diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2021-02-19 21:26:16 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2021-02-25 23:15:06 +0300 |
commit | 9b4d8b0ea6b5862f279fab62e6ccee3bd51ddcc2 (patch) | |
tree | 3766042390932e4b7cb839d6ed617bbb1a7a29b9 /poky/meta/recipes-core/glibc | |
parent | d1e894976442c78577f52fe7b169812d00289120 (diff) | |
download | openbmc-9b4d8b0ea6b5862f279fab62e6ccee3bd51ddcc2.tar.xz |
poky: subtree update:9294bc4bb4..488e39b623
Alejandro Hernandez Samaniego (1):
sstate.bbclass: Split sstate summary into locally and network found artifacts
Alexander Kanavin (1):
selftest/reproducible: track unusued entries in the exclusion list
Andrei Gherzan (1):
oe/recipeutils: Fix copying patches when BBLAYERS entries are not normalised
Anthony Bagwell (1):
kernel-fitimage: fix dtbo support for fit images
Anuj Mittal (38):
git: upgrade 2.30.0 -> 2.30.1
glib-2.0: upgrade 2.66.4 -> 2.66.7
help2man: upgrade 1.47.16 -> 1.48.1
libevdev: upgrade 1.10.1 -> 1.11.0
stress-ng: upgrade 0.12.02 -> 0.12.03
vte: upgrade 0.62.1 -> 0.62.2
x264: upgrade to latest revision
createrepo-c: upgrade 0.16.2 -> 0.17.0
libuv: upgrade 1.40.0 -> 1.41.0
piglit: upgrade to latest revision
pigz: upgrade 2.4 -> 2.6
python3-git: upgrade 3.1.12 -> 3.1.13
sysstat: upgrade 12.4.2 -> 12.4.3
python3-hypothesis: upgrade 6.0.2 -> 6.2.0
python3-more-itertools: upgrade 8.6.0 -> 8.7.0
python3-numpy: upgrade 1.20.0 -> 1.20.1
python3-pygments: upgrade 2.7.4 -> 2.8.0
python3-pytest: upgrade 6.2.1 -> 6.2.2
python3-setuptools: upgrade 52.0.0 -> 53.0.0
psmisc: upgrade 23.3 -> 23.4
gtk+3: upgrade 3.24.24 -> 3.24.25
lighttpd: upgrade 1.4.58 -> 1.4.59
libwebp: upgrade 1.1.0 -> 1.2.0
libcap: upgrade 2.47 -> 2.48
libxt: upgrade 1.2.0 -> 1.2.1
sysklogd: upgrade 2.1.2 -> 2.2.1
cmake: upgrade 3.19.3 -> 3.19.5
curl: upgrade 7.74.0 -> 7.75.0
diffoscope: upgrade 164 -> 166
libfm-extra: upgrade 1.3.1 -> 1.3.2
pcmanfm: upgrade 1.3.1 -> 1.3.2
json-glib: upgrade 1.6.0 -> 1.6.2
mesa: upgrade 20.3.2 -> 20.3.4
kmscube: upgrade to latest revision
btrfs-tools: upgrade 5.10 -> 5.10.1
man-db: upgrade 2.9.3 -> 2.9.4
asciidoc: fix upstream check
linux-yocto: update genericx86* to v5.4.94
Bruce Ashfield (6):
linux-yocto-rt/5.10: update to -rt25
linux-yocto/5.10: update to v5.10.14
linux-yocto/5.4: update to v5.4.96
linux-yocto/5.10: update to v5.10.16
linux-yocto/5.4: update to v5.4.98
linux-yocto-dev: bump version to v5.11+
Jan-Simon Möller (2):
oe-selftests: add rpm to reproducible build selftest
package_rpm: Enable use_source_date_epoch_as_buildtime in package_rpm class
Jose Quaresma (5):
spirv-tools: disable tests
spirv-tools: build all libaries as shared
glslang: generate glslang pkg-config
glslang: add comment about unversioned libraries
shaderc: remove the receipe configure hack and use a patch for that
Joshua Watt (7):
libomxil: Fix up commercial license flag
weston: remoting backend requires GStreamer base plugins
oeqa: reproducible: Fix SSTATE_MIRRORS variable
oeqa: reproducible: Add more logging
bitbake: contrib: Add Dockerfile for building hash server
bison: Fix up file name mapping
acpica: Fix reproducibility issues
Khem Raj (8):
tcf-agent: Fix build on riscv32
security_flags.inc: Add same O<level> as in SELECTED_OPTIMIZATION
autoconf: Add missing perl modules to rdeps
gdb: Drop SIGRTMIN definition patch
musl: Update to latest master
go: Update to 1.15.8
ruby: Do not use ucontext implementation for coroutines on musl/riscv
libunwind: Disable for riscv
Konrad Weihmann (1):
cmake: set CMAKE_EXPORT_NO_PACKAGE_REGISTRY
Luca Boccassi (1):
systemd: add hostname fallback when polkit is not available
Marek Vasut (1):
weston-init: Fix weston-keyboard path in weston.ini
Michael Halstead (1):
yocto-uninative.inc: version 3.0 incorporate seccomp filter workaround
Oleksandr Kravchuk (2):
cryptodev: upgrade to 1.12
tar: update to 1.34
Richard Purdie (31):
pseudo: Update for rename and faccessat fixes
nativesdk-buildtools-perl-dummy: Add new autoconf dependencies
selftest/reproducible: Sort the unused exclusion list
selftest/reproducible: Remove no longer needed exclusions
pseudo: Update to include fixes for glibc 2.33
bitbake: bitbake-worker/runqueue: Add support for BB_DEFAULT_UMASK
bitbake: bitbake: Bump version to 1.49.2
systemd: Simplify mount error patch
bitbake.conf: Set as default task umask of 022
classes: Drop now unneeded umask flags
cwautomacros: Ensure version is set deterministically
vim: Improve determinism
vim: Fix a race over creation of the desktop files
package_manager/deb: Fix image generation with package removal
quilt: Be determnistic about column presence
buildtools-extended-tarball: Add glibc-gconvs needed for build
watchdog: Fix determinism issue from sendmail host path
watchdog: Avoid reproducibility failures after fixing build
xorg-fonts-minimal: Fix reproducibility
xmlto: Fix reproducibility
selftest/reproducible: Update exclusions
distutils3-base: Fix after native packaging changes
subversion: upgrade 1.14.0 -> 1.14.1
python3-jinja2: upgrade 2.11.2 -> 2.11.3
systemd: Drop unneeded musl patches
qemu: Refresh mmap fixes patch status/content
Revert "oe-selftests: add rpm to reproducible build selftest"
local.conf.sample.extended: Bring back into sync with OE-Core
xorg-minimal-fonts: Really fix determinism
git: Fix determinism issue
groff: Fix determinism issue
Ross Burton (2):
glibc: add workaround for faccessat2 being blocked by seccomp filters
rootfs_deb: handle aarch64 SDK_ARCH
Suji Velupillai (1):
ffmpeg: move ffmpeg config into packageconfig
Teoh Jay Shen (1):
oeqa/runlevel : add test for runlevels
Thomas Viehweger (1):
mtd-utils: Remove duplicate assignments to alternative link names
Tomasz Dziendzielski (1):
bitbake: event: Prevent bitbake from executing event handler for wrong multiconfig target
Vivien Didelot (2):
local.conf.sample.extended: fix double 'of' typo
local.conf.sample.extended: prefer INIT_MANAGER
Wes Lindauer (1):
df.py: Add feature check for read-only-rootfs
Yi Fan Yu (2):
valgrind: Disable ptest nlcontrolc for x86-64
valgrind: Remove reference to non-existent ptests
Yoann Congal (1):
npm.bbclass: avoid building target nodejs for native npm recipes
akuster (1):
connman: update to 1.39
Revert "libpam: remove unused code"
This reverts commit e5b5c38a76bbf3f56353954bdc65fa8736ed76bf.
This is needed for the backported libpam support
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ia802c1f09ccbd2967e01098edb059e72ee670ad8
Diffstat (limited to 'poky/meta/recipes-core/glibc')
-rw-r--r-- | poky/meta/recipes-core/glibc/glibc/faccessat2-perm.patch | 31 | ||||
-rw-r--r-- | poky/meta/recipes-core/glibc/glibc_2.33.bb | 1 |
2 files changed, 32 insertions, 0 deletions
diff --git a/poky/meta/recipes-core/glibc/glibc/faccessat2-perm.patch b/poky/meta/recipes-core/glibc/glibc/faccessat2-perm.patch new file mode 100644 index 0000000000..2ee7110ca1 --- /dev/null +++ b/poky/meta/recipes-core/glibc/glibc/faccessat2-perm.patch @@ -0,0 +1,31 @@ +Older seccomp-based filters used in container frameworks will block faccessat2 +calls as it's a relatively new syscall. This isn't a big problem with +glibc <2.33 but 2.33 will call faccessat2 itself, get EPERM, and thenn be confused +about what to do as EPERM isn't an expected error code. + +This manifests itself as mysterious errors, for example a kernel failing to link. + +The root cause of bad seccomp filters is mostly fixed (systemd 247, Docker 20.10.0) +but we can't expect everyone to upgrade, so add a workaound (originally from +Red Hat) to handle EPERM like ENOSYS and fallback to faccessat(). + +Upstream-Status: Inappropriate +Signed-off-by: Ross Burton <ross.burton@arm.com> + +diff --git a/sysdeps/unix/sysv/linux/faccessat.c b/sysdeps/unix/sysv/linux/faccessat.c +index 56cb6dcc8b4d58d3..5de75032bbc93a2c 100644 +--- a/sysdeps/unix/sysv/linux/faccessat.c ++++ b/sysdeps/unix/sysv/linux/faccessat.c +@@ -34,7 +34,11 @@ faccessat (int fd, const char *file, int mode, int flag) + #if __ASSUME_FACCESSAT2 + return ret; + #else +- if (ret == 0 || errno != ENOSYS) ++ /* Fedora-specific workaround: ++ As a workround for a broken systemd-nspawn that returns ++ EPERM when a syscall is not allowed instead of ENOSYS ++ we must check for EPERM here and fall back to faccessat. */ ++ if (ret == 0 || !(errno == ENOSYS || errno == EPERM)) + return ret; + + if (flag & ~(AT_SYMLINK_NOFOLLOW | AT_EACCESS)) diff --git a/poky/meta/recipes-core/glibc/glibc_2.33.bb b/poky/meta/recipes-core/glibc/glibc_2.33.bb index 4085c779eb..e0002e6046 100644 --- a/poky/meta/recipes-core/glibc/glibc_2.33.bb +++ b/poky/meta/recipes-core/glibc/glibc_2.33.bb @@ -12,6 +12,7 @@ NATIVESDKFIXES_class-nativesdk = "\ file://0005-nativesdk-glibc-Raise-the-size-of-arrays-containing-.patch \ file://0006-nativesdk-glibc-Allow-64-bit-atomics-for-x86.patch \ file://0007-nativesdk-glibc-Make-relocatable-install-for-locales.patch \ + file://faccessat2-perm.patch \ " SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ |