Adds patch to fix detection of the "no-pie" vs "nopie" flag, which needs
to be performed for both the host and target compilers; cannot assume
that one works for the other.
Use EXTRA_HOST_CFLAGS and EXTRA_HOST_LDFLAGS variables for passing
the host tool build parameters: BUILD_CFLAGS and BUILD_LDFLAGS.
Drop unneeded 'NO_WERROR=1' from the recipe and rewrap line.
Uprev commit to latest git revision.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This module is part of the perl package now and is shipped by default.
Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Use git hash which addresses CVE-2019-5736. Use the same git hash
used in top of Docker 18.09 branch.
Changes in runc since
6635b4f0 merge branch 'cve-2019-5736'
0a8e4117 nsenter: clone /proc/self/exe to avoid exposing host binary to container
dd023c45 merge branch 'pr-1972'
Fixes: CVE-2019-5736
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
When enable ccache for ceph, error occurs:
-----------------------------------------------------
ccache: invalid option -- 'E'
...
Unable to determine C++ standard library, got .
-----------------------------------------------------
This is because variable "CXX_STDLIB" was null in CMakeLists.txt line: 637,
The "CXX_STDLIB" come from:
-----------------------------------------------------
execute_process(
COMMAND ./librarytest.sh ${CMAKE_CXX_COMPILER} ${CMAKE_CXX_FLAGS}
WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
OUTPUT_VARIABLE CXX_STDLIB
)
-----------------------------------------------------
The script librarytest.sh in ceph accept argument: compile and flags, but when
enable ccache, the compile replace by ccache, so that script failed.
So we disable ccache for ceph now.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The only thing which docker uses /etc/docker for is a TLS key for
connecting with other TLS-enabled services. Make /etc/docker a symlink
to the existing docker volatiles directory so that we can use docker on
a read-only rootfs.
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
refreshing the containerd support to 1.2.x. We have to tweak the package
linking and update the go compile patch, but otherwise, the build is
unchanged.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
"libxl" package does not exist, use Xen.
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
This recipe does not build for mips, so set COMPATIBLE_HOST to avoid that.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The v2.11 version fixed a bug as follow.
Error info:
ovs|00002|db_ctl_base|ERR|external-ids:hostname=: argument does not
end in "=" followed by a value.
The result of ptest between v2.11 and v2.10.1 is similar.
v2.11:
ERROR: 2765 tests were run,
317 failed (1 expected failure).
85 tests were skipped.
v2.10.1:
ERROR: 2662 tests were run,
311 failed (1 expected failure).
85 tests were skipped.
I checked the detailed result. The failed tests were mostly related
to python2 as the image only use python3.
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
linux-yocto-dev would also use virualization features.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
kernel has replaced CONFIG_NF_CONNTRACK_IPV4 with CONFIG_NF_CONNTRACK.
[commit: a0ae2562c]
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
This change reduces the length of ${PV} for several recipes and gives us
auto-incrementing version numbers.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If we're building runc-opencontainers it's likely that we're not using
docker.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
If we don't explicitly set the GO variable as an argument to make then
the native go toolchain is invoked instead of the cross-toolchain we
actually want. This can result in a netns binary which is built for the
wrong architecture.
Signed-off-by: Paul Barker <paul@betafive.co.uk>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
fixes:
WARNING: linux-yocto-4.18.21+gitAUTOINC+9e348b6f9d_db2d813869-r0
do_kernel_configcheck: [kernel config]: This BSP sets config
options that are not offered anywhere within this kernel:
CONFIG_EXT3_FS_XATTR
CONFIG_RESOURCE_COUNTERS
CONFIG_CGROUP_MEM_RES_CTLR
CONFIG_CLS_CGROUP
CONFIG_NETPRIO_CGROUP
CONFIG_DEVPTS_MULTIPLE_INSTANCES
Configs were either dropped or renamed according to the updates made
in the kernel, as capture below.
CONFIG_RESOURCE_COUNTERS gone since kernel v3.19 via mainline
commit 5b1efc027c0b51ca3e76f4e00c83358f8349f543.
CONFIG_CGROUP_MEM_RES_CTLR renamed since kernel v3.6 via mainline
commit c255a458055e459f65eb7b7f51dc5dbdd0caf1d8
CONFIG_CLS_CGROUP never existed AFAICT it should have always
been CONFIG_NET_CLS_CGROUP
CONFIG_NETPRIO_CGROUP renamed since kernel v3.14 via mainline
commit 86f8515f9721fa171483f0fe0391968fbb949cc9
CONFIG_DEVPTS_MULTIPLE_INSTANCES removed since kernel v4.7 via mainline
commit eedf265aa003b4781de24cfed40a655a664457e6
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
add the py2 version for python-docker and python-docker-pycreds packages.
add python-six and python-backport_ssl (for ph2 only) as python-docker dependencies.
verify the connection to docker engine at run time -
>>> import docker
>>> client = docker.from_env()
>>> client.images.list()
[<Image: 'hello-world:latest'>]
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Instead of setting virtio kernel configs in LXC fragment, just reuse
cfg/virtio.scc from yocto-kernel-cache.
Signed-off-by: Chin Huat Ang <chin.huat.ang@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The script lxc-checkconfig doesn't seem to report virtio related kernel
configs as required, so remove them from lxc.cfg instead.
Signed-off-by: Chin Huat Ang <chin.huat.ang@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Ceph package depends on libibverbs, which is provided by the
meta-cloud-services layer.
Signed-off-by: Oleksandr Kravchuk <oleksandr.kravchuk@pelagicore.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
A very small # of new commits. Most are minor bug fixes, no feature
work. I looked at adding ptests but the tests are mostly in an
unusable state at the moment, for example several require cgm despite
cgmanager being deprecated. So I have opted to continue without them
and only when we can work with upstream to improve their testing can
we seriously consider adding them.
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
When CRIU is called for a first time and the /run/criu.kdat file does
not exists, the following warning is shown:
Warn (criu/kerndat.c:847): Can't load /run/criu.kdat
This patch is replacing this warning with a more appropriate debug
message.
File /run/criu.kdat does not exist
Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Minor update bringing in new features such as better support for
cgroup v2, vfio AP support, support for XEN suspend/wakeup.
Basic usecases pass and the ptest return similar results we have been
achieving with the last few uprevs:
====================================
Testsuite summary for libvirt 4.9.0
====================================
# TOTAL: 120
# PASS: 117
# SKIP: 0
# XFAIL: 0
# FAIL: 3
# XPASS: 0
# ERROR: 0
Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
Fix numerous docker.init issues such as missing runtime dependency
util-linux-unshare, incomplete handling of start/stop etc. operations
and minor typos.
Signed-off-by: Chin Huat Ang <chin.huat.ang@intel.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
libvmi is looking for yacc during configuration, so we must add it to
our DEPENDS as a native tool.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Strip out the sse4.2 tuning flag to prevent sse instructions
from being generated in the build, which breaks the hvmloader
on some machine types (specifically core-i7 from meta-intel).
Signed-off-by: Brendan Kerrigan <kerriganb@ainfosec.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
When using qemu-img to create rbd based image:
qemu-img create -f rbd rbd:libvirt-pool/libvirt-image 2G
Output errors:
qemu-img: rbd:libvirt-pool/libvirt-image: error rbd create: Operation not supported
Accroding to upstream's advice:
http://lists.ceph.com/pipermail/ceph-users-ceph.com/2018-November/031014.html
This is because the system can't find libcls_rbd.so, this library
was packaged in ceph-dev, we should package it in ceph.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
docker/k8s and other components have been refreshed to the 18.09 release
tags. So we update runc to keep in sync.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Infrastructure changes triggered updated to supporting parts of the
docker stack, so to make sure that everything stays in sync we update
to the 18.09 release.
There were some minor build differences in this update, but in the
end, things are better since we can use some more of the Make infrastructure
versus calling 'go build' directly.
Also, docker-ce and docker are now virtually the same, except for the
moby based docker pulling in the cli and libnetwork repos independently.
There should be virtually no difference between the results, but we still
keep the two variants for flexibility.
We also drop the unused/legacy 'hi.Dockerfile'.
Tested with both kubernetes and docker unit tests.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Since kubernetes is now on 1.12, we need to sync our cri-o release
to match.
There are some build changes to the utilities, and a patch refresh,
but otherwise, this is very similar to the exiting build of cri-o.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Updating the cni plugins to match k8s and cri-o. We also filter out
the windows plugins, since they use a different build infrastructure
than the other variants .. and are not currently needed. This can
be revisted in the future as needed.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
We aren't running any ptests for cri-o (it is hard to test in
isolation), and the update to go 1.11 has broken the build in the
ptest phase.
For now, we remove the task to get the build running again.
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
The update to go 1.11 exposed some issues with the cross compilation of
kubernetes. The best way to fix those issues is to uprev to 1.12 and to
inhibit the building of the test modules (which query the host for
infrastructure that is not present).
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
1. Remove the detection for build host and correct the install destination
for cross compile.
2. Delete the build host information in the results files.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
* Refresh patch to avoid fuzz warnings
* Update to 3.0.2 as lxc-destroy failed when
system boot in nfs rootfs in lxc 3.0.1 as below:
# lxc-destroy -n test9
lxc-destroy: test9: utils.c: _recursive_rmdir: 149 Failed to delete /var/lib/lxc/test9
lxc-destroy: test9: lxccontainer.c: container_destroy: 2946 Failed to destroy directory "/var/lib/lxc/test9" for "test9"
Destroying test9 failed
Update to 3.0.2 to fix the above issue
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Many "real" (other then genericx86-64) x86-64 target machine configurations
set BASELIB to lib64. For example the intel-corei7-64 or the AMD
machines.
In such case packaging xen-python fails because items are
installed to /usr/lib/, but FILES_xen-python points to package
/usr/lib64/ items. Exposing the DISTUTILS variables from OE build makes
the python installation somewhat similar to what happens in the distutils
class and python items are installed to the /usr/lib64 as expected.
Another issue was that the xen-efi package was picking up too much stuff
from the /usr/lib64 path on such machines. Being more explicit at least
allows to package things correctly.
Signed-off-by: Maciej Pijanowski <maciej.pijanowski@3mdeb.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
