CVE-2021-29221 is a Windows specific issue:
A local privilege escalation vulnerability was discovered in Erlang/OTP
prior to version 23.2.3. By adding files to an existing installation's
directory, a local attacker could hijack accounts of other users running
Erlang programs or possibly coerce a service running with "erlsrv.exe" to
execute arbitrary code as Local System. This can occur only under specific
conditions on Windows with unsafe filesystem permissions.
So ignore it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This restricts the Erlang RISC-V update from
0bab8c1089 to only enabling RISCV_64
rather than enabling builds on all platforms with toolchains that
include atomics.
This fixes build errors on SPARCv8 and other platforms that look like
this:
/tmp/ccD9Q9F7.s: Assembler messages:
/tmp/ccD9Q9F7.s:230: Error: Architecture mismatch on "cas [%g3],%g2,%g1".
/tmp/ccD9Q9F7.s:230: (Requires v9|v9a|v9b|v9c|v9d|v9e|v9v|v9m|m8; requested architecture is v8.)
Fixes:
http://autobuild.buildroot.net/results/a57/a5779e22c41eb63b8400409f26f96b924fdde1bc/
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
While Erlang will use it's own atomic operations, it can also use gcc
__atomic_* builtins. This is now listed in Erlang's HOWTO/INSTALL.md.
This change was necessary on RISC-V, since Erlang didn't have a built-in
implementation, but it was able to use gcc's __atomic_* functions.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The issue fixed by 0003-Link-with-LDLIBS-instead-of-LIBS-for-DED.patch (ERL-529)
has been fixed since OTP20.3 (a5cbcbdb85) and is no longer required.
OTP provides wrapper scripts (otp_build and configure) which perform tasks
previously handled directly by autotools i.e. autoreconf.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
[Thomas:
- drop the save_bootstrap step, which is not needed
- properly run the autoconf step for both the host and target
variants]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While Erlang includes a version of zlib, it's intended for Windows and
there's an expectation that non-Windows platforms provide it. It's also
not as regularly updated as the one in Buildroot. This change makes
Erlang always use a Buildroot-provided zlib.
Fixes this compile error:
CC /home/buildroot/autobuild/run/instance-0/output/build/erlang-21.0/erts/emulator/zlib/obj/x86_64-buildroot-linux-musl/opt/adler32.o
In file included from zlib/adler32.c:11:0:
zlib/zutil.h:172:39: error: "_LFS64_LARGEFILE" is not defined [-Werror=undef]
(!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
^~~~~~~~~~~~~~~~
See http://autobuild.buildroot.net/results/fc633f80c7c36a90e641487f5a888fbb767c2a54/.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The non-SMP scheduler was deprecated with the Erlang/OTP 20.0 release and
slated for removal with the next major Erlang release. Since the non-SMP
scheduler isn't even built anymore, this option no longer has the
intended effect of saving space or compile time. The SMP scheduler
supports both SMP and non-SMP processors, so removing the option will
not break any platforms.
We do not need to add a legacy entry, because the new behavior is the
same as with the option previously set (i.e. SMP enabled).
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.
This is a mechanical change with
git grep -l '\$(HOST_DIR)/usr' | xargs sed -i 's%\$(HOST_DIR)/usr%$(HOST_DIR)%g'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Explicitly set the ERL_TOP environment variable to override values set
on a user's system. This prevents Erlang's configure scripts from
using source files outside of the ones that Buildroot downloaded.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Quote from erlang configure without unixodbc:
checking for odbc in standard locations... no
configure: WARNING: No odbc library found skipping odbc
configure: WARNING: "ODBC library - header check failed"
configure: WARNING: "ODBC library - link check failed"
Quote from erlang configure with unixodbc:
checking for odbc in standard locations... -L/home/buildroot/br3_couchdb/output/host/usr/i586-buildroot-linux-uclibc/sysroot/usr/lib
checking for SQLAllocHandle in -lodbc... yes
To check for unixodbc support used by erlang use readelf:
$ output/host/usr/bin/i586-buildroot-linux-uclibc-readelf -a output/target/usr/lib/erlang/lib/odbc-2.11.1/priv/bin/odbcserver | grep NEEDED
0x00000001 (NEEDED) Shared library: [libodbc.so.2]
0x00000001 (NEEDED) Shared library: [libc.so.0]
Tested using this minimal defconfig:
BR2_PACKAGE_ERLANG=y
BR2_PACKAGE_ERLANG_SMP=y
BR2_PACKAGE_UNIXODBC=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Erlang/OTP 18.3 is a service release on the 18 track with mostly bug
fixes, but is does contain a number of new features and improvements as
well.
Some highlights of the release are:
. New statistics info about runnable and active processes & ports.
Call erlang:statistics with: total_run_queue_lengths |
run_queue_lengths | total_active_tasks | active_tasks.
. Time warp improvements: dbg:p/2 and erlang:trace/3 with
monotonic_timestamp |strict_monotonic_timestamp.
. Introduced a validation callback for heart.
. The module overload in sasl has been deprecated.
. ~90 contributions since 18.2
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This fixes an issue where an Erlang program compiles fine against files
in staging, but fails to run on the target due to the unwanted packages
being removed.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is a major release of Erlang that includes a licensing change from
the EPL to the Apache License, significant changes to the timer APIs, better
support for large maps, and security improvements.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Erlang can be built without threads support, by passing an
appropriate config option.
This commit drops the config dependency on BR2_TOOLCHAIN_HAS_THREADS
and instead passes --disable-threads if the toolchain doesn't support
threads.
While here, change the wording of the config comment to "dynamic
library" to be consistent with similar comments elsewhere.
Signed-off-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Using 'AC_EGREP_CPP(yes' without restraining the pattern always return
true if it runs from a path containing the string 'yes'.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Packages that depend on Erlang may need the Erlang Interface Version
(aka EI_VSN), so just export it.
We do export a static value instead of looking in the file, to avoid
spawning a shell every time the variable is dereferenced.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[johan.oudinet@gmail.com: update EI_VSN since the erlang update]
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The comment was missing the dependency on BR2_USE_MMU, and was using
'depends on !BR2_TOOLCHAIN_HAS_THREADS && BR2_STATIC_LIBS' while it
should in fact be '!BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS',
since we want show the comment *either* when we don't have threads
*or* when we are building a purely static lib system.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
For some platforms, hardware-assisted compare-and-swap may not be
available, so libatomic_ops will not provide it.
However, libatomic_ops can provide a purely software CAS emulation, but
must be instructed to do so. erlang just forgot to tell libatomic_ops
that it does require CAS.
Fix that by defining AO_REQUIRE_CAS before including atmoic_ops.h, like
is done in libunwind, as pointed out by Thomas.
Also, erlang has a convoluted, mind-alterating set on aclocal.m4 macros,
that just forgets to link against -latomic_ops when checking CAS is
available, so that even if CAS is available, configure chokes.
Since I would like to keep the little sanity I still have, just force
linking with -latomic_ops. This is useless when the check is natrally
sucessful (i.e. on platforms where CAS is available in HW), but we
would eventually link with -latomic_ops there, too; it's just redundant.
Overall, just consider that erlang requires libatomic_ops, so forcibly
depend on it, it is easier than trying to disable it. We can revisit
that whenever someone wants to run erlang on a platform for which there
is no libatomic_ops support.
Fixes a slew of autobuild ARM failures:
http://autobuild.buildroot.org/results/e7b/e7bfc4893dea6b133f0794ef44d50ad89bcb6662/http://autobuild.buildroot.org/results/3e9/3e9c307f1ec6536482641019dcaa94677f7267a3/http://autobuild.buildroot.org/results/a85/a85ca414e5b67af46510abd7b610eb5ae8661de4/
[...]
[Thomas: fix minor typos in commit log, add dependency on
BR2_PACKAGE_LIBATOMIC_ARCH_SUPPORTS to the Erlang comment about thread
and shared library dependency.]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Erlang/OTP 17.4 is a service release on the 17 track with mostly bug
fixes, but it does contain a number of new features and characteristics
improvements as well.
Some highlights of the release are:
- eldap: Nearly all TCP options are possible to give in the
eldap:open/2 call.
- ssh: Added API functions ptty_alloc/3 and ptty_alloc/4, to allocate a
pseudo tty.
- ssl: Handle servers that may send an empty SNI extension to the client.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.
As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.
This also helps preparing the addition of other options to select
shared, shared+static or just static.
Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Erlang/OTP 17.3 is a service release on the 17 track with mostly bug
fixes, but it does contain a number of new features and characteristics
improvements as well.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Erlang/OTP 17.1 is a service release on the 17 track with mostly bug
fixes, but it does contain a number of new features and characteristics
improvements as well.
Some highlights of the release are:
- crypto: Add aes_cfb8 cypher to crypto:block_encrypt and block_decrypt.
- diameter: Add result code counters for CEA, DWA, and DPA.
- erts: The following built in functions in the erlang and binary modules
now bump an appropriate amount of reductions and yield when out of
reductions:
binary_to_list/1, binary_to_list/3, bitstring_to_list/1,
list_to_binary/1,
iolist_to_binary/1, list_to_bitstring/1, binary:list_to_bin/1
- hipe: Handle Maps instructions get_map_elements, put_map_assoc,
put_map_exact in the HiPE native code compiler.
- mnesia: The time for inserting locks for a transaction with large
number of locks is reduced significantly.
- ssh: Option max_sessions added to ssh:daemon/{2,3}.
- stdlib: Add maps:get/3 to maps module. The function will return the
supplied default value if the key does not exist in the map.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Erlang/OTP 17.0 is a new major release with new features, characteristics
improvements, as well as some minor incompatibilities.
Some highlights of the release are:
- Erlang/OTP has been ported to the realtime operating system OSE.
- Maps, a new dictionary data type (experimental)
- A more natural mapping from ASN.1 OCTET STRING and BIT STRING to Erlang
types, and other ASN.1 improvements and optimizations
- The {active, N} socket option for TCP, UDP, and SCTP
- A new (optional) scheduler utilization balancing mechanism
- Migration of memory carriers has been enabled by default on all ERTS
internal memory allocators
- Increased garbage collection tenure rate
- Experimental "dirty schedulers" functionality
- Funs can now be given names
- Miscellaneous unicode support enhancements
- A new version scheme for OTP its applications has been introduced
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
OTP R16B03-1 is a service release which corrects a few issues found in
the R16B03 release. The corrections are:
- The ODBC application was missing in the prebuilt Windows installers
- 3 corrections in the SSL application:
- Add missing validation of the server_name_indication option and test for
its explicit use.
- Elliptic curve selection in server mode now properly selects a curve
suggested by the client, if possible.
- The server did not indicate support for secure renegotiation during TLS
extension handling.
- In the syntax tools application a bug was introduced which broke
reverting of local funs. This is now corrected (thanks to Anthony
Ramine)
- wx - Solved a problem which caused the debugger to crash when closing a
window. Fixed static linking on Mac.
- xmerl - Fixed a problem in the SAX-parser when the header of the next
document was appearing in the buffer when using the
xmerl_sax_parser:stream/2 function.
Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
