -118,14 +118,14 @@
+   if [ -n "$$SHLIB_COMPAT" ]; then \
+   for x in $$SHLIB_COMPAT; do \
+   ( $(SET_X); rm -f $$SHLIB$$x$$SHLIB_SUFFIX; \
+-ln -s $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
++ln -sf $$prev $$SHLIB$$x$$SHLIB_SUFFIX ); \
+   prev=$$SHLIB$$x$$SHLIB_SUFFIX; \
+   done; \
+   fi; \
+   if [ -n "$$SHLIB_SOVER" ]; then \
+   [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
+   ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+-ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
++ln -sf $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+   fi; \
+   fi
+ 
+-- 
+2.9.3
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb 
b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
index 8c34ea6..c537aa4 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2l.bb
@@ -41,6 +41,7 @@ SRC_URI += "file://find.pl;subdir=openssl-${PV}/util/ \
 file://openssl-util-perlpath.pl-cwd.patch \
 file://Use-SHA256-not-MD5-as-default-digest.patch \
 file://0001-Fix-build-with-clang-using-external-assembler.patch \
+file://0001-openssl-force-soft-link-to-avoid-rare-race.patch  \
 "
 SRC_URI[md5sum] = "f85123cd390e864dfbe517e7616e6566"
 SRC_URI[sha256sum] = 
"ce07195b659e75f4e1db43552860070061f156a98bb37b672b101ba6e3ddf30c"
-- 
2.9.3

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] README.qemu: qemuppc64 is not supported

2017-10-16 Thread Randy MacLeod 
Signed-off-by: Randy MacLeod 
---
 README.qemu | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.qemu b/README.qemu
index fca04b1..9f56b7d 100644
--- a/README.qemu
+++ b/README.qemu
@@ -7,7 +7,7 @@ are currently supported in 32 and 64 bit variants:
 
   * ARM (qemuarm + qemuarm64)
   * x86 (qemux86 + qemux86-64)
-  * PowerPC (qemuppc + qemuppc64)
+  * PowerPC (qemuppc only)
   * MIPS (qemumips + qemumips64)
 
 Use of the QEMU images is covered in the Yocto Project Reference Manual.
-- 
2.9.3

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] prelink: fix upstream version check

2017-10-16 Thread Mark Hatle 
On 10/16/17 5:22 AM, Alexander Kanavin wrote:
> On 10/13/2017 05:56 PM, Mark Hatle wrote:
>> On 10/13/17 9:18 AM, Alexander Kanavin wrote:
>>> Instead of reporting that we can update to a bogus version
>>> report that upstream version is not known.
>>
>> You do know that there are release branches for prelink right?
>>
>> http://git.yoctoproject.org/cgit/cgit.cgi/prelink-cross/refs/heads
>>
>> cross_prelink and master are both 'release' quality branches.
>>
>> Anything put there is a new version.
>>
>>
>> There is nothing for us to 'tag', since there are no formal versions.
>>
>>
>> Should be easy enough for the system to compare the SRCREV to the top of
>> cross_prelink.  If they don't match, an upgrade is needed.
> 
> The system currently supports only comparing tags, not comparing 
> commits. I've filed a bug for it long time ago:
> 
> https://bugzilla.yoctoproject.org/show_bug.cgi?id=8133
> 
> and no progress happened. In the meantime, for projects where commit == 
> release, the best we can do is to mark them as 'upstream version cannot 
> be established'. For prelink, also an exclusion of a bogus tag is 
> needed, so you, as the maintainer, won't get reminders to update to it.

didn't realize this hadn't been implemented in the system yet.  Definitely
something that should be.

--Mark

> Alex
> 

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] Yocto Project Status WW42’17

2017-10-16 Thread Jolley, Stephen K 
Current Dev Position: YP 2.4 Final - rc2 is out of QA.

Next Deadline: YP 2.4 Final Cut off has passed.


SWAT team rotation: Joshua -> Armin on Oct. 13, 2017.

SWAT team rotation: Armin -> Saul on Oct. 20, 2017.

https://wiki.yoctoproject.org/wiki/Yocto_Build_Failure_Swat_Team


Key Status/Updates:

·YP 2.4 (Rocko) Final rc2 came out of QA with a number of minor issues. 
 See: 
https://wiki.yoctoproject.org/wiki/WW41_-_2017-10-13_-_Full_Test_Cycle_2.4_RC2

·We believe we could release rc2 however we’re aware that there are 
some serious CVE issues that have just been announced and believe these are 
serious enough to warrant an rc3. Whilst we’ve been targeting the 20th, this 
will likely mean we’d ship slightly later than the date we’d planned but we’d 
prefer to do that than release with these known CVEs.

·As a reminder, we are still in feature freeze and working on bug 
fixing. As such, recipe upgrades are not going to be taken, nor are patches 
which cause changes in behavior or break compatibility. In future releases our 
policy regarding version upgrades will be to identify anything that needs to 
change in M4 in advance (e.g. kernel or u-boot) so this issue becomes clearer 
and only known changes come in.

·YP 2.5 Planning has begun.  Please enter your enhancement requests 
into Bugzilla.  Target milestone dates will be selected over the next few weeks.


Planned upcoming dot releases:

YP 2.2.3 is planned, but date TBD during YP 2.5 planning.

YP 2.3.3 is planned, but date TBD during YP 2.5 planning.

YP 2.4.1 is planned, but date TBD during YP 2.5 planning.


Key YP 2.4 Dates are:

YP 2.4 M4 (Final) is in QA.

YP 2.4 M4 (Final) Release by Oct. 20, 2017


Key YP 2.5 Dates are still TBD


Tracking Metrics:

WDD 2531 (last week 2545)

(https://wiki.yoctoproject.org/charts/combo.html)


Key Status Links for YP:

https://wiki.yoctoproject.org/wiki/Yocto_Project_v2.4_Status

https://wiki.yoctoproject.org/wiki/Yocto_2.4_Schedule

https://wiki.yoctoproject.org/wiki/Yocto_2.4_Features

[If anyone has suggestions for other information you’d like to see on this 
weekly status update, let us know!]


Thanks,

Stephen K. Jolley
Yocto Project Program Manager
INTEL, MS JF1-255, 2111 N.E. 25th Avenue, Hillsboro, OR 97124
•   Work Telephone:(503) 712-0534
•Cell:  (208) 244-4460
• Email:stephen.k.jol...@intel.com

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 2/4] perl: upgrade to 5.26.1

2017-10-16 Thread Leonardo Sandoval 
On Thu, 12 Oct 2017 15:11:04 -0400
Denys Dmytriyenko  wrote:

> On Thu, Oct 12, 2017 at 11:35:21AM -0700, 
> leonardo.sandoval.gonza...@linux.intel.com wrote:
> > From: Leonardo Sandoval 
> > 
> > Highlights:
> > 
> > * Patches rebased to 5.26.1 and just one removed
> > 
> > * Several configs values taken from upstream script uconfig[64].sh were 
> > introduced in
> > config.sh, avoiding pre-processor issues.
> > 
> > * Several libraries paths now included a './' as prefix, because @INC 
> > does not
> > include local paths.
> 
> https://wiki.gentoo.org/wiki/Project:Perl/5.26_Known_Issues

Thanks Denys. I though including the dot-slash was a OE-Core hack.

I should have read this page before starting the upgrade. For the buildtime 
issues, I just hit the 'Dot-In-INC-Removal' so I believe the runtime ones are 
there. Also, I forgot to mentioned in the commit that there were some ptest 
failing so pass rate is not as high as previous version. I will send a v2 with 
the above link and the ptest results as cover letter.
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 1/1] bitbake.conf: add ssh to HOSTTOOLS_NONFATAL

2017-10-16 Thread Martin Jansa 
On Mon, Oct 16, 2017 at 10:20:41AM +0800, Chen Qi wrote:
> We changed to make tools required by testimage to be included conditionally.
> This resulted in users who use ssh for git fetching having failures.
> 
> Add ssh to HOSTTOOLS_NONFATAL to make things work for the above situation.
> 
> [YOCTO #12227]
> 
> Signed-off-by: Chen Qi 
> ---
>  meta/conf/bitbake.conf | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
> index 0eefb86..2351c66 100644
> --- a/meta/conf/bitbake.conf
> +++ b/meta/conf/bitbake.conf
> @@ -487,7 +487,7 @@ HOSTTOOLS += " \
>  HOSTTOOLS += "${@['', 'ip ping ps scp ssh 
> stty'][bb.data.inherits_class('testimage', d)]}"
>  
>  # Link to these if present
> -HOSTTOOLS_NONFATAL += "aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp socat 
> sudo"
> +HOSTTOOLS_NONFATAL += "ssh aws ccache gcc-ar gpg ld.bfd ld.gold nc sftp 
> socat sudo"

Maybe keep the alphabetical order as it was intentionally sorted in:

commit 23dd96a3a175cecde258dc6d8263fbe7b308b58e
Author: Andre McCurdy 
Date:   Mon Mar 27 20:51:23 2017 -0700

bitbake.conf: sort HOSTTOOLS and remove duplicates

other than that I'm fine with this.

>  
>  # Temporary add few more detected in bitbake world
>  HOSTTOOLS_NONFATAL += "join nl size yes zcat"
> -- 
> 1.9.1
> 
> -- 
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core

-- 
Martin 'JaMa' Jansa jabber: martin.ja...@gmail.com


signature.asc
Description: Digital signature
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v4 3/3] weston: Bump version to 3.0.0

2017-10-16 Thread Burton, Ross 
Fails on the autobuilder when build against musl:

http://errors.yoctoproject.org/Errors/Details/157183/

Ross

On 28 September 2017 at 17:01, Fabien Lahoudere <
fabien.lahoud...@collabora.co.uk> wrote:

> Signed-off-by: Fabien Lahoudere 
> ---
>  .../wayland/{weston_2.0.0.bb => weston_3.0.0.bb}  | 15
> +++
>  1 file changed, 7 insertions(+), 8 deletions(-)
>  rename meta/recipes-graphics/wayland/{weston_2.0.0.bb => weston_3.0.0.bb}
> (90%)
>
> diff --git a/meta/recipes-graphics/wayland/weston_2.0.0.bb
> b/meta/recipes-graphics/wayland/weston_3.0.0.bb
> similarity index 90%
> rename from meta/recipes-graphics/wayland/weston_2.0.0.bb
> rename to meta/recipes-graphics/wayland/weston_3.0.0.bb
> index 8160f55..6b3fad7 100644
> --- a/meta/recipes-graphics/wayland/weston_2.0.0.bb
> +++ b/meta/recipes-graphics/wayland/weston_3.0.0.bb
> @@ -9,12 +9,11 @@ SRC_URI = "https://wayland.freedesktop.
> org/releases/${BPN}-${PV}.tar.xz \
> file://weston.png \
> file://weston.desktop \
> file://0001-make-error-portable.patch \
> -   file://0001-configure.ac-Fix-wayland-protocols-path.patch \
> file://xwayland.weston-start \
> 
> file://0001-weston-launch-Provide-a-default-version-that-doesn-t.patch
> \
>  "
> -SRC_URI[md5sum] = "15f38945942bf2a91fe2687145fb4c7d"
> -SRC_URI[sha256sum] = "b4e446ac27f118196f1609dab89bb3
> cb3e81652d981414ad860e733b355365d8"
> +SRC_URI[md5sum] = "9c42a4c51a1b9f35d040fa9d45ada36d"
> +SRC_URI[sha256sum] = "cde1d55e8dd70c3cbb3d1ec72f60e6
> 041579caa1d6a262bd9c35e93723a5"
>
>  inherit autotools pkgconfig useradd distro_features_check
>  # depends on virtual/egl
> @@ -76,7 +75,7 @@ PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam"
>
>  do_install_append() {
> # Weston doesn't need the .la files to load modules, so wipe them
> -   rm -f ${D}/${libdir}/libweston-2/*.la
> +   rm -f ${D}/${libdir}/libweston-3/*.la
>
> # If X11, ship a desktop file to launch it
> if [ "${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" ]; then
> @@ -93,16 +92,16 @@ do_install_append() {
>  }
>
>  PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'xwayland',
> '${PN}-xwayland', '', d)} \
> - libweston-2 ${PN}-examples"
> + libweston-3 ${PN}-examples"
>
>  FILES_${PN} = "${bindir}/weston ${bindir}/weston-terminal
> ${bindir}/weston-info ${bindir}/weston-launch ${bindir}/wcap-decode
> ${libexecdir} ${libdir}/${BPN}/*.so ${datadir}"
>
> -FILES_libweston-2 = "${libdir}/lib*${SOLIBS} ${libdir}/libweston-2/*.so"
> -SUMMARY_libweston-2 = "Helper library for implementing 'wayland window
> managers'."
> +FILES_libweston-3 = "${libdir}/lib*${SOLIBS} ${libdir}/libweston-3/*.so"
> +SUMMARY_libweston-3 = "Helper library for implementing 'wayland window
> managers'."
>
>  FILES_${PN}-examples = "${bindir}/*"
>
> -FILES_${PN}-xwayland = "${libdir}/libweston-2/xwayland.so"
> +FILES_${PN}-xwayland = "${libdir}/libweston-3/xwayland.so"
>  RDEPENDS_${PN}-xwayland += "xserver-xorg-xwayland"
>
>  RDEPENDS_${PN} += "xkeyboard-config"
> --
> 1.8.3.1
>
> --
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] libxml2: use HTTP instead of FTP in SRC_URI

2017-10-16 Thread Ross Burton 
HTTP is more reliable in general so use it instead of FTP.

Signed-off-by: Ross Burton 
---
 meta/recipes-core/libxml/libxml2_2.9.4.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/libxml/libxml2_2.9.4.bb 
b/meta/recipes-core/libxml/libxml2_2.9.4.bb
index ec2d25a2da7..9adb29cfdd7 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.4.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.4.bb
@@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = 
"file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \
 
 DEPENDS = "zlib virtual/libiconv"
 
-SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
+SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \
file://libxml-64bit.patch \
file://ansidecl.patch \
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH v2] ltp: update to new upstream release 20170929

2017-10-16 Thread Burton, Ross 
On 12 October 2017 at 10:52, Fathi Boudra  wrote:

> * Update SRCREV to match 20170929 release
> * Drop patches available in 20170929 release:
>   - 0037-ltp-fix-PAGE_SIZE-redefinition-and-O_CREAT-undeclear.patch
>   - 0038-commands-gdb01-replace-stdin-with-dev-null.patch
> * Add patches backported from upstream:
>   - 0037-commands-nm-fix-typo-INSTALL_TARTGETS-INSTALL_TARGET.patch
>   - 0038-fanotify-fix-build-failure-with-Werror-format-securi.patch
> * Add additional runtime dependencies:
>   - ld01, file01 and logrotate tests requires file command.
>   - quotacheck is required by quota_remount_test01 test.
>   - LTP checks for a compliant 'tar' but finds that the version from
> busybox lacks the '-d' option.
>
> Signed-off-by: Fathi Boudra 
> ---
> Changes in v2:
>  * Add patches backported from upstream:
>- 0037-commands-nm-fix-typo-INSTALL_TARTGETS-INSTALL_TARGET.patch
>- 0038-fanotify-fix-build-failure-with-Werror-format-securi.patch
>  * Add additional runtime dependencies:
>- ld01, file01 and logrotate tests requires file command.
>- quotacheck is required by quota_remount_test01 test.
>- LTP checks for a compliant 'tar' but finds that the version from
>  busybox lacks the '-d' option.
>

Sorry still fails:

fcntl36.c: In function 'test_fn':
fcntl36.c:303:2: error: format not a string literal and no format arguments
[-Werror=format-security]
  tst_res(TINFO, msg);
  ^~~

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 6/7] gcc6: Upgrade to 6.4

2017-10-16 Thread Otavio Salvador 
On Sun, Oct 15, 2017 at 5:06 PM, Andre McCurdy  wrote:
> On Sat, Oct 14, 2017 at 10:21 PM, akuster808  wrote:
>> why do we continue to maintain 2 versions of gcc?
>
> Probably the same reason why Buildroot continues to maintain 4
> versions of gcc, it's useful for end users.
>
>   https://git.buildroot.net/buildroot/tree/package/gcc

We keep all user space and toolchain up to date so upgrading the GCC
is straightforward.  That said the gcc cannot vary from one machine to
another so if a vendor wants to use an old release, it can be done
using their distro.

I am against maintaining two GCC versions as it increases the amount
of testing needed. Instead I'd prefer to have clang merged on oe-core
instead and easy its adoption / test.

-- 
Otavio Salvador O.S. Systems
http://www.ossystems.com.brhttp://code.ossystems.com.br
Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 0/2] Define GO386 for go cross-compilation

2017-10-16 Thread Otavio Salvador 
On Fri, Oct 13, 2017 at 4:25 PM, Paul Barker  wrote:
...
> My hope is that these patches are suitable for inclusion in the rocko branch
> (after the 2.4.0 release now). If not then please flag this and I'll look for
> alternative solutions. I don't think that leaving all go binaries as broken on
> qemux86 if they happen to use floating point operations is a valid option for
> the rocko branch.

I support the backport as well.

-- 
Otavio Salvador O.S. Systems
http://www.ossystems.com.brhttp://code.ossystems.com.br
Mobile: +55 (53) 9981-7854Mobile: +1 (347) 903-9750
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] bmap-tools: add missing runtime dependencies

2017-10-16 Thread Alexander Kanavin 

On 10/14/2017 09:11 AM, Tim Orling wrote:



On Oct 13, 2017, at 4:14 AM, Pascal Bach  wrote:

When running bmap on a target device the added dependncies are required.

Signed-off-by: Pascal Bach 
---
meta/recipes-support/bmap-tools/bmap-tools_3.4.bb | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb 
b/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb
index 7454f9d..348c9e8 100644
--- a/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb
+++ b/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb
@@ -14,7 +14,17 @@ SRCREV = "9dad724104df265442226972a1e310813f9ffcba"

S = "${WORKDIR}/git"

-RDEPENDS_${PN} = "python-core python-compression python-mmap"
+RDEPENDS_${PN} = "\
+python-core \
+python-compression \
+python-argparse \
+python-shell \
+python-fcntl \
+python-threading \
+python-xml \
+python-subprocess \
+python-mmap \
+“



These should all be the python3- version or ${PYTHON_PN}- (e.g. python3-core) 
should they not? Or is that an artifact of how the python module splitting is 
happening in oe-core?


That is correct. This was forgotten when the recipe was moved to python3:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/meta/recipes-support/bmap-tools/bmap-tools_3.4.bb?id=04ef46e2b2b753321408db02a2df3753b85ac0dd

Pascal, can you modify everything to python3-*, check that it still 
works, and resend the patch please?


Alex
--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH] prelink: fix upstream version check

2017-10-16 Thread Alexander Kanavin 

On 10/13/2017 05:56 PM, Mark Hatle wrote:

On 10/13/17 9:18 AM, Alexander Kanavin wrote:

Instead of reporting that we can update to a bogus version
report that upstream version is not known.


You do know that there are release branches for prelink right?

http://git.yoctoproject.org/cgit/cgit.cgi/prelink-cross/refs/heads

cross_prelink and master are both 'release' quality branches.

Anything put there is a new version.


There is nothing for us to 'tag', since there are no formal versions.


Should be easy enough for the system to compare the SRCREV to the top of
cross_prelink.  If they don't match, an upgrade is needed.


The system currently supports only comparing tags, not comparing 
commits. I've filed a bug for it long time ago:


https://bugzilla.yoctoproject.org/show_bug.cgi?id=8133

and no progress happened. In the meantime, for projects where commit == 
release, the best we can do is to mark them as 'upstream version cannot 
be established'. For prelink, also an exclusion of a bogus tag is 
needed, so you, as the maintainer, won't get reminders to update to it.


Alex

--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 2/4] perl: upgrade to 5.26.1

2017-10-16 Thread Burton, Ross 
>
> Leo, have you tried an oe-core world build with perl 5.26?
>

So I threw this at the autobuilder.  The grid looks really bad but it's
entirely git's do_install failing:

http://errors.yoctoproject.org/Errors/Latest/Autobuilder/?filter=a128781a065ce3718c4db2d4629672abd0b52b91=commit

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] sqlite3: fix CVE-2017-13685

2017-10-16 Thread wenzong.fan 
From: Wenzong Fan 

The dump_callback function in SQLite 3.20.0 allows remote attackers to
cause a denial of service (EXC_BAD_ACCESS and application crash) via a
crafted file.

Backport patch to fix the issue. Some references:
https://sqlite.org/src/info/02f0f4c54f2819b3
http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html

Signed-off-by: Wenzong Fan 
---
 .../sqlite/files/sqlite3-fix-CVE-2017-13685.patch  | 57 ++
 meta/recipes-support/sqlite/sqlite3_3.20.0.bb  |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 
meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch

diff --git a/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch 
b/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
new file mode 100644
index 00..aac428c821
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
@@ -0,0 +1,57 @@
+Fix CVE-2017-13685
+
+The dump_callback function in SQLite 3.20.0 allows remote attackers to
+cause a denial of service (EXC_BAD_ACCESS and application crash) via a
+crafted file.
+
+References:
+https://sqlite.org/src/info/02f0f4c54f2819b3
+http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
+
+Upstream-Status: Backport [https://sqlite.org/src/info/cf0d3715caac9149]
+
+CVE: CVE-2017-13685
+
+Signed-off-by: Wenzong Fan 
+
+Index: src/shell.c
+==
+--- src/shell.c
 src/shell.c
+@@ -2657,10 +2657,11 @@
+   int *aiType  /* Column types */
+ ){
+   int i;
+   ShellState *p = (ShellState*)pArg;
+ 
++  if( azArg==0 ) return 0;
+   switch( p->cMode ){
+ case MODE_Line: {
+   int w = 5;
+   if( azArg==0 ) break;
+   for(i=0; in ) appendText(p, "|", 0);
+   for(i=0; i