Pavel Zhukov authored 2 years ago and Andrei Gherzan committed 2 years ago

We need to analyse ABI and keep ABI data for different images/arches
thus artifact name should be job specific

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Pavel Zhukov authored 2 years ago and Andrei Gherzan committed 2 years ago

It was broken because of BITBAKE_TMPDIR variable definition removal as
part of the cleanup. Define BITBAKE_TOPDIR variable instead which serves
needs of ABI checker better.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

The most important elements of this include file is the OpenHarmony
version definition along with the associated preferred version.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

This is required on recipes like
oniro-openharmony-toolchain-integration provided by meta-openharmony.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

This avoids build warnings and it is in line with what meta-openharmony
is using.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

* 78fce73 : arm/lib: Improve FVPRunner shutdown logic - Peter Hoyes

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* ea42364 : class: bundle: support incremental image property - Jan Luebbe

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* c79262a : meta-integrity: kernel-modsign: prevents splitting out debug symbols - Jose Quaresma
* e54e064 : clamav: make install owner match the added user name - Jeremy A. Puhlman
* c29ef97 : python3-privacyidea: add correct path to lib/privacyidea - Jeremy A. Puhlman
* ab90048 : libmhash: add multilib header - Jeremy A. Puhlman
* 7e3596e : sssd: ignore CVE-2018-16838 - Davide Gardenal

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* 2e785f2 : Merge pull request #1139 from Freescale/backport-1138-to-kirkstone - Otavio Salvador
* ded83a4 : conf/machine/ls1046ardb.conf: Add DTB fsl-ls1046a-rdb-usdpaa-shared.dtb - Jun Zhu

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* a47ef04 : openflow: ignore unrelated CVEs - Davide Gardenal
* 4b4c6f4 : freeradius: ignore patched CVEs - Davide Gardenal
* b7c6c47 : quagga: ignore CVE-2016-4049 - Davide Gardenal
* 66106e1 : spice: ignore patched CVEs - Davide Gardenal
* 5166896 : thrift: add CVE_PRODUCT to fix CVE reporting - Davide Gardenal
* 7e1a69d : wireshark: upgrade 3.4.11 -> 3.4.12 - Davide Gardenal
* 743f6e7 : ntp: ignore many CVEs - Davide Gardenal
* c1e7b0b : openflow: ignore CVE-2018-1078 - Davide Gardenal
* 9bb4434 : usrsctp: add CVE_VERSION to correctly check for CVEs - Davide Gardenal
* 0af58eb : zabbix: upgrade 5.2.6 -> 5.4.12 - Changqing Li
* d1e28ae : apache2: upgrade 2.4.53 -> 2.4.54 - Changqing Li
* ffe6e46 : redis: upgrade 7.0-rc3 -> 7.0.2 - Changqing Li
* b109169 : redis: upgrade 6.2.6 -> 6.2.7 - Changqing Li

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Zygmunt Krynicki authored 2 years ago and Stefan Schmidt committed 2 years ago

Some jobs care about images and licenses, those look at the
$TMPDIR/deploy, taking some effort to find the correct tmpdir while
hard-coding the deploy dir. Take a shortcut and query for the right
variable (DEPLOY_DIR).

This allows non-trivial layouts with DEPLOY_DIR and TMPDIR placed on
distinct filesystems, for efficiency.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@huawei.com>

Pavel Zhukov authored 2 years ago and Stefan Schmidt committed 2 years ago

ABI checker implementation is meta-binaryaudit. Adding it for CI only
to not extend support surface of the project.
Added to three flavours for now. It can be easily extended to all jobs
if needed in the future

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

Part of gcc oeself-test is client/server based. It uses qemu vm for
native tests via ssh. The vm is launched by runqemu command which
requires the following changes in the docker image.

* passwordless sudo permission
* package iptables pre-installed

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Oniro documentation recommends using of slirp option to have
network connection from/to the image in qemu. Adjust conf-notes.txt
to be consistent with the docs.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

The default compression has been changed from bzip to gz. Update
leftovers accordingly

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

The reference is provided only when repo is used with runner persistent
storage. This is not a major change, just a clean-up of the existing
logic.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@huawei.com>

Add basic documentation for the debug mode.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

Capitalize the title to match other chapter titles.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

Document the change in the default user/password for the production
images.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

The old GPLv2 identifier has been deprecated in oe-core. Time to catch
up with this recipe.

Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>

Fix for CVE-2022-33068 brings a regression in clang builds.
Fixes in upstream with fixup commit.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* b9bbc38 : protobuf-c: update to 1.4.1 fix CVE-2022-33070 - Wentao Zhang
* 6d1dbf7 : modemmanager: update to 1.18.8 - Adrian Freihofer
* 2dd643a : imagemagick: upgrade 7.0.10-25 -> 7.0.10-62 - Davide Gardenal
* 4eaa309 : ntfs-3g-ntfsprogs: upgrade to 2022.5.17 - Chen Qi
* 1a09e4f : php: upgrade 8.1.6 -> 8.1.7 - wangmy
* e5b177a : cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands - Hitendra Prajapati
* bf2822d : dlt-daemon: upgrade to commit 6a3bd901d8 to fix CVE-2022-31291 - Yue Tao
* 97375c7 : emlog: ignore unrelated CVEs - Davide Gardenal
* c455cba : freeradius: mutlilib fixes - Jeremy Puhlman

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* a4bfb5c : libsoup: upgrade 3.0.6 -> 3.0.7 - Alexander Kanavin
* a2871b4 : glib-networking: upgrade 2.72.0 -> 2.72.1 - Alexander Kanavin
* 0d9a2d4 : glib-2.0: upgrade 2.72.2 -> 2.72.3 - Alexander Kanavin
* 3903a24 : weston: update 10.0.0 -> 10.0.1 - Alexander Kanavin
* e008697 : gstreamer1.0-vaapi: upgrade 1.20.2 -> 1.20.3 - wangmy
* 4f00cdf : gstreamer1.0-rtsp-server: upgrade 1.20.2 -> 1.20.3 - wangmy
* 05f62a8 : gstreamer1.0-python: upgrade 1.20.2 -> 1.20.3 - wangmy
* e1dd7d5 : gstreamer1.0-plugins-ugly: upgrade 1.20.2 -> 1.20.3 - wangmy
* 4aee173 : gstreamer1.0-plugins-good: upgrade 1.20.2 -> 1.20.3 - wangmy
* c827ede : gstreamer1.0-plugins-base: upgrade 1.20.2 -> 1.20.3 - wangmy
* 0ead6c0 : gstreamer1.0-plugins-bad: upgrade 1.20.2 -> 1.20.3 - wangmy
* e190d67 : gstreamer1.0-omx: upgrade 1.20.2 -> 1.20.3 - wangmy
* 9b8a62d : gstreamer1.0-libav: upgrade 1.20.2 -> 1.20.3 - wangmy
* 84b2d19 : gst-devtools: upgrade 1.20.2 -> 1.20.3 - wangmy
* 2c177d0 : gstreamer1.0: upgrade 1.20.2 -> 1.20.3 - Alexander Kanavin
* 2023e33 : binutils : stable 2.38 branch updates - Sundeep KOKKONDA
* 96f6bad : glibc-tests: Avoid reproducibility issues - Richard Purdie
* 05760b2 : glibc: stable 2.35 branch updates - Sundeep KOKKONDA
* 7616275 : openssl: update 3.0.4 -> 3.0.5 - Alexander Kanavin
* 640ccea : vim: upgrade to 9.0.0021 - Ross Burton
* 21b66e6 : u-boot: fix CVE-2022-34835 - Sakib Sajal
* dc627ce : tiff: backport the fix for CVE-2022-2056, CVE-2022-2057, and CVE-2022-2058 - Ross Burton
* 537e7d3 : harfbuzz: fix CVE-2022-33068 - Wentao Zhang
* 83ab9f5 : qemu: Avoid accidental libvdeplug linkage - Steve Sakoman
* 84390c3 : qemu: Avoid accidental librdmacm linkage - Richard Purdie
* 171fa2d : qemu: add PACKAGECONFIG for capstone - Steve Sakoman
* 6db1eb6 : ruby: add PACKAGECONFIG for capstone - Steve Sakoman

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>

Signed-off-by: Bernhard Rosenkränzer <bernhard.rosenkraenzer.ext@huawei.com>

This is required by meta-openharmony layer.

Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>

This is required by meta-openharmony layer.

Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>

Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>

Signed-off-by: Esben Haabendal <esben.haabendal@huawei.com>

* d0a0285 : kernel-initramfs: fix typo for ALTERNATIVE - Yi Zhao

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* db6e0ed : arm/oeqa: Use linuxboot and OEFVPSerialTarget instead of noop - Peter Hoyes
* 72a3dfa : arm/oeqa: Create new OEFVPSerialTarget with pexpect interface - Peter Hoyes
* 3ead3aa : arm/classes: Change FVP_CONSOLE to FVP_CONSOLES in fvpconf - Peter Hoyes
* ae48e65 : arm/oeqa: Refactor OEFVPTarget to use FVPRunner and pexpect - Peter Hoyes
* fb794c8 : arm/oeqa: Add selftests for FVP library - Peter Hoyes
* d2685ae : scripts,arm/lib: Refactor runfvp into FVPRunner - Peter Hoyes
* 528d28f : runfvp: ignore setpgid errors when spawned - Bertrand Marquis

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* e3e5687 : Merge pull request #1137 from Freescale/backport-1133-to-kirkstone - Otavio Salvador
* 033a380 : weston: 9.0.0.imx: fix build with latest master - Max Krummenacher
* 2b07a82 : Merge pull request #1136 from Freescale/backport-1134-to-kirkstone - Otavio Salvador
* 5ae86e7 : remove random file - Max Krummenacher
* cdd3880 : Merge pull request #1135 from Freescale/backport-1132-to-kirkstone - Otavio Salvador
* 54e519e : Revert "imx-base.inc: upgrade to gstreamer 1.20.2" - Max Krummenacher
* f2253aa : Merge pull request #1131 from Freescale/backport-1130-to-kirkstone - Otavio Salvador
* 05e0dbe : imx-base.inc: Use ??= for PREFERRED_VERSION - Tom Hochstein

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

* fb7b26b : fix(syslog-ng): warning about conf version - Aurélien Bertron
* 1cd38ee : strongswan: upgrade 5.9.5 -> 5.9.6 - Yi Zhao
* e4c5f5b : postgresql: upgrade 14.3 -> 14.4 - wangmy
* 6ff027e : exo: upgrade 4.16.3 -> 4.16.4 - Yue Tao
* 7040cff : networkmanager: fix build with enabled ppp - Javier Viguera
* d7aaee2 : chrony: create /var/lib/chrony by systemd-tmpfiles - Changqing Li
* 3d47772 : dnsmasq: Security fix CVE-2022-0934 - Yi Zhao
* 18767f1 : libgpiod: move test dependencies to ptest package - Peter Marko
* 16621ac : python3-pybluez: fix a runtime issue with python 3.10 - Bartosz Golaszewski
* 9c3976a : iperf: Set CVE_PRODUCT to "iperf_project:iperf" - Akash Hadke
* fad4c40 : ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g" - Akash Hadke
* 3a019f2 : tesseract-lang: switch from master branch to main - Martin Jansa
* 14023da : netserver: don't change permissions on /dev/null - Ashish Sharma
* caab54d : leveldb: switch from master branch to main - Martin Jansa

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

For now, it only handles the depndency to ninja-native and handling the
export of the MAXLOAD_NINJA variable.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

We provide recipes that other projects/layers do as well (for example gn
is also provided by meta-arm). Make sure that our layer has a higher
priority when most of the upstream layers use the default 5.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>