commit	220d5534d34c16d996dd3eb9c3dcc94591f5ded4	[log] [tgz]
author	Brad Bishop <bradleyb@fuzziesquirrel.com>	Tue Aug 14 00:59:39 2018 +0100
committer	Brad Bishop <bradleyb@fuzziesquirrel.com>	Wed Aug 29 19:44:03 2018 -0400
tree	9576094c44a78d81de247a95922d23d4aad8fb43
parent	8845f92d5dc18f9b0792c43621c96f4036393aac [diff]

poky: sumo refresh 874976b..45ef387

Update poky to sumo HEAD.

Alexander Kanavin (1):
      openssl: fix upstream version check for 1.0 version

Andre McCurdy (19):
      openssl_1.1: avoid using += with an over-ride
      openssl_1.1: minor recipe formatting tweaks etc
      openssl_1.0: merge openssl10.inc into the openssl_1.0.2o.bb recipe
      openssl_1.0: minor recipe formatting tweaks etc
      openssl_1.0: drop curly brackets from shell local variables
      openssl_1.0: fix cryptodev-linux PACKAGECONFIG support
      openssl_1.0: drop leading "-" from no-ssl3 config option
      openssl_1.0: avoid running make twice for target do_compile()
      openssl: remove uclibc remnants
      openssl: support musl-x32 build
      openssl: minor indent fixes
      openssl_1.0: drop obsolete ca.patch
      openssl_1.0: drop obsolete exporting of AS, EX_LIBS and DIRS
      openssl_1.0: drop unmaintained darwin support
      openssl_1.0: add PACKAGECONFIG option to control manpages
      openssl_1.0: squash whitespace in CC_INFO
      openssl: fix missing dependency on hostperl-runtime-native
      openssl_1.0: drop unnecessary dependency on makedepend-native
      openssl_1.0: drop unnecessary call to perlpath.pl from do_configure()

Andrej Valek (3):
      openssl-1.1: fix c_rehash perl errors
      openssl: update 1.0.2o -> 1.0.2p
      openssl: update 1.1.0h -> 1.1.0i

Anuj Mittal (1):
      wic/qemux86: don't pass ip parameter to kernel in wks

Changqing Li (1):
      unzip: fix CVE-2018-1000035

Hongxu Jia (2):
      nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10316
      patch: fix CVE-2018-6952

Jagadeesh Krishnanjanappa (19):
      libvorbis: CVE-2017-14160 CVE-2018-10393
      libvorbis: CVE-2018-10392
      flac: CVE-2017-6888
      libarchive: CVE-2017-14503
      libsndfile1: CVE-2017-14245 CVE-2017-14246
      libsndfile1: CVE-2017-14634
      coreutils: CVE-2017-18018
      libgcrypt: CVE-2018-0495
      git: CVE-2018-11235
      gnupg: CVE-2018-12020
      shadow: CVE-2018-7169
      procps: CVE-2018-1124
      python: CVE-2018-1000030
      qemu: CVE-2018-7550
      qemu: CVE-2018-12617
      perl: CVE-2018-6798
      perl: CVE-2018-6797
      perl: CVE-2018-6913
      perl: CVE-2018-12015

Joshua Watt (2):
      alsa-lib: Cleanup packaging
      swig: Remove superfluous python dependency

Ovidiu Panait (1):
      openssl-nativesdk: Fix "can't open config file" warning

Ross Burton (6):
      bzip2: use Yocto Project mirror for SRC_URI
      classes: sanity-check LIC_FILES_CHKSUM
      openssl: disable ccache usage
      unzip: fix symlink problem
      bitbake: utils/md5_file: don't iterate line-by-line
      bitbake: checksum: sanity check path when recursively checksumming

Change-Id: I262a451f483cb276343ae6f02c272af053d33d7a
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

poky/bitbake/lib/bb/checksum.py[diff]
poky/bitbake/lib/bb/utils.py[diff]
poky/meta/classes/base.bbclass[diff]
poky/meta/classes/license.bbclass[diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/ca.patch[Deleted - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/find.pl[Deleted - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl-util-perlpath.pl-cwd.patch[Deleted - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-Fix-build-with-clang-using-external-assembler.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-Fix-build-with-clang-using-external-assembler.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-allow-manpages-to-be-disabled.patch[Added - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-openssl-force-soft-link-to-avoid-rare-race.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/0001-openssl-force-soft-link-to-avoid-rare-race.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Makefiles-ptest.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/Makefiles-ptest.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Use-SHA256-not-MD5-as-default-digest.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/Use-SHA256-not-MD5-as-default-digest.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-musl-target.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-musl-target.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-targets.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/configure-targets.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/c_rehash-compat.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/c_rehash-compat.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/debian-targets.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/debian-targets.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-dir.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-dir.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-section.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/man-section.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-rpath.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-rpath.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-symbolic.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/no-symbolic.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/pic.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian/pic.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_digicert_malaysia.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_digicert_malaysia.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_diginotar.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/block_diginotar.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/soname.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/soname.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/version-script.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/debian1.0.2/version-script.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/engines-install-in-libdir-ssl.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/engines-install-in-libdir-ssl.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/oe-ldflags.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/oe-ldflags.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-c_rehash.sh[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl-c_rehash.sh - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-fix-des.pod-error.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl-fix-des.pod-error.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl_fix_for_x32.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/openssl_fix_for_x32.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/parallel.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/parallel.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest-deps.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/ptest-deps.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest_makefile_deps.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/ptest_makefile_deps.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-cflags.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/reproducible-cflags.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-mkbuildinf.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/reproducible-mkbuildinf.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/run-ptest[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/run-ptest - diff]
poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/shared-libs.patch[Renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2o/shared-libs.patch - diff]
poky/meta/recipes-connectivity/openssl/openssl/environment.d-openssl.sh[Added - diff]
poky/meta/recipes-connectivity/openssl/openssl_1.0.2o.bb[Deleted - diff]
poky/meta/recipes-connectivity/openssl/openssl_1.0.2p.bb[Renamed from poky/meta/recipes-connectivity/openssl/openssl10.inc - diff]
poky/meta/recipes-connectivity/openssl/openssl_1.1.0h.bb[Deleted - diff]
poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb[Added - diff]
poky/meta/recipes-core/coreutils/coreutils/CVE-2017-18018-1.patch[Added - diff]
poky/meta/recipes-core/coreutils/coreutils/CVE-2017-18018-2.patch[Added - diff]
poky/meta/recipes-core/coreutils/coreutils_8.29.bb[diff]
poky/meta/recipes-devtools/git/files/CVE-2018-11235.patch[Added - diff]
poky/meta/recipes-devtools/git/git.inc[diff]
poky/meta/recipes-devtools/nasm/nasm/0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch[Added - diff]
poky/meta/recipes-devtools/nasm/nasm/0001-assemble-Check-global-line-limit.patch[Added - diff]
poky/meta/recipes-devtools/nasm/nasm/0001-fix-CVE-2018-8882.patch[Added - diff]
poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb[diff]
poky/meta/recipes-devtools/patch/patch/0001-Fix-swapping-fake-lines-in-pch_swap.patch[Added - diff]
poky/meta/recipes-devtools/patch/patch_2.7.6.bb[diff]
poky/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch[Added - diff]
poky/meta/recipes-devtools/perl/perl/CVE-2018-6797.patch[Added - diff]
poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-1.patch[Added - diff]
poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch[Added - diff]
poky/meta/recipes-devtools/perl/perl/CVE-2018-6913.patch[Added - diff]
poky/meta/recipes-devtools/perl/perl_5.24.1.bb[diff]
poky/meta/recipes-devtools/python/python.inc[diff]
poky/meta/recipes-devtools/python/python/CVE-2018-1000030-1.patch[Added - diff]
poky/meta/recipes-devtools/python/python/CVE-2018-1000030-2.patch[Added - diff]
poky/meta/recipes-devtools/qemu/qemu/CVE-2018-12617.patch[Added - diff]
poky/meta/recipes-devtools/qemu/qemu/CVE-2018-7550.patch[Added - diff]
poky/meta/recipes-devtools/qemu/qemu_2.11.1.bb[diff]
poky/meta/recipes-devtools/swig/swig.inc[diff]
poky/meta/recipes-extended/bzip2/bzip2_1.0.6.bb[diff]
poky/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch[Added - diff]
poky/meta/recipes-extended/libarchive/libarchive_3.3.2.bb[diff]
poky/meta/recipes-extended/procps/procps/CVE-2018-1124.patch[Added - diff]
poky/meta/recipes-extended/procps/procps_3.3.12.bb[diff]
poky/meta/recipes-extended/shadow/files/CVE-2018-7169.patch[Added - diff]
poky/meta/recipes-extended/shadow/shadow.inc[diff]
poky/meta/recipes-extended/unzip/unzip/0001-unzip-fix-CVE-2018-1000035.patch[Added - diff]
poky/meta/recipes-extended/unzip/unzip/symlink.patch[Added - diff]
poky/meta/recipes-extended/unzip/unzip_6.0.bb[diff]
poky/meta/recipes-multimedia/alsa/alsa-lib_1.1.5.bb[diff]
poky/meta/recipes-multimedia/flac/files/CVE-2017-6888.patch[Added - diff]
poky/meta/recipes-multimedia/flac/flac_1.3.2.bb[diff]
poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch[Added - diff]
poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14634.patch[Added - diff]
poky/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb[diff]
poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch[Added - diff]
poky/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-10392.patch[Added - diff]
poky/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb[diff]
poky/meta/recipes-support/gnupg/gnupg/CVE-2018-12020.patch[Added - diff]
poky/meta/recipes-support/gnupg/gnupg_2.2.4.bb[diff]
poky/meta/recipes-support/libgcrypt/files/CVE-2018-0495.patch[Added - diff]
poky/meta/recipes-support/libgcrypt/libgcrypt_1.8.2.bb[diff]
poky/scripts/lib/wic/canned-wks/qemux86-directdisk.wks[diff]

90 files changed

tree: 9576094c44a78d81de247a95922d23d4aad8fb43

README.md

OpenBMC

The OpenBMC project can be described as a Linux distribution for embedded devices that have a BMC; typically, but not limited to, things like servers, top of rack switches or RAID appliances. The OpenBMC stack uses technologies such as Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your server platform.

Setting up your OpenBMC project

1) Prerequisite

Ubuntu 14.04

sudo apt-get install -y git build-essential libsdl1.2-dev texinfo gawk chrpath diffstat

Fedora 23

sudo dnf install -y git patch diffstat texinfo chrpath SDL-devel bitbake
sudo dnf groupinstall "C Development Tools and Libraries"

2) Download the source

git clone git@github.com:openbmc/openbmc.git
cd openbmc

3) Target your hardware

Any build requires an environment variable known as TEMPLATECONF to be set to a hardware target. You can see all of the known targets with find meta-* -name local.conf.sample. Choose the hardware target and then move to the next step. Additional examples can be found in the OpenBMC Cheatsheet

Machine	TEMPLATECONF
Palmetto	`meta-ibm/meta-palmetto/conf`
Zaius	`meta-ingrasys/meta-zaius/conf`
Witherspoon	`meta-ibm/meta-witherspoon/conf`

As an example target Palmetto

export TEMPLATECONF=meta-ibm/meta-palmetto/conf

4) Build

. openbmc-env
bitbake obmc-phosphor-image

Additional details can be found in the docs repository.

Build Validation and Testing

Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.

Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.

Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.

Submitting Patches

Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.

Bug Reporting

Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.

Features of OpenBMC

Feature List

REST Management
IPMI
SSH based SOL
Power and Cooling Management
Event Logs
Zeroconf discoverable
Sensors
Inventory
LED Management
Host Watchdog
Simulation
Code Update Support for multiple BMC/BIOS images
POWER On Chip Controller (OCC) Support

Features In Progress

Full IPMI 2.0 Compliance with DCMI
Verified Boot
HTML5 Java Script Web User Interface
BMC RAS

Features Requested but need help

OpenCompute Redfish Compliance
OpenBMC performance monitoring
cgroup user management and policies
Remote KVM
Remote USB
OpenStack Ironic Integration
QEMU enhancements

Finding out more

Dive deeper in to OpenBMC by opening the docs repository.

Contact

Mail: openbmc@lists.ozlabs.org https://lists.ozlabs.org/listinfo/openbmc
IRC: #openbmc on freenode.net
Riot: #openbmc:matrix.org