Fixes the following security issues:
- CVE-2017-8816: NTLM buffer overflow via integer overflow
- CVE-2017-8817: FTP wildcard out of bounds read
- CVE-2017-8818: SSL out of buffer access
For more details, see the changelog:
https://curl.haxx.se/changes.html#7_57_0
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Spotted by check-package:
package/ndisc6/ndisc6.mk:14: possible typo: NDISC8_DEPENDENCIES -> *NDISC6*
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The rauc host tool (used to generate update bundles) runs mksquashfs so
host-squashfs is required for it to work at runtime.
Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some packages (ex: skeleton-init-systemd) have a zero size so we cannot
divide by the package size. In that case make their percent zero
explicitly and avoid a ZeroDivisionError exception.
Signed-off-by: Andrey Yurovsky <yurovsky@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
If the Buildroot tree is read-only, then cache.txt is copied read-only into
the build directory, and the configuration step fails. Fix this in the
same way we do in other places, by opening permissions as we copy the file
using $(INSTALL).
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Make WebKitGTK+ honor the value of CMAKE_BUILD_TYPE defined in the CMake
toolchain file by backporting the following upstream WebKit patch:
https://trac.webkit.org/changeset/225168
This reduces the generated binary sizes when building in "Release" mode
(BR2_ENABLE_DEBUG=n), for example when targeting ARMv8 the size reduction
is ~17 MiB.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
If libbsd is found by the configuration process, mtools unnecessarily
adds a NEEDED field with libbsd to its dynamic section, but it does not
actually use anything from libbsd under Linux. The same may happen to
host-mtools if some libbsd package is installed on the host machine.
Prevent this by forcing configure to bypass the checking for the
existence of a gethostbyname function in libbsd.
I stumbled on this problem when I built host-mtools and later removed
libbsd to upgrade to Fedora 27, due to Bug 1504831[1]. The previously
built host/bin/mtools started to fail due to the missing libbsd.so.0.
1. https://bugzilla.redhat.com/show_bug.cgi?id=1504831
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This helps the toolchains.free-electrons.com build logic re-use
directly the Qemu command lines from this readme.txt file, by having a
-append option similar to the ones used in other readme.txt files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This helps the toolchains.free-electrons.com build logic re-use
directly the Qemu command lines from this readme.txt file, by having a
-append option similar to the ones used in other readme.txt files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Building the target google-breakpad requires building the host variant
of google-breakpad. Just like the target google-breakpad only supports
a limited number of architectures, it is the same for the host
google-breakpad.
We therefore introduce a
BR2_PACKAGE_HOST_GOOGLE_BREAKPAD_ARCH_SUPPORTS option that is used
where necessary to prevent the user from choosing Google Breakpad when
building on unsupported host platforms.
Fixes:
http://autobuild.buildroot.net/results/c7c04483508f9e4d629efa54571afeb1feaa5f73/
(build on a powerpc64le machine)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is invisible because the timings make it excessively difficult to
hit, but the Makefile is inherently flawed for parallel build, as it
contains:
$(objects): atsc_psip_section.c atsc_psip_section.h
atsc_psip_section.c atsc_psip_section.h:
perl section_generate.pl atsc_psip_section.pl
and the perl script section_generate.pl will create both the .c and .h
files in one go, but given the construct above, there can be two such
script that run in parallel, which can clobber the generated .c and/or
.h files.
So, make dvb-apps a MAKE1 package.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
linphone can optionally use libupnp, so this dependency should be
accounted for in linphone.mk. In addition, linphone is not compatible
with libupnp18, but misdetects it as a a proper libupnp, causing a
build failure.
The build failure with libupnp18 currently only happens on the next
branch (because libupnp18 has only been added there), but adding the
optional dependency on libupnp makes sense for the master branch
anyway.
Fixes:
http://autobuild.buildroot.net/results/473c686f9bc5335d25b720cf1b0c45389138a7b4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch to pdbg that fixes the build on the Blackfin
architecture. The build failure was due to the recently introduced
assembly code to embed the DTB into an object file. This code was not
taking into account the fact that Blackfin has a non-empty
__USER_LABEL_PREFIX__.
The patch has been submitted upstream.
Fixes:
http://autobuild.buildroot.net/results/2bf6f56303453fd2ba7e86882168d406ded4cc80/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Instead of overriding the _svn command and injecting --non-interactive,
change the default value of BR2_SVN to include this flag so the end user
can choose not to use the flag.
This change helps users behind corporate system rules which may not
allow them to locally cache credentials and require interactive mode.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
[Originally implemented by]
CC: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, wayland support is enabled when the wayland package is
enabled, not when the FreeRDP wayland client is enabled.
But the dependency on libxkbcomon is only enforced from Config.in
when the FreeRDP wayland client is enabled., but is added to build
dependencies when the wayland package is enabled.
As such, we can end up in a situation where the FreeRDP wayland
client is disabled, the wayland package is enabled, and the
libxkbcommon package is also disabled, which casues the build to
fail with:
Makefile:539: *** libxkbcommon is in the dependency chain of
freerdp that has added it to its _DEPENDENCIES variable without
selecting it or depending on it from Config.in. Stop.
Change the build dependency to actually be on the FreeRDP client
being enabled.
Fixes;
http://autobuild.buildroot.net/results/dc3e11f7076a8355f3d2f9cb49c6325dcf7084bd
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The 'include' directive in GNU make supports wildcards, but their
expansion has no defined sort order (GLOB_NOSORT is passed to glob()).
Usually this doesn't matter. However, there is at least one case where
it does make a difference: toolchain/*/*.mk includes both the
definitions of the external toolchain packages and
pkg-toolchain-external.mk, but pkg-toolchain-external.mk must be
included first.
For predictability, use ordered 'include $(sort $(wildcard ...))'
instead of unordered direct 'include */*.mk' everywhere.
Fixes [1] reported by Petr Vorel:
make: *** No rule to make target 'toolchain-external-custom', needed by '.../build/toolchain-external/.stamp_configured'. Stop.
[1] http://lists.busybox.net/pipermail/buildroot/2017-November/206969.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
[Arnout: also sort the one remaining include, of the external docs]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
parted uses libiconv but doesn't link with it. Add a patch to add it
to LIBADD of the library that uses it. iconv was already checked in
configure.ac, but only if i18n is enabled, so the iconv check is also
added unconditionally in configure.ac.
Also add an optional dependency on libiconv, so it is reproducible.
This was not detected in the autobuilders, since it only occurs when
libiconv exists (otherwise uClibc stubs will be used). libiconv
depends on !BR2_ENABLE_LOCALE and parted depends on BR2_USE_WCHAR. We
don't have such a configuration in the autobuilders.
Upstream status: sent to mailing list
http://lists.alioth.debian.org/pipermail/parted-devel/2017-November/005131.html
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Sjoerd Venema <srg.venema@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The bundled tinysvcmdns library is affected by CVE-2017-12087 [1]:
> An exploitable heap overflow vulnerability exists in the tinysvcmdns library
> version 2016-07-18. A specially crafted packet can make the library overwrite
> an arbitrary amount of data on the heap with attacker controlled values. An
> attacker needs send a dns packet to trigger this vulnerability.
shairport-sync has incorparated upstreams fixes in [2].
[1] https://bugs.launchpad.net/bugs/cve/2017-12087
[2] 1dbdf94811
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The fiber module uses the cpu_relax() macro, for which the MIPS
implementation uses the "pause" instruction, only available since
mips32r2 and mips64r2. In order to avoid build failures on
mips32/mips64, we disallow the selection of the fiber module for such
architecture variants.
This solution was suggested by Arnout Vandecappelle.
Fixes:
http://autobuild.buildroot.net/results/0439790b6f472e3d4b2d5431a05aa5b408f62e56/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This reverts commit 3861ce09d0.
As reported on IRC, runc v1.0.0-rc4 is not compatible with the docker-engine
version we are using, so lets revert for 2017.11:
20:27 < eschu> It looks like 25 days ago buildroot had runc updated to
1.0.0-rc4, which breaks compatibility with the docker-engine
version 17.05. Is there somewhere issues like this are
reported? Or is it just expected on non-release versions of
buildroot?
20:47 < Jacmet> eschu: ahh, so the new runc doesn't work with the old
docker-engine? what kind of errors do you get exactly?
20:49 < eschu> Jacmet: yes, runc made a change from -console to
--console-socket, which results in "Incorrect Usage" error
"flag provided but not defined: -console"
20:51 < eschu> Jacmet: basically docker-engine 17.05 uses -console, but
support for that was cut off in runc around the first 1.0.0
versions. I'll check the patches out, or might just
downgrade to buildroot 2017.08 release
20:51 < agb> Jacmet: unfortunately this issue has hit a number of distributions
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877146
20:53 < Jacmet> agb: thanks. I'll send a revert for 2017.11 and hopefully
we can make progress on the other docker packages for
2018.02
Cc: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add upstream patch to fix examples compile without OpenGL support, in
the Qt 5.9 version of qt5declarative.
Fixes [1]:
In file included from fbitem.h:49:0,
from mainwindow.cpp:42:
logo.h:52:11: error: 'GLfloat' does not name a type
const GLfloat *constData() const { return m_data.constData(); }
^
logo.h:57:15: error: 'GLfloat' has not been declared
void quad(GLfloat x1, GLfloat y1, GLfloat x2, GLfloat y2, GLfloat x3, GLfloat y3, GLfloat x4, GLfloat y4);
^
[...]
Makefile:610: recipe for target '.obj/mainwindow.o' failed
make[5]: *** [.obj/mainwindow.o] Error 1
make[5]: Leaving directory '.../build/qt5declarative-5.9.2/examples/quick/quickwidgets/qquickviewcomparison'
Makefile:70: recipe for target 'sub-qquickviewcomparison-make_first' failed
make[4]: *** [sub-qquickviewcomparison-make_first] Error 2
make[4]: *** Waiting for unfinished jobs....
[1] http://autobuild.buildroot.net/results/cef4abbe043f3aaad03c73e07cfab9d24c3d0fc9
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add upstream patch 'Don't include <xlocale.h>'.
Fixes Bug-10501 ([1]):
In file included from ./include/locale.h:1:0,
from /usr/include/libintl.h:103,
from ./include/libintl.h:2,
from glibc/locale/programs/charmap.c:25:
glibc/locale/locale.h:146:11: fatal error: xlocale.h: No such file or directory
# include <xlocale.h>
[1] https://bugs.busybox.net/show_bug.cgi?id=10501
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
- CVE-2017-14746:
All versions of Samba from 4.0.0 onwards are vulnerable to a use after
free vulnerability, where a malicious SMB1 request can be used to
control the contents of heap memory via a deallocated heap pointer. It
is possible this may be used to compromise the SMB server.
- CVE-2017-15275:
All versions of Samba from 3.6.0 onwards are vulnerable to a heap
memory information leak, where server allocated heap memory may be
returned to the client without being cleared.
There is no known vulnerability associated with this error, but
uncleared heap memory may contain previously used data that may help
an attacker compromise the server via other methods. Uncleared heap
memory may potentially contain password hashes or other high-value
data.
For more details, see the release notes:
https://www.samba.org/samba/history/samba-4.6.11.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since binutils commit 1a9ccd70f9a7 ("Fix the linker so that it will not
silently generate ELF binaries with invalid program headers. Fix readelf
to report such invalid binaries.") the behaviour has changed and
binutils tries to create a program header segment for which there is no
space. Thanks to Nicholas Piggin and his patch to Linux:
https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=ff45000fcb56b5b0f
Cedric fixed this in kvm-unit-tests commit 95062c20790d ("powerpc: add
-n to LDFLAGS") so bump to that version.
Since the patch 0001-remove-werror.patch needs to be adjusted, we take
this opportunity to reformat is as a Git patch.
Fixes:
http://autobuild.buildroot.net/results/80825b492abf61313637b109d6a0944b38d5f739
Signed-off-by: Cyril Bur <cyrilbur@gmail.com>
[Thomas: add necessary hash change, refresh patch that was not
applying anymore.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
boot.cmd using dts file instead of dtb which was
added in below commit, so fix the same.
"board: Add Bananapi M1 support"
(sha1: 5f50fb8d1d)
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit fixes the following build issue of libfastjson with old
enough compilers (4.8) and wchar disabled:
json_object.c: In function 'fjson_object_object_delete':
json_object.c:385:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int i = 0 ; i < FJSON_OBJECT_CHLD_PG_SIZE ; ++i) {
^
The code of libfastjson requires C99. If your compiler is recent
enough (gcc 5.x), then no problem, it is C99 by default, no additional
flags are needed.
If your compiler is older (for example gcc 4.8), then -std=c99 or
-std=gnu99 is explicitly needed to tell the compiler to accept C99
constructs. Testing the compiler for the availability of such flags is
done by libfastjson configure script. However, the test program used
by the configure script uses some wchar_t types, and therefore the
test checking for C99 availability fails on toolchains with wchar
disabled. From config.log:
configure:3928: checking for /home/test/buildroot/output/host/usr/bin/i586-buildroot-linux-uclibc-gcc option to accept ISO C99
[...]
configure:4077: /home/test/buildroot/output/host/usr/bin/i586-buildroot-linux-uclibc-gcc -std=gnu99 -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c >&5
conftest.c:54:3: error: unknown type name 'wchar_t'
const wchar_t *name;
^
So, just like we did in libv4l in commit
f01396a158 ("libv4l: fix uclibc-ng
configure/compile"), let's hint directly the configure script that it
should use -std=gnu99. This fixes the build of libfastjson with old
compilers and wchar disabled.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is needed to get the autobuilders to use a toolchain that
includes the fix merged in 9d544feb8a
("fwup: fix for ARC toolchain").
In addition, this new toolchain version also fixes for real the RPATH
issue that should have been fixed by
f90f28a6df, but wasn't done properly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 06a4975d4b (qt5: bump LTS version to 5.6.3) added an empty hash
for the 5.6.3 variant of qt5webkit, causing failures.
It also forgot to adjust the download URL as the qt5webkit tarballs are no
longer available under official_releases/ like the other submodules, but only
under community_releases/.
Fix both issues.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, ssl support is implicitely disabled in the initial configure
options. This overrides the check for openssl below.
libpjsip is also currently only compatible with libopenssl. Change
the check to LIBOPENSSL instead of openssl, and depend on libopenssl.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Contains a number of important fixes. From the relase notes:
https://lists.zx2c4.com/pipermail/wireguard/2017-November/001935.html
* netlink: plug memory leak
* qemu: check for memory leaks
There was a small memory leak on the netlink configuration layer that's now
been fixed.
* netlink: make sure we reserve space for NLMSG_DONE
A rather important change - due to an upstream kernel bug, that's existed
since the advent of netlink itself, sometimes wg(8) failed to receive valid
data back from kernelspace, resulting in "ENOBUFS" when trying to dump all
peers. This patch works around it while we wait for upstream to commit the
fix.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we do a full git clone of the repository, which takes quite
some time, especially on slow networks.
This was done like that because the initial patch was using the official
repository as the source of the download, and that repository did not
offer remotely-generated tarballs.
But now we've switched to using a mirror on github, which does provide
such a tarball, which provides faster downloads.
Use that.
However, the tarball from github differs from the one we were generating
locally, because the paths inside are different. WE used to create a
archive with paths starting with glibc-glibc-2.26-73-g4b692dfb95[...],
while github does away with the git-describe prefix, and generates paths
that start with just glibc-4b692dffb95[...]. The content are exactly
identicall (checked with a diff), though.
Update the hash accordingly.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 1e5a8916b2.
The idea was that the version string can be derived because we know the
package name.
However, this patch does not account for the fact that $(pkgname) always
points to the latest pacakge scanned, which in all other situation we're
using it, is the current package, because it is used inside one ot he
xxx-inner macros that are $(eval)ualed. So $(pkgname) is evaluated
"early" and gets the expected value.
However, the github value is not in one of those macros, so it gets
evaluated "late", when doing the actual download. So, by that time,
$(pkgname) will expand to the last package scanned, which is actuall the
manual (without a br2-external tree).
That would require that the _SITE variable be assigned with the :=
assignment operator. This is weird, because that would make it the only
variable to require that, but only when using the github helper, which
is even less obvious and would cause a lot of trouble...
The obvious fixup would seem to be to use $(PKG) instead, because that
already contains the upper-case package name that vcan be used as a
prefix to variables.
However, that does not work either, because we have a check that forbids
a trsailing slash in _SITE, check that is done in pacakge/pkg-generic,
inside the xxx-inner macro, during the $(eval) call.
And at that time, PKG is not yet defined, because it is only defined for
an actual recipe.
So we can't seem to have a workable solution. So, just revert the patch.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, FreeRDP uses pkg-config to find whether wayland is available.
When it is, it gets the CFLAGS and LDFLAGS and so on from pkg-config,
which is OK.
But I also gets the path to the wayland scanner from pkg-config. And
this points to the target one, when we really need the host one.
So we force-feed the correct path as a configure option.
Furthermore, wayland support needs libxkbcommon, so add this missing
dependency as well.
Fixes:
http://autobuild.buildroot.org/results/bdfe233ade36a56d0f65ef3c3d1698fca548beed/
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we only depend on host-pkgconf for gstreamer-0.x
However, we also need it at least for gstreamer-1.x and waylabnd, too.
But since FreeRDP is a cmake package, host-pkgconf is always pulled in
as a dependency by the cmake-package infrastructure.
So, drop the gstreamer-conditional host-pkgconf dependency.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed the following security issues:
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic
authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
For more details, see the release notes:
https://www.ruby-lang.org/en/news/2017/09/14/ruby-2-4-2-released/
Drop now upstreamed rubygems patches and add hashes for the license files
while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING is enabeld,
wpa_supplicant currently fails to build with:
../src/common/sae.o: In function `sae_cn_confirm.isra.2':
sae.c:(.text+0x168): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x198): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ffc':
sae.c:(.text+0x214): undefined reference to `crypto_bignum_to_bin'
sae.c:(.text+0x22c): undefined reference to `crypto_bignum_to_bin'
../src/common/sae.o: In function `sae_cn_confirm_ecc':
sae.c:(.text+0x2a4): undefined reference to `crypto_ec_point_to_bin'
sae.c:(.text+0x2c0): undefined reference to `crypto_ec_point_to_bin'
[...]
This is due to the fact that the SAE code, used for the mesh network
support, needs OpenSSL support. Therefore, we ensure that
BR2_PACKAGE_WPA_SUPPLICANT_MESH_NETWORKING selects OpenSSL. Only
OpenSSL is supported, which is why
BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL is selected as well.
No changes to the .mk files are needed, because we were already
handling OpenSSL as an optional dependency.
This problem was not yet caught by the autobuilders.
Reported-by: Maxime Ripard <maxime.ripard@free-electrons.com>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package includes some target-specific code that is irrelevant
in a host package but gets built anyway. The target for this code
must be one of the supported ChromeOS targets.
Supplied Makefile apparently relies on the environment to provide
a valid target, with a simple fallback to host arch. This breaks
the build if no value is provided and the host arch is not among
the supported ones.
Should fix
http://autobuild.buildroot.net/results/d118a83b6c4f7f910d0d44c279f36251d7ba29e8/
and similar failures.
Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
All Buildroot pre-built toolchains have been rebuilt with Buildroot
2017.11-rc1, so that they have the latest version of
glibc/musl/uClibc, and also the latest gcc/binutils updates.
Specifically, this will fix the build failures on Blackfin that were
due to the missing accept4() support:
http://autobuild.buildroot.net/results/8b5a72dd7cde685f6f68f46aeee8b1b60c96d559/
(openobex)
http://autobuild.buildroot.net/results/b19dd9ed29944d7f79c6f824669e3baaa0bb045a/
(libiio)
In terms of changes to the toolchains:
- AArch64 glibc toolchain changed to use 4.4 kernel headers instead
of 4.1, in order to increase the variety of kernel header versions
being tested.
- Most configurations now use 4.13 kernel headers instead of 4.12
(except the configurations that were explicitly using an older
kernel headers version)
- The mips64 n64 configuration is changed from using gcc 4.9 to gcc
5, since another ARM configuration already tests gcc 4.9.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the changelong:
Set the FD_CLOEXEC flag on sockets, so they are not "leaked" to
spawned processes
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
CVE-2017-12172: Start scripts permit database administrator to modify
root-owned files.
CVE-2017-15098: Memory disclosure in JSON functions.
CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT
privileges.
See the announcement for more details:
https://www.postgresql.org/about/news/1801/
While we're at it, also add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is a maintenance release of the current stable WebKitGTK+ version,
which contains a minor rendering fix, another for the WebDriver
implementation, and security fixes for CVE-2017-13798, CVE-2017-13788,
and CVE-2017-13803.
Release notes:
https://webkitgtk.org/2017/11/10/webkitgtk2.18.3-released.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go-bootstrap is a host package that builds a first stage Go compiler,
later used to build the final Go compiler. However, this first stage
compiler only supports building on x86, x86-64 and arm as host
architectures, so we need to add the relevant architecture
dependencies to avoid having go-bootstrap built on other unsupported
platforms.
We do this by introducing BR2_PACKAGE_HOST_GO_BOOTSTRAP_ARCH_SUPPORTS
in a new package/go-bootstrap/Config.in.host file. This option is then
used by BR2_PACKAGE_HOST_GO_ARCH_SUPPORTS to make sure we can't enable
Go packages when the host architecture doesn't allow building the Go
compiler.
Fixes:
http://autobuild.buildroot.net/results/cbd419c6ab6fa8a6d18dc137c91f895867e53b8a/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The prosody configure script defines CFLAGS as -fPIC -Wall, but
because we pass our own CFLAGS, the -fPIC goes away, causing a build
failure when building shared libraries on x86-64:
/home/test/autobuild/run/instance-0/output/host/opt/ext-toolchain/bin/../lib/gcc/x86_64-amd-linux-gnu/6.2.0/../../../../x86_64-amd-linux-gnu/bin/ld: encodings.o: relocation R_X86_64_32 against `.rodata' can not be used when making a shared object; recompile with -fPIC
So let's pass this -fPIC flag explicitly in CFLAGS. We don't bother
passing it conditionally !BR2_STATIC_LIBS because other packages (e.g
lua) also pass -fPIC unconditionally.
Fixes:
http://autobuild.buildroot.net/results/7f0eb285b75cdeacb21a1f9a9f64d2f0cbbf1d59/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent crypto handling change (commit 04a1031d3: package/libssh2: Add
selectable crypto libraries) had the unfortunate side effect that it no
longer automatically selects the most suitable crypto backend (E.G. one
where the dependency is already enabled), so all users not wanting to use
the mbedtls backend need to explicitly configure this.
Fix this by inverting the logic so the crypto backend sub options use
'depends on' their dependencies instead of 'select', so only the available
backends are displayed.
Like before, default to openssl if no crypto backend dependencies are
currently enabled.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
uClibc doesn't implement __register_atfork() on noMMU systems, causing
a build failure of libressl. Since openssl is available as an
alternative on such platforms, we just disable libressl on
uClibc/noMMU systems.
Fixes:
/home/thomas/projets/buildroot/output/build/libressl-2.5.5/crypto/.libs/libcrypto.a(arc4random.o): In function `_rs_init.part.1':
arc4random.c:(.text+0x74): undefined reference to `__register_atfork'
collect2: error: ld returned 1 exit status
This build issue is not visible in the autobuilders, because libressl
is only selectable through a choice, which isn't randomized by the
autobuilder logic.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump kernel to 4.13.11 and U-Boot to 2017.09.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ethtool has a configure script option allowing the enabling or disabling of
pretty printing for drivers, SFP modules etc which can save a significant
amount of bytes on the root filesystem. Allow selecting that, and turn it on by
default (like ethtool's configure script).
[Peter: fix Config.in indentation/style]
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/49d/49dcec0bd2f3bb78c18675a9fa5c9c53cc183fd2/
g_cclosure_marshal_VOID__VOID is defined both in libgobject.a and
libgstreamer.a. It is probably possible to fix this, but gstreamer0.10
has been deprecated for a long time now and is anyway unlikely to be
used in static-only situations, so let's just require dynamic linking.
Propagate to the reverse dependencies. opencv3 already did depend on
dynamic libs.
[Peter: add autobuild reference]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We use the host compiler for x86-64 builds, so ensure it is only available
on x86-64 hosts.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Update kernel to 4.13 and U-Boot to 2017.09.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/106/106af20196089e74c35daabdae46f030981600bd/
Otherwise the (handwritten) configure script uses a config.guess script from
2010 to figure out the build host, breaking builds on ppc64le hosts.
The result of --host / --build is only used to detect if we are building for
Windows or not, which is why things are working on x86(-64) build hosts
without specifying --host even though we are cross compiling - But this may
change in the future, so we better pass the correct values.
Passing extra jimtcl configure flags is unfortunately not forseen in the
usb_modeswitch Makefile, so add a small patch making this possible.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d13/d137680bf1c0ebfacef635cb2f0fc14524759143/
Otherwise the (handwritten) configure script uses a config.guess script from
2010 to figure out the build host, breaking builds on ppc64le hosts.
The result of --host / --build is only used to detect if we are building for
Windows or not, which is why things are working on x86(-64) build hosts
without specifying --host even though we are cross compiling - But this may
change in the future, so we better pass the correct values.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://github.com/libimobiledevice/libplist/blob/master/NEWS
This version bump fixes
* CVE-2017-6440
* CVE-2017-6439
* CVE-2017-6438
* CVE-2017-6437
* CVE-2017-6436
* CVE-2017-6435
* CVE-2017-5836
* CVE-2017-5835
* CVE-2017-5834
* CVE-2017-5545
* CVE-2017-5209
... and several others that didn't receive any CVE (yet).
The dependency to libxml2 was removed.
Autoreconf is not needed anymore, the upstream tarball includes a
configure script.
[Peter: also drop host-pkgconf dependency, only used for cython]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove --enable-abstract-sockets; dropped upstream. Remove
ac_cv_have_abstract_sockets that is dropped as well.
Remove --disable-selinux; we handle selinux as an optional dependency
below.
Remove --{enable,disable}-dnotify; this options has been removed in
version 1.7.6, broken since 2010.
Remove --with-init-scripts; dropped upstream.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump kernel module git revision to make it work with Linux v4.13.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When multiple hooks are registred, both pre-a and post-command hooks'
foreach loops need to have a separator at the end in order for the
code to work as intended. Without the separator all hooks end up as a
one single line command thus making all but the first hook into
no-ops.
Fixes: 4628b6f3b4 ("fs: add pre- and post-command hooks")
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The -m32 compiler flag is used for 32bit builds and the host tools have
limited architecture support. It may work in some situations (e.g.
on aarch64 host when building a 64-bit target), but it's equally likely
that it breaks and those situations are not tested. So just limit to
x86(-64) hosts.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: explain that it may work in some situations]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The -m32 compiler flag is used for 32bit builds and host-luajit has
limited architecture support. Building for a 32-bit target on a 32-bit
host should always work, but we haven't tested that and it's very
unlikely that someone needs it. So just limit to x86(-64) hosts.
Fixes:
http://autobuild.buildroot.net/results/5f5b5edb058efe976c003678e21bcc28a87cc828/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: clarify that it might work on 32-bit hosts for a 32-bit target]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
ti-gfx is provided as a x86 self extracting executable, so it is only
available on x86(-64) hosts.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Since version 3.0.0 protobuf is compatible with Python3, remove
Python2-only dependency.
It depends on python-six now, add this missing dependency.
Signed-off-by: Alexey Roslyakov <alexey.roslyakov@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
When prefix is set to a path like /usr during crossbuild
the sed operations end up executing twice, once for the prefix
reassignment and another for includedir if it is set as a string
including the ${prefix} variable. This results in an issue
when the build directory is under /usr.
This patch updates the remaining location which uses the prefix
variable to also sed and update to use the real path.
Upstream bug report:
https://bugs.python.org/issue31713
Buildroot bug:
https://bugs.busybox.net/show_bug.cgi?id=10361
Fixes failures like the following:
dbus-python-1.2.4 | NOK | http://autobuild.buildroot.net/results/758858efa97b6273c1b470513f5492258a6d8853
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Arnout: refer to autobuild failures that still exist]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
SOURCE_DATE_EPOCH is currently forcibly set (to either the git commit
date, or the last release date).
However, the spec mandates that it should not be modified if already
set: https://reproducible-builds.org/specs/source-date-epoch/
Build systems MUST NOT overwrite this variable for child
processes to consume if it is already present.
Abide by the rule, and only set it if not already set.
This will allow users to pass it from an upper-layer buildsystem (e.g. a
jenkins or gitlab-ci job, for example), when they have a reson to do so.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Reported-by: Einar Jón Gunnarsson <tolvupostur@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Einar Jón Gunnarsson <tolvupostur@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, the selection of the backend is based on a priority order,
which is not always desirable: not all features are available for all
backends, as reported upstream:
https://github.com/libssh2/libssh2/issues/213
In that particular case, the problem is that libgcrypt is unable to
read encrypted certificates created with openssl, but it is likely
that other incompatibilities exist as well.
As such, allow a user to select the backend most appropriate to their
use-case.
Note that this changes the defaults: previously, if openssl was already
selected and we additionally select libssh2, openssl would be used as
a backend. Now, mbedtls is the default so if the user doesn't change
it, mbedtls will be used.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
[Arnout: remove now-unneeded comment in .mk file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Peter: add license hash, fix Config.in, correct license as pointed out by
Yegor]
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-luajit has limited architecture support, and moarvm does not need
anything luajit specific - So use host-lua instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch bumps mono to version 5.4.0.201 and monolite
to version 1050400003.
It also removes a patch not needed anymore.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The rfkill program has been incorporated to the util-linux package.
The new implementation is based upon, and backward compatible with, the
original rfkill from Johannes Berg and Marcel Holtmann.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add systemd start-up configuration for dhcpcd that is executed after
the network has been brought up.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Many Buildroot users can not read Dutch. Although there is an English
version of this page, the github page looks more suitable as a link for
the software package itself, and the readme.md file is pretty
informative.
Cc: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 49a9fb0f13 removed the
BR2_PACKAGE_OPENOBEX_BLUEZ option, because BlueZ support is now
unconditionally included in OpenOBEX. Therefore, selecting this legacy
option no longer makes sense, and in fact triggers the legacy handling
for no reason.
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Samuel Martin <s.martin49@gmail.com>
[Thomas: tweak commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Back in commit a662ff7e79
("package/argp-standalone: Fix build with c99 compilers"), we fixed
the build of argp-standalone with compilers defaulting to C99 inline
semantics, i.e starting from gcc 5.x.
This was done as part of a patch that used "inline" instead of "extern
inline". However, using "inline" once again broke the build with gcc
7.x. To fix this, revert back to using just "extern inline" (hence
removing a patch of patch 0003-fix_build_with_c99_compilers.patch) and
instead use -fgnu89-inline in the CFLAGS.
See https://gcc.gnu.org/gcc-5/porting_to.html for more details.
Fixes:
http://autobuild.buildroot.net/results/a9cedc54829b7bd2dd7ae6ff2bd6c6db242f1c35/
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Thomas: also drop the patch of
0003-fix_build_with_c99_compilers.patch that is no longer needed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Update libssh2 to use the newest version from git. This caused a
transition from released version number to hash as it has not been
version rev'd in over a year (see issue
https://github.com/libssh2/libssh2/issues/220 for bump request).
This brings in changes to the autoconf to correctly pick the crypto
library.
Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the advisory:
http://www.openwall.com/lists/oss-security/2017/10/30/4
It was discovered that the bgpd daemon in the Quagga routing suite does
not properly calculate the length of multi-segment AS_PATH UPDATE
messages, causing bgpd to drop a session and potentially resulting in
loss of network connectivity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fix CVE-2016-2779: runuser in util-linux allows local users to escape to
the parent session via a crafted TIOCSTI ioctl call, which pushes
characters to the terminal's input buffer.
The new experimental "su --pty" feature has been implemented to fix this
issue. The feature is not enabled by default and the new command line
option --pty is necessary.
Add rfkill, a command for enabling and disabling wireless devices. This
implementation is based upon, and backward compatible with, the original
rfkill from Johannes Berg and Marcel Holtmann, currently provided by the
standalone "rfkill" package.
Add uuidparse, a command to analyze and print information about UUID's.
The "reset" script is not part of utill-linux anymore. Add a legacy
config telling the user to use either BusyBox or the ncurses program.
Drop the ncursesw patch, allready applied upstream. AUTORECONF is not
required anymore.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bug fix release:
- correctly handle signal interrupts when polling in gpiod_simple_event_loop()
- fix the linking order when building with static libraries
- pass the correct consumer string to gpiod_simple_get_value_multiple() in
gpioget
- fix a line test case: don't use open-drain or open-source flags for input
mode
- fix the flags passed to ar in order to supress a build warning
- set the last error code in gpiod_chip_open_by_label() to ENOENT if a chip
can't be found
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
swupdate 2017.07 has a bug which makes hash verification faulty.
The commit adds a patch to fix the issue. The fix has already been
pushed to upstream and is a copy of the commit
dba95dcd3739c604a81ffa2df2545e7a4cd430cf in the swupdate repo [1].
[1] https://github.com/sbabic/swupdate
Signed-off-by: Maksim Salau <msalau@iotecha.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The build of the cryptodev-linux version used in Buildroot is currently
broken for kernels >= 4.13. A fix was pushed upstream:
f0d69774af
This patch bumps the cryptodev-linux package version to use the latest
available one, which includes the commit fixing the build for recent
kernels.
Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The basic lvm2 package (libdevmapper / dmsetup) does build under musl, only the
standard (full) installation doesn't.
Many setups only need the basic package, so move the !musl dependencies down
to the sub options and adjust the reverse dependencies (cryptsetup/dmraid)
to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas: adjust Config.in comments and dependencies.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds 5_6_3 to the Timeline patch that fixed the build with
Qt 5.6.2.
Signed-off-by: Scott Ellis <scott@jumpnowtek.com>
[Thomas: adjust patch existing patch description.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Open-source software for volunteer computing and grid computing.
Use the idle time on your computer to cure diseases, study global
warming, discover pulsars, and do many other types of scientific
research.
https://boinc.berkeley.edu
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Bernd:
- bumped to version 7.8.3
- removed patches which where applied upstream
- added myself to DEVELOPERS as well]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Upstream socat2 branch seems to be dead. Last commit is from January
2016 . Over the last few years socat2 received only fixes cherry picked
from the master 1.x branch. Most major general purpose distros only
package socat 1.x.
Drop the threads dependency; not needed for 1.x.
Mention the OpenSSL exception in the license. Add hashes for license
files.
Correct the autoconf comment. The tarball configure script is recent
enough. But since we patch configure.in and Makefile.in we still need to
autoconf.
All patches we carry for socat2 are also needed for socat 1.x.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
glibc upstream has ruled against doing regular point-releases, but they
do have a lot of interesting and important fixes for regressions and
security.
Backporting each patch, or cherry-picking individual patches is off
limits for us, so we just switch to using the currently-latest HEAD of
the maintenance branch instead.
The version number is obtained with:
$ git describe --match 'glibc-*' --abbrev=40 origin/release/2.26/master
The alternative options were:
- download the tarball from the git tree
--> does not work; not an option
- download the 2.26 tarball, and bundle the individual patches in
Buildroot
--> maintenance of patches is a burden; not an option
- download the 2.26 tarball, maintain the list of patches to download from
the git tree
--> not an option for the same reason
So we end up just doing a git clone. The git tree is today about ten
times the size of the tarball, so a rough estimate makes it at about ten
times the download time.
Also upstream doesn't officially provide an https download location [1].
There is one but it's not reliable, sometimes the connection time out and
end-up with a corrupted git repo:
fatal: unable to access 'https://sourceware.org/git/glibc.git/': Failed to connect to sourceware.org port 443: Connection timed out
So switch to using a git mirror from github which is updated once a day [2].
This allow at the same time to clone the git repository faster.
Note: The glibc 2.26 patches are not kept for the arc toolchain since they
are fixing an issue with the new float128 support introduced in x86, x86_64
and powerpc64le.
[1] https://sourceware.org/git/?p=glibc.git;a=summary
[2] https://github.com/bminor/glibc.git
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Evgeniy Didin <didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
[Romain: bump 4b692dffb95ac4812b161eb6a16113d7e824982e]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: update comment to never decide on the mirror]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reorganize so the optional composer option for the qt5wayland package shows up
as an indented option.
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-13089: The http.c:skip_short_body() function is called in some
circumstances, such as when processing redirects. When the response is sent
chunked, the chunk parser uses strtol() to read each chunk's length, but
doesn't check that the chunk length is a non-negative number. The code then
tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but
ends up passing the negative chunk length to connect.c:fd_read(). As
fd_read() takes an int argument, the high 32 bits of the chunk length are
discarded, leaving fd_read() with a completely attacker controlled length
argument.
CVE-2017-13090: The retr.c:fd_read_body() function is called when processing
OK responses. When the response is sent chunked, the chunk parser uses
strtol() to read each chunk's length, but doesn't check that the chunk
length is a non-negative number. The code then tries to read the chunk in
pieces of 8192 bytes by using the MIN() macro, but ends up passing the
negative chunk length to retr.c:fd_read(). As fd_read() takes an int
argument, the high 32 bits of the chunk length are discarded, leaving
fd_read() with a completely attacker controlled length argument. The
attacker can corrupt malloc metadata after the allocated buffer.
Drop now upstreamed patch and change to .tar.lz as .tar.xz is no longer
available.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a maintenance release of the current stable WebKitGTK+ version,
which contains bugfixes; mostly for crashes and rendering issues, plus
one important fix for the layout or Arabic text.
Release notes:
https://webkitgtk.org/2017/10/27/webkitgtk2.18.2-released.html
Even though an acconpanying security advisory has not been published
for this release, the release contains fixes for several crashes (one
of them for the decoder of the very common GIF image format), which
arguably can be considered potential security issues.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-15906 - The process_open function in sftp-server.c in OpenSSH
before 7.6 does not properly prevent write operations in readonly mode,
which allows attackers to create zero-length files.
For more details, see the release notes:
https://www.openssh.com/txt/release-7.6
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
3.2.11 fixes important issues. From the release notes:
================================================================================
Redis 3.2.11 Released Thu Sep 21 15:47:53 CEST 2017
================================================================================
Upgrade urgency HIGH: Potentially critical bugs fixed.
AOF flush on SHUTDOWN did not cared to really write the AOF buffers
(not in the kernel but in the Redis process memory) to disk before exiting.
Calling SHUTDOWN during traffic resulted into not every operation to be
persisted on disk.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-2888 - An exploitable integer overflow vulnerability exists
when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can
cause an integer overflow resulting in too little memory being allocated
which can lead to a buffer overflow and potential code execution. An
attacker can provide a specially crafted image file to trigger this
vulnerability.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d59/d5992dcc9a49ee77afaebdcc9448ac1868fa7de1/http://autobuild.buildroot.net/results/e89/e894f21ce1983ee3bd8d65a8e59e1adab9a62707/
The configure script automatically enables support for the raspberry pi
video backend if it detects the rpi-userland package. Unfortunately it
hardcodes a number of include/linker paths unsuitable for cross compilation,
breaking the build:
if test x$enable_video = xyes -a x$enable_video_rpi = xyes; then
..
RPI_CFLAGS="-I/opt/vc/include -I/opt/vc/include/interface/vcos/pthreads -I/opt/vc/include/interface/vmcs_host/linux"
RPI_LDFLAGS="-L/opt/vc/lib -lbcm_host"
fi
So explicitly disable it until the configure script is fixed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with windowBits
set to 8. On some versions this crashes Node and you cannot recover from
it, while on some versions it throws an exception. Node.js will now
gracefully set windowBits to 9 replicating the legacy behavior to avoid a
DOS vector.
For more details, see the announcement:
https://nodejs.org/en/blog/vulnerability/oct-2017-dos/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <<a href="mailto:peter@korsgaard.com">peter@korsgaard.com</a>><br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
(a) When installing themes with unterminated colour formatting
sequences, Irssi may access data beyond the end of the
string. (CWE-126) Found by Hanno Böck.
CVE-2017-15228 was assigned to this issue.
(b) While waiting for the channel synchronisation, Irssi may
incorrectly fail to remove destroyed channels from the query list,
resulting in use after free conditions when updating the state
later on. Found by Joseph Bisch. (CWE-416 caused by CWE-672)
CVE-2017-15227 was assigned to this issue.
(c) Certain incorrectly formatted DCC CTCP messages could cause NULL
pointer dereference. Found by Joseph Bisch. This is a separate,
but similar issue to CVE-2017-9468. (CWE-690)
CVE-2017-15721 was assigned to this issue.
(d) Overlong nicks or targets may result in a NULL pointer dereference
while splitting the message. Found by Joseph Bisch. (CWE-690)
CVE-2017-15723 was assigned to this issue.
(e) In certain cases Irssi may fail to verify that a Safe channel ID
is long enough, causing reads beyond the end of the string. Found
by Joseph Bisch. (CWE-126)
CVE-2017-15722 was assigned to this issue.
For more details, see the advisory:
https://irssi.org/security/irssi_sa_2017_10.txt
While we're at it, also add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Passing just the endianness flag to LD is not enough. We need to pass
the right emulation flag which will set everything for us, not only the
endianness.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The tool hciattach_bcm43xx defines the default firmware path in `/etc/firmware`,
but the Broadcom firmware blobs are usually stored in `/lib/firmware`.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CVE-2017-13685: The dump_callback function in SQLite 3.20.0 allows
remote attackers to cause a denial of service (EXC_BAD_ACCESS and
application crash) via a crafted file.
CVE-2017-15286: SQLite 3.20.1 has a NULL pointer dereference in
tableColumnList in shell.c
because it fails to consider certain cases where
`sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never
initialized.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
http://autobuild.buildroot.net/results/57d/57d9f0ea27e5c8ba73002bd1d0b33027f27a3779/http://autobuild.buildroot.net/results/7c3/7c3133e822c997879fe00923ba0ad7903656c2e1/
bootstrap by default runs ./tools/build/src/engine/build.sh --guess-toolset
to detect what toolchain (compiler variant). On x86 this returns gcc, but
on the ppc64le gcc112 autobuilder this returns xlcpp causing bootstrap.sh to
get confused and bail out:
./bootstrap.sh ..
Building Boost.Build engine with toolset ... tools/build/src/engine/###
\### No toolset specified. Please use --toolset option.
\###
\### Known toolsets are: acc, borland, cc, como, clang, darwin, gcc, gcc-nocygwin, intel-darwin, intel-linux, intel-win32, kcc, kylix, metrowerks, mipspro, msvc, qcc, pathscale, pgi, sun, sunpro, tru64cxx, vacpp, xlcpp, vc7, vc8, vc9, vc10, vc11, vc12, vc14, vc141, vmsdecc
\###/b2
Fix it by explicitly specifying the gcc toolset mode to bootstrap, similar
to how it was already done for the bjam invocations.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add some documentation about running the pc defconfigs in qemu.
In particular, document the use of the -bios parameter to use the OVMF
firmware to test the UEFI image.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This simplifies the pc configs and respective post image scripts to use
the shared genimage script and separate grub config files.
Separate grub files are cleaner to maintain and easier to copy and
modify, for example to support booting the pc defconfigs in qemu.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Starting with version 7, gcc automatically recognises and enforces the
environment variable SOURCE_DATE_EPOCH, and fakes __DATE__ and __TIME__
accordingly, to produce reproducible builds (at least in regards to date
and time).
However, older gcc versions do not offer this feature.
So, we use our toolchain wrapper to force-feed __DATE__ and __TIME__ as
macros, which will take precedence over those that gcc may compute
itself. We compute them according to the specs:
https://reproducible-builds.org/specs/source-date-epoch/https://gcc.gnu.org/onlinedocs/cpp/Standard-Predefined-Macros.html
Since we define macros otherwise internal to gcc, we have to tell it not
to warn about that. The -Wno-builtin-macro-redefined flag was introduced
in gcc-4.4.0. Therefore, we make BR2_REPRODUCIBLE depend on GCC >= 4.4.
gcc-7 will ignore SOURCE_DATE_EPOCH when __DATE__ and __TIME__ are
user-defined. Anyway, this is of no consequence: whether __DATE__ and
__TIME__ or SOURCE_DATE_EPOCH takes precedence, it would yield the
exact same end result since we use the same logic to compute it. Note
that we didn't copy the code for it from gcc so using the same logic
doesn't imply that we're inheriting GPL-3.0.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Jérôme Pouiller <jezz@sysmic.org>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Arnout: rewrite commit message]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building Python 3.x on MIPS with musl fails because the libffi code
uses a "#ifdef linux" test to decide if we're building on Linux or
not. When building with -std=c99, "linux" is not defined, so instead
of including <asm/sgidefs.h>, libffi's code tries to include
<sgidefs.h>, which doesn't exist on musl.
The right fix is to use __linux__, which is POSIX compliant, and
therefore defined even when -std=c99 is used.
Note that glibc and uClibc were not affected because they do provide a
<sgidefs.h> header in addition to the <asm/sgidefs.h> one.
Signed-off-by: Mauro Condarelli <mc5686@mclink.it>
[Thomas: reformat patch with Git, add a better commit log and description.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
That way packages included in that list like ccache will also be
regarded as a normal packages for targets like external-deps,
show-targets or legal-info
Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Currently, HOSTCC and HOSTCXX are set to their _NOCACHE variants in the
'dependencies' target. This is needed because at that time, ccache is
not built yet - host-ccache is one of the dependencies. However, because
this override is only specified for the 'dependencies' target (and
thereby gets inherited by its dependencies), the override is only
applied when the package is reached through the 'dependencies' target.
This is not the case when one of DEPENDENCIES_HOST_PREREQ is built
directly from the command line, e.g. when doing 'make host-ccache'. So
in that case, ccache will be built with ccache... which fails of
course.
To fix this, directly apply the override to the DEPENCIES_HOST_PREREQ
targets.
Note that this only fixes the issue for 'make host-ccache', NOT for
e.g. 'make host-ccache-configure'.
Signed-off-by: Alfredo Alvarez Fernandez <alfredo.alvarez_fernandez@nokia.com>
[Arnout: improve commit message]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes the following security issues:
CVE-2017-9410: fill_buffer_resample function in libmp3lame/util.c heap-based
buffer over-read and ap
CVE-2017-9411: fill_buffer_resample function in libmp3lame/util.c invalid
memory read and application crash
CVE-2017-9412: unpack_read_samples function in frontend/get_audio.c invalid
memory read and application crash
Drop patches now upstream or no longer needed:
0001-configure.patch: Upstream as mentioned in patch description
0002-gtk1-ac-directives.patch: Upstream as mentioned in patch
description/release notes:
Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1.
This was transplanted back from aclocal.m4 with a patch provided by Andres
Mejia. This change makes it easy to regenerate autotools' files with a simple
invocation of autoconf -vfi.
0003-msse.patch: Not needed as -march <x86-variant-with-msse-support>
nowadays implies -msse.
With these removed, autoreconf is no longer needed.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
that allows optional dependencies
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas:
- use "luainterpreter" instead of "lua" in the dependencies
- replace with a Git formatted patch that doesn't comment code but
removes it.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
http://autobuild.buildroot.net/results/ffc/ffc9c10c55c2838ab7002c5ec35244e9bfe46189/
Commit dfa1817d31 (openldap: supports only the real OpenSSL, not LibreSSL)
tried to ensure openldap would only use openssl, but changed the wrong
variable. OPENLDAP_TLS is passed to configure, so it shouldn't be changed:
./configure --target=aarch64-buildroot-linux-gnu .. --with-tls=libopenssl ..
Configuring OpenLDAP 2.4.45-Release ...
checking build system type... x86_64-pc-linux-gnu
checking host system type... aarch64-buildroot-linux-gnu
checking target system type... aarch64-buildroot-linux-gnu
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking for aarch64-buildroot-linux-gnu-strip... /usr/lfs/v0/rc-buildroot-test/scripts/instance-0/output/host/bin/aarch64-linux-gnu-strip
checking configure arguments... configure: error: bad value libopenssl for --with-tls
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Vivante GPU could be a part of SoC along with any CPU architecture
thus get rid of nonsense dependency.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vivante GPU could be a part of SoC along with any CPU architecture
thus get rid of nonsense dependency.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
>From the upstream announcement:
http://www.openwall.com/lists/oss-security/2017/10/19/5
Felix Wilhelm has discovered a flaw in the dns response parsing for
musl libc 1.1.16 that leads to overflow of a stack-based buffer.
Earlier versions are also affected.
When an application makes a request via getaddrinfo for both IPv4 and
IPv6 results (AF_UNSPEC), an attacker who controls or can spoof the
nameservers configured in resolv.conf can reply to both the A and AAAA
queries with A results. Since A records are smaller than AAAA records,
it's possible to fit more addresses than the precomputed bound, and a
buffer overflow occurs.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The previous version was by mistake mixed up with the patch 'gst-plugins-bad:
openjpeg: Remove compatibility with openjpeg 2.0'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch fixes a bug with the BR2_TOOLCHAIN_HAS_THREADS variable
handling which causes CGO_ENABLED to be always 0.
Furthermore, it fixes the cross compilation options for the go
compiler: setting CGO_ENABLED should be done only for the target
compiler not the host one.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: Christian Stewart <christian@paral.in>
If selected use:
- system/buildroot harfbuzz in case __sync for 4 bytes is supported
- qt harfbuzz otherwise (using QAtomic instead)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The gpu_mem option is not using the proper option argument which causes sed to
fail.
+ case "${arg}" in
+ gpu_mem=ome/gportay/output-rpi3-qtwe/images
+ sed -e '/^ome/gportay/output-rpi3-qtwe/images=/s,=.*,=ome/gportay/output-rpi3-qtwe/images,' -i /home/gportay/output-rpi3-qtwe/images/rpi-firmware/config.txt
sed: -e expression #1, char 8: extra characters after command
+ case "${arg}" in
+ gpu_mem=ome/gportay/output-rpi3-qtwe/images
+ sed -e '/^ome/gportay/output-rpi3-qtwe/images=/s,=.*,=ome/gportay/output-rpi3-qtwe/images,' -i /home/gportay/output-rpi3-qtwe/images/rpi-firmware/config.txt
sed: -e expression #1, char 8: extra characters after command
The issue comes from the use of $1 instead of $arg to extract the gpu_mem
value. $1 is the $(BINARIES_DIR) which leads to a sed expression error.
Also, it adds the error flag to the shell script to prevent from such situation
and terminate the build in error.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is just a bug-fix release.
Removing 0003-BUG-Ensure-_npy_scaled_cexp-f-l-is-defined-when-need.patch
as it is a part of the release.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
At this point, libressl can be added to the openssl virtual package.
- Remove the entry package/libressl/Config.in from package/Config.in
- Remove the file: package/libressl/Config.in
- Add libressl entry to package/openssl/Config.in
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
wpa_supplicant will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libevent will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
openldap will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
opusfile will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
mosquitto will not build with LibreSSL without patches, so let's
support only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ffmpeg will not build with LibreSSL without patches, so let's support
only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
hostapd will not build with LibreSSL without patches, so let's support
only OpenSSL.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
softether tries to use SSLv3 functionality as a fallback. LibreSSL
doesn't support SSLv3 anymore. Two main issues prevent a patch:
- Trying to wrap the sslv3 functionality from the source with a guard
clause results in linking errors after compiling is done.
- There are multiple security vulnerabilities with using sslv3.
- There are multiple security issues in github pertaining to using
sslv3.
- This project seems to not be updated very often, and the security
issues are being ignored it seems.
For people who still want to use softether, they will have to use
libopenssl.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
heirloom-mailx has two small issues when compiling against LibreSSL:
- RAND_egd is used (LibreSSL does not support RAND_egd)
Solution: "Guard" the code calling RAND_egd
- SSLv3_client_method function is used (LibreSSL does not support SSLv3)
Solution: "Guard" the code with #ifndef OPENSSL_NO_SSL3
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some packages that use openssl are not compatible with libressl, only
with the real openssl (known as libopenssl in Buildroot). So before we
add libressl as a provider for the openssl virtual package, we
introduce a BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL hidden option that
packages incompatible with LibreSSL will be able to select.
This will allow packages that need OpenSSL to continue using "select",
without having to change to using "depends on" dependencies.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.
Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package. This offers a few advantages:
- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
OpenSSL -> libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The Linux 4.0 kernel doesn't build with gcc 6.x, which is used since
the toolchain update in commit
193dfffa83 ("support/testing: use more
recent toolchains"). So let's update to Linux 4.11 instead (like the
existing Qemu x86 defconfig does), and update the kernel configuration
file accordingly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The LINUX_KCONFIG_FIXUP_CMDS are meant to deselect any compression
option that are not selected in the buildroot configuration. But it only
deselects the last one in the list instead of all of them because it
overwrites the LINUX_COMPRESSION_OPT_ variable instead of appending to
it. Only the last option set to that variable gets deselected.
This produces the warning:
.config:2216:warning: override: KERNEL_GZIP changes choice state
is emitted when buildroot runs olddefconfig when buildroot configures a
kernel with a custom config that has a different kernel compression
option set to what is configured in buildroot.
Accumulate all the deselected compression options instead of overwriting
them to ensure all non-selected options get deselected..
Signed-off-by: Cam Hutchison <camh@xdna.net>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With the hard disk crash of autobuild.b.o, we lost old toolchains, so
use the latest toolchains, which have been restored.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
musl has a bug in that <sched.h> defines CPU_ZERO(), which uses
memset(), but it doesn't have the prototype for it. This has been
fixed by upstream musl but until we rebuild our toolchains, let's have
a patch for Boost that works around this problem. We will of course
remove this patch once musl is updated to 1.1.17 and our toolchains
have been rebuilt.
Fixes:
http://autobuild.buildroot.net/results/6884cff634367cb640940051a60e5e13f30f70a2/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This reverts commit 95c15aaf15. It was
mistakenly pushed, and causes problems because it installs the shared
library to staging, but not to target.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Curl support is strongly recommended for multiplayer game.
The build system warn when curl is disabled:
cURL is required to load the server list
cURL is required to announce to the server list
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
By default pppd built by buildroot writes the list of nameservers to
/etc/resolv.conf instead of /etc/ppp/resolv.conf
This is not the default behavior of pppd and breaks name resolution
if several network interfaces are used. The change makes this optional
and enabled by default, to be backward compatible and to add a possibility
to turn this behavior off, if required.
Signed-off-by: Maksim Salau <msalau@iotecha.com>
[Arnout: extend the help text to explain that it won't work on readonly
rootfs]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Remove patches that has been merged/updated upstream
0001-fix-building-shared-libs.patch:
CmakeLists packages are rewritten.
0002-add-support-for-tz-package:
dd93fd2b3d
0003-add-missing-define.patch:
656b3be02d
0004-ffmpeg30.patch:
b7b66968f9
Also add sha256sum for license file.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The coroutine2 functionality is now provided only through headers, the
compiled library has disappeared. Due to that passing "coroutine2" as
argument to --without-libraries. Hence, the
BR2_PACKAGE_BOOST_COROUTINE2 option is removed by this commit.
We don't need Config.in.legacy handling, because coroutine2 support is
now unconditionally available in boost.
While at it, add LICENSE_1_0.txt sha256sum to boost.hash.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
[Thomas: drop Config.in.legacy handling, reword commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is a maintenance release of the current stable WebKitGTK+ version,
which contains bugfixes (many of them related to rendering, plus one
important fix for touch input) and many security fixes.
Release notes:
https://webkitgtk.org/2017/10/18/webkitgtk2.18.1-released.html
Fixes CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090,
CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094,
CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099,
CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107,
CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120,
CVE-2017-7142:
https://webkitgtk.org/security/WSA-2017-0008.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The directory package/sepolgen/ was removed in commit 9d6da7a26
(policycoreutils: split packages and bump to 2.7), but two
entries were left in the DEVELOPERS file.
This causes the following warnings when running util/get-developers:
WARNING: 'package/sepolgen/' doesn't match any file
WARNING: 'package/sepolgen/' doesn't match any file
Remove the erroneous entries.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
configure: WARNING: unable to find required header jpeglib.h
configure: WARNING: unable to find required library jpeg
configure: error: some required prerequisites were not found
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The default for is set to BR2_OPTIMIZE_S, the help comment designated
BR2_OPTIMIZE_0 as default.
Changed the help comment to show that BR2_OPTIMIZE_S is the default.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Policycoreutils was broken up into several packages, as such several
changes needed to happen for this patch to work:
- Remove patches 3, 4, and 5 as they no longer apply.
- Refresh patches 1 and 2 to work with version 2.7
- Remove semodule_${deps,expand,link,package} and sestatus from the makedirs
in the mk file.
- Remove restorecond from the make and config file. (Seperate package)
- Remove Audit2allow from the make and config file. (In a different package)
- Remove the package sepolgen
- Add the package selinux-python
- Add the package restorecond
- Add the package semodule-utils
- Add the relevant Config.in.legacy options into the menu.
Because these are utilities that work on top of python, the older versions of
these utilites still work, and as such this should be a single patch.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The reason for combining these patches is because the
old version of setools is not compatible iwth libsepol 2.7. If a user where
to do a git pull on a patch that only updates libsepol or setools, the build
would fail to compile.
setools has been completely rewritten in python instead of C.
The current version of setools includes a few programs that require
python-qt5 or python-networkx to run, however the package does not
check to see if these exist when compiling, and will install the scripts
to the target directory even if they don't exist.
In the case of python-networkx, this package is not available on Buildroot.
The scripts that require them are: sedta and seinfoflow.
In the case of python-qt5, qpol is the script that requires it.
Some setools.mk notes to get the package to compile:
- Convert the package .mk to use python-package instead of autotools-package.
- setup.py hard codes base_lib_dirs to point to several host directories.
To fix this, sed is used before compiling to point the base_lib_dirs to
the staging directory.
- setup.py also includes the "Werror" flag, however compilers before gcc6
cause a few autogenerated variables to not be initialized before use,
causing the build to fail.
To fix this, a patch is provided that removes the Werror flag.
- Remove sedta and seinfoflow from the target system after install. These
packages rely on the package python-networkx which is not available in
buildroot.
- Remove the installed apol package and the setoolsgui directory from the
target directory if python-qt5 is not selected.
Other changes:
- Removed all patches, as they are not compatible with the new version of
setools.
- Add COPYING, COPYING.GPL, and COPYING.LGPL to setools.hash
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
0001-Remove-incorrect-dependency-from-install-data-hook.patch is
patching Makefile.am, so we need to autoreconf. If we don't do this,
we get build failures such as:
configure.ac:3: error: version mismatch. This is Automake 1.15.1,
configure.ac:3: but the definition used by this AM_INIT_AUTOMAKE
configure.ac:3: comes from Automake 1.15. You should recreate
configure.ac:3: aclocal.m4 with aclocal and run automake again.
WARNING: 'automake-1.15' is probably too old.
You should only need it if you modified 'Makefile.am' or
'configure.ac' or m4 files included by 'configure.ac'.
Fixes:
http://autobuild.buildroot.net/results/440c9edd34d56d9207b9f1ee326a14a1c757b27d/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
----
Changes v2 --> v3:
- use 'Hashes for license files:' instead of repeated
'Hash for license file' (suggested by Thomas Petazzoni)
Changes v2:
- add reviewed-by and minor commit title change (removed package prefix)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Patch 0002-disable-tests.patch modifies Makefile.am, so we have to
autoreconf. It hasn't been seen until now, but becomes very clear
since the bump of automake to 1.15.1, as we're seeing build failures
such as:
configure.ac:66: error: version mismatch. This is Automake 1.15.1,
configure.ac:66: but the definition used by this AM_INIT_AUTOMAKE
configure.ac:66: comes from Automake 1.15. You should recreate
configure.ac:66: aclocal.m4 with aclocal and run automake again.
Fixes:
http://autobuild.buildroot.net/results/3402357d8e90f1866dfeaee7bb61119d80dc8bcb/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2017-7805 - Martin Thomson discovered that nss, the Mozilla
Network Security Service library, is prone to a use-after-free vulnerability
in the TLS 1.2 implementation when handshake hashes are generated. A remote
attacker can take advantage of this flaw to cause an application using the
nss library to crash, resulting in a denial of service, or potentially to
execute arbitrary code.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bump the kernel to version 4.13.5 and U-Boot to 2017.09.
While at it, remove the custom scripts for generating the SD card image
and use the standard scripts instead.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ifupdown-scripts has some .empty files to maintain empty directories
in git. Previously this package used to be part of the skeleton which
used SYSTEM_RSYNC to copy the directories to the target. When it was
split into a separate package, cp -a was used to do the copy instead,
which copies the .empty files.
Change to SYSTEM_RSYNC which excludes .empty files.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As stated by the upstream developers, Prosody only supports
lua-5.1 or luajit (which is a lua-5.1 interpreter):
> Response from zash at zash.se:
>
>> I pegged the package to lua 5,1 based on the contents of the
>> INSTALL file. Is this a hard requirement?
>
> Up until Prosody 0.9 Lua 5.1 is required. However LuaJIT
> implements Lua 5.1 so it works.
The license terms are not very consistent: the source files all
state to be "MIT/X11 licensed" and defer to the COPYING file for
details, but that file only has the text for the MIT license.
Thus, we believe the license to be MIT/X11, as stated in the source
files.
This installs the base system with certificates for two domains:
localhost and example.com
The default runtime configuration is tweaked during installation
to properly setup logging and pid-file directories.
Prosody doesn't like being executed as root, and thus the daemon
is executed as the user prosody. The startup script creates the
pid file write location with appropriate permissions.
Signed-off-by: Dushara Jayasinghe <nidujay@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The WITH_PTHREADS_PF option was errantly categorized as a Windows only option.
WITH_PTHREADS_PF actually enables a parallelization framework that utilizes
pthreads to optimize some inner for loops of different OpenCV operations. This
optimization is available on any platform that has pthreads.
Signed-off-by: bradford barr <bradford@density.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The "virt" machine supports disk emulation, so use a ext4 rootfs instead of
initramfs for consistency with the other qemu defconfigs.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The license file got reformatted as reStructuredText, but the license itself
didn't change.
Drop unneeded md5sum and add license hash.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, the target and host flex packages do not behave the same in
terms of patching: the target variant has a patch hook that disables
building the programs (because they are not needed, and do not build
on no-MMU platforms). However, this hook is obviously not executed for
host-flex, because we really want the host flex binary to be built.
In preparation for the introduction of out-of-tree package build, it
is important that we don't do different things in the patch hooks for
the target and host variant of a given package, because the source
tree will be shared between the target and host builds.
To solve this, we introduce a --disable-program configure option,
through a patch to the flex configure.ac and Makefile.am. This patch
makes the current 0001-flex-disable-documentation.patch no longer
needed.
Furthermore, building the documentation is a PITA: flex.1 depends on
configure.ac and a few other files generated during the build. Touching
flex.1 does not work, because automake will forcibly remove the files
when its prerequisites are too old, so pre-requisites of flex.1 will
always be more recent than flex.1. So, we add a patch that adds a
--disable-doc configure option.
Fixes:
http://autobuild.buildroot.org/results/f70/f70b39632535bb9692d0a032166b2f4104532967/http://autobuild.buildroot.org/results/525/52567afdfe7992b3518de0e01227ba14aa300f21/
[...]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[yann.morin.1998@free.fr:
- rebase on-top of master,
- add patch to not build the documentation, because simply touching
flex.1 is no longer enough.
- keep install in target/, for shared builds
]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Adrian Perez de Castro <aperez@igalia.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Upstream wiringpi apparently has some issues with their release
process: their 2.42 and 2.44 tags point to the exact same commit. And
at the 2.44 tag, the VERSION file was not updated to indicate that
it's version 2.44.
A follow-up commit added support for the RPi Zero-W, and fixed the
VERSION file to contain 2.44. So let's use this follow-up commit as
the new version for wiringpi.
This will hopefully clarify things, and avoid confusion such as the
one reported in bug #10391 [1].
[1] https://bugs.busybox.net/show_bug.cgi?id=10391
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: rewrite commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Neon is compulsory on AArch64, and BR2_ARM_CPU_HAS_NEON is false on
AArch64. Therefore, this change is needed to enable building VC4
gallium driver for Rpi3 using AArch64.
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Update Linuxptp to the latest version from 1. September 2017
This update brings bugfixes and minor enhancements.
Signed-off-by: Petr Kulhavy <brain@jikos.cz>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, the download directory, when specified with the -d option, is
only used to store the files downloaded by the testing infra, not those
downloaded by Buildroot.
So, we end up with this situation:
BR2_DL_DIR | -d DIR | test downloads | BR downloads
------------+----------+------------------+--------------
unset | unset | [error] | [error]
unset | set | in $(DIR) | in $(TOP_DIR)/dl
set | unset | in $(BR2_DL_DIR) | in $(BR2_DL_DIR)
set | set | in $(DIR) | in $(BR2_DL_DIR)
This is not very consistent.
We change the behaviour so that the value of -d always takes precedence,
and is used by Buildroot as well, giving this new behaviour:
BR2_DL_DIR | -d DIR | test downloads | BR downloads
------------+----------+------------------+--------------
unset | unset | [error] | [error]
unset | set | in $(DIR) | in $(DIR)
set | unset | in $(BR2_DL_DIR) | in $(BR2_DL_DIR)
set | set | in $(DIR) | in $(DIR)
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Finally there's working ARC port of glibc thanks to Vineet and Cuper!
This port is based on pretty recent glibc's master branch and ARC
changes are being reviewed now in glibc's mailing list.
Thus we again have to use sources from our GitHub but as soon as there's
a glibc release with our patches applied we'll switch to upstream releases
and will drop our glibc GitHub repo alltogether.
Note now we cut tags in glibc repo simultaneously with tags
in Binutils and GCC repos and so to make sure everything works in the best
way we plan to update glibc tag together with Binutils and GCC.
Also note as of today ARCompact (AKA ARCv1 ISA) is not supported in glibc
but we plan to fix it soonish so for now we make glibc intentionally
dependent on archs38.
Also note we are not creating directory "2.26" because all patches for glibc
ver 2.26 applies to arc glibc port.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
CC: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CC: Waldemar Brodkorb <wbx@openadk.org>
CC: Romain Naour <romain.naour@gmail.com>
Cc: Cupertino Miranda <cmiranda@synopsys.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Anton Kolesov <akolesov@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mainline kernel is able to decode video via the coda driver.
Add support for it and also add some explanation on how VPU decoding
can be tested with Gstreamer.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes the following security issues:
CVE-2017-13720 - Check for end of string in PatternMatch
CVE-2017-13722 - pcfGetProperties: Check string boundaries
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit d1011f89a1 (audit: update legal info) set the libraries license
to "unclear" because of GPL license text in a few libraries source
files. Upstream audit package commit 239765162fa494 (Correct the
licensing description in lib/ and auparse/ to be LGPL as was always
intended) clarified the license in these files.
Add license files hashes.
Cc: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
start-stop-daemon fails on -R when not compiled with
CONFIG_FEATURE_START_STOP_DAEMON_FANCY. Thus, do not rely on -R
during stop to avoid a race condition during restart.
Use a sleep 1 during restart instead, as suggested by Peter Korsgaard
in <87bmluk4bm.fsf@dell.be.48ers.dk>.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package doesn't actually rely on the msgpack runtime libraries, it's a
pure python implementation.
Signed-off-by: bradford barr <bradford@density.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Modern versions of msgpack are hosted on Github. Msgpack switched
their build systems from autotools to cmake a while back. The licence
was also updated from Apache to Boost.
Signed-off-by: bradford barr <bradford@density.io>
[Thomas: drop custom install commands, add LICENSE_1_0.txt to license
files.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This package is based on the bcg729 library from Belledonne Communica-
tions which is wrapped into a freeswitch module to provide a native
G729.A codec.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit bumps ARC toolchain to arc-2017.09-rc1.
The arc-2017.09 series is built on top of upstream GCC 7.1.1 and
Binutils 2.29 so please expect all kinds of breakages related to GCC
7.x as we saw earlier with the move from 4.8 to 6.x :)
Note patches for both GCC and Binutils were updated with
copies from corresponding mainline versions, i.e.
"package/gcc/7.2.0" and "package/binutils/2.29".
Please note that it is a release candidate and it might contain some
breakages, please don't use it for production builds.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Thomas: drop binutils patch related to the Blackfin architecture.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Introduce imx6-sabreauto_defconfig that uses mainline U-Boot and
mainline kernel.
As mainline U-Boot supports SPL, it is possible to boot the same
sdcard.img in the three mx6sabreauto variants: imx6q, imx6dl and imx6qp.
Also update the readme.txt file to explain how to build an image for
mx6sabreauto boards using mainline U-Boot and kernel.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Thomas: regenerate gitlab-ci.yml file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Improve the explanation of the need for using the performance governor.
This problem is specific to mx6sabresd board and the Egalax touchscreen
running a mainline kernel, so make this clear.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
parted uses libiconv but doesn't link with it. All the checks are there
in configure, but the Makefile.am doesn't add it to the link. Add a
patch to fix this.
Also add an optional dependency on libiconv, so it is reproducible.
While we're at it, regenerate the existing patches on top of v3.2, and
make patch 0003 a properly git formatted one.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: srg.venema@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
I got this error when attempting to build:
aclocal: error: couldn't open directory 'm4': No such file or directory
So we now have the post patch hook to ensure the m4 directory is
present.
In addition, the package now sets a variable with the Git SHA1 so that
the binary contains the expected output for --version.
Specific configurations of uClibc cause a build failure in pdbg. This commit
adds a patch to remove the definition of the offending macro (it is unused in
the source).
In file included from usr/include/stdio.h:71:0,
from libpdbg/fake.c:17:
include/bits/uClibc_stdio.h:149:16: error: expected identifier or ‘(’ before ‘;’ token
void *__unused; /* Placeholder for codeset binding. */
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Python3 support was added to libiio in version 0.10.
This commit adds the option to compile libiio bindings if python3 was
selected instead of python.
Signed-off-by: Béla Becker <bela.becker@pcbdesign.hu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 95cb1465f0 added the
atmel_sama5d27_som1_ek_mmc_dev_defconfig but forgot to update
.gitlab-ci.yml. Update it now.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The parts of the readme.txt that specify the board-specific aspects
(DTB files, KMS config json file) were a bit confusing. For the DTB
files this is solved by putting the board it applies to after the DTB
file name. For the json files, this is solved by adding an extra line,
so the CinematicExperience-demo is clearly separated from the setting
of QT_QPA_EGLFS_KMS_CONFIG.
Also remove the 'for all boards' line in the beginning, it doesn't add
any value.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch add support for Open Frame C.TOUCH 12 Kit.
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch add support for Open Frame C.TOUCH 10.1 Kit.
Since the defconfig is no longer only for the starter kit, remove that
from BR2_TARGET_GENERIC_ISSUE.
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
musl provides its own SYS_getrandom definition, but not GRND_NONBLOCK.
This breaks the build with kernel headers older than v3.17. Add a patch
adding a local definition of GRND_NONBLOCK to fix the build.
The following defconfig reproduces the build failure:
BR2_x86_pentium_mmx=y
BR2_TOOLCHAIN_BUILDROOT_MUSL=y
BR2_KERNEL_HEADERS_3_12=y
BR2_PACKAGE_LIBRESSL=y
The getentropy_linux.c file is in upstream tarball, but not in its git
repository. It originates from OpenBSD. For this reason the patch is
against the tarball, but not git formatted.
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[Arnout: change filename to correspond to how git creates it]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This upstream patch fixes the build error produced by building for
powerpc 32bit after the glibc bump to 2.26 with the following internal
toolchain config.
gcc5.4.0
glibc2.26
bin2.28.1
linux4.1.43
Failure log:
CC net/proto-ipv4.o
net/proto-ipv4.c: In function ‘ip_setsockopt’:
net/proto-ipv4.c:231:49: error: ‘UIO_MAXIOV’ undeclared (first use in this function); did you mean ‘_IO_MAGIC’?
so->optlen = rnd() % sizeof(unsigned long)*(2*UIO_MAXIOV+512);
^~~~~~~~~~
_IO_MAGIC
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Arnout: add Matthew's Sob to the patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the remaining code style warnings from flake8:
- properly indent continuation lines;
- use proper code to test a parameter is not None.
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix the trivial warnings from flake8:
- remove modules imported but unused;
- use 2 lines before class or module level method;
- remove blank line at end of file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Change all defconfig fragments to take advantage of
"cf3cd4388a support/tests: allow properly indented config fragment".
Make each defconfig fragment:
- start after a backslash;
- be declared as a multi-line string literal;
- be indented one level more than the variable that contains it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Move the strip out of leading spaces in defconfig fragments from the
BRTest class to the Builder class. It actually postpones the strip out,
consequentially allowing test cases to post-process the defconfig in
their own __init__ before calling the __init__ method from BRTest.
Moving this code to the Builder class also allows any new test class
that inherits from BRTest to reuse the same code even if the new class
overrides the setUp method.
At same time, prepend a newline to the jlevel handling otherwise it
would stop working for defconfig fragments that don't end in a newline.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
U-Boot nowadays also uses kconfig, so we can handle config fragments like we
do for barebox/busybox/linux.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
And add hashes for the license files while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix for CVE-2017-9798 is included in this release, so this patch is
removed.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Update commit log: not a security bump]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bump at91sam9x5ek, atmel_sama5d2_xplained, atmel_sama5d3_xplained and
atmel_sama5d4_xplained all variants to linux4sam_5.7. The 3 foundation
components have their tags changed (AT91Bootstrap, U-Boot, Linux kernel).
Signed-off-by: Nicolas Ferre <nicolas.ferre@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The dependency is actually only for the kernel module (and thus on the
runtime kernel version rather than kernel headers), but as we don't know the
runtime version in kconfig and the user space part doesn't make much sense
without the kernel module this will have to do.
[Peter: extend commit message, add comment to Config.in as suggested by
Arnout, fix off-by-one in comment text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is only for the device-mapper library, so a user selectable
Config.in.host option isn't needed.
[Peter: add host-pkgconf dependency as pointed out by Arnout]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues and adds a number of other bigfixes:
2.8.1: Changelog:
https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg06332.html
CVE-2017-2615 - display: cirrus: oob access while doing bitblt copy backward
mode
CVE-2017-2620 - display: cirrus: out-of-bounds access issue while in
cirrus_bitblt_cputovideo
CVE-2017-2630 - nbd: oob stack write in client routine drop_sync
2.8.1.1 Changelog:
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg03460.html
CVE-2017-7471 - 9p: virtfs allows guest to change filesystem attributes on
host
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes
http://autobuild.buildroot.net/results/8e6/8e639ab8912e7d884fd8e6dbb1ca8b49451dd766/
/home/test/autobuild/run/instance-1/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libcrypto.a(c_zlib.o):
In function `zlib_stateful_expand_block':
c_zlib.c:(.text+0x54): undefined reference to `inflate'
/home/test/autobuild/run/instance-1/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libcrypto.a(c_zlib.o):
In function `zlib_stateful_compress_block':
c_zlib.c:(.text+0xd4): undefined reference to `deflate'
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
./configure: --disable-uuid is obsolete, UUID support is always built
Change-Id: I9e278418d19e15bbbd3ea233658cd62f75e3385c
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building Qt with QtWebKit on configuration step there is
a check which disables QtWebKit build with GCC 6+.
Back in the day nobody thought about building Qt with GCC
version greater than 5.x. And now with modern GCCs like
6.x and 7.x this assumption gets in the way.
Given in Buildroot today we don't have GCC older than 4.9
it should be safe to remove now meaningless check completely
by adding patch to qt.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, bridge-utils wants to grap the headers from the linux-headers
package, so we point it directly there, as has been the case since we
first added bridge-utils in 2003 (c8eea31d3f), and then further refined
in 2005 (178a317d26) which is the first moment we pointed to the linux-
headers directory.
However, ther are two things wrong with that.
First, the headers are not directly in $(LINUX_HEADERS_DIR). Instead,
they are in a sub-directory thereof. So, we could not have found them
the way we are doing now.
Second, this definitely does not work when using an external toolchain,
because there is not linux-headers package enabled then.
Yet, against all odds, bridge-utils has valiantly deflected all rocks
thrown its way, day-in day-out building without any issue in every
autobuilders it's been confronted with. Good boy, good boy. :-)
And indeed, it turns out that the required headers are easily found from
within the sysroot of the toolchain. Wonders! :-)
But there's still a gotcha: the default search path is still a hard
coded path pointing to the installed kernel source tree on the host.
So, we still have to pass this option, but we can simply point to the
sysroot.
[Peter: point to sysroot instead of non-existing directory]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Glibc bump to 2.26 exposed this missing header when building with the
following combination using an i386 internal toolchain:
gcc5.4.0
bin2.28.1
linux4.1.43
Logfile snippet:
2017-10-02T00:08:11 ^
2017-10-02T00:08:12 rpc.c: In function ‘nsm_recv_getport’:
2017-10-02T00:08:12 rpc.c:469:13: error: ‘UINT16_MAX’ undeclared (first use in this function)
Upstream: https://bugzilla.linux-nfs.org/show_bug.cgi?id=312
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The COPYING file is part of the xf86-input-tslib project's source tree.
Let's include the hash for it's current version.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Those cores are not supported in upstream gcc, not even in master.
The only toolchain that supported those core was the 2014R1 ADI
rebuilt toolchain, but we removed it in 311bc13 (toolchain: kill
ADI Blackfin toolchain) because there was too many issues with it.
ADI has not released any newer toolchain since then.
There is little hope for those cores now, so remove them.
Support for those cores has been useless and unusable for a while
without nobody noticing, therefore we intentionally skip adding
Config.in.legacy. This would require keeping code in
arch/Config.in.bfin since the options being removed are inside a
choice...endchoice block.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: explain why we don't add the options to Config.in.legacy.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Upstream gcc does not have support for C-Sky, and we do not have a
vendor tree for it either (yet?).
Use the newly-introduced symbol to state so, rather than have the
exclusion in the toolchain choice.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Some architectures or specific cores do not have support in upstream
gcc. Currently, they are individually listed as exclusions in the
toolchain choice.
This poses a maintainance burden, as the knowledge about what gcc
version supports what architecture is split across many places: the
toolchain choice, the gcc version choice, the external toolchains.
As a first step, add a blind option that architectures or individual
cores may select to indicate they lack support in our internal backend.
Actual use of the option will come in followup patches.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since tslib's COPYING file in part of the source tree, we can easily
include it's hash for the given version here.
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Drop direct sed'ing of config.h for HAVE_CONNTRACK, HAVE_LUASCRIPT, and
HAVE_DBUS. Use MAKE_OPTS COPTS parameters instead, like we do already
for all other options.
Rename DNSMASQ_ENABLE_LUA to DNSMASQ_TWEAK_LIBLUA since it now does only
that.
Merge two conntrack and three dbus conditional sections.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Supported Lua version is now 5.2.
Add licenses hash.
Fixes a number of security issues:
CVE-2017-13704 - Crash when DNS query exceeded 512 bytes (a regression
in 2.77, so technically not fixed by this bump)
CVE-2017-14491 - Heap overflow in DNS code
CVE-2017-14492 - Heap overflow in IPv6 router advertisement code
CVE-2017-14493 - Stack overflow in DHCPv6 code
CVE-2017-14494 - Information leak in DHCPv6
CVE-2017-14496 - Invalid boundary checks allows a malicious DNS queries
to trigger DoS
CVE-2017-14495 - Out-of-memory Dos vulnerability
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Currently, the extraction commands entirely remove the urg directory,
which means the downloaded stamp will get removed, and thus a subsequent
build would try to re-download it.
It turns out that the directory extracted by urg is already correctly
named, so we just need to extract out of the build directory. This
highly simplifies the command.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit eec04a7b7d.
The original commit bumped the package to a version which is at runtime
incompatible with Kodi.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Previously, it was working by luck. Buildroot has fixed its definition
of HOST_DIR and pkg-autotools.mk uses the classical /usr prefix. So,
fix this sed expression to correctly replace $(HOST_DIR) by /usr in ERL
path.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
After the conversion to SPL the imx6sabresd defconfig targets have
been renamed,so update the entry accordingly.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
After the conversion to SPL the imx6sabresd defconfig targets have
been renamed, so update their entries accordingly.
Suggested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We explicitly remove pkg-config files from target in the target-finalize
step, and our pkg-config looks for .pc files from staging, not target.
So, explicitly installing the .pc in target is useless.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the host uses glibc 2.26 or newer, Flex will try to use the
newly-introduced reallocarray() function, but as it would not define
_GNU_SOURCE a segmentation fault would occur later on due to the
compiler assumming that the function is implicitly defined.
This issue manifests itself due to a crash of "stage1flex" during the
Flex bootstrap:
./stage1flex -o stage1scan.c ./scan.l
make[2]: *** [Makefile:1725: stage1scan.c] Segmentation fault (core dumped)
This imports the patch from the upstream Git repository, and adds flags
in the .mk file to rebuild the Autotools scripts and support files. Due
to the latter, the patch to disable the documentation is changed so it
modifies the .am file instead.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Arnout:
- Add Adrian's Sob and upstream ref to new patch;
- Keep patch 1 as patch 1;
- Keep Vicente as author of path 1;
- Add reason for autoreconf in a comment.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This doesn't compile with glibc 2.26 where reallocarray() as been introduced.
It's a nasty issue, when reallocarray() is available for the target, flex will
build a small tool called stage1flex for the host (using _FOR_BUILD) but with
the config.h generated for the target.
When the host doesn't have a glibc >= 2.26, reallocarray() is never defined
while building stage1flex:
misc.c:147:8: warning : implicit declaration of function « reallocarray »
[-Wimplicit-function-declaration]
mem = reallocarray(NULL, (size_t) size, element_size);
^~~~~~~~~~~~
misc.c:147:6: warning : assignment makes pointer from integer without a cast
[-Wint-conversion]
mem = reallocarray(NULL, (size_t) size, element_size);
^
Disable reallocarray for now, reallocarray() support may be
enabled in a followup patch.
Fixes:
stage1flex-misc.o: In function `allocate_array':
misc.c:(.text+0x38f): undefined reference to `reallocarray'
stage1flex-misc.o: In function `reallocate_array':
misc.c:(.text+0xc8a): undefined reference to `reallocarray'
collect2: error: ld returned 1 exit status
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Since glibc >= 2.26, don't try to use getopt_long replacement bundled
with diffutils. It will conflict with the one from glibc.
The getopt copy bundled in glibc has been updated with the one from gnulib.
After a lot of warnings...
Fixes:
xstrtol-error.c: In function 'xstrtol_error':
xstrtol-error.c:84:26: error: invalid use of undefined type 'struct rpl_option'
option = long_options[opt_idx].name;
^
xstrtol-error.c:84:26: error: dereferencing pointer to incomplete type 'const struct rpl_option'
[...]
xstrtol-error.c:92:1: error: conflicting types for 'xstrtol_fatal'
xstrtol_fatal (enum strtol_error err,
^~~~~~~~~~~~~
In file included from xstrtol-error.c:20:0:
xstrtol.h:69:16: note: previous declaration of 'xstrtol_fatal' was here
_Noreturn void xstrtol_fatal (enum strtol_error,
^~~~~~~~~~~~~
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
float128 is now required on powerpc64le with glibc >= 2.26 toolchains.
Fixes:
running configure fragment for sysdeps/gnu
running configure fragment for sysdeps/powerpc/powerpc64le
checking if [...]powerpc64le-buildroot-linux-gnu-gcc supports binary128 floating point type... no
checking if the target machine is at least POWER8... yes
configure: error: *** binary128 floating point type (GCC >= 6.2) is required on powerpc64le.
In order to prepare the glibc bump to this version, we enable
binary128 floating point in gcc. This require at least gcc >= 6.2.
Disable gcc 4.x and 5.x for internal toolchain.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
../../../../libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc: In function ‘int __sanitizer::TracerThread(void*)’:
../../../../libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc:241:22: error: aggregate ‘sigaltstack handler_stack’ has incomplete type and cannot be defined
struct sigaltstack handler_stack;
../../../../libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc: In function ‘int __sanitizer::TracerThread(void*)’:
../../../../libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc:276:22: error: aggregate ‘sigaltstack handler_stack’ has incomplete type and cannot be defined
struct sigaltstack handler_stack;
^~~~~~~~~~~~~
The fix is already included in gcc 7.2 release [1]. We have to backport it to
all older gcc release since it's not included in any stable release yet.
[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=72edc2c02f8b4768ad660f46a1c7e2400c0a8e06
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Default prefix is set to `BR2_` but may be overidden by setting
BR2_PREFIX.
Example usage:
Enable `BR2_PACKAGE_GNUPG`:
./utils/config --package --enable GNUPG
Check state of config option `BR2_PACKAGE_GNUPG`:
./utils/config --package --state GNUPG
y
Enable `BR2_PACKAGE_GNUPG`:
./utils/config --package --disable GNUPG
Set `BR2_TARGET_GENERIC_ISSUE` to "Welcome":
./utils/config --set-str TARGET_GENERIC_ISSUE "Welcome"
Copied from the Linux kernel (4.13-rc6) source code and adapted to
Buildroot.
Thanks to Andi Kleen who is the original author of this script.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
[Arnout: merge the two tr invications]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The amount of GPU memory can be set using the new option --gpu_mem_XXX
(where XXX is the total amount of memory available on the board).
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Use the maintainer's repository, update the package description, based
on the official one, and drop an obsolete patch.
Change-Id: I2170aa4c1cc57de2a25ef04e89a216b254f2a859
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add an entry to explain how to run the glmark benchmark.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bump the kernel version to 4.13.3.
Kernel 4.13.3 uses the /dev/dri/card0 device as rendering node, so
adjust it accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
U-Boot 2017.09 uses SPL, so bump to this version so that we can
have a single qt5 image that supports the different imx6 sabresd
boards: imx6q, imx6dl and imx6qp.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The QT5 rootfs requires more space, so adjust it a larger size.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Now that SPL is supported a single image can run on the different
variants of imx6 sabresd boards: imx6q, imx6dl and imx6qp.
So drop the 'quad' prefix from defconfig, directory and readme file
to make it generic.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The host menuselect tool is linked to our host libxml2 library, but it
is missing an RPATH to the host directory.
This is because menuselect does not use automake, so does not inherit
the LDFLAGS from the configure run.
We fix that by simply passing $(HOST_CONFIGURE_OPTS) in the make
environment.
At the same time, we also install the tool in the host directory, even
if not used from there, so that the sanity checks we run are properly
passed.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
We sanity-check the host executables that they have a correct RPATH
pointing to the host libraries.
This is currently done by looking for all files in $(HOST_DIR) that
match the 'ELF executable' pattern (a bit more complex, but that's
idea).
However, when an executable is built with -fPIE of -fpie, it no longer
appears to be an 'ELF executable', but it rather looks like an 'ELF
sheard object' (like if it were an library.
So, we miss those files.
It turns out that the problem is a real one, because quite a few
mainline distros, expecially those based on Debian for example, have
already switched to generating PIE code by default, and thus we miss on
a whole class of systems..
We fix that by simply looking if we can find an ELF interpreter in each
file. If we there is one, this is an ELF executable; if not, it may be
anything else: we don't care (not even about ELF libraries).
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix package/nginx/S50nginx:
* On stop, use start-stop-daemon -R 1 to wait for the nginx processes
to actually stop. This fixes a race condition with restart, where
nginx fails to restart because start is called too early
w.r.t. stop. (This only works with Debian's start-stop-daemon,
however BusyBox's start-stop-daemon does not fail when given -R; it
just ignores the argument silently).
* Implement reload with an actual reload instead of a restart.
* Add force-reload.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bump U-Boot to 2017.09 version and kernel to 4.13.3.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Pass an offset of 1MB for the start of the rootfs.
Otherwise we get rootfs corruption when the bootloader is manually
written to the SD card.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This is similar to the ppc64_pseries config, except we build for little
endian instead of big endian.
The default architecture is set to Power8 as this was the first fully
enabled LE machine.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This version was not tagged upstream so use a git hash which has that
version.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This version was not tagged upstream so use a git hash which has that
version.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This version was not tagged upstream so use a git hash which has that
version.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Switch from github hash to an official release.
Several upstream patches are required to build the code correctly
on all platforms supported by buildroot.
The test application now uses fork().
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
[Arnout: Squash the two patches, MMU dependency was introduced with the
version bump.
Wrap assignments in libkcapi.mk differently.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
U-Boot 2017.07 has switched to SPL boot, which allows the same binary to
boot on imx6dl, imx6q and imx6qp sabresd boards.
Switch to the SPL mechanism.
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Sysklogd had only SYSV init scripts. Add systemd service files to start
klogd and syslogd.
Signed-off-by: Petr Kulhavy <brain@jikos.cz>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The symlink to /etc/systemd/system/syslog.service was pointing 4 levels up
to /usr/lib instead of 3 levels up.
This wasn't an issue on the actual system (/../ equals to / ) but was causing a
deadlink in the TARGET directory.
Signed-off-by: Petr Kulhavy <brain@jikos.cz>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Dependency to json-c was dropped, updated reverse dependencies as well
and added optional dependency to libatomic_ops
https://cgit.freedesktop.org/pulseaudio/pulseaudio/tree/configure.ac#n250
when __sync_bool_compare_and_swap is not available.
Removed patch applied upstream:
0002-webrtc-C-11-is-only-required-for-WebRTC-support.patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
LIBC is really only used to construct the target tuple. To check if we
are using a uClibc toolchain, we use BR2_TOOLCHAIN_USES_UCLIBC.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
When building bash statically, configure does not initialize the
SHOBJ_STATUS variable. The SHOBJ_STATUS make variable in
examples/loadables/Makefile.in must resolve to either 'supported' or
'unsupported'. Otherwise, the install-$(SHOBJ_STATUS) target does not
exist.
This leads to the following build failure:
make[2]: Entering directory '.../output/build/bash-4.4/examples/loadables'
make[2]: *** No rule to make target 'install-', needed by 'install'. Stop.
make[2]: Leaving directory '.../output/build/bash-4.4/examples/loadables'
Makefile:793: recipe for target 'install' failed
with the following defconfig:
BR2_arm=y
BR2_STATIC_LIBS=y
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_BASH=y
Note that this doesn't terminate the build so it's not detected as an
error by the autobuilders.
Set SHOBJ_STATUS in the configure environment as a workaround.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Package switched to cmake without providing most of the autoconf
options previously available. Therefore we move all suboptions to
Config.in.legacy.
All patches are removed, the files to be patched do not exist anymore.
OPENOBEX_EXTRACT_CMDS is not needed anymore, upstream provides the
source as .tar.gz now.
Version 1.6 added support for libusb-1.x and udev. The current version
also supports bluez5_utils, not only bluez_utils.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: add help text to legacy options]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Includes some fixes for the Raspberry Pi, amongst many others.
Signed-off-by: Mahyar Koshkouei <mahyar.koshkouei@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reiterate once more that <packagename>_PATCH variable can point
to an arbitrary URL, not just to a path relative to <packagename>_SITE.
While we're at it, also explain that the patch should be added to the
.hash file.
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
[Arnout: add sentence about .hash file.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
configure.ac use PKG_CHECK_MODULES macro to find some libraries dependencies.
So add host-pkgconf in LVM2_DEPENDENCIES.
Fixes:
checking pkg-config is at least version 0.9.0... ./configure: line 9875: [...]/host/bin/pkg-config: No such file or directory
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix libglu build error
CXXLD libGLU.la
/home/buildroot/br4/output/host/lib/gcc/i586-buildroot-linux-gnu/6.4.0/../../../../i586-buildroot-linux-gnu/bin/ld: cannot find -lXext
/home/buildroot/br4/output/host/lib/gcc/i586-buildroot-linux-gnu/6.4.0/../../../../i586-buildroot-linux-gnu/bin/ld: cannot find -lX11
collect2: error: ld returned 1 exit status
using this defconfig
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XSERVER_XORG_SERVER=y
BR2_PACKAGE_NVIDIA_DRIVER=y
BR2_PACKAGE_LIBGLU=y
The nvidia binary blob is linked to libX11.so & libEext.so
$ output/host/bin/i586-buildroot-linux-gnu-readelf -a output/target/usr/lib/libGL.so | grep NEEDED
0x00000001 (NEEDED) Shared library: [libnvidia-tls.so.381.09]
0x00000001 (NEEDED) Shared library: [libnvidia-glcore.so.381.09]
0x00000001 (NEEDED) Shared library: [libX11.so.6]
0x00000001 (NEEDED) Shared library: [libXext.so.6]
0x00000001 (NEEDED) Shared library: [libc.so.6]
0x00000001 (NEEDED) Shared library: [libdl.so.2]
which is also reflected by Libs-section of package/nvidia-driver/gl.pc.
To allow other packages linking to libGL.so provided by this package we
need to reflect the fact that xlib_libX11 & xlib_libXext are not
runtime-only dependencies.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix build error
>>> libglu 9.0.0 Autoreconfiguring
configure.ac:50: error: Could not locate the pkg-config autoconf macros.
These are usually located in /usr/share/aclocal/pkg.m4. If your macros
are in a different location, try setting the environment variable
ACLOCAL="aclocal -I/other/macro/dir" before running autoreconf.
configure.ac:50: the top level
autom4te: /home/buildroot/br4/output/host/bin/m4 failed with exit status: 1
using this defconfig
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XSERVER_XORG_SERVER=y
BR2_PACKAGE_NVIDIA_DRIVER=y
BR2_PACKAGE_LIBGLU=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Version 2.18.x includes support for remotely controlling WebKitGTK+
based browsers using the standard WebDriver API. Typically this is used
by Web developers, and in most cases it will be desirable to disable it
from builds.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Release notes:
https://webkitgtk.org/2017/09/11/webkitgtk2.18.0-released.html
No corresponding WebKit Security Advisory (WSA) has been published.
All patches have been applied upstream.
This also bumps the required target GCC version, due to the WebKit code
now using more modern C++ features which were introduced in version
5.x of the compiler.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Arnout:
- propagate dependency to midori;
- mention in commit message why patches were removed.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
While currently there is no in-tree Buildroot package which depends on
host-python-six, it can be needed to build external packages.
Signed-off-by: Julien Floret <julien.floret@6wind.com>
Tested-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Currently it is always required to add package version as an argument to
the github helper. Since the version is always defined as PKG_VERSION,
drop this argument and generate it automatically inside the helper
routine.
The github helper function is extended to support both 2 and 3 argument
variants (ie. either use the provided package version argument or
automatically substitute with PKG_VERSION if not available), which can
make the transition of the package files easier as well allows using the
3-argument variant outside of package definitions.
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The author of lbase64 maintains 3 separate versions of the package for
the 3 Lua versions. Only the 5.1 version is uploaded to luarocks, so
that is the one we currently support in Buildroot.
However, the three versions are nearly identical. With a small patch,
this allows us to support all Lua versions from a single tarball.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch is based on works [1] and [2].
With this patch, one can run the Qt5 WebEngine quicknanobrowser sample
with the following options.
BR2_TOOLCHAIN_BUILDROOT_LIBC="glibc" and
BR2_TOOLCHAIN_BUILDROOT_CXX (Qt 5 needs a toolchain w/ wchar, NPTL, C++,
dynamic library; for now it builds only with glibc)
BR2_PACKAGE_LIBERATION (Qt needs at least one font)
BR2_PACKAGE_QT5BASE_EXAMPLES (to install quicknanobrowser sample)
BR2_PACKAGE_QT5BASE_GIF (do display gif)
BR2_PACKAGE_QT5BASE_JPEG (do display jpeg)
BR2_PACKAGE_QT5BASE_PNG (do display png)
BR2_PACKAGE_QT5QUICKCONTROLS (needed by webengine)
BR2_PACKAGE_QT5QUICKCONTROLS2 (needed by webengine)
BR2_PACKAGE_QT5WEBENGINE (because it is what we want)
Qt WebEngine requires an Open(E)GL-capable backend. As an example, the
package rpi-userland must be enabled to build for a rpi.
BR2_PACKAGE_RPI_USERLAND (to enable OpenGL ES backend)
To browse for HTTPS websites, please consider adding the following
options as well for SSL/TLS.
BR2_PACKAGE_CA_CERT (for certificates)
BR2_PACKAGE_NTPD (to sync date for certificates)
Since version 5.9, chromium requires udev at runtime (see note 4).
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV (input backend)
To run quicknanobrowser
# cd /usr/lib/qt/examples/webengine/quicknanobrowser/
# ./quicknanobrowser https://www.buildroot.org/
Note: The chromium.inc has been generated using the following command.
( echo 'CHROMIUM_LICENSE_FILES = \' &&
cd output/build/qt5webengine-5.9.1/ && \
find "src/3rdparty/chromium/" -type f -iname "*LICENSE*" -o -iname "*COPYING*" -o -iname "*GPL*" | \
sed -e '/\.asm$/d' \
-e '/\.h$/d' \
-e '/\.c$/d' \
-e '/\.cc$/d' \
-e '/\.cpp$/d' \
-e '/\.pyc\?$/d' \
-e '/\.pl$/d' \
-e '/\.sha1$/d' \
-e '/\.patch$/d' \
-e '/licensecheck/d' \
-e 's,^,\t,' \
-e 's,$, \\,' | \
sort && \
echo '' ) >package/qt5/qt5webengine/chromium.inc
Note 2: Since 5.9.1, the chromium's copy of opus fails with neon [3].
Qt WebEngine can uses buildroot ffmpeg copy which compiles fine (using
qmake flag WEBENGINE_CONFIG+=use_system_ffmpeg). It implies selecting
the following options.
BR2_PACKAGE_FFMPEG
BR2_PACKAGE_OPUS
BR2_PACKAGE_LIBVPX
BR2_PACKAGE_WEBP
BR2_PACKAGE_WEBP_DEMUX
In file included from ../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c:31:0:
/home/gportay/src/buildroot/output-rpi3-qt5.9/host/lib/gcc/arm-buildroot-linux-gnueabihf/6.4.0/include/arm_neon.h:8997:1: error: inlining failed in call to always_inline ‘vld1q_s32’: target specific option mismatch
vld1q_s32 (const int32_t * __a)
^~~~~~~~~
../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c:40:15: note: called from here
int32x4_t coef0 = vld1q_s32(coef32);
^~~~~
../../3rdparty/chromium/third_party/opus/src/silk/arm/NSQ_neon.c: At top level:
cc1: warning: unrecognized command line option ‘-Wno-#pragma-messages’
Note 3: Version 5.6.2 causes a build issue while building chromium. The
build against this version is disabled until the release 5.6.3 is out.
Note 4: Here is trace when udev does not run
# cd /usr/lib/qt/examples/webengine/quicknanobrowser
# ./quicknanobrowser
QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
Unable to query physical screen size, defaulting to 100 dpi.
To override, set QT_QPA_EGLFS_PHYSICAL_WIDTH and QT_QPA_EGLFS_PHYSICAL_HEIGHT (in millimeters).
[0101/000248.161973:WARNING:resource_bundle_qt.cpp(114)] locale_file_path.empty() for locale
[0101/000248.384693:WARNING:resource_bundle_qt.cpp(114)] locale_file_path.empty() for locale
[202:223:0101/000248.484954:FATAL:udev_loader.cc(38)] Check failed: false.
#0 0x0000742b93de <unknown>
#1 0x0000742c3c38 <unknown>
#2 0x000073e1e1aa <unknown>
#3 0x000073e1d96e <unknown>
#4 0x000073e1defa <unknown>
#5 0x000074af6364 <unknown>
#6 0x000074302878 <unknown>
#7 0x0000742c8fee <unknown>
#8 0x0000742c9f44 <unknown>
#9 0x0000742ca21e <unknown>
#10 0x0000742cac4c <unknown>
#11 0x0000742c87b2 <unknown>
#12 0x0000742da4f6 <unknown>
#13 0x000073ed9d38 <unknown>
#14 0x000073eda03c <unknown>
#15 0x0000742e9aec <unknown>
#16 0x0000742e71dc <unknown>
Aborted
Note 5: On rpi and depending on what is insinde the .config, more GPU
memory should be allocated to run properly qt samples.
#0 0x0000742c63de <unknown>
#1 0x0000742d0c38 <unknown>
#2 0x0000749d7bde <unknown>
#3 0x0000749e3c70 <unknown>
#4 0x00007530227c <unknown>
#5 0x000075302480 <unknown>
#6 0x0000752fb1e4 <unknown>
#7 0x00007430f878 <unknown>
#8 0x0000742d5fee <unknown>
#9 0x0000742d6f44 <unknown>
#10 0x0000742d721e <unknown>
#11 0x0000742d7ad6 <unknown>
#12 0x0000742d57b2 <unknown>
#13 0x0000742e74f6 <unknown>
#14 0x0000742f6a74 <unknown>
#15 0x0000742f41dc <unknown>
Received signal 6
#0 0x0000742c63de <unknown>
#1 0x0000742c66a0 <unknown>
#2 0x0000725b5d10 <unknown>
[end of stack trace]
qml: Render process exited with code 256 (abnormal exit)
# mount /dev/mmcblk0p1 /mnt
# sed '/^gpu_mem_/s,=.*,=200,' -i /mnt/config.txt
# umount /mnt
Note 6: The first patch fixes a build issue when samples are compiled
without the support of printing [4]. This patch is already merged in
branch 5.9 [5] and concerns only 5.9.1.
085c2c52 Always compile QWebEnginePage::print
It fixes the error below.
.obj/browsermainwindow.o: In function `BrowserMainWindow::printRequested(QWebEnginePage*)': browsermainwindow.cpp:(.text+0x2cc0): undefined reference to `QWebEnginePage::print(QPrinter*, QWebEngineCallback<bool> const&)'
The second patch loads both libEGL and libGLESv2 symbols implicitly
instead of loading them with explicitly using hard-coded locations. It
fixes a bug when providers of lib*GL does not create libraries named
libEGL.so.1 and libGLESv2.s2 [6]. This patch is already merged in branch
5.9 [7].
d4c621f6 Load libEGL and libGLES2 symbols implicitly
It fixes the error below.
[327:347:1221/085837:ERROR:surface_factory_qt.cpp(68)] Failed to load /usr/lib/libGLESv2.so.2: /usr/lib/libGLESv2.so.2: cannot open shared object file: No such file or directory
[1]: http://lists.busybox.net/pipermail/buildroot/2015-July/132010.html
[2]: https://patchwork.ozlabs.org/patch/640633/
[3]: https://patchwork.ozlabs.org/patch/791332/
[4]: https://bugreports.qt.io/browse/QTBUG-61510
[5]: https://codereview.qt-project.org/#/c/198041/
[6]: https://bugreports.qt.io/browse/QTBUG-57761
[7]: https://codereview.qt-project.org/#/c/199554/
Cc: Akihiko Odaki <akihiko.odaki.4i@stu.hosei.ac.jp>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
[Arnout:
- move more dependencies to _ARCH_DEPENDS;
- mention all toolchain dependencies in the comments]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Add the possibility to choose more test tools than only integck
from the MTD utils test-suite.
Move the hidden BR2_PACKAGE_MTD_TESTS configuration to the bottom
of the page and make it visible. When checked, a new list of available
binaries is displayed and may be selected and compiled into the image
with the --enable-install-tests configure script option:
- flash_torture
- flash_stress
- flash_speed
- nandbiterrs
- flash_readtest
- nandpagetest
- nandsubpagetest
Most of these tests may be performed by inserting kernel modules
which are almost legacy so having the userspace tools available
might become useful.
Legacy handling for users who had BR2_PACKAGE_MTD_INTEGCK selected is
not needed: they also have the BR2_PACKAGE_MTD_TESTS option enabled in
their .config. That option has now become a selectable option so it is
not removed any more by oldconfig.
Signed-off-by: Miquel Raynal <miquel.raynal@free-electrons.com>
[Arnout:
- fix threads and MMU dependency;
- order Config.in options and mtd.mk lines alphabetically;
- add note on legacy handling to commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
fixup
Commit cef57c9642 added
bananapi_m2_plus_defconfig but forgot to update .gitlab-ci.yml. Do it
now.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
grub is no longer maintained: it is stuck at version 0.97 with huge
patches that have no opportunity to be applied upstream, as upstream
has even renamed it grub-legacy.
Besides, it no longer builds correctly with recent binutils versions,
and even the huge patches we could grab from Debian do not help the
slightest.
Since upstream really considers it dead, and there are at least two
alternatives (grub2 and syslinux), just remove grub.
Add a legacy entry.
Remove the test cases as well.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The Makefile in the package is not very versatile, so we need to go our
way to only build and install what we can.
Fixing the Makefile is not worth it, considering that we can quite
easily do all of that in our .mk.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: add license file hashes and use SPDX license name]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The Makefile in the package is not very versatile, so we need to go our
way to only build and install what we can.
Fixing the Makefile is not worth it, considering that we can quite
easily do all of that in our .mk.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: Add license file hash, use SPDX license name]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
DAHDI is the 'framework' to drive actual telehony cards. Using telephony
cards without signalling is pretty much meaningless, so signalling will
be added in later commits.
libtonezone is provided by dhadi-tools, while the dahdi headers are
provided by dahdi-linux. Go figure.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Also provides libraries, so install in staging as well.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: add hashes for license files]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
dahdi-linux provides kernel modules to drive a variety of telephony
cards, ranging from low-end one-channel to higher-end multi-channel
cards. It also provides headers for userland to talk to those cards.
With a bit of love, dahdi-linux can use our kernel-module
infrastructure. Wee! :-)
Still, there are a few specificities about dahdi-linux.
First, it needs to install a few binary firmware blobs, which it wants
to download at install time. Since we do want to be able to do
completely off-line builds, we need to downlaod them manually. So we
have the full list of firmware blobs (even if some can only be used on
an i386/x86_64 target, we still uconditionally download them), for which
we have locally-computed sha256 (no hash provided by upstream for the
blobs).
Second, the install procedure for the firmware blobs needs to have
access to the Linux kernel .config file, so it can decide whether to
install the blobs or not. We can force not to install them, but we can't
force to install them... :-/ And anyway, we'd have to do the same check
as is already done by dahdi-linux, so no need to duplicate that.
Finally, the licensing is relatively weird. Although it is obvious and
straightforward for the most part of dahdi-linux, consisting of mostly
GPLv2 and a few LGPLv2.1, there is one gotcha.
Of the firmware blobs, one is provided as a .o file, with no licensing
information whatsoever, without any source available from upstream, but
is directly linked to a GPLv2 file.
This is very concerning, but there is not much we can do about it,
except delegate to the legal reviewer whether that is acceptable or not.
AS an aside, dahdi-linux drivers do not build with a kernel 4.0 or
later, as it uses internals that have been removed in linux-4.0. There
has been no update upstream dahdi-linux to fix that. There's not much we
can do, except warn the user in the help text.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: use SPDX license names and add hashes for license files]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
asterisk uses backtrace() from execinfo.h to print beuatiful backtraces
when it fails. But execinfo is only reliably available with glibc, while
it is optionbal in uClibc and completely missing in musl.
So, only enable backtrace support for glibc toolchains.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Asterisk: the flagship of telephony on Linux. These are the lines of
code whose continuous mission is to power small and large enterprises
telephony systems, to boldly provide IP PBX where no one has done so
before.
But it is a hell to get compiled... :-(
For starters, it needs a host tool, menuselect, to prepare its build
configuration. Unfortunately, the way it handles menuselect does not
apply very well for cross-compilation: the main ./configure calls out to
menuselect's own ./configure, and of course that runs with the same
environement, which is wrong for cross-compilation (because of variables
like CC, CFLAGS and the likes).
Furthermore, the paths to menuselect are imbricated about everywhere in
the main Makefile, so making it find menuselect in PATH is a lost cause.
Instead, we just patch-out the handling of menuselect, build it as the
host variant and copy it in place.
Now, asterisk wants to install a default set of sound files (for
answering machine stuff, I guess). They come come pre-bundled in the
official archive [0], but the buildsystem will want to download (at
install time) the sha1 files for each sound archive, to validate that
said archive is correct. However, the download is done via plain http,
so it still risks an MITM attack. And for Buildroot, it is not always
possible to download at install time, so we patch-out the sha1 check.
[0] http://downloads.asterisk.org/pub/telephony/asterisk/releases/
The official archive contains the sound archives plus a full set of
documentation. This makes it very big. Unfortunately, the hosting site
is rather slow, topping at about ~204kbps. So we get the archive from
the official mirror on Github. But that archive is missing the sound
archives, so we download them separately.
Some tests, like the crypt() one, are broken and could not have ever
possibly worked at all. Worse, the FFmpeg test is looking for headers
that FFmpeg removed more than 10 years ago and are virtually no longer
available in any distro. So, FFmpeg support is definitely not tested
by upstream and can't possibly work at all. Finally, trying to run
test-code does not work in cross-compilation.
As a final stroke of genius, asterisk checks for the re-entrant variant
of res_ninit(), and concludes that all such functions are available,
including res_nsearch(). Uclibc-ng has the former but not the latter, so
the build fails. Since there is no cache variable for that check, we
can't pre-feed that result to configure, and fixing it is a bigger
endeavour. So we make asterisk depend on glibc for now, until someone
is brave enough to fix it.
Almost all features are disabled for now. Support for additional
features will be added in subsequent patches now that we have a working
base.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
[Arnout:
- make libilbc a mandatory dependency instead of using the bundled one;
- add license, license files, and license file hashes;
- minor spelling corrections;
- remove redundant trailing backslash reported by check-package;
- rewrap help text to 72 columns instead of 68]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
fixup
MPD version 0.20 is affected by GCC bug 64735 and failes to build for
some archictuctures (NIOSII, ARMv4, ARMv5 and SPARCv8) with a GCC
toolchain less then version 7.
We added a version choice between 0.19 and 0.20 in Buildroot version
2017.02 as GCC 7 was not yet available at that time. This way, mpd could
still be build for those architectures.
As GCC 7 is now available in Buildroot remove the version choice for 0.19.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: board is from Sinovoip, not Lemaker, move board files,
Use kernel headers from kernel, explicitly use 4.13.3,
drop eth0 dhcp config, cleanup post-build args,
disable tar output format, use u-boot custom format,
add host-dosfstools/mtools for genimage, drop unused
host-uboot-tools/genext2fs]
Signed-off-by: Mike Harmony <mike.harmony@snapav.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Only a static library is built (and no _INSTALL_TARGET_CMDS are defined), so
there is no need to run the target-install step.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
NS_ENABLE_SSL was renamed to MG_ENABLE_SSL in v6.0, commit e1dd3f06fe33
(Rename Mongoose constants: NS_ -> MG_, NSF_ -> MG_F_), so use the new name
instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No linking is done since the package was reworked for v6.x in commit
9860746ff (mongoose: bump to version 6.1), so drop LDFLAGS and the list of
libraries to link against.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This define is not used anywhere in the mongoose sources since v6.0 (commit
8927c9d22b3f), so drop it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add upstream patch fixing CVE-2017-14062:
Integer overflow in the decode_digit function in puny_decode.c in
Libidn2 before 2.0.4 allows remote attackers to cause a denial of
service or possibly have unspecified other impact.
This issue also affects libidn.
Unfortunately, the patch also triggers reconf of the documentation
subdirectory, since lib/punycode.c is listed in GDOC_SRC that is defined
in doc/Makefile.am. Add autoreconf to handle that.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-2862 - An exploitable heap overflow vulnerability exists in the
gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A
specially crafted jpeg file can cause a heap overflow resulting in remote
code execution. An attacker can send a file or url to trigger this
vulnerability.
CVE-2017-2870 - An exploitable integer overflow vulnerability exists in the
tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with
Clang. A specially crafted tiff file can cause a heap-overflow resulting in
remote code execution. An attacker can send a file or a URL to trigger this
vulnerability.
CVE-2017-6311 - gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows
context-dependent attackers to cause a denial of service (NULL pointer
dereference and application crash) via vectors related to printing an error
message.
The host version now needs the same workaround as we do for the target to
not pull in shared-mime-info.
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It seems github now sometimes provides slightly changed tarballs which
produce a different sha256 hash than before. This commit fixes the
hashes of the packages when sources.buildroot.net does not store a copy
of the tarball matching the current hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Install tools into /usr/bin, not /usr/local/bin, since /usr/local/bin
is not in PATH by deafault.
[Peter: set PREFIX to /usr to really install into /usr/bin]
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump Python3 version to 3.6.2.
Patches dropped:
"Support PGEN_FOR_BUILD and FREEZE_IMPORTLIB_FOR_BUILD"
Rationale: With commit 9d02f562961efd12d3c8317a10916db7f77330cc, code
generation step of building CPython now became explicit (instead of
always performed as a part of 'make' invocation) and more granular. We
no longer need to use Parser/pgen at all and tricking the build system
into using different Programs/_freeze_importlib can be done as a part
of recipe.
Additional info about the build change can be found at
https://bugs.python.org/issue23404
Signed-off-by: Andrey Smirnov <andrew.smirnov@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also add a hash for the license file while we're at it.
[Peter: use tuxfamily.org URL for annoucement]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-7555 - Augeas versions up to and including 1.8.0 are
vulnerable to heap-based buffer overflow due to improper handling of escaped
strings. Attacker could send crafted strings that would cause the
application using augeas to copy past the end of a buffer, leading to a
crash or possible code execution.
[Peter: extend description]
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Patches with renames apply properly with patch >= 2.7, but not with
older patch versions. Since "git format-patch" by default generates
patches with renames, Buildroot developers often don't realize that
their patches will not apply properly on build machines that have
patch < 2.7. In order to prevent such a situation from happening
again, this commit adds some logic in apply-patches.sh to refuse
applying patches that contain renames.
Note that just searching for '^rename' is not sufficient, since the
patch commit message may contain the words "rename from" or "rename to"
as well. Therefore, the grep expression is made as accurate as possible,
checking both.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: spaces instead of tabs (suggested by Yann);
extend commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
When using an external toolchain that was built with Buildroot and a
merged /usr, the dynamic linker is actually in /usr/lib.
But the check_glibc macro limits the depth it is looking for the dynamic
linker, and misses it when it is in /usr/lib because it is too deep.
We could fix that in two ways: increase the depth in which we look
for it, or follow symlinks. We choose the second solution.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This bump
54e63e3f9a...303f418e1a
updated the transcoding support already present:
014bb9505e
To avoid these build errors
src/transcoding/codec/codecs/libs/libx26x.c:105:18: fatal error: x264.h: No such file or directory
#include <x264.h>
src/transcoding/codec/codecs/libs/libx26x.c:213:18: fatal error: x265.h: No such file or directory
#include <x265.h>
src/transcoding/codec/codecs/libs/libopus.c:23:31: fatal error: opus/opus_defines.h: No such file or directory
#include <opus/opus_defines.h>
we need to add dependency handling already with this patch and keep the
hard dependency x264 as minimum codec for transcoding but we now need
to enable BR2_PACKAGE_FFMPEG_GPL to enable x264-support also in ffmpeg.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
014bb9505e
extended the already present transcoding support and included vaapi-
accelerated transcoding.
In order to support these new options and their numerous dependencies
we add a new Kconfig option for transcoding support to allow users to
disable transcoding support, because they use tvheadend for recording
or by its internal hts protocol, for example with the kodi-pvr-hts
addon.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Mostly to compile imx-lib (providing libpxp) on i.MX6UL (which have a
PXP hardware unit) and to prevent compilation of imx-lib's modules not
supported on i.MX6UL.
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Acked-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Some changes in addition to the version bump:
- The uint32_t patch is now upstream
- Drop --no-glib12 flag as support was removed in 2.0.23
- The host library path patch was refreshed
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: remove uint32_t patch from hash file]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
With the addition of the sdk support it may be interesting to build
host-cmake even though no packages need it, so expose it in menuconfig.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes the following security issues:
XSA-226: multiple problems with transitive grants (CVE-2017-12135)
XSA-227: x86: PV privilege escalation via map_grant_ref (CVE-2017-12137)
XSA-228: grant_table: Race conditions with maptrack free list handling
(CVE-2017-12136)
XSA-230: grant_table: possibly premature clearing of GTF_writing /
GTF_reading (CVE-2017-12855)
XSA-231: Missing NUMA node parameter verification (CVE-2017-14316)
XSA-232: Missing check for grant table (CVE-2017-14318)
XSA-233: cxenstored: Race in domain cleanup (CVE-2017-14317)
XSA-234: insufficient grant unmapping checks for x86 PV guests
(CVE-2017-14319)
XSA-235: add-to-physmap error paths fail to release lock on ARM
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
With the addition of the sdk support it may be interesting to build
host-pkgconf even though no packages need it, so expose it in menuconfig.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The download location got changed two years ago when the version was bumped
to 0.9.12, but the upstream URL in Config.in wasn't updated.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
I'm going to leave current company and
this mail address is going to become invalid.
Signed-off-by: Naoki Matsumoto <n-matsumoto@melcoinc.co.jp>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-cmake will optionally link with openssl for the embedded copy of
libarchive if available, leaking host dependencies and possibly causing
build issues in case of compatibility issues - E.G. the host-cmake version
we have in 2017.02.x doesn't build against openssl-1.1.0+:
https://github.com/libarchive/libarchive/issues/810
The openssl support in libarchive is unlikely to be needed, so explicitly
disable it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-1000250 - All versions of the SDP server in BlueZ 5.46 and
earlier are vulnerable to an information disclosure vulnerability which
allows remote attackers to obtain sensitive information from the bluetoothd
process memory. This vulnerability lies in the processing of SDP search
attribute requests.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since commit be8e32d585 ("netsnmp: configurable MIB modules"),
the list of MIB modules can be selected with a configuration option.
However, there was still an hardcoded list of MIB files to exclude from
the target filesystem.
Since it is complicated to know which MIB files are necessary according
to the configuration, let's install all of them.
Cc: przemyslaw <przemyslaw.wrzos@calyptech.com>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Added upstream patch to fix build error:
move.o: In function `do_page_up':
move.c:(.text+0x150): undefined reference to `leftedge_for'
move.o: In function `do_page_down':
move.c:(.text+0x20c): undefined reference to `leftedge_for'
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There aren't really any changes that matter for the buildroot image,
but the project has been moved over to kernel.org and is now available
in a release tarball, so simplify the .mk file by removing any
autoreconf stuff.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a patch fixing compilation on the systems without C++ compiler.
Also add licence hashes.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This also moves the source tree to the new official upstream location at
ibm-power-utilities GitHub organisation.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mbimcli and mbim-network are GPLv2+ (COPYING file applies) and
libmbim-glib is LGPLv2.1+ (COPYING.LIB file applies).
Also, setup hashes of the license files, for a correct
"make legal-info".
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
qmicli, qmi-network and qmi-firmware-update are GPLv2+ (COPYING file
applies) and libqmi-glib is LGPLv2.1+ (COPYING.LIB file applies).
Also, setup hashes of the license files, for a correct
"make legal-info".
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ModemManager and mmcli are GPLv2+ (COPYING file applies) and
libmm-glib is LGPLv2.1+ (COPYING.LIB file applies).
Also, setup hashes of the license files, for a correct
"make legal-info".
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Force gzip compression level 6 when calculating hash of a downloaded GIT repo.
To make sure the tar->gzip->checksum chain always provides consistent result.`
The script was relying on the default compression level, which must not be
necessarily consistent among different gzip versions. The level 6 is gzip's
current default compression level.
Signed-off-by: Petr Kulhavy <brain@jikos.cz>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fscryptctl is a low-level tool written in C that handles raw keys and
manages policies for Linux filesystem encryption.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump U-Boot to 2017.09 and kernel to 4.12.12 version.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Memory references to DI mode objects could incorrectly be created at
offsets that are not supported by instructions l32i/s32i, resulting in
ICE at a stage when access to the object is split into access to its
subwords:
drivers/staging/rtl8188eu/core/rtw_ap.c:445:1:
internal compiler error: in change_address_1, at emit-rtl.c:2126
Fixes: https://lkml.org/lkml/2017/9/10/151
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a number of integer overflows and DoS issues.
[Peter: explain security impact]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patch.
Add an upstream patch fixing build without python.
Add two more patches (one of them upstream) fixing cross compile of the
python client library.
Enable devinput and uinput unconditionally to suppress non cross compile
compatible host checks.
Set DEVINPUT_HEADER to target header of input events to avoid use of
host header.
Add python3 as optional dependency.
Cc: Rhys Williams <github@wilberforce.co.nz>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch applied upstream, switched to cmake-package following
upstream removal of autoconf.
Short summary of changes:
version 1.0.1
- switched from autoconf to cmake
version 1.0.0:
- fixed CVE-2014-8242
- project moved to github
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As the SixXS project has ceased its operation on 2017-06-06,
the aiccu utility has been removed.
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add optional dependency on libcap, which exists since this version
bump.
Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com>
[Thomas: add explicit --with-libcap.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2017-11610 - The XML-RPC server in supervisor before 3.0.1, 3.1.x
before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote
authenticated users to execute arbitrary commands via a crafted XML-RPC
request, related to nested supervisord namespace lookups.
For more details, see
https://github.com/Supervisor/supervisor/issues/964
While we're at it, add hashes for the license files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We unfortunately cannot use the upstream patches directly as they are not in
'patch -p1' format, so convert them and include instead.
Fixes:
CVE-2017-0899 - RubyGems version 2.6.12 and earlier is vulnerable to
maliciously crafted gem specifications that include terminal escape
characters. Printing the gem specification would execute terminal escape
sequences.
CVE-2017-0900 - RubyGems version 2.6.12 and earlier is vulnerable to
maliciously crafted gem specifications to cause a denial of service attack
against RubyGems clients who have issued a `query` command.
CVE-2017-0901 - RubyGems version 2.6.12 and earlier fails to validate
specification names, allowing a maliciously crafted gem to potentially
overwrite any file on the filesystem.
CVE-2017-0902 - RubyGems version 2.6.12 and earlier is vulnerable to a DNS
hijacking vulnerability that allows a MITM attacker to force the RubyGems
client to download and install gems from a server that the attacker
controls.
For more details, see
https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Bind autoconf scripts look for lmdb.h in /usr/include (even when
cross-compiling). When liblmdb-dev is installed, this causes the
following error:
...
checking for lmdb library... yes
checking for library containing mdb_env_create... no
configure: error: found lmdb include but not library.
Fix this by disabling explicitly lmdb support.
Signed-off-by: Robin Jarry <robin.jarry@6wind.com>
Signed-off-by: Julien Floret <julien.floret@6wind.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
strace moved to a new homepage as upstream commit 2bba131575878 (Update
homepage URL) indicates.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CVE-2016-8687: Stack-based buffer overflow in the safe_fprintf function
in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a
denial of service via a crafted non-printable multibyte character in a
filename.
CVE-2016-8688: The mtree bidder in libarchive 3.2.1 does not keep track
of line sizes when extending the read-ahead, which allows remote
attackers to cause a denial of service (crash) via a crafted file, which
triggers an invalid read in the (1) detect_form or (2) bid_entry
function in libarchive/archive_read_support_format_mtree.c.
CVE-2016-8689: The read_Header function in
archive_read_support_format_7zip.c in libarchive 3.2.1 allows remote
attackers to cause a denial of service (out-of-bounds read) via multiple
EmptyStream attributes in a header in a 7zip archive.
CVE-2016-10209: The archive_wstring_append_from_mbs function in
archive_string.c in libarchive 3.2.2 allows remote attackers to cause a
denial of service (NULL pointer dereference and application crash) via a
crafted archive file.
CVE-2016-10349: The archive_le32dec function in archive_endian.h in
libarchive 3.2.2 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted file.
CVE-2016-10350: The archive_read_format_cab_read_header function in
archive_read_support_format_cab.c in libarchive 3.2.2 allows remote
attackers to cause a denial of service (heap-based buffer over-read and
application crash) via a crafted file.
CVE-2017-5601: An error in the lha_read_file_header_1() function
(archive_read_support_format_lha.c) in libarchive 3.2.2 allows remote
attackers to trigger an out-of-bounds read memory access and
subsequently cause a crash via a specially crafted archive.
Add upstream patch fixing the following issue:
CVE-2017-14166: libarchive 3.3.2 allows remote attackers to cause a
denial of service (xml_data heap-based buffer over-read and application
crash) via a crafted xar archive, related to the mishandling of empty
strings in the atol8 function in archive_read_support_format_xar.c.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Change setup type to setuptools.
Add a patch removing the pytest-runner dependency. The patch was sent
upstream.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Qt package currently fails to build on ARMv8 cores in 32-bit mode
(for example, if you select ARM and then Cortex-A53), because the ARM
atomic operation implementation in Qt checks if we're on ARMv7, then
on ARMv6, and otherwise falls back to an ARMv5 implementation. The
latter uses the swp instruction, which doesn't exist on ARMv8, causing
a build failure.
To solve this, we simply add a patch that uses the ARMv7 atomic
operations for ARMv8-A.
There is no autobuilder reference because we don't have any ARMv8
32-bit configuration in the autobuilders.
Cc: <ivychend@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-12938 - UnRAR before 5.5.7 allows remote attackers to bypass a
directory-traversal protection mechanism via vectors involving a symlink to
the . directory, a symlink to the .. directory, and a regular file.
CVE-2017-12940 - libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read
in the EncodeFileName::Decode call within the Archive::ReadHeader15
function.
CVE-2017-12941 - libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read
in the Unpack::Unpack20 function.
CVE-2017-12942 - libunrar.a in UnRAR before 5.5.7 has a buffer overflow in
the Unpack::LongLZ function.
For more details, see
http://www.openwall.com/lists/oss-security/2017/08/14/3
While we're at it, add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-6362: Double-free in gdImagePngPtr()
CVE-2017-7890: Buffer over-read into uninitialized memory
Drop patches no more needed:
0001-gdlib-config.patch: @LIBICONV@ is nowadays correct AC_SUBST'ed by
configure
0002-gd_bmp-fix-build-with-uClibc.patch: upstream uses ceil() since
6913dd3cd2
While we're at it, add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to 4.13 kernel and remove all the dts patches as they
are part of upstream now.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The libqmi library and tools come with several optional features that
may be enabled or disabled during build.
This patch adds support to automatically enable or disable them based
on the presence of the required dependencies for each:
* QMI-over-MBIM is enabled if libmbim is selected.
* udev support in qmi-firmware-update is enabled if libgudev is
selected.
* MM runtime check in qmi-firmware-update is enabled if ModemManager
is selected (but we don't build-depend on it, the runtime check is
done using plain glib2 DBus operations).
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch bumps web2py to the latest version R-2.15.4 and bumps
also the python-pydal dependency to the required latest version 17.8.
Starting with version R-2.15.x web2py supports also python 3, so
updating the package to support both versions.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit bumps lcdproc to version 0.5.9, and switches to the new
upstream on github.
The new version also compiles with musl without any patches.
Signed-off-by: Sven Haardiek <sven.haardiek@greenbone.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Upstream migrated to automake for autotools: the "installlib" target
no longer exist, and we can use the standard "install" target, and
therefore drop the special INSTALL_STAGING_OPTS and
INSTALL_TARGET_OPTS variables.
Add license hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
minnowboard_max-graphical_defconfig has the line "BR_TARGET_GRUB2=y",
but this currently has no effect because BR_TARGET_GRUB2 cannot be
selected without BR2_TOOLCHAIN_BUILDROOT_WCHAR=y, which is not set by
default.
The minnowboard max defconfig was updated to fix this problem, but the
graphical variant was not updated alongside it.
Signed-off-by: Nicholas Sielicki <sielicki@yandex.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The galileo_defconfig has the line "BR_TARGET_GRUB2=y", but this
currently has no effect because BR_TARGET_GRUB2 cannot be selected
without BR2_TOOLCHAIN_BUILDROOT_WCHAR=y, which is not set by default.
Signed-off-by: Nicholas Sielicki <sielicki@yandex.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 44b5637ab2 (e2fsprogs: add a patch to link against SEM_INIT libs)
introduced a patch that effectively adds -lpthread to the link command
with libcom_err. Today the only libc with separate libpthread is glibc
that does not support static build. The generated libcom_err.so.2.1
library links with libpthread with or without this patch. Drop this
patch.
Cc: Daniel Mack <daniel@zonque.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit c96b8675ea
("support/scripts/check-bin-arch: ignore symbolic links") was bogus,
because it tested ${f}, which is the relative path of the file inside
${TARGET_DIR}, so we end up testing if ${f} on the system is a
symbolic link.
This commit fixes that by testing ${TARGET_DIR}/${f}.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since commit da32b49f00
("instrumentation: extend packages-file-list.txt with symlinks and
directories"), the packages-file-list.txt also contains symbolic
links. Therefore, check-bin-arch is now also checking symbolic links.
However, symbolic links in $(TARGET_DIR) can have absolute path as
targets, such as:
$ ls -l output/target/sbin/ifdown
lrwxrwxrwx 1 thomas thomas 10 Sep 3 15:55 output/target/sbin/ifdown -> /sbin/ifup
Therefore, we are now potentially checking a host binary, which
obviously makes check-bin-arch fail.
This commit changes check-bin-arch to ignore symbolic links. Indeed,
we have two cases:
- The symbolic link really points to something that will in the
rootfs (such as /sbin/ifup above). In this case, /sbin/ifup will be
checked separately by check-bin-arch.
- The symbolic link doesn't point to something that will be in the
rootfs, and that is not a problem from the perspective of
check-bin-arch, which checks the architecture of target binaries.
Fixes:
http://autobuild.buildroot.net/results/16d384a0183d477646ac7692feb65f00dde7d068/
(vim)
http://autobuild.buildroot.net/results/50429c0f63a8befff9e20899327b9a8d754d99be/
(ifupdown)
http://autobuild.buildroot.net/results/1db65973e782bfa61abcbccd3501bfd235f77288/
(gawk)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Switch to https download for firewall compatibility and security.
As upstream now defaults to 'gpg' for the main binary name, keep the
'gpg2' name as in previous releases, to avoid conflict with the gnupg
package.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
curlbuild.h was removed in recent versinos of curl, backporting a
patch from mainline to fix it until a newer version of sysdig is
released.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Provide the path to HOST_DIR for libxml, libxslt and libiconv like for
the target variant to avoid a build issue on host where /bin is a
symlink to /usr/bin.
Indeed, the configure script use a custom m4 macro XSTAR_LIB_CHECK to
find xml2-config:
XSTAR_LIB_CHECK([LIBXML], [xml2-config])
This macro come from a local m4 file m4/xstar-check-libs.m4 where it
use:
AC_PATH_PROG(LIBXXX()_CONFIG, xxx_config(),
[], [$LIBXXX()_PREFIX/bin$PATH_SEPARATOR$PATH]
Since no prefix seems to be defined by $LIBXXX()_PREFIX, AC_PATH_PROG
look by itself at /bin/ for xml2-config. So the PATH variable set
by Buildroot containing HOST_DIR/bin is ignored.
The wrong xml2-config is used during the build and the build fail
when no xml2 headers are installed on the host.
Fixes:
src/xml_C14N.c:12:31: fatal error : libxml/xmlversion.h : No such file or directory
#include <libxml/xmlversion.h>
^
In file included from src/trans.c:4:0:
src/trans.h:32:30: fatal error : libxml/xmlmemory.h : No such file or directory
#include <libxml/xmlmemory.h>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: remove french messages from the commit log, drop
--with-libiconv-prefix option, since we don't have a libiconv
dependency for the host.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
ts4900 defconfig is upstream in Linux since v4.9:
a2f1145 ARM: dts: TS-4900: add basic device tree
Bump kernel version to v4.12 and use the upstreamed defconfig
imx_v6_v7.
Signed-off-by: Mathieu Audat <mathieu.audat@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This change extends to the login utilities the current policy of having
a selection item in the configuration menu for each utility that has an
--enable/--disable knob in the "configure" script:
- add selection items for login, runuser, su and sulogin (there was
already an item for "last")
- move "login utilities" to Config.in.legacy
- make "login utilities" select last, login, runuser, su and sulogin
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Kernel help-text states, "The ext4 filesystem requires that this feature
be enabled <...> otherwise, it will refuse to mount in the read-write
mode any filesystems that use the huge_file feature, which is enabled by
default by mke2fs.ext4."
If the rootfs is to be (re)mounted rw at boot, this must be set for the
system to successfully come up.
Signed-off-by: Nicholas Sielicki <sielicki@yandex.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Building 3.1.9 still fails after removing patch 0002:
volume.c:383:26: error: 'ldap_config_valid' undeclared (first use in this function)
if (!ldap_config_valid || vol->v_flags & AFPVOL_NONETIDS)
Bumping to 3.1.11 solves the problem.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This reverts commit 72e89edfcb. Due to
some change in fontconfig, it tries to re-generate a file using
gperf. Adding a dependency on host-gperf would solve the problem, but
really this is an upstream bug that should be reported and fixed
rather than worked around by adding the host-gperf dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In 61c4c63 (package/lzo: switch to cmake), building lzo has switched
from autotools to cmake. In the conversion, we've lost the build of the
shared library, because the cmake-based buildsystem of lzo explcitly
disables it by default.
Restore the shared library build.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
With the recent NLS rework, BR2_ENABLE_NLS doesn't imply the absense of --disable-nls, so
configure may fail with:
configure: error: "The gtk client cannot be built without nls support. Try adding either --enable-nls or --without-gtk"
So adjust the dependencies to use BR2_SYSTEM_ENABLE_NLS instead.
As mentioned by Arnout, an alternative solution could be to explicitly pass
--enable-nls as the stub functions are now available everywhere - But I went
with the dependency for consistency reasons.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following configure issue:
checking for GTK... no
configure: error: Package requirements (gtk+-3.0 >= 3.4.0
glib-2.0 >= 2.32.0
gio-2.0 >= 2.26.0,
gmodule-2.0 >= 2.32.0
gthread-2.0 >= 2.32.0) were not met:
libgtk2 support was dropped in commit cdd71c642724 ((trunk gtk) #4970 remove
deprecated GTK+ API calls, raise GTK+ dependency to 3.2) which was part of
transmission-2.61.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
These are the changes implemented:
* Remove dbus-glib as a dependency, as it isn't required since
ModemManager 1.0, which is based on libglib2's GDBus
implementation.
* Remove udev as a dependency, as the ModemManager build only needs
the libgudev package.
* Explicitly set libglib2 as dependency, which currently was being
implicitly included by libgudev. The next major ModemManager
release will have udev/libgudev as optional packages, while
libglib2 is definitely not going to be ever optional.
* Add a comment explaining that dbus is only a runtime dependency.
Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Brock Williams <brock@cottonwoodcomputer.com>
[Thomas:
- properly handle the NLS cases, by adding two patches
- use sha256 locally calculated hash for the tarball, add hash for
the license file
- fix the license information: it's GPL-2.0 licensed, and the license
file is doc/COPYING.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Buildroot currently packages version 1.18 of simics, which is quite
out of date, and does not compile with Linux 4.12+. The latest package
v1.22 supports recent kernels, however that is not publicly available
anymore like the older versions.
In fact Simics is now moving away from the simicsfs kernel module, as
the kernel module has required too much maintenance work. Users should
move to the new user mode Simics agent instead. Therefore, we drop the
corresponding package from Buildroot.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tweak 0003-Sanitize-the-installation-process.patch for 2.2.4
Tweak 0004-Remove-PIE-flags-from-the-build.patch for 2.2.4
Remove 0005-Fix-static-linking-with-GnuTLS.patch as it was merged upstream
Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
grub2 fails to configure when BR2_SSP_ALL is enabled, with the following
configure error:
checking whether -fno-asynchronous-unwind-tables works... yes
checking whether -fno-unwind-tables works... yes
checking for target linking format... unknown
configure: error: no suitable link format found
This can be worked around by enforcing -fno-stack-protector in the
package CFLAGS in a way that overrides the SSP flag, as is already done
for the valgrind package.
Fixes bug #10261.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Reported-by: Dr I J Ormshaw <ian_ormshaw@waters.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes CVE-2017-0379: Mitigate a local side-channel attack on Curve25519
dubbed "May the Fourth be With You".
As we are close to release, don't update to the latest 1.8.1 version,
but to a maintenance release from the 1.7 branch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
Switch to https site for better firewall compatibility and security.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
clock_gettime is defined locally, and calls pth_int_time, which
in turn calls clock_gettime.
The USB backend shouldn't overrule clock_gettime in the first place.
This patch fixes this endless recursion by removing the local defition.
Signed-off-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 1b974425 (MIPS: add support for M6201 cores) explained that the
new core was not supported by upstream gcc, and as of gcc-8-trunk
that's still the case.
Ditto for 3cfbeb83 (MIPS: add support for P6600 cores).
This means that we currently allow to build an internal tolchain for
those cores, yet we have no suitable gcc version.
Disable the internal backend in this case.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
host-vim is needed to provide the xxd tool, otherwise the build fails
with:
checking for xxd... no
configure: error: "xxd is required (provided by vim package)"
This isn't noticed by the autobuilders, presumably because all of them
have vim installed locally.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Vim contains a tool called xxd, which is needed by mediastreamer on
the host as part of its build process. Therefore, this commit
introduces a host variant for the vim package, that will be used by
mediastreamer.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In commit f837251785 ("package/libv4l:
allow build of v4l2 utilities on noMMU platforms"), Hugues Fruchet
added a bunch of patches to libv4l in order to allow the v4l utilities
to be built on noMMU platforms.
However, as part of those patches, he entirely disabled the build of
libv4l in static linking configurations, because libv4l uses
dlopen(). Unfortunately, this breaks the build of applications like
mediastreamer in static linking configurations, and generally makes
our libv4l packages a little bit awkward: you can enable it, but it
doesn't install anything (in static linking configurations).
A closer look shows that dlopen() is only used by libv4l for plugin
support, and libv4l only provides one single plugin, and its build is
already conditional. Therefore, this commit adds yet another patch to
libv4l, which re-enables the build of libv4l, but disables the
plugin-related logic when plugin support is disabled (and it was
already automatically disabled in static linking configurations).
While at it, we update the comment in libv4l.mk that lists the patches
that makes autoreconf necessary.
Fixes the build of mediastreamer:
http://autobuild.buildroot.net/results/af091cfd0508df9395778cdc796f77e95c168410/
Cc: Hugues Fruchet <hugues.fruchet@st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This patch is much smaller the the previous one and will unlikely cause
a conflict with some forthcoming 2.30.x release.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit will enable tpuarts in eibd as well. tpuarts is as
important as FT1.2 support, which is already enabled by default.
This causes a 8 KB increase of the installed size in /usr/bin (728 KB
instead of 720 KB for /usr/bin), so not enough to justify a separate
configuration option.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch to cc-tool that fixes the boost.m4 logic used
to detect the linker rpath option so that it works properly with
static linking and additional libraries passed in LIBS.
This is the second step to fix static linking of cc-tool on
architectures like SPARC that need to link against libatomic:
http://autobuild.buildroot.net/results/ed9f2524d0ccef318ff1bc99e5dea980111de989/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Just like -lpthread was passed in LIBS, -latomic should also be passed
in LIBS. In order for this to work, we however need to first fix
cc-tool's Makefile.am so that it does not overwrite LIBS.
This is the first part of fixing the build of cc-tool in a static
linking scenario on SPARC, i.e to fix:
http://autobuild.buildroot.net/results/ed9f2524d0ccef318ff1bc99e5dea980111de989/
The patch has been merged upstream, in
553f9c6016.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Added all hashes provided by upstream.
Removed dependency to mtdev after:
167bbb6d10
libdrm is now a hard dependency:
b030897b38
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: drop "select BR2_PACKAGE_LIBDRM" from sub-option, now that it
is selected by the main option.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Release notes: https://mariadb.com/kb/en/mariadb-10126-release-notes/
Changelog: https://mariadb.com/kb/en/mariadb-10126-changelog/
Fixes the following security vulnerabilities:
CVE-2017-3636 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Client programs). Supported versions that are affected are
5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability
allows low privileged attacker with logon to the infrastructure where MySQL
Server executes to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to
some of MySQL Server accessible data as well as unauthorized read access to
a subset of MySQL Server accessible data and unauthorized ability to cause
a partial denial of service (partial DOS) of MySQL Server.
CVE-2017-3641 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DML). Supported versions that are affected are
5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Easily
exploitable vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in unauthorized ability to cause
a hang or frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2017-3653 - Vulnerability in the MySQL Server component of Oracle MySQL
(subcomponent: Server: DDL). Supported versions that are affected are
5.5.56 and earlier, 5.6.36 and earlier and 5.7.18 and earlier. Difficult
to exploit vulnerability allows low privileged attacker with network access
via multiple protocols to compromise MySQL Server. Successful attacks of
this vulnerability can result in unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add a config option to install the ql2xxx firmware binaries for QLogic
Fibre Channel adapters.
Since this doesn't quite fit under the existing categories in Config.in,
include it under a new category named "Fibre Channel Adapter Firmware".
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Reviewed-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Among other small fixes, the new version fixes crashes when running in
X11 without GLX (i.e. using EGL). Additionally, the changes from patch
"0002-Make-EGL-support-optional.patch" were committed upstream, and the
file can be dropped.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
All patches continue to apply with no changes. 7.2.0 is a bugfix
release of the 7.x branch.
The only change that is not a simple bump is that the 7.2.0 tarball is
now available xz-compressed instead of bz2-compressed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libunwind configure script explicitly links libunwind against
libgcc_s. libgcc_s is only guaranteed to be available for toolchains
that supports dynamic linking: pure static linking toolchains only
have libgcc.a, not libgcc_s.so.
Therefore, let's make libunwind unavailable on toolchains that lack
dynamic linking support. We could potentially support linking with
libgcc, but switching to libgcc_s was done upstream because libgcc was
lacking some symbols on ARM
(https://lists.nongnu.org/archive/html/libunwind-devel/2014-06/msg00024.html). Even
though recent gcc versions seem to provide such symbols in libgcc.a,
having libunwind available on static linking configurations is not a
useful enough use-case to do the necessary research to find when this
issue was fixed in gcc.
Since libunwind is not used as a mandatory dependency in any package,
adding this !BR2_STATIC_LIBS dependency is trivial and nicely avoids
the problematic situation.
This fixes two different autobuilder failures:
- Gstreamer 1.x programs failing to link, because libunwind links
against libgcc_s that isn't available (static linking
configuration):
http://autobuild.buildroot.net/results/9d4fbf7167e9afce0eef5c9e0cfd42c966ecba36/
- Gmrender-resurrect, which fails to link, because GStreamer 1.x uses
some libunwind functionality, but does not take into account the
libunwind dependency in its .pc files (static linking
configuration):
http://autobuild.buildroot.net/results/0a3a2485c187a000482c178f1e9c64dd716a858f/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The current commit is from Sep 23, 2016. Update to latest commit from
Jul 11, 2017 to add support for i.MX6ULL processors.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is similar to 350941e31d
("python: remove target Python packages from PYTHONPATH") but for
python3.
We currently have
$(TARGET_DIR)/usr/lib/python$(PYTHON3_VERSION_MAJOR)/site-packages/
inside the PYTHON3_PATH variable, which gets used to define
PYTHONPATH, passed to the host Python interpreter when
building/installing target packages.
However, this is terribly wrong, as it causes the host interpreter to
potentially import target Python packages. This is wrong for several
reasons:
- Some Python packages might need some Python modules to be installed
on the host (described in setup_requires in setup.py), but their
installation currently works because by luck the corresponding
Python module is installed for the target. Some of those cases were
happening for real, and fixed by previous patches.
- Some Python packages include some native code, therefore built for
a specific CPU architecture. When you point the host Python
interpreter to native libraries built for the target, you get nice
build failures, such as the one affecting the python-cffi related
packages.
This change fixes the following build failures:
http://autobuild.buildroot.net/results/9005b89407e46b537a54cac6cc0c69dcac4dc5ea/
(python-cryptography)
http://autobuild.buildroot.net/results/395682d33d02fdcaa39d3c0326355bd9ea3d6feb/
(python-pynacl)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit backports three patches that are already upstream in
kvmtool fixing build warnings with musl. Those are not strictly needed
for the build to succeed, they just reduce the amount of warning
noise.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In Linux 4.12, the header <asm/msr-index.h> has been removed from the
set of headers exported to userspace. Therefore, it cannot be used by
kvmtool anymore. This commit takes the simple approach of duplicating
inside kvmtool the MSR_* definitions that were used from this
<asm/msr-index.h> header.
This fixes:
x86/kvm-cpu.c:7:27: fatal error: asm/msr-index.h: No such file or directory
#include <asm/msr-index.h>
Which is the second part of:
http://autobuild.buildroot.net/results/4459a909e735343d1cf768d30466bc3c57eca19e/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since 392b0a26f5 (toolchain-external: default BR2_TOOLCHAIN_EXTERNAL_PATH
to empty), calling 'make clean' or similar can yield a spurious stderr
message:
dirname: missing operand
Try 'dirname --help' for more information.
Which is definitely baffling and unsettling...
It turns out that it is pretty trivial to reproduce, and this defconfig
is just enough:
$ cat my-defconfig
BR2_TOOLCHAIN_EXTERNAL=y
$ make BR2_DEFCONFIG=$(pwd)/my-defconfig defconfig
$ make clean
dirname: missing operand
Try 'dirname --help' for more information.
[--snip--]
This is because the cross-compiler is not found in the PATH (and for
good reasons, I don't have it in the PATH, not even at all).
So, when the cross-compiler is not found in the path, we simply
continue as if all was good, and postpone the check to much later,
when we try to copy the toolchain libs...
So, use a make construct rather than calling to the shell: $(dir ...)
does not whine if passed nothing.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since Toradex V2.7 SDK, U-Boot image has changed from u-boot.imx to
SPL + u-boot.img.
Also fix U-Boot build error with GCC6.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Commit 2c8de6c4 (gcc 4.9.1: add patch for PR60102) removed the SPE
condition becasue of said PR, but forgot to remove the associated
comment, which has been tagging along all this time...
Remove it, it is no longer valid and causes confusion.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The VC4 GPU does not support full GL, it only provides EGL.
Currently, it is possible to build the VC4 backend without EGL support,
but that does not make sense in the slighest.
So, forcibly enable EGL with VC4, like is done for etnaviv and virgl.
Reported-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This adds a patch cherry-picked from libepoxy 1.4.2, which adds missing
NULL-pointer checks and avoids segmentation faults when using libepoxy
under X11, when the server does not have the GLX extension, or it is
disabled -- and applications can still use EGL.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
When we use the cross-compiler to build syslinux with a recent binutils
version, it fails with:
/builds/arnout/buildroot/output/host/bin/i586-buildroot-linux-uclibc-ld -Bsymbolic -pie -E --hash-style=gnu -T
/builds/arnout/buildroot/output/build/syslinux-6.03/core/i386/syslinux.ld -M -o ldlinux.elf ldlinux.o \
--start-group libcom32.a --whole-archive /builds/arnout/buildroot/output/build/syslinux-6.03/bios/com32/lib/libcom32core.a libldlinux.a --end-group -N
--no-omagic \
> ldlinux.map
/builds/arnout/buildroot/output/host/bin/i586-buildroot-linux-uclibc-ld: ldlinux.elf: Not enough room for program headers, try linking with -N
/builds/arnout/buildroot/output/host/bin/i586-buildroot-linux-uclibc-ld: final link failed: Bad value
/builds/arnout/buildroot/output/build/syslinux-6.03/core/Makefile:167: recipe for target 'ldlinux.elf' failed
Backport an upstream patch that reorganises the i386 bios build by
removing some symbols and making others hidden. To simplify the
backport, an additional patch that also touches the link script is
also included - it anyway looks like that patch could be relevant as
well.
Partially fixes: https://gitlab.com/arnout/buildroot/-/jobs/28979377
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Also the last two are regenerated, their context has changed due to
the patches that have been removed earlier.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit fixes the build of libspatialindex on the Microblaze
architecture by working around a gcc bug, by passing -O0 as the
optimization level.
A patch to configure.ac is needed to not have -O2 be forced by the
libspatialindex build system, and therefore AUTORECONF=YES is now
needed.
Fixes:
http://autobuild.buildroot.net/results/bbba2a2c97dbec21340c7fd07162a316a411cba4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In case we're using an initrd, we create an empty "root" directory that
will contain only the bootloader stuff, not the actual root filesystem,
because it is in an initrd (standalone or initramfs).
We have to ensure that the directory is empty before assembling the
filesystem (to avoid any file lingering from a previous run, like the
sequence "make; make"). So we first remove it before we create it, so
that on each build (especially not-from-scratch builds) we get the exact
expected content without any leftover.
However, the macro responsible for that, although defined since 7080eef9,
was never called.
Fix that by registering it as a pre-gen hook.
Note: the directory need not be created, as there are quite a few
"install -D" commands that ensure it is created. Yet, we prefer to
create it explicitly to avoid any confusion.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Although the issue can very well occur with low-paralle builds, or even
with non-parallel builds, the conditions are so strict that the ocasion
it breaks is extremely rare, to the point where a failure would go
unnoticed.
Fixes#10141.
Reported-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
elf2flt contains a program called ld-elf2flt, which gets installed as
a replacement for ld, with ld renamed to ld.real. This program
therefore calls ld.real internally.
The logic to find ld.real worked fine for:
- bin/TARGET_ALIAS-ld
- TARGET_ALIAS/bin/ld
However, it failed badly if bin/SIMPLER_TARGET_ALIAS-ld is used, as
symlink to bin/TARGET_ALIAS-ld. For example:
$ ./output/host/bin/arm-buildroot-uclinux-uclibcgnueabi-ld
/home/thomas/buildroot/buildroot/output/host/bin/../arm-buildroot-uclinux-uclibcgnueabi/bin/ld.real: no input files
$ ./output/host/bin/arm-linux-ld
arm-linux-ld (ld-elf2flt): error trying to exec '/home/thomas/buildroot/buildroot/output/host/bin/ld.real': execvp: No such file or directory
$ ./output/host/arm-buildroot-uclinux-uclibcgnueabi/bin/ld
/home/thomas/buildroot/buildroot/output/host/arm-buildroot-uclinux-uclibcgnueabi/bin/ld.real: no input files
This commit fixes that by adding a patch that adjusts the ld-elf2flt
logic to properly cope with this situation.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes serious usability issues (Debian changelog):
* Fixed whois referrals for .com, .net, .jobs, .bz, .cc and .tv,
broken by an ICANN-mandated output change:
https://www.icann.org/resources/pages/rdds-labeling-policy-2017-02-01-en
Use snapshot.debian.org for the .dsc reference, since files tend to
disappear from the official Debian ftp site over time.
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Recent glibc have deprecated the implicit include of sys/sysmacros.h
from sys/types.h. That means that the macros major and minor are no
longer defined unless this header is included.
This problem was observed for host-e2fsprogs when building on a host
with recent glibc.
Add an upstream patch that includes sys/sysmacros.h when needed.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Dagg Stompler <daggs@gmx.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Tested-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add support for imx7d-pico, which is a board based on NXP
i.MX7D processor.
For more information about this board, please visit:
http://www.technexion.org/products/pico/pico-som/pico-imx7-emmc
Signed-off-by: Vanessa Maegima <vanessa.maegima@nxp.com>
[Thomas:
- add upstream references for the Linux kernel patches
- fix typoes in readme.txt
- remove audio-related packages in defconfig
- regenerate .gitlab-ci.yml]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The DEVELOPERS file lists file patterns, but the get-developers script
only supports getting packages and CPU architectures. Some files are
neither of those, e.g. defconfigs, support files, package infras, ...
Add a '-f' option that allows to give a list of files for which to get
the developer(s).
Note that the DEVELOPERS file contains directories as well as files,
and the directories are not expanded into individual files. Therefore,
we have to use f.startswith(devfile) to match a directory. This assumes
that the directory name ends with /, otherwise 'package/python' would
also match 'package/python-foo'. Since we make sure that directories do
end with / in the DEVELOPERS file, and since false positives are not
much of an issue in this case, this isn't a problem.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Unbreak failing defconfig.
Resulting kernel and rootfs booted on ci20 device.
While at it, drop the useless BR2_TARGET_UBOOT_VERSION variable, this
variable is a hidden variable, so it is useless to mention it in a
defconfig.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Thomas: drop BR2_TARGET_UBOOT_VERSION.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit adds a patch to the sysvinit package that fixes various
build issues against musl due to missing header includes.
Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Latest version of sysdig introduced a variable for the kernel module
name. This patch updates that variable into Makefile.in.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The skeletons are based on the selection of BR2_INIT_*, so add init- to
the package name to make this clearer. The name skeleton-common implies
that it is common to all skeletons, yet it does not apply to
skeleton-custom. It is only common to the skeleton-init-* packages, so
name it the same way.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The skeletons are based on the selection of BR2_INIT_*, so add init- to
the package name to make this clearer. While skeleton-sysv is relatively
clear, skeleton-common and skeleton-none are less clear on their
relationship to BR2_INIT_*. So rename skeleton-sysv to conform to a
clearer pattern.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The skeletons are based on the selection of BR2_INIT_*, so add init- to
the package name to make this clearer. While skeleton-systemd is
relatively clear, skeleton-common and skeleton-none are less clear on
their relationship to BR2_INIT_*. So rename skeleton-systemd to conform
to clearer pattern.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The skeletons are based on the selection of BR2_INIT_*, so add init- to
the package name to make this clearer. The name skeleton-none implies no
skeleton at all, not a base skeleton with no init-specific files.
Signed-off-by: Cam Hutchison <camh@xdna.net>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This release contains only two real changes to fix two bugs. One is
only relevant for Windows; the other one fixes handling of empty
comment lines.
libconfuse is used by genimage, and we have one defconfig,
linksprite_pcduino, that has empty comment lines in its genimage.cfg.
Thus, it fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/27873642
While we're at it, also change the upstream URL in Config.in to github.
The old URL on nongnu was just a download directory and didn't have
anything newer than 2010, while github has a nice README.md.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Host variant is needed to generate long description
for python-automat package.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Install the libraries to staging to be usable by other packages.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch adds libb64, a library of ANSI C routines for fast
encoding/decoding data into and from a base64-encoded format.
The package contains a static library, headers, and an executable.
The latter, however, requires C++ and offers no advantages over busybox
or coreutils base64, so it is not installed. Therefore, nothing is
installed to target.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
[Arnout:
- properly wrap Config.in
- move from Crypto to Other menu
- don't install to target
- don't make headers executable
- don't add -D to install with multiple source files
- extend commit log]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This reverts commit c69088b8c3, which is
no longer needed now that alsa-lib has been fixed properly.
Indeed, this commit was made because alsa-utils failed to build with:
/home/buildroot/build/instance-0/output/host/usr/xtensa-buildroot-linux-uclibc/sysroot/usr/lib/libasound.a(pcm_dmix.o): In function `snd_pcm_dmix_htimestamp':
pcm_dmix.c:(.text+0x5c0): warning:
/home/buildroot/build/instance-0/output/host/usr/xtensa-buildroot-linux-uclibc/sysroot/usr/lib/libasound.a(rawmidi_symbols.o):(.data.rel+0x4): undefined reference to `_snd_module_rawmidi_virt'
collect2: error: ld returned 1 exit status
Which is exactly the problem that we fixed in alsa-lib by making sure
that rawmidi_symbols.c doesn't reference symbols from rawmidi_virt.c
when SEQ support is not enabled.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This commit adds a patch to alsa-lib that fixes an incorrect code
dependency: some code built when MIDI support is enabled is
unconditionally referencing code that is built when SEQ support is
enabled, both options being independent.
This causes build failures such as:
/home/buildroot/buildroot-test/instance-1/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libasound.a(pcm_dmix.o): In function `snd_pcm_dmix_sync_ptr':
pcm_dmix.c:(.text+0x83c): warning:
/home/buildroot/buildroot-test/instance-1/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libasound.a(rawmidi_symbols.o):(.data+0x4): undefined reference to `_snd_module_rawmidi_virt'
Fixes:
http://autobuild.buildroot.net/results/5964e7028c31a8f75b38a27270410f0b3c5c8422/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: add upstream link to the patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cleanup the libcgi package,
by using https://github.com/rafaelsteil/libcgi as an upstream.
Remove old patch and use cmake to build new version.
Signed-off-by: Joe Lin <xlcwu.taiwan@gmail.com>
[Mario:
- Use github URL in Config.in
- Use upstream sha256 hash]
Signed-off-by: Mario J. Rugiero <mrugiero@gmail.com>
[Arnout:
- Add reference to upstream hash file
- Remove unneeded LIBCGI_SUPPORTS_IN_SOURCE_BUILD = NO]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch bumps to mono 5.0.1.1 and updates the unit tests patch
accordingly.
The latest version of mono carries a bit of changes in the monolite
package: the version string changes and from now on, monolite should
be installed in a subdirectory with the exact version string as a name.
Therefore, mono and monolite are bumped in a single commit.
Patch 0004, although applied in upstream master, is not yet in this
(stable) release.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
[Arnout: squashed the patches, removed /usr part from HOST_DIR]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Removed 0003-Use-gnu-11-standard-to-prevent-errors-on-PPC.patch, since
stella now uses -std=c++14 that builds fine when using PPC altivec
vectorization.
Removed 0004-gcc7.patch, backported from upstream.
Update toolchain dependencies to gcc 4.9 since codebase now uses C++14 features.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
[Arnout: also remove 0004-gcc7.patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Switched to github helper because upstream does not provide the tarball
anymore.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
By default, mksquashfs uses all the CPUs available, like us with
BR2_JLEVEL=0.
However, by setting BR21_JLEVEL to non-zero, a user volutarily limits
the number of jobbs allowed to run concurrently (for various reasons,
like this is not a priority task on the machine; or like the
autobuilders, to spread the load accross multiple runs without
overloading the machine).
So, propagate tthe parallelisn settings down to mksquashfs, to repect
the user's will.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Tested-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This version is compatible with LibreSSL.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The azmq library provides Boost Asio style bindings for ZeroMQ. This
library is built on top of ZeroMQ's standard C interface and is intended
to work well with C++ applications which use the Boost libraries in
general, and Asio in particular.
Signed-off-by: RJ Ascani <rj.ascani@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Using the package instrumentation hooks, a file packages-file-list.txt is
created containing the list of files installed by a package with their size.
Due to the use of 'find -type f', symbolic links to files are not included
in this file list. Since the original purpose of this file was to calculate
the total size of a package and symbolic links have file size 0, this was
not a problem.
However, if packages-file-list.txt is reused for other purposes, for example
to get a complete list of files installed by a package regardless of size,
symbolic links to files are important too.
Likewise, to get a complete view of what a package installs, directories
should be included too.
Update the instrumentation hook accordingly.
Although for files an md5sum is taken, we cannot do this for directories.
Instead, mimic the output of md5sum with a fake hash string.
Note: for directories that are used by several packages, e.g. /etc/init.d/,
the package that created the directory will be treated as the 'owner' of
that directory. This gives a somewhat distorted view of ownership.
Similarly, the package size reported by 'make graph-size' (based on
packages-file-list.txt) will include the 'size' of a directory for that
owner, which is reported as e.g. 4096 bytes.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Before and after the building of each package, the instrumentation hooks are
run. One of these hooks obtains the list of files installed by a package.
The code to obtain this list is currently duplicated in the start and end
part of the hook. While the amount of duplication is currently small, a
subsequent patch will make more changes to this code, increasing the
duplication.
Therefore, split off into a helper function.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
QtWayland is a Qt 5 module that wraps the functionality of Wayland.
Cc: Julien Corjon <corjon.j@ecagroup.com>
Cc: Brent Sink <brents_3@hotmail.com>
Cc: Naoki Matsumoto <n-matsumoto@melcoinc.co.jp>
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
[Arnout:
- select wayland instead of depending on it;
- propagate jscore dependency from qt5declarative
- re-order select/depends statements
- rewrite comment to only refer to GL backend (jscore is an arch
dependency)
- rewrap help text of BR2_PACKAGE_QT5WAYLAND_COMPOSITOR]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Introduce imx6q-sabresd_qt5_defconfig that supports the opensource
Etnaviv graphical stack.
This defconfig provides a way to quickly test some graphical applications,
such as kmscube, qt5, glmark2.
Currently kernel mainline exhibits issues when running cpufreq as ondemand
governor on mx6, so add a linux fragment that disables such option for the
time being.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[Arnout:
- Add Fabio to DEVELOPERS
- Rename linux config fragment to linux_qt5.fragment
- Add comment to linux_qt5.fragment why it is needed
- Add explicit CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y to it
- Reorder defconfig entries to they match imx6q-sabresd_defconfig
- Remove strace and host-uboot-tools, neither seems to be needed
- Drop BR2_PACKAGE_QT5BASE_LICENSE_APPROVED, it no longer exists
- Replace BR2_TARGET_ROOTFS_EXT2_BLOCKS with BR2_TARGET_ROOTFS_EXT2_SIZE
- Regenerate .gitlab-ci.yml]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2017-08-03 00:16:41 +02:00
1780 changed files with 20687 additions and 62380 deletions
BR2_TARGET_GENERIC_ISSUE="Welcome to Engicam i.CoreM6 Quad/Dual/DualLite/Solo Starter Kit"
BR2_TARGET_GENERIC_ISSUE="Welcome to Engicam i.CoreM6 Quad/Dual/DualLite/Solo"
BR2_TARGET_ROOTFS_EXT2=y
BR2_TARGET_ROOTFS_EXT2_4=y
BR2_PACKAGE_HOST_DOSFSTOOLS=y
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
