[OE-core] [PATCH 3/3] initscripts: disable mountall.sh for busybox init

[wenzong.fan]

From: Wenzong Fan 

Disable 'mountall.sh' to avoid system halt while the init manager is
set as 'busybox'.

In busybox init, the 'SIGUSR1' was handled as 'halt', calling to the
'mountall.sh' would trigger the signal with:
  + kill -USR1 1

This works fine for sysvinit but will fail with the busybox init.

As a replacement, busybox provides 'inittab' to mount all of those:
  ::sysinit:/bin/mount -t proc proc /proc
  ::sysinit:/bin/mount -t sysfs sysfs /sys
  ::sysinit:/bin/mount -t devtmpfs devtmpfs /dev
  ::sysinit:/bin/mount -o remount,rw /
  ::sysinit:/bin/mkdir -p /dev/pts
  ::sysinit:/bin/mount -t devpts devpts /dev/pts
  ::sysinit:/bin/mount -a

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/initscripts/initscripts_1.0.bb | 11 ---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb 
b/meta/recipes-core/initscripts/initscripts_1.0.bb
index fea4f22e95..9a79858a87 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -8,13 +8,13 @@ PR = "r155"
 
 INHIBIT_DEFAULT_DEPS = "1"
 
+MOUNTALL_SH = 
"${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','busybox','','file://mountall.sh',d)}"
 SRC_URI = "file://functions \
file://halt \
file://umountfs \
file://devpts.sh \
file://devpts \
file://hostname.sh \
-   file://mountall.sh \
file://banner.sh \
file://bootmisc.sh \
file://mountnfs.sh \
@@ -35,6 +35,7 @@ SRC_URI = "file://functions \
file://dmesg.sh \
file://logrotate-dmesg.conf \

${@bb.utils.contains('DISTRO_FEATURES','selinux','file://sushell','',d)} \
+   ${MOUNTALL_SH} \
 "
 
 S = "${WORKDIR}"
@@ -88,7 +89,9 @@ do_install () {
install -m 0755${WORKDIR}/checkroot.sh  ${D}${sysconfdir}/init.d
install -m 0755${WORKDIR}/halt  ${D}${sysconfdir}/init.d
install -m 0755${WORKDIR}/hostname.sh   ${D}${sysconfdir}/init.d
-   install -m 0755${WORKDIR}/mountall.sh   ${D}${sysconfdir}/init.d
+   if [ -n "${MOUNTALL_SH}" ]; then
+   install -m 0755${WORKDIR}/mountall.sh   
${D}${sysconfdir}/init.d
+   fi
install -m 0755${WORKDIR}/mountnfs.sh   ${D}${sysconfdir}/init.d
install -m 0755${WORKDIR}/reboot${D}${sysconfdir}/init.d
install -m 0755${WORKDIR}/rmnologin.sh  ${D}${sysconfdir}/init.d
@@ -136,7 +139,9 @@ do_install () {
update-rc.d -r ${D} save-rtc.sh start 25 0 6 .
update-rc.d -r ${D} banner.sh start 02 S .
update-rc.d -r ${D} checkroot.sh start 06 S .
-   update-rc.d -r ${D} mountall.sh start 03 S .
+   if [ -n "${MOUNTALL_SH}" ]; then
+   update-rc.d -r ${D} mountall.sh start 03 S .
+   fi
update-rc.d -r ${D} hostname.sh start 39 S .
update-rc.d -r ${D} mountnfs.sh start 15 2 3 4 5 .
update-rc.d -r ${D} bootmisc.sh start 36 S .
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/3] initscripts: minor fixes to checkroot.sh

[wenzong.fan]

From: Wenzong Fan 

Fix checkroot.sh issue while booting:
  sh: no: unknown operand

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
index c879f9e519..bf6136cc42 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
@@ -74,9 +74,9 @@ test "$VERBOSE" != no && echo "Activating swap"
 #
 # Check the root filesystem.
 #
-if test -f /fastboot || test $rootcheck = no
+if test -f /fastboot || test "$rootcheck" = no
 then
-  test $rootcheck = yes && echo "Fast boot, no filesystem check"
+  test "$rootcheck" = yes && echo "Fast boot, no filesystem check"
 else
   #
   # Ensure that root is quiescent and read-only before fsck'ing.
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/3] initscripts: Check for the existence of /etc/default/rcS

[wenzong.fan]

From: Wenzong Fan 

/etc/default/rcS might be missing if the init manager is not sysvinit,
we have to check for the existence of this file before sourcing it.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh  | 2 +-
 meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh   | 2 +-
 meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh | 2 +-
 meta/recipes-core/initscripts/initscripts-1.0/mountall.sh  | 2 +-
 meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh | 2 +-
 meta/recipes-core/initscripts/initscripts-1.0/urandom  | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
index df553bc079..8f1853a667 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
@@ -8,7 +8,7 @@
 # Short-Description: Misc and other.
 ### END INIT INFO
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 #
 # Put a nologin file in /etc to prevent people from logging in before
 # system startup is complete.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh
index 62869451b7..d1c4d6c017 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh
@@ -8,7 +8,7 @@
 # Short-Description: Check all other file systems
 ### END INIT INFO
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 
 #
 # Check the rest of the filesystems.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
index 02f0351fcb..c879f9e519 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh
@@ -8,7 +8,7 @@
 # Short-Description: Check to root file system.
 ### END INIT INFO
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 
 #
 # Set SULOGIN in /etc/default/rcS to yes if you want a sulogin to be spawned
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/mountall.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/mountall.sh
index c719be5d9a..94c1f1a141 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/mountall.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/mountall.sh
@@ -9,7 +9,7 @@
 # Description:
 ### END INIT INFO
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 
 #
 # Mount local filesystems in /etc/fstab. For some reason, people
diff --git 
a/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh 
b/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
index 1a0328d63e..c001778e18 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/read-only-rootfs-hook.sh
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 
 [ "$ROOTFS_READ_ONLY" = "no" ] && exit 0
 
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/urandom 
b/meta/recipes-core/initscripts/initscripts-1.0/urandom
index af1625b5fd..e9b84a9d11 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/urandom
+++ b/meta/recipes-core/initscripts/initscripts-1.0/urandom
@@ -15,7 +15,7 @@ test -c /dev/urandom || exit 0
 
 RANDOM_SEED_FILE=/var/lib/urandom/random-seed
 
-. /etc/default/rcS
+[ -f /etc/default/rcS ] && . /etc/default/rcS
 [ -f /etc/default/urandom ] && . /etc/default/urandom
 
 case "$1" in
-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/3] initscripts: fixes for booting with busybox init

[wenzong.fan]

From: Wenzong Fan 

* check for the existence of /etc/default/rcS
* minor fixes to checkroot.sh
* disable mountall.sh for busybox init

The following changes since commit 5dacc5516718efdf0a470e074a5c05b1ecf8cc15:

  bitbake: main: Give a user readable error if we can't locate topdir 
(2017-10-31 09:09:21 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/initscripts
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/initscripts

Wenzong Fan (3):
  initscripts: Check for the existence of /etc/default/rcS
  initscripts: minor fixes to checkroot.sh
  initscripts: disable mountall.sh for busybox init

 meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh |  2 +-
 meta/recipes-core/initscripts/initscripts-1.0/checkfs.sh  |  2 +-
 meta/recipes-core/initscripts/initscripts-1.0/checkroot.sh|  6 +++---
 meta/recipes-core/initscripts/initscripts-1.0/mountall.sh |  2 +-
 .../initscripts/initscripts-1.0/read-only-rootfs-hook.sh  |  2 +-
 meta/recipes-core/initscripts/initscripts-1.0/urandom |  2 +-
 meta/recipes-core/initscripts/initscripts_1.0.bb  | 11 ---
 7 files changed, 16 insertions(+), 11 deletions(-)

-- 
2.11.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] sqlite3: fix CVE-2017-13685

[wenzong.fan]

From: Wenzong Fan 

The dump_callback function in SQLite 3.20.0 allows remote attackers to
cause a denial of service (EXC_BAD_ACCESS and application crash) via a
crafted file.

Backport patch to fix the issue. Some references:
https://sqlite.org/src/info/02f0f4c54f2819b3
http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html

Signed-off-by: Wenzong Fan 
---
 .../sqlite/files/sqlite3-fix-CVE-2017-13685.patch  | 57 ++
 meta/recipes-support/sqlite/sqlite3_3.20.0.bb  |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 
meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch

diff --git a/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch 
b/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
new file mode 100644
index 00..aac428c821
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
@@ -0,0 +1,57 @@
+Fix CVE-2017-13685
+
+The dump_callback function in SQLite 3.20.0 allows remote attackers to
+cause a denial of service (EXC_BAD_ACCESS and application crash) via a
+crafted file.
+
+References:
+https://sqlite.org/src/info/02f0f4c54f2819b3
+http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
+
+Upstream-Status: Backport [https://sqlite.org/src/info/cf0d3715caac9149]
+
+CVE: CVE-2017-13685
+
+Signed-off-by: Wenzong Fan 
+
+Index: src/shell.c
+==
+--- src/shell.c
 src/shell.c
+@@ -2657,10 +2657,11 @@
+   int *aiType  /* Column types */
+ ){
+   int i;
+   ShellState *p = (ShellState*)pArg;
+ 
++  if( azArg==0 ) return 0;
+   switch( p->cMode ){
+ case MODE_Line: {
+   int w = 5;
+   if( azArg==0 ) break;
+   for(i=0; in ) appendText(p, "|", 0);
+   for(i=0; ihttp://www.sqlite.org/2017/sqlite-autoconf-${SQLITE_PV}.tar.gz \
+  file://sqlite3-fix-CVE-2017-13685.patch \
   "
 SRC_URI[md5sum] = "e262a28b73cc330e7e83520c8ce14e4d"
 SRC_URI[sha256sum] = 
"3814c6f629ff93968b2b37a70497cfe98b366bf587a2261a56a5f750af6ae6a0"
-- 
2.13.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] tcl: remove host path from tclConfig.sh

[wenzong.fan]

From: Wenzong Fan 

The tclConfig.sh is also used by other packages (such as expect) for
cross-compiling, the host path from it can't be removed directly in
the do_install step.

With PACKAGE_PREPROCESS_FUNCS to remove host path and avoid the
crossscripts installed to target.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-devtools/tcltk/tcl_8.6.7.bb | 13 +
 1 file changed, 13 insertions(+)

diff --git a/meta/recipes-devtools/tcltk/tcl_8.6.7.bb 
b/meta/recipes-devtools/tcltk/tcl_8.6.7.bb
index d00d2dc62b..dac73be6e7 100644
--- a/meta/recipes-devtools/tcltk/tcl_8.6.7.bb
+++ b/meta/recipes-devtools/tcltk/tcl_8.6.7.bb
@@ -86,3 +86,16 @@ BINCONFIG_GLOB = "*Config.sh"
 
 # Fix the path in sstate
 SSTATE_SCAN_FILES += "*Config.sh"
+
+# Cleanup host path from ${libdir}/tclConfig.sh and remove the
+# ${bindir_crossscripts}/tclConfig.sh from target
+PACKAGE_PREPROCESS_FUNCS += "tcl_package_preprocess"
+tcl_package_preprocess() {
+   sed -i -e "s;${DEBUG_PREFIX_MAP};;g" \
+  -e "s;-L${STAGING_LIBDIR};-L${libdir};g" \
+  -e "s;${STAGING_INCDIR};${includedir};g" \
+  -e "s;--sysroot=${RECIPE_SYSROOT};;g" \
+  ${PKGD}${libdir}/tclConfig.sh
+
+   rm -f ${PKGD}${bindir_crossscripts}/tclConfig.sh
+}
-- 
2.13.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] kernel.bbclass: build host programs with native sysroots

[wenzong.fan]

From: Wenzong Fan 

Allow to search header files and libs from native sysroots.

For example, an expanded BUILD_CFLAGS includes:
  '-isystem/builddir/to/linux-yocto/recipe-sysroot-native/usr/include'

And an expanded BUILD_LDFLAGS includes:
  '-L/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
   -Wl,-rpath-link,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib
   -Wl,-rpath,/builddir/to/linux-yocto/recipe-sysroot-native/usr/lib'

Signed-off-by: Wenzong Fan 
---
 meta/classes/kernel.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 02a5e961cb..5a2f23e3a8 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -155,7 +155,7 @@ UBOOT_LOADADDRESS ?= "${UBOOT_ENTRYPOINT}"
 # Some Linux kernel configurations need additional parameters on the command 
line
 KERNEL_EXTRA_ARGS ?= ""
 
-EXTRA_OEMAKE = " HOSTCC="${BUILD_CC}" HOSTCPP="${BUILD_CPP}""
+EXTRA_OEMAKE = " HOSTCC="${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS}" 
HOSTCPP="${BUILD_CPP}""
 KERNEL_ALT_IMAGETYPE ??= ""
 
 copy_initramfs() {
-- 
2.13.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] subversion: fix CVE-2017-9800

[wenzong.fan]

From: Wenzong Fan 

A maliciously constructed svn+ssh:// URL would cause Subversion clients
before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3
to run an arbitrary shell command. Such a URL could be generated by a
malicious server, by a malicious user committing to a honest server(to
attack another user of that server's repositories), or by a proxy
server.

The vulnerability affects all clients, including those that use
file://, http://, and plain (untunneled) svn://.

Backport patch from:
http://svn.apache.org/viewvc?view=revision&sortby=rev&revision=1804691

Reference:
http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

Signed-off-by: Wenzong Fan 
---
 .../subversion/subversion/CVE-2017-9800.patch  | 136 +
 .../subversion/subversion_1.9.6.bb |   1 +
 2 files changed, 137 insertions(+)
 create mode 100644 
meta/recipes-devtools/subversion/subversion/CVE-2017-9800.patch

diff --git a/meta/recipes-devtools/subversion/subversion/CVE-2017-9800.patch 
b/meta/recipes-devtools/subversion/subversion/CVE-2017-9800.patch
new file mode 100644
index 00..0599c2badb
--- /dev/null
+++ b/meta/recipes-devtools/subversion/subversion/CVE-2017-9800.patch
@@ -0,0 +1,136 @@
+
+r1804691 | danielsh | 2017-08-10 11:14:13 -0700 (Thu, 10 Aug 2017) | 18 lines
+
+Fix CVE-2017-9800.
+
+See: https://subversion.apache.org/security/CVE-2017-0800-advisory.txt
+
+* subversion/libsvn_ra_svn/client.c
+  (svn_ctype.h): Include.
+  (find_tunnel_agent): Pass a "--" end-of-options guard to ssh.
+Expect the 'hostinfo' parameter to be URI-decoded.
+  (is_valid_hostinfo): New.
+  (ra_svn_open): Validate the hostname before using it.
+
+* subversion/libsvn_subr/config_file.c
+  (svn_config_ensure): Update the example configuration likewise.
+
+Patch by: philip
+Review by: danielsh
+   stsp
+   astieger (earlier version)
+
+Upstream-Status: Backport
+http://svn.apache.org/viewvc?view=revision&sortby=rev&revision=1804691
+
+CVE: CVE-2017-9800
+
+Signed-off-by: Wenzong Fan 
+---
+Index: subversion/libsvn_subr/config_file.c
+===
+--- subversion/libsvn_subr/config_file.c   (revision 1804690)
 subversion/libsvn_subr/config_file.c   (revision 1804691)
+@@ -1448,12 +1448,12 @@
+ "### passed to the tunnel agent as @.)  If the"  
NL
+ "### built-in ssh scheme were not predefined, it could be defined"   
NL
+ "### as:"
NL
+-"# ssh = $SVN_SSH ssh -q"
NL
++"# ssh = $SVN_SSH ssh -q --" 
NL
+ "### If you wanted to define a new 'rsh' scheme, to be used with"
NL
+ "### 'svn+rsh:' URLs, you could do so as follows:"   
NL
+-"# rsh = rsh"
NL
++"# rsh = rsh --" 
NL
+ "### Or, if you wanted to specify a full path and arguments:"
NL
+-"# rsh = /path/to/rsh -l myusername" 
NL
++"# rsh = /path/to/rsh -l myusername --"  
NL
+ "### On Windows, if you are specifying a full path to a command,"
NL
+ "### use a forward slash (/) or a paired backslash () as the"
NL
+ "### path separator.  A single backslash will be treated as an"  
NL
+Index: subversion/libsvn_ra_svn/client.c
+===
+--- subversion/libsvn_ra_svn/client.c  (revision 1804690)
 subversion/libsvn_ra_svn/client.c  (revision 1804691)
+@@ -46,6 +46,7 @@
+ #include "svn_props.h"
+ #include "svn_mergeinfo.h"
+ #include "svn_version.h"
++#include "svn_ctype.h"
+ 
+ #include "svn_private_config.h"
+ 
+@@ -398,7 +399,7 @@
+* versions have it too. If the user is using some other ssh
+* implementation that doesn't accept it, they can override it
+* in the [tunnels] section of the config. */
+-  val = "$SVN_SSH ssh -q";
++  val = "$SVN_SSH ssh -q --";
+ }
+ 
+   if (!val || !*val)
+@@ -443,7 +444,7 @@
+   for (n = 0; cmd_argv[n] != NULL; n++)
+ argv[n] = cmd_argv[n];
+ 
+-  argv[n++] = svn_path_uri_decode(hostinfo, pool);
++  argv[n++] = hostinfo;
+   argv[n++] = "svnserve";
+   argv[n++] = "-t";
+   argv[n] = NULL;
+@@ -811,7 +812,33 @@
+ }
+ 
+ 
++/* A simple whitelist to ensure the following are valid:
++ *   user@server
++ *   [::1]:22
++ *   server-name
++ *   server_name
++ *   127.0.0.1
++ * with an extra restriction that a leading '-' is invalid.
++ */
++static svn_boolean_t
++is_valid_hostinfo(const char *hostinfo)
++{
++  const char *p = hostinfo;
+ 
++  if (p[0] == '-')
++return FALSE;
++
++  whi

[OE-core] [PATCH] curl: fix CVE-2017-1000099, 1000100, 1000101

[wenzong.fan]

From: Wenzong Fan 

Backport upstream commits to fix:
- CVE-2017-199
  https://curl.haxx.se/docs/adv_20170809C.html
  https://curl.haxx.se/CVE-2017-199.patch

- CVE-2017-1000100
  https://curl.haxx.se/docs/adv_20170809B.html
  https://curl.haxx.se/CVE-2017-1000100.patch

- CVE-2017-1000101
  https://curl.haxx.se/docs/adv_20170809A.html
  https://curl.haxx.se/CVE-2017-1000101.patch

Signed-off-by: Wenzong Fan 
---
 .../curl/curl/CVE-2017-199.patch   | 41 +
 .../curl/curl/CVE-2017-1000100.patch   | 51 +++
 .../curl/curl/CVE-2017-1000101.patch   | 99 ++
 meta/recipes-support/curl/curl_7.54.1.bb   |  3 +
 4 files changed, 194 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2017-199.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2017-1000100.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2017-1000101.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2017-199.patch 
b/meta/recipes-support/curl/curl/CVE-2017-199.patch
new file mode 100644
index 00..96ff1b064b
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2017-199.patch
@@ -0,0 +1,41 @@
+From c9332fa5e84f24da300b42b1a931ade929d3e27d Mon Sep 17 00:00:00 2001
+From: Even Rouault 
+Date: Tue, 1 Aug 2017 17:17:06 +0200
+Subject: [PATCH] file: output the correct buffer to the user
+
+Regression brought by 7c312f84ea930d8 (April 2017)
+
+CVE: CVE-2017-199
+
+Bug: https://curl.haxx.se/docs/adv_20170809C.html
+
+Credit to OSS-Fuzz for the discovery
+
+Upstream-Status: Backport
+https://github.com/curl/curl/commit/c9332fa5e84f24da300b42b1a931ade929d3e27d
+
+Signed-off-by: Wenzong Fan 
+---
+ lib/file.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/file.c b/lib/file.c
+index bd426eac2..666cbe75b 100644
+--- a/lib/file.c
 b/lib/file.c
+@@ -499,11 +499,11 @@ static CURLcode file_do(struct connectdata *conn, bool 
*done)
+  Curl_month[tm->tm_mon],
+  tm->tm_year + 1900,
+  tm->tm_hour,
+  tm->tm_min,
+  tm->tm_sec);
+-result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);
++result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0);
+ if(!result)
+   /* set the file size to make it available post transfer */
+   Curl_pgrsSetDownloadSize(data, expected_size);
+ return result;
+   }
+-- 
+2.13.3
+
diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000100.patch 
b/meta/recipes-support/curl/curl/CVE-2017-1000100.patch
new file mode 100644
index 00..f74f1dd896
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2017-1000100.patch
@@ -0,0 +1,51 @@
+From 358b2b131ad6c095696f20dcfa62b8305263f898 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg 
+Date: Tue, 1 Aug 2017 17:16:46 +0200
+Subject: [PATCH] tftp: reject file name lengths that don't fit
+
+... and thereby avoid telling send() to send off more bytes than the
+size of the buffer!
+
+CVE: CVE-2017-1000100
+
+Bug: https://curl.haxx.se/docs/adv_20170809B.html
+Reported-by: Even Rouault
+
+Credit to OSS-Fuzz for the discovery
+
+Upstream-Status: Backport
+https://github.com/curl/curl/commit/358b2b131ad6c095696f20dcfa62b8305263f898
+
+Signed-off-by: Wenzong Fan 
+---
+ lib/tftp.c |7 ++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/lib/tftp.c b/lib/tftp.c
+index 02bd842..f6f4bce 100644
+--- a/lib/tftp.c
 b/lib/tftp.c
+@@ -5,7 +5,7 @@
+  *| (__| |_| |  _ <| |___
+  * \___|\___/|_| \_\_|
+  *
+- * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al.
++ * Copyright (C) 1998 - 2017, Daniel Stenberg, , et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -491,6 +491,11 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, 
tftp_event_t event)
+ if(result)
+   return result;
+ 
++if(strlen(filename) > (state->blksize - strlen(mode) - 4)) {
++  failf(data, "TFTP file name too long\n");
++  return CURLE_TFTP_ILLEGAL; /* too long file name field */
++}
++
+ snprintf((char *)state->spacket.data+2,
+  state->blksize,
+  "%s%c%s%c", filename, '\0',  mode, '\0');
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000101.patch 
b/meta/recipes-support/curl/curl/CVE-2017-1000101.patch
new file mode 100644
index 00..c300fff00c
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2017-1000101.patch
@@ -0,0 +1,99 @@
+From 453e7a7a03a2cec749abd3878a48e728c515cca7 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg 
+Date: Tue, 1 Aug 2017 17:16:07 +0200
+Subject: [PATCH] glob: do not continue parsing after a strtoul() overflow
+ range
+
+Added test 1289 to verify.
+
+CVE: CVE-2017-1000101
+
+Bug: https://curl.haxx.se/docs/adv_20170809A.html
+Reported-by: Brian Carpe

[OE-core] [PATCH 0/1 v2] gdk-pixbuf: fix ptest RDEPENDS for multilib build

[wenzong.fan]

From: Wenzong Fan 

V2 changes:
* rebase patch for gdk-pixbuf 2.36.8
* add a short commit message

The following changes since commit 04dc76713b57f28457742dd863caa663591d4866:

  devtool/copy_buildsystem: adds meta-skeleton layer in the eSDK installation. 
(2017-08-19 22:15:39 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/gdk-pixbuf-v2
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/gdk-pixbuf-v2

Wenzong Fan (1):
  gdk-pixbuf: fix ptest RDEPENDS for multilib build

 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.8.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] gdk-pixbuf: fix ptest RDEPENDS for multilib build

[wenzong.fan]

From: Wenzong Fan 

Don't hardcode the package name, it could be gdk-pixbuf or
lib32-gdk-pixbuf.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb 
b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb
index 3d16ee0..14e63d9 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.8.bb
@@ -74,7 +74,7 @@ python populate_packages_prepend () {
 
 # The test suite exercises all the loaders, so ensure they are all
 # dependencies of the ptest package.
-d.appendVar("RDEPENDS_gdk-pixbuf-ptest", " " + packages)
+d.appendVar("RDEPENDS_%s-ptest" % d.getVar('PN', True), " " + packages)
 }
 
 do_install_append() {
-- 
2.8.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] sqlite3: upgrade to 3.2.0

[wenzong.fan]

From: Wenzong Fan 

* Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989:

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3,
as used in GDAL and other products, mishandles undersized RTree blobs
in a crafted database, leading to a heap-based buffer over-read or
possibly unspecified other impact.

https://nvd.nist.gov/vuln/detail/CVE-2017-10989

* LIC_FILES_CHKSUM updated for below changes:

  -** 2001 September 15
  +** 2001-09-15

Signed-off-by: Wenzong Fan 
---
 .../recipes-support/sqlite/{sqlite3_3.19.3.bb => sqlite3_3.20.0.bb} | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/sqlite/{sqlite3_3.19.3.bb => sqlite3_3.20.0.bb} 
(34%)

diff --git a/meta/recipes-support/sqlite/sqlite3_3.19.3.bb 
b/meta/recipes-support/sqlite/sqlite3_3.20.0.bb
similarity index 34%
rename from meta/recipes-support/sqlite/sqlite3_3.19.3.bb
rename to meta/recipes-support/sqlite/sqlite3_3.20.0.bb
index 89d439530f..417c36202d 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.19.3.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.20.0.bb
@@ -1,10 +1,10 @@
 require sqlite3.inc
 
 LICENSE = "PD"
-LIC_FILES_CHKSUM = 
"file://sqlite3.h;endline=11;md5=65f0a57ca6928710b418c094b3570bb0"
+LIC_FILES_CHKSUM = 
"file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
 
 SRC_URI = "\
   http://www.sqlite.org/2017/sqlite-autoconf-${SQLITE_PV}.tar.gz \
   "
-SRC_URI[md5sum] = "c93070d5bf136ce271db23d2dfbc2435"
-SRC_URI[sha256sum] = 
"06129c03dced9f87733a8cba408871bd60673b8f93b920ba8d815efab0a06301"
+SRC_URI[md5sum] = "e262a28b73cc330e7e83520c8ce14e4d"
+SRC_URI[sha256sum] = 
"3814c6f629ff93968b2b37a70497cfe98b366bf587a2261a56a5f750af6ae6a0"
-- 
2.13.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] libtasn1: CVE-2017-10790

[wenzong.fan]

From: Yue Tao 

The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes
a NULL pointer dereference and crash when reading crafted input that
triggers assignment of a NULL value within an asn1_node structure. It
may lead to a remote denial of service attack.

References:
https://nvd.nist.gov/vuln/detail/CVE-2017-10790
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;
h=d8d805e1f2e6799bb2dff4871a8598dc83088a39

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 .../gnutls/libtasn1/CVE-2017-10790.patch   | 63 ++
 meta/recipes-support/gnutls/libtasn1_4.12.bb   |  1 +
 2 files changed, 64 insertions(+)
 create mode 100644 meta/recipes-support/gnutls/libtasn1/CVE-2017-10790.patch

diff --git a/meta/recipes-support/gnutls/libtasn1/CVE-2017-10790.patch 
b/meta/recipes-support/gnutls/libtasn1/CVE-2017-10790.patch
new file mode 100644
index 00..be843808a2
--- /dev/null
+++ b/meta/recipes-support/gnutls/libtasn1/CVE-2017-10790.patch
@@ -0,0 +1,63 @@
+From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos 
+Date: Thu, 22 Jun 2017 16:31:37 +0200
+Subject: [PATCH] _asn1_check_identifier: safer access to values read
+
+Signed-off-by: Nikos Mavrogiannopoulos 
+
+http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;h=d8d805e1f2e6799bb2dff4871a8598dc83088a39
+Upstream-Status: Backport
+
+CVE: CVE-2017-10790
+
+Signed-off-by: Yue Tao 
+Signed-off-by: Wenzong Fan 
+---
+ lib/parser_aux.c |   17 -
+ 1 file changed, 12 insertions(+), 5 deletions(-)
+
+diff --git a/lib/parser_aux.c b/lib/parser_aux.c
+index 976ab38..786ea64 100644
+--- a/lib/parser_aux.c
 b/lib/parser_aux.c
+@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node)
+ if (p2 == NULL)
+   {
+ if (p->value)
+-  _asn1_strcpy (_asn1_identifierMissing, p->value);
++  _asn1_str_cpy (_asn1_identifierMissing, 
sizeof(_asn1_identifierMissing), (char*)p->value);
+ else
+   _asn1_strcpy (_asn1_identifierMissing, "(null)");
+ return ASN1_IDENTIFIER_NOT_FOUND;
+@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node)
+ if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))
+   {
+ _asn1_str_cpy (name2, sizeof (name2), node->name);
+-_asn1_str_cat (name2, sizeof (name2), ".");
+-_asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+-_asn1_strcpy (_asn1_identifierMissing, p2->value);
++if (p2->value)
++  {
++_asn1_str_cat (name2, sizeof (name2), ".");
++_asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
++_asn1_str_cpy (_asn1_identifierMissing, 
sizeof(_asn1_identifierMissing), (char*)p2->value);
++  }
++else
++  _asn1_strcpy (_asn1_identifierMissing, "(null)");
++
+ p2 = asn1_find_node (node, name2);
+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||
+ !(p2->type & CONST_ASSIGN))
+@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node)
+ _asn1_str_cpy (name2, sizeof (name2), node->name);
+ _asn1_str_cat (name2, sizeof (name2), ".");
+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);
+-_asn1_strcpy (_asn1_identifierMissing, p2->value);
++_asn1_str_cpy (_asn1_identifierMissing, 
sizeof(_asn1_identifierMissing), (char*)p2->value);
++
+ p2 = asn1_find_node (node, name2);
+ if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)
+ || !(p2->type & CONST_ASSIGN))
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-support/gnutls/libtasn1_4.12.bb 
b/meta/recipes-support/gnutls/libtasn1_4.12.bb
index cec1a9b156..7a7571ad3b 100644
--- a/meta/recipes-support/gnutls/libtasn1_4.12.bb
+++ b/meta/recipes-support/gnutls/libtasn1_4.12.bb
@@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
 SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \
file://dont-depend-on-help2man.patch \

file://0001-stdint.m4-reintroduce-GNULIB_OVERRIDES_WINT_T-check.patch \
+   file://CVE-2017-10790.patch \
"
 
 DEPENDS = "bison-native"
-- 
2.13.0

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] perl-native: process -fstack-protector-strong

[wenzong.fan]

From: Wenzong Fan 

perl-native provides configuration information for building host perl
modules. This information (includes CCFLAGS, LDFLAGS ...) is based on
the host gcc that used to build perl-native.

While using prebuild perl-native to build perl modules and meet:
1. the prebuild perl-native was built on a host that gcc includes
   option '-fstack-protector-strong';
   (such as CentOS 7 64bits, gcc version 4.8.5)
2. the perl modules (such as libdbi-perl-native) need to be built
   with host gcc;
3. the host gcc does not support '-fstack-protector-strong';
   (such as Ubuntu 14.04 64bits, gcc version 4.8.4)

Then below error occurs:

  gcc: error: unrecognized command line option \
  '-fstack-protector-strong'

Just re-check and replace the gcc option before sstate caches were
populated to sysroot for fixing the issue.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-devtools/perl/perl-native_5.24.0.bb | 12 
 1 file changed, 12 insertions(+)

diff --git a/meta/recipes-devtools/perl/perl-native_5.24.0.bb 
b/meta/recipes-devtools/perl/perl-native_5.24.0.bb
index af2ad7b..65d65cd 100644
--- a/meta/recipes-devtools/perl/perl-native_5.24.0.bb
+++ b/meta/recipes-devtools/perl/perl-native_5.24.0.bb
@@ -123,5 +123,17 @@ EOF
cat ${SYSROOT_DESTDIR}${bindir}/../nativeperl
 }
 
+SSTATEPOSTUNPACKFUNCS += "perl_sstate_postunpack"
+perl_sstate_postunpack() {
+if [ "${BB_CURRENTTASK}" = "populate_sysroot" -o "${BB_CURRENTTASK}" = 
"populate_sysroot_setscene" ]
+then
+tmpdir=`mktemp -d`
+echo "int main(void) { return 0; }" > $tmpdir/gcctest.c
+if ! ${CC} -fstack-protector-strong -o $tmpdir/gcctest 
$tmpdir/gcctest.c > /dev/null 2>&1; then
+sed -i -e 
's/fstack-protector-strong/fstack-protector/g' 
${BUILD_SYS}${libdir_native}/perl-native/perl/${PV}/Config_heavy.pl
+fi
+fi
+}
+
 # Fix the path in sstate
 SSTATE_SCAN_FILES += "*.pm *.pod *.h *.pl *.sh"
-- 
2.7.4

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gdk-pixbuf: fix ptest RDEPENDS for multilib build

[wenzong.fan]

From: Wenzong Fan 

Signed-off-by: Wenzong Fan 
---
 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.0.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.0.bb 
b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.0.bb
index a5ebeca..f69e888 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.0.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.36.0.bb
@@ -68,7 +68,7 @@ python populate_packages_prepend () {
 
 # The test suite exercises all the loaders, so ensure they are all
 # dependencies of the ptest package.
-d.appendVar("RDEPENDS_gdk-pixbuf-ptest", " " + packages)
+d.appendVar("RDEPENDS_%s-ptest" % d.getVar('PN', True), " " + packages)
 }
 
 do_install_append() {
-- 
2.8.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] at: fix configure option with/without-selinux

[wenzong.fan]

From: Wenzong Fan 

without-selinux doesn't work since WITH_SELINUX is always be defined no
matter which option is given: with-selinux, without-selinux.

This causes build errors if '--without-selinux' is used and libselinux
is not buildable in project:

  atd.c:87:29: fatal error: selinux/selinux.h: No such file or directory

Signed-off-by: Wenzong Fan 
---
 .../at/at/configure-fix-with-without-selinux.patch | 53 ++
 meta/recipes-extended/at/at_3.1.18.bb  |  1 +
 2 files changed, 54 insertions(+)
 create mode 100644 
meta/recipes-extended/at/at/configure-fix-with-without-selinux.patch

diff --git 
a/meta/recipes-extended/at/at/configure-fix-with-without-selinux.patch 
b/meta/recipes-extended/at/at/configure-fix-with-without-selinux.patch
new file mode 100644
index 000..389af1e
--- /dev/null
+++ b/meta/recipes-extended/at/at/configure-fix-with-without-selinux.patch
@@ -0,0 +1,53 @@
+From c02354af7f3d9426da31503abfae70952c699a9d Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Fri, 18 Mar 2016 03:23:11 -0400
+Subject: [PATCH] configure: fix with/without selinux
+
+Problem:
+without-selinux doesn't work since WITH_SELINUX is always be defined no
+matter which option is given: with-selinux, without-selinux.
+
+Fix:
+Disable selinux support if without-selinux is given; otherwise check
+libselinux to determine if selinux support should be enabled.
+
+Upstream-Status: Submitted [a...@packages.debian.org]
+
+Signed-off-by: Wenzong Fan 
+---
+ configure.ac | 19 +++
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5a43419..8c9de62 100644
+--- a/configure.ac
 b/configure.ac
+@@ -240,10 +240,21 @@ AC_ARG_WITH(daemon_username,
+ AC_SUBST(DAEMON_USERNAME)
+ 
+ AC_ARG_WITH(selinux,
+-[ --with-selinux   Define to run with selinux],
+-AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux]),
+-)
+-AC_CHECK_LIB(selinux, is_selinux_enabled, SELINUXLIB=-lselinux)
++[ --with-selinux   Define to run with selinux (default=check)],
++[],
++[with_selinux=check])
++
++if test "x$with_selinux" != xno; then
++  AC_CHECK_LIB([selinux], [is_selinux_enabled],
++[SELINUXLIB=-lselinux
++ AC_DEFINE(WITH_SELINUX, 1, [Define if you are building with_selinux])
++],
++[if test "x$with_selinux" != xcheck; then
++   AC_MSG_FAILURE([--with-selinux is given, but test for selinux failed])
++ fi
++]
++  )
++fi
+ AC_SUBST(SELINUXLIB)
+ AC_SUBST(WITH_SELINUX)
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/at/at_3.1.18.bb 
b/meta/recipes-extended/at/at_3.1.18.bb
index e83ea32..93044f5 100644
--- a/meta/recipes-extended/at/at_3.1.18.bb
+++ b/meta/recipes-extended/at/at_3.1.18.bb
@@ -25,6 +25,7 @@ SRC_URI = 
"${DEBIAN_MIRROR}/main/a/at/at_${PV}.orig.tar.gz;subdir=${BP} \
 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
 file://makefile-fix-parallel.patch \
 file://0001-remove-glibc-assumption.patch \
+file://configure-fix-with-without-selinux.patch \
 "
 
 PAM_SRC_URI = "file://pam.conf.patch \
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] msmtp: add gplv2 version

[wenzong.fan]

From: Wenzong Fan 

* add gplv2 version 1.4.12
* add patch msmtp-fixup-api-and-compiler-issues.patch to deal with
  issues:

  sysroots/qemux86-64/usr/include/
inttypes.h:290:8: error: unknown type name 'intmax_t'
inttypes.h:310:8: error: unknown type name 'uintmax_t'
inttypes.h:324:1: error: expected ',' or ';' before 'strtoimax'
inttypes.h:362:1: error: expected ',' or ';' before 'wcstoumax'
...

Signed-off-by: Wenzong Fan 
---
 .../msmtp-fixup-api-and-compiler-issues.patch  | 249 +
 meta/recipes-extended/msmtp/msmtp_1.4.12.bb|  34 +++
 2 files changed, 283 insertions(+)
 create mode 100644 
meta/recipes-extended/msmtp/msmtp-1.4.12/msmtp-fixup-api-and-compiler-issues.patch
 create mode 100644 meta/recipes-extended/msmtp/msmtp_1.4.12.bb

diff --git 
a/meta/recipes-extended/msmtp/msmtp-1.4.12/msmtp-fixup-api-and-compiler-issues.patch
 
b/meta/recipes-extended/msmtp/msmtp-1.4.12/msmtp-fixup-api-and-compiler-issues.patch
new file mode 100644
index 000..529a042
--- /dev/null
+++ 
b/meta/recipes-extended/msmtp/msmtp-1.4.12/msmtp-fixup-api-and-compiler-issues.patch
@@ -0,0 +1,249 @@
+fixup api and compiler issues
+
+sysroots/qemux86-64/usr/include/inttypes.h:290:8: error: unknown type name 
'intmax_t'
+sysroots/qemux86-64/usr/include/inttypes.h:310:8: error: unknown type name 
'uintmax_t'
+sysroots/qemux86-64/usr/include/inttypes.h:324:1: error: expected ',' or ';' 
before 'strtoimax'
+sysroots/qemux86-64/usr/include/inttypes.h:362:1: error: expected ',' or ';' 
before 'wcstoumax'
+
+Upstream-Status: Pending
+
+Signed-off-by: Morgan Little 
+Signed-off-by: Wenzong Fan 
+===
+diff -Naur msmtp-1.4.12/configure.ac msmtp-1.4.12-wrs/configure.ac
+--- msmtp-1.4.12/configure.ac  
 msmtp-1.4.12-wrs/configure.ac
+@@ -40,8 +40,8 @@
+ dnl System
+ case "${target}" in *-*-mingw32*) windows=yes ;; *) windows=no ;; esac
+ 
+-dnl gnulib 
+-gl_INIT
++#dnl gnulib 
++#gl_INIT
+ 
+ dnl Gettext
+ AM_GNU_GETTEXT([external])
+diff -Naur msmtp-1.4.12/gnulib/base64.c msmtp-1.4.12-wrs/gnulib/base64.c
+--- msmtp-1.4.12/gnulib/base64.c
 msmtp-1.4.12-wrs/gnulib/base64.c
+@@ -64,8 +64,8 @@
+possible.  If OUTLEN is larger than BASE64_LENGTH(INLEN), also zero
+terminate the output buffer. */
+ void
+-base64_encode (const char *restrict in, size_t inlen,
+- char *restrict out, size_t outlen)
++base64_encode (const char *in, size_t inlen,
++ char *out, size_t outlen)
+ {
+   static const char b64str[64] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+@@ -310,8 +310,8 @@
+that, when applicable, you must remove any line terminators that is
+part of the data stream before calling this function.  */
+ bool
+-base64_decode (const char *restrict in, size_t inlen,
+- char *restrict out, size_t *outlen)
++base64_decode (const char *in, size_t inlen,
++ char *out, size_t *outlen)
+ {
+   size_t outleft = *outlen;
+ 
+diff -Naur msmtp-1.4.12/gnulib/base64.h msmtp-1.4.12-wrs/gnulib/base64.h
+--- msmtp-1.4.12/gnulib/base64.h
 msmtp-1.4.12-wrs/gnulib/base64.h
+@@ -31,13 +31,13 @@
+ 
+ extern bool isbase64 (char ch);
+ 
+-extern void base64_encode (const char *restrict in, size_t inlen,
+- char *restrict out, size_t outlen);
++extern void base64_encode (const char *in, size_t inlen,
++ char *out, size_t outlen);
+ 
+ extern size_t base64_encode_alloc (const char *in, size_t inlen, char **out);
+ 
+-extern bool base64_decode (const char *restrict in, size_t inlen,
+- char *restrict out, size_t *outlen);
++extern bool base64_decode (const char *in, size_t inlen,
++ char *out, size_t *outlen);
+ 
+ extern bool base64_decode_alloc (const char *in, size_t inlen,
+char **out, size_t *outlen);
+diff -Naur msmtp-1.4.12/gnulib/Makefile.am msmtp-1.4.12-wrs/gnulib/Makefile.am
+--- msmtp-1.4.12/gnulib/Makefile.am
 msmtp-1.4.12-wrs/gnulib/Makefile.am
+@@ -59,20 +59,18 @@
+ 
+ ## begin gnulib module crypto/hmac-md5
+ 
++libgnu_a_SOURCES += hmac-md5.c
+ 
+ EXTRA_DIST += hmac-md5.c hmac.h
+ 
+-EXTRA_libgnu_a_SOURCES += hmac-md5.c
+-
+ ## end   gnulib module crypto/hmac-md5
+ 
+ ## begin gnulib module crypto/md5
+ 
++libgnu_a_SOURCES += md5.c
+ 
+ EXTRA_DIST += md5.c md5.h
+ 
+-EXTRA_libgnu_a_SOURCES += md5.c
+-
+ ## end   gnulib module crypto/md5
+ 
+ ## begin gnulib module getdelim
+@@ -149,11 +147,10 @@
+ 
+ ## begin gnulib module memxor
+ 
++libgnu_a_SOURCES += memxor.c
+ 
+ EXTRA_DIST += memxor.c memxor.h
+ 
+-EXTRA_libgnu_a_SOURCES += memxor.c
+-
+ ## end   gnulib module memxor
+ 
+ ## begin gnulib module size_max
+@@ -219,47 +216,6 @@
+ 
+ ## end   gnulib module stdint
+ 
+-## begin gnulib module stdio
+-
+-BUILT_SOURCES += stdio.h
+-
+-# We need the following in order to create  when the system
+-# doesn't have one that works with the given compiler.
+-stdio.h: stdio_.h
+-  

[OE-core] [PATCH] rpcbind: Security Advisory - rpcbind - CVE-2015-7236

[wenzong.fan]

From: Li Zhou 

rpcbind: Fix memory corruption in PMAP_CALLIT code

Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in
rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of
service (daemon crash) via crafted packets, involving a PMAP_CALLIT
code.

The patch comes from
, and it hasn't
been in rpcbind upstream yet.

Signed-off-by: Li Zhou 
Signed-off-by: Wenzong Fan 
---
 ...Fix_memory_corruption_in_PMAP_CALLIT_code.patch | 83 ++
 meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb |  1 +
 2 files changed, 84 insertions(+)
 create mode 100644 
meta/recipes-extended/rpcbind/rpcbind/rpcbind_Fix_memory_corruption_in_PMAP_CALLIT_code.patch

diff --git 
a/meta/recipes-extended/rpcbind/rpcbind/rpcbind_Fix_memory_corruption_in_PMAP_CALLIT_code.patch
 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind_Fix_memory_corruption_in_PMAP_CALLIT_code.patch
new file mode 100644
index 000..f156290
--- /dev/null
+++ 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind_Fix_memory_corruption_in_PMAP_CALLIT_code.patch
@@ -0,0 +1,83 @@
+commit 06f7ebb1dade2f0dbf872ea2bedf17cff4734bdd
+Author: Olaf Kirch 
+Date:   Thu Aug 6 16:27:20 2015 +0200
+
+Fix memory corruption in PMAP_CALLIT code
+
+ - A PMAP_CALLIT call comes in on IPv4 UDP
+ - rpcbind duplicates the caller's address to a netbuf and stores it in
+   FINFO[0].caller_addr. caller_addr->buf now points to a memory region A
+   with a size of 16 bytes
+ - rpcbind forwards the call to the local service, receives a reply
+ - when processing the reply, it does this in xprt_set_caller:
+ xprt->xp_rtaddr = *FINFO[0].caller_addr
+   It sends out the reply, and then frees the netbuf caller_addr and
+   caller_addr.buf.
+   However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers
+   to memory region A, which is free.
+ - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will
+   be called, which will set xp_rtaddr to the client's address.
+   It will reuse the buffer inside xp_rtaddr, ie it will write a
+   sockaddr_in to region A
+
+Some time down the road, an incoming TCP connection is accepted,
+allocating a fresh SVCXPRT. The memory region A is inside the
+new SVCXPRT
+
+ - While processing the TCP call, another UDP call comes in, again
+   overwriting region A with the client's address
+ - TCP client closes connection. In svc_destroy, we now trip over
+   the garbage left in region A
+
+We ran into the case where a commercial scanner was triggering
+occasional rpcbind segfaults. The core file that was captured showed
+a corrupted xprt->xp_netid pointer that was really a sockaddr_in.
+
+Signed-off-by: Olaf Kirch 
+
+Upstream-Status: Backport
+
+Signed-off-by: Li Zhou 
+---
+ src/rpcb_svc_com.c |   23 ++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+Index: rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
+===
+--- rpcbind-0.1.6+git20080930.orig/src/rpcb_svc_com.c
 rpcbind-0.1.6+git20080930/src/rpcb_svc_com.c
+@@ -1298,12 +1298,33 @@ check_rmtcalls(struct pollfd *pfds, int
+   return (ncallbacks_found);
+ }
+ 
++/*
++ * This is really a helper function defined in libtirpc, but unfortunately, 
it hasn't
++ * been exported yet.
++ */
++static struct netbuf *
++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len)
++{
++  if (nb->len != len) {
++  if (nb->len)
++  mem_free(nb->buf, nb->len);
++  nb->buf = mem_alloc(len);
++  if (nb->buf == NULL)
++  return NULL;
++
++  nb->maxlen = nb->len = len;
++  }
++  memcpy(nb->buf, ptr, len);
++  return nb;
++}
++
+ static void
+ xprt_set_caller(SVCXPRT *xprt, struct finfo *fi)
+ {
++  const struct netbuf *caller = fi->caller_addr;
+   u_int32_t *xidp;
+ 
+-  *(svc_getrpccaller(xprt)) = *(fi->caller_addr);
++  __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len);
+   xidp = __rpcb_get_dg_xidp(xprt);
+   *xidp = fi->caller_xid;
+ }
diff --git a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb 
b/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb
index 237018b..9b1c650 100644
--- a/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb
+++ b/meta/recipes-extended/rpcbind/rpcbind_0.2.3.bb
@@ -19,6 +19,7 @@ SRC_URI = 
"${SOURCEFORGE_MIRROR}/rpcbind/rpcbind-${PV}.tar.bz2 \
file://rpcbind.conf \
file://rpcbind.socket \
file://rpcbind.service \
+   file://rpcbind_Fix_memory_corruption_in_PMAP_CALLIT_code.patch \
   "
 MUSLPATCHES_libc-musl = "file://musl-sunrpc.patch"
 
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
h

[OE-core] [PATCH 2/2] subversion: fix CVE-2015-3187

[wenzong.fan]

From: Wenzong Fan 

The svn_repos_trace_node_locations function in Apache Subversion before
1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used,
allows remote authenticated users to obtain sensitive path information
by reading the history of a node that has been moved from a hidden path.

Patch is from:
http://subversion.apache.org/security/CVE-2015-3187-advisory.txt

Signed-off-by: Wenzong Fan 
---
 .../subversion-CVE-2015-3187.patch | 346 +
 .../subversion/subversion_1.8.13.bb|   1 +
 2 files changed, 347 insertions(+)
 create mode 100644 
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch

diff --git 
a/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
 
b/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
new file mode 100644
index 000..494e11c
--- /dev/null
+++ 
b/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch
@@ -0,0 +1,346 @@
+Fix CVE-2015-3187
+
+Patch is from:
+http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
+
+Upstream-Status: Backport
+
+Signed-off-by: Wenzong Fan 
+
+Index: subversion/libsvn_repos/rev_hunt.c
+===
+--- a/subversion/libsvn_repos/rev_hunt.c   (revision 1685077)
 b/subversion/libsvn_repos/rev_hunt.c   (working copy)
+@@ -726,23 +726,6 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
+   if (! prev_path)
+ break;
+ 
+-  if (authz_read_func)
+-{
+-  svn_boolean_t readable;
+-  svn_fs_root_t *tmp_root;
+-
+-  SVN_ERR(svn_fs_revision_root(&tmp_root, fs, revision, currpool));
+-  SVN_ERR(authz_read_func(&readable, tmp_root, path,
+-  authz_read_baton, currpool));
+-  if (! readable)
+-{
+-  svn_pool_destroy(lastpool);
+-  svn_pool_destroy(currpool);
+-
+-  return SVN_NO_ERROR;
+-}
+-}
+-
+   /* Assign the current path to all younger revisions until we reach
+  the copy target rev. */
+   while ((revision_ptr < revision_ptr_end)
+@@ -765,6 +748,20 @@ svn_repos_trace_node_locations(svn_fs_t *fs,
+   path = prev_path;
+   revision = prev_rev;
+ 
++  if (authz_read_func)
++{
++  svn_boolean_t readable;
++  SVN_ERR(svn_fs_revision_root(&root, fs, revision, currpool));
++  SVN_ERR(authz_read_func(&readable, root, path,
++  authz_read_baton, currpool));
++  if (!readable)
++{
++  svn_pool_destroy(lastpool);
++  svn_pool_destroy(currpool);
++  return SVN_NO_ERROR;
++}
++}
++
+   /* Clear last pool and switch. */
+   svn_pool_clear(lastpool);
+   tmppool = lastpool;
+Index: subversion/tests/cmdline/authz_tests.py
+===
+--- a/subversion/tests/cmdline/authz_tests.py  (revision 1685077)
 b/subversion/tests/cmdline/authz_tests.py  (working copy)
+@@ -609,8 +609,10 @@ def authz_log_and_tracing_test(sbox):
+ 
+   ## cat
+ 
++  expected_err2 = ".*svn: E195012: Unable to find repository location.*"
++
+   # now see if we can look at the older version of rho
+-  svntest.actions.run_and_verify_svn(None, None, expected_err,
++  svntest.actions.run_and_verify_svn(None, None, expected_err2,
+  'cat', '-r', '2', D_url+'/rho')
+ 
+   if sbox.repo_url.startswith('http'):
+@@ -627,10 +629,11 @@ def authz_log_and_tracing_test(sbox):
+   svntest.actions.run_and_verify_svn(None, None, expected_err,
+  'diff', '-r', 'HEAD', G_url+'/rho')
+ 
+-  svntest.actions.run_and_verify_svn(None, None, expected_err,
++  # diff treats the unreadable path as indicating an add so no error
++  svntest.actions.run_and_verify_svn(None, None, [],
+  'diff', '-r', '2', D_url+'/rho')
+ 
+-  svntest.actions.run_and_verify_svn(None, None, expected_err,
++  svntest.actions.run_and_verify_svn(None, None, [],
+  'diff', '-r', '2:4', D_url+'/rho')
+ 
+ # test whether read access is correctly granted and denied
+Index: subversion/tests/libsvn_repos/repos-test.c
+===
+--- a/subversion/tests/libsvn_repos/repos-test.c   (revision 1685077)
 b/subversion/tests/libsvn_repos/repos-test.c   (working copy)
+@@ -3524,6 +3524,245 @@ test_load_r0_mergeinfo(const svn_test_opts_t *opts
+   return SVN_NO_ERROR;
+ }
+ 
++static svn_error_t *
++mkdir_delete_copy(svn_repos_t *repos,
++  const char *src,
++  const char *dst,
++  apr_pool_t *pool)
++{
++  svn_fs_t *fs = svn_repos_fs(repos);
++  svn_revnum_t

[OE-core] [PATCH 0/2] subversion: fix CVE-2015-3184, CVE-2015-3187

[wenzong.fan]

From: Wenzong Fan 

The following changes since commit d9aabf9639510fdb3e2ccc21ba5ae4aa9f6e4a57:

  gcc: Drop 4.8 (2015-11-16 14:59:18 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/svn
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/svn

Wenzong Fan (2):
  subversion: fix CVE-2015-3184
  subversion: fix CVE-2015-3187

 .../subversion-CVE-2015-3184.patch | 2094 
 .../subversion-CVE-2015-3187.patch |  346 
 .../subversion/subversion_1.8.13.bb|2 +
 3 files changed, 2442 insertions(+)
 create mode 100644 
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch
 create mode 100644 
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3187.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] subversion: fix CVE-2015-3184

[wenzong.fan]

From: Wenzong Fan 

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before
1.8.14, when using Apache httpd 2.4.x, does not properly restrict
anonymous access, which allows remote anonymous users to read hidden
files via the path name.

Patch is from:
http://subversion.apache.org/security/CVE-2015-3184-advisory.txt

Signed-off-by: Wenzong Fan 
---
 .../subversion-CVE-2015-3184.patch | 2094 
 .../subversion/subversion_1.8.13.bb|1 +
 2 files changed, 2095 insertions(+)
 create mode 100644 
meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch

diff --git 
a/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch
 
b/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch
new file mode 100644
index 000..0663bd2
--- /dev/null
+++ 
b/meta/recipes-devtools/subversion/subversion-1.8.13/subversion-CVE-2015-3184.patch
@@ -0,0 +1,2094 @@
+Fix CVE-2015-3184
+
+Patch is from:
+http://subversion.apache.org/security/CVE-2015-3184-advisory.txt
+
+Upstream-Status: Backport
+
+Signed-off-by: Wenzong Fan 
+
+Index: Makefile.in
+===
+--- a/Makefile.in  (revision 1691883)
 b/Makefile.in  (working copy)
+@@ -357,6 +357,7 @@ TEST_SHLIB_VAR_SWIG_RB=\
+   fi;
+ 
+ APXS = @APXS@
++HTTPD_VERSION = @HTTPD_VERSION@
+ 
+ PYTHON = @PYTHON@
+ PERL = @PERL@
+@@ -509,6 +510,9 @@ check: bin @TRANSFORM_LIBTOOL_SCRIPTS@ $(TEST_DEPS
+ if test "$(HTTP_LIBRARY)" != ""; then  \
+   flags="--http-library $(HTTP_LIBRARY) $$flags";  \
+ fi;\
++if test "$(HTTPD_VERSION)" != ""; then  \
++  flags="--httpd-version $(HTTPD_VERSION) $$flags";  \
++fi;\
+ if test "$(SERVER_MINOR_VERSION)" != ""; then  \
+   flags="--server-minor-version $(SERVER_MINOR_VERSION) $$flags";  \
+ fi;\
+Index: build/ac-macros/apache.m4
+===
+--- a/build/ac-macros/apache.m4(revision 1691883)
 b/build/ac-macros/apache.m4(working copy)
+@@ -160,6 +160,20 @@ if test -n "$APXS" && test "$APXS" != "no"; then
+ BUILD_APACHE_RULE=apache-mod
+ INSTALL_APACHE_RULE=install-mods-shared
+ INSTALL_APACHE_MODS=true
++HTTPD="`$APXS -q sbindir`/`$APXS -q PROGNAME`"
++if ! test -e $HTTPD ; then
++  HTTPD="`$APXS -q bindir`/`$APXS -q PROGNAME`"
++fi
++HTTPD_VERSION=["`$HTTPD -v | $SED -e 's@^.*/\([0-9.]*\)\(.*$\)@\1@ ; 
1q'`"]
++AC_ARG_ENABLE(broken-httpd-auth,
++  AS_HELP_STRING([--enable-broken-httpd-auth],
++ [Allow building against httpd 2.4 with broken auth]),
++  [broken_httpd_auth=$enableval],[broken_httpd_auth=no])
++if test "$enable_broken_httpd_auth" = "yes"; then
++  AC_MSG_NOTICE([Building with broken httpd auth])
++  AC_DEFINE(SVN_ALLOW_BROKEN_HTTPD_AUTH, 1,
++[Defined to allow building against httpd 2.4 with broken 
auth])
++fi
+ 
+ case $host in
+   *-*-cygwin*)
+@@ -178,6 +192,7 @@ AC_SUBST(APACHE_LDFLAGS)
+ AC_SUBST(APACHE_INCLUDES)
+ AC_SUBST(APACHE_LIBEXECDIR)
+ AC_SUBST(INSTALL_APACHE_MODS)
++AC_SUBST(HTTPD_VERSION)
+ 
+ # there aren't any flags that interest us ...
+ #if test -n "$APXS" && test "$APXS" != "no"; then
+Index: build/run_tests.py
+===
+--- a/build/run_tests.py   (revision 1691883)
 b/build/run_tests.py   (working copy)
+@@ -29,6 +29,7 @@
+ [--fs-type=] [--fsfs-packing] [--fsfs-sharding=]
+ [--list] [--milestone-filter=] [--mode-filter=]
+ [--server-minor-version=] [--http-proxy=:]
++[--httpd-version=]
+ [--config-file=] [--ssl-cert=]
+  
+ 
+@@ -125,7 +126,7 @@ class TestHarness:
+fsfs_sharding=None, fsfs_packing=None,
+list_tests=None, svn_bin=None, mode_filter=None,
+milestone_filter=None, set_log_level=None, ssl_cert=None,
+-   http_proxy=None):
++   http_proxy=None, httpd_version=None):
+ '''Construct a TestHarness instance.
+ 
+ ABS_SRCDIR and ABS_BUILDDIR are the source and build directories.
+@@ -178,6 +179,7 @@ class TestHarness:
+ self.log = None
+ self.ssl_cert = ssl_cert
+ self.http_proxy = http_proxy
++self.httpd_version = httpd_version
+ if not sys.stdout.isatty() or sys.platform == 'win32':
+   TextColors.disable()
+ 
+@@ -481,6 +483,8 @@ class TestHarness:
+   svntest.main.options.ssl_cert = self.ssl_cert
+ 

[OE-core] [PATCH 2/2 v2] qemu: fix CVE-2015-7295

[wenzong.fan]

From: Wenzong Fan 

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support
in QEMU, when big or mergeable receive buffers are not supported,
allows remote attackers to cause a denial of service (guest network
consumption) via a flood of jumbo frames on the (1) tuntap or (2)
macvtap interface.

Backport upstream commits:
http://git.qemu.org/?p=qemu.git;a=commit;h=ce317461573bac12b10d67699b4ddf1f97cf066c
http://git.qemu.org/?p=qemu.git;a=commit;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade
http://git.qemu.org/?p=qemu.git;a=commit;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3

Signed-off-by: Wenzong Fan 
---
 .../qemu/qemu/qemu-CVE-2015-7295.patch | 166 +
 meta/recipes-devtools/qemu/qemu_2.4.0.1.bb |   1 +
 2 files changed, 167 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch

diff --git a/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch 
b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch
new file mode 100644
index 000..0f4a1f5
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch
@@ -0,0 +1,166 @@
+Fix CVE-2015-7295
+
+Upstream-Status: Backport
+
+Backport upstream commits:
+http://git.qemu.org/?p=qemu.git;a=commit;h=ce317461573bac12b10d67699b4ddf1f97cf066c
+http://git.qemu.org/?p=qemu.git;a=commit;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade
+http://git.qemu.org/?p=qemu.git;a=commit;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3
+
+Signed-off-by: Wenzong Fan 
+==
+From ce317461573bac12b10d67699b4ddf1f97cf066c Mon Sep 17 00:00:00 2001
+From: Jason Wang 
+Date: Fri, 25 Sep 2015 13:21:28 +0800
+Subject: [PATCH 1/3] virtio: introduce virtqueue_unmap_sg()
+
+Factor out sg unmapping logic. This will be reused by the patch that
+can discard descriptor.
+
+Cc: Michael S. Tsirkin 
+Cc: Andrew James 
+Signed-off-by: Jason Wang 
+Reviewed-by: Michael S. Tsirkin 
+Signed-off-by: Michael S. Tsirkin 
+---
+ hw/virtio/virtio.c | 14 ++
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 7504f8b..6f2b96c 100644
+--- a/hw/virtio/virtio.c
 b/hw/virtio/virtio.c
+@@ -244,14 +244,12 @@ int virtio_queue_empty(VirtQueue *vq)
+ return vring_avail_idx(vq) == vq->last_avail_idx;
+ }
+ 
+-void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
+-unsigned int len, unsigned int idx)
++static void virtqueue_unmap_sg(VirtQueue *vq, const VirtQueueElement *elem,
++   unsigned int len)
+ {
+ unsigned int offset;
+ int i;
+ 
+-trace_virtqueue_fill(vq, elem, len, idx);
+-
+ offset = 0;
+ for (i = 0; i < elem->in_num; i++) {
+ size_t size = MIN(len - offset, elem->in_sg[i].iov_len);
+@@ -267,6 +265,14 @@ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement 
*elem,
+ cpu_physical_memory_unmap(elem->out_sg[i].iov_base,
+   elem->out_sg[i].iov_len,
+   0, elem->out_sg[i].iov_len);
++}
++
++void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
++unsigned int len, unsigned int idx)
++{
++trace_virtqueue_fill(vq, elem, len, idx);
++
++virtqueue_unmap_sg(vq, elem, len);
+ 
+ idx = (idx + vring_used_idx(vq)) % vq->vring.num;
+ 
+-- 
+2.3.5
+
+
+From 29b9f5efd78ae0f9cc02dd169b6e80d2c404bade Mon Sep 17 00:00:00 2001
+From: Jason Wang 
+Date: Fri, 25 Sep 2015 13:21:29 +0800
+Subject: [PATCH 2/3] virtio: introduce virtqueue_discard()
+
+This patch introduces virtqueue_discard() to discard a descriptor and
+unmap the sgs. This will be used by the patch that will discard
+descriptor when packet is truncated.
+
+Cc: Michael S. Tsirkin 
+Signed-off-by: Jason Wang 
+Reviewed-by: Michael S. Tsirkin 
+Signed-off-by: Michael S. Tsirkin 
+---
+ hw/virtio/virtio.c | 7 +++
+ include/hw/virtio/virtio.h | 2 ++
+ 2 files changed, 9 insertions(+)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 6f2b96c..d0bc72e 100644
+--- a/hw/virtio/virtio.c
 b/hw/virtio/virtio.c
+@@ -267,6 +267,13 @@ static void virtqueue_unmap_sg(VirtQueue *vq, const 
VirtQueueElement *elem,
+   0, elem->out_sg[i].iov_len);
+ }
+ 
++void virtqueue_discard(VirtQueue *vq, const VirtQueueElement *elem,
++   unsigned int len)
++{
++vq->last_avail_idx--;
++virtqueue_unmap_sg(vq, elem, len);
++}
++
+ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
+ unsigned int len, unsigned int idx)
+ {
+diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
+index 6201ee8..9d09115 100644
+--- a/include/hw/virtio/virtio.h
 b/include/hw/virtio/virtio.h
+@@ -146,6 +146,8 @@ void virtio_del_queue(VirtIODevice *vdev, int n);
+ void virtqueue_push(VirtQueue *vq, const VirtQueueElement *elem,
+ unsigned in

[OE-core] [PATCH 1/2 v2] qemu: fix CVE-2015-6855

[wenzong.fan]

From: Wenzong Fan 

hw/ide/core.c in QEMU does not properly restrict the commands accepted
by an ATAPI device, which allows guest users to cause a denial of
service or possibly have unspecified other impact via certain IDE
commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty
drive, which triggers a divide-by-zero error and instance crash.

Backport upstream commit:
http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a

Signed-off-by: Wenzong Fan 
---
 .../qemu/qemu/qemu-CVE-2015-6855.patch | 151 +
 meta/recipes-devtools/qemu/qemu_2.4.0.1.bb |   1 +
 2 files changed, 152 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch

diff --git a/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch 
b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
new file mode 100644
index 000..f7f6452
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
@@ -0,0 +1,151 @@
+From d9033e1d3aa666c5071580617a57bd853c5d794a Mon Sep 17 00:00:00 2001
+From: John Snow 
+Date: Thu, 17 Sep 2015 14:17:05 -0400
+Subject: [PATCH] ide: fix ATAPI command permissions
+
+We're a little too lenient with what we'll let an ATAPI drive handle.
+Clamp down on the IDE command execution table to remove CD_OK permissions
+from commands that are not and have never been ATAPI commands.
+
+For ATAPI command validity, please see:
+- ATA4 Section 6.5 ("PACKET Command feature set")
+- ATA8/ACS Section 4.3 ("The PACKET feature set")
+- ACS3 Section 4.3 ("The PACKET feature set")
+
+ACS3 has a historical command validity table in Table B.4
+("Historical Command Assignments") that can be referenced to find when
+a command was introduced, deprecated, obsoleted, etc.
+
+The only reference for ATAPI command validity is by checking that
+version's PACKET feature set section.
+
+ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
+therefore are assumed to have never been ATAPI commands.
+
+Mandatory commands, as listed in ATA8-ACS3, are:
+
+- DEVICE RESET
+- EXECUTE DEVICE DIAGNOSTIC
+- IDENTIFY DEVICE
+- IDENTIFY PACKET DEVICE
+- NOP
+- PACKET
+- READ SECTOR(S)
+- SET FEATURES
+
+Optional commands as listed in ATA8-ACS3, are:
+
+- FLUSH CACHE
+- READ LOG DMA EXT
+- READ LOG EXT
+- WRITE LOG DMA EXT
+- WRITE LOG EXT
+
+All other commands are illegal to send to an ATAPI device and should
+be rejected by the device.
+
+CD_OK removal justifications:
+
+0x06 WIN_DSM  Defined in ACS2. Not valid for ATAPI.
+0x21 WIN_READ_ONCERetired in ATA5. Not ATAPI in ATA4.
+0x94 WIN_STANDBYNOW2  Retired in ATA4. Did not coexist with ATAPI.
+0x95 WIN_IDLEIMMEDIATE2   Retired in ATA4. Did not coexist with ATAPI.
+0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
+0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
+0x98 WIN_CHECKPOWERMODE2  Retired in ATA4. Did not coexist with ATAPI.
+0x99 WIN_SLEEPNOW2Retired in ATA4. Did not coexist with ATAPI.
+0xE0 WIN_STANDBYNOW1  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
+0xE2 WIN_STANDBY  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
+0xE4 WIN_CHECKPOWERMODE1  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE5 WIN_SLEEPNOW1Not part of ATAPI in ATA4, ACS or ACS3.
+0xF8 WIN_READ_NATIVE_MAX  Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
+
+This patch fixes a divide by zero fault that can be caused by sending
+the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
+attempt to use zeroed CHS values to perform sector arithmetic.
+
+Reported-by: Qinghao Tang 
+Signed-off-by: John Snow 
+Reviewed-by: Markus Armbruster 
+Message-id: 1441816082-21031-1-git-send-email-js...@redhat.com
+CC: qemu-sta...@nongnu.org
+
+Upstream-Status: Backport
+
+Backport upstream commit:
+http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a
+
+Signed-off-by: Wenzong Fan 
+---
+ hw/ide/core.c | 30 +++---
+ 1 file changed, 15 insertions(+), 15 deletions(-)
+
+diff --git a/hw/ide/core.c b/hw/ide/core.c
+index 8ba04df..1cc6945 100644
+--- a/hw/ide/core.c
 b/hw/ide/core.c
+@@ -1746,11 +1746,11 @@ static const struct {
+ } ide_cmd_table[0x100] = {
+ /* NOP not implemented, mandatory for CD */
+ [CFA_REQ_EXT_ERROR_CODE]  = { cmd_cfa_req_ext_error_code, CFA_OK },
+-[WIN_DSM] = { cmd_data_set_management, ALL_OK },
++[WIN_DSM] = { cmd_data_set_management, HD_CFA_OK },
+ [WIN_DEVICE_RESET]= { cmd_device_reset, CD_OK },
+ [WIN_RECAL]   = { cmd_nop, HD_CFA_OK | SET_DSC},
+ [WIN_READ]= { cmd_read_pio, ALL_OK },
+-[WIN_READ_ONCE]   = { cmd_read_pio, ALL_OK },
++[WIN_READ_ONCE]   

[OE-core] [PATCH 0/2 v2] qemu: fix CVE-2015-6855, CVE-2015-7295

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

* rebase to qemu 2.4.0.1

The following changes since commit d9aabf9639510fdb3e2ccc21ba5ae4aa9f6e4a57:

  gcc: Drop 4.8 (2015-11-16 14:59:18 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/qemu-cve-new
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/qemu-cve-new

Wenzong Fan (2):
  qemu: fix CVE-2015-6855
  qemu: fix CVE-2015-7295

 .../qemu/qemu/qemu-CVE-2015-6855.patch | 151 +++
 .../qemu/qemu/qemu-CVE-2015-7295.patch | 166 +
 meta/recipes-devtools/qemu/qemu_2.4.0.1.bb |   2 +
 3 files changed, 319 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/3] qemu: fix CVE-2015-6855

[wenzong.fan]

From: Wenzong Fan 

hw/ide/core.c in QEMU does not properly restrict the commands accepted
by an ATAPI device, which allows guest users to cause a denial of
service or possibly have unspecified other impact via certain IDE
commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty
drive, which triggers a divide-by-zero error and instance crash.

Backport upstream commit:
http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a

Signed-off-by: Wenzong Fan 
---
 .../qemu/qemu/qemu-CVE-2015-6855.patch | 151 +
 meta/recipes-devtools/qemu/qemu_2.4.0.bb   |   1 +
 2 files changed, 152 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch

diff --git a/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch 
b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
new file mode 100644
index 000..f7f6452
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
@@ -0,0 +1,151 @@
+From d9033e1d3aa666c5071580617a57bd853c5d794a Mon Sep 17 00:00:00 2001
+From: John Snow 
+Date: Thu, 17 Sep 2015 14:17:05 -0400
+Subject: [PATCH] ide: fix ATAPI command permissions
+
+We're a little too lenient with what we'll let an ATAPI drive handle.
+Clamp down on the IDE command execution table to remove CD_OK permissions
+from commands that are not and have never been ATAPI commands.
+
+For ATAPI command validity, please see:
+- ATA4 Section 6.5 ("PACKET Command feature set")
+- ATA8/ACS Section 4.3 ("The PACKET feature set")
+- ACS3 Section 4.3 ("The PACKET feature set")
+
+ACS3 has a historical command validity table in Table B.4
+("Historical Command Assignments") that can be referenced to find when
+a command was introduced, deprecated, obsoleted, etc.
+
+The only reference for ATAPI command validity is by checking that
+version's PACKET feature set section.
+
+ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
+therefore are assumed to have never been ATAPI commands.
+
+Mandatory commands, as listed in ATA8-ACS3, are:
+
+- DEVICE RESET
+- EXECUTE DEVICE DIAGNOSTIC
+- IDENTIFY DEVICE
+- IDENTIFY PACKET DEVICE
+- NOP
+- PACKET
+- READ SECTOR(S)
+- SET FEATURES
+
+Optional commands as listed in ATA8-ACS3, are:
+
+- FLUSH CACHE
+- READ LOG DMA EXT
+- READ LOG EXT
+- WRITE LOG DMA EXT
+- WRITE LOG EXT
+
+All other commands are illegal to send to an ATAPI device and should
+be rejected by the device.
+
+CD_OK removal justifications:
+
+0x06 WIN_DSM  Defined in ACS2. Not valid for ATAPI.
+0x21 WIN_READ_ONCERetired in ATA5. Not ATAPI in ATA4.
+0x94 WIN_STANDBYNOW2  Retired in ATA4. Did not coexist with ATAPI.
+0x95 WIN_IDLEIMMEDIATE2   Retired in ATA4. Did not coexist with ATAPI.
+0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
+0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
+0x98 WIN_CHECKPOWERMODE2  Retired in ATA4. Did not coexist with ATAPI.
+0x99 WIN_SLEEPNOW2Retired in ATA4. Did not coexist with ATAPI.
+0xE0 WIN_STANDBYNOW1  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
+0xE2 WIN_STANDBY  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
+0xE4 WIN_CHECKPOWERMODE1  Not part of ATAPI in ATA4, ACS or ACS3.
+0xE5 WIN_SLEEPNOW1Not part of ATAPI in ATA4, ACS or ACS3.
+0xF8 WIN_READ_NATIVE_MAX  Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
+
+This patch fixes a divide by zero fault that can be caused by sending
+the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
+attempt to use zeroed CHS values to perform sector arithmetic.
+
+Reported-by: Qinghao Tang 
+Signed-off-by: John Snow 
+Reviewed-by: Markus Armbruster 
+Message-id: 1441816082-21031-1-git-send-email-js...@redhat.com
+CC: qemu-sta...@nongnu.org
+
+Upstream-Status: Backport
+
+Backport upstream commit:
+http://git.qemu.org/?p=qemu.git;a=commit;h=d9033e1d3aa666c5071580617a57bd853c5d794a
+
+Signed-off-by: Wenzong Fan 
+---
+ hw/ide/core.c | 30 +++---
+ 1 file changed, 15 insertions(+), 15 deletions(-)
+
+diff --git a/hw/ide/core.c b/hw/ide/core.c
+index 8ba04df..1cc6945 100644
+--- a/hw/ide/core.c
 b/hw/ide/core.c
+@@ -1746,11 +1746,11 @@ static const struct {
+ } ide_cmd_table[0x100] = {
+ /* NOP not implemented, mandatory for CD */
+ [CFA_REQ_EXT_ERROR_CODE]  = { cmd_cfa_req_ext_error_code, CFA_OK },
+-[WIN_DSM] = { cmd_data_set_management, ALL_OK },
++[WIN_DSM] = { cmd_data_set_management, HD_CFA_OK },
+ [WIN_DEVICE_RESET]= { cmd_device_reset, CD_OK },
+ [WIN_RECAL]   = { cmd_nop, HD_CFA_OK | SET_DSC},
+ [WIN_READ]= { cmd_read_pio, ALL_OK },
+-[WIN_READ_ONCE]   = { cmd_read_pio, ALL_OK },
++[WIN_READ_ONCE]   

[OE-core] [PATCH 3/3] qemu: fix CVE-2015-7295

[wenzong.fan]

From: Wenzong Fan 

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support
in QEMU, when big or mergeable receive buffers are not supported,
allows remote attackers to cause a denial of service (guest network
consumption) via a flood of jumbo frames on the (1) tuntap or (2)
macvtap interface.

Backport upstream commits:
http://git.qemu.org/?p=qemu.git;a=commit;h=ce317461573bac12b10d67699b4ddf1f97cf066c
http://git.qemu.org/?p=qemu.git;a=commit;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade
http://git.qemu.org/?p=qemu.git;a=commit;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3

Signed-off-by: Wenzong Fan 
---
 .../qemu/qemu/qemu-CVE-2015-7295.patch | 166 +
 meta/recipes-devtools/qemu/qemu_2.4.0.bb   |   1 +
 2 files changed, 167 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch

diff --git a/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch 
b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch
new file mode 100644
index 000..0f4a1f5
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch
@@ -0,0 +1,166 @@
+Fix CVE-2015-7295
+
+Upstream-Status: Backport
+
+Backport upstream commits:
+http://git.qemu.org/?p=qemu.git;a=commit;h=ce317461573bac12b10d67699b4ddf1f97cf066c
+http://git.qemu.org/?p=qemu.git;a=commit;h=29b9f5efd78ae0f9cc02dd169b6e80d2c404bade
+http://git.qemu.org/?p=qemu.git;a=commit;h=0cf33fb6b49a19de32859e2cdc6021334f448fb3
+
+Signed-off-by: Wenzong Fan 
+==
+From ce317461573bac12b10d67699b4ddf1f97cf066c Mon Sep 17 00:00:00 2001
+From: Jason Wang 
+Date: Fri, 25 Sep 2015 13:21:28 +0800
+Subject: [PATCH 1/3] virtio: introduce virtqueue_unmap_sg()
+
+Factor out sg unmapping logic. This will be reused by the patch that
+can discard descriptor.
+
+Cc: Michael S. Tsirkin 
+Cc: Andrew James 
+Signed-off-by: Jason Wang 
+Reviewed-by: Michael S. Tsirkin 
+Signed-off-by: Michael S. Tsirkin 
+---
+ hw/virtio/virtio.c | 14 ++
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 7504f8b..6f2b96c 100644
+--- a/hw/virtio/virtio.c
 b/hw/virtio/virtio.c
+@@ -244,14 +244,12 @@ int virtio_queue_empty(VirtQueue *vq)
+ return vring_avail_idx(vq) == vq->last_avail_idx;
+ }
+ 
+-void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
+-unsigned int len, unsigned int idx)
++static void virtqueue_unmap_sg(VirtQueue *vq, const VirtQueueElement *elem,
++   unsigned int len)
+ {
+ unsigned int offset;
+ int i;
+ 
+-trace_virtqueue_fill(vq, elem, len, idx);
+-
+ offset = 0;
+ for (i = 0; i < elem->in_num; i++) {
+ size_t size = MIN(len - offset, elem->in_sg[i].iov_len);
+@@ -267,6 +265,14 @@ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement 
*elem,
+ cpu_physical_memory_unmap(elem->out_sg[i].iov_base,
+   elem->out_sg[i].iov_len,
+   0, elem->out_sg[i].iov_len);
++}
++
++void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
++unsigned int len, unsigned int idx)
++{
++trace_virtqueue_fill(vq, elem, len, idx);
++
++virtqueue_unmap_sg(vq, elem, len);
+ 
+ idx = (idx + vring_used_idx(vq)) % vq->vring.num;
+ 
+-- 
+2.3.5
+
+
+From 29b9f5efd78ae0f9cc02dd169b6e80d2c404bade Mon Sep 17 00:00:00 2001
+From: Jason Wang 
+Date: Fri, 25 Sep 2015 13:21:29 +0800
+Subject: [PATCH 2/3] virtio: introduce virtqueue_discard()
+
+This patch introduces virtqueue_discard() to discard a descriptor and
+unmap the sgs. This will be used by the patch that will discard
+descriptor when packet is truncated.
+
+Cc: Michael S. Tsirkin 
+Signed-off-by: Jason Wang 
+Reviewed-by: Michael S. Tsirkin 
+Signed-off-by: Michael S. Tsirkin 
+---
+ hw/virtio/virtio.c | 7 +++
+ include/hw/virtio/virtio.h | 2 ++
+ 2 files changed, 9 insertions(+)
+
+diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
+index 6f2b96c..d0bc72e 100644
+--- a/hw/virtio/virtio.c
 b/hw/virtio/virtio.c
+@@ -267,6 +267,13 @@ static void virtqueue_unmap_sg(VirtQueue *vq, const 
VirtQueueElement *elem,
+   0, elem->out_sg[i].iov_len);
+ }
+ 
++void virtqueue_discard(VirtQueue *vq, const VirtQueueElement *elem,
++   unsigned int len)
++{
++vq->last_avail_idx--;
++virtqueue_unmap_sg(vq, elem, len);
++}
++
+ void virtqueue_fill(VirtQueue *vq, const VirtQueueElement *elem,
+ unsigned int len, unsigned int idx)
+ {
+diff --git a/include/hw/virtio/virtio.h b/include/hw/virtio/virtio.h
+index 6201ee8..9d09115 100644
+--- a/include/hw/virtio/virtio.h
 b/include/hw/virtio/virtio.h
+@@ -146,6 +146,8 @@ void virtio_del_queue(VirtIODevice *vdev, int n);
+ void virtqueue_push(VirtQueue *vq, const VirtQueueElement *elem,
+ unsigned in

[OE-core] [PATCH 0/3] qemu: fix CVE-2015-5225, CVE-2015-6855, CVE-2015-7295

[wenzong.fan]

From: Wenzong Fan 

The following changes since commit fc45deac89ef63ca1c44e763c38ced7dfd72cbe1:

  build-appliance-image: Update to jethro head revision (2015-11-03 14:03:03 
+)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/qemu-cve
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/qemu-cve

Wenzong Fan (3):
  qemu: fix CVE-2015-5225
  qemu: fix CVE-2015-6855
  qemu: fix CVE-2015-7295

 .../qemu/qemu/qemu-CVE-2015-5225.patch |  91 +++
 .../qemu/qemu/qemu-CVE-2015-6855.patch | 151 +++
 .../qemu/qemu/qemu-CVE-2015-7295.patch | 166 +
 meta/recipes-devtools/qemu/qemu_2.4.0.bb   |   3 +
 4 files changed, 411 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-5225.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-6855.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-7295.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/3] qemu: fix CVE-2015-5225

[wenzong.fan]

From: Wenzong Fan 

Buffer overflow in the vnc_refresh_server_surface function in the VNC
display driver in QEMU before 2.4.0.1 allows guest users to cause a
denial of service (heap memory corruption and process crash) or
possibly execute arbitrary code on the host via unspecified vectors,
related to refreshing the server display surface.

Backport upstream commit:
http://git.qemu.org/?p=qemu.git;a=commit;h=eb8934b0418b3b1d125edddc4fc334a54334a49b

Signed-off-by: Wenzong Fan 
---
 .../qemu/qemu/qemu-CVE-2015-5225.patch | 91 ++
 meta/recipes-devtools/qemu/qemu_2.4.0.bb   |  1 +
 2 files changed, 92 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-5225.patch

diff --git a/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-5225.patch 
b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-5225.patch
new file mode 100644
index 000..561a960
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/qemu-CVE-2015-5225.patch
@@ -0,0 +1,91 @@
+From efec4dcd2552e85ed57f276b58f09fc385727450 Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann 
+Date: Mon, 17 Aug 2015 19:56:53 +0200
+Subject: [PATCH] vnc: fix memory corruption (CVE-2015-5225)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The _cmp_bytes variable added by commit "bea60dd ui/vnc: fix potential
+memory corruption issues" can become negative.  Result is (possibly
+exploitable) memory corruption.  Reason for that is it uses the stride
+instead of bytes per scanline to apply limits.
+
+For the server surface is is actually fine.  vnc creates that itself,
+there is never any padding and thus scanline length always equals stride.
+
+For the guest surface scanline length and stride are typically identical
+too, but it doesn't has to be that way.  So add and use a new variable
+(guest_ll) for the guest scanline length.  Also rename min_stride to
+line_bytes to make more clear what it actually is.  Finally sprinkle
+in an assert() to make sure we never use a negative _cmp_bytes again.
+
+Reported-by: 范祚至(库特) 
+Reviewed-by: P J P 
+Signed-off-by: Gerd Hoffmann 
+(cherry picked from commit eb8934b0418b3b1d125edddc4fc334a54334a49b)
+Signed-off-by: Michael Roth 
+
+Upstream-Status: Backport
+
+Backport upstream commit:
+http://git.qemu.org/?p=qemu.git;a=commit;h=eb8934b0418b3b1d125edddc4fc334a54334a49b
+
+Signed-off-by: Wenzong Fan 
+---
+ ui/vnc.c | 15 ++-
+ 1 file changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/ui/vnc.c b/ui/vnc.c
+index e26973a..caf82f5 100644
+--- a/ui/vnc.c
 b/ui/vnc.c
+@@ -2872,7 +2872,7 @@ static int vnc_refresh_server_surface(VncDisplay *vd)
+ pixman_image_get_width(vd->server));
+ int height = MIN(pixman_image_get_height(vd->guest.fb),
+  pixman_image_get_height(vd->server));
+-int cmp_bytes, server_stride, min_stride, guest_stride, y = 0;
++int cmp_bytes, server_stride, line_bytes, guest_ll, guest_stride, y = 0;
+ uint8_t *guest_row0 = NULL, *server_row0;
+ VncState *vs;
+ int has_dirty = 0;
+@@ -2891,17 +2891,21 @@ static int vnc_refresh_server_surface(VncDisplay *vd)
+  * Update server dirty map.
+  */
+ server_row0 = (uint8_t *)pixman_image_get_data(vd->server);
+-server_stride = guest_stride = pixman_image_get_stride(vd->server);
++server_stride = guest_stride = guest_ll =
++pixman_image_get_stride(vd->server);
+ cmp_bytes = MIN(VNC_DIRTY_PIXELS_PER_BIT * VNC_SERVER_FB_BYTES,
+ server_stride);
+ if (vd->guest.format != VNC_SERVER_FB_FORMAT) {
+ int width = pixman_image_get_width(vd->server);
+ tmpbuf = qemu_pixman_linebuf_create(VNC_SERVER_FB_FORMAT, width);
+ } else {
++int guest_bpp =
++PIXMAN_FORMAT_BPP(pixman_image_get_format(vd->guest.fb));
+ guest_row0 = (uint8_t *)pixman_image_get_data(vd->guest.fb);
+ guest_stride = pixman_image_get_stride(vd->guest.fb);
++guest_ll = pixman_image_get_width(vd->guest.fb) * ((guest_bpp + 7) / 
8);
+ }
+-min_stride = MIN(server_stride, guest_stride);
++line_bytes = MIN(server_stride, guest_ll);
+ 
+ for (;;) {
+ int x;
+@@ -2932,9 +2936,10 @@ static int vnc_refresh_server_surface(VncDisplay *vd)
+ if (!test_and_clear_bit(x, vd->guest.dirty[y])) {
+ continue;
+ }
+-if ((x + 1) * cmp_bytes > min_stride) {
+-_cmp_bytes = min_stride - x * cmp_bytes;
++if ((x + 1) * cmp_bytes > line_bytes) {
++_cmp_bytes = line_bytes - x * cmp_bytes;
+ }
++assert(_cmp_bytes >= 0);
+ if (memcmp(server_ptr, guest_ptr, _cmp_bytes) == 0) {
+ continue;
+ }
+-- 
+2.3.5
+
diff --git a/meta/recipes-devtools/qemu/qemu_2.4.0.bb 
b/meta/recipes-devtools/qemu/qemu_2.4.0.bb
index 1505b80..24e8ef5 100644
--- a/meta/recipes-devtools/qemu/qemu_2.4.0.b

[OE-core] [PATCH] gstreamer1.0-plugins-bad: disable uvch264 for systemd

[wenzong.fan]

From: Wenzong Fan 

Disable uvch264 to remove the dependency to libgudev which has been
removed from systemd project.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc 
b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
index cdedb60..863925d 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
@@ -20,7 +20,8 @@ PACKAGECONFIG ??= " \
 ${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland', '', d)} \
 ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \
 ${@bb.utils.contains('DISTRO_FEATURES', 'directfb', 'directfb', '', d)} \
-orc curl uvch264 neon sndfile \
+${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'uvch264', d)} \
+orc curl neon sndfile \
 hls sbc dash bz2 smoothstreaming \
 "
 
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] mdadm: fix CFLAGS and ptest issues

[wenzong.fan]

From: Wenzong Fan 

* Pass global CFLAGS to build:

The CFLAGS does not pass to build at all since it was redefined by
mdadm Makefile:

  CFLAGS = $(CWFLAGS) $(CXFLAGS) ...

This could be done by setting 'CXFLAGS="${CFLAGS}"'.

* Also fix ptest build errors caused by global CFLAGS:

  raid6check.c:352:2: error: ignoring return value of posix_memalign, \
  declared with attribute warn_unused_result [-Werror=unused-result]

  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
  in this function [-Werror=maybe-uninitialized]

Signed-off-by: Wenzong Fan 
---
 .../mdadm/files/mdadm-fix-ptest-build-errors.patch | 50 ++
 meta/recipes-extended/mdadm/mdadm_3.3.4.bb |  3 +-
 2 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-errors.patch

diff --git 
a/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-errors.patch 
b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-errors.patch
new file mode 100644
index 000..f7c5514
--- /dev/null
+++ b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-errors.patch
@@ -0,0 +1,50 @@
+From f3acf8499a4cc400206c5c56f0a6c69192ed55de Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Sat, 7 Nov 2015 04:21:17 -0500
+Subject: [PATCH] mdadm: fix ptest build errors
+
+Check return value for posix_memalign() to fix ptest build error:
+
+  raid6check.c:352:2: error: ignoring return value of posix_memalign, \
+  declared with attribute warn_unused_result [-Werror=unused-result]
+
+Initialize *stripe_buf as NULL to fix ptest build error:
+
+  raid6check.c: In function 'check_stripes':
+  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
+  in this function [-Werror=maybe-uninitialized]
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ raid6check.c | 6 --
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/raid6check.c b/raid6check.c
+index cb8522e..9462bcf 100644
+--- a/raid6check.c
 b/raid6check.c
+@@ -312,7 +312,7 @@ int check_stripes(struct mdinfo *info, int *source, 
unsigned long long *offsets,
+   /* read the data and p and q blocks, and check we got them right */
+   int data_disks = raid_disks - 2;
+   int syndrome_disks = data_disks + is_ddf(layout) * 2;
+-  char *stripe_buf;
++  char *stripe_buf = NULL;
+ 
+   /* stripes[] is indexed by raid_disk and holds chunks from each device 
*/
+   char **stripes = xmalloc(raid_disks * sizeof(char*));
+@@ -349,7 +349,9 @@ int check_stripes(struct mdinfo *info, int *source, 
unsigned long long *offsets,
+   if (!tables_ready)
+   make_tables();
+ 
+-  posix_memalign((void**)&stripe_buf, 4096, raid_disks * chunk_size);
++  if (posix_memalign((void**)&stripe_buf, 4096, raid_disks * chunk_size) 
!= 0)
++  goto exitCheck;
++
+   block_index_for_slot += 2;
+   blocks += 2;
+   blocks_page += 2;
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb 
b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
index 1198167..0993611 100644
--- a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
+++ b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
@@ -13,6 +13,7 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \
file://gcc-4.9.patch \
file://mdadm-3.3.2_x32_abi_time_t.patch \
file://0001-Fix-typo-in-comparision.patch \
+   file://mdadm-fix-ptest-build-errors.patch \
file://run-ptest \
  "
 SRC_URI[md5sum] = "7ca8b114710f98f53f20c5787b674a09"
@@ -22,7 +23,7 @@ CFLAGS += "-fno-strict-aliasing"
 
 inherit autotools-brokensep
 
-EXTRA_OEMAKE = "CHECK_RUN_DIR=0"
+EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}"'
 # PPC64 and MIPS64 uses long long for u64 in the kernel, but powerpc's 
asm/types.h
 # prevents 64-bit userland from seeing this definition, instead defaulting
 # to u64 == long in userspace. Define __SANE_USERSPACE_TYPES__ to get
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1 v2] mdadm: fix CFLAGS and ptest issues

[wenzong.fan]

From: Wenzong Fan 

V2 change:

* also fix another ptest error while building poky-lsb:

  raid6check.c:352:2: error: ignoring return value of posix_memalign, \
  declared with attribute warn_unused_result [-Werror=unused-result]

The following changes since commit fc45deac89ef63ca1c44e763c38ced7dfd72cbe1:

  build-appliance-image: Update to jethro head revision (2015-11-03 14:03:03 
+)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/mdadm
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/mdadm

Wenzong Fan (1):
  mdadm: fix CFLAGS and ptest issues

 .../mdadm/files/mdadm-fix-ptest-build-errors.patch | 50 ++
 meta/recipes-extended/mdadm/mdadm_3.3.4.bb |  3 +-
 2 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-errors.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v4] rpcbind: don't use '-w' for starting rpcbind

[wenzong.fan]

From: Li Wang 

While runing:

$ systemctl restart rpcbind
$ systemctl status rpcbind

There are errors like below:
  rpcbind[1722]: Cannot open '/tmp/rpcbind.xdr' file for reading, \
errno 2 (No such file or directory)
  rpcbind[1722]: Cannot open '/tmp/portmap.xdr' file for reading, \
errno 2 (No such file or directory)

'-w' causes rpcbind to do a "warm start" by read a state file when
rpcbind starts up. The state file is created when rpcbind terminates.

The state file is not always there, the patch refers to:
  https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/835833

Signed-off-by: Li Wang 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-extended/rpcbind/rpcbind/rpcbind.service | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
index b3ae254..9cdade4 100644
--- a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
+++ b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
@@ -5,7 +5,7 @@ Requires=rpcbind.socket
 [Service]
 Type=forking
 EnvironmentFile=-@SYSCONFDIR@/rpcbind.conf
-ExecStart=@SBINDIR@/rpcbind -w $RPCBIND_OPTS
+ExecStart=@SBINDIR@/rpcbind $RPCBIND_OPTS
 SuccessExitStatus=2
 
 [Install]
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1 v4] rpcbind: don't use '-w' for starting rpcbind

[wenzong.fan]

From: Wenzong Fan 

V4 changes:

* update commit logs

The following changes since commit fc45deac89ef63ca1c44e763c38ced7dfd72cbe1:

  build-appliance-image: Update to jethro head revision (2015-11-03 14:03:03 
+)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/rpcbind
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/rpcbind

Li Wang (1):
  rpcbind: don't use '-w' for starting rpcbind

 meta/recipes-extended/rpcbind/rpcbind/rpcbind.service | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] openssl: fix mips64 configure support

[wenzong.fan]

From: Wenzong Fan 

Match target name linux-mips64 as well, all mips64 targets will have
mips(32) userspace.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-connectivity/openssl/openssl.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-connectivity/openssl/openssl.inc 
b/meta/recipes-connectivity/openssl/openssl.inc
index 8af423f..b69cb4c 100644
--- a/meta/recipes-connectivity/openssl/openssl.inc
+++ b/meta/recipes-connectivity/openssl/openssl.inc
@@ -115,7 +115,7 @@ do_configure () {
linux-mipsel)
target=debian-mipsel
;;
-linux-*-mips64)
+linux-*-mips64 | linux-mips64)
target=linux-mips
 ;;
linux-microblaze*|linux-nios2*)
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] gnupg: fix find-version for beta checking

[wenzong.fan]

From: Wenzong Fan 

find-version always assumes that gnupg is beta if autogen.sh is run
out of git-repo. This doesn't work for users whom just take release
tarball and re-run autoconf in their local build dir.

This fixes runtime issue:

  $gpg --list-sigs
  gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
  gpg: It is only intended for test purposes and should NOT be
  gpg: used in a production environment or with production keys!

Signed-off-by: Wenzong Fan 
---
 ...gen.sh-fix-find-version-for-beta-checking.patch | 31 ++
 meta/recipes-support/gnupg/gnupg_2.1.7.bb  |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 
meta/recipes-support/gnupg/gnupg/autogen.sh-fix-find-version-for-beta-checking.patch

diff --git 
a/meta/recipes-support/gnupg/gnupg/autogen.sh-fix-find-version-for-beta-checking.patch
 
b/meta/recipes-support/gnupg/gnupg/autogen.sh-fix-find-version-for-beta-checking.patch
new file mode 100644
index 000..4241bc3
--- /dev/null
+++ 
b/meta/recipes-support/gnupg/gnupg/autogen.sh-fix-find-version-for-beta-checking.patch
@@ -0,0 +1,31 @@
+From 717f994be2466d378e6611a4739c606db6d0dc46 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Sun, 25 Oct 2015 22:44:47 -0400
+Subject: [PATCH] autogen.sh: fix find-version for beta checking
+
+find-version always assumes that gnupg is beta if autogen.sh is run
+out of git-repo. This doesn't work for users whom just take release
+tarball and re-run autoconf in their local build dir.
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ autogen.sh | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/autogen.sh b/autogen.sh
+index 7effd56..d673432 100755
+--- a/autogen.sh
 b/autogen.sh
+@@ -228,7 +228,6 @@ if [ "$myhost" = "find-version" ]; then
+   rvd=$((0x$(echo ${rev} | head -c 4)))
+ else
+   ingit=no
+-  beta=yes
+   tmp="-unknown"
+   rev="000"
+   rvd="0"
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/gnupg/gnupg_2.1.7.bb 
b/meta/recipes-support/gnupg/gnupg_2.1.7.bb
index 48c7c96..979e6f9 100644
--- a/meta/recipes-support/gnupg/gnupg_2.1.7.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.1.7.bb
@@ -12,6 +12,7 @@ SRC_URI = 
"ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2 \
file://pkgconfig.patch \
file://use-pkgconfig-instead-of-npth-config.patch \
file://dirmngr-uses-libgpg-error.patch \
+   file://autogen.sh-fix-find-version-for-beta-checking.patch \
   "
 
 SRC_URI[md5sum] = "ebdf92b15b8bcd8579b643c7f41a3238"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1 v2] gnupg: fix find-version for beta checking

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

Fix find-version beta checking logic from autogen.sh instead of set
development_version to 'no' in configure.ac.

The following changes since commit 8a0d8eee432924433c3e70198aaeab3161476c5f:

  toaster manual: Updated the set up and use chapter (2015-10-27 07:28:22 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/gnupg-new
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/gnupg-new

Wenzong Fan (1):
  gnupg: fix find-version for beta checking

 ...gen.sh-fix-find-version-for-beta-checking.patch | 31 ++
 meta/recipes-support/gnupg/gnupg_2.1.7.bb  |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 
meta/recipes-support/gnupg/gnupg/autogen.sh-fix-find-version-for-beta-checking.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] openssh: Restore TCP wrappers support

[wenzong.fan]

From: Wenzong Fan 

The /etc/hosts.deny doesn't work for sshd without tcp-wrappers support,
apply below patch from Debian to fix it:

  From 1850a2c93f3dcfa3d682eaa85d1593c01d170429 Mon Sep 17 00:00:00 2001
  From: Colin Watson 
  Date: Tue, 7 Oct 2014 13:22:41 +0100
  Subject: Restore TCP wrappers support

  Support for TCP wrappers was dropped in OpenSSH 6.7.  See this message
  and thread:

https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html

  It is true that this reduces preauth attack surface in sshd.  On the
  other hand, this support seems to be quite widely used, and abruptly
  dropping it (from the perspective of users who don't read
  openssh-unix-dev) could easily cause more serious problems in practice.

Link to patch file:
  http://anonscm.debian.org/cgit/pkg-ssh/openssh.git/tree/debian/ \
patches/restore-tcp-wrappers.patch

Signed-off-by: Wenzong Fan 
---
 .../openssh/openssh/restore-tcp-wrappers.patch | 174 +
 meta/recipes-connectivity/openssh/openssh_7.1p1.bb |   4 +
 2 files changed, 178 insertions(+)
 create mode 100644 
meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch

diff --git 
a/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch 
b/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch
new file mode 100644
index 000..1d819fa
--- /dev/null
+++ b/meta/recipes-connectivity/openssh/openssh/restore-tcp-wrappers.patch
@@ -0,0 +1,174 @@
+From 1850a2c93f3dcfa3d682eaa85d1593c01d170429 Mon Sep 17 00:00:00 2001
+From: Colin Watson 
+Date: Tue, 7 Oct 2014 13:22:41 +0100
+Subject: Restore TCP wrappers support
+
+Support for TCP wrappers was dropped in OpenSSH 6.7.  See this message
+and thread:
+
+  https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html
+
+It is true that this reduces preauth attack surface in sshd.  On the
+other hand, this support seems to be quite widely used, and abruptly
+dropping it (from the perspective of users who don't read
+openssh-unix-dev) could easily cause more serious problems in practice.
+
+It's not entirely clear what the right long-term answer for Debian is,
+but it at least probably doesn't involve dropping this feature shortly
+before a freeze.
+
+Forwarded: not-needed
+Last-Update: 2014-10-07
+
+Upstream-Status: Inappropriate
+
+Patch-Name: restore-tcp-wrappers.patch
+---
+ configure.ac | 57 +
+ sshd.8   |  7 +++
+ sshd.c   | 25 +
+ 3 files changed, 89 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index df21693..4d55c46 100644
+--- a/configure.ac
 b/configure.ac
+@@ -1448,6 +1448,62 @@ AC_ARG_WITH([skey],
+   ]
+ )
+ 
++# Check whether user wants TCP wrappers support
++TCPW_MSG="no"
++AC_ARG_WITH([tcp-wrappers],
++  [  --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally 
in PATH)],
++  [
++  if test "x$withval" != "xno" ; then
++  saved_LIBS="$LIBS"
++  saved_LDFLAGS="$LDFLAGS"
++  saved_CPPFLAGS="$CPPFLAGS"
++  if test -n "${withval}" && \
++  test "x${withval}" != "xyes"; then
++  if test -d "${withval}/lib"; then
++  if test -n "${need_dash_r}"; then
++  LDFLAGS="-L${withval}/lib 
-R${withval}/lib ${LDFLAGS}"
++  else
++  LDFLAGS="-L${withval}/lib 
${LDFLAGS}"
++  fi
++  else
++  if test -n "${need_dash_r}"; then
++  LDFLAGS="-L${withval} 
-R${withval} ${LDFLAGS}"
++  else
++  LDFLAGS="-L${withval} 
${LDFLAGS}"
++  fi
++  fi
++  if test -d "${withval}/include"; then
++  CPPFLAGS="-I${withval}/include 
${CPPFLAGS}"
++  else
++  CPPFLAGS="-I${withval} ${CPPFLAGS}"
++  fi
++  fi
++  LIBS="-lwrap $LIBS"
++  AC_MSG_CHECKING([for libwrap])
++  AC_LINK_IFELSE([AC_LANG_PROGRAM([[
++#include 
++#include 
++#include 
++#include 
++int deny_severity = 0, allow_severity = 0;
++  ]], [[
++  hosts_access(0);
++  ]])], [
++  AC_MSG_RESULT([yes])
++  AC_DEFINE([LIBWRAP], [1],
++  [Define if you want
++  

[OE-core] [PATCH] gnupg: set development_version as no

[wenzong.fan]

From: Wenzong Fan 

The development_version used to mark if gnupg is a beta version. The
checking logic in autogen.sh always assume that gnupg is beta if below
command is not run in gnupg's git-repo:

  './autogen.sh --find-version 2 1 7'

This does not work for integration. Set development_version as no to
fix runtime issue:

  $gpg --list-sigs
  gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
  gpg: It is only intended for test purposes and should NOT be
  gpg: used in a production environment or with production keys!

Signed-off-by: Wenzong Fan 
---
 .../configure-set-development_version-as-no.patch  | 36 ++
 meta/recipes-support/gnupg/gnupg_2.1.7.bb  |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 
meta/recipes-support/gnupg/gnupg/configure-set-development_version-as-no.patch

diff --git 
a/meta/recipes-support/gnupg/gnupg/configure-set-development_version-as-no.patch
 
b/meta/recipes-support/gnupg/gnupg/configure-set-development_version-as-no.patch
new file mode 100644
index 000..3c71040
--- /dev/null
+++ 
b/meta/recipes-support/gnupg/gnupg/configure-set-development_version-as-no.patch
@@ -0,0 +1,36 @@
+From 6cdc55816048afb52f1c3a706c0ba99dfc069b89 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Thu, 22 Oct 2015 02:51:46 -0400
+Subject: [PATCH] gnupg: set development_version as no
+
+The development_version used to mark if gnupg is a beta version. The
+checking logic in autogen.sh always assume that gnupg is beta if below
+command is not run in gnupg's git-repo:
+
+  './autogen.sh --find-version 2 1 7'
+
+This does not work for integration.
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Wenzong Fan 
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index b38aa06..ea40c19 100644
+--- a/configure.ac
 b/configure.ac
+@@ -70,7 +70,7 @@ NEED_NPTH_VERSION=0.91
+ NEED_GNUTLS_VERSION=3.0
+ 
+ 
+-development_version=mym4_isbeta
++development_version=no
+ PACKAGE=$PACKAGE_NAME
+ PACKAGE_GT=${PACKAGE_NAME}2
+ VERSION=$PACKAGE_VERSION
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/gnupg/gnupg_2.1.7.bb 
b/meta/recipes-support/gnupg/gnupg_2.1.7.bb
index 48c7c96..638af6d 100644
--- a/meta/recipes-support/gnupg/gnupg_2.1.7.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.1.7.bb
@@ -12,6 +12,7 @@ SRC_URI = 
"ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2 \
file://pkgconfig.patch \
file://use-pkgconfig-instead-of-npth-config.patch \
file://dirmngr-uses-libgpg-error.patch \
+   file://configure-set-development_version-as-no.patch \
   "
 
 SRC_URI[md5sum] = "ebdf92b15b8bcd8579b643c7f41a3238"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] recipes: add distro_features_check for some packages

[wenzong.fan]

From: Wenzong Fan 

* The packages that depends on gtk+3 require any of distro features
  from ${GTK3DISTROFEATURES}

* The packages that depends on virtual/egl, virtual/libgl ... require
  distro feature 'opengl'

Signed-off-by: Wenzong Fan 
---
 meta/recipes-gnome/gcr/gcr_3.16.0.bb | 4 +++-
 meta/recipes-gnome/libnotify/libnotify_0.7.6.bb  | 4 +++-
 meta/recipes-graphics/clutter/clutter-1.0.inc| 4 +++-
 meta/recipes-graphics/clutter/clutter-gst-3.0.inc| 4 +++-
 meta/recipes-graphics/clutter/clutter-gtk-1.0.inc| 6 +-
 meta/recipes-graphics/cogl/cogl-1.0.inc  | 4 +++-
 meta/recipes-graphics/eglinfo/eglinfo.inc| 4 +++-
 meta/recipes-graphics/libepoxy/libepoxy_git.bb   | 4 +++-
 meta/recipes-graphics/mesa/mesa-demos_8.2.0.bb   | 4 +++-
 meta/recipes-graphics/mx/mx.inc  | 4 +++-
 meta/recipes-graphics/packagegroups/packagegroup-core-clutter.bb | 4 +++-
 meta/recipes-graphics/wayland/weston-init.bb | 4 +++-
 meta/recipes-graphics/wayland/weston_1.8.0.bb| 4 +++-
 13 files changed, 41 insertions(+), 13 deletions(-)

diff --git a/meta/recipes-gnome/gcr/gcr_3.16.0.bb 
b/meta/recipes-gnome/gcr/gcr_3.16.0.bb
index 4c9fe2e..057c815 100644
--- a/meta/recipes-gnome/gcr/gcr_3.16.0.bb
+++ b/meta/recipes-gnome/gcr/gcr_3.16.0.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=55ca817ccb7d5b5b66355690e9abc605"
 
 DEPENDS = "gtk+3 p11-kit glib-2.0 libgcrypt vala"
 
-inherit autotools gnomebase gtk-icon-cache gtk-doc
+inherit autotools gnomebase gtk-icon-cache gtk-doc distro_features_check
+# depends on gtk+3
+ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
 
 SRC_URI[archive.md5sum] = "d5835680be0b6a838e02a528d5378d9c"
 SRC_URI[archive.sha256sum] = 
"ecfe8df41cc88158364bb15addc670b11e539fe844742983629ba2323888d075"
diff --git a/meta/recipes-gnome/libnotify/libnotify_0.7.6.bb 
b/meta/recipes-gnome/libnotify/libnotify_0.7.6.bb
index 41d188c..1a24c10 100644
--- a/meta/recipes-gnome/libnotify/libnotify_0.7.6.bb
+++ b/meta/recipes-gnome/libnotify/libnotify_0.7.6.bb
@@ -5,7 +5,9 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34"
 
 DEPENDS = "dbus gtk+3 dbus-glib"
 
-inherit gnomebase gtk-doc
+inherit gnomebase gtk-doc distro_features_check
+# depends on gtk+3
+ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
 
 SRC_URI[archive.md5sum] = "a4997019d08f46f3bf57b78e6f795a59"
 SRC_URI[archive.sha256sum] = 
"0ef61ca400d30e28217979bfa0e73a7406b19c32dd76150654ec5b2bdf47d837"
diff --git a/meta/recipes-graphics/clutter/clutter-1.0.inc 
b/meta/recipes-graphics/clutter/clutter-1.0.inc
index da21cee..5d0f55c 100644
--- a/meta/recipes-graphics/clutter/clutter-1.0.inc
+++ b/meta/recipes-graphics/clutter/clutter-1.0.inc
@@ -2,7 +2,9 @@ SUMMARY = "Graphics library for creating hardware-accelerated 
user interfaces"
 HOMEPAGE = "http://www.clutter-project.org/";
 LICENSE = "LGPLv2.1+"
 
-inherit clutter ptest-gnome
+inherit clutter ptest-gnome distro_features_check
+# depends on cogl-1.0 which needs opengl
+REQUIRED_DISTRO_FEATURES ?= "opengl"
 
 DEPENDS = "pango glib-2.0 json-glib atk udev cogl-1.0"
 PACKAGE_BEFORE_PN += "${PN}-examples"
diff --git a/meta/recipes-graphics/clutter/clutter-gst-3.0.inc 
b/meta/recipes-graphics/clutter/clutter-gst-3.0.inc
index d4fed71..67c7590 100644
--- a/meta/recipes-graphics/clutter/clutter-gst-3.0.inc
+++ b/meta/recipes-graphics/clutter/clutter-gst-3.0.inc
@@ -2,7 +2,9 @@ SUMMARY = "GStreamer integration library for Clutter"
 HOMEPAGE = "http://www.clutter-project.org/";
 LICENSE = "LGPLv2+"
 
-inherit clutter
+inherit clutter distro_features_check
+# depends on clutter-1.0 which depends on cogl-1.0
+REQUIRED_DISTRO_FEATURES ?= "opengl"
 
 SRC_URI += 
"file://0001-Install-example-binary-needed-for-core-image-clutter.patch"
 
diff --git a/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc 
b/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc
index 45898b4..688eed2 100644
--- a/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc
+++ b/meta/recipes-graphics/clutter/clutter-gtk-1.0.inc
@@ -2,7 +2,11 @@ SUMMARY = "Library for embedding a Clutter canvas in a GTK+ 
application"
 HOMEPAGE = "http://www.clutter-project.org/";
 LICENSE = "LGPLv2+"
 
-inherit clutter
+inherit clutter distro_features_check
+# depends on clutter-1.0 which depends on cogl-1.0
+REQUIRED_DISTRO_FEATURES ?= "opengl"
+# depends on gtk+3
+ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
 
 DEPENDS = "clutter-1.0 gtk+3"
 PACKAGES  =+ "${PN}-examples"
diff --git a/meta/recipes-graphics/cogl/cogl-1.0.inc 
b/meta/recipes-graphics/cogl/cogl-1.0.inc
index 3da31c8..88d84ea 100644
--- a/meta/recipes-graphics/cogl/cogl-1.0.inc
+++ b/meta/recipes-graphics/cogl/cogl-1.0.inc
@@ -2,7 +2,9 @@ SUMMARY = "Modern 3D graphics API with associated utility APIs"
 HOMEPAGE = "http://wiki.clu

[OE-core] [PATCH 1/1 v2] mdadm: fix CFLAGS and ptest issue

[wenzong.fan]

From: Wenzong Fan 

* Pass global CFLAGS to build:

The CFLAGS does not pass to build at all since it was redefined by
mdadm Makefile:

  CFLAGS = $(CWFLAGS) $(CXFLAGS) ...

This could be done by setting 'CXFLAGS="${CFLAGS}"'.

* Also fix ptest build error caused by global CFLAGS:

  raid6check.c: In function 'check_stripes':
  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
  in this function [-Werror=maybe-uninitialized]

Signed-off-by: Wenzong Fan 
---
 .../mdadm/files/mdadm-fix-ptest-build-error.patch  | 34 ++
 meta/recipes-extended/mdadm/mdadm_3.3.4.bb |  3 +-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch

diff --git 
a/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch 
b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch
new file mode 100644
index 000..b2495c0
--- /dev/null
+++ b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch
@@ -0,0 +1,34 @@
+From d062030a36faa77193ac66b498a1ec704013dbb1 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Thu, 10 Sep 2015 03:52:20 -0400
+Subject: [PATCH] mdadm: fix ptest build error
+
+Initialize *stripe_buf as NULL to fix ptest build error:
+
+  raid6check.c: In function 'check_stripes':
+  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
+  in this function [-Werror=maybe-uninitialized]
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ raid6check.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/raid6check.c b/raid6check.c
+index cb8522e..e4a9ff0 100644
+--- a/raid6check.c
 b/raid6check.c
+@@ -312,7 +312,7 @@ int check_stripes(struct mdinfo *info, int *source, 
unsigned long long *offsets,
+   /* read the data and p and q blocks, and check we got them right */
+   int data_disks = raid_disks - 2;
+   int syndrome_disks = data_disks + is_ddf(layout) * 2;
+-  char *stripe_buf;
++  char *stripe_buf = NULL;
+ 
+   /* stripes[] is indexed by raid_disk and holds chunks from each device 
*/
+   char **stripes = xmalloc(raid_disks * sizeof(char*));
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb 
b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
index 1198167..ed56b11 100644
--- a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
+++ b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
@@ -13,6 +13,7 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \
file://gcc-4.9.patch \
file://mdadm-3.3.2_x32_abi_time_t.patch \
file://0001-Fix-typo-in-comparision.patch \
+   file://mdadm-fix-ptest-build-error.patch \
file://run-ptest \
  "
 SRC_URI[md5sum] = "7ca8b114710f98f53f20c5787b674a09"
@@ -22,7 +23,7 @@ CFLAGS += "-fno-strict-aliasing"
 
 inherit autotools-brokensep
 
-EXTRA_OEMAKE = "CHECK_RUN_DIR=0"
+EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}"'
 # PPC64 and MIPS64 uses long long for u64 in the kernel, but powerpc's 
asm/types.h
 # prevents 64-bit userland from seeing this definition, instead defaulting
 # to u64 == long in userspace. Define __SANE_USERSPACE_TYPES__ to get
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1 v2] mdadm: fix CFLAGS and ptest issue

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

* update commit subject:
  mdadm: fix CFLAGS invalid issue -> mdadm: fix CFLAGS and ptest issue

* rebase changes against latest master branch.

The following changes since commit 556c0ea92eb32ddb9c9a5e30a74b2ca24ac69c68:

  lib/oe/image.py: Fix dependency handling for compressed types (2015-10-14 
18:08:37 +0300)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/mdadm
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/mdadm

Wenzong Fan (1):
  mdadm: fix CFLAGS and ptest issue

 .../mdadm/files/mdadm-fix-ptest-build-error.patch  | 34 ++
 meta/recipes-extended/mdadm/mdadm_3.3.4.bb |  3 +-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] bzip2: fix bunzip2 -qt returns 0 for corrupt archives

[wenzong.fan]

From: Wenzong Fan 

"bzip2 -t FILE" returns 2 if FILE exists, but is not a valid bzip2 file.
"bzip2 -qt FILE" returns 0 when this happens, although it does print out
an error message as is does so.

This has been fix by Debian, just port changes from Debian patch file
"20-legacy.patch".

Debian defect:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=279025

Fix item from changelog:
http://archive.debian.net/changelogs/pool/main/b/bzip2/bzip2_1.0.2-7/changelog

  * Fixed "bunzip2 -qt returns 0 for corrupt archives" (Closes: #279025).

Signed-off-by: Wenzong Fan 
---
 ...bunzip2-qt-returns-0-for-corrupt-archives.patch | 55 ++
 meta/recipes-extended/bzip2/bzip2_1.0.6.bb |  1 +
 2 files changed, 56 insertions(+)
 create mode 100644 
meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch

diff --git 
a/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
 
b/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
new file mode 100644
index 000..ece90d9
--- /dev/null
+++ 
b/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
@@ -0,0 +1,55 @@
+From 8068659388127e8e63f2d2297ba2348c72b20705 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Mon, 12 Oct 2015 03:19:51 -0400
+Subject: [PATCH] bzip2: fix bunzip2 -qt returns 0 for corrupt archives
+
+"bzip2 -t FILE" returns 2 if FILE exists, but is not a valid bzip2 file.
+"bzip2 -qt FILE" returns 0 when this happens, although it does print out
+an error message as is does so.
+
+This has been fix by Debian, just port changes from Debian patch file
+"20-legacy.patch".
+
+Debian defect:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=279025
+
+Fix item from changelog:
+http://archive.debian.net/changelogs/pool/main/b/bzip2/bzip2_1.0.2-7/changelog
+
+  * Fixed "bunzip2 -qt returns 0 for corrupt archives" (Closes: #279025).
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ bzip2.c | 14 --
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/bzip2.c b/bzip2.c
+index 6de9d1d..f2ce668 100644
+--- a/bzip2.c
 b/bzip2.c
+@@ -2003,12 +2003,14 @@ IntNative main ( IntNative argc, Char *argv[] )
+ testf ( aa->name );
+}
+   }
+-  if (testFailsExist && noisy) {
+- fprintf ( stderr,
+-   "\n"
+-   "You can use the `bzip2recover' program to attempt to recover\n"
+-   "data from undamaged sections of corrupted files.\n\n"
+- );
++  if (testFailsExist) {
++ if (noisy) {
++fprintf ( stderr,
++  "\n"
++  "You can use the `bzip2recover' program to attempt to recover\n"
++  "data from undamaged sections of corrupted files.\n\n"
++);
++ }
+  setExit(2);
+  exit(exitValue);
+   }
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/bzip2/bzip2_1.0.6.bb 
b/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
index 233fe4c..d7b8c06 100644
--- a/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
+++ b/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;beginline=8;endline=37;md5=40d9d1eb05736d1bfc
 PR = "r5"
 
 SRC_URI = "http://www.bzip.org/${PV}/${BP}.tar.gz \
+   file://fix-bunzip2-qt-returns-0-for-corrupt-archives.patch \
file://configure.ac;subdir=${BP} \
file://Makefile.am;subdir=${BP} \
file://run-ptest"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1 v2] bzip2: fix bunzip2 -qt returns 0 for corrupt archives

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

* update Upstream-Status: "Backport [Debian] -> Pending"
* add Debian defect/changelog links to commit log

The following changes since commit d302c98822efe2cb78a63b620aed1b94b4ed4a68:

  bitbake: toaster: Fix missing tooltips from layers on project configuration 
page (2015-10-13 15:35:49 +0300)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/bzip2
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/bzip2

Wenzong Fan (1):
  bzip2: fix bunzip2 -qt returns 0 for corrupt archives

 ...bunzip2-qt-returns-0-for-corrupt-archives.patch | 55 ++
 meta/recipes-extended/bzip2/bzip2_1.0.6.bb |  1 +
 2 files changed, 56 insertions(+)
 create mode 100644 
meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] bzip2: fix bunzip2 -qt returns 0 for corrupt archives

[wenzong.fan]

From: Wenzong Fan 

"bzip2 -t FILE" returns 2 if FILE exists, but is not a valid bzip2 file.
"bzip2 -qt FILE" returns 0 when this happens, although it does print out
an error message as is does so.

This has been fix by Debian, just port changes from Debian patch file
"20-legacy.patch":

* Fixed "bunzip2 -qt returns 0 for corrupt archives" (Closes: #279025).

Signed-off-by: Wenzong Fan 
---
 ...bunzip2-qt-returns-0-for-corrupt-archives.patch | 49 ++
 meta/recipes-extended/bzip2/bzip2_1.0.6.bb |  1 +
 2 files changed, 50 insertions(+)
 create mode 100644 
meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch

diff --git 
a/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
 
b/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
new file mode 100644
index 000..63d705d
--- /dev/null
+++ 
b/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
@@ -0,0 +1,49 @@
+From 8068659388127e8e63f2d2297ba2348c72b20705 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Mon, 12 Oct 2015 03:19:51 -0400
+Subject: [PATCH] bzip2: fix bunzip2 -qt returns 0 for corrupt archives
+
+"bzip2 -t FILE" returns 2 if FILE exists, but is not a valid bzip2 file.
+"bzip2 -qt FILE" returns 0 when this happens, although it does print out
+an error message as is does so.
+
+This has been fix by Debian, just port changes from Debian patch file
+"20-legacy.patch":
+
+* Fixed "bunzip2 -qt returns 0 for corrupt archives" (Closes: #279025).
+
+Upstream-Status: Backport [Debian]
+
+Signed-off-by: Wenzong Fan 
+---
+ bzip2.c | 14 --
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/bzip2.c b/bzip2.c
+index 6de9d1d..f2ce668 100644
+--- a/bzip2.c
 b/bzip2.c
+@@ -2003,12 +2003,14 @@ IntNative main ( IntNative argc, Char *argv[] )
+ testf ( aa->name );
+}
+   }
+-  if (testFailsExist && noisy) {
+- fprintf ( stderr,
+-   "\n"
+-   "You can use the `bzip2recover' program to attempt to recover\n"
+-   "data from undamaged sections of corrupted files.\n\n"
+- );
++  if (testFailsExist) {
++ if (noisy) {
++fprintf ( stderr,
++  "\n"
++  "You can use the `bzip2recover' program to attempt to recover\n"
++  "data from undamaged sections of corrupted files.\n\n"
++);
++ }
+  setExit(2);
+  exit(exitValue);
+   }
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/bzip2/bzip2_1.0.6.bb 
b/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
index 233fe4c..d7b8c06 100644
--- a/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
+++ b/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
@@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;beginline=8;endline=37;md5=40d9d1eb05736d1bfc
 PR = "r5"
 
 SRC_URI = "http://www.bzip.org/${PV}/${BP}.tar.gz \
+   file://fix-bunzip2-qt-returns-0-for-corrupt-archives.patch \
file://configure.ac;subdir=${BP} \
file://Makefile.am;subdir=${BP} \
file://run-ptest"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/3 v2] curl: cleanup buildpaths from curl-config

[wenzong.fan]

From: Wenzong Fan 

curl-config will be installed to target, cleanup buildpaths in it:

* remove ${STAGING_DIR_HOST} from CC, CFLAGS ...

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/curl/curl_7.44.0.bb | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-support/curl/curl_7.44.0.bb 
b/meta/recipes-support/curl/curl_7.44.0.bb
index b293303..f6d350e 100644
--- a/meta/recipes-support/curl/curl_7.44.0.bb
+++ b/meta/recipes-support/curl/curl_7.44.0.bb
@@ -45,6 +45,11 @@ do_install_append() {
oe_multilib_header curl/curlbuild.h
 }
 
+do_install_append_class-target() {
+   # cleanup buildpaths from curl-config
+   sed -i -e 's,${STAGING_DIR_HOST},,g' ${D}${bindir}/curl-config
+}
+
 PACKAGES =+ "lib${BPN}"
 
 FILES_lib${BPN} = "${libdir}/lib*.so.*"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 3/3 v2] gnutls: cleanup buildpaths from gnutls.pc

[wenzong.fan]

From: Wenzong Fan 

For multilib build, PKG_CONFIG_SYSROOT_DIR will be injected in values
that are returned by 'pkg-config --libs xxx', such as for zlib:

  dev-shell# pkg-config --libs zlib
  -L/path/to/tmp/sysroots/qemux86-64/usr/lib64 -lz

The values used by configure to generate various files from templates.

For gnutls, the buildpaths should be cleaned up from:

* gnutls.pc:
  generated from lib/gnutls.pc.in that includes @LTLIBZ@

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/gnutls/gnutls.inc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-support/gnutls/gnutls.inc 
b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..3c8d4c9 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -38,6 +38,11 @@ PACKAGECONFIG ??= "zlib"
 PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
 PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
 
+do_install_append_class-target() {
+   # cleanup buildpaths from gnutls.pc
+   sed -i -e 's,${STAGING_DIR_HOST},,g' ${D}${libdir}/pkgconfig/gnutls.pc
+}
+
 PACKAGES =+ "${PN}-openssl ${PN}-xx"
 
 FILES_${PN}-dev += "${bindir}/gnutls-cli-debug"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/3 v2] glib-2.0: cleanup buildpaths from pkgconfig files

[wenzong.fan]

From: Wenzong Fan 

For multilib build, PKG_CONFIG_SYSROOT_DIR will be injected in values
that are returned by 'pkg-config --libs xxx', such as for zlib:

  dev-shell# pkg-config --libs zlib
  -L/path/to/tmp/sysroots/qemux86-64/usr/lib64 -lz

The values used by configure to generate various files from templates.

For glib-2.0, the buildpaths should be cleaned up from:

* gio-2.0.pc:
  generated from gio-2.0.pc.in that includes @ZLIB_LIBS@

* gobject-2.0.pc:
  generated from gobject-2.0.pc.in that includes @LIBFFI_LIBS@

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/glib-2.0/glib.inc | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/meta/recipes-core/glib-2.0/glib.inc 
b/meta/recipes-core/glib-2.0/glib.inc
index 072f790..fb42eac 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -75,6 +75,12 @@ do_install_append () {
fi
 }
 
+do_install_append_class-target() {
+   # cleanup buildpaths from gio-2.0.pc, gobject-2.0.pc
+   sed -i -e 's,${STAGING_DIR_HOST},,g' ${D}${libdir}/pkgconfig/gio-2.0.pc
+   sed -i -e 's,${STAGING_DIR_HOST},,g' 
${D}${libdir}/pkgconfig/gobject-2.0.pc
+}
+
 RDEPENDS_${PN}-ptest += "\
 gnome-desktop-testing \
 tzdata \
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/3 v2] cleanup buildpaths for gnutls, curl, glib-2.0

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

* limit sed logics to do_install_append_class-target()
* update commit logs for all three patches
 
The following changes since commit 4bc3f0994e68b3302a0523a3156dd0dca0cac7a0:

  bitbake: toaster: move clones into subdirectory (2015-09-29 14:11:39 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/buildpaths
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/buildpaths

Wenzong Fan (3):
  glib-2.0: cleanup buildpaths from pkgconfig files
  curl: cleanup buildpaths from curl-config
  gnutls: cleanup buildpaths from gnutls.pc

 meta/recipes-core/glib-2.0/glib.inc  | 6 ++
 meta/recipes-support/curl/curl_7.44.0.bb | 5 +
 meta/recipes-support/gnutls/gnutls.inc   | 5 +
 3 files changed, 16 insertions(+)

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gnome-doc-utils: xslt - don't install Makefiles

[wenzong.fan]

From: Wenzong Fan 

All the xml files under xslt will be installed by default, the
buildtime stuffs that Makefile, Makefile.in, Makefile.am are not
needed for target.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-gnome/gnome/gnome-doc-utils.inc | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/meta/recipes-gnome/gnome/gnome-doc-utils.inc 
b/meta/recipes-gnome/gnome/gnome-doc-utils.inc
index 9587506..8adfac7 100644
--- a/meta/recipes-gnome/gnome/gnome-doc-utils.inc
+++ b/meta/recipes-gnome/gnome/gnome-doc-utils.inc
@@ -15,9 +15,6 @@ CLEANBROKEN = "1"
 EXTRA_OECONF += "--disable-scrollkeeper"
 
 do_install_append() {
-   mkdir -p  ${D}${datadir}/xml/gnome/xslt/
-   cp -pPr ${S}/xslt/* ${D}${datadir}/xml/gnome/xslt/
-
chown -R root:root ${D}
 }
 
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] apr: cleanup buildpaths from target stuffs

[wenzong.fan]

From: Wenzong Fan 

* cleanup buildpaths from apr_rules.mk and apr-1-config:
  - remove ${STAGING_DIR_HOST} from CC, CPP ...
  - set APR_SOURCE_DIR, APR_BUILD_DIR as empty

* install ${HOST_SYS}-libtool to sysroot only, it's required for
  building apache2 but not suitable for target.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/apr/apr_1.5.2.bb | 9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-support/apr/apr_1.5.2.bb 
b/meta/recipes-support/apr/apr_1.5.2.bb
index c1f7f38..e12a176 100644
--- a/meta/recipes-support/apr/apr_1.5.2.bb
+++ b/meta/recipes-support/apr/apr_1.5.2.bb
@@ -55,7 +55,13 @@ do_configure_append() {
 do_install_append() {
oe_multilib_header apr.h
install -d ${D}${datadir}/apr
-   cp ${S}/${HOST_SYS}-libtool ${D}${datadir}/build-1/libtool
+}
+
+do_install_append_class-target() {
+   sed -i -e 's,${STAGING_DIR_HOST},,g' ${D}${datadir}/build-1/apr_rules.mk
+   sed -i -e 's,${STAGING_DIR_HOST},,g' \
+  -e 's,APR_SOURCE_DIR=.*,APR_SOURCE_DIR=,g' \
+  -e 's,APR_BUILD_DIR=.*,APR_BUILD_DIR=,g' 
${D}${bindir}/apr-1-config
 }
 
 SSTATE_SCAN_FILES += "apr_rules.mk libtool"
@@ -73,6 +79,7 @@ apr_sysroot_preprocess () {
cp ${S}/build/mkdir.sh $d/
cp ${S}/build/make_exports.awk $d/
cp ${S}/build/make_var_export.awk $d/
+   cp ${S}/${HOST_SYS}-libtool ${SYSROOT_DESTDIR}${datadir}/build-1/libtool
 }
 
 do_compile_ptest() {
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] apr-utils: cleanup buildpaths for target stuffs

[wenzong.fan]

From: Wenzong Fan 

* cleanup buildpaths from apu-1-config:
  - remove ${STAGING_DIR_HOST} from CC, CPP ...
  - set APU_SOURCE_DIR, APU_BUILD_DIR as empty

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/apr/apr-util_1.5.4.bb | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/meta/recipes-support/apr/apr-util_1.5.4.bb 
b/meta/recipes-support/apr/apr-util_1.5.4.bb
index 6a14d14..a36f13d 100644
--- a/meta/recipes-support/apr/apr-util_1.5.4.bb
+++ b/meta/recipes-support/apr/apr-util_1.5.4.bb
@@ -60,6 +60,12 @@ do_configure_append_class-nativesdk() {
sed -i "s#\(LIBTOOL=\$(apr_builddir)\).*#\1/libtool#" 
${S}/build/rules.mk
 }
 
+do_install_append_class-target() {
+   sed -i -e 's,${STAGING_DIR_HOST},,g' \
+  -e 's,APU_SOURCE_DIR=.*,APR_SOURCE_DIR=,g' \
+  -e 's,APU_BUILD_DIR=.*,APR_BUILD_DIR=,g' 
${D}${bindir}/apu-1-config
+}
+
 FILES_${PN} += "${libdir}/apr-util-1/apr_dbm_gdbm-1.so"
 FILES_${PN}-dev += "${libdir}/aprutil.exp 
${libdir}/apr-util-1/apr_dbm_gdbm.so* ${libdir}/apr-util-1/apr_dbm_gdbm.la"
 FILES_${PN}-dbg += "${libdir}/apr-util-1/.debug/*"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] glib-2.0: cleanup buildpaths from pkgconfig files

[wenzong.fan]

From: Wenzong Fan 

* gio-2.0.pc:
  -L/path/to/tmp/sysroots/qemux86-64/lib64 -> -L/lib64

* gobject-2.0.pc:
  -L/path/to/tmp/sysroots/qemux86-64/usr/lib64/../lib64
-> -L/usr/lib64/../lib64

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/glib-2.0/glib.inc | 6 ++
 1 file changed, 6 insertions(+)

diff --git a/meta/recipes-core/glib-2.0/glib.inc 
b/meta/recipes-core/glib-2.0/glib.inc
index 072f790..4ccdb93 100644
--- a/meta/recipes-core/glib-2.0/glib.inc
+++ b/meta/recipes-core/glib-2.0/glib.inc
@@ -75,6 +75,12 @@ do_install_append () {
fi
 }
 
+do_install_append_class-target() {
+   # cleanup buildpaths from gio-2.0.pc, gobject-2.0.pc
+   sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/gio-2.0.pc
+   sed -i -e 's#${STAGING_DIR_HOST}##g' 
${D}${libdir}/pkgconfig/gobject-2.0.pc
+}
+
 RDEPENDS_${PN}-ptest += "\
 gnome-desktop-testing \
 tzdata \
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gnutls: cleanup buildpaths from gnutls.pc

[wenzong.fan]

From: Wenzong Fan 

* gnutls.pc:
  -L/path/to/tmp/sysroots/qemux86-64/lib64 -> -L/lib64

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/gnutls/gnutls.inc | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-support/gnutls/gnutls.inc 
b/meta/recipes-support/gnutls/gnutls.inc
index e9b138a..0a5e663 100644
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -38,6 +38,11 @@ PACKAGECONFIG ??= "zlib"
 PACKAGECONFIG[tpm] = "--with-tpm, --without-tpm, trousers"
 PACKAGECONFIG[zlib] = "--with-zlib, --without-zlib, zlib"
 
+do_install_append() {
+   # cleanup buildpaths from gnutls.pc
+   sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/gnutls.pc
+}
+
 PACKAGES =+ "${PN}-openssl ${PN}-xx"
 
 FILES_${PN}-dev += "${bindir}/gnutls-cli-debug"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] curl: cleanup buildpaths from curl-config

[wenzong.fan]

From: Wenzong Fan 

* curl-config:
  -L/path/to/tmp/sysroots/qemux86-64/usr/lib64 -> -L/usr/lib64
  --sysroot=/path/to/tmp/sysroots/qemux86-64'  -> --sysroot=

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/curl/curl_7.44.0.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-support/curl/curl_7.44.0.bb 
b/meta/recipes-support/curl/curl_7.44.0.bb
index b293303..b0cf700 100644
--- a/meta/recipes-support/curl/curl_7.44.0.bb
+++ b/meta/recipes-support/curl/curl_7.44.0.bb
@@ -43,6 +43,9 @@ EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 
'largefile', 'ac_cv_siz
 
 do_install_append() {
oe_multilib_header curl/curlbuild.h
+
+   # cleanup buildpaths from curl-config
+   sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${bindir}/curl-config
 }
 
 PACKAGES =+ "lib${BPN}"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] mdadm: fix CFLAGS invalid issue

[wenzong.fan]

From: Wenzong Fan 

* Pass global CFLAGS to build:

The CFLAGS does not pass to build at all since it was redefined by
mdadm Makefile:

  CFLAGS = $(CWFLAGS) $(CXFLAGS) ...

This could be done by setting 'CXFLAGS="${CFLAGS}"'.

* Also fix ptest build error caused by global CFLAGS:

  raid6check.c: In function 'check_stripes':
  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
  in this function [-Werror=maybe-uninitialized]

Signed-off-by: Wenzong Fan 
---
 .../mdadm/files/mdadm-fix-ptest-build-error.patch  | 34 ++
 meta/recipes-extended/mdadm/mdadm_3.3.4.bb |  3 +-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch

diff --git 
a/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch 
b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch
new file mode 100644
index 000..b2495c0
--- /dev/null
+++ b/meta/recipes-extended/mdadm/files/mdadm-fix-ptest-build-error.patch
@@ -0,0 +1,34 @@
+From d062030a36faa77193ac66b498a1ec704013dbb1 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Thu, 10 Sep 2015 03:52:20 -0400
+Subject: [PATCH] mdadm: fix ptest build error
+
+Initialize *stripe_buf as NULL to fix ptest build error:
+
+  raid6check.c: In function 'check_stripes':
+  raid6check.c:315:8: error: 'stripe_buf' may be used uninitialized \
+  in this function [-Werror=maybe-uninitialized]
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ raid6check.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/raid6check.c b/raid6check.c
+index cb8522e..e4a9ff0 100644
+--- a/raid6check.c
 b/raid6check.c
+@@ -312,7 +312,7 @@ int check_stripes(struct mdinfo *info, int *source, 
unsigned long long *offsets,
+   /* read the data and p and q blocks, and check we got them right */
+   int data_disks = raid_disks - 2;
+   int syndrome_disks = data_disks + is_ddf(layout) * 2;
+-  char *stripe_buf;
++  char *stripe_buf = NULL;
+ 
+   /* stripes[] is indexed by raid_disk and holds chunks from each device 
*/
+   char **stripes = xmalloc(raid_disks * sizeof(char*));
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb 
b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
index 460a430..a8b4ee1 100644
--- a/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
+++ b/meta/recipes-extended/mdadm/mdadm_3.3.4.bb
@@ -12,6 +12,7 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/raid/mdadm/${BPN}-${PV}.tar.xz \
file://mdadm-3.2.2_fix_for_x32.patch \
file://gcc-4.9.patch \
file://mdadm-3.3.2_x32_abi_time_t.patch \
+   file://mdadm-fix-ptest-build-error.patch \
file://run-ptest \
  "
 SRC_URI[md5sum] = "7ca8b114710f98f53f20c5787b674a09"
@@ -21,7 +22,7 @@ CFLAGS += "-fno-strict-aliasing"
 
 inherit autotools-brokensep
 
-EXTRA_OEMAKE = "CHECK_RUN_DIR=0"
+EXTRA_OEMAKE = 'CHECK_RUN_DIR=0 CXFLAGS="${CFLAGS}"'
 # PPC64 and MIPS64 uses long long for u64 in the kernel, but powerpc's 
asm/types.h
 # prevents 64-bit userland from seeing this definition, instead defaulting
 # to u64 == long in userspace. Define __SANE_USERSPACE_TYPES__ to get
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gnu-efi: Make setjmp.S portable to ARM

[wenzong.fan]

From: Wenzong Fan 

This patch fixes the following error:

  .../lib/arm/setjmp.S:18: Error: unrecognized symbol type ""
  .../lib/arm/setjmp.S:26: Error: unrecognized symbol type ""

The problem is the assembly syntax that is used is not portable to ARM,
where the '@' symbol is a comment:

  > Note on targets where the @ character is the start of a comment
  > (eg ARM) then another character is used instead. For example the
  > ARM port uses the % character.

(From https://sourceware.org/binutils/docs-2.25/as/Section.html#Section)

Signed-off-by: Wenzong Fan 
---
 .../gnu-efi-Make-setjmp.S-portable-to-ARM.patch| 50 ++
 meta/recipes-bsp/gnu-efi/gnu-efi_3.0.3.bb  |  1 +
 2 files changed, 51 insertions(+)
 create mode 100644 
meta/recipes-bsp/gnu-efi/gnu-efi/gnu-efi-Make-setjmp.S-portable-to-ARM.patch

diff --git 
a/meta/recipes-bsp/gnu-efi/gnu-efi/gnu-efi-Make-setjmp.S-portable-to-ARM.patch 
b/meta/recipes-bsp/gnu-efi/gnu-efi/gnu-efi-Make-setjmp.S-portable-to-ARM.patch
new file mode 100644
index 000..ced128a
--- /dev/null
+++ 
b/meta/recipes-bsp/gnu-efi/gnu-efi/gnu-efi-Make-setjmp.S-portable-to-ARM.patch
@@ -0,0 +1,50 @@
+From 8a356d4b6a242ce63b73920d3ed33f88f9e12fe3 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Sun, 6 Sep 2015 05:20:43 -0400
+Subject: [PATCH] gnu-efi: Make setjmp.S portable to ARM
+
+This patch fixes the following error:
+
+  .../lib/arm/setjmp.S:18: Error: unrecognized symbol type ""
+  .../lib/arm/setjmp.S:26: Error: unrecognized symbol type ""
+
+The problem is the assembly syntax that is used is not portable to ARM,
+where the '@' symbol is a comment:
+
+  > Note on targets where the @ character is the start of a comment
+  > (eg ARM) then another character is used instead. For example the
+  > ARM port uses the % character.
+
+(From https://sourceware.org/binutils/docs-2.25/as/Section.html#Section)
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ lib/arm/setjmp.S | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/arm/setjmp.S b/lib/arm/setjmp.S
+index 6e3fbf0..85c8705 100644
+--- a/lib/arm/setjmp.S
 b/lib/arm/setjmp.S
+@@ -15,7 +15,7 @@ BASIS,
+   .text
+   .arm
+   .globl  setjmp
+-  .type   setjmp, @function
++  .type   setjmp, %function
+ setjmp:
+   mov r3, r13
+   stmia   r0, {r3-r12,r14}
+@@ -23,6 +23,6 @@ setjmp:
+   bx  lr
+ 
+   .globl  longjmp
+-  .type   longjmp, @function
++  .type   longjmp, %function
+ longjmp:
+   ldmia   r0, {r3-r12,r14}
+-- 
+1.9.1
+
diff --git a/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.3.bb 
b/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.3.bb
index 8cc22ca..1a1ba40 100644
--- a/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.3.bb
+++ b/meta/recipes-bsp/gnu-efi/gnu-efi_3.0.3.bb
@@ -17,6 +17,7 @@ LIC_FILES_CHKSUM = 
"file://gnuefi/crt0-efi-arm.S;beginline=4;endline=9;md5=2240d
 SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \
file://parallel-make-archives.patch \
file://lib-Makefile-fix-parallel-issue.patch \
+   file://gnu-efi-Make-setjmp.S-portable-to-ARM.patch \
   "
 
 SRC_URI[md5sum] = "15a4bcbc18a9a5e8110ed955970622e6"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/2 v2] libcap-ng: add package 0.7.7

[wenzong.fan]

From: Wenzong Fan 

Pull package from meta-oe to oe-core:
meta-oe commit: bce4dba5546480c8e43c6442959ac7d0a4ef32f6

The libcap-ng library is intended to make programming with posix
capabilities much easier than the traditional libcap library.

It's not a replacement to libcap, it provides different library
(libcap-ng.so) while packages explicitly look for libcap.so. It
could be used by qemu, util-linux, libvirt, audit ...

With adding it to oe-core, the copies from following layers could
be removed:

* meta-oe, meta-selinux, meta-security-framework ...

Signed-off-by: Wenzong Fan 
---
 .../libcap-ng/libcap-ng/python.patch   | 58 ++
 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb  | 39 +++
 2 files changed, 97 insertions(+)
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng/python.patch
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

diff --git a/meta/recipes-support/libcap-ng/libcap-ng/python.patch 
b/meta/recipes-support/libcap-ng/libcap-ng/python.patch
new file mode 100644
index 000..59591eb
--- /dev/null
+++ b/meta/recipes-support/libcap-ng/libcap-ng/python.patch
@@ -0,0 +1,58 @@
+From b01bb2694f66cd981e6d61523433dc3eb5ed32f2 Mon Sep 17 00:00:00 2001
+From: Li xin 
+Date: Sat, 18 Jul 2015 23:03:30 +0900
+Subject: [PATCH] configure.ac - Avoid an incorrect check for python.
+ Makefile.am - avoid hard coded host include paths.
+
+Upstream-Status: pending
+
+Signed-off-by: Mark Hatle 
+Signed-off-by: Li Xin 
+---
+ bindings/python/Makefile.am |  3 ++-
+ configure.ac| 15 ++-
+ 2 files changed, 4 insertions(+), 14 deletions(-)
+
+diff --git a/bindings/python/Makefile.am b/bindings/python/Makefile.am
+index 82b9bb8..f9fe7a8 100644
+--- a/bindings/python/Makefile.am
 b/bindings/python/Makefile.am
+@@ -23,7 +23,8 @@ SUBDIRS = test
+ CONFIG_CLEAN_FILES = *.loT *.rej *.orig
+ AM_CFLAGS = -fPIC -DPIC
+ PYLIBVER ?= python$(PYTHON_VERSION)
+-AM_CPPFLAGS = -I. -I$(top_builddir) -I@PYINCLUDEDIR@
++PYINC ?= /usr/include/$(PYLIBVER)
++AM_CPPFLAGS = -I. -I$(top_builddir) -I$(PYINC)
+ LIBS = $(top_builddir)/src/libcap-ng.la
+ SWIG_FLAGS = -python
+ SWIG_INCLUDES = ${AM_CPPFLAGS}
+diff --git a/configure.ac b/configure.ac
+index 1d777d5..9d90f64 100644
+--- a/configure.ac
 b/configure.ac
+@@ -123,19 +123,8 @@ if test x$use_python = xno ; then
+ else
+ AC_MSG_RESULT(testing)
+ AM_PATH_PYTHON
+-PYINCLUDEDIR=`python${am_cv_python_version} -c "from distutils import 
sysconfig; print(sysconfig.get_config_var('INCLUDEPY'))"`
+-if test -f ${PYINCLUDEDIR}/Python.h ; then
+-  python_found="yes"
+-  AC_SUBST(PYINCLUDEDIR)
+-  AC_MSG_NOTICE(Python bindings will be built)
+-else
+-  python_found="no"
+-  if test x$use_python = xyes ; then
+-  AC_MSG_ERROR([Python explicitly required and python headers 
found])
+-  else
+-  AC_MSG_WARN("Python headers not found - python bindings will 
not be made")
+-  fi
+-fi
++python_found="yes"
++AC_MSG_NOTICE(Python bindings will be built)
+ fi
+ AM_CONDITIONAL(HAVE_PYTHON, test ${python_found} = "yes")
+ 
+-- 
+1.8.4.2
+
diff --git a/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb 
b/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
new file mode 100644
index 000..a31d5dc
--- /dev/null
+++ b/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
@@ -0,0 +1,39 @@
+SUMMARY = "An alternate posix capabilities library"
+DESCRIPTION = "The libcap-ng library is intended to make programming \
+with POSIX capabilities much easier than the traditional libcap library."
+HOMEPAGE = "http://freecode.com/projects/libcap-ng";
+SECTION = "base"
+LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
+   file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
+
+SRC_URI = "http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${PV}.tar.gz \
+   file://python.patch"
+
+inherit lib_package autotools pythonnative
+
+SRC_URI[md5sum] = "3d7d126b29e2869a0257c17c8b0d9b2e"
+SRC_URI[sha256sum] = 
"615549ce39b333f6b78baee0c0b4ef18bc726c6bf1cca123dfd89dd963f6d06b"
+
+DEPENDS += "swig-native python"
+
+EXTRA_OECONF += "--without-python3"
+
+EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' 
PYINC='${STAGING_INCDIR}/${PYLIBVER}'"
+
+PACKAGES += "${PN}-python"
+
+FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
+FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
+
+BBCLASSEXTEND = "native"
+
+do_install_append() {
+   # Moving libcap-ng to base_libdir
+   if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
+   mkdir -p ${D}/${base_libdir}/
+   mv -f ${D}${libdir}/libcap-ng.so.* ${D}${base_libdir}/
+   relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
+   ln -sf ${relpath}/libcap-ng.so.0.0.0 ${D}${libdir}/libcap-ng.so
+   fi
+}
-- 
1.9.1

-- 

[OE-core] [PATCH 1/2 v2] swig: add package 3.0.6

[wenzong.fan]

From: Wenzong Fan 

Ackage from meta-oe to oe-core:
meta-oe commit: 9cc54e10efa5ca70d9980f833a8e5a310e5ad21d

It's required for libcap-ng to build python bindings.

With adding it to oe-core, the copies from following layers could
be removed:

* meta-oe, meta-selinux, meta-intel-iot-middleware ...

Signed-off-by: Wenzong Fan 
---
 meta/recipes-devtools/swig/swig.inc| 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 ++
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta/recipes-devtools/swig/swig_3.0.6.bb   |  8 +++
 4 files changed, 204 insertions(+)
 create mode 100644 meta/recipes-devtools/swig/swig.inc
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 create mode 100644 meta/recipes-devtools/swig/swig_3.0.6.bb

diff --git a/meta/recipes-devtools/swig/swig.inc 
b/meta/recipes-devtools/swig/swig.inc
new file mode 100644
index 000..9821fa5
--- /dev/null
+++ b/meta/recipes-devtools/swig/swig.inc
@@ -0,0 +1,63 @@
+DESCRIPTION = "SWIG - Simplified Wrapper and Interface Generator"
+HOMEPAGE = "http://swig.sourceforge.net/";
+LICENSE = "BSD & GPLv3"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e7807a6282784a7dde4c846626b08fc6 \
+file://LICENSE-GPL;md5=d32239bcb673463ab874e80d47fae504 \
+
file://LICENSE-UNIVERSITIES;md5=8ce9dcc8f7c994de4a408b205c72ba08"
+
+SECTION = "devel"
+
+DEPENDS = "libpcre python"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz"
+
+inherit autotools pythonnative
+
+EXTRA_OECONF = " \
+--with-python=${PYTHON} \
+--without-allegrocl \
+--without-android \
+--without-boost \
+--without-chicken \
+--without-clisp \
+--without-csharp \
+--without-d \
+--without-gcj \
+--without-go \
+--without-guile \
+--without-java \
+--without-lua \
+--without-mzscheme \
+--without-ocaml \
+--without-octave \
+--without-perl5 \
+--without-pike \
+--without-php \
+--without-python3 \
+--without-r \
+--without-ruby \
+--without-tcl \
+"
+
+BBCLASSEXTEND = "native nativesdk"
+
+do_configure() {
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess 
${S}/Tools/config
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub 
${S}/Tools/config
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S}
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S}
+oe_runconf
+}
+
+do_install_append_class-nativesdk() {
+cd ${D}${bindir}
+ln -s swig swig2.0
+}
+
+def swiglib_relpath(d):
+swiglib = d.getVar('datadir', True) + "/" + d.getVar('BPN', True) + "/" + 
d.getVar('PV', True)
+return os.path.relpath(swiglib, d.getVar('bindir', True))
+
+do_install_append_class-native() {
+create_wrapper ${D}${bindir}/swig SWIG_LIB='`dirname 
$''realpath`'/${@swiglib_relpath(d)}
+}
diff --git 
a/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 
b/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
new file mode 100644
index 000..81df3e2
--- /dev/null
+++ 
b/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
@@ -0,0 +1,69 @@
+From a4a0440a644c6c5e5da096efe3cf05ba309a284f Mon Sep 17 00:00:00 2001
+From: "NODA, Kai" 
+Date: Sun, 22 Apr 2012 17:01:02 +0900
+Subject: [PATCH] Use /proc/self/exe for "swig -swiglib" on non-Win32
+ platforms.
+
+If it wasn't found, then fall back to a fixed string just as before.
+
+Upstream-Status: Submitted
+http://sourceforge.net/mailarchive/message.php?msg_id=29179733
+
+---
+ Source/Modules/main.cxx |   24 ++--
+ 1 file changed, 22 insertions(+), 2 deletions(-)
+
+diff --git a/Source/Modules/main.cxx b/Source/Modules/main.cxx
+index d2f5d3b..cbb0a12 100644
+--- a/Source/Modules/main.cxx
 b/Source/Modules/main.cxx
+@@ -26,6 +26,11 @@ char cvsroot_main_cxx[] = "$Id$";
+ #include "cparse.h"
+ #include 
+ #include// for INT_MAX
++#ifndef _WIN32
++#include 
++#include// for readlink
++#include  // for stat
++#endif
+ 
+ // Global variables
+ 
+@@ -902,9 +907,9 @@ int SWIG_main(int argc, char *argv[], Language *l) {
+ 
+   // Check for SWIG_LIB environment variable
+   if ((c = getenv("SWIG_LIB")) == (char *) 0) {
++char *p;
+ #if defined(_WIN32)
+ char buf[MAX_PATH];
+-char *p;
+ if (!(GetModuleFileName(0, buf, MAX_PATH) == 0 || (p = strrchr(buf, 
'\\')) == 0)) {
+   *(p + 1) = '\0';
+   SwigLib = NewStringf("%sLib", buf); // Native windows installation path
+@@ -914,7 +919,22 @@ int SWIG_main(int argc, char *argv[], Language *l) {
+ if (Len(SWIG_LIB_WIN_UNIX) > 0)
+   SwigLibW

[OE-core] [PATCH 0/2 v2] libcap-ng, swig: add packages

[wenzong.fan]

From: Wenzong Fan 

V2 changes:

* add swig 3.0.6 which the latest version from meta-oe

The following changes since commit a01a33b17861c227c1c16fbc2d819d86fb9bf893:

  linux-yocto-3.14: Update to branch HEADs (2015-08-20 15:17:01 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/libcap-ng
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/libcap-ng

Wenzong Fan (2):
  swig: add package 3.0.6
  libcap-ng: add package 0.7.7

 meta/recipes-devtools/swig/swig.inc| 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 ++
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta/recipes-devtools/swig/swig_3.0.6.bb   |  8 +++
 .../libcap-ng/libcap-ng/python.patch   | 58 ++
 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb  | 39 
 6 files changed, 301 insertions(+)
 create mode 100644 meta/recipes-devtools/swig/swig.inc
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 create mode 100644 meta/recipes-devtools/swig/swig_3.0.6.bb
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng/python.patch
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/2] libcap-ng: add package 0.7.7

[wenzong.fan]

From: Wenzong Fan 

Pull package from meta-oe to oe-core:
meta-oe commit: bce4dba5546480c8e43c6442959ac7d0a4ef32f6

The libcap-ng library is intended to make programming with posix
capabilities much easier than the traditional libcap library.

It's not a replacement to libcap, it provides different library
(libcap-ng.so) while packages explicitly look for libcap.so. It
could be used by qemu, util-linux, libvirt, audit ...

With adding it to oe-core, the copies from following layers could
be removed:

* meta-oe, meta-selinux, meta-security-framework ...

Signed-off-by: Wenzong Fan 
---
 .../libcap-ng/libcap-ng/python.patch   | 58 ++
 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb  | 39 +++
 2 files changed, 97 insertions(+)
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng/python.patch
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

diff --git a/meta/recipes-support/libcap-ng/libcap-ng/python.patch 
b/meta/recipes-support/libcap-ng/libcap-ng/python.patch
new file mode 100644
index 000..59591eb
--- /dev/null
+++ b/meta/recipes-support/libcap-ng/libcap-ng/python.patch
@@ -0,0 +1,58 @@
+From b01bb2694f66cd981e6d61523433dc3eb5ed32f2 Mon Sep 17 00:00:00 2001
+From: Li xin 
+Date: Sat, 18 Jul 2015 23:03:30 +0900
+Subject: [PATCH] configure.ac - Avoid an incorrect check for python.
+ Makefile.am - avoid hard coded host include paths.
+
+Upstream-Status: pending
+
+Signed-off-by: Mark Hatle 
+Signed-off-by: Li Xin 
+---
+ bindings/python/Makefile.am |  3 ++-
+ configure.ac| 15 ++-
+ 2 files changed, 4 insertions(+), 14 deletions(-)
+
+diff --git a/bindings/python/Makefile.am b/bindings/python/Makefile.am
+index 82b9bb8..f9fe7a8 100644
+--- a/bindings/python/Makefile.am
 b/bindings/python/Makefile.am
+@@ -23,7 +23,8 @@ SUBDIRS = test
+ CONFIG_CLEAN_FILES = *.loT *.rej *.orig
+ AM_CFLAGS = -fPIC -DPIC
+ PYLIBVER ?= python$(PYTHON_VERSION)
+-AM_CPPFLAGS = -I. -I$(top_builddir) -I@PYINCLUDEDIR@
++PYINC ?= /usr/include/$(PYLIBVER)
++AM_CPPFLAGS = -I. -I$(top_builddir) -I$(PYINC)
+ LIBS = $(top_builddir)/src/libcap-ng.la
+ SWIG_FLAGS = -python
+ SWIG_INCLUDES = ${AM_CPPFLAGS}
+diff --git a/configure.ac b/configure.ac
+index 1d777d5..9d90f64 100644
+--- a/configure.ac
 b/configure.ac
+@@ -123,19 +123,8 @@ if test x$use_python = xno ; then
+ else
+ AC_MSG_RESULT(testing)
+ AM_PATH_PYTHON
+-PYINCLUDEDIR=`python${am_cv_python_version} -c "from distutils import 
sysconfig; print(sysconfig.get_config_var('INCLUDEPY'))"`
+-if test -f ${PYINCLUDEDIR}/Python.h ; then
+-  python_found="yes"
+-  AC_SUBST(PYINCLUDEDIR)
+-  AC_MSG_NOTICE(Python bindings will be built)
+-else
+-  python_found="no"
+-  if test x$use_python = xyes ; then
+-  AC_MSG_ERROR([Python explicitly required and python headers 
found])
+-  else
+-  AC_MSG_WARN("Python headers not found - python bindings will 
not be made")
+-  fi
+-fi
++python_found="yes"
++AC_MSG_NOTICE(Python bindings will be built)
+ fi
+ AM_CONDITIONAL(HAVE_PYTHON, test ${python_found} = "yes")
+ 
+-- 
+1.8.4.2
+
diff --git a/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb 
b/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
new file mode 100644
index 000..a31d5dc
--- /dev/null
+++ b/meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb
@@ -0,0 +1,39 @@
+SUMMARY = "An alternate posix capabilities library"
+DESCRIPTION = "The libcap-ng library is intended to make programming \
+with POSIX capabilities much easier than the traditional libcap library."
+HOMEPAGE = "http://freecode.com/projects/libcap-ng";
+SECTION = "base"
+LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
+   file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
+
+SRC_URI = "http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${PV}.tar.gz \
+   file://python.patch"
+
+inherit lib_package autotools pythonnative
+
+SRC_URI[md5sum] = "3d7d126b29e2869a0257c17c8b0d9b2e"
+SRC_URI[sha256sum] = 
"615549ce39b333f6b78baee0c0b4ef18bc726c6bf1cca123dfd89dd963f6d06b"
+
+DEPENDS += "swig-native python"
+
+EXTRA_OECONF += "--without-python3"
+
+EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' 
PYINC='${STAGING_INCDIR}/${PYLIBVER}'"
+
+PACKAGES += "${PN}-python"
+
+FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
+FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
+
+BBCLASSEXTEND = "native"
+
+do_install_append() {
+   # Moving libcap-ng to base_libdir
+   if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
+   mkdir -p ${D}/${base_libdir}/
+   mv -f ${D}${libdir}/libcap-ng.so.* ${D}${base_libdir}/
+   relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
+   ln -sf ${relpath}/libcap-ng.so.0.0.0 ${D}${libdir}/libcap-ng.so
+   fi
+}
-- 
1.9.1

-- 

[OE-core] [PATCH 0/2] libcap-ng, swig: add packages

[wenzong.fan]

From: Wenzong Fan 

Add packages libcap-ng and swig.

They are from meta-oe and with adding them to oe-core, the copies from
multiple layers could be removed: meta-oe, meta-selinux ...

* The swig is depended by libcap-ng to build python bindings

* The libcap-ng library is intended to make programming with posix
  capabilities much easier than the traditional libcap library.

  It's not a replacement to libcap, it provides different library
  (libcap-ng.so) while packages explicitly look for libcap.so. It
  could be used by qemu, util-linux, libvirt, audit ... to work
  with posix capabilities.

The following changes since commit c348fa50186fb0796bc7b793c4b8d710419f2a0d:

  bitbake: toaster: move code from setup_lv_tests to setUp (2015-08-17 14:41:45 
+0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/libcap-ng
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/libcap-ng

Wenzong Fan (2):
  swig: add package 3.0.2
  libcap-ng: add package 0.7.7

 meta/recipes-devtools/swig/swig.inc| 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 ++
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta/recipes-devtools/swig/swig_3.0.2.bb   |  8 +++
 .../libcap-ng/libcap-ng/python.patch   | 58 ++
 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb  | 39 
 6 files changed, 301 insertions(+)
 create mode 100644 meta/recipes-devtools/swig/swig.inc
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 create mode 100644 meta/recipes-devtools/swig/swig_3.0.2.bb
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng/python.patch
 create mode 100644 meta/recipes-support/libcap-ng/libcap-ng_0.7.7.bb

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] swig: add package 3.0.2

[wenzong.fan]

From: Wenzong Fan 

Pull package from meta-oe to oe-core:
meta-oe commit: 8b7d90d8e4c3338f94c588fc7e4a88319bd9a9e8

It's required for libcap-ng to build python bindings.

With adding it to oe-core, the copies from following layers could
be removed:

* meta-oe, meta-selinux, meta-intel-iot-middleware ...

Signed-off-by: Wenzong Fan 
---
 meta/recipes-devtools/swig/swig.inc| 63 
 ...lf-exe-for-swig-swiglib-on-non-Win32-plat.patch | 69 ++
 ...nfigure-use-pkg-config-for-pcre-detection.patch | 64 
 meta/recipes-devtools/swig/swig_3.0.2.bb   |  8 +++
 4 files changed, 204 insertions(+)
 create mode 100644 meta/recipes-devtools/swig/swig.inc
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 create mode 100644 
meta/recipes-devtools/swig/swig/0001-configure-use-pkg-config-for-pcre-detection.patch
 create mode 100644 meta/recipes-devtools/swig/swig_3.0.2.bb

diff --git a/meta/recipes-devtools/swig/swig.inc 
b/meta/recipes-devtools/swig/swig.inc
new file mode 100644
index 000..9821fa5
--- /dev/null
+++ b/meta/recipes-devtools/swig/swig.inc
@@ -0,0 +1,63 @@
+DESCRIPTION = "SWIG - Simplified Wrapper and Interface Generator"
+HOMEPAGE = "http://swig.sourceforge.net/";
+LICENSE = "BSD & GPLv3"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e7807a6282784a7dde4c846626b08fc6 \
+file://LICENSE-GPL;md5=d32239bcb673463ab874e80d47fae504 \
+
file://LICENSE-UNIVERSITIES;md5=8ce9dcc8f7c994de4a408b205c72ba08"
+
+SECTION = "devel"
+
+DEPENDS = "libpcre python"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz"
+
+inherit autotools pythonnative
+
+EXTRA_OECONF = " \
+--with-python=${PYTHON} \
+--without-allegrocl \
+--without-android \
+--without-boost \
+--without-chicken \
+--without-clisp \
+--without-csharp \
+--without-d \
+--without-gcj \
+--without-go \
+--without-guile \
+--without-java \
+--without-lua \
+--without-mzscheme \
+--without-ocaml \
+--without-octave \
+--without-perl5 \
+--without-pike \
+--without-php \
+--without-python3 \
+--without-r \
+--without-ruby \
+--without-tcl \
+"
+
+BBCLASSEXTEND = "native nativesdk"
+
+do_configure() {
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess 
${S}/Tools/config
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub 
${S}/Tools/config
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.guess ${S}
+install -m 0755 ${STAGING_DATADIR_NATIVE}/gnu-config/config.sub ${S}
+oe_runconf
+}
+
+do_install_append_class-nativesdk() {
+cd ${D}${bindir}
+ln -s swig swig2.0
+}
+
+def swiglib_relpath(d):
+swiglib = d.getVar('datadir', True) + "/" + d.getVar('BPN', True) + "/" + 
d.getVar('PV', True)
+return os.path.relpath(swiglib, d.getVar('bindir', True))
+
+do_install_append_class-native() {
+create_wrapper ${D}${bindir}/swig SWIG_LIB='`dirname 
$''realpath`'/${@swiglib_relpath(d)}
+}
diff --git 
a/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
 
b/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
new file mode 100644
index 000..81df3e2
--- /dev/null
+++ 
b/meta/recipes-devtools/swig/swig/0001-Use-proc-self-exe-for-swig-swiglib-on-non-Win32-plat.patch
@@ -0,0 +1,69 @@
+From a4a0440a644c6c5e5da096efe3cf05ba309a284f Mon Sep 17 00:00:00 2001
+From: "NODA, Kai" 
+Date: Sun, 22 Apr 2012 17:01:02 +0900
+Subject: [PATCH] Use /proc/self/exe for "swig -swiglib" on non-Win32
+ platforms.
+
+If it wasn't found, then fall back to a fixed string just as before.
+
+Upstream-Status: Submitted
+http://sourceforge.net/mailarchive/message.php?msg_id=29179733
+
+---
+ Source/Modules/main.cxx |   24 ++--
+ 1 file changed, 22 insertions(+), 2 deletions(-)
+
+diff --git a/Source/Modules/main.cxx b/Source/Modules/main.cxx
+index d2f5d3b..cbb0a12 100644
+--- a/Source/Modules/main.cxx
 b/Source/Modules/main.cxx
+@@ -26,6 +26,11 @@ char cvsroot_main_cxx[] = "$Id$";
+ #include "cparse.h"
+ #include 
+ #include// for INT_MAX
++#ifndef _WIN32
++#include 
++#include// for readlink
++#include  // for stat
++#endif
+ 
+ // Global variables
+ 
+@@ -902,9 +907,9 @@ int SWIG_main(int argc, char *argv[], Language *l) {
+ 
+   // Check for SWIG_LIB environment variable
+   if ((c = getenv("SWIG_LIB")) == (char *) 0) {
++char *p;
+ #if defined(_WIN32)
+ char buf[MAX_PATH];
+-char *p;
+ if (!(GetModuleFileName(0, buf, MAX_PATH) == 0 || (p = strrchr(buf, 
'\\')) == 0)) {
+   *(p + 1) = '\0';
+   SwigLib = NewStringf("%sLib", buf); // Native windows installation path
+@@ -914,7 +919,22 @@ int SWIG_main(int argc, char *argv[], Language *l) {
+ if (Len(SWIG_LIB_WIN_UNIX) > 0)
+   Sw

[OE-core] [PATCH v2] bjam-native: build and install bjam.debug

[wenzong.fan]

From: Wenzong Fan 

bjam is stripped by default, this causes QA warning while stripping it
from do_populate_sysroot():

  WARNING: File '.../tmp/sysroots/x86_64-linux/usr/bin/bjam' \
from bjam-native was already stripped, \
this will prevent future debugging!

The JAM scripts allow to build unstripped version with '--debug'. Just
build and install the bjam.debug to stop bjam from being stripped in
compile step.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/boost/bjam-native_1.58.0.bb   |  5 ++-
 .../boost/files/bjam-native-build-bjam.debug.patch | 50 ++
 2 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-support/boost/files/bjam-native-build-bjam.debug.patch

diff --git a/meta/recipes-support/boost/bjam-native_1.58.0.bb 
b/meta/recipes-support/boost/bjam-native_1.58.0.bb
index d85d1a9..32646d7 100644
--- a/meta/recipes-support/boost/bjam-native_1.58.0.bb
+++ b/meta/recipes-support/boost/bjam-native_1.58.0.bb
@@ -5,11 +5,14 @@ SECTION = "devel"
 
 inherit native
 
+SRC_URI += "file://bjam-native-build-bjam.debug.patch"
+
 do_compile() {
 ./bootstrap.sh --with-toolset=gcc
 }
 
 do_install() {
 install -d ${D}${bindir}/
-install -c -m 755 bjam ${D}${bindir}/
+# install unstripped version for bjam
+install -c -m 755 bjam.debug ${D}${bindir}/bjam
 }
diff --git 
a/meta/recipes-support/boost/files/bjam-native-build-bjam.debug.patch 
b/meta/recipes-support/boost/files/bjam-native-build-bjam.debug.patch
new file mode 100644
index 000..9f8b7ea
--- /dev/null
+++ b/meta/recipes-support/boost/files/bjam-native-build-bjam.debug.patch
@@ -0,0 +1,50 @@
+From 619ada314ab26c0c9cbfe5702cd9c0caa8f6415a Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Mon, 3 Aug 2015 17:12:33 +0800
+Subject: [PATCH] bjam-native: build bjam.debug
+
+bjam is stripped by default, this causes QA warning while stripping it
+from do_populate_sysroot():
+
+  WARNING: File '.../tmp/sysroots/x86_64-linux/usr/bin/bjam' \
+from bjam-native was already stripped, \
+this will prevent future debugging!
+
+The JAM scripts allow to build unstripped version with '--debug'. Just
+build and install the bjam.debug to stop bjam from being stripped in
+compile step.
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Wenzong Fan 
+---
+ bootstrap.sh| 1 +
+ tools/build/src/engine/build.sh | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/bootstrap.sh b/bootstrap.sh
+index 98cf88b..54690aa 100755
+--- a/bootstrap.sh
 b/bootstrap.sh
+@@ -228,6 +228,7 @@ if test "x$BJAM" = x; then
+   echo "tools/build/src/engine/$arch/b2"
+   cp "$BJAM" .
+   cp "$my_dir/tools/build/src/engine/$arch/bjam" .
++  cp "$my_dir/tools/build/src/engine/${arch}.debug/bjam" bjam.debug
+ 
+ fi
+ 
+diff --git a/tools/build/src/engine/build.sh b/tools/build/src/engine/build.sh
+index 6dbc706..c69fdc7 100755
+--- a/tools/build/src/engine/build.sh
 b/tools/build/src/engine/build.sh
+@@ -312,5 +312,5 @@ if test -x "./bootstrap/jam0" ; then
+ if test "${BJAM_UPDATE}" != "update" ; then
+ echo_run ./bootstrap/jam0 -f build.jam --toolset=$BOOST_JAM_TOOLSET 
"--toolset-root=$BOOST_JAM_TOOLSET_ROOT" "$@" clean
+ fi
+-echo_run ./bootstrap/jam0 -f build.jam --toolset=$BOOST_JAM_TOOLSET 
"--toolset-root=$BOOST_JAM_TOOLSET_ROOT" "$@"
++echo_run ./bootstrap/jam0 -f build.jam --toolset=$BOOST_JAM_TOOLSET 
"--toolset-root=$BOOST_JAM_TOOLSET_ROOT" "$@" --debug
+ fi
+-- 
+1.9.1
+
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] openssl: fix ptest issues

[wenzong.fan]

From: Wenzong Fan 

* follow symbolic links while copying sources from test/*
* install required target files to remove Make errors:

  make[2]: *** No rule to make target 'xxx', needed by 'yyy'.

* fix hardcode pathes:
  /usr/lib -> ${libdir}, /usr/bin -> ${bindir}

Signed-off-by: Wenzong Fan 
---
 meta/recipes-connectivity/openssl/openssl.inc | 14 ++
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-connectivity/openssl/openssl.inc 
b/meta/recipes-connectivity/openssl/openssl.inc
index 53dcfd9..8d62915 100644
--- a/meta/recipes-connectivity/openssl/openssl.inc
+++ b/meta/recipes-connectivity/openssl/openssl.inc
@@ -191,12 +191,18 @@ do_install () {
 }
 
 do_install_ptest () {
-   cp -r Makefile test ${D}${PTEST_PATH}
+   cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
+   cp Configure config e_os.h ${D}${PTEST_PATH}
+   cp -r -L include ${D}${PTEST_PATH}
+   ln -sf ${base_libdir}/libcrypto.a ${D}${PTEST_PATH}
+   ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
+   mkdir -p ${D}${PTEST_PATH}/crypto
+   cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
cp -r certs ${D}${PTEST_PATH}
mkdir -p ${D}${PTEST_PATH}/apps
-   ln -sf /usr/lib/ssl/misc/CA.sh  ${D}${PTEST_PATH}/apps
-   ln -sf /usr/lib/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
-   ln -sf /usr/bin/openssl ${D}${PTEST_PATH}/apps
+   ln -sf ${libdir}/ssl/misc/CA.sh  ${D}${PTEST_PATH}/apps
+   ln -sf ${libdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
+   ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
cp apps/server2.pem ${D}${PTEST_PATH}/apps
mkdir -p ${D}${PTEST_PATH}/util
install util/opensslwrap.sh${D}${PTEST_PATH}/util
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] bjam-native: inhibit sysroot strip

[wenzong.fan]

From: Wenzong Fan 

The bjam is already stripped by default. Fix warning:

  WARNING: File '.../tmp/sysroots/x86_64-linux/usr/bin/bjam' from \
  bjam-native was already stripped, this will prevent future debugging!

Signed-off-by: Wenzong Fan 
---
 meta/recipes-support/boost/bjam-native_1.58.0.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-support/boost/bjam-native_1.58.0.bb 
b/meta/recipes-support/boost/bjam-native_1.58.0.bb
index d85d1a9..e2e0611 100644
--- a/meta/recipes-support/boost/bjam-native_1.58.0.bb
+++ b/meta/recipes-support/boost/bjam-native_1.58.0.bb
@@ -5,6 +5,9 @@ SECTION = "devel"
 
 inherit native
 
+# bjam is already stripped, don't strip it again
+INHIBIT_SYSROOT_STRIP = "1"
+
 do_compile() {
 ./bootstrap.sh --with-toolset=gcc
 }
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 2/2] kexec-tools: change powerpc memory size limit

[wenzong.fan]

From: Quanyang Wang 

When run "kexec" in powerpc board, the kexec has a limit that
the kernel text and bss size must be less than 24M. But now
some kernel size exceed the limit. So we need to change the limit,
else will get the error log as below:

my_load:669: do
Could not find a free area of memory of 0x12400 bytes...
Could not find a free area of memory of 0x13000 bytes...
locate_hole failed

Signed-off-by: Quanyang Wang 
Signed-off-by: Wenzong Fan 
---
 ...0002-powerpc-change-the-memory-size-limit.patch | 38 ++
 meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb |  1 +
 2 files changed, 39 insertions(+)
 create mode 100644 
meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch

diff --git 
a/meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch
 
b/meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch
new file mode 100644
index 000..d6b6383
--- /dev/null
+++ 
b/meta/recipes-kernel/kexec/kexec-tools/0002-powerpc-change-the-memory-size-limit.patch
@@ -0,0 +1,38 @@
+From b19b68eab567aa534cf8dec79fe18e3dc0e14043 Mon Sep 17 00:00:00 2001
+From: Quanyang Wang 
+Date: Tue, 16 Jun 2015 12:59:57 +0800
+Subject: [PATCH] powerpc: change the memory size limit
+
+When run "kexec" in powerpc board, the kexec has a limit that
+the kernel text and bss size must be less than 24M. But now
+some kernel size exceed the limit. So we need to change the limit,
+else will get the error log as below:
+
+my_load:669: do
+Could not find a free area of memory of 0x12400 bytes...
+Could not find a free area of memory of 0x13000 bytes...
+locate_hole failed
+
+Upstream-Status: Pending
+
+Signed-off-by: Quanyang Wang 
+---
+ kexec/arch/ppc/kexec-ppc.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kexec/arch/ppc/kexec-ppc.h b/kexec/arch/ppc/kexec-ppc.h
+index 904cf48..a097ecd 100644
+--- a/kexec/arch/ppc/kexec-ppc.h
 b/kexec/arch/ppc/kexec-ppc.h
+@@ -42,7 +42,7 @@ void dol_ppc_usage(void);
+  * During inital setup the kernel does not map the whole memory but a part of
+  * it. On Book-E that is 64MiB, 601 24MiB or 256MiB (if possible).
+  */
+-#define KERNEL_ACCESS_TOP (24 * 1024 * 1024)
++#define KERNEL_ACCESS_TOP (36 * 1024 * 1024)
+ 
+ /* boot block version 17 as defined by the linux kernel */
+ struct bootblock {
+-- 
+1.9.1
+
diff --git a/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb 
b/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
index db5649b..6164ff5 100644
--- a/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
+++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
@@ -6,6 +6,7 @@ SRC_URI += 
"file://kexec-tools-Refine-kdump-device_tree-sort.patch \
 file://kexec-aarch64.patch \
 file://kexec-x32.patch \
 file://0001-purgatory-Disabling-GCC-s-stack-protection.patch \
+file://0002-powerpc-change-the-memory-size-limit.patch \
  "
 
 SRC_URI[md5sum] = "4ecb7ab7ad9eb6ce413899bdb07a8426"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/2] kexec-tools: disable the GCC's stack protection for purgatory code

[wenzong.fan]

From: Kevin Hao 

If the GCC's stack protection is enabled by default, the purgatory will
also be built with this option. But it makes no sense to enable this
for the purgatory code, and would cause error when we are trying to
relocate the purgatory codes because symbol like __stack_chk_fail is
unresolved. Instead of disabling this for some archs specifically,
disable it for all the archs.

Signed-off-by: Kevin Hao 
Signed-off-by: Wenzong Fan 
---
 ...urgatory-Disabling-GCC-s-stack-protection.patch | 64 ++
 meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb |  1 +
 2 files changed, 65 insertions(+)
 create mode 100644 
meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Disabling-GCC-s-stack-protection.patch

diff --git 
a/meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Disabling-GCC-s-stack-protection.patch
 
b/meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Disabling-GCC-s-stack-protection.patch
new file mode 100644
index 000..74a8387
--- /dev/null
+++ 
b/meta/recipes-kernel/kexec/kexec-tools/0001-purgatory-Disabling-GCC-s-stack-protection.patch
@@ -0,0 +1,64 @@
+From 8227f5a583ad4523059ba2531263e625ac01cd40 Mon Sep 17 00:00:00 2001
+From: Kevin Hao 
+Date: Tue, 28 Apr 2015 20:25:12 +0800
+Subject: [PATCH] purgatory: Disabling GCC's stack protection
+
+If the GCC's stack protection is enabled by default, the purgatory will
+also be built with this option. But it makes no sense to enable this
+for the purgatory code, and would cause error when we are trying to
+relocate the purgatory codes because symbol like __stack_chk_fail is
+unresolved. Instead of disabling this for some archs specifically,
+disable it for all the archs.
+
+Upstream-Status: Pending
+
+Signed-off-by: Kevin Hao 
+Signed-off-by: Wenzong Fan 
+---
+ purgatory/Makefile| 3 ++-
+ purgatory/arch/ppc64/Makefile | 2 +-
+ purgatory/arch/s390/Makefile  | 1 -
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/purgatory/Makefile b/purgatory/Makefile
+index 1945702..a25b262 100644
+--- a/purgatory/Makefile
 b/purgatory/Makefile
+@@ -47,7 +47,8 @@ purgatory/sha256.o: $(srcdir)/util_lib/sha256.c
+ $(PURGATORY): CC=$(TARGET_CC)
+ $(PURGATORY): CFLAGS+=$(PURGATORY_EXTRA_CFLAGS) \
+ $($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
+--Os -fno-builtin -ffreestanding
++-Os -fno-builtin -ffreestanding \
++-fno-stack-protector
+ 
+ $(PURGATORY): CPPFLAGS=$($(ARCH)_PURGATORY_EXTRA_CFLAGS) \
+   -I$(srcdir)/purgatory/include \
+diff --git a/purgatory/arch/ppc64/Makefile b/purgatory/arch/ppc64/Makefile
+index 6c58fa2..8ca2719 100644
+--- a/purgatory/arch/ppc64/Makefile
 b/purgatory/arch/ppc64/Makefile
+@@ -9,7 +9,7 @@ ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/console-ppc64.c
+ ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/crashdump_backup.c
+ ppc64_PURGATORY_SRCS += purgatory/arch/ppc64/misc.S
+ 
+-ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float -fno-stack-protector
\
++ppc64_PURGATORY_EXTRA_CFLAGS += -m64 -msoft-float \
+   -fno-exceptions
+ ppc64_PURGATORY_EXTRA_ASFLAGS += -m64
+ ifeq ($(SUBARCH),BE)
+diff --git a/purgatory/arch/s390/Makefile b/purgatory/arch/s390/Makefile
+index 09749bd..c94cc3c 100644
+--- a/purgatory/arch/s390/Makefile
 b/purgatory/arch/s390/Makefile
+@@ -2,7 +2,6 @@
+ # Purgatory s390
+ #
+ 
+-s390_PURGATORY_EXTRA_CFLAGS += -fno-stack-protector
+ s390_PURGATORY_SRCS += purgatory/arch/s390/console-s390.c
+ s390_PURGATORY_SRCS += purgatory/arch/s390/setup-s390.S
+ s390_PURGATORY_SRCS += purgatory/arch/s390/purgatory-s390.c
+-- 
+1.9.1
+
diff --git a/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb 
b/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
index 36e4c15..db5649b 100644
--- a/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
+++ b/meta/recipes-kernel/kexec/kexec-tools_2.0.9.bb
@@ -5,6 +5,7 @@ EXTRA_OECONF = " --with-zlib=yes"
 SRC_URI += "file://kexec-tools-Refine-kdump-device_tree-sort.patch \
 file://kexec-aarch64.patch \
 file://kexec-x32.patch \
+file://0001-purgatory-Disabling-GCC-s-stack-protection.patch \
  "
 
 SRC_URI[md5sum] = "4ecb7ab7ad9eb6ce413899bdb07a8426"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v3] rpcbind: handle rpcbind options

[wenzong.fan]

From: Li Wang 

While runing:

$ systemctl restart rpcbind
$ systemctl status rpcbind

There are errors like below:
  rpcbind[1722]: Cannot open '/tmp/rpcbind.xdr' file for reading, \
errno 2 (No such file or directory)
  rpcbind[1722]: Cannot open '/tmp/portmap.xdr' file for reading, \
errno 2 (No such file or directory)

Don't pass -w to rpcbind on boot up, since the files won't be there
to be read, the patch refers to:
  https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/835833

Signed-off-by: Li Wang 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-extended/rpcbind/rpcbind/rpcbind.service | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
index b3ae254..9cdade4 100644
--- a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
+++ b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
@@ -5,7 +5,7 @@ Requires=rpcbind.socket
 [Service]
 Type=forking
 EnvironmentFile=-@SYSCONFDIR@/rpcbind.conf
-ExecStart=@SBINDIR@/rpcbind -w $RPCBIND_OPTS
+ExecStart=@SBINDIR@/rpcbind $RPCBIND_OPTS
 SuccessExitStatus=2
 
 [Install]
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] netbase: add rpcbind as an alias to sunrpc

[wenzong.fan]

From: Li Wang 

rpcbind starts successfully, but shows the following errors in dmesg:

  Jul 24 20:34:42 quake rpcbind: cannot get local address for udp: \
Servname not supported for ai_socktype
  Jul 24 20:34:42 quake rpcbind: cannot get local address for tcp: \
Servname not supported for ai_socktype

Just add rpcbind as an alias to sunrpc, the patch comes from:
  https://bugs.archlinux.org/task/20273

Signed-off-by: Li Wang 
---
 ...netbase-add-rpcbind-as-an-alias-to-sunrpc.patch | 51 ++
 meta/recipes-core/netbase/netbase_5.3.bb   |  1 +
 2 files changed, 52 insertions(+)
 create mode 100644 
meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch

diff --git 
a/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
 
b/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
new file mode 100644
index 000..c70d142
--- /dev/null
+++ 
b/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
@@ -0,0 +1,51 @@
+netbase: add rpcbind as an alias to sunrpc
+
+rpcbind starts successfully, but shows the following errors in dmesg:
+
+  Jul 24 20:34:42 quake rpcbind: cannot get local address for udp: \
+Servname not supported for ai_socktype
+  Jul 24 20:34:42 quake rpcbind: cannot get local address for tcp: \
+Servname not supported for ai_socktype
+
+Just add rpcbind as an alias to sunrpc, the patch comes from:
+  https://bugs.archlinux.org/task/20273
+
+Upstream-Status: Pending
+
+Signed-off-by: Li Wang 
+---
+ etc-rpc  |2 +-
+ etc-services |4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/etc-rpc b/etc-rpc
+index 1b30625..9a9a81a 100644
+--- a/etc-rpc
 b/etc-rpc
+@@ -1,7 +1,7 @@
+ # This file contains user readable names that can be used in place of rpc
+ # program numbers.
+ 
+-portmapper10  portmap sunrpc
++portmapper10  portmap sunrpc rpcbind
+ rstatd11  rstat rstat_svc rup perfmeter
+ rusersd   12  rusers
+ nfs   13  nfsprog
+diff --git a/etc-services b/etc-services
+index 9d64a52..a19f7c8 100644
+--- a/etc-services
 b/etc-services
+@@ -72,8 +72,8 @@ pop2 109/tcp postoffice pop-2 # POP version 2
+ pop2  109/udp pop-2
+ pop3  110/tcp pop-3   # POP version 3
+ pop3  110/udp pop-3
+-sunrpc111/tcp portmapper  # RPC 4.0 portmapper
+-sunrpc111/udp portmapper
++sunrpc111/tcp portmapper rpcbind  # RPC 4.0 
portmapper
++sunrpc111/udp portmapper rpcbind
+ auth  113/tcp authentication tap ident
+ sftp  115/tcp
+ uucp-path 117/tcp
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-core/netbase/netbase_5.3.bb 
b/meta/recipes-core/netbase/netbase_5.3.bb
index 4ac0221..ccd89ff 100644
--- a/meta/recipes-core/netbase/netbase_5.3.bb
+++ b/meta/recipes-core/netbase/netbase_5.3.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = 
"file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab
 PE = "1"
 
 SRC_URI = "${DEBIAN_MIRROR}/main/n/netbase/netbase_${PV}.tar.xz \
+   file://netbase-add-rpcbind-as-an-alias-to-sunrpc.patch \
file://hosts"
 
 SRC_URI[md5sum] = "2637a27fd3de02a278d2b5be7e6558c1"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1 v2] rpcbind: handle rpcbind options

[wenzong.fan]

From: Li Wang 

While runing:

$ systemctl restart rpcbind
$ systemctl status rpcbind

There are errors like below:
  rpcbind[1722]: Cannot open '/tmp/rpcbind.xdr' file for reading, \
errno 2 (No such file or directory)
  rpcbind[1722]: Cannot open '/tmp/portmap.xdr' file for reading, \
errno 2 (No such file or directory)

Don't pass -w to rpcbind on boot up, since the files won't be there
to be read, the patch refers to:
  https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/835833

Signed-off-by: Li Wang 
---
 meta/recipes-extended/rpcbind/rpcbind/rpcbind.service | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
index b3ae254..24836d4 100644
--- a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
+++ b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
@@ -4,8 +4,8 @@ Requires=rpcbind.socket
 
 [Service]
 Type=forking
-EnvironmentFile=-@SYSCONFDIR@/rpcbind.conf
-ExecStart=@SBINDIR@/rpcbind -w $RPCBIND_OPTS
+EnvironmentFile=@SYSCONFDIR@/rpcbind.conf
+ExecStart=@SBINDIR@/rpcbind $RPCBIND_OPTS
 SuccessExitStatus=2
 
 [Install]
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH][meta-perl] libxml-libxml-perl: update from 2.0116 to 2.0121

[wenzong.fan]

From: Wenzong Fan 

Signed-off-by: Wenzong Fan 
---
 .../libxml/libxml-libxml-perl_2.0116.bb| 47 --
 .../libxml/libxml-libxml-perl_2.0121.bb| 47 ++
 2 files changed, 47 insertions(+), 47 deletions(-)
 delete mode 100644 meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
 create mode 100644 meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb

diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb 
b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
deleted file mode 100644
index 2a6dbc2..000
--- a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0116.bb
+++ /dev/null
@@ -1,47 +0,0 @@
-SUMMARY = "Perl interface to the libxml2 library"
-DESCRIPTION = "This module is an interface to libxml2, providing XML and HTML 
parsers \ 
-with DOM, SAX and XMLReader interfaces, a large subset of DOM Layer 3 \
-interface and a XML::XPath-like interface to XPath API of libxml2. \
-The module is split into several packages which are not described in this \
-section; unless stated otherwise, you only need to use XML::LibXML; in \
-your programs."
-
-HOMEPAGE = "http://search.cpan.org/dist/XML-LibXML-1.99/";
-SECTION = "libs"
-LICENSE = "Artistic-1.0|GPLv1+"
-DEPENDS += "libxml2 \
-libxml-sax-perl-native \
-zlib \
-"
-RDEPENDS_${PN} += "libxml2 \
-libxml-sax-perl \
-libxml-sax-base-perl \
-zlib \
-"
-
-SRC_URI = 
"http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-${PV}.tar.gz;name=libxml
 \
-   file://disable-libxml2-check.patch \
-   file://fix-CATALOG-conditional-compile.patch \
-   file://using-DOCB-conditional.patch \
-"
-LIC_FILES_CHKSUM = 
"file://debian/copyright;md5=75e021e35a906347f46c9ff163653e2a \
-   file://LICENSE;md5=97871bde150daeb5e61ad95137ff2446"
-SRC_URI[libxml.md5sum] = "a53a743bf053a0cb4afb41513fb8a684"
-SRC_URI[libxml.sha256sum] = 
"b154f2dad3033b30d22ac81b8985b69ad35450b0c552db394cd03bb36845812a"
-
-S = "${WORKDIR}/XML-LibXML-${PV}"
-
-inherit cpan
-
-EXTRA_CPANFLAGS = "INC=-I${STAGING_INCDIR}/libxml2 LIBS=-L${STAGING_LIBDIR}"
-
-BBCLASSEXTEND = "native"
-
-CFLAGS += " -D_GNU_SOURCE "
-BUILD_CFLAGS += " -D_GNU_SOURCE "
-
-do_configure_prepend() {
-   rm -rf ${S}/.pc/*
-}
-
-FILES_${PN}-dbg =+ "${libdir}/perl/vendor_perl/*/auto/XML/LibXML/.debug/"
diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb 
b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
new file mode 100644
index 000..9066000
--- /dev/null
+++ b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0121.bb
@@ -0,0 +1,47 @@
+SUMMARY = "Perl interface to the libxml2 library"
+DESCRIPTION = "This module is an interface to libxml2, providing XML and HTML 
parsers \ 
+with DOM, SAX and XMLReader interfaces, a large subset of DOM Layer 3 \
+interface and a XML::XPath-like interface to XPath API of libxml2. \
+The module is split into several packages which are not described in this \
+section; unless stated otherwise, you only need to use XML::LibXML; in \
+your programs."
+
+HOMEPAGE = "http://search.cpan.org/dist/XML-LibXML-1.99/";
+SECTION = "libs"
+LICENSE = "Artistic-1.0|GPLv1+"
+DEPENDS += "libxml2 \
+libxml-sax-perl-native \
+zlib \
+"
+RDEPENDS_${PN} += "libxml2 \
+libxml-sax-perl \
+libxml-sax-base-perl \
+zlib \
+"
+
+SRC_URI = 
"http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-${PV}.tar.gz;name=libxml
 \
+   file://disable-libxml2-check.patch \
+   file://fix-CATALOG-conditional-compile.patch \
+   file://using-DOCB-conditional.patch \
+"
+LIC_FILES_CHKSUM = 
"file://debian/copyright;md5=75e021e35a906347f46c9ff163653e2a \
+   file://LICENSE;md5=97871bde150daeb5e61ad95137ff2446"
+SRC_URI[libxml.md5sum] = "1544ab9ac110f5da296015346561ce02"
+SRC_URI[libxml.sha256sum] = 
"ec431011cb37a04640fd2316f64d0405a274eece2c6f3847f7fbd336eb1c0dc9"
+
+S = "${WORKDIR}/XML-LibXML-${PV}"
+
+inherit cpan
+
+EXTRA_CPANFLAGS = "INC=-I${STAGING_INCDIR}/libxml2 LIBS=-L${STAGING_LIBDIR}"
+
+BBCLASSEXTEND = "native"
+
+CFLAGS += " -D_GNU_SOURCE "
+BUILD_CFLAGS += " -D_GNU_SOURCE "
+
+do_configure_prepend() {
+   rm -rf ${S}/.pc/*
+}
+
+FILES_${PN}-dbg =+ "${libdir}/perl/vendor_perl/*/auto/XML/LibXML/.debug/"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] netbase: add rpcbind as an alias to sunrpc

[wenzong.fan]

From: Li Wang 

the patch comes from:
https://bugs.archlinux.org/task/20273

Signed-off-by: Li Wang 
---
 ...netbase-add-rpcbind-as-an-alias-to-sunrpc.patch | 44 ++
 meta/recipes-core/netbase/netbase_5.3.bb   |  1 +
 2 files changed, 45 insertions(+)
 create mode 100644 
meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch

diff --git 
a/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
 
b/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
new file mode 100644
index 000..35ce21e
--- /dev/null
+++ 
b/meta/recipes-core/netbase/netbase/netbase-add-rpcbind-as-an-alias-to-sunrpc.patch
@@ -0,0 +1,44 @@
+netbase: add rpcbind as an alias to sunrpc
+
+the patch comes from:
+https://bugs.archlinux.org/task/20273
+
+Upstream-Status: Pending
+
+Signed-off-by: Li Wang 
+---
+ etc-rpc  |2 +-
+ etc-services |4 ++--
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/etc-rpc b/etc-rpc
+index 1b30625..9a9a81a 100644
+--- a/etc-rpc
 b/etc-rpc
+@@ -1,7 +1,7 @@
+ # This file contains user readable names that can be used in place of rpc
+ # program numbers.
+ 
+-portmapper10  portmap sunrpc
++portmapper10  portmap sunrpc rpcbind
+ rstatd11  rstat rstat_svc rup perfmeter
+ rusersd   12  rusers
+ nfs   13  nfsprog
+diff --git a/etc-services b/etc-services
+index 9d64a52..a19f7c8 100644
+--- a/etc-services
 b/etc-services
+@@ -72,8 +72,8 @@ pop2 109/tcp postoffice pop-2 # POP version 2
+ pop2  109/udp pop-2
+ pop3  110/tcp pop-3   # POP version 3
+ pop3  110/udp pop-3
+-sunrpc111/tcp portmapper  # RPC 4.0 portmapper
+-sunrpc111/udp portmapper
++sunrpc111/tcp portmapper rpcbind  # RPC 4.0 
portmapper
++sunrpc111/udp portmapper rpcbind
+ auth  113/tcp authentication tap ident
+ sftp  115/tcp
+ uucp-path 117/tcp
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-core/netbase/netbase_5.3.bb 
b/meta/recipes-core/netbase/netbase_5.3.bb
index 4ac0221..ccd89ff 100644
--- a/meta/recipes-core/netbase/netbase_5.3.bb
+++ b/meta/recipes-core/netbase/netbase_5.3.bb
@@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = 
"file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab
 PE = "1"
 
 SRC_URI = "${DEBIAN_MIRROR}/main/n/netbase/netbase_${PV}.tar.xz \
+   file://netbase-add-rpcbind-as-an-alias-to-sunrpc.patch \
file://hosts"
 
 SRC_URI[md5sum] = "2637a27fd3de02a278d2b5be7e6558c1"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] rpcbind: handle rpcbind options

[wenzong.fan]

From: Li Wang 

the patch refers to:
https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/835833

Run test:
$ systemctl restart rpcbind
$ systemctl status rpcbind

Signed-off-by: Li Wang 
---
 meta/recipes-extended/rpcbind/rpcbind/rpcbind.service | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service 
b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
index b3ae254..24836d4 100644
--- a/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
+++ b/meta/recipes-extended/rpcbind/rpcbind/rpcbind.service
@@ -4,8 +4,8 @@ Requires=rpcbind.socket
 
 [Service]
 Type=forking
-EnvironmentFile=-@SYSCONFDIR@/rpcbind.conf
-ExecStart=@SBINDIR@/rpcbind -w $RPCBIND_OPTS
+EnvironmentFile=@SYSCONFDIR@/rpcbind.conf
+ExecStart=@SBINDIR@/rpcbind $RPCBIND_OPTS
 SuccessExitStatus=2
 
 [Install]
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] ltp: Add inhibit of split

[wenzong.fan]

From: Yue Tao 

With the recent change to allow strip and split of packages
to be controlled seperately, ltp will sometimes fail to build
properly. So in addition to the existing inhibit strip, we
also want to inhibit split.

Signed-off-by: Yue Tao 
---
 meta/recipes-extended/ltp/ltp_20150420.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-extended/ltp/ltp_20150420.bb 
b/meta/recipes-extended/ltp/ltp_20150420.bb
index 2554f52..108ebf1 100644
--- a/meta/recipes-extended/ltp/ltp_20150420.bb
+++ b/meta/recipes-extended/ltp/ltp_20150420.bb
@@ -80,6 +80,7 @@ FILES_${PN} += "/opt/ltp/* /opt/ltp/runtest/* 
/opt/ltp/scenario_groups/* /opt/lt
 
 # Avoid generated binaries stripping. Otherwise some of the ltp tests such as 
ldd01 & nm01 fails
 INHIBIT_PACKAGE_STRIP = "1"
+INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
 # However, test_arch_stripped is already stripped, so...
 INSANE_SKIP_${PN} += "already-stripped"
 
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2] apr: Fix packet discards HTTP redirect

[wenzong.fan]

From: Li Wang 

Disconnect the connection by poll() timeout.
If timeout=0 and apr_wait_for_io_or_timeout()=APR_TIMEUP then
apr_socket_recv() returns EAGAIN.

Signed-off-by: Noriaki Yoshitane 
Signed-off-by: Li Wang 
---
 .../apr/Fix-packet-discards-HTTP-redirect.patch| 32 ++
 meta/recipes-support/apr/apr_1.5.2.bb  |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 
meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch

diff --git 
a/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch 
b/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch
new file mode 100644
index 000..6805b8b
--- /dev/null
+++ b/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch
@@ -0,0 +1,32 @@
+Fix packet discards HTTP redirect.
+
+Disconnect the connection by poll() timeout.
+If timeout=0 and apr_wait_for_io_or_timeout()=APR_TIMEUP then
+apr_socket_recv() returns EAGAIN.
+
+Upstream-Status: Pending
+
+Signed-off-by: Noriaki Yoshitane 
+Signed-off-by: Li Wang 
+---
+ network_io/unix/sendrecv.c |4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/network_io/unix/sendrecv.c b/network_io/unix/sendrecv.c
+index c133a26..e8faf15 100644
+--- a/network_io/unix/sendrecv.c
 b/network_io/unix/sendrecv.c
+@@ -85,6 +85,10 @@ apr_status_t apr_socket_recv(apr_socket_t *sock, char *buf, 
apr_size_t *len)
+   && (sock->timeout > 0)) {
+ do_select:
+ arv = apr_wait_for_io_or_timeout(NULL, sock, 1);
++if ((arv == APR_TIMEUP) && (sock->timeout == 0)) {
++*len = 0;
++return EAGAIN;
++}
+ if (arv != APR_SUCCESS) {
+ *len = 0;
+ return arv;
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-support/apr/apr_1.5.2.bb 
b/meta/recipes-support/apr/apr_1.5.2.bb
index aac6276..c1f7f38 100644
--- a/meta/recipes-support/apr/apr_1.5.2.bb
+++ b/meta/recipes-support/apr/apr_1.5.2.bb
@@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.bz2 \
file://configfix.patch \
file://run-ptest \
file://upgrade-and-fix-1.5.1.patch \
+   file://Fix-packet-discards-HTTP-redirect.patch \
 "
 
 SRC_URI[md5sum] = "4e9769f3349fe11fc0a5e1b224c236aa"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] Fix packet discards HTTP redirect.

[wenzong.fan]

From: Li Wang 

Disconnect the connection by poll() timeout.
If timeout=0 and apr_wait_for_io_or_timeout()=APR_TIMEUP then
apr_socket_recv() returns EAGAIN.

Signed-off-by: Noriaki Yoshitane 
Signed-off-by: Li Wang 
---
 .../apr/Fix-packet-discards-HTTP-redirect.patch| 32 ++
 meta/recipes-support/apr/apr_1.5.2.bb  |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 
meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch

diff --git 
a/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch 
b/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch
new file mode 100644
index 000..6805b8b
--- /dev/null
+++ b/meta/recipes-support/apr/apr/Fix-packet-discards-HTTP-redirect.patch
@@ -0,0 +1,32 @@
+Fix packet discards HTTP redirect.
+
+Disconnect the connection by poll() timeout.
+If timeout=0 and apr_wait_for_io_or_timeout()=APR_TIMEUP then
+apr_socket_recv() returns EAGAIN.
+
+Upstream-Status: Pending
+
+Signed-off-by: Noriaki Yoshitane 
+Signed-off-by: Li Wang 
+---
+ network_io/unix/sendrecv.c |4 
+ 1 file changed, 4 insertions(+)
+
+diff --git a/network_io/unix/sendrecv.c b/network_io/unix/sendrecv.c
+index c133a26..e8faf15 100644
+--- a/network_io/unix/sendrecv.c
 b/network_io/unix/sendrecv.c
+@@ -85,6 +85,10 @@ apr_status_t apr_socket_recv(apr_socket_t *sock, char *buf, 
apr_size_t *len)
+   && (sock->timeout > 0)) {
+ do_select:
+ arv = apr_wait_for_io_or_timeout(NULL, sock, 1);
++if ((arv == APR_TIMEUP) && (sock->timeout == 0)) {
++*len = 0;
++return EAGAIN;
++}
+ if (arv != APR_SUCCESS) {
+ *len = 0;
+ return arv;
+-- 
+1.7.9.5
+
diff --git a/meta/recipes-support/apr/apr_1.5.2.bb 
b/meta/recipes-support/apr/apr_1.5.2.bb
index aac6276..c1f7f38 100644
--- a/meta/recipes-support/apr/apr_1.5.2.bb
+++ b/meta/recipes-support/apr/apr_1.5.2.bb
@@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.bz2 \
file://configfix.patch \
file://run-ptest \
file://upgrade-and-fix-1.5.1.patch \
+   file://Fix-packet-discards-HTTP-redirect.patch \
 "
 
 SRC_URI[md5sum] = "4e9769f3349fe11fc0a5e1b224c236aa"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gdb: Fix detection of 64-bit PPC inferior in gdbserver

[wenzong.fan]

From: Yuanjie Huang 

Fix 64-bit detection according to PowerISA Boot III-S.

https://sourceware.org/ml/gdb-patches/2014-12/msg00239.html
Written by: Yao Qi 

Signed-off-by: Yuanjie Huang 
---
 meta/recipes-devtools/gdb/gdb.inc  |  1 +
 ...ction-of-64-bit-PPC-inferior-in-gdbserver.patch | 56 ++
 2 files changed, 57 insertions(+)
 create mode 100644 
meta/recipes-devtools/gdb/gdb/fix-detection-of-64-bit-PPC-inferior-in-gdbserver.patch

diff --git a/meta/recipes-devtools/gdb/gdb.inc 
b/meta/recipes-devtools/gdb/gdb.inc
index 5466a7d..88c0213 100644
--- a/meta/recipes-devtools/gdb/gdb.inc
+++ b/meta/recipes-devtools/gdb/gdb.inc
@@ -4,6 +4,7 @@ inherit gettext
 
 SRC_URI += "file://0002-Change-order-of-CFLAGS.patch \
 file://0003-Add-support-for-Renesas-SH-sh4-architecture.patch \
+file://fix-detection-of-64-bit-PPC-inferior-in-gdbserver.patch \
"
 #LDFLAGS_append = " -s"
 #export CFLAGS_append=" -L${STAGING_LIBDIR}"
diff --git 
a/meta/recipes-devtools/gdb/gdb/fix-detection-of-64-bit-PPC-inferior-in-gdbserver.patch
 
b/meta/recipes-devtools/gdb/gdb/fix-detection-of-64-bit-PPC-inferior-in-gdbserver.patch
new file mode 100644
index 000..2854352
--- /dev/null
+++ 
b/meta/recipes-devtools/gdb/gdb/fix-detection-of-64-bit-PPC-inferior-in-gdbserver.patch
@@ -0,0 +1,56 @@
+From 4fe67dbafa1bee679daecc12ed30621d5c2605de Mon Sep 17 00:00:00 2001
+From: Yao Qi 
+Date: Mon, 11 May 2015 10:57:33 +0800
+Subject: [PATCH] Fix detection of 64-bit PPC inferior in gdbserver
+
+Issue #16775
+
+* gdbserver/linux-ppc-low.c (ppc_arch_setup): Change variable msr to type
+'unsigned long'.  Check bit 63 or bit 31 is one.
+
+https://sourceware.org/ml/gdb-patches/2014-12/msg00239.html
+Written by: Yao Qi 
+
+Upstream-Status: Pending
+
+Signed-off-by: Yuanjie Huang 
+---
+ gdb/gdbserver/linux-ppc-low.c | 11 +++
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/gdb/gdbserver/linux-ppc-low.c b/gdb/gdbserver/linux-ppc-low.c
+index 63d4218..a62cf22 100644
+--- a/gdb/gdbserver/linux-ppc-low.c
 b/gdb/gdbserver/linux-ppc-low.c
+@@ -374,7 +374,7 @@ ppc_arch_setup (void)
+ {
+   const struct target_desc *tdesc;
+ #ifdef __powerpc64__
+-  long msr;
++  unsigned long msr;
+   struct regcache *regcache;
+ 
+   /* On a 64-bit host, assume 64-bit inferior process with no
+@@ -384,13 +384,16 @@ ppc_arch_setup (void)
+   current_process ()->tdesc = tdesc;
+   ppc_hwcap = 0;
+ 
+-  /* Only if the high bit of the MSR is set, we actually have
+- a 64-bit inferior.  */
++  /* We actually have a 64-bit inferior only if the certain bit of the
++ MSR is set.  The PowerISA Book III-S MSR is different from the
++ PowerISA Book III-E MSR.  The Book III-S MSR is 64 bits wide, and
++ its MSR[SF] is the bit 0 of a 64-bit value.  Book III-E MSR is 32
++ bits wide, and its MSR[CM] is the bit 0 of a 32-bit value.  */
+   regcache = new_register_cache (tdesc);
+   fetch_inferior_registers (regcache, find_regno (tdesc, "msr"));
+   collect_register_by_name (regcache, "msr", &msr);
+   free_register_cache (regcache);
+-  if (msr < 0)
++  if (msr & 0x80008000)
+ {
+   ppc_get_hwcap (&ppc_hwcap);
+   if (ppc_hwcap & PPC_FEATURE_CELL)
+-- 
+1.8.5.2.233.g932f7e4
+
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] grub: Add support for net_default_mac and net_default_ip variables

[wenzong.fan]

From: Lijun Guo 

Using "-c" parameter, grub-mkimage can embed a configuration file into
the grub image. However grub 2.0 doesn't support net_default_mac and
net_default_ip variables in the configuration file.

Backport upstream commit to fix the issue:
* commit id: 2aa072d76a9c7df837a6a81bf80958094a522740

Signed-off-by: Lijun Guo 
---
 ...-to-determine-MAC-IP-of-default-interface.patch | 127 +
 meta/recipes-bsp/grub/grub2.inc|   1 +
 2 files changed, 128 insertions(+)
 create mode 100644 
meta/recipes-bsp/grub/files/New-variables-to-determine-MAC-IP-of-default-interface.patch

diff --git 
a/meta/recipes-bsp/grub/files/New-variables-to-determine-MAC-IP-of-default-interface.patch
 
b/meta/recipes-bsp/grub/files/New-variables-to-determine-MAC-IP-of-default-interface.patch
new file mode 100644
index 000..b1b028e
--- /dev/null
+++ 
b/meta/recipes-bsp/grub/files/New-variables-to-determine-MAC-IP-of-default-interface.patch
@@ -0,0 +1,127 @@
+From 2aa072d76a9c7df837a6a81bf80958094a522740 Mon Sep 17 00:00:00 2001
+From: Vladimir 'phcoder' Serbinenko 
+Date: Tue, 7 May 2013 12:05:36 +0200
+Subject: [PATCH] New variables 'net_default_*' to determine MAC/IP of
+ default interface.
+
+commit 2aa072d76a9c7df837a6a81bf80958094a522740 upstream
+
+Upstream-Status: Backport
+
+Signed-off-by: Lijun Guo 
+
+---
+ grub-core/net/bootp.c |  3 +++
+ grub-core/net/net.c   | 69 ++-
+ 2 files changed, 71 insertions(+), 1 deletion(-)
+
+diff --git a/grub-core/net/bootp.c b/grub-core/net/bootp.c
+index 33f860a..c8ef4d6 100644
+--- a/grub-core/net/bootp.c
 b/grub-core/net/bootp.c
+@@ -211,6 +211,9 @@ grub_net_configure_by_dhcp_ack (const char *name,
+   grub_print_error ();
+ }
+ 
++  if (is_def)
++grub_env_set ("net_default_interface", name);
++
+   if (device && !*device && bp->server_ip)
+ {
+   *device = grub_xasprintf ("tftp,%d.%d.%d.%d",
+diff --git a/grub-core/net/net.c b/grub-core/net/net.c
+index aebbe4b..8ea6906 100644
+--- a/grub-core/net/net.c
 b/grub-core/net/net.c
+@@ -1,6 +1,6 @@
+ /*
+  *  GRUB  --  GRand Unified Bootloader
+- *  Copyright (C) 2010,2011  Free Software Foundation, Inc.
++ *  Copyright (C) 2010,2011,2012,2013  Free Software Foundation, Inc.
+  *
+  *  GRUB is free software: you can redistribute it and/or modify
+  *  it under the terms of the GNU General Public License as published by
+@@ -813,6 +813,69 @@ defserver_get_env (struct grub_env_var *var __attribute__ 
((unused)),
+   return grub_net_default_server ? : "";
+ }
+ 
++static const char *
++defip_get_env (struct grub_env_var *var __attribute__ ((unused)),
++ const char *val __attribute__ ((unused)))
++{
++  const char *intf = grub_env_get ("net_default_interface");
++  const char *ret = NULL;
++  if (intf)
++{
++  char *buf = grub_xasprintf ("net_%s_ip", intf);
++  if (buf)
++  ret = grub_env_get (buf);
++  grub_free (buf);
++}
++  return ret;
++}
++
++static char *
++defip_set_env (struct grub_env_var *var __attribute__ ((unused)),
++ const char *val)
++{
++  const char *intf = grub_env_get ("net_default_interface");
++  if (intf)
++{
++  char *buf = grub_xasprintf ("net_%s_ip", intf);
++  if (buf)
++  grub_env_set (buf, val);
++  grub_free (buf);
++}
++  return NULL;
++}
++
++
++static const char *
++defmac_get_env (struct grub_env_var *var __attribute__ ((unused)),
++ const char *val __attribute__ ((unused)))
++{
++  const char *intf = grub_env_get ("net_default_interface");
++  const char *ret = NULL;
++  if (intf)
++{
++  char *buf = grub_xasprintf ("net_%s_mac", intf);
++  if (buf)
++  ret = grub_env_get (buf);
++  grub_free (buf);
++}
++  return ret;
++}
++
++static char *
++defmac_set_env (struct grub_env_var *var __attribute__ ((unused)),
++ const char *val)
++{
++  const char *intf = grub_env_get ("net_default_interface");
++  if (intf)
++{
++  char *buf = grub_xasprintf ("net_%s_mac", intf);
++  if (buf)
++  grub_env_set (buf, val);
++  grub_free (buf);
++}
++  return NULL;
++}
++
+ 
+ static void
+ grub_net_network_level_interface_register (struct 
grub_net_network_level_interface *inter)
+@@ -1560,6 +1623,10 @@ GRUB_MOD_INIT(net)
+  defserver_set_env);
+   grub_register_variable_hook ("pxe_default_server", defserver_get_env,
+  defserver_set_env);
++  grub_register_variable_hook ("net_default_ip", defip_get_env,
++ defip_set_env);
++  grub_register_variable_hook ("net_default_mac", defmac_get_env,
++ defmac_set_env);
+ 
+   cmd_addaddr = grub_register_command ("net_add_addr", grub_cmd_addaddr,
+   /* TRANSLATORS: HWADDRESS stands for
+-- 
+1.8.5.2.233.g932f7e4
+
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/gru

[OE-core] [PATCH] bash: define NON_INTERACTIVE_LOGIN_SHELLS

[wenzong.fan]

From: Li Wang 

Allow login shells to read the startup files, even if they are not
interactive.

The patch comes from:
* bash-3.2-30.fc10.src.rpm - bash-2.03-profile.patch

Signed-off-by: Li Wang 
---
 .../bash/bash/bash-2.03-profile.patch  | 24 ++
 meta/recipes-extended/bash/bash_4.3.bb |  1 +
 2 files changed, 25 insertions(+)
 create mode 100644 meta/recipes-extended/bash/bash/bash-2.03-profile.patch

diff --git a/meta/recipes-extended/bash/bash/bash-2.03-profile.patch 
b/meta/recipes-extended/bash/bash/bash-2.03-profile.patch
new file mode 100644
index 000..a7d5fe8
--- /dev/null
+++ b/meta/recipes-extended/bash/bash/bash-2.03-profile.patch
@@ -0,0 +1,24 @@
+bash: define NON_INTERACTIVE_LOGIN_SHELLS
+
+Allow login shells to read the startup files, even if they are not
+interactive.
+
+The patch comes from:
+* bash-3.2-30.fc10.src.rpm - bash-2.03-profile.patch
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Li Wang 
+---
+diff -up bash-3.2/config-top.h.profile bash-3.2/config-top.h
+--- bash-3.2/config-top.h.profile  2008-07-17 13:35:39.0 +0200
 bash-3.2/config-top.h  2008-07-17 13:42:18.0 +0200
+@@ -26,6 +26,8 @@
+what POSIX.2 specifies. */
+ #define CONTINUE_AFTER_KILL_ERROR
+ 
++#define NON_INTERACTIVE_LOGIN_SHELLS
++
+ /* Define BREAK_COMPLAINS if you want the non-standard, but useful
+error messages about `break' and `continue' out of context. */
+ #define BREAK_COMPLAINS
diff --git a/meta/recipes-extended/bash/bash_4.3.bb 
b/meta/recipes-extended/bash/bash_4.3.bb
index 23d3197..622058a 100644
--- a/meta/recipes-extended/bash/bash_4.3.bb
+++ b/meta/recipes-extended/bash/bash_4.3.bb
@@ -41,6 +41,7 @@ SRC_URI = 
"${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
file://mkbuiltins_have_stringize.patch \
file://build-tests.patch \
file://test-output.patch \
+   file://bash-2.03-profile.patch \
file://run-ptest \
"
 
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2] man: replace ',' with '#'

[wenzong.fan]

From: Yue Tao 

Sometimes, the parameters of CC/BUILD_CC contains the ',', which
cause the sed command failed, so replace the ',' with '#'

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-extended/man/man/configure_sed.patch | 32 +++
 meta/recipes-extended/man/man_1.6g.bb |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-extended/man/man/configure_sed.patch

diff --git a/meta/recipes-extended/man/man/configure_sed.patch 
b/meta/recipes-extended/man/man/configure_sed.patch
new file mode 100644
index 000..d49e683
--- /dev/null
+++ b/meta/recipes-extended/man/man/configure_sed.patch
@@ -0,0 +1,32 @@
+man: replace ',' with '#'
+
+Sometimes, the parameters of CC/BUILD_CC contains the ',', which
+cause the sed command failed, so replace the ',' with '#'
+
+Upstream-Status: Pending
+
+Signed-off-by: Yue Tao 
+Signed-off-by: Wenzong Fan 
+---
+ configure | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure b/configure
+index 9f62cf9..9a565ae 100755
+--- a/configure
 b/configure
+@@ -1321,9 +1321,9 @@ do
+   echo "Creating $infile from $infile.in"
+   sed -e '
+ s,@version@,$version,
+-s,@CC@,$CC,
++s#@CC@#$CC#
+ s,@EXEEXT@,$EXEEXT,
+-s,@BUILD_CC@,$BUILD_CC,
++s#@BUILD_CC@#$BUILD_CC#
+ s,@INSTALL@,$INSTALL,
+ s,@DEFS@,$DEFS,
+ s,@LIBS@,$LIBS,
+-- 
+1.9.1
+
diff --git a/meta/recipes-extended/man/man_1.6g.bb 
b/meta/recipes-extended/man/man_1.6g.bb
index d4a4b26..6a4c734 100644
--- a/meta/recipes-extended/man/man_1.6g.bb
+++ b/meta/recipes-extended/man/man_1.6g.bb
@@ -52,6 +52,7 @@ SRC_URI = 
"http://pkgs.fedoraproject.org/lookaside/pkgs/man2html/${BP}.tar.gz/ba
file://man.conf \
file://manpath.5.gz;unpack=false \
file://man-1.6g-whatis3.patch \
+   file://configure_sed.patch \
 "
 
 SRC_URI[md5sum] = "ba154d5796928b841c9c69f0ae376660"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] gettext-minimal-native: use MKIDR_P in Makefile.in.in

[wenzong.fan]

From: Wenzong Fan 

The Makefile.in.in provided by gettext-minimal-native will be copied
to many packages that need gettext to produce multi-lingual messages.

Replace mkdir_p with MKDIR_P to fix below errors from those packages'
install logs:

  /bin/sh: 6: @mkdir_p@: not found
  /usr/bin/install: cannot create regular file 'xxx'

As automake manual:

>From Automake 1.8 to 1.9.6 AM_PROG_MKDIR_P used to define the output
variable mkdir_p to one of mkdir -p, install-sh -d, or mkinstalldirs.

Nowadays Autoconf provides a similar functionality with AC_PROG_MKDIR_P,
it will set output variable MKDIR_P.

Automake manual advises to switch ASAP to the more modern Autoconf-provided
interface instead; both the macro and the variable have been removed from
Automake 1.12.1 and later releases.

Signe-off-by: Wenzong Fan 
---
 .../gettext/gettext-minimal-0.19.4/Makefile.in.in  | 18 --
 1 file changed, 4 insertions(+), 14 deletions(-)

diff --git a/meta/recipes-core/gettext/gettext-minimal-0.19.4/Makefile.in.in 
b/meta/recipes-core/gettext/gettext-minimal-0.19.4/Makefile.in.in
index 65184f6..8906ba0 100644
--- a/meta/recipes-core/gettext/gettext-minimal-0.19.4/Makefile.in.in
+++ b/meta/recipes-core/gettext/gettext-minimal-0.19.4/Makefile.in.in
@@ -33,17 +33,7 @@ gettextsrcdir = $(datadir)/gettext/po
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
 
-# We use $(mkdir_p).
-# In automake <= 1.9.x, $(mkdir_p) is defined either as "mkdir -p --" or as
-# "$(mkinstalldirs)" or as "$(install_sh) -d". For these automake versions,
-# @install_sh@ does not start with $(SHELL), so we add it.
-# In automake >= 1.10, @mkdir_p@ is derived from ${MKDIR_P}, which is defined
-# either as "/path/to/mkdir -p" or ".../install-sh -c -d". For these automake
-# versions, $(mkinstalldirs) and $(install_sh) are unused.
-mkinstalldirs = $(SHELL) @install_sh@ -d
-install_sh = $(SHELL) @install_sh@
 MKDIR_P = @MKDIR_P@
-mkdir_p = @mkdir_p@
 
 GMSGFMT_ = @GMSGFMT@
 GMSGFMT_no = @GMSGFMT@
@@ -242,7 +232,7 @@ install: install-exec install-data
 install-exec:
 install-data: install-data-@USE_NLS@
if test "$(PACKAGE)" = "gettext-tools"; then \
- $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \
+ $(MKDIR_P) $(DESTDIR)$(gettextsrcdir); \
  for file in $(DISTFILES.common) Makevars.template; do \
$(INSTALL_DATA) $(srcdir)/$$file \
$(DESTDIR)$(gettextsrcdir)/$$file; \
@@ -260,7 +250,7 @@ install-data-yes: all
  cat=`basename $$cat`; \
  lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \
  dir=$(localedir)/$$lang/LC_MESSAGES; \
- $(mkdir_p) $(DESTDIR)$$dir; \
+ $(MKDIR_P) $(DESTDIR)$$dir; \
  if test -r $$cat; then realcat=$$cat; else realcat=$(srcdir)/$$cat; 
fi; \
  $(INSTALL_DATA) $$realcat $(DESTDIR)$$dir/$(DOMAIN).mo; \
  echo "installing $$realcat as $(DESTDIR)$$dir/$(DOMAIN).mo"; \
@@ -300,7 +290,7 @@ installdirs: installdirs-exec installdirs-data
 installdirs-exec:
 installdirs-data: installdirs-data-@USE_NLS@
if test "$(PACKAGE)" = "gettext-tools"; then \
- $(mkdir_p) $(DESTDIR)$(gettextsrcdir); \
+ $(MKDIR_P) $(DESTDIR)$(gettextsrcdir); \
else \
  : ; \
fi
@@ -311,7 +301,7 @@ installdirs-data-yes:
  cat=`basename $$cat`; \
  lang=`echo $$cat | sed -e 's/\.gmo$$//'`; \
  dir=$(localedir)/$$lang/LC_MESSAGES; \
- $(mkdir_p) $(DESTDIR)$$dir; \
+ $(MKDIR_P) $(DESTDIR)$$dir; \
  for lc in '' $(EXTRA_LOCALE_CATEGORIES); do \
if test -n "$$lc"; then \
  if (cd $(DESTDIR)$(localedir)/$$lang && LC_ALL=C ls -l -d $$lc 
2>/dev/null) | grep ' -> ' >/dev/null; then \
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] man: replace ',' with '#'

[wenzong.fan]

From: Yue Tao 

Sometimes, the parameters of CC contains the ',', which
cause the sed command failed, so replace the ',' with '#'

Signed-off-by: Yue Tao 
---
 meta/recipes-extended/man/man/configure_sed.patch | 22 ++
 meta/recipes-extended/man/man_1.6g.bb |  1 +
 2 files changed, 23 insertions(+)
 create mode 100644 meta/recipes-extended/man/man/configure_sed.patch

diff --git a/meta/recipes-extended/man/man/configure_sed.patch 
b/meta/recipes-extended/man/man/configure_sed.patch
new file mode 100644
index 000..6c047ac
--- /dev/null
+++ b/meta/recipes-extended/man/man/configure_sed.patch
@@ -0,0 +1,22 @@
+man: replace ',' with '#'
+
+Sometimes, the parameters of CC contains the ',', which
+cause the sed command failed, so replace the ',' with '#'
+
+Upstream-Status: Pending
+
+Signed-off-by: Yue Tao 
+---
+diff --git a/configure.old b/configure
+index 9f62cf9..b439055 100755
+--- a/configure.old
 b/configure
+@@ -1321,7 +1321,7 @@ do
+   echo "Creating $infile from $infile.in"
+   sed -e '
+ s,@version@,$version,
+-s,@CC@,$CC,
++s#@CC@#$CC#
+ s,@EXEEXT@,$EXEEXT,
+ s,@BUILD_CC@,$BUILD_CC,
+ s,@INSTALL@,$INSTALL,
diff --git a/meta/recipes-extended/man/man_1.6g.bb 
b/meta/recipes-extended/man/man_1.6g.bb
index d4a4b26..6a4c734 100644
--- a/meta/recipes-extended/man/man_1.6g.bb
+++ b/meta/recipes-extended/man/man_1.6g.bb
@@ -52,6 +52,7 @@ SRC_URI = 
"http://pkgs.fedoraproject.org/lookaside/pkgs/man2html/${BP}.tar.gz/ba
file://man.conf \
file://manpath.5.gz;unpack=false \
file://man-1.6g-whatis3.patch \
+   file://configure_sed.patch \
 "
 
 SRC_URI[md5sum] = "ba154d5796928b841c9c69f0ae376660"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] rpm: check if the argument(rootpath) exists or be writable

[wenzong.fan]

From: Zhixiong Chi 

When user execute the command "rpm -qai --root=$dir",if $dir doesn't
exist or is unwritable as result of making a typo in rootpath,then
it will create dirent $dir and subdirectory.
So we should add the check function to fix it before creating relational
subdirectory,and warn the incorrect rootpath to user. It just checks the
rootpath reasonableness when the user input the argument(--root=/-r=).

Signed-off-by: Zhixiong Chi 
---
 .../rpm/rpm-check-rootpath-reasonableness.patch| 96 ++
 meta/recipes-devtools/rpm/rpm_5.4.14.bb|  1 +
 2 files changed, 97 insertions(+)
 create mode 100644 
meta/recipes-devtools/rpm/rpm/rpm-check-rootpath-reasonableness.patch

diff --git 
a/meta/recipes-devtools/rpm/rpm/rpm-check-rootpath-reasonableness.patch 
b/meta/recipes-devtools/rpm/rpm/rpm-check-rootpath-reasonableness.patch
new file mode 100644
index 000..3986030
--- /dev/null
+++ b/meta/recipes-devtools/rpm/rpm/rpm-check-rootpath-reasonableness.patch
@@ -0,0 +1,96 @@
+rpm: check if the argument(rootpath) exists or be writable
+
+When user execute the command "rpm -qai --root=$dir",if $dir doesn't
+exist or is unwritable as result of making a typo in rootpath,then
+it will create dirent $dir and subdirectory.
+So we should add the check function to fix it before creating relational
+subdirectory,and warn the incorrect rootpath to user. It just checks the
+rootpath reasonableness when the user input the argument(--root=/-r=).
+
+Upstream-Status: Pending
+
+Signed-off-by: Zhixiong Chi 
+---
+ rpmqv.c | 45 +
+ 1 file changed, 45 insertions(+)
+
+diff --git a/rpmqv.c b/rpmqv.c
+index 40c42bd..88d85ab 100644
+--- a/rpmqv.c
 b/rpmqv.c
+@@ -206,6 +206,8 @@ static struct poptOption optionsTable[] = {
+POPT_TABLEEND
+ };
+ 
++static int _rpmqv_rootpath_state = 0;
++
+ #ifdef __MINT__
+ /* MiNT cannot dynamically increase the stack.  */
+ long _stksize = 64 * 1024L;
+@@ -427,6 +429,41 @@ static void integrity_check(const char *progname, enum 
modes progmode_num)
+ }
+ #endif
+ 
++/*check if the rootdir is writable or exists */
++int access_file(const char *rootdir)
++{
++int ret,rootdir_len;
++
++if(rootdir == NULL) {
++return;
++}
++
++rootdir_len = strlen(rootdir);
++/*make sure that dirent argument trailing is "/" */
++if(!(rootdir_len && rootdir[rootdir_len - 1] == '/')){
++char *t = (char *)malloc(rootdir_len + 2);
++*t = '\0';
++(void)stpcpy(stpcpy(t,rootdir),"/");
++ret = access(t,F_OK|W_OK);
++free(t);
++}else{
++ret = access(rootdir,F_OK|W_OK);
++}
++return ret;
++}
++
++/*check if input the argument "--root/-r"  */
++void check_argument_root(int argc,char * const argv[])
++{
++int i;
++for (i = 0; i < argc; i++) {
++if(strncmp(argv[i],"--root=",7) == 0 || strncmp(argv[i],"-r=",3) == 
0) {
++_rpmqv_rootpath_state = 1;
++break;
++}
++}
++}
++
+ /*@-bounds@*/ /* LCL: segfault */
+ /*@-mods@*/ /* FIX: shrug */
+ #if !defined(__GLIBC__) && !defined(__LCLINT__)
+@@ -476,6 +513,8 @@ int main(int argc, const char ** argv)
+ int xx;
+ #endif
+   
++check_argument_root(argc,(char *const *)argv);
++
+ #if !defined(__GLIBC__) && !defined(__LCLINT__)
+ environ = envp;
+ #else
+@@ -715,6 +754,12 @@ int main(int argc, const char ** argv)
+   argerror(_("arguments to --root (-r) must begin with a /"));
+   break;
+   }
++if (_rpmqv_rootpath_state) {
++if (access_file(rpmioRootDir)) {
++fprintf(stderr, _("Invalid directory:%s, ensure it exists or 
be writable\n"),rpmioRootDir);
++exit(EXIT_FAILURE);
++}
++}
+ }
+ 
+ #if defined(RPM_VENDOR_OPENPKG) /* integrity-checking */
+-- 
+1.9.1
+
diff --git a/meta/recipes-devtools/rpm/rpm_5.4.14.bb 
b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
index fb81f12..2e17a91 100644
--- a/meta/recipes-devtools/rpm/rpm_5.4.14.bb
+++ b/meta/recipes-devtools/rpm/rpm_5.4.14.bb
@@ -93,6 +93,7 @@ SRC_URI = 
"http://www.rpm5.org/files/rpm/rpm-5.4/rpm-5.4.14-0.20131024.src.rpm;e
   
file://0001-using-poptParseArgvString-to-parse-the-_gpg_check_pa.patch \
   file://no-ldflags-in-pkgconfig.patch \
   file://rpm-lua-fix-print.patch \
+  file://rpm-check-rootpath-reasonableness.patch \
  "
 
 # Uncomment the following line to enable platform score debugging
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2] ltp: vma03 fix the alginment of page size

[wenzong.fan]

From: Chuang Dong 

the offset the param of mmap2() doesn't align the page size, but,
this param allow must be a multiple of the page size as returned
by sysconf(_SC_PAGE_SIZE).meanwhile offset * 4096 must be a
multiple of the system page size, so modify the input param of offset
pgoff = (ULONG_MAX - 1)&(~((pgsz-1)>>12));

Signed-off-by: Chuang Dong 
---
 ...-ltp-vma03-fix-the-alginment-of-page-size.patch | 34 ++
 meta/recipes-extended/ltp/ltp_20150420.bb  |  1 +
 2 files changed, 35 insertions(+)
 create mode 100644 
meta/recipes-extended/ltp/ltp/0001-ltp-vma03-fix-the-alginment-of-page-size.patch

diff --git 
a/meta/recipes-extended/ltp/ltp/0001-ltp-vma03-fix-the-alginment-of-page-size.patch
 
b/meta/recipes-extended/ltp/ltp/0001-ltp-vma03-fix-the-alginment-of-page-size.patch
new file mode 100644
index 000..905eafb
--- /dev/null
+++ 
b/meta/recipes-extended/ltp/ltp/0001-ltp-vma03-fix-the-alginment-of-page-size.patch
@@ -0,0 +1,34 @@
+From 243881d71d2d49027c3dc15fe27ebe7f4ee68700 Mon Sep 17 00:00:00 2001
+From: Chuang Dong 
+Date: Wed, 10 Jun 2015 09:51:09 +0800
+Subject: [PATCH] ltp: vma03 fix the alginment of page size
+
+the offset the param of mmap2() doesn't align the page size, but,
+this param allow must be a multiple of the page size as returned
+by sysconf(_SC_PAGE_SIZE).meanwhile offset * 4096 must be a
+multiple of the system page size, so modify the input param of offset
+pgoff = (ULONG_MAX - 1)&(~((pgsz-1)>>12));
+
+Upstream-Status: Submitted
+
+Signed-off-by: Chuang Dong 
+---
+ testcases/kernel/mem/vma/vma03.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/testcases/kernel/mem/vma/vma03.c 
b/testcases/kernel/mem/vma/vma03.c
+index 6af9960..b86d7ce 100644
+--- a/testcases/kernel/mem/vma/vma03.c
 b/testcases/kernel/mem/vma/vma03.c
+@@ -89,7 +89,7 @@ int main(int argc, char *argv[])
+   if (fd == -1)
+   tst_brkm(TBROK | TERRNO, NULL, "open %s", TESTFILE);
+ 
+-  pgoff = ULONG_MAX - 1;
++  pgoff = (ULONG_MAX - 1)&(~((pgsz-1)>>12));
+   map = mmap2(NULL, pgsz, PROT_READ | PROT_WRITE, MAP_PRIVATE,
+   fd, pgoff);
+   if (map == MAP_FAILED)
+-- 
+1.8.5.2.233.g932f7e4
+
diff --git a/meta/recipes-extended/ltp/ltp_20150420.bb 
b/meta/recipes-extended/ltp/ltp_20150420.bb
index b4fc223..2554f52 100644
--- a/meta/recipes-extended/ltp/ltp_20150420.bb
+++ b/meta/recipes-extended/ltp/ltp_20150420.bb
@@ -28,6 +28,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git \
 file://make-setregid02-work.patch \
 file://add-knob-for-numa.patch \
 file://add-knob-for-tirpc.patch \
+file://0001-ltp-vma03-fix-the-alginment-of-page-size.patch \
 "
 
 S = "${WORKDIR}/git"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH] nfs-utils: debianize start-statd

[wenzong.fan]

From: Li Wang 

make start-statd command to use nfscommon configure, too.

Signed-off-by: Henrik Riomar 
Signed-off-by: Li Wang 
Signed-off-by: Roy Li 
Signed-off-by: Wenzong Fan 
---
 .../files/nfs-utils-debianize-start-statd.patch| 41 ++
 .../nfs-utils/nfs-utils_1.3.1.bb   |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 
meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch

diff --git 
a/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch
 
b/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch
new file mode 100644
index 000..5a2d5c8
--- /dev/null
+++ 
b/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch
@@ -0,0 +1,41 @@
+[PATCH] nfs-utils: debianize start-statd
+
+Upstream-status: Pending
+
+make start-statd command to use nfscommon configure, too.
+
+Signed-off-by: Henrik Riomar 
+Signed-off-by: Li Wang 
+Signed-off-by: Roy Li 
+Signed-off-by: Wenzong Fan 
+---
+ utils/statd/start-statd | 9 -
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/utils/statd/start-statd b/utils/statd/start-statd
+index ec9383b..3969b8c 100755
+--- a/utils/statd/start-statd
 b/utils/statd/start-statd
+@@ -6,6 +6,13 @@
+ # site.
+ PATH="/sbin:/usr/sbin:/bin:/usr/bin"
+ 
++# Read config
++DEFAULTFILE=/etc/default/nfs-common
++NEED_IDMAPD=
++if [ -f $DEFAULTFILE ]; then
++. $DEFAULTFILE
++fi
++
+ # First try systemd if it's installed.
+ if systemctl --help >/dev/null 2>&1; then
+ # Quit only if the call worked.
+@@ -13,4 +20,4 @@ if systemctl --help >/dev/null 2>&1; then
+ fi
+ 
+ # Fall back to launching it ourselves.
+-exec rpc.statd --no-notify
++exec rpc.statd --no-notify $STATDOPTS
+-- 
+1.9.1
+
diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb 
b/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb
index 6f64e9d..0bcd65e 100644
--- a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb
@@ -29,6 +29,7 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
file://nfs-mountd.service \
file://nfs-statd.service \
file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \
+   file://nfs-utils-debianize-start-statd.patch \
 "
 
 SRC_URI[md5sum] = "8de676b9ff34b8f9addc1d0800fabdf8"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2] libxml2: Security Advisory - libxml2 - CVE-2015-1819

[wenzong.fan]

From: Yue Tao 

for CVE-2015-1819 Enforce the reader to run in constant memory

Signed-off-by: Yue Tao 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/libxml/libxml2.inc   |   1 +
 ...19-Enforce-the-reader-to-run-in-constant-.patch | 181 +
 2 files changed, 182 insertions(+)
 create mode 100644 
meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch

diff --git a/meta/recipes-core/libxml/libxml2.inc 
b/meta/recipes-core/libxml/libxml2.inc
index d337bec..1c3c37d 100644
--- a/meta/recipes-core/libxml/libxml2.inc
+++ b/meta/recipes-core/libxml/libxml2.inc
@@ -20,6 +20,7 @@ SRC_URI = 
"ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
file://python-sitepackages-dir.patch \
file://libxml-m4-use-pkgconfig.patch \
file://configure.ac-fix-cross-compiling-warning.patch \
+   
file://0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch \
   "
 
 BINCONFIG = "${bindir}/xml2-config"
diff --git 
a/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
 
b/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
new file mode 100644
index 000..96d58f9
--- /dev/null
+++ 
b/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
@@ -0,0 +1,181 @@
+From 213f1fe0d76d30eaed6e5853057defc43e6df2c9 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard 
+Date: Tue, 14 Apr 2015 17:41:48 +0800
+Subject: [PATCH] CVE-2015-1819 Enforce the reader to run in constant memory
+
+One of the operation on the reader could resolve entities
+leading to the classic expansion issue. Make sure the
+buffer used for xmlreader operation is bounded.
+Introduce a new allocation type for the buffers for this effect.
+
+Upstream-Status: Backport
+
+Signed-off-by: Yue Tao 
+Signed-off-by: Wenzong Fan 
+---
+ buf.c |   43 ++-
+ include/libxml/tree.h |3 ++-
+ xmlreader.c   |   20 +++-
+ 3 files changed, 63 insertions(+), 3 deletions(-)
+
+diff --git a/buf.c b/buf.c
+index 6efc7b6..07922ff 100644
+--- a/buf.c
 b/buf.c
+@@ -27,6 +27,7 @@
+ #include 
+ #include 
+ #include 
++#include  /* for XML_MAX_TEXT_LENGTH */
+ #include "buf.h"
+ 
+ #define WITH_BUFFER_COMPAT
+@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
+ if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
+ (scheme == XML_BUFFER_ALLOC_EXACT) ||
+ (scheme == XML_BUFFER_ALLOC_HYBRID) ||
+-(scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
++(scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
++  (scheme == XML_BUFFER_ALLOC_BOUNDED)) {
+   buf->alloc = scheme;
+ if (buf->buffer)
+ buf->buffer->alloc = scheme;
+@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
+ size = buf->use + len + 100;
+ #endif
+ 
++if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++/*
++   * Used to provide parsing limits
++   */
++if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
++  (buf->size >= XML_MAX_TEXT_LENGTH)) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(0);
++  }
++  if (size >= XML_MAX_TEXT_LENGTH)
++  size = XML_MAX_TEXT_LENGTH;
++}
+ if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
+ size_t start_buf = buf->content - buf->contentIO;
+ 
+@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
+ CHECK_COMPAT(buf)
+ 
+ if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
++if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++/*
++   * Used to provide parsing limits
++   */
++if (size >= XML_MAX_TEXT_LENGTH) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(0);
++  }
++}
+ 
+ /* Don't resize if we don't have to */
+ if (size < buf->size)
+@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
+ 
+ needSize = buf->use + len + 2;
+ if (needSize > buf->size){
++  if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++  /*
++   * Used to provide parsing limits
++   */
++  if (needSize >= XML_MAX_TEXT_LENGTH) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(-1);
++  }
++  }
+ if (!xmlBufResize(buf, needSize)){
+   xmlBufMemoryError(buf, "growing buffer");
+ return XML_ERR_NO_MEMORY;
+@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) 
{
+ }
+ needSize = buf->use + len + 2;
+ if (needSize > buf->size){
++  if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++  /*
++   * Used to provide parsing limits
++   */
++  if (needSize >= XML_MAX_TEXT_LENGTH) {
++ 

[OE-core] [PATCH] libxml2: Security Advisory - libxml2 - CVE-2015-1819

[wenzong.fan]

From: Yue Tao 

for CVE-2015-1819 Enforce the reader to run in constant memory

Signed-off-by: Yue Tao 
---
 meta/recipes-core/libxml/libxml2.inc   |   1 +
 ...19-Enforce-the-reader-to-run-in-constant-.patch | 178 +
 2 files changed, 179 insertions(+)
 create mode 100644 
meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch

diff --git a/meta/recipes-core/libxml/libxml2.inc 
b/meta/recipes-core/libxml/libxml2.inc
index d337bec..1c3c37d 100644
--- a/meta/recipes-core/libxml/libxml2.inc
+++ b/meta/recipes-core/libxml/libxml2.inc
@@ -20,6 +20,7 @@ SRC_URI = 
"ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
file://python-sitepackages-dir.patch \
file://libxml-m4-use-pkgconfig.patch \
file://configure.ac-fix-cross-compiling-warning.patch \
+   
file://0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch \
   "
 
 BINCONFIG = "${bindir}/xml2-config"
diff --git 
a/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
 
b/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
new file mode 100644
index 000..8b45dcb
--- /dev/null
+++ 
b/meta/recipes-core/libxml/libxml2/0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
@@ -0,0 +1,178 @@
+From 213f1fe0d76d30eaed6e5853057defc43e6df2c9 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard 
+Date: Tue, 14 Apr 2015 17:41:48 +0800
+Subject: [PATCH] CVE-2015-1819 Enforce the reader to run in constant memory
+
+One of the operation on the reader could resolve entities
+leading to the classic expansion issue. Make sure the
+buffer used for xmlreader operation is bounded.
+Introduce a new allocation type for the buffers for this effect.
+
+Upstream-Status: Backport
+---
+ buf.c |   43 ++-
+ include/libxml/tree.h |3 ++-
+ xmlreader.c   |   20 +++-
+ 3 files changed, 63 insertions(+), 3 deletions(-)
+
+diff --git a/buf.c b/buf.c
+index 6efc7b6..07922ff 100644
+--- a/buf.c
 b/buf.c
+@@ -27,6 +27,7 @@
+ #include 
+ #include 
+ #include 
++#include  /* for XML_MAX_TEXT_LENGTH */
+ #include "buf.h"
+ 
+ #define WITH_BUFFER_COMPAT
+@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
+ if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
+ (scheme == XML_BUFFER_ALLOC_EXACT) ||
+ (scheme == XML_BUFFER_ALLOC_HYBRID) ||
+-(scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
++(scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
++  (scheme == XML_BUFFER_ALLOC_BOUNDED)) {
+   buf->alloc = scheme;
+ if (buf->buffer)
+ buf->buffer->alloc = scheme;
+@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
+ size = buf->use + len + 100;
+ #endif
+ 
++if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++/*
++   * Used to provide parsing limits
++   */
++if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
++  (buf->size >= XML_MAX_TEXT_LENGTH)) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(0);
++  }
++  if (size >= XML_MAX_TEXT_LENGTH)
++  size = XML_MAX_TEXT_LENGTH;
++}
+ if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
+ size_t start_buf = buf->content - buf->contentIO;
+ 
+@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
+ CHECK_COMPAT(buf)
+ 
+ if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
++if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++/*
++   * Used to provide parsing limits
++   */
++if (size >= XML_MAX_TEXT_LENGTH) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(0);
++  }
++}
+ 
+ /* Don't resize if we don't have to */
+ if (size < buf->size)
+@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
+ 
+ needSize = buf->use + len + 2;
+ if (needSize > buf->size){
++  if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++  /*
++   * Used to provide parsing limits
++   */
++  if (needSize >= XML_MAX_TEXT_LENGTH) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return(-1);
++  }
++  }
+ if (!xmlBufResize(buf, needSize)){
+   xmlBufMemoryError(buf, "growing buffer");
+ return XML_ERR_NO_MEMORY;
+@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) 
{
+ }
+ needSize = buf->use + len + 2;
+ if (needSize > buf->size){
++  if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
++  /*
++   * Used to provide parsing limits
++   */
++  if (needSize >= XML_MAX_TEXT_LENGTH) {
++  xmlBufMemoryError(buf, "buffer error: text too long\n");
++  return

[OE-core] [PATCH] libsndfile: Security Advisory - libsndfile - CVE-2014-9496

[wenzong.fan]

From: Yue Tao 

Backport two commits from libsndfile upstream to fix a segfault and
two potential buffer overflows.

Signed-off-by: Yue Tao 
---
 ...src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch | 211 +
 ...c-Fix-two-potential-buffer-read-overflows.patch |  49 +
 .../libsndfile/libsndfile1_1.0.25.bb   |   5 +-
 3 files changed, 264 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
 create mode 100644 
meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch

diff --git 
a/meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
 
b/meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
new file mode 100644
index 000..cd48710
--- /dev/null
+++ 
b/meta/recipes-multimedia/libsndfile/files/0001-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
@@ -0,0 +1,211 @@
+From 9341e9c6e70cd3ad76c901c3cf052d4cb52fd827 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo 
+Date: Thu, 27 Jun 2013 18:04:03 +1000
+Subject: [PATCH] src/sd2.c : Fix segfault in SD2 RSRC parser.
+
+(Upstream commit 9341e9c6e70cd3ad76c901c3cf052d4cb52fd827)
+
+A specially crafted resource fork for an SD2 file can cause
+the SD2 RSRC parser to read data from outside a dynamically
+defined buffer. The data that is read is converted into a
+short or int and used during further processing.
+
+Since no write occurs, this is unlikely to be exploitable.
+
+Bug reported by The Mayhem Team from Cylab, Carnegie Mellon
+Univeristy. Paper is:
+http://users.ece.cmu.edu/~arebert/papers/mayhem-oakland-12.pdf
+
+Upstream-Status: Backport
+
+Signed-off-by: Yue Tao 
+---
+ src/sd2.c |   93 -
+ 1 file changed, 55 insertions(+), 38 deletions(-)
+
+diff --git a/src/sd2.c b/src/sd2.c
+index 35ce36b..6be150c 100644
+--- a/src/sd2.c
 b/src/sd2.c
+@@ -1,5 +1,5 @@
+ /*
+-** Copyright (C) 2001-2011 Erik de Castro Lopo 
++** Copyright (C) 2001-2013 Erik de Castro Lopo 
+ ** Copyright (C) 2004 Paavo Jumppanen
+ **
+ ** This program is free software; you can redistribute it and/or modify
+@@ -371,44 +371,61 @@ sd2_write_rsrc_fork (SF_PRIVATE *psf, int UNUSED 
(calc_length))
+ */
+ 
+ static inline int
+-read_char (const unsigned char * data, int offset)
+-{ return data [offset] ;
+-} /* read_char */
++read_rsrc_char (const SD2_RSRC *prsrc, int offset)
++{ const unsigned char * data = prsrc->rsrc_data ;
++  if (offset < 0 || offset >= prsrc->rsrc_len)
++  return 0 ;
++  return data [offset] ;
++} /* read_rsrc_char */
+ 
+ static inline int
+-read_short (const unsigned char * data, int offset)
+-{ return (data [offset] << 8) + data [offset + 1] ;
+-} /* read_short */
++read_rsrc_short (const SD2_RSRC *prsrc, int offset)
++{ const unsigned char * data = prsrc->rsrc_data ;
++  if (offset < 0 || offset + 1 >= prsrc->rsrc_len)
++  return 0 ;
++  return (data [offset] << 8) + data [offset + 1] ;
++} /* read_rsrc_short */
+ 
+ static inline int
+-read_int (const unsigned char * data, int offset)
+-{ return (data [offset] << 24) + (data [offset + 1] << 16) + (data 
[offset + 2] << 8) + data [offset + 3] ;
+-} /* read_int */
++read_rsrc_int (const SD2_RSRC *prsrc, int offset)
++{ const unsigned char * data = prsrc->rsrc_data ;
++  if (offset < 0 || offset + 3 >= prsrc->rsrc_len)
++  return 0 ;
++  return (data [offset] << 24) + (data [offset + 1] << 16) + (data 
[offset + 2] << 8) + data [offset + 3] ;
++} /* read_rsrc_int */
+ 
+ static inline int
+-read_marker (const unsigned char * data, int offset)
+-{
++read_rsrc_marker (const SD2_RSRC *prsrc, int offset)
++{ const unsigned char * data = prsrc->rsrc_data ;
++
++  if (offset < 0 || offset + 3 >= prsrc->rsrc_len)
++  return 0 ;
++
+   if (CPU_IS_BIG_ENDIAN)
+   return (data [offset] << 24) + (data [offset + 1] << 16) + 
(data [offset + 2] << 8) + data [offset + 3] ;
+-  else if (CPU_IS_LITTLE_ENDIAN)
++  if (CPU_IS_LITTLE_ENDIAN)
+   return data [offset] + (data [offset + 1] << 8) + (data [offset 
+ 2] << 16) + (data [offset + 3] << 24) ;
+-  else
+-  return 0x666 ;
+-} /* read_marker */
++
++  return 0 ;
++} /* read_rsrc_marker */
+ 
+ static void
+-read_str (const unsigned char * data, int offset, char * buffer, int 
buffer_len)
+-{ int k ;
++read_rsrc_str (const SD2_RSRC *prsrc, int offset, char * buffer, int 
buffer_len)
++{ const unsigned char * data = prsrc->rsrc_data ;
++  int k ;
+ 
+   memset (buffer, 0, buffer_len) ;
+ 
++  if (offset < 0 || offset + buffer_len >= prsrc->rsrc_len)
++  return ;
++
+   for (k = 0 ; k < buffer_len - 1 ; k++)
+   {   if (psf_isprint (data [offset + k]) == 0)
+  

[OE-core] [PATCH] perl: module overload rdpends on overloading

[wenzong.fan]

From: Wenzong Fan 

Fix perl runtime issue:

* Can't locate overloading.pm in @INC (you may need to install the
overloading module ...) at /usr/lib64/perl/5.20.0/overload.pm line 83.

Signed-off-by: Wenzong Fan 
---
 meta/recipes-devtools/perl/perl-rdepends_5.20.0.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-devtools/perl/perl-rdepends_5.20.0.inc 
b/meta/recipes-devtools/perl/perl-rdepends_5.20.0.inc
index 041471a..e39663c 100644
--- a/meta/recipes-devtools/perl/perl-rdepends_5.20.0.inc
+++ b/meta/recipes-devtools/perl/perl-rdepends_5.20.0.inc
@@ -1841,6 +1841,7 @@ RDEPENDS_${PN}-module-overloading += 
"${PN}-module-warnings"
 RDEPENDS_${PN}-module-overload += "${PN}-module-mro"
 RDEPENDS_${PN}-module-overload += "${PN}-module-scalar-util"
 RDEPENDS_${PN}-module-overload += "${PN}-module-warnings-register"
+RDEPENDS_${PN}-module-overload += "${PN}-module-overloading"
 RDEPENDS_${PN}-module-package-constants += "${PN}-module-if"
 RDEPENDS_${PN}-module-package-constants += "${PN}-module-strict"
 RDEPENDS_${PN}-module-package-constants += "${PN}-module-vars"
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] perl / PathTools: don't filter out blib from @INC

[wenzong.fan]

From: Wenzong Fan 

If $TOPDIR includes the string "blib", filter it out from @INC may empty
the @INC and cause build errors like:

  Can't locate ExtUtils/MakeMaker.pm in @INC \
  (you may need to install the ExtUtils::MakeMaker module) \
  (@INC contains: .) at Makefile.PL

Signed-off-by: Wenzong Fan 
---
 ...-PathTools-don-t-filter-out-blib-from-INC.patch | 33 ++
 meta/recipes-devtools/perl/perl-native_5.20.0.bb   |  4 ++-
 meta/recipes-devtools/perl/perl_5.20.0.bb  |  1 +
 3 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-devtools/perl/perl-5.20.0/perl-PathTools-don-t-filter-out-blib-from-INC.patch

diff --git 
a/meta/recipes-devtools/perl/perl-5.20.0/perl-PathTools-don-t-filter-out-blib-from-INC.patch
 
b/meta/recipes-devtools/perl/perl-5.20.0/perl-PathTools-don-t-filter-out-blib-from-INC.patch
new file mode 100644
index 000..7dd9041
--- /dev/null
+++ 
b/meta/recipes-devtools/perl/perl-5.20.0/perl-PathTools-don-t-filter-out-blib-from-INC.patch
@@ -0,0 +1,33 @@
+From 90c252cecc38aed5d5faedb30485dd6eee2e54eb Mon Sep 17 00:00:00 2001
+From: Wenzong Fan 
+Date: Wed, 11 Feb 2015 15:14:40 +0800
+Subject: [PATCH] perl / PathTools: don't filter out blib from @INC
+
+If $TOPDIR includes the string "blib", filter it out from @INC may empty
+the @INC and cause build errors like:
+
+  Can't locate ExtUtils/MakeMaker.pm in @INC \
+  (you may need to install the ExtUtils::MakeMaker module) \
+  (@INC contains: .) at Makefile.PL
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan 
+---
+ dist/PathTools/Makefile.PL | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/dist/PathTools/Makefile.PL b/dist/PathTools/Makefile.PL
+index 1b21de4..f562cb2 100644
+--- a/dist/PathTools/Makefile.PL
 b/dist/PathTools/Makefile.PL
+@@ -1,6 +1,3 @@
+-
+-BEGIN { @INC = grep {!/blib/} @INC }
+-
+ require 5.005;
+ use ExtUtils::MakeMaker;
+ WriteMakefile
+-- 
+1.9.1
+
diff --git a/meta/recipes-devtools/perl/perl-native_5.20.0.bb 
b/meta/recipes-devtools/perl/perl-native_5.20.0.bb
index 586a347..c8cdad7 100644
--- a/meta/recipes-devtools/perl/perl-native_5.20.0.bb
+++ b/meta/recipes-devtools/perl/perl-native_5.20.0.bb
@@ -17,7 +17,9 @@ SRC_URI = "http://www.cpan.org/src/5.0/perl-${PV}.tar.gz \
file://MM_Unix.pm.patch \
file://debian/errno_ver.diff \
file://dynaloaderhack.patch \
-   file://perl-5.14.3-fix-CVE-2010-4777.patch "
+   file://perl-5.14.3-fix-CVE-2010-4777.patch \
+   file://perl-PathTools-don-t-filter-out-blib-from-INC.patch \
+  "
 
 SRC_URI[md5sum] = "406ec049ebe3afcc80d9c76ec78ca4f8"
 SRC_URI[sha256sum] = 
"4e8c28ad6ecc89902f9cb2e76f2815bb1a8287ded278e15f7a36ca45f8bbcd02"
diff --git a/meta/recipes-devtools/perl/perl_5.20.0.bb 
b/meta/recipes-devtools/perl/perl_5.20.0.bb
index db65202..a99b3c8 100644
--- a/meta/recipes-devtools/perl/perl_5.20.0.bb
+++ b/meta/recipes-devtools/perl/perl_5.20.0.bb
@@ -76,6 +76,7 @@ SRC_URI += " \
 file://perl-5.14.3-fix-CVE-2010-4777.patch \
 file://0001-Makefile.SH-fix-do_install-failed.patch \
 file://make_ext.pl-fix-regenerate-makefile-failed-while-cc-.patch \
+file://perl-PathTools-don-t-filter-out-blib-from-INC.patch \
 "
 
 # Fix test case issues
-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1] perl / PathTools: don't filter out blib from @INC

[wenzong.fan]

From: Wenzong Fan 

If $TOPDIR includes the string "blib", filter it out from @INC may empty
the @INC and cause build errors like:

  Can't locate ExtUtils/MakeMaker.pm in @INC \
  (you may need to install the ExtUtils::MakeMaker module) \
  (@INC contains: .) at Makefile.PL

The following changes since commit 231d4a9d3d89af4b1b5f6ea439c630e4cac82079:

  bitbake: bitbake-user-manual: Removed errant writer note line. (2015-02-10 
23:09:32 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/perl
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/perl

Wenzong Fan (1):
  perl / PathTools: don't filter out blib from @INC

 ...-PathTools-don-t-filter-out-blib-from-INC.patch | 33 ++
 meta/recipes-devtools/perl/perl-native_5.20.0.bb   |  4 ++-
 meta/recipes-devtools/perl/perl_5.20.0.bb  |  1 +
 3 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-devtools/perl/perl-5.20.0/perl-PathTools-don-t-filter-out-blib-from-INC.patch

-- 
1.9.1

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1] coreutils-native: don't install groups

[wenzong.fan]

From: Wenzong Fan 

This binary is provided by shadow-native nowadays. Fixes:

  ERROR: The recipe coreutils-native is trying to install files \
into a shared area when those files already exist. \
Those files and their manifest location are: \
  .../tmp/sysroots/x86_64-linux/usr/bin/groups \
Matched in manifest-x86_64-shadow-native.populate_sysroot

To reproduce the errors:

  $ bitbake shadow-native && bitbake coreutils-native

The following changes since commit 0bc03af7ee6112fa0af0608b02f715ec8495e4ff:

  maintainers.inc: update maintainers (2014-11-26 17:06:10 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/coreutils-native
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/coreutils-native

Wenzong Fan (1):
  coreutils-native: don't install groups

 meta/recipes-core/coreutils/coreutils_8.22.bb |5 +
 1 file changed, 5 insertions(+)

-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] coreutils-native: don't install groups

[wenzong.fan]

From: Wenzong Fan 

This binary is provided by shadow-native nowadays. Fixes:

  ERROR: The recipe coreutils-native is trying to install files \
into a shared area when those files already exist. \
Those files and their manifest location are: \
  .../tmp/sysroots/x86_64-linux/usr/bin/groups \
Matched in manifest-x86_64-shadow-native.populate_sysroot

To reproduce the errors:

  $ bitbake shadow-native && bitbake coreutils-native

Signed-off-by: Wenzong Fan 
---
 meta/recipes-core/coreutils/coreutils_8.22.bb |5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-core/coreutils/coreutils_8.22.bb 
b/meta/recipes-core/coreutils/coreutils_8.22.bb
index 6239600..f85baca 100644
--- a/meta/recipes-core/coreutils/coreutils_8.22.bb
+++ b/meta/recipes-core/coreutils/coreutils_8.22.bb
@@ -74,6 +74,11 @@ do_install_append() {
mv ${D}${bindir}/[ ${D}${bindir}/lbracket.${BPN}
 }
 
+do_install_append_class-native(){
+   # remove groups to fix conflict with shadow-native
+   rm -f ${D}${STAGING_BINDIR_NATIVE}/groups
+}
+
 inherit update-alternatives
 
 ALTERNATIVE_PRIORITY = "100"
-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1][Dizzy] serf: uprev to 1.3.7 for fixing CVE-2014-3504

[wenzong.fan]

From: Wenzong Fan 

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_-
ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7
does not properly handle a NUL byte in a domain name in the subject's
Common Name (CN) field of an X.509 certificate, which allows man-in-
the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504

The following changes since commit 081fddd3e464935e5f438a7686eb8f8856da6281:

  bitbake: data_smart.py: fix variable splitting at _remove mechanism 
(2014-11-19 10:46:41 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/dizzy
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/dizzy

Wenzong Fan (1):
  serf: uprev to 1.3.7 for fixing CVE-2014-3504

 .../serf/{serf_1.3.6.bb => serf_1.3.7.bb}  |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/serf/{serf_1.3.6.bb => serf_1.3.7.bb} (82%)

-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1][Dizzy] serf: uprev to 1.3.7 for fixing CVE-2014-3504

[wenzong.fan]

From: Wenzong Fan 

The (1) serf_ssl_cert_issuer, (2) serf_ssl_cert_subject, and (3) serf_-
ssl_cert_certificate functions in Serf 0.2.0 through 1.3.x before 1.3.7
does not properly handle a NUL byte in a domain name in the subject's
Common Name (CN) field of an X.509 certificate, which allows man-in-
the-middle attackers to spoof arbitrary SSL servers via a crafted
certificate issued by a legitimate Certification Authority.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504

Signed-off-by: Wenzong Fan 
---
 .../serf/{serf_1.3.6.bb => serf_1.3.7.bb}  |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/serf/{serf_1.3.6.bb => serf_1.3.7.bb} (82%)

diff --git a/meta/recipes-support/serf/serf_1.3.6.bb 
b/meta/recipes-support/serf/serf_1.3.7.bb
similarity index 82%
rename from meta/recipes-support/serf/serf_1.3.6.bb
rename to meta/recipes-support/serf/serf_1.3.7.bb
index 08b04d3..5230ef7 100644
--- a/meta/recipes-support/serf/serf_1.3.6.bb
+++ b/meta/recipes-support/serf/serf_1.3.7.bb
@@ -1,8 +1,8 @@
 
-SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-1.3.6.tar.bz2 \
+SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-1.3.7.tar.bz2 \
file://norpath.patch"
-SRC_URI[md5sum] = "7fe38fa6eab078e0beabf291d8e4995d"
-SRC_URI[sha256sum] = 
"ca637beb0399797d4fc7ffa85e801733cd9c876997fac4a4fd12e9afe86563f2"
+SRC_URI[md5sum] = "0a6fa745df4517dd8f79c75c538919bc"
+SRC_URI[sha256sum] = 
"ecccb74e665e6ea7539271e126a21d0f7eeddfeaa8ce090adb3aec6682f9f0ae"
 
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 1/1] serf: 1.3.6 -> 1.3.8

[wenzong.fan]

From: Wenzong Fan 

Release changes:

Serf 1.3.8 [2014-10-20, from /tags/1.3.8, r]
  Fix issue #152: CRC calculation error for gzipped http reponses > 4GB.
  Fix issue #153: SSPI CredHandle not freed when APR pool is destroyed.
  Fix issue #154: Disable SSLv2 and SSLv3 as both or broken.

Serf 1.3.7 [2014-08-11, from /tags/1.3.7, r2411]
  Handle NUL bytes in fields of an X.509 certificate. (r2393, r2399)

Signed-off-by: Wenzong Fan 
---
 .../serf/{serf_1.3.6.bb => serf_1.3.8.bb}  |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/serf/{serf_1.3.6.bb => serf_1.3.8.bb} (74%)

diff --git a/meta/recipes-support/serf/serf_1.3.6.bb 
b/meta/recipes-support/serf/serf_1.3.8.bb
similarity index 74%
rename from meta/recipes-support/serf/serf_1.3.6.bb
rename to meta/recipes-support/serf/serf_1.3.8.bb
index 08b04d3..10db122 100644
--- a/meta/recipes-support/serf/serf_1.3.6.bb
+++ b/meta/recipes-support/serf/serf_1.3.8.bb
@@ -1,8 +1,8 @@
 
-SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-1.3.6.tar.bz2 \
+SRC_URI = "http://serf.googlecode.com/svn/src_releases/serf-${PV}.tar.bz2 \
file://norpath.patch"
-SRC_URI[md5sum] = "7fe38fa6eab078e0beabf291d8e4995d"
-SRC_URI[sha256sum] = 
"ca637beb0399797d4fc7ffa85e801733cd9c876997fac4a4fd12e9afe86563f2"
+SRC_URI[md5sum] = "2e4efe57ff28cb3202a112e90f0c2889"
+SRC_URI[sha256sum] = 
"e0500be065dbbce490449837bb2ab624e46d64fc0b090474d9acaa87c82b2590"
 
 LICENSE = "Apache-2.0"
 LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327"
-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH 0/1] uprev serf: 1.3.6 -> 1.3.8

[wenzong.fan]

From: Wenzong Fan 

Release changes:

Serf 1.3.8 [2014-10-20, from /tags/1.3.8, r]
  Fix issue #152: CRC calculation error for gzipped http reponses > 4GB.
  Fix issue #153: SSPI CredHandle not freed when APR pool is destroyed.
  Fix issue #154: Disable SSLv2 and SSLv3 as both or broken.

Serf 1.3.7 [2014-08-11, from /tags/1.3.7, r2411]
  Handle NUL bytes in fields of an X.509 certificate. (r2393, r2399)

The following changes since commit edaeb8940813b620090a0797ad3b6a076897512d:

  bitbake: cooker.py: fix loginfo op being set to an invalid value (2014-11-12 
17:04:50 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/serf
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/serf

Wenzong Fan (1):
  serf: 1.3.6 -> 1.3.8

 .../serf/{serf_1.3.6.bb => serf_1.3.8.bb}  |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-support/serf/{serf_1.3.6.bb => serf_1.3.8.bb} (74%)

-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2 0/1] shadow: fix pam configs for chpasswd, newusers

[wenzong.fan]

From: Wenzong Fan 

v2 changes:
* correct signature info

The following changes since commit edaeb8940813b620090a0797ad3b6a076897512d:

  bitbake: cooker.py: fix loginfo op being set to an invalid value (2014-11-12 
17:04:50 +)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/shadow-pam
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=wenzong/shadow-pam

Hu (1):
  shadow: fix pam configs for chpasswd, newusers

 meta/recipes-extended/shadow/files/pam.d/chpasswd |2 ++
 meta/recipes-extended/shadow/files/pam.d/newusers |2 ++
 2 files changed, 4 insertions(+)

-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2 1/1] shadow: fix pam configs for chpasswd, newusers

[wenzong.fan]

From: Hu 

Fix below errors while pam is enabled on target:

  root@qemux86:~# newusers
  newusers: PAM: Authentication failure
  root@qemux86:~# chpasswd
  chpasswd: PAM: Authentication failure

The configs copied from "chgpasswd" which command works with pam.

Signed-off-by: Hu 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-extended/shadow/files/pam.d/chpasswd |2 ++
 meta/recipes-extended/shadow/files/pam.d/newusers |2 ++
 2 files changed, 4 insertions(+)

diff --git a/meta/recipes-extended/shadow/files/pam.d/chpasswd 
b/meta/recipes-extended/shadow/files/pam.d/chpasswd
index 9e3efa6..b769d92 100644
--- a/meta/recipes-extended/shadow/files/pam.d/chpasswd
+++ b/meta/recipes-extended/shadow/files/pam.d/chpasswd
@@ -1,4 +1,6 @@
 # The PAM configuration file for the Shadow 'chpasswd' service
 #
 
+auth   sufficient   pam_rootok.so
+accountrequired pam_permit.so
 password   include  common-password
diff --git a/meta/recipes-extended/shadow/files/pam.d/newusers 
b/meta/recipes-extended/shadow/files/pam.d/newusers
index 4aa3dde..4c59dfa 100644
--- a/meta/recipes-extended/shadow/files/pam.d/newusers
+++ b/meta/recipes-extended/shadow/files/pam.d/newusers
@@ -1,4 +1,6 @@
 # The PAM configuration file for the Shadow 'newusers' service
 #
 
+auth   sufficient   pam_rootok.so
+accountrequired pam_permit.so
 password   include  common-password
-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core

[OE-core] [PATCH v2 1/4] bash: clean host path in bashbug

[wenzong.fan]

From: Shiqun Lin 

* /usr/bin/bashbug

Signed-off-by: Shiqun Lin 
Signed-off-by: Wenzong Fan 
---
 meta/recipes-extended/bash/bash.inc |4 
 1 file changed, 4 insertions(+)

diff --git a/meta/recipes-extended/bash/bash.inc 
b/meta/recipes-extended/bash/bash.inc
index 2fe0c6b..d35d25c 100644
--- a/meta/recipes-extended/bash/bash.inc
+++ b/meta/recipes-extended/bash/bash.inc
@@ -38,6 +38,10 @@ do_install_append () {
mv ${D}${bindir}/bash ${D}${base_bindir}
fi
 }
+do_install_append_class-target () {
+   # Clean host path in bashbug
+   sed -i -e "s,${STAGING_DIR_TARGET},,g" ${D}${bindir}/bashbug
+}
 
 do_install_ptest () {
make INSTALL_TEST_DIR=${D}${PTEST_PATH}/tests install-test
-- 
1.7.9.5

-- 
___
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core