poky: subtree update:20946c63c2..c17113f1e2
Adrian Bunk (3):
shadow: musl now supports secure_getenv
kmod: Replace dolt hacks with backport of upstream dolt removal
btrfs-tools: Add a PACKAGECONFIG for zstd
Alexander Kanavin (12):
linux-yocto: add drm-bochs support
mesa: fix upstream version check
conf/conf-notes.txt: add a mention of common tools
conf/conf-notes.txt: add a mention of common tools
gtk-doc: upgrade 1.30 -> 1.31
desktop-file-utils: upgrade 0.23 -> 0.24
libdazzle: upgrade 3.32.2 -> 3.32.3
rt-tests: exclude another development version
vala: upgrade 0.44.5 -> 0.44.7
epiphany: upgrade 3.32.3 -> 3.32.4
libmodulemd: depend on target python at build time
createrepo-c: upgrade 0.14.3 -> 0.15.0
Alistair Francis (3):
qemu: Upgrade to version 4.1
scripts/runqemu: Add support for the BIOS variable
qemuriscv64: Specify the firmware as a bios instead of kernel
Anuj Mittal (2):
binutils: fix CVE-2019-14250 CVE-2019-14444
patch: backport fixes
Bruce Ashfield (6):
kernel-devsrc: tweak for v5.3+
kern-tools: Add SPDX license headers to source files
linux-yocto: arch/x86/boot: use prefix map to avoid embedded paths
kernel-yocto: import security fragments from meta-security
kconf_check: tweak CONFIG_ regex
linux-yocto/4.19: make drm-bochs feature available
Changqing Li (2):
dbus: disable test-bus
qemumips/qemumips64: move QB_SYSTEM_NAME to corresponding conf
Chen Qi (1):
target-sdk-provides-dummy: extend packages for multilib case
He Zhe (2):
ltp: Fix tgkill03 failure
ltp: Fix ustat02 failure
Hongxu Jia (3):
nfs-utils: decrease RLIMIT_NOFILE to 4k for systemd
distcc: upgrade 3.3.2 -> 3.3.3
ncurses: upgrade 6.1+20181013 -> 6.1+20190803
Jaewon Lee (1):
devtool: build: Also run deploy for devtool build if applicable
Jason Wessel (2):
cross-localedef-native: Add hardlink resolver from util-linux
libc-package.bbclass: Split locale hard link processing into two parts
Jon Mason (1):
resulttool: Prevent multiple results for the same test
Kai Kang (1):
webkitgtk: disable gold on mipsn32
Kevin Hao (1):
psplash: Avoid mount the psplash tmpfs twice
Khem Raj (10):
musl: Update to latest tip
systemd: Drop musl __secure_getenv patch
mesa: Add packageconfigs for vc4 and v3d
util-linux: Make pam specific logic apply to target recipe alone
systemd.bbclass: Limit rm_sysvinit_initddir and rm_systemd_unitdir to target alone
systemd: Refresh patch after removal of __secure_getenv patch
gcc-9: Upgrade to 9.2
gcc: Search in OE specific target gcclibdir
opensbi: Disable SECURITY_CFLAGS since it cant link with libssp
libffi: Upgrade to 3.3-rc0
Lei Maohui (2):
nativesdk-qemu: support aarch64_be.
at: fix a spelling mistake.
Mikko Rapeli (1):
stress-ng: provide stress
Mingli Yu (1):
python3: fix the test_locale output format
Oleksandr Kravchuk (8):
ffmpeg: update to 4.2
python-setuptools: update to 41.1.0
python3-scons: update to 3.1.1
ofono: update to 1.30
bitbake.conf: fix XORG_MIRROR URL
cups: update to 2.2.12
git: update to 2.23.0
python-setuptools: update to 41.2.0
Otavio Salvador (2):
linux-firmware: Upgrade 20190618 -> 20190815
kmscube: Bump revision to f632b23
Philippe Normand (1):
libtasn1: Enable nativesdk support
Ricardo Ribalda Delgado (1):
packagegroup-core-base-utils: Make it machine specific
Richard Purdie (7):
yocto-check-layer: Ensure we use OEBasicHash as the signature handler
package: Fix race between do_package and do_packagedata
bitbake: cookerdata: Delay the setup of the siggen slightly to allow metadata defined siggens
bitbake: runqueue: Small but critical fix
bitbake: runqueue: Optimise holdoff task handling
bitbake: runqueue: Further optimise holdoff tasks
bitbake: runqueue: Optimise build_taskdepdata slightly
Ross Burton (2):
systemd: add PACKAGECONFIG for gnu-efi
pango: upgrade to 1.44.5
Trevor Gamblin (2):
quilt: Export QUILT_PC variable in ptest Makefile
quilt: added less to RDEPENDS list
Wes Lindauer (5):
iw: Fix license field to BSD-2-Clause
openssh: Update LICENSE field with missing values
shadow: Fix BSD license file checksum
sudo: Fix BSD license file checksum
libunwind: Fix MIT license file checksum
Yuan Chao (1):
libnss-nis: upgrade 3.0 -> 3.1
Zang Ruochen (3):
acpid: upgrade 2.0.31 -> 2.0.32
lz4:upgrade 1.9.1 -> 1.9.2
python3-pip:upgrade 19.2.1 -> 19.2.2
Change-Id: I2068692bfdbbf18f892761a12f85e913b8212f3f
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-devtools/gcc/gcc-9.2/0002-gcc-poison-system-directories.patch b/poky/meta/recipes-devtools/gcc/gcc-9.2/0002-gcc-poison-system-directories.patch
new file mode 100644
index 0000000..a1116e7
--- /dev/null
+++ b/poky/meta/recipes-devtools/gcc/gcc-9.2/0002-gcc-poison-system-directories.patch
@@ -0,0 +1,203 @@
+From 68e78bc15de215fa15c7d8b56bd2e2b0539b34fa Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 29 Mar 2013 08:59:00 +0400
+Subject: [PATCH 02/36] gcc: poison-system-directories
+
+Add /sw/include and /opt/include based on the original
+zecke-no-host-includes.patch patch. The original patch checked for
+/usr/include, /sw/include and /opt/include and then triggered a failure and
+aborted.
+
+Instead, we add the two missing items to the current scan. If the user
+wants this to be a failure, they can add "-Werror=poison-system-directories".
+
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Upstream-Status: Pending
+---
+ gcc/common.opt | 4 ++++
+ gcc/config.in | 6 ++++++
+ gcc/configure | 16 ++++++++++++++++
+ gcc/configure.ac | 10 ++++++++++
+ gcc/doc/invoke.texi | 9 +++++++++
+ gcc/gcc.c | 2 ++
+ gcc/incpath.c | 21 +++++++++++++++++++++
+ 7 files changed, 68 insertions(+)
+
+diff --git a/gcc/common.opt b/gcc/common.opt
+index d342c4f3749..c64fd4a6c50 100644
+--- a/gcc/common.opt
++++ b/gcc/common.opt
+@@ -684,6 +684,10 @@ Wreturn-local-addr
+ Common Var(warn_return_local_addr) Init(1) Warning
+ Warn about returning a pointer/reference to a local or temporary variable.
+
++Wpoison-system-directories
++Common Var(flag_poison_system_directories) Init(1) Warning
++Warn for -I and -L options using system directories if cross compiling
++
+ Wshadow
+ Common Var(warn_shadow) Warning
+ Warn when one variable shadows another. Same as -Wshadow=global.
+diff --git a/gcc/config.in b/gcc/config.in
+index a718ceaf3da..5713342efb1 100644
+--- a/gcc/config.in
++++ b/gcc/config.in
+@@ -200,6 +200,12 @@
+ #endif
+
+
++/* Define to warn for use of native system header directories */
++#ifndef USED_FOR_TARGET
++#undef ENABLE_POISON_SYSTEM_DIRECTORIES
++#endif
++
++
+ /* Define if you want all operations on RTL (the basic data structure of the
+ optimizer and back end) to be checked for dynamic type safety at runtime.
+ This is quite expensive. */
+diff --git a/gcc/configure b/gcc/configure
+index 481071b4265..a6ea3a8a84c 100755
+--- a/gcc/configure
++++ b/gcc/configure
+@@ -995,6 +995,7 @@ with_system_zlib
+ enable_maintainer_mode
+ enable_link_mutex
+ enable_version_specific_runtime_libs
++enable_poison_system_directories
+ enable_plugin
+ enable_host_shared
+ enable_libquadmath_support
+@@ -1748,6 +1749,8 @@ Optional Features:
+ --enable-version-specific-runtime-libs
+ specify that runtime libraries should be installed
+ in a compiler-specific directory
++ --enable-poison-system-directories
++ warn for use of native system header directories
+ --enable-plugin enable plugin support
+ --enable-host-shared build host code as shared libraries
+ --disable-libquadmath-support
+@@ -29750,6 +29753,19 @@ if test "${enable_version_specific_runtime_libs+set}" = set; then :
+ fi
+
+
++# Check whether --enable-poison-system-directories was given.
++if test "${enable_poison_system_directories+set}" = set; then :
++ enableval=$enable_poison_system_directories;
++else
++ enable_poison_system_directories=no
++fi
++
++if test "x${enable_poison_system_directories}" = "xyes"; then
++
++$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
++
++fi
++
+ # Substitute configuration variables
+
+
+diff --git a/gcc/configure.ac b/gcc/configure.ac
+index ce2825580c6..d42bbd4fd1c 100644
+--- a/gcc/configure.ac
++++ b/gcc/configure.ac
+@@ -6378,6 +6378,16 @@ AC_ARG_ENABLE(version-specific-runtime-libs,
+ [specify that runtime libraries should be
+ installed in a compiler-specific directory])])
+
++AC_ARG_ENABLE([poison-system-directories],
++ AS_HELP_STRING([--enable-poison-system-directories],
++ [warn for use of native system header directories]),,
++ [enable_poison_system_directories=no])
++if test "x${enable_poison_system_directories}" = "xyes"; then
++ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
++ [1],
++ [Define to warn for use of native system header directories])
++fi
++
+ # Substitute configuration variables
+ AC_SUBST(subdirs)
+ AC_SUBST(srcdir)
+diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+index 6ef36ce02aa..09414d8cc05 100644
+--- a/gcc/doc/invoke.texi
++++ b/gcc/doc/invoke.texi
+@@ -332,6 +332,7 @@ Objective-C and Objective-C++ Dialects}.
+ -Wpacked -Wpacked-bitfield-compat -Wpacked-not-aligned -Wpadded @gol
+ -Wparentheses -Wno-pedantic-ms-format @gol
+ -Wplacement-new -Wplacement-new=@var{n} @gol
++-Wno-poison-system-directories @gol
+ -Wpointer-arith -Wpointer-compare -Wno-pointer-to-int-cast @gol
+ -Wno-pragmas -Wno-prio-ctor-dtor -Wredundant-decls @gol
+ -Wrestrict -Wno-return-local-addr @gol
+@@ -6289,6 +6290,14 @@ made up of data only and thus requires no special treatment. But, for
+ most targets, it is made up of code and thus requires the stack to be
+ made executable in order for the program to work properly.
+
++@item -Wno-poison-system-directories
++@opindex Wno-poison-system-directories
++Do not warn for @option{-I} or @option{-L} options using system
++directories such as @file{/usr/include} when cross compiling. This
++option is intended for use in chroot environments when such
++directories contain the correct headers and libraries for the target
++system rather than the host.
++
+ @item -Wfloat-equal
+ @opindex Wfloat-equal
+ @opindex Wno-float-equal
+diff --git a/gcc/gcc.c b/gcc/gcc.c
+index 4f57765b012..a2601a6bb06 100644
+--- a/gcc/gcc.c
++++ b/gcc/gcc.c
+@@ -1042,6 +1042,8 @@ proper position among the other output files. */
+ "%{fuse-ld=*:-fuse-ld=%*} " LINK_COMPRESS_DEBUG_SPEC \
+ "%X %{o*} %{e*} %{N} %{n} %{r}\
+ %{s} %{t} %{u*} %{z} %{Z} %{!nostdlib:%{!r:%{!nostartfiles:%S}}} \
++ %{Wno-poison-system-directories:--no-poison-system-directories} \
++ %{Werror=poison-system-directories:--error-poison-system-directories} \
+ %{static|no-pie|static-pie:} %@{L*} %(mfwrap) %(link_libgcc) " \
+ VTABLE_VERIFICATION_SPEC " " SANITIZER_EARLY_SPEC " %o "" \
+ %{fopenacc|fopenmp|%:gt(%{ftree-parallelize-loops=*:%*} 1):\
+diff --git a/gcc/incpath.c b/gcc/incpath.c
+index bcbe2082905..5752298bbf2 100644
+--- a/gcc/incpath.c
++++ b/gcc/incpath.c
+@@ -26,6 +26,7 @@
+ #include "intl.h"
+ #include "incpath.h"
+ #include "cppdefault.h"
++#include "diagnostic-core.h"
+
+ /* Microsoft Windows does not natively support inodes.
+ VMS has non-numeric inodes. */
+@@ -393,6 +394,26 @@ merge_include_chains (const char *sysroot, cpp_reader *pfile, int verbose)
+ }
+ fprintf (stderr, _("End of search list.\n"));
+ }
++
++#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
++ if (flag_poison_system_directories)
++ {
++ struct cpp_dir *p;
++
++ for (p = heads[INC_QUOTE]; p; p = p->next)
++ {
++ if ((!strncmp (p->name, "/usr/include", 12))
++ || (!strncmp (p->name, "/usr/local/include", 18))
++ || (!strncmp (p->name, "/usr/X11R6/include", 18))
++ || (!strncmp (p->name, "/sw/include", 11))
++ || (!strncmp (p->name, "/opt/include", 12)))
++ warning (OPT_Wpoison_system_directories,
++ "include location \"%s\" is unsafe for "
++ "cross-compilation",
++ p->name);
++ }
++ }
++#endif
+ }
+
+ /* Use given -I paths for #include "..." but not #include <...>, and
+--
+2.22.1
+