[OE-core] [PATCH 1/1] openssh: Restore TCP wrappers support

[Dengke Du]

From: Wenzong Fan 

The /etc/hosts.deny doesn't work for sshd without tcp-wrappers support,
apply below patch from Debian to fix it:

  From 1850a2c93f3dcfa3d682eaa85d1593c01d170429 Mon Sep 17 00:00:00 2001
  From: Colin Watson 
  Date: Tue, 7 Oct 2014 13:22:41 +0100
  Subject: Restore TCP wrappers support

  Support for TCP wrappers was dropped in OpenSSH 6.7.  See this message
  and thread:

https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html

  It is true that this reduces preauth attack surface in sshd.  On the
  other hand, this support seems to be quite widely used, and abruptly
  dropping it (from the perspective of users who don't read
  openssh-unix-dev) could easily cause more serious problems in practice.

Link to patch file:
  http://anonscm.debian.org/cgit/pkg-ssh/openssh.git/tree/debian/ \
patches/restore-tcp-wrappers.patch

Signed-off-by: Wenzong Fan 
Signed-off-by: Robert Yang 
Signed-off-by: Dengke Du 
---
 .../openssh/openssh/restore-tcp-wrappers.patch | 183 +
 meta/recipes-connectivity/openssh/openssh_7.5p1.bb |   4 +
 2 files changed, 187 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch

diff --git 
a/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch 
b/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch
new file mode 100644
index 000..81d9b62
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch
@@ -0,0 +1,183 @@
+From 8a81eb8a57dda76b825556e6992073bd705d572e Mon Sep 17 00:00:00 2001
+From: Colin Watson 
+Date: Tue, 7 Oct 2014 13:22:41 +0100
+Subject: [PATCH] Restore TCP wrappers support
+
+Support for TCP wrappers was dropped in OpenSSH 6.7.  See this message
+and thread:
+
+  https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html
+
+It is true that this reduces preauth attack surface in sshd.  On the
+other hand, this support seems to be quite widely used, and abruptly
+dropping it (from the perspective of users who don't read
+openssh-unix-dev) could easily cause more serious problems in practice.
+
+It's not entirely clear what the right long-term answer for Debian is,
+but it at least probably doesn't involve dropping this feature shortly
+before a freeze.
+
+Forwarded: not-needed
+Last-Update: 2014-10-07
+
+Upstream-Status: Inappropriate
+
+Patch-Name: restore-tcp-wrappers.patch
+
+This patch was imported by wenzong firstly, the following sign is not
+the origin author, just adjust it to fit for new version of openssh.
+
+Signed-off-by: Dengke Du 
+---
+ configure.ac | 57 +
+ sshd.8   |  7 +++
+ sshd.c   | 26 ++
+ 3 files changed, 90 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index c2878e3..8dc0701 100644
+--- a/configure.ac
 b/configure.ac
+@@ -1470,6 +1470,62 @@ AC_ARG_WITH([skey],
+   ]
+ )
+ 
++# Check whether user wants TCP wrappers support
++TCPW_MSG="no"
++AC_ARG_WITH([tcp-wrappers],
++   [  --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally 
in PATH)],
++   [
++   if test "x$withval" != "xno" ; then
++   saved_LIBS="$LIBS"
++   saved_LDFLAGS="$LDFLAGS"
++   saved_CPPFLAGS="$CPPFLAGS"
++   if test -n "${withval}" && \
++   test "x${withval}" != "xyes"; then
++   if test -d "${withval}/lib"; then
++   if test -n "${need_dash_r}"; then
++   LDFLAGS="-L${withval}/lib 
-R${withval}/lib ${LDFLAGS}"
++   else
++   LDFLAGS="-L${withval}/lib 
${LDFLAGS}"
++   fi
++   else
++   if test -n "${need_dash_r}"; then
++   LDFLAGS="-L${withval} 
-R${withval} ${LDFLAGS}"
++   else
++   LDFLAGS="-L${withval} 
${LDFLAGS}"
++   fi
++   fi
++   if test -d "${withval}/include"; then
++   CPPFLAGS="-I${withval}/include 
${CPPFLAGS}"
++   else
++   CPPFLAGS="-I${withval} ${CPPFLAGS}"
++   fi
++   fi
++   LIBS="-lwrap $LIBS"
++   AC_MSG_CHECKING([for libwrap])
++   

[OE-core] [PATCH 0/1] openssh: Restore TCP wrappers support

[Dengke Du]

The following changes since commit 98099349e358a9caaec8ec81f0d4abe588909cfe:

  bitbake: npm fetcher: fix unknown variable name. (2017-06-29 14:33:42 +0100)

are available in the git repository at:

  https://github.com/DengkeDu/openembedded-core.git 
dengke/openssh-restore-tcp-wrappers-support
  https://github.com//tree/dengke/openssh-restore-tcp-wrappers-support

Wenzong Fan (1):
  openssh: Restore TCP wrappers support

 .../openssh/openssh/restore-tcp-wrappers.patch | 183 +
 meta/recipes-connectivity/openssh/openssh_7.5p1.bb |   4 +
 2 files changed, 187 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch

-- 
2.8.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] mirrors: Add HTTP mirrors for ftp://sourceware.org

[Soren Brinkmann]

Signed-off-by: Soren Brinkmann 
---
 meta/classes/mirrors.bbclass | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/classes/mirrors.bbclass b/meta/classes/mirrors.bbclass
index b7c20b6cf5a2..8cc1a315c480 100644
--- a/meta/classes/mirrors.bbclass
+++ b/meta/classes/mirrors.bbclass
@@ -45,6 +45,9 @@ ${APACHE_MIRROR}  http://archive.apache.org/dist \n \
 http://downloads.sourceforge.net/watchdog/ http://fossies.org/linux/misc/ \n \
 ${SAVANNAH_GNU_MIRROR} http://download-mirror.savannah.gnu.org/releases \n \
 ${SAVANNAH_NONGNU_MIRROR} http://download-mirror.savannah.nongnu.org/releases 
\n \
+ftp://sourceware.org http://mirrors.kernel.org/sourceware \n \
+ftp://sourceware.org http://gd.tuwien.ac.at/gnu/sourceware \n \
+ftp://sourceware.org 
http://ftp.gwdg.de/pub/linux/sources.redhat.com/sourceware \n \
 cvs://.*/.* http://downloads.yoctoproject.org/mirror/sources/ \n \
 svn://.*/.* http://downloads.yoctoproject.org/mirror/sources/ \n \
 git://.*/.* http://downloads.yoctoproject.org/mirror/sources/ \n \
-- 
2.13.2.3.g44cd85c14

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/2] valgrind: Update 3.12.0 -> 3.13.0

[Soren Brinkmann]

Signed-off-by: Soren Brinkmann 
---
One of the non-upstream patches seems to be obsolete and another one I updated.
All others still cleanly apply. I successfully tested 3.13.0 with glibc on
aarch64.

Sören

 .../valgrind/0001-fix-build-for-musl-targets.patch | 69 --
 .../valgrind/0004-Fix-out-of-tree-builds.patch | 37 +++-
 .../{valgrind_3.12.0.bb => valgrind_3.13.0.bb} | 13 ++--
 3 files changed, 27 insertions(+), 92 deletions(-)
 delete mode 100644 
meta/recipes-devtools/valgrind/valgrind/0001-fix-build-for-musl-targets.patch
 rename meta/recipes-devtools/valgrind/{valgrind_3.12.0.bb => 
valgrind_3.13.0.bb} (92%)

diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0001-fix-build-for-musl-targets.patch 
b/meta/recipes-devtools/valgrind/valgrind/0001-fix-build-for-musl-targets.patch
deleted file mode 100644
index dc6feff7ffa0..
--- 
a/meta/recipes-devtools/valgrind/valgrind/0001-fix-build-for-musl-targets.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From 1b1a024efd18d44294e184e792c1e039cab02bfe Mon Sep 17 00:00:00 2001
-From: Khem Raj 
-Date: Sun, 14 Feb 2016 09:14:12 +
-Subject: [PATCH] fix build for musl targets
-
-Signed-off-by: Khem Raj 

-Upstream-Status: Pending
-
- configure.ac | 2 --
- coregrind/vg_preloaded.c | 2 +-
- include/pub_tool_redir.h | 7 +--
- 3 files changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 9366dc7..679f514 100644
 a/configure.ac
-+++ b/configure.ac
-@@ -1066,8 +1066,6 @@ case "${GLIBC_VERSION}" in
-   ;;
-  2.0|2.1|*)
-   AC_MSG_RESULT([unsupported version ${GLIBC_VERSION}])
--  AC_MSG_ERROR([Valgrind requires glibc version 2.2 or later,])
--  AC_MSG_ERROR([Darwin libc, Bionic libc or Solaris libc])
-   ;;
- esac
- 
-diff --git a/coregrind/vg_preloaded.c b/coregrind/vg_preloaded.c
-index 2ea7a7a..e49c832 100644
 a/coregrind/vg_preloaded.c
-+++ b/coregrind/vg_preloaded.c
-@@ -56,7 +56,7 @@
- void VG_NOTIFY_ON_LOAD(freeres)( void );
- void VG_NOTIFY_ON_LOAD(freeres)( void )
- {
--#  if !defined(__UCLIBC__) \
-+#  if !defined(__UCLIBC__) && defined(__GLIBC__) \
-   && !defined(VGPV_arm_linux_android) \
-   && !defined(VGPV_x86_linux_android) \
-   && !defined(VGPV_mips32_linux_android) \
-diff --git a/include/pub_tool_redir.h b/include/pub_tool_redir.h
-index bac00d7..fbb2ef2 100644
 a/include/pub_tool_redir.h
-+++ b/include/pub_tool_redir.h
-@@ -242,8 +242,7 @@
- /* --- Soname of the standard C library. --- */
- 
- #if defined(VGO_linux) || defined(VGO_solaris)
--#  define  VG_Z_LIBC_SONAME  libcZdsoZa  // libc.so*
--
-+#  define  VG_Z_LIBC_SONAME  libcZdZa// libc.*
- #elif defined(VGO_darwin) && (DARWIN_VERS <= DARWIN_10_6)
- #  define  VG_Z_LIBC_SONAME  libSystemZdZaZddylib// libSystem.*.dylib
- 
-@@ -274,7 +273,11 @@
- /* --- Soname of the pthreads library. --- */
- 
- #if defined(VGO_linux)
-+# if defined(__GLIBC__) || defined(__UCLIBC__)
- #  define  VG_Z_LIBPTHREAD_SONAME  libpthreadZdsoZd0 // libpthread.so.0
-+# else
-+#  define  VG_Z_LIBPTHREAD_SONAME  libcZdZa  // libc.*
-+#endif
- #elif defined(VGO_darwin)
- #  define  VG_Z_LIBPTHREAD_SONAME  libSystemZdZaZddylib  // libSystem.*.dylib
- #elif defined(VGO_solaris)
--- 
-2.7.1
-
diff --git 
a/meta/recipes-devtools/valgrind/valgrind/0004-Fix-out-of-tree-builds.patch 
b/meta/recipes-devtools/valgrind/valgrind/0004-Fix-out-of-tree-builds.patch
index ed313d61..8885dd1542f4 100644
--- a/meta/recipes-devtools/valgrind/valgrind/0004-Fix-out-of-tree-builds.patch
+++ b/meta/recipes-devtools/valgrind/valgrind/0004-Fix-out-of-tree-builds.patch
@@ -1,7 +1,7 @@
-From 38ae233b6893a4eec7f9ed6d8ad02392bca8eaed Mon Sep 17 00:00:00 2001
+From 739421e253e6eba3eb6438651822f80fa9c0502a Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin 
 Date: Tue, 15 Dec 2015 15:31:50 +0200
-Subject: [PATCH 1/2] Fix out of tree builds.
+Subject: [PATCH] Fix out of tree builds.
 
 The paths to these files need to be fully specified in
 the out of tree build case. glibc-2.X.supp is a generated file so the full path
@@ -11,23 +11,22 @@ RP 2013/03/23
 
 Upstream-Status: Pending
 Signed-off-by: Alexander Kanavin 
-
 ---
- configure.ac | 64 ++--
- 1 file changed, 32 insertions(+), 32 deletions(-)
+ configure.ac | 68 ++--
+ 1 file changed, 34 insertions(+), 34 deletions(-)
 
 diff --git a/configure.ac b/configure.ac
-index 8ab7f9b..9366dc7 100644
+index 3874296fde0b..7a5ba2c8557e 100644
 --- a/configure.ac
 +++ b/configure.ac
-@@ -377,44 +377,44 @@ case "${host_os}" in
+@@ -373,50 +373,50 @@ case "${host_os}" in
 9.*)
  AC_MSG_RESULT([Darwin 9.x (${kernel}) / Mac OS X 10.5 
Leopard])

[OE-core] [PATCH 3/3] initramfs-framwork: module to support boot live image

[wei . tee . ng]

From: "Ng, Wei Tee" 

setup-live module is a new module being introduced to integrate the
functionality of init-live.sh into new scriptlet in order to
support the live boot image. It gets to run before the rootfs
and finish module.

Signed-off-by: Ng, Wei Tee 
---
 meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb 
b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
index 6bbe4c1..f7b47d9 100644
--- a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
+++ b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
@@ -13,7 +13,8 @@ SRC_URI = "file://init \
file://mdev \
file://udev \
file://e2fs \
-   file://debug"
+   file://debug \
+   file://setup-live"
 
 S = "${WORKDIR}"
 
@@ -24,6 +25,7 @@ do_install() {
 install -m 0755 ${WORKDIR}/init ${D}/init
 install -m 0755 ${WORKDIR}/rootfs ${D}/init.d/90-rootfs
 install -m 0755 ${WORKDIR}/finish ${D}/init.d/99-finish
+install -m 0755 ${WORKDIR}/setup-live ${D}/init.d/80-setup-live
 
 # mdev
 install -m 0755 ${WORKDIR}/mdev ${D}/init.d/01-mdev
@@ -50,7 +52,7 @@ PACKAGES = "${PN}-base \
 initramfs-module-rootfs \
 initramfs-module-debug"
 
-FILES_${PN}-base = "/init /init.d/99-finish /dev"
+FILES_${PN}-base = "/init /init.d/99-finish /init.d/80-setup-live /dev"
 
 # 99-finish in base depends on some other module which mounts
 # the rootfs, like 90-rootfs. To replace that default, use
-- 
2.7.4

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/3] initramfs-framework: udev: Add a runtime dependency on udev-extraconf

[wei . tee . ng]

From: "Ng, Wei Tee" 

In order to implement initramfs-framework for boot up process, it
depends on udev performing automounting, which happens in udev-extraconf.
Explicitly depend on it so that we always have it installed.

Signed-off-by: Ng, Wei Tee 
---
 meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb 
b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
index 67a1b04..6bbe4c1 100644
--- a/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
+++ b/meta/recipes-core/initrdscripts/initramfs-framework_1.0.bb
@@ -65,7 +65,7 @@ RDEPENDS_initramfs-module-mdev = "${PN}-base busybox-mdev"
 FILES_initramfs-module-mdev = "/init.d/01-mdev"
 
 SUMMARY_initramfs-module-udev = "initramfs support for udev"
-RDEPENDS_initramfs-module-udev = "${PN}-base udev"
+RDEPENDS_initramfs-module-udev = "${PN}-base udev udev-extraconf"
 FILES_initramfs-module-udev = "/init.d/01-udev"
 
 SUMMARY_initramfs-module-e2fs = "initramfs support for ext4/ext3/ext2 
filesystems"
-- 
2.7.4

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [poky][master][PATCH 0/3] initramfs-framework: configuration to boot up live image

[wei . tee . ng]

From: "Ng, Wei Tee" 

This patch is to get initramfs-framework able to boot up live image.
In order to implement this framework, there is a need to add runtime

 
dependency on udev-extraconf due to the automounting process.

Secondly, a new scriptlet named setup-live module has been created
to handle the removeable media detection and assign the rootfs.img.
This is because the current rootfs module has no support for rootfs
images, only rootfs partitions.

This change has been verified with build test and boot up test on
Minnowboard Max platform.

Please review and provide feedback if you have any.
The patches are targeted for merging into poky master branch.

Thanks and regards,
Wei Tee

The following changes since commit 98099349e358a9caaec8ec81f0d4abe588909cfe:

  bitbake: npm fetcher: fix unknown variable name. (2017-06-29 14:33:42 +0100)

are available in the git repository at:

  ssh://git.yoctoproject.org/poky-contrib weiteeng/initramfs-v2
  http://git.yoctoproject.org/cgit.cgi//log/?h=weiteeng/initramfs-v2

Ng, Wei Tee (3):
  initramfs-framework: udev: Add a runtime dependency on udev-extraconf
  initramfs-framework: setup-live: detect media and assign rootfs image
  initramfs-framwork: module to support boot live image

 .../initrdscripts/initramfs-framework/setup-live   | 67 ++
 .../initrdscripts/initramfs-framework_1.0.bb   |  8 ++-
 2 files changed, 72 insertions(+), 3 deletions(-)
 create mode 100644 
meta/recipes-core/initrdscripts/initramfs-framework/setup-live

-- 
2.7.4

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/3] initramfs-framework: setup-live: detect media and assign rootfs image

[wei . tee . ng]

From: "Ng, Wei Tee" 

Integrate the featuers in init-live.sh into new scriptlet to handle
boot up live image process using framework method.

This commit include the changes for:
- Create a conditional loop for the bootparam_root variable. If it is
not set, then it will boot from ROOT_IMAGE. Else, it will boot normally
which is not from removable media.

- Gives a standard path to the original boot disk mount which can be
used to. While /media/sda is a good guess, it isn't always right, nor
is it a good assumption that only one boot disk is in the system.

- The current rootfs module has no support for rootfs images, currently
it only support for rootfs partitions for wic image. Therefore, there
is a need to assign the rootfs image for live image.

Signed-off-by: Ng, Wei Tee 
---
 .../initrdscripts/initramfs-framework/setup-live   | 67 ++
 1 file changed, 67 insertions(+)
 create mode 100644 
meta/recipes-core/initrdscripts/initramfs-framework/setup-live

diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/setup-live 
b/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
new file mode 100644
index 000..16da34a
--- /dev/null
+++ b/meta/recipes-core/initrdscripts/initramfs-framework/setup-live
@@ -0,0 +1,67 @@
+#/bin/sh
+# Copyright (C) 2011 O.S. Systems Software LTDA.
+# Licensed on MIT
+
+setup_enabled() {
+   return 0
+}
+
+setup_run() {
+ROOT_IMAGE="rootfs.img"
+ISOLINUX=""
+ROOT_DISK=""
+shelltimeout=30
+
+   if [ -z $bootparam_root ]; then
+   echo "Waiting for removable media..."
+   C=0
+   while true
+   do
+ for i in `ls /run/media 2>/dev/null`; do
+ if [ -f /run/media/$i/$ROOT_IMAGE ] ; then
+   found="yes"
+   ROOT_DISK="$i"
+   break
+ elif [ -f /run/media/$i/isolinux/$ROOT_IMAGE ]; then
+   found="yes"
+   ISOLINUX="isolinux"
+   ROOT_DISK="$i"
+   break
+ fi
+ done
+ if [ "$found" = "yes" ]; then
+ break;
+ fi
+ # don't wait for more than $shelltimeout seconds, if it's set
+ if [ -n "$shelltimeout" ]; then
+ echo -n " " $(( $shelltimeout - $C ))
+ if [ $C -ge $shelltimeout ]; then
+  echo "..."
+  echo "Mounted filesystems"
+  mount | grep media
+  echo "Available block devices"
+  cat /proc/partitions
+  fatal "Cannot find $ROOT_IMAGE file in /run/media/* 
, dropping to a shell "
+ fi
+ C=$(( C + 1 ))
+ fi
+ sleep 1
+   done
+
+   # The existing rootfs module has no support for rootfs images. 
Assign the rootfs image.
+   bootparam_root="/run/media/$ROOT_DISK/$ISOLINUX/$ROOT_IMAGE"
+   else
+   break
+   fi
+
+   if [ "$bootparam_LABEL" != "boot" -a -f /init.d/$bootparam_LABEL.sh ] ; 
then
+   if [ -f /run/media/$i/$ISOLINUX/$ROOT_IMAGE ] ; then
+   ./init.d/$bootparam_LABEL.sh $i/$ISOLINUX $ROOT_IMAGE 
$video_mode $vga_mode $console_params
+   else
+   fatal "Could not find $bootparam_LABEL script"
+   fi
+
+   # If we're getting here, we failed...
+   fatal "Target $bootparam_LABEL failed"
+   fi
+}
-- 
2.7.4

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] strace:4.16 -> 4.17

[Huang Qiyu]

From: susanbian 

Upgrade strace from 4.16 to 4.17.

Signed-off-by: susanbian 
---
 meta/recipes-devtools/strace/{strace_4.16.bb => strace_4.17.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-devtools/strace/{strace_4.16.bb => strace_4.17.bb} (91%)

diff --git a/meta/recipes-devtools/strace/strace_4.16.bb 
b/meta/recipes-devtools/strace/strace_4.17.bb
similarity index 91%
rename from meta/recipes-devtools/strace/strace_4.16.bb
rename to meta/recipes-devtools/strace/strace_4.17.bb
index b6cd2ac..9434294 100644
--- a/meta/recipes-devtools/strace/strace_4.16.bb
+++ b/meta/recipes-devtools/strace/strace_4.17.bb
@@ -15,8 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/strace/strace-${PV}.tar.xz \
file://0001-caps-abbrev.awk-fix-gawk-s-path.patch \
"
 
-SRC_URI[md5sum] = "2873366cac98770efcbed6e748d5ef23"
-SRC_URI[sha256sum] = 
"98487cb5178ec1259986cc9f6e2a844f50e5d1208c112cc22431a1e4d9adf0ef"
+SRC_URI[md5sum] = "8d7eb10eba68bad83a269197e634b626"
+SRC_URI[sha256sum] = 
"81f35b085fbb3cfa806eb521a8522ac3406deaccfe121ce35064bad268237419"
 
 inherit autotools ptest bluetooth
 
-- 
2.7.4



-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 1/1] expat: upgrade to 2.2.1

[Dengke Du]

OK, I will, thanks!


On 2017年06月29日 19:32, Burton, Ross wrote:


On 29 June 2017 at 08:57, Dengke Du > wrote:


-LIC_FILES_CHKSUM =
"file://COPYING;md5=9c3ee559c6f9dcee1043ead112139f4f"
+LIC_FILES_CHKSUM =
"file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"


Checksums changed, remember to always explain why in the commit log.

Ross




-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 1/2] ncurses: add SYSROOT_DESTDIR for siteconfig_gencache

[Huang, Jie (Jackie)]

> -Original Message-
> From: openembedded-core-boun...@lists.openembedded.org
> [mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of
> Huang, Jie (Jackie)
> Sent: Friday, June 16, 2017 09:58
> To: BURTON, ROSS
> Cc: OE-core
> Subject: Re: [OE-core] [PATCH 1/2] ncurses: add SYSROOT_DESTDIR for
> siteconfig_gencache
> 
> >
> >
> > From: Burton, Ross [mailto:ross.bur...@intel.com]
> > Sent: Thursday, June 15, 2017 20:31
> > To: Huang, Jie (Jackie)
> > Cc: OE-core
> > Subject: Re: [OE-core] [PATCH 1/2] ncurses: add SYSROOT_DESTDIR for
> siteconfig_gencache
> >
> >
> > On 31 May 2017 at 09:27,  wrote:
> > +EXTRASITECONFIG = "CFLAGS='${CFLAGS} -
> I${SYSROOT_DESTDIR}${includedir}'"
> >
> > Why is this ncurses specific, it sounds like something which will impact 
> > all users
> of siteconfig?

Ping.

Is my explanation clear enough? What's the suggestion if it's not acceptable?

Thanks,
Jackie

> 
> My original issue is not ncurses specific, that is:
> After switching to RSS, the siteconfig cache files in ACLOCALDIR setup by
> autotools.bbclass was dropped, so searching
> the path ACLOCALDIR for siteconfig files ended up with nothing, which caused
> some package (like openhpi) fail to configure,
> so the "PATCH 2/2" change it back to search SITECONFIG_SYSROOTCACHE.
> 
> But I met the second issue after the that:
> util-linux depends on ncurses but the siteinfo in ncurses_config which is
> populated to SITECONFIG_SYSROOTCACHE  is not correct:
> ac_cv_header_curses_h=${ac_cv_header_curses_h=no}
> ac_cv_header_ncurses_h=${ac_cv_header_ncurses_h=no}
> 
> then it fails to build (it should be the same issue for other package that 
> depend
> on ncurses), so this patch is needed.
> And the patch will only impact the packages that depend on ncurses, for those
> without dependency on ncurses, there
> is no ncurses_config at all in their own recipe-sysroot.
> 
> Thanks,
> Jackie
> 
> >
> > Ross
> >
> --
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [Openembedded-architecture] OE-Core/Yocto Project's first CVE (CVE-2017-9731)

[Richard Purdie]

On Wed, 2017-06-28 at 13:38 -0400, Scott Murray wrote:
> On Mon, 19 Jun 2017, Richard Purdie wrote:
> 
> > 
> > I suspect this has been missed by some people so I want to spell it
> > out. We have our first CVE in OE-Core itself.
> > 
> > The issue is limited to binary ipks potentially exposing sensitive
> > information through the "Source:" field which contained the full
> > SRC_URI. Those urls could potentially contain sensitive information
> > about servers and credentials.
> > 
> > After discussion, I ended up changing the field to contain the
> > recipe
> > filename (no path). There was talk of filtering the urls however if
> > you
> > try, it becomes clear that sensitive elements can remain and no
> > solution is likely 100% effective. The other package backends don't
> > do
> > this at all so this brings ipk more into line with them. Simply
> > clearing the field doesn't work with the current opkg-utils. It can
> > be
> > changed but the change becomes more invasive.
> > 
> > This fix has been merged to master.
> > 
> > I also did take the decision to backport this change back to
> > pyro/morty/krogoth too. I appreciate this can cause some disruption
> > to
> > people who rely on SRC_URI being in the Source: field however I
> > couldn't see any other realistic way forward.
> I noticed that this wasn't CC'ed to the yocto-security mailing list.
> Was that just an oversight, or should that mailing list be considered
> defunct at this point?

Sorry, it was oversight...

Cheers,

Richard
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] scripts/oe-setup-rpmrepo: leverage oe-run-native

[brian avery]

RSS means we no longer have a large native sysroot to run binaries from.
oe-run-native deals with this already, so this patch uses oe-run-native
to call the createrepo_c native binary that we need to make the package
feed indices.

[YOCTO #11706]
Signed-off-by: brian avery 
---
 scripts/oe-setup-rpmrepo | 21 +
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/scripts/oe-setup-rpmrepo b/scripts/oe-setup-rpmrepo
index df1c614..4e3d89e 100755
--- a/scripts/oe-setup-rpmrepo
+++ b/scripts/oe-setup-rpmrepo
@@ -72,7 +72,7 @@ setup_sysroot() {
BUILD_SYS="$BUILD_ARCH-$BUILD_OS"
 
OECORE_NATIVE_SYSROOT=$TMPDIR/sysroots/$BUILD_SYS
-   fi 
+   fi
 }
 
 setup_sysroot
@@ -88,16 +88,13 @@ if [ ! -d "$RPM_DIR" ]; then
echo "Error: rpm dir $RPM_DIR doesn't exist"
exit 1
 fi
-
-CREATEREPO=$OECORE_NATIVE_SYSROOT/usr/bin/createrepo_c
-if [ ! -e "$CREATEREPO" ]; then
-   echo "Error: can't find createrepo binary"
-   echo "please run bitbake createrepo-native first"
-   exit 1
+if ! oe-run-native createrepo-c-native createrepo_c "$RPM_DIR"&>/dev/null; then
+echo "Could not run createrepo_c, using bitbake to add to"
+echo "native sysroot and trying again..."
+bitbake createrepo-c-native -caddto_recipe_sysroot
+# this time show the error mesage in case it's helpful
+if ! oe-run-native createrepo-c-native createrepo_c "$RPM_DIR"; then
+exit 1
+fi
 fi
-
-export PATH=${PATH}:${OECORE_NATIVE_SYSROOT}/usr/bin
-
-$CREATEREPO "$RPM_DIR"
-
 exit 0
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1] scripts: make createrepo_c run

[brian avery]

This uses oe-run-native to run the createrepo_c native binary. RSS means we 
need additional steps
to run native binaries, so it is better to consolidate the logic.

-brian avery

The following changes since commit 98099349e358a9caaec8ec81f0d4abe588909cfe:

  bitbake: npm fetcher: fix unknown variable name. (2017-06-29 14:33:42 +0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib bavery/core/11706
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=bavery/core/11706

brian avery (1):
  scripts/oe-setup-rpmrepo: leverage oe-run-native

 scripts/oe-setup-rpmrepo | 21 +
 1 file changed, 9 insertions(+), 12 deletions(-)

--
1.9.1
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] mkefidsk: fix bash/dash shell quoting problem

[Saul Wold]

mkefidsk currently writes a startup.nsh with embedded control characters.
This happens because \b etc are control sequences to the shell echo
command when using dash. The resulting startup.nsh causes the bootup
to fail, and the user is dropped into the EFI shell to manually run
startup.nsh.

Patch originally provided by Troy D. Hanson 

[YOCTO #9665]

Signed-off-by: Saul Wold 
---
Tested with both bash and dash

 scripts/contrib/mkefidisk.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/contrib/mkefidisk.sh b/scripts/contrib/mkefidisk.sh
index 800733f..ac4ec9c 100755
--- a/scripts/contrib/mkefidisk.sh
+++ b/scripts/contrib/mkefidisk.sh
@@ -444,7 +444,7 @@ if [ -d $ROOTFS_MNT/etc/udev/ ] ; then
 fi
 
 # Add startup.nsh script for automated boot
-echo "fs0:\EFI\BOOT\bootx64.efi" > $BOOTFS_MNT/startup.nsh
+printf "fs0:\%s\BOOT\%s\n" "EFI" "bootx64.efi" > $BOOTFS_MNT/startup.nsh
 
 
 # Call cleanup to unmount devices and images and remove the TMPDIR
-- 
2.7.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] imagefeatures.py: Added testcase to track IMAGE_GEN_DEBUGFS

[Humberto Ibarra]

Add new testcase to check varibale IMAGE_GEN_DEBUGFS. Test makes
sure that debug filesystem is created accordingly.

[YOCTO #10906]

Signed-off-by: Humberto Ibarra 
---
 meta/lib/oeqa/selftest/cases/imagefeatures.py | 21 +
 1 file changed, 21 insertions(+)

diff --git a/meta/lib/oeqa/selftest/cases/imagefeatures.py 
b/meta/lib/oeqa/selftest/cases/imagefeatures.py
index e6652ec..8233957 100644
--- a/meta/lib/oeqa/selftest/cases/imagefeatures.py
+++ b/meta/lib/oeqa/selftest/cases/imagefeatures.py
@@ -3,6 +3,7 @@ from oeqa.utils.commands import runCmd, bitbake, get_bb_var, 
runqemu
 from oeqa.core.decorator.oeid import OETestID
 from oeqa.utils.sshcontrol import SSHControl
 import os
+import glob
 
 class ImageFeatures(OESelftestTestCase):
 
@@ -124,3 +125,23 @@ class ImageFeatures(OESelftestTestCase):
 # check if result image is sparse
 image_stat = os.stat(image_path)
 self.assertTrue(image_stat.st_size > image_stat.st_blocks * 512)
+
+def test_image_gen_debugfs(self):
+"""
+Summary: Check debugfs generation
+Expected:1. core-image-minimal can be build with IMAGE_GEN_DEBUGFS 
variable set
+ 2. debug filesystem is created when variable set
+Product: oe-core
+Author:  Humberto Ibarra 
+"""
+
+image_name = 'core-image-minimal'
+deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
+
+features = 'IMAGE_GEN_DEBUGFS = "1"\n'
+features += 'IMAGE_FSTYPES_DEBUGFS = "tar.bz2"'
+self.write_config(features)
+
+bitbake(image_name)
+debug_files = 
glob.glob(os.path.join(deploy_dir_image,"*-dbg.rootfs.tar.bz2"))
+self.assertNotEqual(len(debug_files), 0, 'debug filesystem not 
generated')
-- 
2.7.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v3 0/1] imagefeatures.py: Added testcase to track IMAGE_GEN_DEBUGFS

[Humberto Ibarra]

Patch to add a testcase for IMAGE_GEN_DEBUGFS variable. Checks if debug 
filesystem
was created.

The following changes since commit 98099349e358a9caaec8ec81f0d4abe588909cfe:

  bitbake: npm fetcher: fix unknown variable name. (2017-06-29 14:33:42 +0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib humberto/ImageGenDebugfs
  
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=humberto/ImageGenDebugfs

Humberto Ibarra (1):
  imagefeatures.py: Added testcase to track IMAGE_GEN_DEBUGFS

 meta/lib/oeqa/selftest/cases/imagefeatures.py | 21 +
 1 file changed, 21 insertions(+)

-- 
2.7.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] php: pyro: php fails to compile under pyro with empty PACKAGECONFIG

[Bryan Evenson]

I am on poky/morty and I am doing some test builds to attempt to stay up to 
date with the latest branches.  I am having issues building php.  For my build, 
I don't want any of the PACKAGECONFIG features and I add curl support, so I 
have a bbappend with the following:

DEPENDS += " \
curl \
"

EXTRA_OECONF += " \
--with-curl=${STAGING_LIBDIR}/.. \
"

PACKAGECONFIG = ""

This builds without error under morty, but under pyro I get the following 
errors:

| ERROR: oe_runmake failed
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../libexec/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/6.3.0/ld:
 ext/sqlite3/libsqlite/sqlite3.o: undefined reference to symbol 
'dlsym@@GLIBC_2.4'
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot/lib/libdl.so.2:
 error adding symbols: DSO missing from command line
| collect2: error: ld returned 1 exit status
| make: *** [sapi/cgi/php-cgi] Error 1
| make: *** Waiting for unfinished jobs
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../libexec/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/6.3.0/ld:
 ext/sqlite3/libsqlite/sqlite3.o: undefined reference to symbol 
'dlsym@@GLIBC_2.4'
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot/lib/libdl.so.2:
 error adding symbols: DSO missing from command line
| collect2: error: ld returned 1 exit status
| make: *** [sapi/cli/php] Error 1
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../libexec/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/6.3.0/ld:
 ext/sqlite3/libsqlite/sqlite3.o: undefined reference to symbol 
'dlsym@@GLIBC_2.4'
| 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/recipe-sysroot/lib/libdl.so.2:
 error adding symbols: DSO missing from command line
| collect2: error: ld returned 1 exit status
| make: *** [sapi/fpm/php-fpm] Error 1
| ERROR: Function failed: do_compile (log file is located at 
/<...>/build/tmp/work/armv5e-poky-linux-gnueabi/php/5.6.26-r0/temp/log.do_compile.28830)
NOTE: recipe php-5.6.26-r0: task do_compile: Failed

I get the same error regardless of whether I build version 5.6.26 or version 
7.1.0.  What I find odd with this error is that it is failing when loading 
symbols for sqlite3, but I explicitly remove sqlite3 from PACKAGECONFIG.  If I 
use the default PACKAGECONFIG settings, then php builds without error.  Has 
anyone else seen similar errors?

Thanks,
Bryan
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v4 3/4] standard: append md5 tag only if not already present

[leonardo . sandoval . gonzalez]

From: Leonardo Sandoval 

In case the proposed md5 tag to be appended is already present,
do not append it.

Signed-off-by: Leonardo Sandoval 
---
 scripts/lib/devtool/standard.py | 7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/scripts/lib/devtool/standard.py b/scripts/lib/devtool/standard.py
index 7e342e7687..8b6ab9ff16 100644
--- a/scripts/lib/devtool/standard.py
+++ b/scripts/lib/devtool/standard.py
@@ -700,8 +700,11 @@ def _add_md5(config, recipename, filename):
 
 def addfile(fn):
 md5 = bb.utils.md5_file(fn)
-with open(os.path.join(config.workspace_path, '.devtool_md5'), 'a') as 
f:
-f.write('%s|%s|%s\n' % (recipename, os.path.relpath(fn, 
config.workspace_path), md5))
+with open(os.path.join(config.workspace_path, '.devtool_md5'), 'a+') 
as f:
+md5_str = '%s|%s|%s\n' % (recipename, os.path.relpath(fn, 
config.workspace_path), md5)
+f.seek(0, os.SEEK_SET)
+if not md5_str in f.read():
+f.write(md5_str)
 
 if os.path.isdir(filename):
 for root, _, files in os.walk(filename):
-- 
2.12.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v4 4/4] import: new plugin to import the devtool workspace

[leonardo . sandoval . gonzalez]

From: Leonardo Sandoval 

Takes a tar archive created by 'devtool export' and export it (untar) to
workspace. By default, the whole tar archive is imported, thus there is no
way to limit what is imported.

https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510

[YOCTO #10510]

Signed-off-by: Leonardo Sandoval 
---
 scripts/lib/devtool/import.py | 150 ++
 1 file changed, 150 insertions(+)
 create mode 100644 scripts/lib/devtool/import.py

diff --git a/scripts/lib/devtool/import.py b/scripts/lib/devtool/import.py
new file mode 100644
index 00..21eb90820b
--- /dev/null
+++ b/scripts/lib/devtool/import.py
@@ -0,0 +1,150 @@
+# Development tool - import command plugin
+#
+# Copyright (C) 2014-2017 Intel Corporation
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+"""Devtool import plugin"""
+
+import os
+import tarfile
+import logging
+import collections
+import json
+import fnmatch
+
+from devtool import standard, setup_tinfoil, replace_from_file
+from devtool import export
+
+logger = logging.getLogger('devtool')
+
+def devimport(args, config, basepath, workspace):
+"""Entry point for the devtool 'import' subcommand"""
+
+def get_pn(name):
+""" Returns the filename of a workspace recipe/append"""
+metadata = name.split('/')[-1]
+fn, _ = os.path.splitext(metadata)
+return fn
+
+if not os.path.exists(args.file):
+logger.error('Tar archive %s does not exist. Export your workspace 
using "devtool export"' % args.file)
+return 1
+
+tar = tarfile.open(args.file)
+
+# Get exported metadata
+export_workspace_path = export_workspace = None
+try:
+metadata = tar.getmember(export.metadata)
+except KeyError as ke:
+logger.error('The export metadata file created by "devtool export" was 
not found')
+logger.error('The devtool import plugin can only be used to import tar 
archives created by devtool export')
+return 1
+
+tar.extract(metadata)
+with open(metadata.name) as fdm:
+export_workspace_path, export_workspace = json.load(fdm)
+os.unlink(metadata.name)
+
+members = tar.getmembers()
+
+# Get appends and recipes from the exported archive, these
+# will be needed to find out those appends without corresponding
+# recipe pair
+append_fns, recipe_fns = set(), set()
+for member in members:
+if member.name.startswith('appends'):
+append_fns.add(get_pn(member.name))
+elif member.name.startswith('recipes'):
+recipe_fns.add(get_pn(member.name))
+
+# Setup tinfoil, get required data and shutdown
+tinfoil = setup_tinfoil(config_only=False, basepath=basepath)
+try:
+current_fns = [os.path.basename(recipe[0]) for recipe in 
tinfoil.cooker.recipecaches[''].pkg_fn.items()]
+finally:
+tinfoil.shutdown()
+
+# Find those appends that do not have recipes in current metadata
+non_importables = []
+for fn in append_fns - recipe_fns:
+# Check on current metadata (covering those layers indicated in 
bblayers.conf)
+for current_fn in current_fns:
+if fnmatch.fnmatch(current_fn, '*' + fn.replace('%', '') + '*'):
+break
+else:
+non_importables.append(fn)
+logger.warn('No recipe to append %s.bbapppend, skipping' % fn)
+
+# Extract
+imported = []
+for member in members:
+if member.name == export.metadata:
+continue
+
+for nonimp in non_importables:
+pn = nonimp.split('_')[0]
+# do not extract data from non-importable recipes or metadata
+if member.name.startswith('appends/%s' % nonimp) or \
+   member.name.startswith('recipes/%s' % nonimp) or \
+   member.name.startswith('sources/%s' % pn):
+   break
+else:
+path = os.path.join(config.workspace_path, member.name)
+if os.path.exists(path):
+# by default, no file overwrite is done unless -o is given by 
the user
+if args.overwrite:
+try:
+tar.extract(member, path=config.workspace_path)
+except PermissionError as pe:
+   

[OE-core] [PATCH v4 1/4] export: new plugin to export the devtool workspace

[leonardo . sandoval . gonzalez]

From: Leonardo Sandoval 

By default, exports the whole workspace (all recipes) including the source code.
User can also limit what is exported with --included/--excluded flags. As
a result of this operation, a tar archive containing only workspace metadata
and its corresponding source code is created, which can be properly imported
with 'devtool import'.

https://bugzilla.yoctoproject.org/show_bug.cgi?id=10510

[YOCTO #10510]

Signed-off-by: Leonardo Sandoval 
---
 scripts/lib/devtool/export.py | 119 ++
 1 file changed, 119 insertions(+)
 create mode 100644 scripts/lib/devtool/export.py

diff --git a/scripts/lib/devtool/export.py b/scripts/lib/devtool/export.py
new file mode 100644
index 00..13ee258e7a
--- /dev/null
+++ b/scripts/lib/devtool/export.py
@@ -0,0 +1,119 @@
+# Development tool - export command plugin
+#
+# Copyright (C) 2014-2017 Intel Corporation
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+"""Devtool export plugin"""
+
+import os
+import argparse
+import tarfile
+import logging
+import datetime
+import json
+
+logger = logging.getLogger('devtool')
+
+# output files
+default_arcname_prefix = "workspace-export"
+metadata = '.export_metadata'
+
+def export(args, config, basepath, workspace):
+"""Entry point for the devtool 'export' subcommand"""
+
+def add_metadata(tar):
+"""Archive the workspace object"""
+# finally store the workspace metadata
+with open(metadata, 'w') as fd:
+fd.write(json.dumps((config.workspace_path, workspace)))
+tar.add(metadata)
+os.unlink(metadata)
+
+def add_recipe(tar, recipe, data):
+"""Archive recipe with proper arcname"""
+# Create a map of name/arcnames
+arcnames = []
+for key, name in data.items():
+if name:
+if key == 'srctree':
+# all sources, no matter where are located, goes into the 
sources directory
+arcname = 'sources/%s' % recipe
+else:
+arcname = name.replace(config.workspace_path, '')
+arcnames.append((name, arcname))
+
+for name, arcname in arcnames:
+tar.add(name, arcname=arcname)
+
+
+# Make sure workspace is non-empty and possible listed include/excluded 
recipes are in workspace
+if not workspace:
+logger.info('Workspace contains no recipes, nothing to export')
+return 0
+else:
+for param, recipes in 
{'include':args.include,'exclude':args.exclude}.items():
+for recipe in recipes:
+if recipe not in workspace:
+logger.error('Recipe (%s) on %s argument not in the 
current workspace' % (recipe, param))
+return 1
+
+name = args.file
+
+default_name = "%s-%s.tar.gz" % (default_arcname_prefix, 
datetime.datetime.now().strftime('%Y%m%d%H%M%S'))
+if not name:
+name = default_name
+else:
+# if name is a directory, append the default name
+if os.path.isdir(name):
+name = os.path.join(name, default_name)
+
+if os.path.exists(name) and not args.overwrite:
+logger.error('Tar archive %s exists. Use --overwrite/-o to overwrite 
it')
+return 1
+
+# if all workspace is excluded, quit
+if not len(set(workspace.keys()).difference(set(args.exclude))):
+logger.warn('All recipes in workspace excluded, nothing to export')
+return 0
+
+exported = []
+with tarfile.open(name, 'w:gz') as tar:
+if args.include:
+for recipe in args.include:
+add_recipe(tar, recipe, workspace[recipe])
+exported.append(recipe)
+else:
+for recipe, data in workspace.items():
+if recipe not in args.exclude:
+add_recipe(tar, recipe, data)
+exported.append(recipe)
+
+add_metadata(tar)
+
+logger.info('Tar archive created at %s with the following recipes: %s' % 
(name, ', '.join(exported)))
+return 0
+
+def register_commands(subparsers, context):
+"""Register devtool export subcommands"""
+parser = subparsers.add_parser('export',
+   help='Export 

[OE-core] [PATCH v4 0/4] Two new devtool plugins: export and import

[leonardo . sandoval . gonzalez]

From: Leonardo Sandoval 

These two plugins can be used to share the devtool workspace between users.

The following changes since commit c3058ec4a4f2f4c57116816a5bede1e61a5a4cc4:

  meta/conf/layer.conf: bump layer version for LSB changes (2017-06-28 15:52:19 
+0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib lsandov1/devtool-import-export
  
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=lsandov1/devtool-import-export

Leonardo Sandoval (4):
  export: new plugin to export the devtool workspace
  devtool: function to replace strings inside a text file
  standard: append md5 tag only if not already present
  import: new plugin to import the devtool workspace

 scripts/lib/devtool/__init__.py |  37 ++
 scripts/lib/devtool/export.py   | 119 +++
 scripts/lib/devtool/import.py   | 150 
 scripts/lib/devtool/standard.py |   7 +-
 4 files changed, 311 insertions(+), 2 deletions(-)
 create mode 100644 scripts/lib/devtool/export.py
 create mode 100644 scripts/lib/devtool/import.py

-- 
2.12.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v4 2/4] devtool: function to replace strings inside a text file

[leonardo . sandoval . gonzalez]

From: Leonardo Sandoval 

Signed-off-by: Leonardo Sandoval 
---
 scripts/lib/devtool/__init__.py | 37 +
 1 file changed, 37 insertions(+)

diff --git a/scripts/lib/devtool/__init__.py b/scripts/lib/devtool/__init__.py
index 29c4c05071..7f4f817a8e 100644
--- a/scripts/lib/devtool/__init__.py
+++ b/scripts/lib/devtool/__init__.py
@@ -292,3 +292,40 @@ def ensure_npm(config, basepath, fixed_setup=False, 
check_exists=True):
 raise DevtoolError(msg)
 else:
 raise
+
+def replace_from_file(path, old, new):
+"""Replace strings on a file"""
+
+def read_file(path):
+data = None
+with open(path) as f:
+data = f.read()
+return data
+
+def write_file(path, data):
+if data is None:
+return
+wdata = data.rstrip() + "\n"
+with open(path, "w") as f:
+f.write(wdata)
+
+# In case old is None, return immediately
+if old is None:
+return
+try:
+rdata = read_file(path)
+except IOError as e:
+# if file does not exit, just quit, otherwise raise an exception
+if e.errno == errno.ENOENT:
+return
+else:
+raise
+
+old_contents = rdata.splitlines()
+new_contents = []
+for old_content in old_contents:
+try:
+new_contents.append(old_content.replace(old, new))
+except ValueError:
+pass
+write_file(path, "\n".join(new_contents))
-- 
2.12.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] revert e7fca5d looks wrong.

[Burton, Ross]

On 28 June 2017 at 17:58, akuster808  wrote:

> Please double check the revert in master. Is the commit message wrong or
> did the wrong thing get removed?
>
>
The revert in master:

libxml2: Revert "Add an XML_PARSE_NOXXE flag to block all entities loading
even local"
 .../libxml/libxml2/CVE-2016-9318.patch | 207
-

-From 7fa1cd31552d52d50a9101f07c816ff6dd2d9f19 Mon Sep 17 00:00:00 2001
-From: Doran Moppert 
-Date: Fri, 7 Apr 2017 16:45:56 +0200
-Subject: [PATCH] Add an XML_PARSE_NOXXE flag to block all entities loading
- even local

So the commit message matches the summary of the patch being deleted.

The addition of this patch:

libxml2: CVE-2016-9318

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2016-9318.patch
b/meta/recipes-core/libxml/libxml2/CVE-2016-9318.patch
new file mode 100644
index 000..3581ab83df1
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2016-9318.patch
@@ -0,0 +1,207 @@
+From 7fa1cd31552d52d50a9101f07c816ff6dd2d9f19 Mon Sep 17 00:00:00 2001
+From: Doran Moppert 
+Date: Fri, 7 Apr 2017 16:45:56 +0200
+Subject: [PATCH] Add an XML_PARSE_NOXXE flag to block all entities loading
+ even local

So the addition of the patch also matches.

The revert actually happened upstream:

https://git.gnome.org/browse/libxml2/commit/id=030b1f7a27c22f9237eddca49ec5e620b6258d7d

Conclusion: I think the patch is good.

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 1/2] kernel: add package version in dependencies for kernel packages

[Bruce Ashfield]

On Thu, Jun 29, 2017 at 4:54 AM, Razvan Heghedus 
wrote:

>
>
> On 06/28/2017 04:10 AM, Bruce Ashfield wrote:
>
>
>
> On Tue, Jun 27, 2017 at 4:51 AM, Razvan Heghedus 
> wrote:
>
>>
>>
>> On 06/26/2017 06:50 PM, Bruce Ashfield wrote:
>>
>>
>>
>> On Wed, Jun 21, 2017 at 8:00 AM, Heghedus Razvan 
>> wrote:
>>
>>> Make all dependencies from kernel family packages which depend
>>> on another kernel related package to depend on the same version.
>>> This creates a consistent state where kernel, kernel images and
>>> kernel modules have the same version, making a kernel upgrade
>>> leading to upgrades of the image and modules.
>>>
>>> The upgrade works only if the KERNEL_VERSION_PKG_NAME remains
>>> the same for the newer versions.
>>>
>>> Signed-off-by: Heghedus Razvan 
>>> ---
>>>  meta/classes/kernel-module-split.bbclass  |  7 ---
>>>  meta/classes/kernel.bbclass   | 15 +--
>>>  meta/recipes-kernel/linux/linux-yocto.inc |  4 
>>>  3 files changed, 17 insertions(+), 9 deletions(-)
>>>
>>> diff --git a/meta/classes/kernel-module-split.bbclass
>>> b/meta/classes/kernel-module-split.bbclass
>>> index 5e10dcf735..e247e66901 100644
>>> --- a/meta/classes/kernel-module-split.bbclass
>>> +++ b/meta/classes/kernel-module-split.bbclass
>>> @@ -33,7 +33,7 @@ PACKAGESPLITFUNCS_prepend =
>>> "split_kernel_module_packages "
>>>  KERNEL_MODULES_META_PACKAGE ?= "kernel-modules"
>>>
>>>  KERNEL_MODULE_PACKAGE_PREFIX ?= ""
>>> -KERNEL_MODULE_PACKAGE_SUFFIX ?= "-${KERNEL_VERSION}"
>>> +KERNEL_MODULE_PACKAGE_SUFFIX ?= "-${KERNEL_VERSION_PKG_NAME}"
>>>  KERNEL_MODULE_PROVIDE_VIRTUAL ?= "1"
>>>
>>>  python split_kernel_module_packages () {
>>> @@ -114,6 +114,7 @@ python split_kernel_module_packages () {
>>>  for dep in vals["depends"].split(","):
>>>  on = legitimize_package_name(dep)
>>>  dependency_pkg = format % on
>>> +dependency_pkg += ' ${@get_full_package_version(d)}'
>>>  modinfo_deps.append(dependency_pkg)
>>>  for dep in modinfo_deps:
>>>  if not dep in rdepends:
>>> @@ -138,10 +139,10 @@ python split_kernel_module_packages () {
>>>  postinst = d.getVar('pkg_postinst_modules')
>>>  postrm = d.getVar('pkg_postrm_modules')
>>>
>>> -modules = do_split_packages(d, root='${nonarch_base_libdir}/modules',
>>> file_regex=module_regex, output_pattern=module_pattern, description='%s
>>> kernel module', postinst=postinst, postrm=postrm, recursive=True,
>>> hook=frob_metadata, extra_depends='kernel-%s' %
>>> (d.getVar("KERNEL_VERSION")))
>>> +modules = do_split_packages(d, root='${nonarch_base_libdir}/modules',
>>> file_regex=module_regex, output_pattern=module_pattern, description='%s
>>> kernel module', postinst=postinst, postrm=postrm, recursive=True,
>>> hook=frob_metadata, extra_depends='kernel-%s %s' %
>>> (d.getVar("KERNEL_VERSION_PKG_NAME"), get_full_package_version(d)))
>>>  if modules:
>>>  metapkg = d.getVar('KERNEL_MODULES_META_PACKAGE')
>>> -d.appendVar('RDEPENDS_' + metapkg, ' '+' '.join(modules))
>>> +d.appendVar('RDEPENDS_' + metapkg, ' '+' '.join(['{0}
>>> {1}'.format(module, get_full_package_version(d)) for module in modules]))
>>>
>>>  # If modules-load.d and modprobe.d are empty at this point, remove
>>> them to
>>>  # avoid warnings. removedirs only raises an OSError if an empty
>>> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
>>> index 7a134d5c29..605c101e62 100644
>>> --- a/meta/classes/kernel.bbclass
>>> +++ b/meta/classes/kernel.bbclass
>>> @@ -55,7 +55,7 @@ python __anonymous () {
>>>
>>>  d.setVar('FILES_kernel-image-' + typelower, '/' + imagedest +
>>> '/' + type + '-${KERNEL_VERSION_NAME}')
>>>
>>> -d.appendVar('RDEPENDS_kernel-image', ' ' + 'kernel-image-' +
>>> typelower)
>>> +d.appendVar('RDEPENDS_kernel-image', ' ' + 'kernel-image-' +
>>> typelower + ' ${@get_full_package_version(d)}')
>>>
>>>  d.setVar('PKG_kernel-image-' + typelower, 'kernel-image-' +
>>> typelower + '-${KERNEL_VERSION_PKG_NAME}')
>>>
>>> @@ -493,14 +493,17 @@ FILES_kernel-image = ""
>>>  FILES_kernel-dev = "/boot/System.map* /boot/Module.symvers*
>>> /boot/config* ${KERNEL_SRC_PATH} ${nonarch_base_libdir}/modules
>>> /${KERNEL_VERSION}/build"
>>>  FILES_kernel-vmlinux = "/boot/vmlinux-${KERNEL_VERSION_NAME}"
>>>  FILES_kernel-modules = ""
>>> -RDEPENDS_kernel = "kernel-base"
>>> +RDEPENDS_kernel = "kernel-base ${@get_full_package_version(d)}"
>>>
>>
>> Is that really supposed to be a space, between kernel-base and the
>> package version
>> call ? I guess so, since I see the same thing below in the
>> RDEPENDS_kernel-base
>> line below .. but it just reads strange to me.  i.e. if that's a
>> RDEPENDS, where is the
>> package get_full_package_version(d) created ?
>>
>> Yes, the space is supposed to be 

Re: [OE-core] [PATCH 2/2] kernel: user defined KERNEL_VERSION_PKG_NAME

[Bruce Ashfield]

On Thu, Jun 29, 2017 at 5:10 AM, Razvan Heghedus 
wrote:

>
>
> On 06/28/2017 04:29 AM, Bruce Ashfield wrote:
>
>
>
> On Tue, Jun 27, 2017 at 5:15 AM, Razvan Heghedus 
> wrote:
>
>>
>>
>> On 06/26/2017 06:52 PM, Bruce Ashfield wrote:
>>
>>
>>
>> On Wed, Jun 21, 2017 at 8:00 AM, Heghedus Razvan 
>> wrote:
>>
>>> Add possibility to set KERNEL_VERSION_PKG_NAME to a user
>>> defined value.
>>>
>>> Signed-off-by: Heghedus Razvan 
>>> ---
>>>  meta/classes/kernel.bbclass | 8 ++--
>>>  1 file changed, 6 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
>>> index 605c101e62..02728d5a86 100644
>>> --- a/meta/classes/kernel.bbclass
>>> +++ b/meta/classes/kernel.bbclass
>>> @@ -28,12 +28,16 @@ INITRAMFS_IMAGE_BUNDLE ?= ""
>>>  # LINUX_VERSION which is a constant.
>>>  KERNEL_VERSION_NAME = "${@d.getVar('KERNEL_VERSION') or "
>>> <$%7B@d.getVar%28%27KERNEL_VERSION%27%29or>"}"
>>>  KERNEL_VERSION_NAME[vardepvalue] = "${LINUX_VERSION}"
>>> -KERNEL_VERSION_PKG_NAME = "${@legitimize_package_name(d.
>>> getVar('KERNEL_VERSION'))}"
>>> -KERNEL_VERSION_PKG_NAME[vardepvalue] = "${LINUX_VERSION}"
>>>
>>>  python __anonymous () {
>>>  import re
>>>
>>> +if d.getVar('USER_KERNEL_VERSION_PKG') is None :
>>> +d.setVar('KERNEL_VERSION_PKG_NAME',
>>> "${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}")
>>> +d.setVar('KERNEL_VERSION_PKG_NAME[vardepvalue]',
>>> "${LINUX_VERSION}")
>>> +else:
>>> +d.setVar('KERNEL_VERSION_PKG_NAME',
>>> "${@legitimize_package_name(d.getVar('USER_KERNEL_VERSION_PKG'))}")
>>>
>>
>> This is introducing yet another variable that tweaks the already complex
>> setting of
>> the kernel version. Not to mention this code is already touchy with
>> respect to
>> parse time and rebuilding of the kernel.
>>
>> My concern is that if this is set, we are completely disassociated with
>> the source
>> code of the kernel.
>>
>> Where did you think this would be set ? local.conf ? distro config ?
>> somewhere else ?
>>
>> If we had a way to simply override KERNEL_VERSION, we wouldn't need any
>> extra
>> variables.
>>
>> Bruce
>>
>>
>>> +
>>>  # Merge KERNEL_IMAGETYPE and KERNEL_ALT_IMAGETYPE into
>>> KERNEL_IMAGETYPES
>>>  type = d.getVar('KERNEL_IMAGETYPE') or ""
>>>  alttype = d.getVar('KERNEL_ALT_IMAGETYPE') or ""
>>> --
>>> 2.13.1
>>>
>>> --
>>> ___
>>> Openembedded-core mailing list
>>> Openembedded-core@lists.openembedded.org
>>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>>
>>
>>
>>
>> --
>> "Thou shalt not follow the NULL pointer, for chaos and madness await thee
>> at its end"
>>
>> I have setting the variable in the kernel recipe. I need a way to
>> override the KERNEL_VERSION because I want the kernel packages name to
>> contain only a part of the version or nothing at all.
>> I need this for the the kernel upgrade stuff, because if the package name
>> is something like: kernel-4.9.8-{static_string} then I couldn't upgrade to
>> a version like: kernel-4.9.10-{static_string}, because they are two
>> different packages. I wanted a simple way to be able to have the package
>> name : kernel-4.9-{static_string}, then I could do the upgrade for the new
>> minor updates of the kernel.
>>
>
> I could have sworn this (upgrading) was already possible via the version
> string we
> are currently using.  i.e. the PV is already picked up from the kernel
> source, and
> that should be doing the job.
>
> i.e. when I unpack my kernel-image-bzimage-4.10.15-y
> octo-standard_4.10.15+git0+4d929fac34_d2c1ed3c0c-r0_qemux86_64.ipk
> package, I see that it has:
>
>  Version: 4.10.15+git0+4d929fac34_d2c1ed3c0c-r0
>  but obviously has the general provides: Provides: kernel-image-bzimage
>
> So that should be upgradable based on the version ... sure they have
> different names, but the provides
> and versions take care of things.
>
> The versioning, ability to install multiple kernels, upgrades, etc, have
> really churned
> these variables making them a mess to read.
>
> I'm probably misunderstanding your use case and error, can you elaborate
> for me
> and/or provide a log ? I'm more of a kernel guy than a package format guy
> .. so
> I'm probably missing something obvious.
>
> Bruce
>
>
>
> If I build a genericx86_64 core-image_sato without this patch, only with
> the other patch which add the versions(only the parts that are in round
> parenthesis) I have the following packages:
>
> Package: kernel-4.10.9-yocto-standard
> Version: 4.10.9+git0+ad2e885015_fe0fb8da3d-r0
> Depends: kernel-image-4.10.9-yocto-standard (=
> 4.10.9+git0+ad2e885015_fe0fb8da3d-r0)
> Provides: kernel-4.10.9-yocto-standard, kernel-base
>
> Package: kernel-image-4.10.9-yocto-standard
> Version: 4.10.9+git0+ad2e885015_fe0fb8da3d-r0
> Depends: kernel-image-bzimage-4.10.9-yocto-standard (=

[OE-core] [PATCH] openssh: Fix key generation with systemd

[Joshua Watt]

106b59d9 broke SSH host key generation when systemd and a read-only root file
system are in use because there isn't a way for systemd to get the optional
weak assigment of SYSCONFDIR from /etc/default/sshd and still provide a default
value if it is not specified. Instead, move the logic for determining if keys
need to be created to a helper script that both the SysV init script and the
systemd unit file can reference.

This does mean that the systemd unit file can't check for file existence to
know if it should start the service, but it wasn't able to do that correctly
anyway anymore. This should be a problem since the serivce is only run once per
power cycle by systemd, and should exit quickly if the keys already exist

Signed-off-by: Joshua Watt 
---
 meta/recipes-connectivity/openssh/openssh/init | 69 +-
 .../openssh/openssh/sshd_check_keys| 64 
 .../openssh/openssh/sshdgenkeys.service| 16 +
 meta/recipes-connectivity/openssh/openssh_7.5p1.bb |  7 +++
 4 files changed, 75 insertions(+), 81 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssh/openssh/sshd_check_keys

diff --git a/meta/recipes-connectivity/openssh/openssh/init 
b/meta/recipes-connectivity/openssh/openssh/init
index 386628a..34ba0f8 100644
--- a/meta/recipes-connectivity/openssh/openssh/init
+++ b/meta/recipes-connectivity/openssh/openssh/init
@@ -19,25 +19,6 @@ fi
 [ -z "$SYSCONFDIR" ] && SYSCONFDIR=/etc/ssh
 mkdir -p $SYSCONFDIR
 
-parse_sshd_opts() {
-set -- ${SSHD_OPTS} --
-sshd_config=/etc/ssh/sshd_config
-while true ; do
-case "$1" in
--f*) if [ "$1" = "-f" ] ; then
- sshd_config="$2"
- shift
- else
- sshd_config="${1#-f}"
- fi
- shift
- ;;
---) shift; break;;
-*) shift;;
-esac
-done
-}
-
 check_for_no_start() {
 # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run 
exists
 if [ -e $SYSCONFDIR/sshd_not_to_be_run ]; then
@@ -58,57 +39,13 @@ check_config() {
/usr/sbin/sshd -t $SSHD_OPTS || exit 1
 }
 
-check_keys() {
-   # parse location of keys
-   local HOST_KEY_RSA
-   local HOST_KEY_DSA
-   local HOST_KEY_ECDSA
-   local HOST_KEY_ED25519
-
-   parse_sshd_opts
-   HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | 
awk ' { print $2 } ')
-   [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey 
"${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key
-   HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | 
awk ' { print $2 } ')
-   [ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey 
"${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key
-   HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail 
-1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey 
"${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_ECDSA}" ] && 
HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key
-   HOST_KEY_ED25519=$(grep ^HostKey "${sshd_config}" | grep _ed25519_ | 
tail -1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_ED25519}" ] && HOST_KEY_ED25519=$(grep HostKey 
"${sshd_config}" | grep _ed25519_ | tail -1 | awk ' { print $2 } ')
-   [ -z "${HOST_KEY_ED25519}" ] && 
HOST_KEY_ED25519=$SYSCONFDIR/ssh_host_ed25519_key
-
-   # create keys if necessary
-   if [ ! -f $HOST_KEY_RSA ]; then
-   echo "  generating ssh RSA key..."
-   mkdir -p $(dirname $HOST_KEY_RSA)
-   ssh-keygen -q -f $HOST_KEY_RSA -N '' -t rsa
-   fi
-   if [ ! -f $HOST_KEY_ECDSA ]; then
-   echo "  generating ssh ECDSA key..."
-   mkdir -p $(dirname $HOST_KEY_ECDSA)
-   ssh-keygen -q -f $HOST_KEY_ECDSA -N '' -t ecdsa
-   fi
-   if [ ! -f $HOST_KEY_DSA ]; then
-   echo "  generating ssh DSA key..."
-   mkdir -p $(dirname $HOST_KEY_DSA)
-   ssh-keygen -q -f $HOST_KEY_DSA -N '' -t dsa
-   fi
-   if [ ! -f $HOST_KEY_ED25519 ]; then
-   echo "  generating ssh ED25519 key..."
-   mkdir -p $(dirname $HOST_KEY_ED25519)
-   ssh-keygen -q -f $HOST_KEY_ED25519 -N '' -t ed25519
-   fi
-}
-
 export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
 
 case "$1" in
   start)
check_for_no_start
echo "Starting OpenBSD Secure Shell server: sshd"
-   check_keys
+   @LIBEXECDIR@/sshd_check_keys
check_privsep_dir
start-stop-daemon -S -p $PIDFILE -x /usr/sbin/sshd -- $SSHD_OPTS
 echo "done."
@@ -121,7 +58,7 @@ case "$1" in
 
   reload|force-reload)

Re: [OE-core] ✗ patchtest: failure for schedtool-dl: Fix SCHED_DEADLINE value out of range

[Bruce Ashfield]

Zhe emailed me, and this is actually for meta-realtime. The README
indicates that
changes should be sent to oe-core .. but obviously that isn't accurate
anymore.

I'm updating the README, and this can be resent to the yocto mailing list
with
[meta-realtime] in the subject.

Cheers,

Bruce

On Thu, Jun 29, 2017 at 5:31 AM, Patchwork <
patchw...@patchwork.openembedded.org> wrote:

> == Series Details ==
>
> Series: schedtool-dl: Fix SCHED_DEADLINE value out of range
> Revision: 1
> URL   : https://patchwork.openembedded.org/series/7507/
> State : failure
>
> == Summary ==
>
>
> Thank you for submitting this patch series to OpenEmbedded Core. This is
> an automated response. Several tests have been executed on the proposed
> series by patchtest resulting in the following failures:
>
>
>
> * Issue Series does not apply on top of target branch
> [test_series_merge_on_head]
>   Suggested fixRebase your series on top of targeted branch
>   Targeted branch  master (currently at c594cacc88)
>
>
>
> If you believe any of these test results are incorrect, please reply to the
> mailing list (openembedded-core@lists.openembedded.org) raising your
> concerns.
> Otherwise we would appreciate you correcting the issues and submitting a
> new
> version of the patchset if applicable. Please ensure you add/increment the
> version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
> [PATCH v3] -> ...).
>
> ---
> Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
> Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
>
> --
> ___
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>



-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await thee
at its end"
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] scripts/contrib/patchreview: add new script

[Ross Burton]

This script analyses the patches we apply and can sanity check or output
statistics.

Signed-off-by: Ross Burton 
---
 scripts/contrib/patchreview.py | 211 +
 1 file changed, 211 insertions(+)
 create mode 100755 scripts/contrib/patchreview.py

diff --git a/scripts/contrib/patchreview.py b/scripts/contrib/patchreview.py
new file mode 100755
index 000..4e3e73c7a8b
--- /dev/null
+++ b/scripts/contrib/patchreview.py
@@ -0,0 +1,211 @@
+#! /usr/bin/env python3
+
+# TODO
+# - option to just list all broken files
+# - test suite
+# - validate signed-off-by
+
+
+class Result:
+# Whether the patch has an Upstream-Status or not
+missing_upstream_status = False
+# If the Upstream-Status tag is malformed in some way (string for bad bit)
+malformed_upstream_status = None
+# If the Upstream-Status value is unknown (boolean)
+unknown_upstream_status = False
+# The upstream status value (Pending, etc)
+upstream_status = None
+# Whether the patch has a Signed-off-by or not
+missing_sob = False
+# Whether the Signed-off-by tag is malformed in some way
+malformed_sob = False
+# The Signed-off-by tag value
+sob = None
+# Whether a patch looks like a CVE but doesn't have a CVE tag
+missing_cve = False
+
+def blame_patch(patch):
+"""
+From a patch filename, return a list of "commit summary (author name 
)" strings representing the history.
+"""
+import subprocess
+return subprocess.check_output(("git", "log",
+"--follow", "--find-renames", 
"--diff-filter=A",
+"--format=%s (%aN <%aE>)",
+"--", patch)).decode("utf-8").splitlines()
+
+def patchreview(patches):
+import re
+
+# General pattern: start of line, optional whitespace, tag with optional
+# hyphen or spaces, maybe a colon, some whitespace, then the value, all 
case
+# insensitive.
+sob_re = re.compile(r"^[\t ]*(Signed[-_ ]off[-_ ]by:?)[\t ]*(.+)", 
re.IGNORECASE | re.MULTILINE)
+status_re = re.compile(r"^[\t ]*(Upstream[-_ ]Status:?)[\t ]*(\w*)", 
re.IGNORECASE | re.MULTILINE)
+status_values = ("accepted", "pending", "inappropriate", "backport", 
"submitted", "denied")
+cve_tag_re = re.compile(r"^[\t ]*(CVE:)[\t ]*(.*)", re.IGNORECASE | 
re.MULTILINE)
+cve_re = re.compile(r"cve-[0-9]{4}-[0-9]{4,6}", re.IGNORECASE)
+
+results = {}
+
+for patch in patches:
+result = Result()
+results[patch] = result
+
+content = open(patch, encoding='ascii', errors='ignore').read()
+
+# Find the Signed-off-by tag
+match = sob_re.search(content)
+if match:
+value = match.group(1)
+if value != "Signed-off-by:":
+result.malformed_sob = value
+result.sob = match.group(2)
+else:
+result.missing_sob = True
+
+
+# Find the Upstream-Status tag
+match = status_re.search(content)
+if match:
+value = match.group(1)
+if value != "Upstream-Status:":
+result.malformed_upstream_status = value
+
+value = match.group(2).lower()
+# TODO: check case
+if value not in status_values:
+result.unknown_upstream_status = True
+result.upstream_status = value
+else:
+result.missing_upstream_status = True
+
+# Check that patches which looks like CVEs have CVE tags
+if cve_re.search(patch) or cve_re.search(content):
+if not cve_tag_re.search(content):
+result.missing_cve = True
+# TODO: extract CVE list
+
+return results
+
+
+def analyse(results, want_blame=False, verbose=True):
+"""
+want_blame: display blame data for each malformed patch
+verbose: display per-file results instead of just summary
+"""
+
+# want_blame requires verbose, so disable blame if we're not verbose
+if want_blame and not verbose:
+want_blame = False
+
+total_patches = 0
+missing_sob = 0
+malformed_sob = 0
+missing_status = 0
+malformed_status = 0
+missing_cve = 0
+pending_patches = 0
+
+for patch in sorted(results):
+r = results[patch]
+total_patches += 1
+need_blame = False
+
+# Build statistics
+if r.missing_sob:
+missing_sob += 1
+if r.malformed_sob:
+malformed_sob += 1
+if r.missing_upstream_status:
+missing_status += 1
+if r.malformed_upstream_status or r.unknown_upstream_status:
+malformed_status += 1
+if r.missing_cve:
+missing_cve += 1
+if r.upstream_status == "pending":
+pending_patches += 1
+
+# Output warnings
+if r.missing_sob:
+need_blame = True
+if verbose:
+   

Re: [OE-core] [PATCH 1/1] expat: upgrade to 2.2.1

[Burton, Ross]

On 29 June 2017 at 08:57, Dengke Du  wrote:

> -LIC_FILES_CHKSUM = "file://COPYING;md5=9c3ee559c6f9dcee1043ead112139f4f"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
>

Checksums changed, remember to always explain why in the commit log.

Ross
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] ✗ patchtest: failure for schedtool-dl: Fix SCHED_DEADLINE value out of range

[Patchwork]

== Series Details ==

Series: schedtool-dl: Fix SCHED_DEADLINE value out of range
Revision: 1
URL   : https://patchwork.openembedded.org/series/7507/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Series does not apply on top of target branch 
[test_series_merge_on_head] 
  Suggested fixRebase your series on top of targeted branch
  Targeted branch  master (currently at c594cacc88)



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] schedtool-dl: Fix SCHED_DEADLINE value out of range

[zhe.he]

From: He Zhe 

The upstream commit 3ffb479929c31cbae09de08f94f58b8f0f061d91
tries to fix this issue but it's not complete.

This patch adds flags at the last necessary place.

Signed-off-by: He Zhe 
---
 recipes-tools/schedtool-dl/schedtool-dl.bb |  6 ++-
 ...-add-flags-to-parameters-of-sched_setattr.patch | 56 ++
 2 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 
recipes-tools/schedtool-dl/schedtool-dl/0001-schedtool-dl-add-flags-to-parameters-of-sched_setattr.patch

diff --git a/recipes-tools/schedtool-dl/schedtool-dl.bb 
b/recipes-tools/schedtool-dl/schedtool-dl.bb
index 578e5df..20c8919 100644
--- a/recipes-tools/schedtool-dl/schedtool-dl.bb
+++ b/recipes-tools/schedtool-dl/schedtool-dl.bb
@@ -3,13 +3,17 @@ SECTION = "devel"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=dc1f51f7ca94aebffb9b3663d82873ec"
 
-SRC_URI = "git://github.com/jlelli/schedtool-dl.git;protocol=git"
+SRC_URI = "git://github.com/jlelli/schedtool-dl.git;protocol=git \
+   
file://0001-schedtool-dl-add-flags-to-parameters-of-sched_setattr.patch \
+  "
 SRCREV = "3ffb479929c31cbae09de08f94f58b8f0f061d91"
 
 S = "${WORKDIR}/git"
 
 EXTRA_OEMAKE = "'CC=${CC}'"
 
+TARGET_CC_ARCH += "${LDFLAGS}"
+
 do_compile() {
oe_runmake
 }
diff --git 
a/recipes-tools/schedtool-dl/schedtool-dl/0001-schedtool-dl-add-flags-to-parameters-of-sched_setattr.patch
 
b/recipes-tools/schedtool-dl/schedtool-dl/0001-schedtool-dl-add-flags-to-parameters-of-sched_setattr.patch
new file mode 100644
index 000..65d5059
--- /dev/null
+++ 
b/recipes-tools/schedtool-dl/schedtool-dl/0001-schedtool-dl-add-flags-to-parameters-of-sched_setattr.patch
@@ -0,0 +1,56 @@
+From c75ae0f6ac2bb9eb893cce82e93144e1b3c36389 Mon Sep 17 00:00:00 2001
+From: Qi Hou 
+Date: Wed, 16 Mar 2016 05:44:40 +
+Subject: [PATCH] schedtool-dl: add flags to parameters of sched_setattr
+
+git://github.com/jlelli/schedtool-dl.git;protocol=git
+commit 3ffb479929c31cbae09de08f94f58b8f0f061d91
+
+The commit numbered as 3ffb479 has adapted to the very last changes to the 
ABI,except for the
+syscall of sched_setattr.
+
+While executing schedtool,there was an error,like below:
+
+root@128:/opt/wr-test/testcases/kts/edf# schedtool -E -t 8000:1 -e yes
+ERROR: could not set PID 1731 to E: SCHED_DEADLINE - value out of range / 
policy not implemented
+
+The cause of this case is that the syscall of sched_setattr is declared with 3 
parameters,but in
+the use of it in schedtool,there was only two parameters.So to adapt this 
declaration,we should
+add one more parameter,flags,when calling sched_setattr.
+
+In kernel source file kernel/sched/core.c,the declaration of the syscall of 
sched_setattr like below:
+/**
+ * sys_sched_setattr - same as above, but with extended sched_attr
+ * @pid: the pid in question.
+ * @uattr: structure containing the extended parameters.
+ * @flags: for future extension.
+ */
+ SYSCALL_DEFINE3(sched_setattr, pid_t, pid, struct sched_attr __user *, uattr,
+unsigned int, flags)
+ {
+   ...
+ }
+
+In schedtool-dl source file syscall_magic.h,the use of sched_setattr like 
below:
+syscall(__NR_sched_setattr, pid, attr)
+
+Upstream-Status: Backport
+
+Signed-off-by: Qi Hou 
+---
+ syscall_magic.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/syscall_magic.h b/syscall_magic.h
+index 7dcb967..2735dfb 100644
+--- a/syscall_magic.h
 b/syscall_magic.h
+@@ -76,4 +76,4 @@ struct sched_attr {
+   syscall(__NR_sched_getattr, pid, attr, size, flags)
+ 
+ #define sched_setattr(pid, attr, flags) \
+-  syscall(__NR_sched_setattr, pid, attr)
++  syscall(__NR_sched_setattr, pid, attr,flags)
+-- 
+1.9.1
+
-- 
2.8.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

Re: [OE-core] [PATCH 2/2] kernel: user defined KERNEL_VERSION_PKG_NAME

[Razvan Heghedus]

On 06/28/2017 04:29 AM, Bruce Ashfield wrote:



On Tue, Jun 27, 2017 at 5:15 AM, Razvan Heghedus 
> wrote:




On 06/26/2017 06:52 PM, Bruce Ashfield wrote:



On Wed, Jun 21, 2017 at 8:00 AM, Heghedus Razvan
> wrote:

Add possibility to set KERNEL_VERSION_PKG_NAME to a user
defined value.

Signed-off-by: Heghedus Razvan >
---
 meta/classes/kernel.bbclass | 8 ++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/meta/classes/kernel.bbclass
b/meta/classes/kernel.bbclass
index 605c101e62..02728d5a86 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -28,12 +28,16 @@ INITRAMFS_IMAGE_BUNDLE ?= ""
 # LINUX_VERSION which is a constant.
 KERNEL_VERSION_NAME = "${@d.getVar('KERNEL_VERSION') or "
"}"
 KERNEL_VERSION_NAME[vardepvalue] = "${LINUX_VERSION}"
-KERNEL_VERSION_PKG_NAME =
"${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}"
-KERNEL_VERSION_PKG_NAME[vardepvalue] = "${LINUX_VERSION}"

 python __anonymous () {
 import re

+if d.getVar('USER_KERNEL_VERSION_PKG') is None :
+d.setVar('KERNEL_VERSION_PKG_NAME',
"${@legitimize_package_name(d.getVar('KERNEL_VERSION'))}")
+d.setVar('KERNEL_VERSION_PKG_NAME[vardepvalue]',
"${LINUX_VERSION}")
+else:
+d.setVar('KERNEL_VERSION_PKG_NAME',
"${@legitimize_package_name(d.getVar('USER_KERNEL_VERSION_PKG'))}")


This is introducing yet another variable that tweaks the already
complex setting of
the kernel version. Not to mention this code is already touchy
with respect to
parse time and rebuilding of the kernel.

My concern is that if this is set, we are completely
disassociated with the source
code of the kernel.

Where did you think this would be set ? local.conf ? distro
config ? somewhere else ?

If we had a way to simply override KERNEL_VERSION, we wouldn't
need any extra
variables.

Bruce

+
 # Merge KERNEL_IMAGETYPE and KERNEL_ALT_IMAGETYPE into
KERNEL_IMAGETYPES
 type = d.getVar('KERNEL_IMAGETYPE') or ""
 alttype = d.getVar('KERNEL_ALT_IMAGETYPE') or ""
--
2.13.1

--
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org

http://lists.openembedded.org/mailman/listinfo/openembedded-core





-- 
"Thou shalt not follow the NULL pointer, for chaos and madness

await thee at its end"

I have setting the variable in the kernel recipe. I need a way to
override the KERNEL_VERSION because I want the kernel packages
name to contain only a part of the version or nothing at all.
I need this for the the kernel upgrade stuff, because if the
package name is something like: kernel-4.9.8-{static_string} then
I couldn't upgrade to a version like:
kernel-4.9.10-{static_string}, because they are two different
packages. I wanted a simple way to be able to have the package
name : kernel-4.9-{static_string}, then I could do the upgrade for
the new minor updates of the kernel.


I could have sworn this (upgrading) was already possible via the 
version string we
are currently using.  i.e. the PV is already picked up from the kernel 
source, and

that should be doing the job.

i.e. when I unpack my 
kernel-image-bzimage-4.10.15-yocto-standard_4.10.15+git0+4d929fac34_d2c1ed3c0c-r0_qemux86_64.ipk

package, I see that it has:

 Version: 4.10.15+git0+4d929fac34_d2c1ed3c0c-r0
 but obviously has the general provides: Provides: kernel-image-bzimage

So that should be upgradable based on the version ... sure they have 
different names, but the provides

and versions take care of things.

The versioning, ability to install multiple kernels, upgrades, etc, 
have really churned

these variables making them a mess to read.

I'm probably misunderstanding your use case and error, can you 
elaborate for me
and/or provide a log ? I'm more of a kernel guy than a package format 
guy .. so

I'm probably missing something obvious.

Bruce

If I build a genericx86_64 core-image_sato without this patch, only with 
the other patch which add the versions(only the parts that are in round 
parenthesis) I have the following packages:


Package: kernel-4.10.9-yocto-standard
Version: 4.10.9+git0+ad2e885015_fe0fb8da3d-r0
Depends: kernel-image-4.10.9-yocto-standard (= 

Re: [OE-core] [PATCH 1/2] kernel: add package version in dependencies for kernel packages

[Razvan Heghedus]

On 06/28/2017 04:10 AM, Bruce Ashfield wrote:



On Tue, Jun 27, 2017 at 4:51 AM, Razvan Heghedus 
> wrote:




On 06/26/2017 06:50 PM, Bruce Ashfield wrote:



On Wed, Jun 21, 2017 at 8:00 AM, Heghedus Razvan
> wrote:

Make all dependencies from kernel family packages which depend
on another kernel related package to depend on the same version.
This creates a consistent state where kernel, kernel images and
kernel modules have the same version, making a kernel upgrade
leading to upgrades of the image and modules.

The upgrade works only if the KERNEL_VERSION_PKG_NAME remains
the same for the newer versions.

Signed-off-by: Heghedus Razvan >
---
 meta/classes/kernel-module-split.bbclass |  7 ---
 meta/classes/kernel.bbclass  | 15 +--
 meta/recipes-kernel/linux/linux-yocto.inc |  4 
 3 files changed, 17 insertions(+), 9 deletions(-)

diff --git a/meta/classes/kernel-module-split.bbclass
b/meta/classes/kernel-module-split.bbclass
index 5e10dcf735..e247e66901 100644
--- a/meta/classes/kernel-module-split.bbclass
+++ b/meta/classes/kernel-module-split.bbclass
@@ -33,7 +33,7 @@ PACKAGESPLITFUNCS_prepend =
"split_kernel_module_packages "
 KERNEL_MODULES_META_PACKAGE ?= "kernel-modules"

 KERNEL_MODULE_PACKAGE_PREFIX ?= ""
-KERNEL_MODULE_PACKAGE_SUFFIX ?= "-${KERNEL_VERSION}"
+KERNEL_MODULE_PACKAGE_SUFFIX ?= "-${KERNEL_VERSION_PKG_NAME}"
 KERNEL_MODULE_PROVIDE_VIRTUAL ?= "1"

 python split_kernel_module_packages () {
@@ -114,6 +114,7 @@ python split_kernel_module_packages () {
 for dep in vals["depends"].split(","):
 on = legitimize_package_name(dep)
 dependency_pkg = format % on
+dependency_pkg += '
${@get_full_package_version(d)}'
 modinfo_deps.append(dependency_pkg)
 for dep in modinfo_deps:
 if not dep in rdepends:
@@ -138,10 +139,10 @@ python split_kernel_module_packages () {
 postinst = d.getVar('pkg_postinst_modules')
 postrm = d.getVar('pkg_postrm_modules')

-modules = do_split_packages(d,
root='${nonarch_base_libdir}/modules',
file_regex=module_regex, output_pattern=module_pattern,
description='%s kernel module', postinst=postinst,
postrm=postrm, recursive=True, hook=frob_metadata,
extra_depends='kernel-%s' % (d.getVar("KERNEL_VERSION")))
+modules = do_split_packages(d,
root='${nonarch_base_libdir}/modules',
file_regex=module_regex, output_pattern=module_pattern,
description='%s kernel module', postinst=postinst,
postrm=postrm, recursive=True, hook=frob_metadata,
extra_depends='kernel-%s %s' %
(d.getVar("KERNEL_VERSION_PKG_NAME"),
get_full_package_version(d)))
 if modules:
 metapkg = d.getVar('KERNEL_MODULES_META_PACKAGE')
-d.appendVar('RDEPENDS_' + metapkg, ' '+'
'.join(modules))
+d.appendVar('RDEPENDS_' + metapkg, ' '+'
'.join(['{0} {1}'.format(module, get_full_package_version(d))
for module in modules]))

 # If modules-load.d and modprobe.d are empty at this
point, remove them to
 # avoid warnings. removedirs only raises an OSError if
an empty
diff --git a/meta/classes/kernel.bbclass
b/meta/classes/kernel.bbclass
index 7a134d5c29..605c101e62 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -55,7 +55,7 @@ python __anonymous () {

 d.setVar('FILES_kernel-image-' + typelower, '/' +
imagedest + '/' + type + '-${KERNEL_VERSION_NAME}')

-d.appendVar('RDEPENDS_kernel-image', ' ' +
'kernel-image-' + typelower)
+d.appendVar('RDEPENDS_kernel-image', ' ' +
'kernel-image-' + typelower + ' ${@get_full_package_version(d)}')

 d.setVar('PKG_kernel-image-' + typelower,
'kernel-image-' + typelower + '-${KERNEL_VERSION_PKG_NAME}')

@@ -493,14 +493,17 @@ FILES_kernel-image = ""
 FILES_kernel-dev = "/boot/System.map* /boot/Module.symvers*
/boot/config* ${KERNEL_SRC_PATH}
${nonarch_base_libdir}/modules/${KERNEL_VERSION}/build"
 FILES_kernel-vmlinux = "/boot/vmlinux-${KERNEL_VERSION_NAME}"
 FILES_kernel-modules = ""
-RDEPENDS_kernel = "kernel-base"
+RDEPENDS_kernel = "kernel-base ${@get_full_package_version(d)}"


Is that really supposed to be a space, 

Re: [OE-core] [PATCH v2 0/5] #11662 - wic should mount /boot

[Ed Bartosh]

On Wed, Jun 28, 2017 at 10:32:27AM -0300, Otavio Salvador wrote:
> On Wed, Jun 28, 2017 at 4:31 AM, Ed Bartosh  
> wrote:
> > On Tue, Jun 27, 2017 at 05:41:45PM -0300, Fabio Berton wrote:
> >> The last patch I sent is here:
> >> https://patchwork.openembedded.org/patch/139252/
> >>
> >> We're using this patch internally with Pyro branch. I can rework to
> >> apply on master.
> >>
> >> On 06/27/2017 05:35 PM, Otavio Salvador wrote:
> >> >On Tue, Jun 27, 2017 at 10:28 AM, Ed Bartosh  
> >> >wrote:
> >> >>The patchset also fixes long standing bug: wic updated fstab
> >> >>inplace in rootfs directory. This causes other tasks working with
> >> >>rootfs directory to produce incorrect results or crash. This is
> >> >>fixed by copying rootfs to the temporary directory before updating
> >> >>fstab.
> >> >
> >> >As you is working on this, please also include Fabio's patch on the
> >> >patchset. It includes a command like option to disable fstab change at
> >> >all. For delta-based updates this is imperative.
> >> >
> >> >Fabio, could you point him the last patch revision?
> >> >
> >
> > Do we really need that?
> >
> > JFYI: Mount point in .wks is an optional field. It makes sense to use it 
> > only
> > if partition needs to be mounted on boot. fstab will not be updated
> > unless it's explicitly requested by specifying mount points in .wks
> 
> It should have support to not touch it. For images which we intend to
> do delta updates, the content cannot be changed besides the original
> rootfs generation. So yes, we need that.

I'm not sure I understand this. If you don't want fstab to be changed
you should not specify mount points in .wks
There is only one reason to have mount points in .wks: to make wic to
change /etc/fstab, which you apparently don't want. So, don't specify
mount points and you'll have what you want.

Having additional option for this looks redundand to me.

--
Regards,
Ed
-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] expat: upgrade to 2.2.1

[Dengke Du]

Signed-off-by: Dengke Du 
---
 meta/recipes-core/expat/expat_2.2.0.bb | 5 -
 meta/recipes-core/expat/expat_2.2.1.bb | 5 +
 2 files changed, 5 insertions(+), 5 deletions(-)
 delete mode 100644 meta/recipes-core/expat/expat_2.2.0.bb
 create mode 100644 meta/recipes-core/expat/expat_2.2.1.bb

diff --git a/meta/recipes-core/expat/expat_2.2.0.bb 
b/meta/recipes-core/expat/expat_2.2.0.bb
deleted file mode 100644
index ef21a111a4..00
--- a/meta/recipes-core/expat/expat_2.2.0.bb
+++ /dev/null
@@ -1,5 +0,0 @@
-require expat.inc
-LIC_FILES_CHKSUM = "file://COPYING;md5=9c3ee559c6f9dcee1043ead112139f4f"
-
-SRC_URI[md5sum] = "2f47841c829facb346eb6e3fab5212e2"
-SRC_URI[sha256sum] = 
"d9e50ff2d19b3538bd2127902a89987474e1a4db8e43a66a4d1a712ab9a504ff"
diff --git a/meta/recipes-core/expat/expat_2.2.1.bb 
b/meta/recipes-core/expat/expat_2.2.1.bb
new file mode 100644
index 00..47827c5576
--- /dev/null
+++ b/meta/recipes-core/expat/expat_2.2.1.bb
@@ -0,0 +1,5 @@
+require expat.inc
+LIC_FILES_CHKSUM = "file://COPYING;md5=5b8620d98e49772d95fc1d291c26aa79"
+
+SRC_URI[md5sum] = "d9c3baeab58774cefc2f04faf29f2cf8"
+SRC_URI[sha256sum] = 
"1868cadae4c82a018e361e2b2091de103cd820aaacb0d6cfa49bd2cd83978885"
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1] expat: upgrade to 2.2.1

[Dengke Du]

The following changes since commit abc7131777e8ea8e6aacc5118bbb5c24883c0ead:

  lz4: Add patch to fix re-builds (2017-06-28 20:55:09 +0100)

are available in the git repository at:

  https://github.com/DengkeDu/openembedded-core.git 
dengke/expat-upgrade-to-2.2.1

Dengke Du (1):
  expat: upgrade to 2.2.1

 meta/recipes-core/expat/expat_2.2.0.bb | 5 -
 meta/recipes-core/expat/expat_2.2.1.bb | 5 +
 2 files changed, 5 insertions(+), 5 deletions(-)
 delete mode 100644 meta/recipes-core/expat/expat_2.2.0.bb
 create mode 100644 meta/recipes-core/expat/expat_2.2.1.bb

-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core