reset upstream subtrees to yocto 2.6

Reset the following subtrees on thud HEAD:

  poky: 87e3a9739d
  meta-openembedded: 6094ae18c8
  meta-security: 31dc4e7532
  meta-raspberrypi: a48743dc36
  meta-xilinx: c42016e2e6

Also re-apply backports that didn't make it into thud:
  poky:
    17726d0 systemd-systemctl-native: handle Install wildcards

  meta-openembedded:
    4321a5d libtinyxml2: update to 7.0.1
    042f0a3 libcereal: Add native and nativesdk classes
    e23284f libcereal: Allow empty package
    030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
    179a1b9 gtest: update to 1.8.1

Squashed OpenBMC subtree compatibility updates:
  meta-aspeed:
    Brad Bishop (1):
          aspeed: add yocto 2.6 compatibility

  meta-ibm:
    Brad Bishop (1):
          ibm: prepare for yocto 2.6

  meta-ingrasys:
    Brad Bishop (1):
          ingrasys: set layer compatibility to yocto 2.6

  meta-openpower:
    Brad Bishop (1):
          openpower: set layer compatibility to yocto 2.6

  meta-phosphor:
    Brad Bishop (3):
          phosphor: set layer compatibility to thud
          phosphor: libgpg-error: drop patches
          phosphor: react to fitimage artifact rename

    Ed Tanous (4):
          Dropbear: upgrade options for latest upgrade
          yocto2.6: update openssl options
          busybox: remove upstream watchdog patch
          systemd: Rebase CONFIG_CGROUP_BPF patch

Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

7 files changed, 127 insertions, 17 deletions

diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch
index fcc2f0821..a77cd284b 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch
@@ -1,9 +1,10 @@
-From b3da0d8677b7e8467367a303c18551c56ed20e15 Mon Sep 17 00:00:00 2001
+From a5544d8e543436e413379422b702f6f56ac7eb8e Mon Sep 17 00:00:00 2001
 From: Philip Balister <philip@balister.org>
 Date: Tue, 12 Apr 2016 17:30:15 -0400
 Subject: [PATCH] Forcibly disable check for Qt5.
 
 Signed-off-by: Philip Balister <philip@balister.org>
+
 ---
  build/cmake/DefineOptions.cmake | 3 ---
  1 file changed, 3 deletions(-)
@@ -22,6 +23,3 @@ index 62e240f..f8b4493 100644
  if(${WITH_QT4} AND ${WITH_QT5} AND ${CMAKE_MAJOR_VERSION} LESS 3)
    # cmake < 3.0.0 causes conflict when building both Qt4 and Qt5
    set(WITH_QT4 OFF)
--- 
-2.5.5
-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch
index 7cc8d1739..182eacc0e 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch
@@ -1,7 +1,7 @@
-From bc577820ad25795543b31f123e309cdaebc7d6c6 Mon Sep 17 00:00:00 2001
+From b8e254a2f4ba49412e541598c72159869a7770f8 Mon Sep 17 00:00:00 2001
 From: Cody P Schafer <dev@codyps.com>
 Date: Mon, 16 May 2016 15:21:10 -0400
-Subject: [PATCH 1/2] THRIFT-3828 In cmake avoid use of both quoted paths and
+Subject: [PATCH] THRIFT-3828 In cmake avoid use of both quoted paths and
  SYSTEM with include_directories()
 
 This allows us to avoid issues where there are no paths to be added to
@@ -11,6 +11,7 @@ string).
 Specifically, gcc-6 requires that libraries stop passing paths like
 '/usr/include' (or they will get libstdc++ build errors), so these paths
 will be empty more often in the future.
+
 ---
  lib/cpp/CMakeLists.txt      | 8 ++++----
  lib/cpp/test/CMakeLists.txt | 2 +-
@@ -105,6 +106,3 @@ index 2b0c143..5ecae17 100644
  
  #Make sure gen-cpp files can be included
  include_directories("${CMAKE_CURRENT_BINARY_DIR}")
--- 
-2.9.3
-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch
index f13adbb6b..37715c281 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch
@@ -1,7 +1,7 @@
-From f6cad0580e5391c37af7f60adddb71bf1a403dc4 Mon Sep 17 00:00:00 2001
+From 7b05a74432f08ef34d0f8743dd6438ad012e3b5e Mon Sep 17 00:00:00 2001
 From: Cody P Schafer <dev@codyps.com>
 Date: Fri, 9 Sep 2016 15:50:26 -0400
-Subject: [PATCH 2/2] THRIFT-3831 in test/cpp explicitly use `signed char`
+Subject: [PATCH] THRIFT-3831 in test/cpp explicitly use `signed char`
 
 `char`'s signed-ness is implimentation dependent, and in the case where
 `char` was not signed, we previously recieved errors like
@@ -9,15 +9,16 @@ Subject: [PATCH 2/2] THRIFT-3831 in test/cpp explicitly use `signed char`
     thrift/0.9.3-r0/git/test/cpp/src/TestClient.cpp:404:15: error: narrowing conversion of '-127' from 'int' to 'char' inside { } [-Wnarrowing]
 
 (This example from gcc-6 on arm)
+
 ---
  test/cpp/src/TestClient.cpp | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/test/cpp/src/TestClient.cpp b/test/cpp/src/TestClient.cpp
-index e709899..4a961f8 100644
+index 7c425a9..7145ebb 100644
 --- a/test/cpp/src/TestClient.cpp
 +++ b/test/cpp/src/TestClient.cpp
-@@ -383,7 +383,7 @@ int main(int argc, char** argv) {
+@@ -381,7 +381,7 @@ int main(int argc, char** argv) {
       * BINARY TEST
       */
      printf("testBinary([-128..127]) = {");
@@ -26,7 +27,7 @@ index e709899..4a961f8 100644
          = {-128, -127, -126, -125, -124, -123, -122, -121, -120, -119, -118, -117, -116, -115, -114,
             -113, -112, -111, -110, -109, -108, -107, -106, -105, -104, -103, -102, -101, -100, -99,
             -98,  -97,  -96,  -95,  -94,  -93,  -92,  -91,  -90,  -89,  -88,  -87,  -86,  -85,  -84,
-@@ -404,7 +404,7 @@ int main(int argc, char** argv) {
+@@ -402,7 +402,7 @@ int main(int argc, char** argv) {
             127};
      try {
        string bin_result;
@@ -35,6 +36,3 @@ index e709899..4a961f8 100644
        if (bin_result.size() != 256) {
          printf("}\n*** FAILED ***\n");
          printf("invalid length: %lu\n", bin_result.size());
--- 
-2.9.3
-
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch
new file mode 100644
index 000000000..500cfab62
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch
@@ -0,0 +1,41 @@
+From 5f2c7e50b99d72177250c44236c41b99bfc161b5 Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.valek@siemens.com>
+Date: Thu, 7 Jun 2018 15:21:06 +0200
+Subject: [PATCH 4/6] %% original patch:
+ 0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch
+
+---
+ lib/cpp/src/thrift/transport/TSSLSocket.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index 98c5326..3da9e45 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -39,6 +39,7 @@
+ #include <thrift/transport/PlatformSocket.h>
+ 
+ #define OPENSSL_VERSION_NO_THREAD_ID 0x10000000L
++#define OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2 0x10100000L
+ 
+ using namespace std;
+ using namespace apache::thrift::concurrency;
+@@ -143,10 +144,15 @@ SSLContext::SSLContext(const SSLProtocol& protocol) {
+     ctx_ = SSL_CTX_new(SSLv3_method());
+   } else if (protocol == TLSv1_0) {
+     ctx_ = SSL_CTX_new(TLSv1_method());
++#if (OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2)
+   } else if (protocol == TLSv1_1) {
+     ctx_ = SSL_CTX_new(TLSv1_1_method());
+   } else if (protocol == TLSv1_2) {
+     ctx_ = SSL_CTX_new(TLSv1_2_method());
++#else
++  //Support for this versions will end on 2016-12-31
++  //https://www.openssl.org/about/releasestrat.html
++#endif
+   } else {
+     /// UNKNOWN PROTOCOL!
+     throw TSSLException("SSL_CTX_new: Unknown protocol");
+-- 
+2.19.0
+
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch
new file mode 100644
index 000000000..f4482b109
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch
@@ -0,0 +1,26 @@
+From 81f36e7174097a1f1f3e7f94a97574b2ec68577f Mon Sep 17 00:00:00 2001
+From: "James E. King, III" <jim.king@simplivity.com>
+Date: Thu, 29 Sep 2016 15:04:09 -0400
+Subject: [PATCH] THRIFT-3878: fix interop with newer OpenSSL libraries
+
+---
+ lib/cpp/src/thrift/transport/TSSLSocket.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index 3da9e45..0a3a124 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -97,7 +97,12 @@ void initializeOpenSSL() {
+   SSL_library_init();
+   SSL_load_error_strings();
+   // static locking
++  // newer versions of OpenSSL changed CRYPTO_num_locks - see THRIFT-3878
++#ifdef CRYPTO_num_locks
++  mutexes = boost::shared_array<Mutex>(new Mutex[CRYPTO_num_locks()]);
++#else
+   mutexes = boost::shared_array<Mutex>(new Mutex[ ::CRYPTO_num_locks()]);
++#endif
+   if (mutexes == NULL) {
+     throw TTransportException(TTransportException::INTERNAL_ERROR,
+                               "initializeOpenSSL() failed, "
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch
new file mode 100644
index 000000000..dfaa2fbda
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch
@@ -0,0 +1,46 @@
+From 4cd49f470ca983369451d1141acc80fe1115cab4 Mon Sep 17 00:00:00 2001
+From: Nobuaki Sukegawa <nsuke@apache.org>
+Date: Sun, 13 Mar 2016 08:55:38 +0900
+Subject: [PATCH] THRIFT-3736 C++ library build fails if OpenSSL does not
+
+ surrpot SSLv3
+
+---
+ lib/cpp/src/thrift/transport/TSSLSocket.cpp | 2 ++
+ lib/cpp/test/SecurityTest.cpp               | 8 ++++++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+index 0a3a124..3e79354 100644
+--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
++++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+@@ -145,8 +145,10 @@ static char uppercase(char c);
+ SSLContext::SSLContext(const SSLProtocol& protocol) {
+   if (protocol == SSLTLS) {
+     ctx_ = SSL_CTX_new(SSLv23_method());
++#ifndef OPENSSL_NO_SSL3
+   } else if (protocol == SSLv3) {
+     ctx_ = SSL_CTX_new(SSLv3_method());
++#endif
+   } else if (protocol == TLSv1_0) {
+     ctx_ = SSL_CTX_new(TLSv1_method());
+ #if (OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_WITH_TLSv1_1_AND_TLSv1_2)
+diff --git a/lib/cpp/test/SecurityTest.cpp b/lib/cpp/test/SecurityTest.cpp
+index 213efd4..08110e7 100644
+--- a/lib/cpp/test/SecurityTest.cpp
++++ b/lib/cpp/test/SecurityTest.cpp
+@@ -239,6 +239,14 @@ BOOST_AUTO_TEST_CASE(ssl_security_matrix)
+                     continue;
+                 }
+ 
++#ifdef OPENSSL_NO_SSL3
++                if (si == 2 || ci == 2)
++                {
++                    // Skip all SSLv3 cases - protocol not supported
++                    continue;
++                }
++#endif
++
+                 boost::mutex::scoped_lock lock(mMutex);
+ 
+                 BOOST_TEST_MESSAGE(boost::format("TEST: Server = %1%, Client = %2%")
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
index aa9328371..7ab74026b 100644
--- a/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
+++ b/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
@@ -12,6 +12,9 @@ SRC_URI = "http://mirror.switch.ch/mirror/apache/dist/thrift/${PV}/${BPN}-${PV}.
            file://0001-Forcibly-disable-check-for-Qt5.patch \
            file://0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch \
            file://0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch \
+           file://0004-THRIFT-3207-enable-build-with-OpenSSL-1.1.0-series.patch \
+           file://0005-THRIFT-3878-Compile-error-in-TSSLSocket.cpp-with-new.patch \
+           file://0006-THRIFT-3736-C++-library-build-fails-if-OpenSSL-does-.patch \
 "
 
 SRC_URI[md5sum] = "88d667a8ae870d5adeca8cb7d6795442"