- Switch site to an active fork
- Send patch upstream
- Update indentation in hash file (two spaces)
- Fix the following CVEs:
- CVE-2018-14054: A double free exists in the MP4StringProperty class
in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again
in the destructor once an exception is triggered.
Fixed by
f09cceeee5
- CVE-2018-14325: In MP4v2 2.0.0, there is an integer underflow (with
resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
Fixed by
e475013c6e
- CVE-2018-14326: In MP4v2 2.0.0, there is an integer overflow (with
resultant memory corruption) when resizing MP4Array for the ftyp
atom in mp4array.h.
Fixed by
70d823ccd8
- CVE-2018-14379: MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0
incorrectly uses the MP4ItemAtom data type in a certain case where
MP4DataAtom is required, which allows remote attackers to cause a
denial of service (memory corruption) or possibly have unspecified
other impact via a crafted MP4 file, because access to the data
structure has different expectations about layout as a result of
this type confusion.
Fixed by
73f38b4296
- CVE-2018-14403: MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0
mishandles substrings of atom names, leading to use of an
inappropriate data type for associated atoms. The resulting type
confusion can cause out-of-bounds memory access.
Fixed by
51cb6b36f6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following CVEs:
- CVE-2019-17533: Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits
a certain '\0' character, leading to a heap-based buffer over-read in
strdup_vprintf when uninitialized memory is accessed.
- CVE-2019-20017: A stack-based buffer over-read was discovered in
Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.
- CVE-2019-20018: A stack-based buffer over-read was discovered in
ReadNextCell in mat5.c in matio 1.5.17.
- CVE-2019-20020: A stack-based buffer over-read was discovered in
ReadNextStructField in mat5.c in matio 1.5.17.
- CVE-2019-20052: A memory leak was discovered in Mat_VarCalloc in
mat.c in matio 1.5.17 because SafeMulDims does not consider the
rank==0 case.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Installing qt5declarative examples on fast/fast/multicore machines sometimes
failes with a variation of the following error messages:
- Cannot touch [...]/chapter5-listproperties/app.qml: No such file or directory
- Error copying [...]/chapter2-methods/app.qml: Destination file exists
Fix it by using OTHER_FILES instead of a seperate qml files install target
to fix the race between install_target, install_qml and install_sources.
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/565470221
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Reworked patch and commit log]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In version 5.6 a minor change was made to this file, stating tht "[a]ll
contributions to the Linux Kernel are subject to this COPYING file",
and hence the hash changed.
We can update the hash, because the licensing information is only
accounted for the "latest" version, so the hash change will not impact
older kernel versions as the user would have to switch to a non-latest
kernel.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default iamge size is 32MiB, which is quite low by today's standards.
Besides, the AArch64 kernels are relatively big, which leaves not much
room, if at all, for users to experiment on the default image.
Increase the vfat size to a more reasonable 64MiB.
Note that users who derive an in-tree defconfig for their own case will
allways hit any arbitarary size we put here, so they will anyway have to
also derive this template for their own use-cases.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by Nicolas Carrier on the Buildroot mailing list [1],
there is a new build issue while building a program which interacts with
the u-boot environment. This program uses the headers of the ubootenv
library provided by uboot-tools.
This is an upstream change from uboot [2] adding "#include <env.h>" to
fw_env.h. Adding env.h require a board configuration to build.
But only fw_env.h header is installed in the staging directory by
uboot-tools package, but since it now include env.h the build is broken
because env.h is missing from the staging directory.
It's seems an upstream bug since env_set() is not used in fw_env tool.
Nicolas removed env.h from fw_env tool and fixed it's build issue.
This problem is present since uboot v2019.10, so the uboot version
present in Buildroot 2020.02 is affected.
It's probably not a problem for upstream uboot but it's a problem
for uboot-tools package that build uboot tools without a board
configuration for the target.
[1] http://lists.busybox.net/pipermail/buildroot/2020-April/280307.html
[2] 9fb625ce05
Reported-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: add URL to upstream commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
snappy is not a mandatory dependency to build leveldb. Back when it
was introduced in Buildroot, as of version 1.18, the build logic
already made snappy an optional dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Libdrm freedreno depends on BR2_arm || BR2_aarch64 || BR2_aarch64_be
as such we need to propagate those dependencies to mesa's gallium
freedreno driver.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
So far in 2020, Logilin and Tap2Open made some financial donations to
the Buildroot Association, so let's thank them on our sponsors page.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The author has completely ripped off the git tree, so the sources
are no longer available, with that message:
"Please look for alternatives for wiringPi"
And indeed there is a better alternative, using the kernel GPIO
subsystem and drivers.
Note that queezelite looses that functionality now, but upstream
squeezelite has done changes to do without wiringpi (hint for an
upgrade?).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Hiroshi Kawashima <kei-k@ca2.so-net.ne.jp>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The original git server on git.xiph.org died, and the Xiph project has
now moved on to host their repositories on gitlab.comn instead.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2020-13164: In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and
2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in
epan/dissectors/packet-nfs.c by preventing excessive recursion, such as
for a cycle in the directory graph on a filesystem.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Describe release engineering and development phases of the project.
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
During the migration from alioth to gitlab, the git repository for ltrace
was not migrated. There is a repository on gitlab.com, owned by the debian
maintainer, but that repository does not contain the sha1 we know of:
https://gitlab.com/cespedes/ltrace
s.b.o. is the only known location so far to host the archive, so switch
to it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- (9.11.18) DNS rebinding protection was ineffective when BIND 9 is
configured as a forwarding DNS server. Found and responsibly reported by
Tobias Klein. [GL #1574]
- (9.11.19) To prevent exhaustion of server resources by a maliciously
configured domain, the number of recursive queries that can be triggered
by a request before aborting recursion has been further limited. Root and
top-level domain servers are no longer exempt from the
max-recursion-queries limit. Fetches for missing name server address
records are limited to 4 for any domain. This issue was disclosed in
CVE-2020-8616. [GL #1388]
- (9.11.19) Replaying a TSIG BADTIME response as a request could trigger an
assertion failure. This was disclosed in CVE-2020-8617. [GL #1703]
Also update the COPYRIGHT hash for a change of copyright year and adjust the
spacing for the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When selecting "console" for the automatic getty, the buildroot logic
would collide with systemd's internal console detection logic, resulting
in two getty being started on the console.
This commit fixes that by doing nothing when "console" is selected and
letting systemd-getty-generator deal with starting the proper getty.
Note that if something other than the console is selected
* Things will work properly, even if the selected terminal is also the
console
* A getty will still be started on the console.
This is what systemd has been doing on buildroot since the beginning. it
could be disabled but I left it for backward compatibility
Fixes: #12361
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2020-10957: In Dovecot before 2.3.10.1, unauthenticated
sending of malformed parameters to a NOOP command causes a NULL
Pointer Dereference and crash in submission-login, submission, or
lmtp.
- Fix CVE-2020-10958: In Dovecot before 2.3.10.1, a crafted SMTP/LMTP
message triggers an unauthenticated use-after-free bug in
submission-login, submission, or lmtp, and can lead to a crash under
circumstances involving many newlines after a command.
- Fix CVE-2020-10967: In Dovecot before 2.3.10.1, remote
unauthenticated attackers can crash the lmtp or submission process by
sending mail with an empty localpart.
- Drop first patch (already in version) and so autoreconf
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
CVE-2020-12662: Unbound can be tricked into amplifying an incoming query
into a large number of queries directed to a target.
CVE-2020-12663: Malformed answers from upstream name servers can be used
to make Unbound unresponsive.
Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I added this package while working for Grandcentrix but
am willing to maintain it further.
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mtdev2tuio breaks the builds every now and then and is not
maintained upstream. It does not seem to be useful any more.
Signed-off-by: Stephan Hoffmann <sho@relinux.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add two spaces in hash file.
Remove patch 0002 as it has been applied upstream.
Release notes:
https://mariadb.com/kb/en/library/mariadb-10323-release-notes/
Changelog:
https://mariadb.com/kb/en/library/mariadb-10323-changelog/
Fixes the following security vulnerabilities:
CVE-2020-2752 - Vulnerability in the MySQL Client product of Oracle MySQL
(component: C API). Supported versions that are affected are 5.6.47 and
prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Client. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Client.
CVE-2020-2812 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: Server: Stored Procedure). Supported versions that are affected
are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily
exploitable vulnerability allows high privileged attacker with network
access via multiple protocols to compromise MySQL Server. Successful attacks
of this vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2020-2814 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: InnoDB). Supported versions that are affected are 5.6.47 and
prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable
vulnerability allows high privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2020-2760 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: InnoDB). Supported versions that are affected are 5.7.29 and
prior and 8.0.19 and prior. Easily exploitable vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server as well as unauthorized update, insert or
delete access to some of MySQL Server accessible data.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch site to github
- Drop patches (already in version)
- Fix the following CVEs:
- CVE-2020-13114: Time consumption DoS when parsing canon array
markers
- CVE-2020-13113: Potential use of uninitialized memory
- CVE-2020-13112: Various buffer overread fixes due to integer
overflows in maker notes
- CVE-2020-0093: read overflow
- CVE-2020-12767: fixed division by zero
https://github.com/libexif/libexif/releases/tag/libexif-0_6_22-release
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Our current host-bison installation is not relocatable, so if you
generate the SDK, and install it in a different location, bison will
no longer work with failures such as:
bison: /home/user/buildroot/output/host/share/bison/m4sugar/m4sugar.m4: cannot open: No such file or directory
This particular issue is already resolved upstream by the addition of
"relocatable" support, which we enable using --enable-relocatable.
Once this issue is fixed, a second one pops up: the path to the m4
program itself is also hardcoded. So we add a patch to fix that as
well. The patch has been submitted upstream, which have requested for
further refinements not applicable to the Buildroot context; in the
meantime, we carry that patch.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12656
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: add reference to the upstream submission]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Security fixes:
CVE-2020-12243: Fixed slapd to limit depth of nested filters
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
stella converted most of its C-Style arrays to std::array since version
6.1:
0c0f732e5f
However, gcc 5.x does not accept a = {} initialization for std::array:
In file included from src/emucore/ConsoleIO.hxx:18:0,
from src/emucore/Console.hxx:34,
from src/gui/AudioDialog.cxx:22:
src/emucore/Control.hxx:331:71: error: array must be initialized with a brace-enclosed initializer
std::array<bool, 5> myDigitalPinState{true, true, true, true, true};
^
So add a dependency on gcc >= 6 instead of trying to patch the numerous
array initializations to make them compliant with C++11
Fixes:
- http://autobuild.buildroot.org/results/dfd9b901fabf310ed9033b8a012466c565d58684
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
ezXML is affected by several CVEs and is not maintained anymore (no
release since 2006) so remove it.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to backport a commit to allow us to override the g-ir-scanner
and g-ir-compiler binaries in the gnome module.
By default since meson looks for these binaries as native: true
dependencies it would use the host versions instead of the wrappers
which are not useable for target package builds. Override this behavior
by specifying the correct wrapper binaries in cross-compilation.conf.
Fixes:
http://autobuild.buildroot.net/results/f49/f49bb57a6ec2890f489fbd55ced9c9249d066334/build-end.log
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- expand on why the backported patch does not closely match upstream
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is now forcefully selected by
BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS when the kernel is in
charge of building DTBs (BR2_LINUX_KERNEL_DTS_SUPPORT=y). So enabling
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT is no longer needed in the 64-bit
defconfigs for Raspberry Pi 3 and 4.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS is enabled, and the
DTBs are built by Linux (i.e BR2_LINUX_KERNEL_DTS_SUPPORT is enabled),
these DTBs should be built with the -@ Device Tree compiler option, so
that they can be used together with DTB overlays. So let's select
BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT in this situation.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12831
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The comment explaining the autoreconf says that we are building from a git
clone - but we are not, currently. However, the reconf is still needed due
to patches modifying ac files.
This commit corrects the comment.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
[yann.morin.1998@free.fr: also mention acincludes.m4]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bump to latest upstream commit as it fixes a huge number of CVEs. Some
of them can't be linked to a given commit (e.g.
https://github.com/ckolivas/lrzip/issues/67). Moreover, upstream does
not plan to tag a new release any time soon:
https://github.com/ckolivas/lrzip/issues/99
- Fix CVE-2017-8842: The bufRead::get() function in libzpaq/libzpaq.h in
liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
of service (divide-by-zero error and application crash) via a crafted
archive.
- Fix CVE-2017-8843: The join_pthread function in stream.c in
liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
of service (NULL pointer dereference and application crash) via a
crafted archive.
- Fix CVE-2017-8844: The read_1g function in stream.c in liblrzip.so in
lrzip 0.631 allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted archive.
- Fix CVE-2017-8845: The lzo1x_decompress function in lzo1x_d.ch in LZO
2.08, as used in lrzip 0.631, allows remote attackers to cause a
denial of service (invalid memory read and application crash) via a
crafted archive.
- Fix CVE-2017-8846: The read_stream function in stream.c in
liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
of service (use-after-free and application crash) via a crafted
archive.
- Fix CVE-2017-8847: The bufRead::get() function in libzpaq/libzpaq.h in
liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial
of service (NULL pointer dereference and application crash) via a
crafted archive.
- Fix CVE-2017-9928: In lrzip 0.631, a stack buffer overflow was found
in the function get_fileinfo in lrzip.c:979, which allows attackers to
cause a denial of service via a crafted file.
- Fix CVE-2017-9929: In lrzip 0.631, a stack buffer overflow was found
in the function get_fileinfo in lrzip.c:1074, which allows attackers
to cause a denial of service via a crafted file.
- Fix CVE-2018-5747: In Long Range Zip (aka lrzip) 0.631, there is a
use-after-free in the ucompthread function (stream.c). Remote
attackers could leverage this vulnerability to cause a denial of
service via a crafted lrz file.
- Fix CVE-2018-11496: In Long Range Zip (aka lrzip) 0.631, there is a
use-after-free in read_stream in stream.c, because decompress_file in
lrzip.c lacks certain size validation.
Also:
- update indentation of hash file (two spaces)
- drop patch (already in version)
- manage host-nasm dependency which is enabled by default and has been
fixed by:
9f16f65705
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Mesa chooses the first platform specified in -Dplatforms as the default
EGL native platform. [0]
Configure Options
-D platforms=...
List the platforms (window systems) to support. Its argument is
a comma separated string such as -D platforms=x11,drm. It
decides the platforms a driver may support. The first listed
platform is also used by the main library to decide the native
platform.
This has the effect of breaking EGL applications running on X11 and
possibly Wayland when the first platform specified isn't x11 or wayland,
and EGL_PLATFORM isn't set.
Reorder the specified platforms to use x11, wayland, and drm before
surfaceless, as this is the order chosen by other common distributions,
such as Arch Linux [1], Debian [2], and Fedora [3].
Users preferring drm or surfaceless over x11 or wayland likely know how
to override the native EGL platform, and likely have x11 and wayland
disabled anyway.
[0] https://www.mesa3d.org/egl.html
[1] https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/mesa#n45
[2] fb8c1efb57/debian/rules (L38)
[3] https://src.fedoraproject.org/rpms/mesa/blob/master/f/mesa.spec#_337
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In fact, nanopi_neo4 does not need pylibfdt or pyelftools, but only a
host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.
Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In fact, roc_pc_rk3399 does not need pylibfdt or pyelftools, but only
a host Python interpreter, to run
./arch/arm/mach-rockchip/make_fit_atf.py.
Since upstream U-Boot commit f05d5743567984b4fff6a862fc0f42760ff135da,
this script no longer needs pyelftools. However, since upstream commit
6d06ea34239ab5099783ce588ad4aead96e1fccb (merged in U-Boot 2020.01),
it requires Python 3.x.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update with the new NEEDS_PYTHON semantics]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
U-Boot versions newer than 2020.01 use Python 3.x instead of Python
2.x in various scripts.
We already had the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT and
BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS options, but depending on the U-Boot
version, we now need to indicate if Python 2.x or Python 3.x should be
used.
In addition, it turns out that some U-Boot configurations need a
Python interpreter, without needing pylibfdt or pyelftools. Some of
our defconfigs were abusing the BR2_TARGET_UBOOT_NEEDS_PYLIBFDT option
to make sure a Python interpreter was built.
To solve this issue, we introduce a choice, that let the users specify
what, if any, host python version is needed. The default is 'no', to
preserve the previous behaviour, unless any of the pylibfdt or the
pyelftools options is enabled, in which case we hide the 'no' option,
and use python 2 by default. This dfault is guaranteed by the order of
options in the choice.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- explicitly make the choice a bool
- make BR2_TARGET_UBOOT_NEEDS_PYTHON a blind option
- introduce the 'no' option in the choice
- reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We will need this Python 3.x variant of the host-python-pyelftools
package to be able to build some recent versions of U-Boot (>=
2020.01).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add conditional support to allow the module tools to use openssl
on target to inspect the signature of signed modules. If openssl
is not enabled the modinfo will show a hash algo as unknown.
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patches that are now upstream.
We don't need to autoreconf since we are using a release tarball.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Xtensa have added new relocation types R_XTENSA_[NP]DIFF{8,16,32} with
the same properties as the existing types R_XTENSA_DIFF{8,16,32}.
Add them to the list of ignored relocation types.
This fixes the following error when invoking elf2flt on xtensa binaries
built with the recent binutils:
ERROR: reloc type R_XTENSA_PDIFF32 unsupported in this context
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove tinyxml2 dependency as tinyxml2 is not a part of version 0.8.7.
Indeed, tinyxml2 has been added in September 2016 with
49b3fd9d6f
whereas version 0.8.7 has been released in April 2016
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libopcodes was installed in staging/ in commit 6a508d9361 (binutils:
Also install libopcodes in staging), but was not installed in target/
Starting with linux-5.6, perf (linux-tools) will link to libopcodes when
it is present. Since it is available in staging, the build succeeds.
However, libopcodes missing in target, perf fails at runtime:
perf: ...libopcodes-2.33.1.so: cannot open shared object file
Install libopcodes to target as well.
Signed-off-by: Lecopzer Chen <lecopzer@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security vulnerabilities:
CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.
CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.
CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes:
- Improve mitigation for CVE-2019-14271 for some nscd configuration.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-markdown2 through 2.3.8 allows XSS because element names are
mishandled unless a \w+ match succeeds. For example, an attack might use
elementname@ or elementname- with an onclick attribute.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-future does not depends on python2.
The package work with python 3.x.
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add patch to fix availability check for storeRGB32FromARGB32PM_neon(), only
available for arm little-endian.
Fixes:
- http://autobuild.buildroot.net/results/ab623253a6d988f4ee03d292ee85f3455de2ea25
.obj/qimage_conversions.o: In function `convert_generic(QImageData*, QImageData const*, QFlags<Qt::ImageConversionFlag>)':
qimage_conversions.cpp:(.text+0x2598): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
qimage_conversions.cpp:(.text+0x259c): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
.obj/qimage_conversions.o: In function `convert_generic_inplace(QImageData*, QImage::Format, QFlags<Qt::ImageConversionFlag>)':
qimage_conversions.cpp:(.text+0x28fc): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
qimage_conversions.cpp:(.text+0x2900): undefined reference to `storeRGB32FromARGB32PM_neon(unsigned char*, unsigned int const*, int, int, QVector<unsigned int> const*, QDitherInfo*)'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To match the docker-engine version.
./support/testing/run-tests tests.package.test_docker_compose.TestDockerCompose
09:54:39 TestDockerCompose Starting
09:54:40 TestDockerCompose Building
10:45:33 TestDockerCompose Building done
10:46:30 TestDockerCompose Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 3121.828s
OK
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Set PAHO_HIGH_PERFORMANCE to disable free redefiniton as suggested by
upstream in https://github.com/eclipse/paho.mqtt.c/issues/846.
This will avoid the following build failure on musl:
/tmp/instance-1/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/include/sched.h:80:17: error: expected declaration specifiers or '...' before string constant
void free(void *);
^
/tmp/instance-1/output-1/host/x86_64-buildroot-linux-musl/sysroot/usr/include/sched.h:80:17: error: expected declaration specifiers or '...' before numeric constant
void free(void *);
^
[ 35%] Building C object src/CMakeFiles/common_obj.dir/Base64.c.o
[ 36%] Building C object src/CMakeFiles/common_obj.dir/SHA1.c.o
make[3]: *** [src/CMakeFiles/common_obj.dir/build.make:284: src/CMakeFiles/common_obj.dir/MQTTReasonCodes.c.o] Error 1
Fixes:
- http://autobuild.buildroot.org/results//fbe57a1602fed331ddff3ff3560dce02573816ff
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a
HandleCursorShape integer overflow and heap-based buffer overflow via a
large height or width value. NOTE: this may overlap CVE-2019-15690.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add upstream patch to fix squashfs-tools build failures because
of missing external declaration for fwriter_buffer and
bwriter_buffer.
Fixes:
- http://autobuild.buildroot.net/results/6789b668898245926e0a3a3e7caf823dff515d71
/usr/bin/ld: read_fs.o:(.bss+0x0): multiple definition of `fwriter_buffer'; mksquashfs.o:(.bss+0x400c90): first defined here
/usr/bin/ld: read_fs.o:(.bss+0x8): multiple definition of `bwriter_buffer'; mksquashfs.o:(.bss+0x400c98): first defined here
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add two upstream patches fixing input_event time related
compile failures.
Fixes:
- http://autobuild.buildroot.net/results/3883a948e30cfd235cfca1fb8646fe8032f5e18d
keytable.c: In function 'test_event':
keytable.c:1536:11: error: 'struct input_event' has no member named 'time'; did you mean 'type'?
ev[i].time.tv_sec, ev[i].time.tv_usec,
^~~~
type
keytable.c:1536:30: error: 'struct input_event' has no member named 'time'; did you mean 'type'?
ev[i].time.tv_sec, ev[i].time.tv_usec,
^~~~
type
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
- http://autobuild.buildroot.net/results/af76190876656252eb6f60220cdb1d627a03b7c3
evdevkeyboard/qevdevkeyboardhandler.cpp: In member function ‘void QEvdevKeyboardHandler::switchLed(int, bool)’:
evdevkeyboard/qevdevkeyboardhandler.cpp:153:28: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
::gettimeofday(&led_ie.time, 0);
^~~~
type
evdevtouch/qevdevtouchhandler.cpp: In member function ‘void QEvdevTouchScreenData::processInputEvent(input_event*)’:
evdevtouch/qevdevtouchhandler.cpp:579:29: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
m_timeStamp = data->time.tv_sec + data->time.tv_usec / 1000000.0;
^~~~
type
evdevtouch/qevdevtouchhandler.cpp:579:49: error: ‘struct input_event’ has no member named ‘time’; did you mean ‘type’?
m_timeStamp = data->time.tv_sec + data->time.tv_usec / 1000000.0;
^~~~
type
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
cvs is an old package, and it shows:
- CVS is licensed under GPL-1.0+ as stated in README (referenced in source
code) and COPYING files;
- COPYING.LIB also give the terms of LGPL-2.0+, and is referenced by a
few files, like lib/strnlen1.c, mostly vampirised rom older versions
of the GNU C library (glibc);
- additionally, the glob implementation was also grabbed from a more
recent (but still old) glibc version, and is LGPL-2.1+, but there is
no license file associated with it, so we use the header instead.
Also update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- LGPL-2.0+ is used, reference at least one file
- LGPL-2.1+ is also used
- reword commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_PACKAGE_HOST_ZLIB does not exist, and should anyway not be
selected by the target pigz package.
Signed-off-by: Louis-Paul Cordier <lpdev@cordier.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Irrlicht fail to detect properly the NEON support on aarch64 or ARM with NEON FPU support.
While linking an application with libIrrlicht.so, we get an undefined reference to
png_init_filter_functions_neon.
Some files are missing in the libpng bundled in Irrlicht, in particular arm/arm_init.c [1],
so disable NEON support completely.
This can be reproduced by building minetest using this defconfig for aarch64:
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_MINETEST=y
BR2_PACKAGE_MINETEST_CLIENT=y
BR2_PACKAGE_MINETEST_SERVER=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_GLX=y
BR2_PACKAGE_XORG7=y
Or for ARM with NEON FPU support:
BR2_arm=y
BR2_cortex_a15=y
BR2_ARM_FPU_NEON=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_MINETEST=y
BR2_PACKAGE_MINETEST_CLIENT=y
BR2_PACKAGE_MINETEST_SERVER=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_GLX=y
BR2_PACKAGE_XORG7=y
[1] https://github.com/glennrp/libpng/tree/v1.6.37/arm
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.2.2 has a
heap-based buffer overflow during JPEG_MARKER_SOS handling because of a
missing length check.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back in commit [1], a patch fixing an issue a PowerPC issue in gcc was
added in gcc 4.3.3. It was present until gcc 4.9, which itself was
removed in [2]. The patch was dropped starting gcc 5.1 [3] but it's
know to be useful for gcc 4.7.3 [4]. However, even though we no longer
support building any of those older gcc versions, the conditional
patching logic in gcc.mk is still there.
We used to have a patch directory (package/gcc/$(GCC_VERSION)) for
every gcc version available in Buildroot, the apply-patches.sh script
doesn't error out even if
1000-powerpc-link-with-math-lib.patch.conditional is missing.
But with gcc 10, we don't need (for the moment) to apply any patch, so
the patch directory doesn't exist. apply-patches.sh breaks the build
since the patch directory is missing:
Aborting. 'package/gcc/10.1.0' is not a directory.
Since we removed gcc 4.9 last year [2], we can safely remove this code.
Tested using qemu_ppc_virtex_ml507_defconfig.
[1] bb1f42e442
[2] baf1775022
[3] 4deb2d93c5
[4] 197006a41c
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If libapparmor is selected, depend on libapparmor and set -Dapparmor=true
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we prepare the release, we generate the manual in various formats,
so that it can be consulted locally without needing the miriads of tools
needed to generate it.
However, this creates the temporary .br2-external.* files in the output
directory, and those end up in the release tarball.
This is not a problem in practice, but is not clean.
Run 'distclean' in the output directory, to get rid of everything but
the generated documentation.
Reported-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
aa-unconfied requires the full version of netstat provided by the net-tools
package. Without the full version, running aa-unconfined will result in the
error:
netstat: invalid option -- 'p'
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- net-ttols is a runtime depednency
- select BB_SHOW_OTHERS
- reorder depends
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following regex string in rc.apparmor.functions
"^/.*[ \t]+flags[ \t]*=[ \t]*\([ \t]*complain[ \t]*\)[ \t]+{" is broken due to
the unescaped { at the end of the regex pattern.
GNU grep ignors the error. However, the Busybox grep does not and throws the
error "unescaped character {"
Escape the "{" character to fix this issue.
Note: Upstream has rewritten large sections of the rc.apparmor.functions file
and the function this patch fixes will no longer be necessary after the next
version is released. However, it is not possible to easily backport the
upstream patches as the rewrite comes with new features that would not be
possible with a simple patch such as this one.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Do not force c99 mode to be able to remove both patches and because it
does not seem to be motivated. Indeed, even if the second patch was
sucessfully upstreamed. The first one can't be upstreamed as it raises
the following build falure on Solaris 11 (due to mixing c99 and
_POSIX_C_SOURCE):
#if defined(STDC_C99) && (defined(_XOPEN_OR_POSIX) && !defined(XPG6))
#error "Compiler or options invalid for pre-UNIX 03 X/Open applications \
and pre-2001 POSIX applications"
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Between 1.0.32 and 1.0.34, only bug fixes have been merged in
uclibc-ng. All patches can be removed, as they have been applied
upstream.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2020-11945: An issue was discovered in Squid before 5.0.2. A
remote attacker can replay a sniffed Digest Authentication nonce to gain
access to resources that are otherwise forbidden. This occurs because
the attacker can overflow the nonce reference counter (a short integer).
Remote code execution may occur if the pooled token credentials are
freed (instead of replayed as valid credentials).
http://www.squid-cache.org/Advisories/SQUID-2020_4.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
cage v0.1.1 can't build with wlroots 0.10.1, as it uses
a set of wlroots API that are no longer available.
Moving to latest upstream version fixes the issue.
Also:
- added license file information
- updated license file hash
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
This patch prevents libglu being added to the "Requires:" section of
glew.pc fixing libglew detection in the supertuxkart package
-- Checking for module 'glew>=2.1'
-- Package 'glu', required by 'glew', not found
after libglu is removed as dependency of supertuxkart.
Supertuxkart already uses -DGLEW_NO_GLU:
https://github.com/supertuxkart/stk-code/blob/master/CMakeLists.txt#L224
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] It's not needed for GLEW to
build or run, but it's opt-out that reason. I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
Each package using glew.h has to decide whether to use the opt-out for
glu or not. Since supertux does not need libglu we can safely remove
the dependency by adding -DGLEW_NO_GLU to TARGET_CXXFLAGS.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"The inclusion of GLU is historical. [...] I'd recommend using
-DGLEW_NO_GLU since GLU is rarely seen in modern codebases nowadays."
https://github.com/nigels-com/glew/issues/192#issuecomment-411641657
Add -DGLEW_NO_GLU to get rid of the libglu dependency.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- fix mismatch between OGRE_CXX_FLAGS and OGRE_CXXFLAGS
- also use OGRE_CFLAGS for symetry with OGRE_CXXFLAGS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit e845f9364c ("ne10: bump to v1.2.1") removed arm arch
dependency from the comment. This comment is only relevant to arm.
Furthermore, if a target does not have a NEON unit, there is
nothing a user can do about that condition in Buildroot. Showing
a comment would not be useful, and we're not usually showing any
arch-related comment.
Cc: Cody Guldner <cody.guldner@rockwellcollins.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: drop the comment, explain why]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Contrary to riscv32, the qemu_riscv64_virt defconfig doesn't needs
any specific change. It could have been updated to Linux 5.4.35 in
the commit 80a044703a.
So, update the kernel version to 5.4.35.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop flask license as the old flask theme has been replaced with the
sphinx_rtd_theme since version 0.17.0 and
8f96cbdabf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Under certain circumstances (host distribution, openssl version),
the qemu-system binary fail to start:
qemu-system-aarch64: symbol lookup error: /lib64/libssh.so.4: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
There is no problem when only host-qemu is built, but it's linked with /lib64/libcurl.so.4
$ make host-qemu
$ ldd output/host/bin/qemu-system-aarch64
[...]
libcurl.so.4 => /lib64/libcurl.so.4 (0x00007fb21cb57000)
libssh.so.4 => /lib64/libssh.so.4 (0x00007fb21c35d000)
libpsl.so.5 => /lib64/libpsl.so.5 (0x00007fb21c34a000)
libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007fb21c2b4000)
Note: /lib64/libcurl.so.4 is linked with libssh and libssl:
$ ldd /lib64/libcurl.so.4
[...]
libssh.so.4 => /lib64/libssh.so.4 (0x00007f90d8efd000)
libpsl.so.5 => /lib64/libpsl.so.5 (0x00007f90d8eea000)
libssl.so.1.1 => /lib64/libssl.so.1.1 (0x00007f90d8e54000)
Continue the build.
$ make
We can notice that qemu_aarch64_virt_defconfig set
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y
So host-openssl package is built and this is the problem:
$ ldd output/host/bin/qemu-system-aarch64
[...]
libcurl.so.4 => /lib64/libcurl.so.4 (0x00007f3adb444000)
libssh.so.4 => /lib64/libssh.so.4 (0x00007f3adac4a000)
libpsl.so.5 => /lib64/libpsl.so.5 (0x00007f3adac37000)
libssl.so.1.1 => /home/naourr/buildroot/test/qemu_aarch64_virt_defconfig-master/host/lib/libssl.so.1.1 (0x00007f3adaba8000)
qemu-system-aarch64: symbol lookup error: /lib64/libssh.so.4: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
This is due to the build system trying to find libcurl using
pkg-config or curl-config.
libcurl is used by the QEMU Block driver for CURL images and
elf2dmp tool which is not needed.
Instead of adding host-libcurl dependency, we can disable it
entierely.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop patches (already in version) and so AUTORECONF
- Update indentation in hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- curl and tiff are optional dependencies since version 7.0.0 and
db31b6dfa9
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This workaround is not needed as of commit
5cff3a8bdf which properly sets the
PKG_CONFIG_LIBDIR for native: true dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This workaround is not needed as of commit
5cff3a8bdf which properly sets the
PKG_CONFIG_LIBDIR for native: true dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previous address is still valid but not used as primary address any
longer
Signed-off-by: Davide Viti <zinosat@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Allow ghostscript to be used by cups for printing.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Without a source for randomness, qpdf will crash with 'no such file'
error. It's can me tested by command like 'qpd some_pdf.pdf -'.
This problem breaks cups printing.
This patch change configure options to '--with-random=/dev/urandom'
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We no longer need this package specific pkconfig workaround as it is
now applied to all meson packages automatically.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This sets the correct build.pkg_config_path for all meson packages so
that dependencies with native: true will properly use the the host
pkgconfig instead of the target pkgconfig.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the linux kernel will apply some fixups on its .config file,
based on whether some packages are enabled or not. That list of
conditional fixups is getting bigger and bigger with each new package
that needs such fixups, culminating with the pending firewalld one [0].
Furthermore, these fixups are not accessible to packages in br2-external
trees.
Add a new per-package variable, that packages may set to the commands to
run to fixup the kernel .config file, which is added at the end of the
linux' own fixups.
This opens the possibility to write things like;
define FOO_LINUX_CONFIG_FIXUPS
$(call KCONFIG_ENABLE_OPT,BLA)
endef
Of course, it also opens the way to run arbitrary commands in there, but
any alternative that would be declarative only, such as a list of
options to enable or disable (as an example):
FOO_LINUX_CONFIG_FIXUPS = +BAR -FOO +BUZ="value"
.. is not very nice either, and such lists fall flat when a value would
have a space.
For packages that we have in-tree, we can ensure they won't play foul
with their _LINUX_CONFIG_FIXUPS. For packages in br2-external trees,
there's nothing we can do; users already have the opportunity to hack
into the linux configure process by providing LINUX_PRE_CONFIGURE_HOOKS
or LINUX_POST_CONFIGURE_HOOKS anyway...
.. which brings the question of why we don't use that to implement the
per-package fixups. We don't, because _PRE or _POST_CONFIGURE_HOOKS are
run after we run 'make oldconfig' to sanitise the mangled .config.
[0] http://lists.busybox.net/pipermail/buildroot/2020-March/278683.html
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The kconfig mangling macros currently operate on the caller-supplied
.config file, on the assumption that the caller will always know what
file to mangle.
This was correct so far, as packages would indeed only mangle their
own .config files.
However, the Linux kernel does its mangling based on whether some
other packages are enabled or not. That list of conditional mangling
is getting bigger and bigger with each new package that needs such
mangling, culminating with the pending firewalld one [0]. Furthermore,
this mangling is not accessible to packages in br2-external trees. So
we'll want to have packages provide the mangling commands.
So we'll want the mangling to be done on the Linux' .config file in
the expanding package context, not in the package calling the macros.
But packages do not, and should not have knowledge about where the
.config file is, nor how it is named.
So we make the parameter to specify the .config file to mangle
optional. If it is set, this is what the macros will mangle; if it is
not set, the expanding package's .config file will be used.
This has the added benefit that we do not have to repeat in the
expanding package context the knowledge of how the .config file is
named:
FOO_KCONFIG_DOTCONFIG = .config
define FOO_KCONFIG_FIXUPS_CMDS
$(call KCONFIG_ENABLE_OPT,BLA)
endef
[0] http://lists.busybox.net/pipermail/buildroot/2020-March/278683.html
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, we have three macros that may mangle a .config file. All
three are modeled after the same pattern: removing the existing option
from the .config file, then adding the new definition for that option;
all three also implement that pattern with the same commands: sed and
echo.
This is all good so far, because it was simple enough, and they always
worked on a file passed in parameter.
However, we're soon going to change this file parameter to make it
optional, so that the file will then be auto-deduced for the current
package. In that case, the file to sed and echo into will be a more
complex structure than just the parameter.
As such, move the actual mangling down to a helper macro, that is called
from the three existing ones.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Python support in OpenCV3 indeed requires a glibc or musl toolchain,
but is only available if Python 3.x is enabled, and if we're on an
architecture with Numpy support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The python-numpy Config.in comment was missing a dependency on
BR2_PACKAGE_PYTHON_NUMPY_ARCH_SUPPORTS.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 1.18.0, Numpy only supports Python 3.x, so we make it
depend on BR2_PACKAGE_PYTHON3 and propagate this to its reverse
dependencies.
Also, since upstream commit d630d96598f1b7ea044d60bea8cd2b87778f072a,
the Cython generated files are no longer part of released tarballs,
and therefore Numpy requires python-cython on the host as a build
dependency.
Cc: Samuel Martin <s.martin49@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Cc: Esben Haabendal <esben@geanix.com>
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2020-12268: jbig2_image_compose in jbig2_image.c in Artifex
jbig2dec before 0.18 has a heap-based buffer overflow.
- Add JBIG2DEC_AUTORECONF=YES otherwise build will fail because
install-sh has been removed from the tarball
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The upstream project http://pistache.io/ does not provide release
tarballs. However, commit 73f248acd6db4c53 has been successfully
used for some time now.
The use of BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 is for C++14 support.
Tested it with gcc-linaro-4.9-2016.02-x86_64_arm-linux-gnueabi
and buildroot's ./utils/test-pkg
Pistache does not build with uClibc, the macro RUSAGE_THREAD for
getrusage() is not properly declared. This is an upstream issue:
https://github.com/oktal/pistache/issues/175
Hence the dependecy !BR2_TOOLCHAIN_USES_UCLIBC
Signed-off-by: Thomas Ruschival <thomas@ruschival.de>
[yann.morin.1998@free.fr:
- fix PISTACHE_LICENSE_FILES (missing trailing 'S')
- add hash for license file
- two spaces in license file
- tweaks in commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- ChangeLog:
- compression bomb protection
- memory handling issue found by Oss-Fuzz
- improve handling of anomalies in traffic
- Drop first patch (already in version)
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit b80712a16a ("configs/odroidc2:
remove the defconfig") has removed the odroidc2 defconfig, but left
behind a number of files in board/hardkernel/odroidc2, which are now
unused. Let's remove them.
Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In the version bump to 6.10 the following changes were:
* Fix hash file to two spaces format
* Add patch to respect DESTDIR and optionally install man pages for
mount.smb3 by utilizing CONFIG_MAN.
* Pass -std=gnu11 to fix compile issues found with the sourcery-arm
toolchain with C99 style code errors in smbinfo.c and defintion of
'struct sa' uisng gnu11 for C11 GNU extensions.
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Update hash file to two space format
* COPYING hash updated due to copyright year
* Patch dropped, as it is now upstream as of
9c55c01604
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- I fixed build problems on cups and cups-filters but don't use them.
- gtest, libpam-radius-auth, libpam-tacplus and perl-file-util were
used in my previous job. I don't have access to the packages that
use them neither to the corresponding test infrastructure anymore.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* Update hash file to two space format and add hashes from sourceforge
website.
* Drop 0001-Required-fixes-to-compile*.patch as it is included with
new release
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Update gettext to 0.20.1 and the respective hashes.
- Remove share/gettext-tiny/m4/lock.m4 from GETTEXT_TINY_EXTRA_GETTEXT_FILES
and the install list, as this file was removed in commit
8c2bfdbddb13a480d88ceac4ab0e5886bda957cb.
Tested with test-pkg -p gettext-tiny in Debian 10 and Centos 7
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: OK
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: OK
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Update license hash due to http -> https URL changes.
- Depend on host-libtextstyle for host-gettext-gnu.
- Update 0001-error_print_progname.patch to apply cleanly.
- Remove upstream 0002-Update-after-gnulib-changed.patch
- Add 0002-restore-the-ability-to-buld-gettext-tools-seperately-part1.patch
which allows gettext-tools to build with an external libtextstyle.
Tested under Debian 8 with test-pkg -a:
44 builds, 5 skipped, 0 build failed, 0 legal-info failed
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This library provides an easy way to add styling to programs that produce
output to a console or terminal emulator window.
libtextstyle is for you if your application produces text that is more readable
when it is accompanied with styling information, such as color, font
attributes (weight, posture), or underlining.
Our gettext-gnu package currently has HOST_GETTEXT_GNU_SUBDIR = gettext-tools
so we only configure and build the gettext-tools sub-directory. Version 0.20.1
of gettext-gnu now requires libtextstyle, which the subdirectory gettext-tools
does not provide.
We have three options:
1) Add hooks to configure and build libtextstyle as a pre-configure hook in
gettext-gnu, and install it in a pre-install hook.
2) Revert to building the whole of gettext.
3) Add a separate package for libtextstyle.
Here are the results of a test with BR2_JLEVEL=4:
- Only gettext-tools: 38.86s user 22.13s system 124% CPU 49.035 total
- gettext + libtextstyle: 40.78s user 14.57s system 146% CPU 37.817 total
- All of gettext: 203.18s user 122.87s system 161% CPU 3:22.39 total
As seen above, compiling the entire gettext package takes 5x longer than
building libtextstyle and gettext separately!
As such, the best option is option 3, as the time increase to build
libtextstyle is negligible.
Tested with test-pkg -p gettext-tiny in Debian 10 and Centos 7
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: OK
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: OK
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back in 2014, about 6 years ago now, in my infinite wisdom, I
decided that extracting the tzdata source was not necessary for
the target variant, because we would be installing the files
generated by the host variant, in commit 7aad5daa5d (package/tzdata:
only compile the zoneinfo once).
However, that did not account for the fact that we would eventually
like to have the licensing information for tzdata, later added in
2019, in commit 60889ccdf0 (package/tzdata: bump to version 2019b).
However, that last comit only added the license file to the host
variant, without explanations why that was so. It turns out that the
reason it was not added to the target variant is, probably, that he
source code for the target variant is not extracted, and thus saving
the license file fails.
But we really want the license file for what goes on into the target.
So, do extract the source code for the target variant, even if only to
get the license file.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Richard Braun <rbraun@sceen.net>
Cc: Martin Bark <martin@barkynet.com>
Cc: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
src/LibSupport.h has some logic to find the wordsize of the current
architecture, using an explicit list of CPU architectures. This makes
the build fail on a number of CPU architectures that are not
explicitly handled.
Let's instead use the __WORDSIZE definition of the C library, which is
guaranteed to be available for all CPU architectures.
Fixes:
http://autobuild.buildroot.net/results/a235345477ea2ec3b0dd4ffed4d7667d46caec48/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed 0001-*.patch as it is included with the maintenance release.
The LICENSE file hash changed due to Copyright year updating to
include 2020.
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Alexander Dahl <post@lespocky.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Alexander Dahl <post@lespocky.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The commit 0f0649140f introduced a change
in the module name: utf8 -> lua-utf8.
The packages-file-list.txt show the change in the files intalled on the rootfs:
[lua-utf8 0.1.2-2 latest version]
lua-utf8,./usr/lib/luarocks/rocks-5.1/luautf8/0.1.2-2/doc/LICENSE
lua-utf8,./usr/lib/luarocks/rocks-5.1/luautf8/0.1.2-2/doc/README.md
lua-utf8,./usr/lib/luarocks/rocks-5.1/luautf8/0.1.2-2/luautf8-0.1.2-2.rockspec
lua-utf8,./usr/lib/luarocks/rocks-5.1/luautf8/0.1.2-2/rock_manifest
lua-utf8,./usr/lib/lua/5.1/lua-utf8.so
[lua-utf8 1.2-0 previous version]
lua-utf8,./usr/lib/luarocks/rocks-5.1/utf8/1.2-0/doc/README.md
lua-utf8,./usr/lib/luarocks/rocks-5.1/utf8/1.2-0/utf8-1.2-0.rockspec
lua-utf8,./usr/lib/luarocks/rocks-5.1/utf8/1.2-0/rock_manifest
lua-utf8,./usr/lib/lua/5.1/utf8.so
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/526036036
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a minor release which provides fixes for CVE-2020-11793,
CVE-2020-3887, CVE-2020-3894, and CVE-2020-3899.
Updating from 2.28.0 also brings a few rendering fixes, a build fix
on MIPS64, a build fix for GStreamer 1.12, and solves a couple of
crashes. The full release notes covering 2.28.1 and 2.28.2 can be
found at:
https://webkitgtk.org/2020/04/13/webkitgtk2.28.1-released.htmlhttps://webkitgtk.org/2020/04/24/webkitgtk2.28.2-released.html
A detailed security advisory can be found at:
https://webkitgtk.org/security/WSA-2020-0004.html
Note that the above does not cover all the CVEs, and a new advisory
including them is expected to be published in the next days.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a minor release which provides fixes for CVE-2020-11793,
CVE-2020-3887, CVE-2020-3894, and CVE-2020-3899.
Updating from 2.28.0 also brings a few rendering fixes, a build fix
on MIPS64, a build fix for GStreamer 1.12, and solves a couple of
crashes. The full release notes covering 2.28.1 and 2.28.2 can be
found at:
https://wpewebkit.org/release/wpewebkit-2.28.1.htmlhttps://wpewebkit.org/release/wpewebkit-2.28.2.html
A detailed security advisory can be found at:
https://wpewebkit.org/security/WSA-2020-0004.html
Note that the above does not cover all the CVEs, and a new advisory
including them is expected to be published in the next days.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit ed28a698e3
which I applied locally fo testing, but forgot to reset before
continuing to work on other patches...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Qemu version present in readme.txt files was needed when
the Buildroot's Qemu defconfig was tested manually using the
qemu-system-<arch> binary already present on the host.
This information is now incorrect since we are using host-qemu
package, currently at 4.2.0 version, to do a runtime test since
0c79350638.
For m68k-q800, we can use the upstream qemu since 4.2.0 release
[1].
So, remove this line from the readme.txt.
[1] https://www.qemu.org/2019/12/13/qemu-4-2-0/
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
mesa3d-headers is a little bit special: it uses the same sources as
the mesa3d package, named just 'mesa' upstream. mesa uses the meson
buildsystem, an that is what we use in the mesa3d package.
However, mesa3d-headers does not install the whole of mesa; it only
installs a select set of headers for those binary blobs that do not
provide them.
mesa does not provide such a feature (only installing headers) with
its meson buildsystem. As a consequence, we've made mesa3d-headers a
generic package, that basically only copies headers over.
Additionally, mesa3d-headers also provides the dri.pc file for when
Xorg is enabled; see 7468b60e7c (package/mesa3d-headers: also install
dri header and .pc file).
We used to manually generate that file from a .in template that was
present in mesa source code at the time it was still using autotools.
But when they switched over to using meson, the template was dropped
[0], and the dri.pc is now entirely generated using meson internals
[1].
So we now have no template present in the source code, so we must
come up with our own. This simplifies the replacement pattern to
just inject the version string.
[0] https://cgit.freedesktop.org/mesa/mesa/commit/?id=158758618264eac113025a86a360dc305ed4498b
[1] https://cgit.freedesktop.org/mesa/mesa/tree/src/mesa/drivers/dri/meson.build?h=19.2#n93
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Vincent Fazio <vfazio@xes-inc.com>
[yann.morin.1998@free.fr:
- entirely rework the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
musl libc uses ELFv2 by default for all PPC64 targets.
Now, OpenSSL libraries built with musl targeting PPC64BE should build
and function as expected.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Linux version are changed to the new LTS kernel 5.4.35 for all qemu
defconfigs, except for riscv and csky. Thoses defconfigs are left
unchanged because they require either a custom Linux repository
or a specific kernel header version causing some difficulties when
upgrading to 5.4.35.
Update the nios2-10m50 linux.fragment to update the .dtb build directory
due to a change in kernel 4.20 [1]:
nios2: build .dtb files in dts directory
Align nios2 with other architectures which build the dtb files in the
same directory as the dts files. This is also in line with most other
build targets which are located in the same directory as the source.
This move will help enable the 'dtbs' target which builds all the dtbs
regardless of kernel config.
This transition could break some scripts if they expect dtb files in
the old location.
For x86 and x86_64 kernel, add the CONFIG_PCI symbol due a change in kernel
5.0 [2]. The option was previously enabled by default (default y).
PCI: consolidate PCI config entry in drivers/pci
There is no good reason to duplicate the PCI menu in every architecture.
Instead provide a selectable HAVE_PCI symbol that indicates availability
of PCI support, and a FORCE_PCI symbol to for PCI on and the handle the
rest in drivers/pci.
Update the kernel of ppc-mac99 defconfig added in Buildroot 2019.08.
This version bump was tested on gitlab [4] using the newly introduced
boot-qemu-image.py script [5].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=118864869805123bf82d666062542440a0fda5dd
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=eb01d42a77785ff96b6e66a2a2e7027fc6d78e4a
[3] a8fac3fcfc
[4] https://gitlab.com/kubu93/buildroot/pipelines/139819874
[5] 0c79350638
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Convert the patch for microblaze kernel added for kernel 3.14 by
Waldemar to git format.
Note: the Waldemar Sob line is missing in the original patch:
fa27985483
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
paho-mqtt-c by default enables the building of test materials and
install of CPack documentation:
PAHO_ENABLE_TESTING - "Build tests and run"
PAHO_ENABLE_CPACK - "Enable CPack"
Let's disable these to save a couple megabytes and time. This is
in keeping with the generic settings in pkg-cmake.mk.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When 4bcc344464 was applied, it was not
noticed that 96dc6701af (from another
contributor) had already been
applied. 4bcc344464 essentially did the
same thing as 96dc6701af, except it also
disable zstd support explicitly in the host-libarchive package.
Let's drop the part of 4bcc344464 that
duplicates 96dc6701af.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The CMakeLists.txt contains:
if(CPPREST_EXCLUDE_COMPRESSION)
if(NOT CPPREST_EXCLUDE_BROTLI)
message(FATAL_ERROR "Use of Brotli requires compression to be enabled")
endif()
libcpprestsdk requires openssl, so if the libopenssl provider is
chosen, it anyway pulls in zlib. But if libressl is used as a
provider, it doesn't pull in zlib, and building libcpprestsdk becomes
possible without zlib thanks to this patch.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Convert the hash file to using the two space format for hashes. The
has for the LICENSE file has been updated since version 6.0.4 now
includes DOS line endings (\r\n).
Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some people want to be able to inspect the current state of the build,
and report information about it, like:
- report the number of packages already built out of the total,
- list the packages being actually built (e.g. for TLPB)
- etc...
However, the location where a package is built is inherently an internal
detail, so expose that to the user in the output of show-info. We only
expose the location relative to the base directory (basically, either
output/ or the user-suppiled $(O)), so that show-info does not contain
local information (the output of show-info can be shared).
Interested parties will be able to poke in there to identify the stamp
files and deduce the package's state.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: eeppeliteloop@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Although most virtual packages do not install anything, some of them
do. For example, the virtual package 'toolchain' does tweak the musl
headers during a post staging hook.
So, it makes sense for "show-info" to report if a virtual package has
its target, staging and/or image installation steps enabled or not.
This commit changes show-info to report the type of install steps for
virtual packages too, which means for all packages.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: eeppeliteloop@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By their very nature, host packages have no target, staging, or images
install steps; they have a single install step, that is always
performed.
As such, setting the corresponding _INSTALL_{TARGET,STAGING,IMAGES}
variables does not make sense for host packages.
However, people (and scripts) may get confused when they process the
output of printvars, e.g.:
$ make printvars VARS=HOST_LIBTOOL_INSTALL_TARGET
HOST_LIBTOOL_INSTALL_TARGET=YES
Only set those variables for target packages. There is no
corresponding variable for host packages, as they are always installed
(and only once).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: eeppeliteloop@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By their very nature, host packages have no target, staging, or
images install steps; they have a single install step, that is
always performed.
However, we currently report those three types of install, which
is misleading at best, and really incorrect.
If we were to report any install type for host package, that would
be a single one, and it would always be true.
So, do not report any install type for host packages, as it does
not make sense to report anything that is always true.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vadim Kochan <vadim4j@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: eeppeliteloop@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When booting with 'console=<empty>' in the kernel command line (as e.g.
U-Boot does with silent flags in effect), opening /dev/console fails.
As per POSIX [0], when iany redirection fails, the shell running exec
shal exit in error. So, when 'console=<empty>' is specified.
/dev/console can't be opened, and the redirection fails, and /init is
killed.
That behaviour was fixed on the kernel side with commit 2bd3a997befc2
(Open /dev/console from rootfs), present since 2.6.34, released in May
2010, so any [dr]ecent kernel will have that fix.
Furthermore, busybox will fix things up anyway (in bb_sanitize_stdio()),
falling back to opening /dev/null if no console is availble. systemd
does a similar thing (in make_console_stdio()), and sysvinit again has
a similar approach (in console_init()).
The archealogy search turned up those relevant commits:
2011-08-04 10a130f91e initramfs/init: make sure that 0, 1, 2 fds are available
introduces the three exec redirections in initramfs
2011-09-06 3fac21ef8d cpio: fix boot with dynamic /dev
introduces the three exec redirections in cpio
2011-09-06 13a3afc536 fs/initramfs: refactor with fs/cpio
dropped the initramfs tweaks to reuse the cpio ones
2012-11-04 e1ebae700a fs/common: Create initial console device
introduces the /dev/console char,5,1 pseudo device creation in
cpio
2018-03-31 dec061adce fs/cpio: don't extend packages' permissions table
switched from the permission-table to a manual mknod to create
/dev/console
The redirections were added before we could guarantee there was a
/dev/console in the rootfs.
We're now guaranteed to have /dev/console in an initramfs, and any recent
kernel will automatically open /dev/console before spawning /init.
The three redirections are useless now, and cause harm under certain
conditions. Drop them.
[0] https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_20_01
Signed-off-by: Timo Ketola <timo.ketola@exertus.fi>
Cc: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr:
- extend commit log with the analysis done with Peter
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The reason why the external wireguard kernel module is not allowed with
kernel headers >= 5.6 is that wireguard is included in the upstream kernel
since 5.6 rather than some kind of (fixable) incompatibility issue. Adjust
the comment to make that clear.
While we're at it, drop the redundant !5.6 dependency on the kernel headers
dependency comment. If headers are older than 3.10, then they are also
older than 5.6, so the statement is redundant.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop !BR2_PACKAGE_PYTHON3 dependency as SConstruct requires
host-python3 since version 4.1.10 and:
8dd6d47557
- host-python-psutil is needed since 4.1.8 and
ff03811e31
- Drop unneeded host-python-typing dependency
- C++17 and so gcc 7 is required since 4.1.8 and
01d84b2565
- Set --disable-minimum-compiler-version-enforcement as mongodb enforces
gcc >= 8.2 since verson 4.1.8 and
9ac90b128e
- Explictly disable ssl if needed as ssl is enabled by default
- Add host-python-cheetah dependency if needed
- Manage new http-client option added in version 4.1.2 and
4d7dcca91b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Titouan: Fix patch conflicts with master]
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed to build mongodb.
With this host variant there is no need to enforce host
python in the original package.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since wireguard is built into kernels 5.6 and later we can't build
wireguard-linux-compat on them, so we need to depend on
!BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_6.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Actually the install target of some tools like the parser tries to do
an os detection to understand what install and where.
Incidentally, when the install is invoked on SuSE, this will trig a bug
in parallel install which manifests as "target/lib/apparmor: File exists"
error. For this problem, a patch is already sent upstream.
For buildroot instead, the os detection is useless so we disable it
and use a generic install method.
Fixes:
http://autobuild.buildroot.net/results/b18c6a9ce67065dcb7968c6f473b3b403d2925d2
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Latest version of Apache introduce a new apxs with a slightly modified
path handling logic. In order to simplify the crosscompilation, the
software removes the common prefix from bin install dir and build
install dir, but for this to work they both should have a common prefix.
So we introduce a new regexp to fix /usr/bin to staging dir, the regexps
are also fixed to replace only the exact path between double quotes, to
avoid replacing the she-bang line.
Fixes:
http://autobuild.buildroot.net/results/c41f31566974209897a3a1ec35afe2536fb248cchttp://autobuild.buildroot.net/results/b93f19976ce96e79ea159c25ed74a7377c78f334
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
- add the last few words about the she-bang blurb
- do not use quotes in the existing /sur/bin regexp
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop first and second patches (already in version)
- Retrieve third patch from upstream
- Retrieve an additionnal patch from upstream
- host-gettext is needed for AM_ICONV since
0512f6d0a0
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As Java is used quite a bit in the enterprise world, having the option to
build the LTS version of OpenJDK is quite convenient and also a requirement
for many companies wanting to use Java.
As such, there are three options:
1) Continue only to support the latest version of OpenJDK.
2) Downgrade our existing OpenJDK package from 14 to 11.
3) Add an option to support either OpenJDK 11 or 14.
OpenJDK 11 and 14 currently have:
- The same configure options.
- The same license files and hashes for those license files.
- The same dependencies.
- The same method to build and install.
As such, supporting both 11 and 14 is not only an easy option to add to
Buildroot, but also a nice feature for users who wish to use Java in an
embedded environment with a company that mandates the use of the LTS version.
To make it explicit that this choice really is about LTS vs. latest, and
not about 11 vs. 14, the options are really named with LTS and LATEST,
so that future defconfigs will not have to migrate when the versions
changes (e.g. we update from 14->15, or from 11 to the next LTS).
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- keep latest as the default, for existing defconfigs
- rename options: drop numbers, use LTS and LATEST
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
python-jedi bundles its own copy of typeshed since version 0.14.0 and
7d2b7bb3c1
So add it to the license files (and update indentation of hash file to
two spaces while at it)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Notice: 5.5.x is now EOL, so should be dropped at the next version bump.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some users may require the full JDK on the target to debug their programs.
This change is relatively trivial to add.
While the full JDK does have programs used for compiling on a target,
which is against Buildroot policy, the JDK also has several utilities used for
debugging purposes, which the JRE target does not build, and Buildroot supports
applications used for debugging purposes such as GDB.
As such, JDK support should be available for debugging purposes, and a note in
the Config.in file has been added under the JDK section, which informs the user
that JDK support is for debugging purposes only and that developing on a
target is not supported by Buildroot.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Tested-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr:
- s/OPENJDK_INSTALL_DIR/OPENJDK_VARIANT/
- slightly rewrap help text
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Several directories and files are currently not installed during the
target installation, these include:
- conf
Several configuration files, including security configuration files which
may be necessary for running various java applications.
- legal
This directory contains legal notices that some java applications may
require, as they may print legal information and will throw exceptions at
runtime if the legal files are not present on the system.
- release
This file contains a list of modules included in the image.
Because these directories take up less than of megabyte extra, it is not an
issue to install all of them.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Tested-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Giving an explicit getty port is not really needed, as we already
spawn a getty on the "console" device, which will match the serial
port passed as console= argument on the kernel command line.
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, Buildroot installs the jre libraries using
cp -dprf /build/linux-*-release/images/jre/lib/* $(TARGET_DIR)/usr/lib/
However, if a system has a merged /usr directory, and there is a built kernel
before installing OpenJDK, the installation fails because jre/lib has binary
modules file, which causes the following error: cp: cannot overwrite directory
'/usr/lib/modules with non-directory
The obvious fix is to install the modules to /usr/lib/jvm/ and set the
appropriate rpaths via the --with-extra-ldflags conf option. However, this fix
does not work because the built binaries themselves do not link against
libjava.so
Indeed, running readelf on the built java binary reports the following:
"(RUNPATH) Library runpath: [/usr/lib/jvm]" and /usr/lib/jvm/libjava.so exists.
However, when running the Java binary on the target, the following error
occurs: "Error: could not find libjava.so."
The following is the result of "strace java" ran on the target:
faccessat(AT_FDCWD, "/usr/lib/libjava.so", F_OK) = -1 ENOENT
faccessat(AT_FDCWD, "/usr/jre/lib/libjava.so", F_OK) = -1 ENOENT
newfstatat(AT_FDCWD, "/usr/lib/libjava.so", 0x7ffe7b4af8, 0) = -1 ENOENT
newfstatat(AT_FDCWD, "/usr/lib/jvm/libjli.so", [sic] AT_SYMLINK_NOFOLLOW) = 0
As seen above, the java binary searches for libjli.so in /usr/lib/jvm,
which demonstrates that the java binary searches for some of the
DT_NEEDED libraries using the correct rpath. But libjava.so is not
searched from the rpath; it is instead dl-opened manually, looked for in
the search paths hardcoded to the following directories:
- /usr/lib/
- /usr/jre/lib/
- $(dirname $0)/../lib/
The reason behind the hardcoded paths given by the maintainers is due to
historical purposes for the need to support several java versions at the
same time on a single system, and that changing the above behavior is not
likely to ever happen.
As such, most distributions such as Redhat do the following:
- Create the directory /usr/lib/jvm/java-$(JAVA_VERSION)/
- Install all directories and files found in images/jre to that directory.
- Symlink the binaries to in /usr/lib/jvm/java-$(JAVA_VERSION)/bin to
/usr/bin.
However, because Buildroot does not need to support multiple versions of java
concurrently, there is no need for the additional java-$(JAVA_VERSION)
directory.
To fix the above issue, the following changes are performed:
- Introduce the variable "OPENJDK_INSTALL_BASE" which points to /usr/lib/jvm
- Set the --with-extra-ldflags conf_opt to
"-Wl,-rpath,$(OPENJDK_INSTALL_BASE)/lib,-rpath,
$(OPENJDK_INSTALL_BASE)/lib/$(OPENJDK_JVM_VARIANT)"
- Run "mkdir -p $(TARGET_DIR)/usr/lib/jvm/" in the INSTALL_TARGET_CMDS step.
- Copy both the lib and bin directories to /usr/lib/jvm/
- Symlink the binaries in /usr/lib/jvm/bin/ to /usr/bin.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12751
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Tested-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
[yann.morin.1998@free.fr: fix two remaining mis-placed '/']
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Prior to commit 4102db0f7a ("package/libglib2: bump to version 2.60.3")
which converted libglib2 to meson, Buildroot used to set a range of
autoconf options to bypass tests that require running binaries.
The meson version of libglib2's build system has many fewer of these
checks, but there are still some and these can be fed the "correct"
answer by adding properties to cross-compilation.conf.
Add the necessary properties to indicate that we have C99 compliant
print functions to avoid pulling in the gnulib fallback.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This version includes a new binary named "ualpn", a proxying
ACMEv2 tls-alpn-01 responder.
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes CVE-2020-1967:
Server or client applications that call the SSL_check_chain() function during
or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a
result of incorrect handling of the "signature_algorithms_cert" TLS extension.
The crash occurs if an invalid or unrecognised signature algorithm is received
from the peer. This could be exploited by a malicious peer in a Denial of
Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this
issue. This issue did not affect OpenSSL versions prior to 1.1.1d.
See https://www.openssl.org/news/secadv/20200421.txt
Also update the hash file to the new two spaces convention
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The BR2_SOFT_FLOAT option is lost while loading the defconfig with:
make qemu_ppc_virtex_ml507_defconfig
On powerpc, BR2_POWERPC_SOFT_FLOAT must be used to enable soft
floating point support.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The BR2_PACKAGE_GLMARK2 is lost while loading the defconfig with:
make engicam_imx6qdl_icore_qt5_defconfig
In order to select gmark2 package, BR2_PACKAGE_GLMARK2_FLAVOR_ANY option
must be set.
Based on the defconfig without X11 and wayland package, the only missing
option to select BR2_PACKAGE_GLMARK2_FLAVOR_ANY is BR2_PACKAGE_HAS_UDEV.
The only possible option is to enable one of the udev provider
(eudev or systemd). Select eudev package for /dev management.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This defconfig use a custom defconfig file located
in board/friendlyarm/nanopi-r1/uboot/nanopi_r1_defconfig.
BR2_TARGET_UBOOT_BOARD_DEFCONFIG is used to provide the name
of a in-tree defconfig. Since a custom defconfig is used,
this option is lost while loading the defconfig with:
make nanopi_r1_defconfig
This fixes the new defconfig check.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This defconfig loses mesa3d-demo and glmark2 package since commit
5cb821d563 that introduced an
explicit option to enable GLX support.
This fixes the new defconfig check.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
board/amarula/a64-relic/readme.txt makes use the host fastboot utility
to flash the board. However, BR2_PACKAGE_HOST_ANDROID_TOOLS_FASTBOOT
(which is enabled in the defconfig) has a dependency on
BR2_PACKAGE_HOST_ANDROID_TOOLS, which is not enabled in the
defconfig. Due to this, BR2_PACKAGE_HOST_ANDROID_TOOLS_FASTBOOT=y is
lost when loading the defconfig.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Jagan Teki <jagan@amarulasolutions.com>
[Thomas: change to add BR2_PACKAGE_HOST_ANDROID_TOOLS=y]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
yaml-cpp builds only a static library by default, this will raise a
build failure with upcoming mongodb 4.2.x as reported by Ryan Barnett
due to mongodb linking with a static library that obviously will miss
-fPIC
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 84ba2e8bf5 got the path to
board/friendlyarm/nanopi-neo4/ wrong in the DEVELOPERS file when
adding a new defconfig nanopi_neo4_defconfig. Let's fix the typo.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 791292c48d forgot to add
!BR2_PACKAGE_PYTHON dependency, without it the following error will be
raised if the user selects BR2_PACKAGE_PYTHON and python-selinux:
WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON3
Depends on [n]: !BR2_PACKAGE_PYTHON [=y] && BR2_USE_WCHAR [=y] && BR2_USE_MMU [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && !BR2_STATIC_LIBS [=n]
Selected by [y]:
- BR2_PACKAGE_SELINUX_PYTHON [=y] && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y] && BR2_TOOLCHAIN_HAS_THREADS [=y] && !BR2_STATIC_LIBS [=n]
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: add dependency on MMU]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also:
* Drop patch 0001 (fix static linking of libmagic) applied upstream
* Add optional dependency on libmatroska
* Add upstream patch to fix building with libmatroska
* Adjust spacing in hash file to 2 spaces
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When host computer has hdf5 library installed, armadillo fails to build with:
[...]
aarch64-buildroot-linux-gnu-g++: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include/hdf5/serial'
make[3]: *** [CMakeFiles/armadillo.dir/build.make:63: CMakeFiles/armadillo.dir/src/wrapper1.cpp.o] Error 1
aarch64-buildroot-linux-gnu-g++: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include/hdf5/serial'
[...]
This issue seems known and is mentionned in a message, displayed at detection step:
[...]
-- *** If use of HDF5 is causing problems,
-- *** rerun cmake with HDF5 detection disabled:
-- *** cmake -D DETECT_HDF5=false .
--
[...]
nce hdf5 in not supported by buildroot, this patch force disabling this
detection.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[yann.morin.1998@free.fr: fix pacakge name in title]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream now provides sha256 & sha512 hashes only.
Switch _SITE to https and use upstream-provided xz tarball.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use new upstream URL libzip.org.
Add optional dependency to liblzma introduced with version 1.6.0:
https://libzip.org/news/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For an unknown reason, since bump to version 3.0.0, we got build failure
due to -D_FILE_OFFSET_BITS==64:
/home/naourr/work/instance-2/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/fts.h:41:3: error: #error "<fts.h> cannot be used with -D_FILE_OFFSET_BITS==64"
# error "<fts.h> cannot be used with -D_FILE_OFFSET_BITS==64"
^
Update our workaround to also filter CPPFLAGS fix the issue and seems
right as we're doing it for all the other affected packages
(restorecond, elfutils ...)
Fixes:
- http://autobuild.buildroot.org/results/200fd0accf6a1926251243b05e600fbf591bb3a2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Parallel make used to be broken in exim, as reported in its docs. Now that
line has disappeared from the docs, and parallel make is actually working.
Tested with 'make exim-dirclean ; time make BR2_JLEVEL=999 exim': builds
still succeed and the build time decreases from 34 to 11 seconds on my
host.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 24c66484e1 (package/qt5: bump minimum gcc requirement to 5.0)
increased the dependency on the gcc version, but used the incorrect
BR2_TOOLCHAIN_GCC_AT_LEAST_5_0, instead of BR2_TOOLCHAIN_GCC_AT_LEAST_5.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr:
- also fix pinentry and wireshark
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
The apparmor packages comes with a set of profiles for a class of usual,
mostly server-class programs and daemons.
Even though an embedded device will mostly require custom profiles, the
generic ones may come handy, as they also provide "abstractions", that
can serve as templates for custom profiles.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: split off into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Most utilities are written in python3, except a few that are written in
a mixture of POSIX shell, bash, perl and awk.
The Makefile does not allow installing parts of it, but requiring all of
python3, bash, and perl to install the utils is too much of a
requirement.
Instead, we split the set in two, on one hand the python ones, which we
install when python3 is enabled, and on the other hand, the rest of the
script which we call 'extras', and which we install when all the extra
requirements (bash, perl, and busybox or gawk) are met; if not, then we
remove these extras utils as a post-install hook.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
- split into its own patch
- re-arrange the conditions
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
The various AppArmor utilities are spread in a few sub-directories of
the apparmor source tree. For now, we build only the parser, but we'll
soon introduce support for a few other utilities, so we prepare the
package to be able to build more than just the parser, hence the
slightly convoluted build and install commands, and the use of the
APPARMOR_TOOLS and APPARMOR_MAKE_OPTS variables, which will come handy
in the following commits.
We must ensure the version matches that of libapparmor, but there is not
much we can do to enforce that, so as we do for various other packages,
we just add a comment to that effect.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
- make it a separate package
- split into its own patch, write a commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Using AppArmor requires support in the kernel, so do for AppArmor what
we did for SElinux, and enabled the necessary options.
Note that a single LSM can be the default one, so as of today, SELinux
wins, by virtue of being the last to be enabled.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr:
- don't force DEFAULT_SECURITY_APPARMOR, it does not exist in all
kernel versions
- move closer to SELinux
- split into its own patch, write a commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: split off into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
The layout of the package is not amenable to building both the library
and the utilities at once, so this package will only install the
library.
The other apparmor-related tools however will almost all want to always
link with the static library (it's hard-coded in their Makefiles, like:
AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread), so we also
force the build of the static library.
The kernel headers 3.16 at least are required, for CAP_AUDIT_READ.
We need to force the C standard to gnu99, otherwise:
- autoconf uses wchar_t in C99 test, so considers it to be missing
on toolchains without wchar, but wchar is not otherwise needed for
libapparmor;
- c99 is not enough, otherwise the build fails with errors like:
kernel.c:503:15: error: expected declaration specifiers or ‘...’ before ‘(’ token
extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat")));
^
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: strip down the patch to only build the lib]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Rhys has asked through private e-mail to be removed:
==
Please can I be removed as the developer, as I’m not longer involved.
Cheers Rhys
==
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ntables bundles a mini implementation of gmp that can be used if the
system lacks the full-blown gmp.
Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
[yann.morin.1998@free.fr:
- explicitly disable mini-gmp when full one is enabled
- reword and expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When host compiler is gcc 10 (for example on Fedora 32), dtc 1.5.1
fail to build with the error:
/usr/bin/ld: dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
dtc 1.6.0 fixes this issue in the commit:
https://git.kernel.org/pub/scm/utils/dtc/dtc.git/commit/?id=0e9225eb0dfec51def612b928d2f1836b092bc7e
Also adopt new spacing convention in .hash files (two spaces).
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
lvmetad is usually combined with event-based system services that
automatically run pvscan --cache on disks added or removed. This
way, the cache is automatically updated with metadata from new disks
when they appear. LVM udev rules and systemd services implement this
automation. Automatic scanning is usually combined with automatic
activation. For more information, see pvscan(8).
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This project is an implementation of the TCG TPM 2.0 specification. It
is based on the TPM specification Parts 3 and 4 source code donated by
Microsoft, with additional files to complete the implementation.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Install the sysvinit scripts, for the moment, but not S02sysctl, since
openrc provides /etc/init.d/sysctl.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-std=c++11 is needed to avoid the following build failure with poppler
and gcc 5:
/home/naourr/work/instance-0/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/poppler/cpp/poppler-page.h:40:37: note: C++11 'noexcept' only available with -std=c++11 or -std=gnu++11
/home/naourr/work/instance-0/output-1/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/poppler/cpp/poppler-page.h:70:10: error: 'unique_ptr' in namespace 'std' does not name a template type
std::unique_ptr<text_box_data> m_data;
^
Fixes:
- http://autobuild.buildroot.org/results/3428b9017168db9239756dc06cdaa5ae004cab97
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
exFAT filesystem userspace utilities
We need a patch to fix:
error: unknown type name ‘ssize_t’
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The package is separated from the regular libfuse package, as it
contains new API (and can co-exist with libfuse).
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This adds some instructions on how to build and run images for the OLPC
XO laptops.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Apcupsd is a UPS control system that permits orderly shutdown of your
computer in the event of a power failure.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
many build are broken, that starts by this kind of message:
Warning: could not load configuration file `.../host/etc/luarocks/config.lua` given in environment variable LUAROCKS_CONFIG
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The python-pyasn and python-pyasn1 packages package the exact same
upstream Python module, pyasn1. However, python-pyasn uses an outdated
version, and shouldn't be used.
We no longer need to depend on BR2_INSTALL_LIBSTDCPP as python-pyasn1
does not depend on it.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The python-pyasn and python-pyasn1 packages package the exact same
upstream Python module, pyasn1. However, python-pyasn uses an outdated
version, and shouldn't be used.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The python-pyasn and python-pyasn1 packages package the exact same
upstream Python module, pyasn1. However, python-pyasn uses an outdated
version, and shouldn't be used.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A defconfig for the nanopi_neo4 was added in
d1cd9cdf26, but then removed in
8af7b11bd8 because an ARM32 compiler was
needed to build ATF, and this was not supported back then.
Thanks to the addition of package/arm-gnu-a-toolchain/, we can now
re-introduce this defconfig.
Compared to the previous defconfig, the following changes were done:
- enable BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_ARM32_TOOLCHAIN
- bump kernel to 5.4
- increase default rootfs size to 70M
- use mainline u-boot
- switch to Marek Belisko as maintainer
Signed-off-by: Marek Belisko <marek.belisko@open-nandra.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- fix serial# variable creation for i.MX8MQ/MM/MN
- improve display selection
- fix fastboot support for boards with 1GB of RAM only
- add BD Nano board support
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- fix PMIC issue for i.MX8MMini
- add support for MCP25xxFD SPI to CAN chip
- fix external module build issue for GCC >= 9
- add BD Nano board support
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The i.MX8M Nano is slightly different from the i.MX8M Mini but very
close (pin to pin compatible).
Mainly the Nano version has no VPU and another GPU (GC7000UL).
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Cc: Refik Tuzakli <tuzakli.refik@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Due to migration to pkg-config in php 7.4, the detection of
library dependencies has been changed.
source from php.net:
--with-gd becomes --enable-gd
--with-png-dir has been removed. libpng is required.
--with-zlib-dir has been removed. zlib is required.
--with-freetype-dir becomes --with-freetype
--with-jpeg-dir becomes --with-jpeg
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If tty_handler() resets terminal while pkttyagent is run in background job,
the process gets stopped by SIGTTOU. This impacts systemctl, hence it must
be blocked for a while and then the process gets killed anyway.
Upstream commit: 28e3a6653d8c3777b07e0128a0d97d46e586e311
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch fixes two small memory leaks.
Upstream commit: 28e3a6653d8c3777b07e0128a0d97d46e586e311
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The default installed service file is missing a target, which causes preset-all
to not enable the service.
Add the service file to package/polkit with the addition of:
[Install]
WantedBy=multi-user.target
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently the volume-label for the vfat partition is a string with
the following pattern: 5934-861D.
Specify the volume-label as "boot" to make it easier to identify it.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There are muliple generations of OLPC laptops, x86 ones based on
Geode, VIA and ARM based with Marvell Armada. All of boot with
OpenFirmware and share some peripherals.
This patch adds the common files.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Add policy version 32 as a default version of toolchains build with kernel
headers 5.5 or later.
- Add Help text for the above.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The help text was wrong, as it didn't match the actual default values
we were specifying. Indeed, when we specify:
default 31 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_13
default 30 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_3
It means that the policy version 30 is supported starting from Linux
4.3 included, and that 31 is supported from Linux 4.13 included.
So we shouldn't have:
> 4.3 <= 4.13 30
> 4.13 31
but:
>= 4.3 < 4.13 30
>= 4.13 31
This patch fixes that for all versions.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Remove upstream patches.
- Modify existing patches to work with 3.0.
- Remove Python2 check, as 3.0 has removed Python2 support.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The released libssh package does wrongly reports the previous version.
This patch fixes the version field in the lib.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
OpenRC suports SELinux, so there is no reason to forcibly disable it.
Notice this only allows OpenRC to perform the initial policy load and
set the enforcing mode. In order really use SELinux it's also
necessary to select refpolicy, which provides a policy, and
policycoreutils, which provides restorecon and other SELinux
utilities.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
diff LICENSE:
- Copyright (C) 2013-2019 Gary V. Vaughan
+ Copyright (C) 2013-2020 Gary V. Vaughan
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The following dependencies are no longer needed:
- libev
- libavl
- protobuf-c
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This version changes the required dependencies as well as introducing
new bundled ones...
- Switch to the tarball released by upstream.
- Start depending on httpparser, instead of using the bundled one.
- Force using regcomp instead of using a bundled pcre.
- Add license for a bundled wildmatch and sha1.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
[yann.morin.1998@free.fr: reorder licenses; two spaces in hash file.]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The support for MacchiatoBin board in U-Boot and Linux has been
significantly improved in the past years. So it no longer makes much
sense to have a separate build configuration based on older vendor
Linux kernel and U-Boot. This commit drops the configuration based on
vendor kernel and U-Boot and renames the mainline-based defconfig.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump Linux to 5.6.3, U-Boot to 2020.01. New kernel and modules based
on arm64 defconfig do not fit into default size filesystem anymore.
So increase filesystem size to 120M.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_TARGET_ROOTFS_EXT2_LABEL now defaults to "rootfs", so repeating
that in those defconfigs is no longer necessary.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently the volume-label for the root filesystem partition is a string
wit the following pattern: ad09a287-46a9-4790-ba97-fbbb549e5e96.
Specify the volume-label as "rootfs" to make it easier to identify it.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently the volume-label for the vfat partition is a string with
the following pattern: 5934-861D.
Specify the volume-label as "boot" to make it easier to identify it.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Tested-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since switch to debian in commit
210ccaef57, host-gperf is needed to
generate frametype.c because debian/patches/add-m4-directory.patch
patches Makefile.am. As a side effect, libid3tag tries to generate
frametype.c from frametype.gperf due to following rule:
$(srcdir)/frametype.c: $(srcdir)/frametype.gperf Makefile.am
cd $(srcdir) && \
gperf -tCcTonD -K id -N id3_frametype_lookup -s -3 -k '*' \
frametype.gperf | \
sed -e 's/\(struct id3_frametype\);/\1/' | \
sed -e '/\$$''Id: /s/\$$//g' >frametype.c
If host-gperf is not available, frametype.c will be empty and build with
madplay will fail on:
configure:17243: checking for snd_pcm_open in -lasound
configure:17268: /home/giuliobenetti/autobuild/run/instance-3/output-1/host/bin/powerpc64-linux-gcc -o conftest -Wall -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=1 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -lasound -L/home/giuliobenetti/autobuild/run/instance-3/output-1/host/bin/../powerpc64-buildroot-linux-gnu/sysroot/usr/lib -lasound -L/home/giuliobenetti/autobuild/run/instance-3/output-1/host/bin/../powerpc64-buildroot-linux-gnu/sysroot/usr/lib -lid3tag >&5
/home/giuliobenetti/autobuild/run/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64-buildroot-linux-gnu/8.3.0/../../../../powerpc64-buildroot-linux-gnu/bin/ld: /home/giuliobenetti/autobuild/run/instance-3/output-1/host/bin/../powerpc64-buildroot-linux-gnu/sysroot/usr/lib/libid3tag.so: undefined reference to `id3_frametype_lookup'
Fixes:
- http://autobuild.buildroot.org/results/15a8c7f6e34b26446179c04383719ea71495403e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
EXT_SUFFIX in Python versions > 3.5 contains a platform tag which only applies
to cpython extensions. Given that ctypes.util.find_library does not work on the
target due to the absence of the underlying tools '.so' needs to be added as a
possible suffix for libraries to enable python-iptables to find the iptables
shared libraries.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
ctypes.util.find_library() depends on gcc and friends to detect the location of
a given shared library. Given that these are not available on the target and
that python-iptables depends on this functionality we need to work around this.
The SONAMEs of the libc are well known so we try the known ones for glibc,
uClibc and musl.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12271
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The package uses ctypes.CDLL extensively which only makes sense when dynamic
libraries are available.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2020-10932: fix side channel in ECC code that allowed an
adversary with access to precise enough timing and memory access
information (typically an untrusted operating system attacking a
secure enclave) to fully recover an ECDSA private key.
- Fix a potentially remotely exploitable buffer overread in a DTLS
client when parsing the Hello Verify Request message.
- Fix bug in DTLS handling of new associations with the same parameters
(RFC 6347 section 4.2.8): after sending its HelloVerifyRequest, the
server would end up with corrupted state and only send invalid records
to the client. An attacker able to send forged UDP packets to the
server could use that to obtain a Denial of Service. This could only
happen when MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE was enabled in
config.h (which it is by default).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As of upstream commit 3a5e6219a2b62af076caa4f37fab9258165ec266 msgpack
is now required.
License hash change is due to date update in upstream commit
cf83d1d429ecebb093f6eaab773bd41c251530ca.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patches.
Remove CVE annotation; issue fixed upstream.
Depend on MMU. Upstream removed support for fork-less targets (commit
48d12f14c9c).
Reformat hashes file with two spaces delimiter. Remove stale 2.79
tarball hash entry.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default, exim stores its PID file in /var/spool/exim, and its log
file in /var/spool/exim/log, but it makes a lot more sense to have the
logs in /var/log/exim and the PID file in /var/run/exim.
Using binary name subdirectory in both cases allows for the use of
systemd's LogsDirectory and RuntimeDirectory statements
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patch applied upstream in updated form:
2122fe08cc
Added new patch to fix subsequent build error on mips.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add initial support for Nanopi R1 board with below features:
- U-Boot 2019.01
- Linux 5.0
- Default packages from buildroot
Configuration files taken from Armbian:
https://github.com/armbian/build/blob/master/patch
Signed-off-by: Davide Viti <zinosat@gmail.com>
[Thomas: move U-Boot config and DT to board/friendlyarm/nanopi-r1/uboot/]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switched _SITE to https.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The hash of the NOTICE file has changed due to update in copyright year
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2020-1730: Possible DoS in client and server when handling
AES-CTR keys with OpenSSL.
Format hash file with two spaces delimiter.
Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Used to launch qemu tests for various qemu architectures.
Neverthless to say that this file skips any other job
different from qemu (only qemu configurations are
runtime tested).
Add the log generated by Qemu to the build artefacts.
Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This script is intended to be used by gitlab CI to test at runtime Qemu
images generated by Buildroot's Qemu defconfigs.
This allows to troubleshoot different issues that may be associated with
defective builds by lanching a qemu machine, sending root password,
waiting for login shell and then perform a shutdown.
This script is inspired by toolchain builder [1] and the Buildroot
testing infrastructure.
The gitlab CI will call this script for each defconfig build but only
Qemu defconfig will be runtime tested, all others defconfig are ignored.
Some Qemu defconfig must be used with a specific Qemu version (fork)
that is not always available, so the script doesn't error out when it
can't spawn a missing command. That condition is anyway printed in the
log.
Finally, the script start Qemu like it's done for the Buildroot
testing infrastructure (using pexpect).
Note:
We noticed some timeout issues with pexpect when the Qemu machine is
powered off. That's because Qemu process doesn't stop even if the
system is halted (after "System halted"). So the script doesn't error
out when such timeout occure. The behaviour depends on the architecture
emulated by Qemu.
[1] https://github.com/bootlin/toolchains-builder/blob/master/build.sh
Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit allow to use the post-image script previously added
for each qemu board.
Add "$(BR2_DEFCONFIG)" as post-image script argument to retried
the qemu command line.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit add a post-image script to be used by each qemu board
defconfig in order to generate start-qemu.sh in BINARIES_DIR. The
start-qemu.sh script can be used by Buildroot user to start Qemu
or by a gitlab CI.
To find the correct qemu command line, we use the second post script
argument which must contain "$(BR2_DEFCONFIG)"
BR2_ROOTFS_POST_SCRIPT_ARGS="$(BR2_DEFCONFIG)"
The post-image script expect something like
"/path/to/qemu_aarch64_virt_defconfig" in BR2_DEFCONFIG.
Doing a basename allow to retrieve the name of the defconfig file that
should match on on the "tag" previously introduced in readme.txt files.
For running in the CI, as well as running from a remote machine (e.g. on
a remote build machine), it is better not to start in graphical mode,
but only with the serial line attached to the terminal. The post-build
script prepares two sets of arguments for each case, graphical or
serial, and stores them in the start-qemu.sh script, which then decodes
which to use, based on an argument on the command line (default is still
graphical)
sh4/sh4eb needs a special handling by adding "-serial stdio -display
none"; others only require "-nographics". Some qemu command lines
already contain "-serial stdio", but that does not play nicely with
"-nographics", we remove that when going serial-only (although this
might seem counter-intuitive).
Finally, we ensure the script uses our qemu-system (if it was built).
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[yann.morin.1998@free.fr:
- drop the knowledge about gitlab-ci, replace with an argument to
pass to start-qemu.sh
- adapt the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit add the name of the Qemu defconfig file after each
qemu command line in order to retrieve it easily.
Since a readme.txt can be shared between several Qemu defconfig, we
need at least one qemu command line in readme.txt for each defconfig.
For now, ignore the qemu_arm_vexpress_tz_defconfig since it fail to build
due to python script issue [1]. Anyway the arm vexpress boot is tested
with qemu_arm_vexpress_defconfig.
[1] http://lists.busybox.net/pipermail/buildroot/2020-February/273738.html
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no reason to create boot.scr in board/udoo/neo and later
install it in TARGET_DIR/boot, leaving a stale file behind.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is no reason to create boot.scr in board/solidrun/mx6cubox and
later install it in TARGET_DIR/boot, leaving a stale file behind.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is no reason to create boot.scr at board/wandboard and later
install it at TARGET_DIR/boot, leaving a stale file behind.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Update dependency list withn python-entrypoints.
* The need for Python 3.x is no longer only related to
python-secretstorage: python-keyring itself also works only with
Python 3.x
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Unlike the other libraries built by azure-iot-sdk-c, libumqtt follows
a regular versioning scheme. It has a libumqtt.so.1 SONAME, with
libumqtt.so.1 being a symlink to libumqtt.so.1.1.11.
However, we currently install the library itself as libumqtt.so to the
target filesystem, which is not its SONAME, which means it cannot be
found by any other library/program linked against it.
This commit fixes that by installing the library as
libumqtt.so.1.1.11, and creating the appropriate symlinks. The static
library installation is not modified.
Signed-off-by: Stephan Hoffmann <stephan.hoffmann@ext.grandcentrix.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As a preparation for adding the creation of some symlinks, let's
factor the library installation into a function.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The canonical way to use $(INSTALL) is to have a full destination
path, that includes the file name.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The original pattern for creating the pid file was:
open_create(pid_file)
write(pid_file, pid)
close(pid_file)
But if a power outage occurs between open_create and write, the file will
be empty and httpd will refuse to start afterwards unless the corrupt pid
file is removed.
This patch uses the pattern:
open_create(temp_pid_file)
write(temp_pid_file)
close(temp_pid_file)
rename(temp_pid_file, pid_file)
which is guaranteed to be atomic, provided that temp_pid_file and pid_file
are located in the same file system, which this patch does by creating
a temporary file name with the pattern:
pid_file_name + random_suffix
Patch is upstream as of
dd10a9352e,
which will be in the next 2.5.x version.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[Thomas: update to use upstreamed patch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9cae8f557b introduced an optional
dependency on GPM, but got the name of the option wrong, and used
GMP. In fact, even the commit title was wrong.
This causes a build failure:
Makefile:578: *** gpm is in the dependency chain of mc that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
Fixes:
http://autobuild.buildroot.net/results/52fb92ae7dd55cba7d19862bb6cd89c80da9a4b6/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the pkcs11-helper package is selected, add the package to the
dependency list and explicitly set --enable-pkcs11.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
pkcs11-helper is a library that simplifies the interaction with
PKCS#11 providers for end-user applications. Pkcs11-helper allows
using multiple PKCS#11 providers at the same time, enumerating
available token certificates, or selecting a certificate directly by
serialized id, handling card removal and card insert events, handling
card re-insert to a different slot, supporting session expiration and
much more all using a simple API.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch to disable internal dynamic zlib library building, fixes
compile failure for static only toolchains (and assimp links
against the static one).
Fixes:
http://autobuild.buildroot.net/results/7c2db184ee200d1719308f38f42382bb39d8d5c6
[13%] Linking C shared library ../../lib/libzlib.so
.../arm-buildroot-linux-uclibcgnueabi/bin/ld: .../host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libc.a(__uClibc_main.os): in function `__uClibc_fini':
__uClibc_main.c:(.text+0x15c): undefined reference to `__fini_array_start'
.../arm-buildroot-linux-uclibcgnueabi/bin/ld: __uClibc_main.c:(.text+0x160): undefined reference to `__fini_array_end'
.../arm-buildroot-linux-uclibcgnueabi/bin/ld: final link failed: bad value
collect2: error: ld returned 1 exit status
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumping to kernel 5.5 add many new features compare to
the actual 5.3 used on Beelink GS1.
Which are crypto, USB3, GPU, IR, S/PDIF and RTC.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The U-boot patch has been upstreamed.
Bump U-boot version and drop the patch.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The WDT workaround patch has been upstreamed.
Bump to the new ATF version and drop the patch.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds @CMAKE_SYSROOT@ to mariadb_config.c.in. Without it,
mariadb_config and mysql_config incorrectly returns host paths for
include paths and library paths.
The patch has been accepted upstream at
b787c0d69c
Reported-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream libmad is dead since 2004 so switch to debian package to get
two patches that fix the following CVEs:
- CVE-2017-8372: The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to
cause a denial of service (assertion failure and application exit)
via a crafted audio file.
- CVE-2017-8373: The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted audio file.
- CVE-2017-8374: The mad_bit_skip function in bit.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted
audio file.
Moreover:
- Remove third patch (replaced by optimize.diff debian patch)
- Remove fourth patch (same patch than
Provide-Thumb-2-alternative-code-for-MAD_F_MLN.diff)
- Remove fifth patch (same patch than libmad.thumb.diff)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream libid3tag is dead since 2004 so switch to debian to get two
patches that fix the following CVEs:
- CVE-2004-2779: id3_utf16_deserialize() in utf16.c in libid3tag
through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd
number of bytes, triggering an endless loop allocating memory until
an OOM condition is reached, leading to denial-of-service (DoS).
- CVE-2017-11550: The id3_ucs4_length function in ucs4.c in libid3tag
0.15.1b allows remote attackers to cause a denial of service (NULL
Pointer Dereference and application crash) via a crafted mp3 file.
- CVE-2017-11551: The id3_field_parse function in field.c in libid3tag
0.15.1b allows remote attackers to cause a denial of service (OOM)
via a crafted MP3 file.
Moreover, drop patch (replaced by add-m4-directory.patch debian patch)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The DTLS support needs either gnutls or openssl, so let's have these
packages as optional dependencies. We prefer gnutls over openssl as
done by upstream in their configure.ac when the user does not provide
any option (which is the case currently)
While there is support for tinydtls, and Buildroot has a tinydtls
package, libcoap is only able to use its own internal library, and
only when static linking is enabled, so we simply disable the use of
tinydtls altogether.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
RabbitMQ now depends on Elixir for the build system.
The log directory is required for the server to start with the default
configuration. This behaviour was changed in v3.7 with the move to erlang-lager
as the logging library.
License changes:
- LICENSE: Added clarification about the licensing of a number of included
dependencies and a URL changed to HTTPS. License remains MPL-1.1
- LICENSE-BSD-base64js: URL changed to https (license text is actually MIT)
- LICENSE-MIT-Flot: year update
- LICENSE-MIT-JQuery164: URL changed to https
- LICENSE-MPL-RabbitMQ: URL changed to https, year update
- LICENSE-MPL2: URL changed to https
Removed licenses:
- LICENSE-APL2-Rebar: Removed dependency
- LICENSE-BSD-gl-Matrix: Removed dependency
- LICENSE-ERL-OTP: Removed license
- LICENSE-MIT-Mochiweb: Removed dependency
- LICENSE-MIT-SockJS: Removed dependency
New licenses:
- LICENSE-APACHE2-excanvas: new bundled dependency (Apache 2)
- LICENSE-BSD-recon: new bundled dependency (BSD 3-clause)
- LICENSE-erlcloud: new bundled dependency (BSD 2-clause)
- LICENSE-httpc_aws: new bundled dependency (BSD 3-clause)
- LICENSE-ISC-cowboy: new bundled dependency (ISC)
- LICENSE-MIT-EJS: new bundled dependency (MIT)
- LICENSE-MIT-Erlware-commons: license was present in 3.6.6 but not included in
the list
- LICENSE-MIT-jQuery: new bundled dependency (MIT)
- LICENSE-MIT-Sammy: new bundled dependency (MIT)
- LICENSE-rabbitmq_aws: new bundled dependency (BSD 3-clause)
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Moving the licenses to a single file name per line and ensuring
they're in alphabetical order makes it easier to see what changed in
case these licenses change.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- There is no incompatibility of this version with php, the issue was
due to libargon2 itself that installs library to lib/x86_64-linux-gnu
on Linux x86_64 host since
d3639142fa
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When libgcrypt is available set default-dnssec to the backwards
compatible allow-downgrade option.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-homed is a system service that may be used to create, remove,
change or inspect home directories.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- add missing dependency on kernel headers >= 4.12
- add missing Config.in comment about dependency]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the jpeg-turbo tools are forcibly removed, but they can be
usefull (e.g. to test performance on the target, or to script batch
conversions).
Add an option to allow keeping them.
Signed-off-by: Clément Péron <peron.clem@gmail.com>
[yann.morin.1998@free.fr
- move the option out of the choice
- move the option to a Config.in.options
- drop the default 'n', which is ... the default
- use positive logic to define the hook
- move definition of the hook in the conditional block
- don't indent the hook assignment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since there is a variable definition between the definition of
BR2_PACKAGE_JPEG and the choice depending on it, the choice is
not indented bewlo the "jpeg support" prompt, like we like to
have:
[*] jpeg support
jpeg variant (jpeg-turbo) --->
Move the BR2_PACKAGE_JPEG right before the choice (really, move
BR2_PACKAGE_JPEG_SIMD_SUPPORT before BR2_PACKAGE_JPEG, but diff
finds the move of BR2_PACKAGE_JPEG is smaller to display):
[*] jpeg support
jpeg variant (jpeg-turbo) --->
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When the 'nvd-path', 'json' and 'html' are used like this:
--html ~/foo
then the tilde expansion is properly done by the shell. However, when
they are used like this:
--html=~/foo
The shell doesn't do the tilde expansion, and pkg-stats doesn't do
it. This commit modifies pkg-stats to ensure that tilde expansion is
done when parsing the 'nvd-path', 'json' and 'html' arguments.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order to allow the host Lua interpreter to load native modules, we
need to enable building liblua.so, by switching from BUILDMODE=static
to BUILDMODE=dynamic.
In addition, since some modules need Lua 5.2 functions, we build the
host Lua interpreter with -DLUA_COMPAT_5_2, when the Lua interpreter
version is 5.3. Note that we are testing the target option
BR2_PACKAGE_LUA_5_3, but this is OK: the host and target Lua
interpreters have the same version.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In preparation for the addition of the support for host-luarocks
packages, this commit changes the luarocks logic to use a custom
configuration file in $(HOST_DIR)/etc/luarocks/config.lua instead of
the default
$(HOST_DIR)/etc/luarocks/config-$(LUAINTERPRETER_ABIVER).lua.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: extracted from a larger patch from François]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_PACKAGE_LINUX_FIRMWARE_QUALCOMM_6174 is a superset of
BR2_PACKAGE_LINUX_FIRMWARE_ATHEROS_10K_QCA6174. Drop the redundant
symbol.
Add the full list of license files to
BR2_PACKAGE_LINUX_FIRMWARE_QUALCOMM_6174.
Add notice_ath10k_firmware-5.txt license file hash.
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr:
- reorder license files
- rewrap license files to usual style for multi-line variables
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gr-osmosdr is now python3 only, so drop everything related to python2.
python-cheetah is no longer mandatory, so drop this too.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
2343fd6 v2.9.4
714cbb2 Fix ABI breakage
1c02cb9 Correct test name and numbering
And update hash file formatting (2 spaces).
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 2cc2ae83fc, kodi-pvr-vuplus
has a dependency on json-for-modern-cpp, but the dependency of
json-for-modern-cpp on gcc >= 4.9 was not propagated. Let's fix that.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch site to github
- Remove first patch (already in version)
- Update second patch
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In preparation for the introduction of support for host Luarocks
packages, this commit reworks the luarocks-package infrastructure:
- A number of variables that were defined in
package/luarocks/luarocks-br-config.lua are now passed on the
luarocks command line in $(2)_INSTALL_TARGET_CMDS in
pkg-luarocks.mk.
- The LUAROCKS_CFLAGS logic is moved from
package/luarocks/luarocks.mk to package/pkg-luarocks.mk.
- The LUAROCKS_RUN_ENV variable is no longer needed, as all details
are now passed on the luarocks command line in pkg-luarocks.mk.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since luarocks commit
ffab9f3269,
available since luarocks v3.2.0, LuaJIT is now detected
automatically. It is therefore no longer necessary to explicitly
indicate in lua_interpreter that LuaJIT is used.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
host-gdb was limited to link only with Python 2 although it's possible
to build Python 3 for host. Add the ability to link with Python 3.
Signed-off-by: Ramon Fried <rfried.dev@gmail.com>
[Thomas: add an option to the choice to not have Python support]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
qt5canvas3d:
- removed with 5.13 according to [1]
qt5webengine:
- remove 0001-pkg_config-Fixes-when-use_sysroot-false.patch
(taken from upstream [2])
- update 3rdparty license hash list and chromium-latest.inc file
[1] https://doc.qt.io/qt-5/whatsnew513.html
[2] a8c8396fd2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: add Config.in.legacy entry for qt5canvas3d]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As of upstream commit 735eb608637e7bbab4082a541ac802cc919fec22,
available since version v20.1.1, support for Python 2.x has been
dropped, and Python >= 3.5 is required. So we make python-txaio depend
on python3, and remove the python2 test of python-txaio.
We also remove the python-six dependency which is no longer used by
txaio, since upstream commit 62b0e7eaa22769687df1de8f57374cb0a42bdc4d.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Select LIBV4L_UTILS so that camera capture pipelines can be
configured.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that MESA3D_OPENGL_EGL is not automatically selected by the mesa3d
etnaviv driver, explicitly select it in the config file.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that MESA3D_OPENGL_EGL is not automatically selected by the mesa3d
etnaviv driver, explicitly select it in the config file.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The mesa3d freedreno driver is not usable without the corresponding
libdrm support for this platform, so select LIBDRM_FREEDRENO.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Older toolchains need to include sys/types.h and sys/socket.h before
linux/if.h, RTA_PREF was introduces with linux-4.1.x.
Fixes:
http://autobuild.buildroot.net/results/2d1/2d1a3f82abb8475d39908b22f775c2dac781f330
In file included from ell/rtnl.c:28:0:
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:185:19: error: field 'ifru_addr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:186:19: error: field 'ifru_dstaddr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:187:19: error: field 'ifru_broadaddr' has incomplete type
.../host/arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:188:19: error: field 'ifru_netmask' has incomplete type
.../arm-buildroot-linux-gnueabi/sysroot/usr/include/linux/if.h:189:20: error: field 'ifru_hwaddr' has incomplete type
ell/rtnl.c: In function 'l_rtnl_route_extract':
ell/rtnl.c:120:8: error: 'RTA_PREF' undeclared (first use in this function)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patch that is now upstream.
Removed GENSIO_AUTORECONF as we no longer patch configure.ac.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As assimp fails to use system provided zlib/zip (and is picky
about the provided versions) use assimp contributed one
and backport one part of upstream patch to fix musl compile.
Fixes:
http://autobuild.buildroot.net/results/4b373ae7d8fd40efe3e2592f94f2d769d6a77669
In file included from .../assimp-5.0.1/code/3MF/D3MFExporter.cpp:61:
.../assimp-5.0.1/contrib/zip/src/zip.h:30:15: error: conflicting declaration 'typedef long int ssize_t'
typedef long ssize_t; /* byte count or error */
^~~~~~~
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit dcaf6e75a (package/gcc: pass -Wno-error to debug builds)
introduced non-ASCII characters in a comment, copy-pasted from a
terminal output.
check-package does not like non-ASCII characters, and whines about
them.
Replace the fancy quotes by standard ASCII ones.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2020-11100: In hpack_dht_insert in hpack-tbl.c in the HPACK
decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can
write arbitrary bytes around a certain location on the heap via a
crafted HTTP/2 request, possibly causing remote code execution.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream commit
c0223223f8,
which has been part of the releases since v20.1.2 has dropped support
for Python 2.x. So python-autobahn is now only available for Python
3.x.
We therefore remove the Python 2.x autobahn tests, and while at it,
drop the python-six dependency, which is no longer needed since
upstream commit
79bd2ba41b,
part of the releases since v20.1.3.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
* CVE-2020-11501: It was found that GnuTLS 3.6.3 introduced a
regression in the DTLS protocol implementation. This caused the DTLS
client to not contribute any randomness to the DTLS negotiation
breaking the security guarantees of the DTLS protocol.
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The dockerCompose runtime test currently fails with:
pkg_resources.ContextualVersionConflict: (idna 2.9 (/usr/lib/python3.8/site-packages), Requirement.parse('idna<2.9,>=2.5'), {'requests'})
This is due to the fact that the python-requests module has a strict
version dependency on the python-idna module: 'idna>=2.5,<2.9'.
Since Buildroot commit 237d31bf52, we're
using python-idna in version 2.9, which no longer matches the version
dependency expressed by python-requests, causing the failure.
Upstream has addressed this issue in commit
c46f55bd48,
which relaxes the version requirement.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/498144417
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes since v2.1.1:
https://github.com/FluidSynth/fluidsynth/releases/tag/v2.1.2
- fluidsynth now exits with error when user-provided command-line arguments are out-of-range
- add verbose error logging to opensles and oboe drivers
- fix a memory leak in oboe driver
- fix a NULL dereference in the fluidsynth commandline program
./utils/test-pkg --package fluidsynth
6 builds, 1 skipped, 0 build failed, 0 legal-info failed
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patch (already in version)
- Update hash of LICENSE.txt: Fixed Apache license not using canonical
version:
9834ee9787
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patch because the linker error no longer appears on br-x86-64-musl.
v0.13.0 fixes the following CVEs:
CVE-2019-0205: In Apache Thrift all versions up to and including 0.12.0,
a server or client may run into an endless loop when feed with specific
input data. Because the issue had already been partially fixed in version
0.11.0, depending on the installed version it affects only certain
language bindings.
CVE-2019-0210: In Apache Thrift 0.9.3 to 0.12.0, a server implemented
in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with
invalid input data.
Also update the hash file to the new two-spaces convention
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
gcc fails to build in debug build with debug optimisations:
BR2_x86_corei7=y
BR2_ENABLE_DEBUG=y
BR2_DEBUG_3=y
BR2_OPTIMIZE_G=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
which fails with:
../../../../libsanitizer/libbacktrace/../../libbacktrace/elf.c:772:21: error: ‘st.st_mode’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
return S_ISLNK (st.st_mode);
^
Upstream has been unable to reproduce/fix properly, details:
https://gcc.gnu.org/legacy-ml/gcc-patches/2019-03/threads.html#00827
Upstream recommends passing -Wno-error as a workaround, see:
https://gcc.gnu.org/pipermail/gcc-patches/2019-April/519867.html
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: add the reproducing defconfig]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
ubiformat returns 255 even on successful format actions, since the upgrade
of mtd-utils to version 2.1.1.
Backport an upstream patch that fixes this issue. No new release is made
yet.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[yann.morin.1998@free.fr: make it explicit it's a backported patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This includes the following changes:
f4b9cde Allow negative offsets
45bf92a Detect sector size if not found in config
9f59db6 uboot_env: remove unused variables
65d243e README: libubootenv is now in oe-core
And update hash file formatting (2 spaces).
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
0001-make-netgroup-support-optional.patch patches configure.ac, but we
don't autoreconf the package, which is not good.
However, simply adding AUTORECONF = YES is not sufficient: polkit
Makefile.am use the automake conditional HAVE_INTROSPECTION, which is
"available" only when the gobject-introspection m4 file is installed.
Since we don't want to make gobject-introspection a mandatory
dependency of polkit, we take a simpler route: add a copy of
introspection.m4 into the polkit source tree. This is only a 142 lines
file, and it can be dropped when
0001-make-netgroup-support-optional.patch is merged upstream.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Update site to get latest version
- First patch is not needed since
e7e4868ad7
- Update second patch
- Drop third patch (not needed anymore)
- Update hash of COPYING:
- BSD-2-Clause for Palm source code removed
- Add SUN Microsystems license for g72x files
- Add Apache-2.0 for lang/cmu_grapheme_lex/grapheme_unitran_tables.c
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt -Dintrospection=true.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --with-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt -Dintrospection=true.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, add the gobject-introspection package to
the dependency list and set the conf opt --enable-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the build continue even if some symbols disapear from
the generated dot config file (.config).
This patch add a new check in order to stop the test if one
of the provided symbol is missing. This must be treated as error.
For example, if a symbol disapear due to new dependency constraints.
Inspired by is_toolchain_usable() function from genrandconfig:
https://git.busybox.net/buildroot/tree/utils/genrandconfig?h=2020.02#n164
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
TestPythonPackageBase.config provide already the basic uClibc toolchain.
So by adding the symbols for the linaro toolchain some warning are printed
at while loading the configuration:
.config:16:warning: override: reassigning to symbol BR2_TOOLCHAIN_EXTERNAL
.config:16:warning: override: BR2_TOOLCHAIN_EXTERNAL changes choice state
.config:17:warning: override: reassigning to symbol BR2_TARGET_ROOTFS_CPIO
.config:21:warning: override: BR2_TOOLCHAIN_EXTERNAL_LINARO_ARM changes choice state
So, some symbol disapear from the generated dot config (.config) leading
to an error due to a new check in the testsuite infra.
Since this test should use the Linaro toolchain, remove
TestPythonPackageBase.config add BR2_arm=y and disable the rootfs tar option.
While at it, re-order the options so that they appear in the same
order as they appear in a defconfig.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Adam Duskett <Aduskett@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Until now, the lxc test was using the ARM CodeSourcery 2014.05 armv5 toolchain.
But the recent systemd version bump to 245 added a toolchain dependency
on systemd package due to build issues with gcc < 5.0.
Before [1] the lxc test was failing to build with the ARM CodeSourcery 2014.05
toolchain. After [1], the test is faling at runtime since the
"BR2_INIT_SYSTEMD=y" symbol disapear from the dot config (.config) due to
the new toolchain dependency.
Fix this by using the same toolchain as for the systemd tests [2]
[1] 2196ee25ff
[2] b3d979c0d1
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The BR2_TOOLCHAIN_EXTERNAL_LOCALE is only defined for uClibc based
custom external toolchains.
The test_glxinfo is using a glibc toolchain, so the
"# BR2_TOOLCHAIN_EXTERNAL_LOCALE is not set" line disapear from
the generated dot config (.config) leading to an error due to
a new check in the testsuite infra.
There is the same problem with:
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_DEBUG=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL=y
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The BR2_TOOLCHAIN_EXTERNAL_LOCALE is only defined for uClibc based
custom external toolchains.
The test_syslinux is using a glibc toolchain, so the
"# BR2_TOOLCHAIN_EXTERNAL_LOCALE is not set" line disapear from
the generated dot config (.config) leading to an error due to
a new check in the testsuite infra.
There is the same problem with:
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_DEBUG=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS=y
BR2_TOOLCHAIN_EXTERNAL_HAS_THREADS_NPTL=y
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Configure.py extracts arch, vendor, and os from the passed
toolchain string on line 180. When using ccache, the passed path string is
"/usr/lib64/ccache/g++" which breaks the logic, causing the following error:
Traceback (most recent call last):
File "./configure.py", line 180, in <module>
(t_arch, t_vendor, t_os) = target.split('-')
ValueError: not enough values to unpack (expected 3, got 1)
Use --with-cxx-compiler=$(HOSTCXX_NOCCACHE) instead of $(HOSTCXX) to fix the
above error.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upcoming release of kodi 19.0 will add libudfread as optional
dependency: https://github.com/xbmc/xbmc/pull/17612
Please note that the removed support of libudf was added on the master
branch so we do not need to backport udf support to kodi 18.x:
558b54a79e
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: two spaces in hash files]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A new DRM platform has landed, now you can choose to build with the
DRM or FDO platform, or neither. If neither are selected, Cog will
fallback to a simple WPE backend like WPEBackend-rdk
(https://github.com/WebPlatformForEmbedded/WPEBackend-rdk).
Don't be confused that in both cases the *wpebackend-fdo* package is
required. This is an unfortunate naming issue.
Signed-off-by: Charlie Turner <cturner@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is no host variant for SDL2 library in Buildroot.
So the qemu build system will try to detect automatically the
external SDL2 libraries installed on the host.
$ ldd output/host/bin/qemu-system-aarch64
[...]
libSDL2-2.0.so.0 => /lib64/libSDL2-2.0.so.0
Disable explicitely sdl2 options (named sdl) to improve the
build reproducibility.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
bzip2 support is needed for reading bzip2-compressed dmg images.
But the host-bzip2 is missing from host qemu package dependency,
so the qemu build system will try to detect automatically the
external libbzip2 libraries installed on the host.
$ ldd output/host/bin/qemu-system-aarch64
[...]
libbz2.so.1 => /lib64/libbz2.so.1
or
libbz2.so.1.0 => output/host/lib/libbz2.so.1.0
if host-bzip2 is built before host-qemu.
Disable explicitely bzip2 options to improve the build
reproducibility.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The vnc support is enabled by default and the build system
will try to detect automatically some external libraries
installed on the host for vnc-png, vnc-jpeg and vnc-sasl.
$ ldd output/host/bin/qemu-system-aarch64
[...]
libpng16.so.16 => /lib64/libpng16.so.16
or
libpng16.so.16 => output/host/lib/libpng16.so.16
if host-libpng is built before host-qemu.
Disable explicitely thoses options to improve the build
reproducibility.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no host-libssh in Buildroot, avoid qemu build system
to find libssh from the host.
Under certain circumstances (host distribution, openssl version), the
qemu-system binary fail to start:
host/bin/qemu-system-aarch64: symbol lookup error: /lib64/libssh.so.4: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
$ ldd output/host/bin/qemu-system-aarch64
[...]
libssh.so.4 => /lib64/libssh.so.4
Explicitely disable libssh for the host variant.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After the staging installation, we replace a number of paths in libtool
.la files so that those paths point to STAGING_DIR instead of a location
in the build machine.
However, we replace only paths that start with /usr. And it turns out
that the linux-pam package is configured with --libdir=/lib (linux-pam
seems to always be installed in /lib rather than /usr/lib).
Due to this, libpam.la contains the following line:
libdir='/lib'
When building a configuration that has:
- BR2_ROOTFS_MERGED_USR=y
- BR2_PACKAGE_LINUX_PAM=y
- BR2_PACKAGE_POLKIT=y
on a system that has its system-wide PAM library installed in /lib,
the build fails with:
/lib/libpam.so: file not recognized: File format not recognized
For some reason, libtool searches only in STAGING_DIR/usr/lib, but
when BR2_ROOTFS_MERGED_USR=y, STAGING_DIR/lib points to
STAGING_DIR/usr/lib, so libtool finds libpam.la. And this libpam.la
contains a bogus libdir='/lib' path. libtool then goes on, finds
/lib/libpam.so, and links with it, causing the build failure.
By doing the proper replacement of libdir='/lib', we have a correct
libpam.la, and solve the build issue.
There is no autobuilder failure associated to this issue, as it
requires /lib/libpam.so to exist. This is the case on ArchLinux, on
which Xogium reported the issue, which can also be reproduced in an
ArchLinux container.
Reported-by: Xogium <contact@xogium.me>
Cc: Xogium <contact@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- tested by manually creating a symlink to libpam.so in /lib
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the dependencies for the init system choice, and the
dependencies for the package, are slightly different, and not in the
same order, the latter making it difficult to assess consistency between
the two.
Fix all that, by cross-duplicating dependencies from the init choice and
the package, and order the dependencies according to the manual (arch
first, toolchain, then the others).
Note that some dependencies are redundant, but kept nonetheless for
correctness:
- BR2_USE_MMU is implied by BR2_TOOLCHAIN_USES_GLIBC, but systemd does
use fork();
- !BR2_STATIC_LIBS is also implied by BR2_TOOLCHAIN_USES_GLIBC, but it
is also inherited from kmod which we select;
- BR2_TOOLCHAIN_HAS_THREADS is also implied by BR2_TOOLCHAIN_USES_GLIBC,
but systemd does use pthread_*() functions.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kodi plays these files through ffmpeg and does not link to libtheora
anymore, see PR 9686.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2020-5291: Bubblewrap (bwrap) before version 0.4.1, if installed
in setuid mode and the kernel supports unprivileged user namespaces,
then the `bwrap --userns2` option can be used to make the setuid process
keep running as root while being traceable. This can in turn be used to
gain root permissions. Note that this only affects the combination of
bubblewrap in setuid mode (which is typically used when unprivileged
user namespaces are not supported) and the support of unprivileged user
namespaces.
Also update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Configure options should be passed via CONF_OPTS not CONF_OTPS.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[yann.morin.1998@free.fr: also fix the epoxy ones]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Unbound: validating, recursive & caching DNS resolver with
DNSSEC, QNAME minimisation, DNSCrypt and DNS-over-TLS support.
Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds four new tests for the syslinux bootloader:
- Building on x86, for legacy BIOS
- Building on x86, for EFI BIOS
- Building on x86-64, for legacy BIOS
- Building on x86-64, for EFI BIOS
Runtime testing in Qemu would certainly be possible, but is left as a
future addition to these tests.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The following defconfig:
BR2_x86_i686=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://toolchains.bootlin.com/downloads/releases/toolchains/x86-i686/tarballs/x86-i686--glibc--bleeding-edge-2018.11-1.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_GCC_8=y
BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_14=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_INIT_NONE=y
BR2_TARGET_SYSLINUX=y
BR2_TARGET_SYSLINUX_EFI=y
fails to build due to missing setjmp/longjmp definitions, which is a
consequence of a change introduced between gnu-efi 3.0.9 and 3.0.10.
This build failure is fixed by adding another syslinux paytch, which
has been submitted upstream.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When the swupdate SYSTEMD option is enabled, systemd needs to be built
before swupdate, otherwise the build fails with:
core/notifier.c:27:10: fatal error: systemd/sd-daemon.h: No such file or directory
27 | #include <systemd/sd-daemon.h>
| ^~~~~~~~~~~~~~~~~~~~~
Of course, it remains up to the user to make sure that the systemd
package is enabled when systemd support is enabled in the swupdate
configuration.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the toolchain being used by the testsuite infra.
The new toolchain 2018.11-1 is based on gcc 8.2, uClibc-ng 1.0.30,
linux-headers 4.14 and binutils 2.31.1.
Enable BR2_TOOLCHAIN_HAS_THREADS_DEBUG that is now required.
The old toolchain 2017.05 is based on gcc 4.9, uClibc-ng 1.0.25,
linux-headers 3.10 and binutils 2.27.
Tested with gitlab
https://gitlab.com/kubu93/buildroot/pipelines/132376578
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package has been tested on Nitrogen8M with the following commands:
# modprobe galcore
# cd /usr/share/examples/viv_samples/vdk/
# ./tutorial7
Also update the help text as we shouldn't specify a kernel revision. It
is just that this module isn't meant for mainline kernel, only its NXP
forked version.
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patch which was applied upstream:
bd01ba5a6b
Switched to github helper, upstream does not provide a tarball for this
release.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switched to github helper, upstream does not provide a tarball for this
release.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
*) SECURITY: CVE-2020-1934 (cve.mitre.org)
mod_proxy_ftp: Use of uninitialized value with malicious backend FTP
server. [Eric Covener]
*) SECURITY: CVE-2020-1927 (cve.mitre.org)
rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
matches and substitutions with encoded line break characters.
The fix for CVE-2019-10098 was not effective. [Ruediger Pluem]
The LICENSE file has been updated to fix a s/waranties/warranties/ typo, so
update the hash to match and adjust the spacing to match recent agreements:
-This software is provided "as is" and any express or implied waranties,
+This software is provided "as is" and any express or implied warranties,
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The cgit URL is a mirror of the gitlab repository.
The README.md file of the kmscube project also points
to the gitlab repository, so switch the URL accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The sysdig homepage we have points to an "on-sale" domain, that is
purportedly serving malware while at it. Update to point to the wiki on
github instead.
Fixes#12746.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- use wiki instead of git repo
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"This release fixes three security issues in ntpd and provides 46
bugfixes and addresses 4 other issues." [1]
NONE: Sec 3610: process_control() should bail earlier on short packets.
MEDIUM: Sec 3596: Unauthenticated ntpd may be susceptible to IPv4 spoof
attack from highly predictable transmit timestamps.
MEDIUM: Sec 3592: DoS Attack on unauthenticated client.
The fix for https://bugs.ntp.org/3445 introduced a bug whereby a system that
is running ntp-4.2.8p12 (possibly earlier) or p13 that only has one
unauthenticated time source can be attacked in a way that causes the
victim's next poll to its source to be delayed, for as long as the attack is
maintained.
[1] http://support.ntp.org/bin/view/Main/SecurityNotice#March_2020_ntp_4_2_8p14_NTP_Rele
The copyright year has changed in the COPYRIGHT file, so adjust the hash to
match and adjust the spacing to match recent agreements:
@@ -3,7 +3,7 @@
jpg "Clone me," says Dolly sheepishly.
- Last update: 2-Jan-2017 11:58 UTC
+ Last update: 4-Feb-2020 23:47 UTC
__________________________________________________________________
The following copyright notice applies to all files collectively called
@@ -32,7 +32,7 @@
Burnicki is:
***********************************************************************
* *
-* Copyright (c) Network Time Foundation 2011-2017 *
+* Copyright (c) Network Time Foundation 2011-2020 *
* *
* All Rights Reserved *
* *
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Peter: clarify security impact, document COPYRIGHT change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The help text of BR2_LINUX_KERNEL_IMAGE_NAME is somewhat incomplete,
in the sense that it assumes just a filename can be passed, while it
can be a relative path, such as 'compressed/vmlinux.bin.z'. So make it
clear that such paths are relative to arch/ARCH/boot/.
Also, drop the part about this being only useful for Xtensa as this is
not true: on MIPS it might be needed as well for some specific image
types.
Reported-by: Paul Cercueil <paul@crapouillou.net>
Cc: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Linux kernel image is typically found in arch/ARCH/boot/, which is
why LINUX_IMAGE_PATH is defined as:
LINUX_IMAGE_PATH = $(LINUX_ARCH_PATH)/boot/$(LINUX_IMAGE_NAME)
However, on MIPS, some kernel image types are available from
arch/mips/boot/compressed, or even at the top-level directory. For
such cases, LINUX_IMAGE_NAME might be set (using
BR2_LINUX_KERNEL_IMAGE_NAME) to values such as:
compressed/vmlinux.bin.z
or
../../../uzImage.bin
Except that the line:
$(INSTALL) -m 0644 -D $(LINUX_IMAGE_PATH) $(1)/$(LINUX_IMAGE_NAME)
will lead to such images be installed in:
$(TARGET_DIR)/boot/compressed/vmlinux.bin.z
$(BINARIES_DIR)/compressed/vmlinux.bin.z
and:
$(TARGET_DIR)/boot/../../../uzImage.bin
$(BINARIES_DIR)/../../../uzImage.bin
which of course is completely bogus.
So let's install them under their name, not their full relative path
to arch/ARCH/boot/.
Reported-by: Paul Cercueil <paul@crapouillou.net>
Cc: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues (1.1.1e):
CVE-2019-1551 [Low severity]: There is an overflow bug in the x64_64
Montgomery squaring procedure used in exponentiation with 512-bit moduli.
No EC algorithms are affected. Analysis suggests that attacks against
2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect
would be very difficult to perform and are not believed likely. Attacks
against DH512 are considered just feasible. However, for an attack the
target would have to re-use the DH512 private key, which is not recommended
anyway. Also applications directly using the low level API BN_mod_exp may
be affected if they use BN_FLG_CONSTTIME. Reported by OSS-Fuzz and Guido
Vranken.
https://www.openssl.org/news/secadv/20191206.txt
CVE-2019-1563 [Low severity]: In situations where an attacker receives
automated notification of the success or failure of a decryption attempt an
attacker, after sending a very large number of messages to be decrypted, can
recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted
message that was encrypted with the public RSA key, using a Bleichenbacher
padding oracle attack. Applications are not affected if they use a
certificate together with the private RSA key to the CMS_decrypt or
PKCS7_decrypt functions to select the correct recipient info to decrypt.
Reported by Bernd Edlinger.
https://www.openssl.org/news/secadv/20190910.txt
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following commit eee96b0f0a that adds a
gcc patch for OpenRISC, the OpenRISC pre-built toolchain was
rebuilt. Let's use this new toolchain version for the autobuilders.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Other changes:
- Change the site URL as the upstream project has migrated to Github
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect
indication of disconnection in certain situations because source address
validation is mishandled. This is a denial of service that should have
been prevented by PMF (aka management frame protection). The attacker
must send a crafted 802.11 frame from a location that is within the
802.11 communications range.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2017-6892: In libsndfile version 1.0.28, an error in the
"aiff_read_chanmap()" function (aiff.c) can be exploited to cause an
out-of-bounds read memory access via a specially crafted AIFF file.
- Fix CVE-2017-8361: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer overflow and application crash) or possibly have unspecified
other impact via a crafted audio file.
- Fix CVE-2017-8362: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(invalid read and application crash) via a crafted audio file.
- Fix CVE-2017-8363: The flac_buffer_copy function in flac.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted
audio file.
- Fix CVE-2017-8365: The i2les_array function in pcm.c in
libsndfile 1.0.28 allows remote attackers to cause a denial of service
(buffer over-read and application crash) via a crafted audio file.
- Fix CVE-2017-12562: Heap-based Buffer Overflow in the
psf_binheader_writef function in common.c in libsndfile through 1.0.28
allows remote attackers to cause a denial of service (application
crash) or possibly have unspecified other impact.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If python or python3 is selected, nftables should depend on the package
and set the --enable-python option, otherwise set --disable-python
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bump to the latest kmscube version.
Since kmscube has been converted to meson, adjust the .mk file
accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If a2x is found, tinyproxy won't touch the configuration files and will
try to regenerate them which will result in the following build failure:
make[4]: Entering directory `/usr/lfs/hdd_v1/rc-buildroot-test/scripts/instance-1/output/build/tinyproxy-1.10.0/docs/man5'
GEN tinyproxy.conf.5
File "/accts/mlweber1/bin/a2x", line 76
print '%s: %s' % (PROG,msg)
^
SyntaxError: invalid syntax
Fixes:
- http://autobuild.buildroot.org/results/fbd81c05f37a3db6df1cbc3495a89957c6587d25
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Introspection support in gupnp is handled by way of vala tools and
vala bindings.
Even though host-vala is already a transitive dependency via gssdp,
add it to gupnp for correctness sake; also explicitly enable the
generation of the vala API, since it is required for introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When building its introspection metadata description files, gssdp can
also generate the associated vala bindings.
Dependent packages may then use either or both the introspection
metadata description files or the vala bindings to generate their own.
For example; this is the case with gupnp, which requires the vala
bindings from gssdp to be able to generate its introspection metadata
description files and vala bindings.
Since there is no way to know whether the vala bindings are required or
not, we always build them. host-vala has no dependency that is not
already a dependency of gssdp, so the overhead is just the time to build
host-vala itself, roughly 32s here when compared to 10+minutes to build
all the dependencies of gssdp with introspection support.
Fixes:
- http://autobuild.buildroot.org/results/06f879902a567c26bade630091b21b56f637bd60/
- http://autobuild.buildroot.org/results/457ecc20e1932e13e82ff6bdcaf4adaf97cb7d1d/
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
make-4.3 shipped with a backward incompatible change in how sharp signs
are handled in macros. Previously, up to make 4.2, the sharp sign would
always start a comment, unless backslash-escaped, even in a macro or a
fucntion call.
Now, the sharp sign is no longer starting a comment when it appears
inside such a macro or function call. This behaviour was supposed to be
in force since 3.81, but was not; 4.3 fixed the code to match the doc.
As such, use of external toolchains is broken, as we use the sharp sign
in the copy_toolchain_sysroot macro, in shell variable expansion to
strip off any leading /: ${target\#/}.
Fix that by applying the workaround suggested in the release annoucement
[0], by using a variable to hold a sharp sign.
[0] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Signed-off-by: Yaroslav Syrytsia <me@ys.lc>
[yann.morin.1998@free.fr:
- move the SHARP_SIGN definition out of Makefile and into support/
- expand the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
During package update, the legacy option was set to the existing
2020.02 release instead of the next 2020.05.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
External protobuf is used instead of embedded one since commit
31c68a449e. However it fails to build on:
[ 63%] Building CXX object modules/dnn/CMakeFiles/opencv_dnn.dir/misc/caffe/opencv-caffe.pb.cc.o
In file included from /home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.cc:4:
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:17:2: error: #error This file was generated by an older version of protoc which is
17 | #error This file was generated by an older version of protoc which is
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:18:2: error: #error incompatible with your Protocol Buffer headers. Please
18 | #error incompatible with your Protocol Buffer headers. Please
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.h:19:2: error: #error regenerate this file with a newer version of protoc.
19 | #error regenerate this file with a newer version of protoc.
| ^~~~~
/home/naourr/work/instance-0/output-1/build/opencv3-3.4.9/modules/dnn/misc/caffe/opencv-caffe.pb.cc:12:10: fatal error: google/protobuf/wire_format_lite_inl.h: No such file or directory
12 | #include <google/protobuf/wire_format_lite_inl.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fix this error by setting PROTOBUF_UPDATE_FILES to ON
Fixes:
- http://autobuild.buildroot.org/results/219258c90709fc34748929f1dcdf4f0649215e61
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Just like i.MX8MQ, i.MX8MMini is using Hantro VPU.
- Platform name wasn't set for i.MX8Mini
-> now differencing IMX8MQ and IMX8MM for VPU package
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The script used the logger utility unconditionally but it may not exist
(e.g. busybox-minimal.config is used and BR2_PACKAGE_UTIL_LINUX_LOGGER
is not selected).
Declare two functions to perform the operation, run_logger and run_std,
and use the appropriate one, depending on the existence of logger.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Explain the busybox peculiarities and how the script works with both
versions of the sysctl utility.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The scripts were already the same, except for some comments, so make the
busybox S02sysctl a symlink to the procps-ng one, which works with both
versions of the "sysctl" utility.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Jianhui zhao <zhaojh329@gmail.com>
[Thomas:
- add entry in DEVELOPERS file
- be more explicit with SSL options
- drop logic around luainterpreter since luajit is not properly
detected]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since spice ver. 0.12.6 doesn't depend on cegui anymore
let's bump to the latest stable version and rename package.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add COPYING.LGPL to license files, disable the "cloud configuration"
tool. It requires libcurl and it is too unlikely to be useful.
The library license is now LGPL-2.1+.
The hash of CONTRIBUTING has changed because it now refers to
LGPL-2.1+ instead of LGPL-2.0+.
The hash of COPYING is changed due to white-space changes, and the
removal of an introduction text:
Unless a COPYING file in a subdirectory or file-specific license
headers specify a different license, the following applies to all
files in this directory and all subdirectories.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2 of the
License, or (at your option) any later version.
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
[Thomas:
- fix hash of CONTRIBUTING
- expand commit log
- drop GFDL license information, since documentation is not installed
on the target]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
OP-TEE provides the possibility of secure storage done by the
normal world OS via tee-supplicant.
The location is a compile-time value and by default it is /data/tee .
As this might not be suitable for all use-cases add an option to
set the CFG_TEE_FS_PARENT_PATH compile option.
Default value is still /data/tee as it was before adding this option.
Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This reverts commit 7f169e6bc3.
As pointed out by Yann E. Morin, we really want to explicitly disable
crypto backends, otherwise they will get automatically re-enabled if
one of the dependencies is found:
elseif(OPENSSL_FOUND)
set(RTTY_USE_OPENSSL ON)
elseif(WOLFSSL_FOUND)
set(RTTY_USE_WOLFSSL ON)
elseif(MBEDTLS_FOUND)
set(RTTY_USE_MBEDTLS ON)
But as usual, dependencies may incorrectly be found, so we want to
explicitly disable.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
Program terminated with signal SIGSEGV, Segmentation fault.
#0 xkb_state_key_get_layout (state=state@entry=0x0, kc=kc@entry=50) at ../src/state.c:217
Program terminated with signal SIGSEGV, Segmentation fault.
#0 XkbKey (kc=kc@entry=45, keymap=0x0) at ../src/keymap.h:430
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Convert the package type to meson as there is no longer autotools support.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The libbfd library provided by binutils unfortunately changed its API
in binutils >= 2.34. This is causing some build failures at the moment
on architectures such as ARC that are using a very recent binutils
version, but it would also cause build failures on other architectures
once they start using binutils 2.34.
We fix this build issue by backporting an upstream oprofile
patch. However, this patch touches configure.ac, which means we need
to autoreconf, which needs another fix in configure.ac for autoreconf
to succeed.
With all that in place, this commit fixes:
http://autobuild.buildroot.net/results/583d281c6cd2aecb65556080b379db24101ae3a8/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Update license file hashes due to copyright year change.
- Remove vendor/github.com/konsorten/go-windows-terminal-sequences/LICENSE
as it no longer exists.
- Add new vendor/github.com/urfave/cli/LICENSE hash.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
[yann.morin.1998@free.fr:
- bump to 5.5.13
- rebase on top of master
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x
before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server
socket without configuring an authorization rule. A local attacker could
connect to this server socket and issue D-Bus method calls. (Note that
the server socket only accepts a single connection, so the attacker
would have to discover the server and connect to the socket before its
owner does.)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c mishandles a file's user and group ownership
during move (and copy with G_FILE_COPY_ALL_METADATA) operations from
admin:// to file:// URIs, because root privileges are unavailable.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is
not used.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2.
daemon/gvfsbackendadmin.c has race conditions because the admin backend
doesn't implement query_info_on_read/write.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An incorrect permission check in the admin backend in gvfs before
version 1.39.4 was found that allows reading and modify arbitrary files
by privileged users without asking for password when no authentication
agent is running. This vulnerability can be exploited by malicious
programs running under privileges of users belonging to the wheel group
to further escalate its privileges by modifying system files without
user's knowledge. Successful exploitation requires uncommon system
configuration.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
when compiling gobject-introspection .gir files, some packages use vapigen to
generate a vala-api compatible .gir file. These packages tend to call vapigen
directly instead of vala or valac.
Without the wrapper, building the .gir files fail. In the case of for example,
gupnp-dlna throws the following error:
"error: Package `Gst-1.0' not found in specified Vala API directories or
GObject-Introspection GIR directories."
Installing the vala wrapper for vapigen fixes the above issue.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add double quotes around the $@ variable to prevent word splitting.
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: s/globbing/word splitting/]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- update outdated website URL
- add missing Nitrogen8M configuration
- reword procedure to make it clear it works for all storages
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- To avoid code duplication and to benefit from support script
improvements like empty target dir.
- Note that currently genimage.sh can't be set in defconfig directly for
i.MX8 targets as the POST_SCRIPT_ARGS is used by
imx8-bootloader-prepare.sh
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libcec added sysfs scanning support:
On Linux, dynamic device discovery is currently implemented via libudev,
which may not be available on more minimal systems. Thus, we implement a
new device discovery that directly uses sysfs to scan through available
USB devices for supported ones without any additional dependencies.
70d71cb16f
Previously Kodi needed udev to find the Pulse-Eight CEC adapter.
Run-time tested using Kodi 18.6-Leia.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove patches (already in version)
- Current license files have been moved to licenses since
e5f22ed4ae
- Add new LICENSE file, available since
6e03f5fda0
- Update indentation of hash file (two spaces)
- This bump is necessary to fix build with latest domoticz. Indeed, even
if this is a wrong practice, domoticz has a local copy of openzwave
headers which are now desynchronized from the openzwave source files
Fixes:
- http://autobuild.buildroot.org/results/193b8dd97c927805679d874dce6e27c685ce1f28
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The older version of flake8 on the autobuilders does not support typehints.
As such, flake8 throws the following error when scanning sample_gst1_python:
E999 SyntaxError: invalid syntax
Remove the typehinting from on_message to fix this issue.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This initial support includes:
Linux 5.4
U-Boot 2020.01
Arm Trusted Firmware v2.2
Buildroot default packages.
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some ATF configurations, require a pre-built bare metal toolchain to
build some platforms which host cortex-m series core, for instance
rockchip rk3399 has a cortex-m0 core. Without a pre-built bare metal
toolchain, the build fails:
make[3]: arm-none-eabi-gcc: Command not found
To solve this, this commit implements a
BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_ARM32_TOOLCHAIN
option. Platforms which have such requirement should enable this
config option.
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix a few punctuation mistakes. The removed link is redundant, see the
previous sentence.
Signed-off-by: Merlin Büge <merlin.buege@tuhh.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libical allows remote attackers to cause a denial of service
(use-after-free) and possibly read heap memory via a crafted ics file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer
vulnerability has been detected in the diraliases linked list. When the
*lookup_alias(const char alias) or print_aliases(void) function is
called, they fail to correctly detect the end of the linked list and try
to access a non-existent list member. This is related to init_aliases in
diraliases.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2020-7105: async.c and dict.c in libhiredis.a in hiredis
through 0.14.0 allow a NULL pointer dereference because malloc return
values are unchecked.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit a570f63dd4 (Revert "package/perl-crypt-ssleay: new package")
forgot to deregister the associated test from the gitlab-ci list.
Remove it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The config is missing the following packages:
- BR2_PACKAGE_GST1_PLUGINS_BASE
This is needed for the videotestsrc plugin which provides
videotestsrc.
- BR2_PACKAGE_GST1_PLUGINS_BAD
This is needed for the debugutils plugin which provides
fakevideosink.
- BR2_PACKAGE_GST1_PLUGINS_BASE_PLUGIN_VIDEOTESTSRC
videotestsrcplugin used by the example pipeline.
- BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_DEBUGUTILS
fakevideosink plugin used by the example pipeline.
The sample was also amended to fix:
- no call to main.
- using autovideosink instead of fakevideosink. Using Fakevideoskink
is preferred because its primary purpose is for debugging and sample
pipelines. Autovideosink does not work because there is no video
output device.
- No function on_message. Without this function, the script fails
because of the missing function.
- The script sets the pipeline to Gst.State.EOS instead of
Gst.State.NULL which results in a failed pipeline state. When the
state is set to NULL, gstreamer automatically calls EOS. Manually
setting the pipeline state to EOS results in the following error:
Trying to dispose element sink, but it is in PLAYING instead of
the NULL state. You need to explicitly set elements to the NULL
state before dropping the final reference, to allow them to
clean up. A refcounting bug may also cause this problem in the
application or some element.
In addition, the default timeout is set too low and would result in a
test failure, this has been changed to 200 seconds.
These issues are now properly fixed, and the sample script passes.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- meld the two patches together
- add the print() in the on_demand callback
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Due to the CONF_ENV options set in the gst1-python.mk file, libpython-dir
must be set manually or else the error:
"Python dynamic library path could not be determined" occurs.
Previously the libpython-dir option was set to
$(HOST_DIR)/lib/python$(PYTHON3_VERSION_MAJOR), however, this breaks the
resulting .so because the above full path is baked into the resulting .so.
which results in the error:
Couldn't g_module_open libpython. Reason:
/full/path/to/host/lib/python3.8/libpython3.8.so: cannot open shared object
file: No such file or directory
To fix this error, set the libpython-dir to /usr/lib.
Because we provide PYTHONPATH=$(PYTHON3_PATH) in the GST1_PYTHON_CONF_ENV,
the logic in the meson file uses the above python3 provided by the PYTHONPATH
variable to determine /usr/lib/ has the proper
python$(PYTHON3_VERSION_MAJOR).so file.
Because Buildroot provides the appropriate paths, the meson file finds
the correct .so file and the resulting compiled library has the appropriate
path of /usr/lib/python3.$(PYTHON3_VERSION_MAJOR).so
This change has been tested on the following distributions:
- Debian 9 and 10
- Debian 9 without python3 installed on the host.
- Centos7
- Fedora 31
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update in the copyright year of the license file:
-Copyright (c) 2001-2019
+Copyright (c) 2001-2020
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The license file hash has changed, due to the following changes:
- A line "License: bsd-3-clause" is being added
- The copyright year is updated to "Copyright (c) 2013-2020, Kim
Davies. All rights reserved."
- Details about portions of the codec and unit tests code being under
the PSF license are removed.
- Details about the unit tests including Unicode License Agreement
code are removed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disabled creation of u-boot.imx image as it fails, and is not required.
Final boot image is created from uboot binary and firmwares in post image
script board/freescale/common/imx/imx8-bootloader-prepare.sh
With the bump of the kernel to 4.19, the kernel configuration now needs
host-openssl to build.
Tested-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Laurent GAUTHIER <laurent.gauthier_1@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash for LICENSE also changed. The following text was removed:
Note: Much of the code in libite (-lite) is written by Claudio Matsuoka
for Finit and released under the MIT/X11 license. Joachim Nilsson
later improved on the Finit code base and included pieces of
software released under the ISC and BSD licenses. See each
respective file for license details.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The final solution accepted upstream differs from the local patch applied
earlier in Buildroot (commit 4ff6e52392).
Update the local code accordingly.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This reverts commit 25033cfb86.
This perl package is deprecated and gives following recommendations while
building:
*** THIS IS NOT AN ERROR, JUST A MESSAGE FOR YOUR INFORMATION ***
Do you really need Crypt::SSLeay?
Starting with version 6.02 of LWP, https support was unbundled into
LWP::Protocol::https. This module specifies as one of its prerequisites
IO::Socket::SSL which is automatically used by LWP::UserAgent unless
this preference is overridden separately. IO::Socket::SSL is a more
complete implementation, and, crucially, it allows hostname
verification. Crypt::SSLeay does not support this. At this point,
Crypt::SSLeay is maintained to support existing software that already
depends on it.
However, it is possible that your software does not really depend on
Crypt::SSLeay, only on the ability of LWP::UserAgent class to
communicate with sites over SSL/TLS.
If are using version LWP 6.02 or later, and therefore have installed
LWP::Protocol::https and its dependencies, and do not explicitly use
Net::SSL before loading LWP::UserAgent, or override the default socket
class, you are probably using IO::Socket::SSL and do not really need
Crypt::SSLeay.
Before installing Crypt::SSLeay, you may want to try specifying a
dependency on LWP::Protocol::https.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the kernel to 4.19, the kernel configuration needs host-openssl
to build.
Fixes:
scripts/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory
21 | #include <openssl/bio.h>
Signed-off-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the recent bump of the kernel to 4.19, the kernel configuration
now needs host-openssl to build.
Fixes:
scripts/extract-cert.c:21:10: fatal error: openssl/bio.h: No such file or directory
21 | #include <openssl/bio.h>
Signed-off-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the license file changed due to the following diff:
-Copyright (c) 2017-2019 Ingy döt Net
+Copyright (c) 2017-2020 Ingy döt Net
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog summary:
- Various fixes all over
- Updated LPDDR4 timings for i.MX8M
- Support of UUU recovery tool
- Added support for i.MX8MMini, i.MX8MNano
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It was searching for CONFIG_ASH=y and CONFIG_HUSH=y at $(@D)/.config,
which does not contain the package build path at the target-finalize
step. Use $(BUSYBOX_DIR), instead.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Always use the --disable-dbengine configuration option, because we do
not support libjudy dependency that is required otherwise.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- add python unicodedata runtime dependency, fixes:
File "usr/lib/python3.8/site-packages/jinja2/lexer.py", line 46, in <module>
ModuleNotFoundError: No module named 'unicodedata'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package contains a single module, which implements
a platform independent file lock in Python, which provides
a simple way of inter-process communication.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A simple interface to SFTP. The module offers high level
abstractions and task based routines to handle your SFTP
needs.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
support/testing/tests/package/test_gst1_python.py:29:1: W391 blank line at end of file
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
support/testing/tests/package/sample_python_gobject.py:5:1: E302 expected 2 blank lines, found 1
support/testing/tests/package/sample_python_gobject.py:8:7: E111 indentation is not a multiple of four
support/testing/tests/package/sample_python_gobject.py:11:1: E305 expected 2 blank lines after class or function definition, found 1
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following flake8 warnings:
support/testing/tests/package/sample_gst1_python.py:5:1: F401 'time' imported but unused
support/testing/tests/package/sample_gst1_python.py:7:1: E402 module level import not at top of file
support/testing/tests/package/sample_gst1_python.py:21:12: W292 no newline at end of file
For the E402 warning, we add a "noqa" marker, as we really want the
gi.require_version() to be before.
There is still one remaining warning to be fixed:
support/testing/tests/package/sample_gst1_python.py:18:28: F821 undefined name 'on_message'
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
flake8 complains with:
support/scripts/pkg-stats:339:13: E722 do not use bare 'except'
Due to the construct:
try:
something
except:
print("some message")
raise
Which is in fact OK because the exception is re-raised. This issue is
discussed at https://github.com/PyCQA/pycodestyle/issues/703, and the
general agreement is that these "bare except" are OK, and should be
ignored from flake8 using a noqa statement.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
flake8 complains with:
pkg-stats:38:1: E402 module level import not at top of file
This is due to sys.path.append() being before the import from
getdeveloperlib, but we really need this sys.path.append() to be
before, so let's ignore this flake8 warning.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream only ever made a dot-relase once, and it is not even available
as a tag, and it is not even listed as a separate release on their
github release page. We can assume that dot-release is not in upstream
habits. Drop the VERSION_MAJOR variable, just use VERSION.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
[yann.morin.1998@free.fr:
- drop VERSION_MAJOR
- two spaces in hash file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
patch 0001: already applied upstream
patch 0002: already applied upstream
Adjust license hash as the copyright year was changed
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: two spaces in hash files]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libostree build fails when introspection is enabled:
./.libs/libostree-1.so: error adding symbols: File in wrong format
collect2: error: ld returned 1 exit status
src/libostree/ostree-repo-deprecated.h:28: Warning: OSTree: symbol='G_GNUC_DEPRECATED_FOR': Skipping foreign symbol from namespace Gio
linking of temporary binary failed: Command '['/bin/bash', './libtool', '--mode=link', '--tag=CC', '--silent', 'gcc', [...] ]' returned non-zero exit status 1.
This is because the build system for libostree hard-codes CC=gcc when
calling the GOI scanner, which obviously causes build failures when in
cross-compilation.
In d264351cfc (package/libostree: disable introspection), we just
papered over the problem by forcibly disabling introspection altogether.
Turns out the fix is realatively simple: we can just override the
INTROSPECTION_SCANNER_ENV variable when calling make, which will revert
to the behaviour we expect: to use the cross-compiler in the GOI scanner
wrapper.
Thanks to Adam for pointing out at INTROSPECTION_SCANNER_ENV in the
first place. :-)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Marcus Folkesson <marcus.folkesson@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With autoconf packages, we often specify ac_cv_func_... cached values to
avoid runtime checks during configure. With meson the equivalent is
setting properties in cross-compilation.conf which we cannot do in
Buildroot at the moment.
For example, libglib2 used to set ac_cv_func_printf_unix98 and
ac_cv_func_vsnprintf_c99 so that the system printf could be used, but
with the conversion to meson these checks fail and the gnulib fallback
is used.
Add infrastructure in the same way as FOO_MESON_EXTRA_BINARIES to allow
per-package modification to the cross-compilation properties.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: do a single substitution as in a1e3c7b693]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add patch to enable meson static library build (use meson
library() instead of shared_library()).
Fixes:
- http://autobuild.buildroot.net/results/b920ef5a250e7d23223352367ded50bf32bb5688
.../host/bin/arm-linux-gcc -o libevdev.so.2.3.0 'evdev@sha/libevdev_libevdev-uinput.c.o' 'evdev@sha/libevdev_libevdev.c.o' 'evdev@sha/libevdev_libevdev-names.c.o' -Wl,--as-needed -Wl,--no-undefined -Wl,-O1 -shared -fPIC -Wl,--start-group -Wl,-soname,libevdev.so.2 -Wl,--end-group -Wl,-elf2flt -static -Wl,--version-script,.../build/libevdev-1.9.0/libevdev/libevdev.sym
ld (ld-elf2flt): -shared used without passing a shared library ID
- http://autobuild.buildroot.net/results/dc52a705c7490b722380af7b00ff7c6e172450cf
.../host/bin/x86_64-linux-gcc -o libevdev.so.2.3.0 'evdev@sha/libevdev_libevdev-uinput.c.o' 'evdev@sha/libevdev_libevdev.c.o' 'evdev@sha/libevdev_libevdev-names.c.o' -Wl,--as-needed -Wl,--no-undefined -Wl,-O1 -shared -fPIC -Wl,--start-group -Wl,-soname,libevdev.so.2 -Wl,--end-group -static -Wl,--version-script,.../build/libevdev-1.9.0/libevdev/libevdev.sym
.../host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: .../host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/crtbeginT.o: relocation R_X86_64_32 against hidden symbol `__TMC_END__' can not be used when making a shared object
.../host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: .../host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/crtend.o: relocation R_X86_64_32 against `.ctors' can not be used when making a shared object; recompile with -fPIC
.../host/opt/ext-toolchain/bin/../lib/gcc/x86_64-buildroot-linux-uclibc/8.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: final link failed: nonrepresentable section on output
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The aarch64 compile uses the sys/auxv.h header which is not
provided by ulcibc-ng. Add configure.ac patch to check for
the header before using it in ext/standard/crc32.c.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12626
build/php-7.4.3/ext/standard/crc32.c:26:12: schwerwiegender Fehler: sys/auxv.h: Datei oder Verzeichnis nicht gefunden
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The newly introduced option does not follow the naming scheme of other
Realtek firmwares, in part because the model is not named rtl-something,
but rtw-something.
Rename the option to match the VENDOR_DEVICE scheme. We do not add a
legacy entry for this: we've had no release and it was pushed minutes
ago...
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes:
http://autobuild.buildroot.net/results/1881daae69992e30a9c1fff1f639d57f82e6ee19
../src/gallium/drivers/vc4/vc4_bufmgr.c:110:57: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'time_t' {aka 'long long int'} [-Werror=format=]
../src/gallium/drivers/panfrost/pan_bo.h:93:9: error: unknown type name ‘time_t’
../src/gallium/drivers/v3d/v3d_bufmgr.c:83:57: error: format ‘%ld’ expects argument of type ‘long int’, but argument 3 has type ‘time_t’ {aka ‘long long int’} [-Werror=format=]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove first patch (not needed anymore)
- Update second patch
- Remove third to fifth patches (already in version)
- Add a mandatory jsoncpp dependency instead of using builtin jsoncpp:
301fcfbd80
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new rcw.py script is python3-only, but we can use either the
system-provided python3, or the one we build with host-python3 if
the system does not have it already.
It turns out, also, that rcw.py is using #!/usr/bin/env python3,
so it will easily find it from $PATH, so we export it in the
environment.
Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
[yann.morin.1998@free.fr:
- set the proper PATH in the envioronment
- do not explicitly call python3, defer to /usr/bin/env in the script
- add an accompagnying comment
- rewrite commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
[Thomas:
- add entry in DEVELOPERS file
- add -DRTTY_SSL_SUPPORT=OFF to explicitly disable SSL support
- fix license file name in the hash file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
$(TARGET_DIR)/usr/share/collectd/postgresql_default.conf
should not be removed when postgresql support is enabled,
as that module tries to load that file by default.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
before it was completely non-obvious how to get crypto support
in collectd's network module
this introduces a collectd config option which makes sure
gcrypt is built, and can't be accidentally unselected
resulting in an accidental non-crypto build of collectd
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The v3d driver for arm uses neon instructions unconditionally, so
depend on BR2_ARM_CPU_HAS_NEON.
Fixes:
http://autobuild.buildroot.net/results/66c4df4ee84b73160dde5fe4437b5abdbd2b50d2
[1050/1079] Compiling C object 'src/gallium/drivers/v3d/99241e4@@v3d_neon@sta/v3d_tiling.c.o'.
{standard input}: Assembler messages:
{standard input}:417: Error: selected processor does not support `vldm r6,{q0,q1,q2,q3}' in ARM mode
{standard input}:418: Error: selected processor does not support `vst1.8 d0,[r4],r5' in ARM mode
{standard input}:419: Error: selected processor does not support `vst1.8 d1,[r4],r5' in ARM mode
{standard input}:420: Error: selected processor does not support `vst1.8 d2,[r4],r5' in ARM mode
{standard input}:421: Error: selected processor does not support `vst1.8 d3,[r4],r5' in ARM mode
{standard input}:422: Error: selected processor does not support `vst1.8 d4,[r4],r5' in ARM mode
{standard input}:423: Error: selected processor does not support `vst1.8 d5,[r4],r5' in ARM mode
{standard input}:424: Error: selected processor does not support `vst1.8 d6,[r4],r5' in ARM mode
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add mesa3d patch to add a vc4 option to disable
the optional neon support and set it dependent
on BR2_ARM_CPU_HAS_NEON.
Fixes:
http://autobuild.buildroot.net/results/6387b0a99e1a0922811919623d9a10b0943988df
[1086/1254] Compiling C object 'src/gallium/drivers/vc4/691f666@@vc4_neon@sta/vc4_tiling_lt_neon.c.o'.
{standard input}: Assembler messages:
{standard input}:334: Error: selected processor does not support `vldm r4,{q0,q1,q2,q3}' in ARM mode
{standard input}:335: Error: selected processor does not support `vst1.8 d0,[r3],r2' in ARM mode
{standard input}:336: Error: selected processor does not support `vst1.8 d1,[r3],r2' in ARM mode
{standard input}:337: Error: selected processor does not support `vst1.8 d2,[r3],r2' in ARM mode
{standard input}:338: Error: selected processor does not support `vst1.8 d3,[r3],r2' in ARM mode
{standard input}:339: Error: selected processor does not support `vst1.8 d4,[r3],r2' in ARM mode
{standard input}:340: Error: selected processor does not support `vst1.8 d5,[r3],r2' in ARM mode
{standard input}:341: Error: selected processor does not support `vst1.8 d6,[r3],r2' in ARM mode
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, we build a complete AArch64 system, including a kernel. This
can take quite some time.
Switch to an armv7 system, which allows us to use one a prebuilt kernel,
thus significantly reducing the test time.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- use a standalone config; don't inherit from TestPythonPackageBase
- use the default external toolchain (ARM, not Linaro)
- rewrite commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This test case runs a simple pipeline for 100 frames to ensure that
gst1-python works properly.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
GStreamer Python binding overrides.
This package also includes a simple upstream patch that fixes building against
python-3.8.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- fix libpython-dir as noticed by Adam
- rewrap a comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set -Dintrospection=enabled in
the configure options and add a dependency for gobject-introspection.
This feature requires an upstream patch that allows introspection support even
when cross-compiling.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set -Dintrospection=enabled in
the configure options and add a dependency for gobject-introspection.
This feature requires an upstream patch that allows introspection support even
when cross-compiling.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set -Dintrospection=enabled in
the configure options and add a dependency for gobject-introspection.
This feature requires an upstream patch that allows introspection support even
when cross-compiling.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set -Dintrospection=enabled in
the configure options and add a dependency for gobject-introspection.
This feature requires an upstream patch that allows introspection support even
when cross-compiling.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set --enable-introspection in
the configure options and add a dependency for gobject-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set --enable-introspection in
the configure options and add a dependency for gobject-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set -Dintrospection=true in
the configure options and add a dependency for gobject-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If gobject-introspection is selected, explicitly set --with-introspection in
the configure options and add a dependency for gobject-introspection.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop patch (already in version)
- Drop -fPIC (not needed since
9518b50247)
- Update hash of license file (update in year and LuaXML):
e14dff167a6d87359d6c
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When a package installs a kernel module, it is currently not possible to
have it loaded with modprobe or when the kernel requests an alias for
it, as the module is not listed in /lib/modules/<kernel-version>/modules.dep
and the associated files.
So, we need to run depmod after all packages are installed, to register
any such out-of-tree module.
This means we should be able to let go of calling depmod at the time the
kernel is installed, but if we pass an invalid command, the kernel
whines:
DEPMOD 5.4.27
./scripts/depmod.sh: 46: /dev/null: Permission denied
make[2]: *** [Makefile:1326: _modinst_post] Error 126
This is because the kernel does not directly call to depmod, but uses a
wrapper that is not happy if depmod is not depmod.
Since the call to depmod does not cost much, we just keep it.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- keep calling depmod when installing kernel
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit f85c4a4170 updated package
version but did not updated hashes for EULA and COPYING license files.
The patch fixes "make legal-info" for imx-sc-firmware package.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 8cc27a292e updated package
version but did not updated hashes for EULA and COPYING license files.
The patch fixes "make legal-info" for firmware-imx package. Also
adopt new spacing convention in .hash files (two spaces).
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The package only ever builds the client; it builds neither the server
nor the manager.
Drop the comment altogether.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: drop the comment altogether]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bluez5' support for the mesh profile needs ell, the Embedded Linux
Library, at least version 0.28.
Although Bluez5 bundles an internal copy of ell version 0.28, we prefer
building with external libraries.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes since version 0.24:
0.28:
Fix issue with NULL check of D-Bus proxy for method calls.
Add support for emitting D-Bus property changes on demand.
Add support for reporting file attribute changes.
0.27:
Fix issue with data overflow and multiple PEMs.
Fix issue with handling DHCP lease expiration.
0.26:
Fix issue with memory leak and TLS certificates.
Fix issue with buffer size and TLS PRF handling.
Add support for D-Bus non-root ObjectManager.
0.25:
Fix issue with stopping DHCP client and owner notification.
Fix issue with time calculation overflow and DHCP.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes since version 5.52:
5.54:
Fix issue with HOGP to accept data only from bonded devices.
Fix issue with A2DP sessions being connected at the same time.
Fix issue with class UUID matches before connecting profile.
Add support for handling MTU auto-tuning option for AVDTP.
Add support for new policy for Just-Works repairing.
Add support for Enhanced ATT bearer (EATT).
5.53:
Fix issue with handling unregistration for advertisment.
Fix issue with A2DP and handling recovering process.
Fix issue with udpating input device information.
Add support for loading blocked keys.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit updates all our toolchain configuration fragments for
pre-built Buildroot toolchains to use toolchains built with Buildroot
2020.02.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This package needed to be updated to be aligned with NXP BSP
4.19.35_1.1.0
The package patches have also been rebased on top of rel_imx_4.19.35_1.1.0
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Signed-off-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package needed to be updated to be aligned with NXP
BSP 4.19.35_1.1.0
This newer 8.5 version no longer include ahab-container images.
Those images are now in a separate imx-seco package.
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Reviewed-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package is needed with Freescale i.MX8/i.MX8X defconfigs
version equal to 4.19.35_1.0.0
It is also subject to multi-version support.
The package version aligned with NXP BSP 4.19.35_1.1.0 is 2.3.1
Signed-off-by: Maeva Manuel <maeva.manuel@oss.nxp.com>
Reviewed-by: Julien Olivain <julien.olivain@oss.nxp.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The C program inside check-kernel-headers.sh has two checking mode: a
strict and a loose one.
In strict mode, we want the kernel headers version declared by the
user to match exactly the one of the toolchain.
In loose mode, we want the kernel headers version of the toolchain to
be greater than or equal to the one declared by the user: this is used
when we have a toolchain that has newer headers than the latest
version known by Buildroot.
However, in loose mode, we continue to show the "Incorrect kernel
headers version" message, even though we then return a zero error
code. This is very confusing: you see an error displayed on the
terminal, but the build goes on.
We fix that by first doing the loose check first, and returning 0 if
it succeeds. And then we move on with the strict check where we want
the version to be identical.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The external toolchain configure step calls the
check_kernel_headers_version make function to compare the kernel
headers version declared in the configuration with the actual kernel
headers of the toolchain.
This function takes 4 arguments, but due to a missing comma what
should be the first two arguments are both passed into the first
argument. Due to this, when check_kernel_headers_version does:
if ! support/scripts/check-kernel-headers.sh $(1) $(2) $(3) \
$(if $(BR2_TOOLCHAIN_HEADERS_LATEST),$(4),strict); \
Then:
$(1) contains "$(BUILD_DIR) $$(call toolchain_find_sysroot,$$(TOOLCHAIN_EXTERNAL_CC))"
$(2) contains "$$(call qstrip,$$(BR2_TOOLCHAIN_HEADERS_AT_LEAST))"
$(3) contains "$$(if $$(BR2_TOOLCHAIN_EXTERNAL_CUSTOM),loose,strict))"
So from the point of view of check-kernel-headers.sh, it already has
four arguments, and therefore the additional argument passed by:
$(if $(BR2_TOOLCHAIN_HEADERS_LATEST),$(4),strict); \
is ignored, defeating the $(BR2_TOOLCHAIN_HEADERS_LATEST) test.
The practical consequence is that a toolchain that has 5.4 kernel
headers but declared as using 5.3 kernel headers does not abort the
build, because the check is considered "loose" while it should be
"strict".
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's clean up "boards/stmicroelectronics" directory a bit
to have everything in particular directories.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The board support package includes the following components:
- U-Boot 2020.01
- Linux 5.4.26
- Buildroot default packages
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The original python-cheetah project was abandoned and a new
fork was created as a drop-in replacement. Though the name of the
fork is Cheetah3, we do not rename the package name to avoid
dependency renaming.
The new fork supports both Python2 and Python3.
python-markdown is now an optional dependency.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The recent perl-crypt-ssleay, perl-lwp-protocol-https, and
perl-html-parser packages aditions came with associated new
runtime tests, which is good, but forgot to regenerate the
gitlab-ci.yml file with the updated list of tests.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
since version 2020.02, moarvm depends on libtommath 1.2.0
the patch is useless since the bump of the embedded dyncall:
4b85baf44b
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Post-build scripts may want to do something based on the list of files
installed by a package. However, since commit
0e2be4db8a the final packages-file-lists.txt
file is only created _after_ the post-build scripts.
Move the assembly of the file lists upwards, before the post-build scripts.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If a package sets a FOO_SUBDIR (meaning its sources are not under
output/build/foo-123 but under output/build/foo-123/$(FOO_SUBDIR)), the
.files-list.txt file were also created under FOO_SUBDIR, due to which the
logic in the Makefile would not find it.
Change the instrumentation steps so that the file list is directly under the
package dir, ignoring the subdir.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In very limited configurations, it is possible to have a case where no
.files-list-staging.txt files are created. In this case:
cat $(sort $(wildcard $(BUILD_DIR)/*/.files-list-staging.txt)) > \
$(BUILD_DIR)/packages-file-list-staging.txt
becomes:
cat > \
$(BUILD_DIR)/packages-file-list-staging.txt
which of course makes the build hang.. forever.
So we fix this by checking the list is not empty. To keep the code
readable, we introduce an intermediate variable to store the list of
these files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[yann.morin.1998@free.fr: always create the file, even if empty]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Radvd has its own main(), and does not use yywrap() from libfl.so,
because scanner.l module contains noyywrap option. So, none of the
functions exported by libfl.so are used, and there's no need to have
the flex runtime on target.
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When barebox, and thus barebox-aux, are downloaded from a git tree, then
barebox-aux download fails because a hash check is attempted on the
downloaded archive:
Could not fetch special ref 'v2020.03.0'; assuming it is not special.
ERROR: No hash found for barebox-aux-v2020.03.0.tar.gz
This is because we only exclude from the check the archive of the bare
barebox:
BR_NO_CHECK_HASH_FOR += $(BAREBOX_SOURCE)
However, the default name of an archive is based on the package name,
which for barebox-aux is not 'barebox'.
Since barebox-aux really uses the exact same source as the bare barebox,
it should also share the archive name.
This has two direct consequences and advantages:
- the hash check is completely avoided for the barebox-aux archive;
- the barebox-aux archive is not downloaded as it is already
downloaded for barebox.
Reported-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream ships distribution tarballs with pre-built manpages and
necessary fixes, so that the build doesn't break if asciidoc is not
available.
Signed-off-by: Alexander Mukhin <alexander.i.mukhin@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch makes possible to create rootfs image using
EROFS filesystem.
Signed-off-by: Gao Xiang <hsiangkao@aol.com>
[yann.morin.1998@free.fr:
- simplify help text of filesystem entry
- drop the compression choice, keep the single boolean
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
perf auto-detects and uses the libbfd (from binutils) and openssl
libraries if they are detected and happen to be built before perf is,
but if they're not, or if per-package directories are enabled, it won't
detect these libraries. Explicitly add dependencies on these packages if
they are enabled, and disable the feature if not, so that the behavior
is deterministic.
Signed-off-by: Robert Hancock <hancock@sedsystems.ca>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds EROFS userspace tool erofs-utils to buildroot,
which can be used to generate EROFS images.
Signed-off-by: Gao Xiang <hsiangkao@aol.com>
[yann.morin.1998@free.fr:
- add explicit --enable-lz4
- explain why autoreconf
- add DEVELOPPER entry
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update from version 8.1.1929 to 8.2.0, which is the latest stable
version. The license file ('README.txt') has only one modification,
concerning Vim's version, as it is shown by the following diff:
--- vim-8.1.1929/README.txt 2019-08-25 23:08:17.000000000 +0200
+++ vim-8.2.0000/README.txt 2019-12-12 14:18:35.000000000 +0100
@@ -1,4 +1,4 @@
-README.txt for version 8.1 of Vim: Vi IMproved.
+README.txt for version 8.2 of Vim: Vi IMproved.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
LLVM builds bindings for other languages such as Go and OCaml when the
appropriate dependencies can be found. We currently don't support
building these bindings in Buildroot, as they're currently unused by any
package.
Building these bindings was originally disabled by overriding the
dependencies with values indicating that they were not found.
Newer versions of LLVM no longer disable the OCaml bindings when overriding
OCAMLFIND. Consequently, the build process attempts to install the bindings
to the default location on the host of /usr/lib/ocaml/llvm, causing a
permissions error and build failure.
Additionally, LLVM has since added the variable LLVM_ENABLE_BINDINGS to
control whether bindings are enabled, so we override that to disable the
bindings.
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The initramfs is not a reall filesystem, so it does not use the
$(rootfs) infrastructure.
As a consequence, the usual rootfs-related variables are not set,
especially the name, type, and dependencies of the (non-)filesystem.
Yet, it is present in the list of rootfs to build, and thus we end
up including it in the output of show-info. But the missing variables
yield an incorrect json:
"": {
"type": "",
"virtual": false,
"version": "",
"licenses": "",
"dl_dir": "",
"install_target": ,
"install_staging": ,
"install_images": ,
"downloads": [ ],
"dependencies": [ ],
"reverse_dependencies": [ ]
},
First, the object key is empty; second, the install_target,
install_staging, and install_images values are empty, which is not
valid (if they were null, that be OK though). Third, this is clearly
the layout of a 'package' entry, not that of a 'rootfs' entry.
An option to fix that would be to actually make use of the rootfs
infra. However, that would mean doing a lot of work for nothing
(there is actually nothing to do, yet the infra would still do a lot
of preparatory and clean up work).
The alternative is pretty simple: declare and set the variables as if
it were a real filesystem, so that show-info can filter it to the
proper layout and can spit out appropriate content (even if fake).
The third option would be to teach show-info (and its internal
implementation, the macro json-info) to ignore specific cases, like
no-name items, or replace empty values with null, or whatnots. This
again would be quite a lot of work for a single occurence.
So we go for the simple faked variables.
We add linux as a dependency, so that the graph-depends also properly
represent the dependency chain, which ends up with something liKe:
ALL
|
v
rootfs-initramfs
| |
v v
linux rootfs-cpio
which is pretty fitting in the end.
Reported-by: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some ATF configurations, such as the ones for the STM32MP1 processor
family, require DTC during the build as Device Tree files are
used. Without dtc, the build fails:
/bin/sh: 1: dtc: not found
dtc version too old (), you need at least version 1.4.4
plat/st/stm32mp1/platform.mk:239: recipe for target 'check_dtc_version' failed
make[1]: *** [check_dtc_version] Error 1
To solve this, this commit implements a
BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_DTC option, in a way that mimics
the BR2_TARGET_UBOOT_NEEDS_DTC option we already have for the U-Boot
package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
localedef needs bison to satisfy a .y.c rule to generate a parser for
plural forms, to ultimately generate data for the target. So we do not
want to depend on the host-provided bison; we want to build our own (for
reproducibility).
localedef is a host-only package, and dependencies are not inherited
from the target variant, so we need to make them explicit host
dependencies.
And move the assignment after all the download-related variables.
Reported-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The update to version 8.32 removes the need for an extra patch [1]
(which was added in upstream) but requires another one [2] to fix a new
build issue related to the file 'src/ls.c'.
[1]: 0001-strtod_fix_clash_with_strtold.patch
[2]: 0001-ls-restore-8.31-behavior-on-removed-directories.patch
The changes in the 'COPYING' license file are purely cosmetic: the
https protocol is replacing http in all the links pointing to the
fsf.org and the gnu.org websites (plus a page being renamed). The
following diff shows one of these changes, they are all similar anyway:
- Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With BR2_PER_PACKAGE_DIRECTORIES=y, we have the following code in the
main Makefile:
target-finalize: $(PACKAGES) $(TARGET_DIR) host-finalize
@$(call MESSAGE,"Finalizing target directory")
$(call per-package-rsync,$(sort $(PACKAGES)),target,$(TARGET_DIR))
$(foreach hook,$(TARGET_FINALIZE_HOOKS),$($(hook))$(sep))
The per-package-rsync call creates the global $(TARGET_DIR) from the
per-package $(TARGET_DIR). Then, we call the TARGET_FINALIZE_HOOKS.
One of the TARGET_FINALIZE_HOOKS, PURGE_LOCALES, remove locales that
are not desired by the user. It does so using a loop with the
$(wildcard ...) function.
However, the $(wildcard ...) function is expanded at the moment the
rule is evaluated. And with per-package directory, at the time the
rule is evaluated, the global $(TARGET_DIR) is empty, so $(wildcard
...) will return nothing. It is indeed only after the call to
per-package-rsync that the TARGET_DIR will be populated.
This commit fixes that by moving away from $(wildcard ...) and use a
shell test instead, since we are anyway in big block of shell code.
With this, locales are properly purged again when
BR2_PER_PACKAGE_DIRECTORIES=y.
Fixes: c4e6d5c8be ("core: implement per-package SDK and target")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- make the style look like the code around (no space in front of ;)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If syslog-ng is selected in Buildroot and net-snmp is not, but net-snmp is
found on the host machine (at least its net-snmp-config script) then
compilation of syslog-ng fails with:
CC modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest-grammar.lo
CC modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest.lo
CC modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest-plugin.lo
arm-none-linux-gnueabi-gcc: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include'
make[3]: *** [Makefile:17397: modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest-grammar.lo] Error 1
make[3]: *** Waiting for unfinished jobs....
arm-none-linux-gnueabi-gcc: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include'
make[3]: *** [Makefile:17404: modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest.lo] Error 1
arm-none-linux-gnueabi-gcc: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include'
make[3]: *** [Makefile:17411: modules/snmp-dest/modules_snmp_dest_libsnmpdest_la-snmpdest-plugin.lo] Error 1
make[2]: *** [Makefile:21428: all-recursive] Error 1
make[1]: *** [Makefile:8740: all] Error 2
make[1]: Leaving directory '.../buildroot/output/build/syslog-ng-3.25.1'
make: *** [package/pkg-generic.mk:269: .../buildroot/output/build/syslog-ng-3.25.1/.stamp_built] Error 2
The path /usr/include is obtained via /usr/bin/net-snmp-config.
The fix comprises two parts:
1. only enable net-snmp support in syslog-ng if the net-snmp package is
enabled in Buildroot
2. for the case where net-snmp is selected in Buildroot, fix the configure
script of syslog-ng to allow parsing --with-netsnmp=<path> correctly.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit 0e2be4db8a
("package/pkg-generic: make file list logic parallel build
compatible"), the logic to create the list of files installed by a
particular package was significantly reworked to be compatible with
top-level parallel build.
Before this commit, there was only a after-install step of listing the
files in HOST_DIR/TARGET_DIR/STAGING_DIR. But after this commit, we
now have a before-install logic and an after-install logic.
It turns out that when the before-install logic is called for the very
first host package, $(HOST_DIR) doesn't exist yet, and therefore the
cd $(2) fails, with an error message:
/bin/sh: line 0: cd: /home/thomas/buildroot/output/host: No such file or directory
In fact, $(HOST_DIR), $(STAGING_DIR), $(TARGET_DIR) and
$(BINARIES_DIR) are created by the make rules for host installation,
staging installation, target installation and images installation, but
*after* calling the step_start hooks.
So, we simply fix this problem by creating the directories *before*
calling the step_start hooks.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add upstream patch to fix double-conversion compile for xtensa
and drop dependency on !BR_xtensa.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use "--exec-prefix=/" to install syslogd and klogd at /sbin, as required
by the init scripts. This also ensures that the BusyBox counterparts are
not installed.
Update the systemd unit files, accordingly.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without linux-pam built first, polkit will throw a configuration error:
configure: error: Could not find pam/pam-devel, please install the needed packages.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This file was created by utils/scancpan while adding other packages but
apparently not yet added in the repo.
Assign this test case to Bernd in the DEVELOPERS file since he is
listed as the maintainer for this package.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dependency for perl-crypt-ssleay (added in a subsequent commit)
Added via utils/scancpan, without changes.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a dependency for perl-lwp-protocol-https (added in a subsequent
patch).
Added via utils/scancpan, updating license only.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Note: even though the Chart.js developers make specific tarballs on GitHub
(i.e. not simply 'source code' tarballs), they cannot be used in Buildroot
because their names do not encode a version number, e.g. 'Chart.js.zip'.
This means that on upgrades, the same tarball name would have different
contents and thus a different hash.
Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Added via utils/scancpan, adding README.pod as license file and updating
license to Artistic-2.0.
Note that the license declared in META.{json,yml} ('perl') would mean either
Artistic or GPL-1.0, while the README.pod file only talks about
Artistic-2.0. Assume the author means the latter one.
Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Added via utils/scancpan, but removing the 'suspicious' dependency on
'host-perl-mojolicious'.
During configuration, the package warns:
Checking prerequisites...
requires:
! Mojo::Base is not installed
build_requires:
! Mojolicious::Lite is not installed
! Test::Mojo is not installed
ERRORS/WARNINGS FOUND IN PREREQUISITES. You may wish to install the versions
of the modules indicated above before proceeding with this installation
Run 'Build installdeps' to install missing prerequisites.
But the build and installation continues correctly nonetheless.
Signed-off-by: Joeri Barbarien <joeri.barbarien@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, vapi support does not work with meson due to meson calling vapigen
directly instead of the vala wrapper. As such, when building typelib files for
gobject-introspection, vapigen fails to find the proper .gir files and fails
to build.
Explicitly disable vapi until a fix for vapi is made.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, meson hard codes the paths of these binaries which results in
cross-compiled environments to run the host versions of these tools.
However, GObject-introspection provides the appropriate paths to these
utilities via pkg-config
find_program is needed in the case g-i is built as a subproject. If
g-ir-scanner or g-ir-compiler are in the build or source directory use those.
If they aren't found in the source directory, use the results from pkg-config.
Backport two upstream commits to fix the issue.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When building .gir .typelib files, the g-ir-scanner wrapper calls the host
g-ir-scanner. g-ir-scanner calls ccompiler.py, which searches for the following
environment variables:
CPP, CC, CXX, CPPFLAGS, CFLAGS, CXXFLAGS, LDFLAGS
These environment variables are empty by default, and as such ccompiler.py
defaults to either using the system tools (CC, CXX, and CPP) or leaving
the variables blank (LDFLAGS, CFLAGS, and CPPFLAGS.)
For autotools packages, this issue does not occur because autotools uses
Makefile.introspection found on the staging directory in
usr/share/gobject-introspection-1.0/ which automatically exports the above
variables.
However, for meson, the above variables are not exported when meson calls
g-ir-scanner to build .gir and .typelib files, which results in linking errors.
Exporting these variables in the g-ir-scanner wrapper fixes these issues and
ensures all build systems can generate .gir and .typelib files properly.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When building, gobject-introspection uses tools/g-ir-scanner to build
several .gir and .typelib files. To that goal, it internally builds and
runs a few small executables linked to libglib2. However, it does not
pass them any LDFLAGS that we could pass the buildsystem. So, it either
ends up trying to link with the system's libglib2, which may not be
instaleld (build breaks), or is installed to an other version (build may
break); in either cases, this is not good...
g-ir-scanner can use the argument --lib-dirs-envvar to pass a list of
library directories to search for. However, during the build process,
this is not possible due to the build process calling g-ir-scanner
directly without letting the user (us) pass any option.
When discussing with upstream, they explained that the only solution in
that case was to set and export LD_LIBRARY_PATH to point to the location
where the correct libglib2 was installed.
Ergo, that's what we do.
This fix has the added benefit of allowing the host gobject-introspection
to build the host .gir, .rnc, and .typelib files, which some packages
may require.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Build will fail if gobject-introspection is built before gupnp-dlna:
GISCAN GUPnPDLNAGst-2.0.gir
Couldn't find include 'Gst-1.0.gir' (search path: '['/home/buildroot/autobuild/run/instance-1/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '.', '/home/buildroot/autobuild/run/instance-1/output-1/host/share', 'gir-1.0', '/home/buildroot/autobuild/run/instance-1/output-1/host/share/gir-1.0', '/usr/share/gir-1.0']')
Fixes:
- http://autobuild.buildroot.org/results/829a84b37db7d9141785bfe2eec2dd0e6d3310f1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change license file to debian/copyright, since src/Main.cpp changed
between 2.1.0 and 2.2.1.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build will fail if gobject-introspection is built before libgtk3:
GISCAN Gdk-3.0.gir
Couldn't find include 'GdkPixbuf-2.0.gir' (search path: '['/home/fabrice/buildroot/output/host/bin/../aarch64-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '../gdk', '/home/fabrice/buildroot/output/host/share', '/usr/share/gnome/gir-1.0', '/usr/local/share/gir-1.0', '/usr/share/gir-1.0', '/home/fabrice/buildroot/output/host/share/gir-1.0', '/usr/share/gir-1.0']')
make[5]: *** [/home/fabrice/buildroot/output/host/bin/../aarch64-buildroot-linux-gnu/sysroot/usr/lib/../share/gobject-introspection-1.0/Makefile.introspection:156: Gdk-3.0.gir] Error 1
So disable introspection on host and target variant
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Build will fail if host-gobject-introspection is built before
host-gdk-pixbuf:
Writing a loaders.cache file to use when running examples before installing gdk-pixbuf.
Couldn't find include 'GModule-2.0.gir' (search path: '['/home/fabrice/buildroot/output/host/share', '/usr/share/gnome/gir-1.0', '/usr/local/share/gir-1.0', '/usr/share/gir-1.0', '/home/fabrice/buildroot/output/host/share/gir-1.0', '/usr/share/gir-1.0']')
So disable introspection on target and host variant
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enabling SELinux support in the kernel requires several options, many
of which are in different areas. These options are as follows:
- CONFIG_AUDIT
- CONFIG_DEFAULT_SECURITY_SELINUX
- CONFIG_INET
- CONFIG_NET
- CONFIG_SECURITY
- CONFIG_SECURITY_NETWORK
- CONFIG_SECURITY_SELINUX
As such, if a user selects the libselinux package, it is much easier
to select these options for them, much like we already do with other
packages such as systemd or iptables.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the same name as for the SysVinit scripts. This name is also used in
debian.
linuxptp-system-clock.service -> phc2sys.service
linuxptp.service -> ptp4l.service
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The "package/busybox/S01sysklogd" is taken as template to change the
init script of the linuxptp daemon. The init script is split two parts
because there are 2 daemons (ptp4l and phc2sys).
Let the user supply its own options in /etc/default/ptp4l and
/etc/default/phc2sys.
This patch also fixes an issue with the creation of the pid file that is
needed to properly stop the daemon again.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It is required that all patches in packages have the Signed-off-by of
the contributor who brought them into Buildroot.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building a toolchain with upstream gcc 9.x the build
fail due to several issues.
Note: The upstream Binutils support csky target since
release 2.32 but the support was never enabled in the
Buildroot packaging. So the latest version (2.33.1) was
tested here.
[upstream gcc 9.x w/ glibc csky fork with binutils csky for or binutils 2.33.1]
In file included from <command-line>:
./../include/libc-symbols.h:534:26: error: '__EI___errno_location' specifies less restrictive attributes than its target '__errno_location': 'const', 'nothrow' [-Werror=missing-attributes]
534 | extern __typeof (name) __EI_##name \
[upstream gcc 9.x w/ glibc 2.30 w/ binutils csky fork]
/tmp/ccThLRhb.s: Assembler messages:
/tmp/ccThLRhb.s:10: Error: invalid or unsupported encoding in .cfi_personality
/tmp/ccThLRhb.s:11: Error: invalid or unsupported encoding in .cfi_lsda
[upstream gcc 9.x w/ glibc 2.30 w/ binutils 2.33.1]
build/elf/librtld.os: in function `__sync_fetch_and_add_2':
libgcc/config/csky/linux-atomic.c:116: undefined reference to `__kernel_cmpxchg'
Currenlty, only the toolchain using binutils, gcc, glibc
fork produce a working toolchain. So disable gcc 9.x for
csky.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Guo Ren <guoren@kernel.org>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Update site to get latest release
- License is GPL-3.0+ since version 4.3.0 and
2bc924c184
- Switch to cmake-infrastructure
- Remove most of the existing dependencies (alsa, speex, libupnp, ...)
as they are now only managed in mediatreamer
- Add external dependencies: belr, belle-sip, libxml2, mediastreamer,
sqlite
- This bump is needed as current linphone does not build with latest
libeXosip2
Fixes:
- http://autobuild.buildroot.org/results/ed8bdcbfb7d453ed7d436bada35417ee305e6ac9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Retrieve official tarball and so remove autoreconf
- xlib_Xcursor is a mandatory dependency since
6dd85edc6f
- libtasn1 is a mandatory dependency since
673b267e66
- nettle is a mandatory dependency since
00d9e0c4c8
- gnutls is a mandatory dependency instead of openssl since
166d1bc14d
- pulseaudio is an optional dependency since
9b98c3b229
- iconv is mandatory since
2ea3f69873
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new version comes with some new features and minor fixes. The two
previously included patches were merged upstream. A new patch was added
to fix build on 32-bit systems. There's a new dependency to the pcap
library.
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Convert the package to a meson package.
- Remove 0001-add-PYTHON_INCLUDES-override.patch as it no longer applies.
- Add gobject-introspection as a dependency.
- Add the package under myself in the DEVELOPERS file.
Because gobject-introspection is now a dependency of python-gobject, the test
must be updated at the same time.
- Change TestPythonPy2Gobject to TestPythonPy3Gobject as
gobject-introspection requires python3.
- Refactor test_python_gobject.py to no longer inherit the
TestPythonPackageBase class, as this class uses a base config that does not
support gobject-introspection.
- Update sample_python_gobject to use Glib to find the path of sh.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Remove upstream patches.
- Change cross-compile options to upstream equivilants
- Add -Ddoctool=disabled to GOBJECT_INTROSPECTION_CONF_OPTS
- Change -Dcairo from a bool to a feature.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: keep patches ordering]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Change -Dlibmount from a bool to a feature.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If multiple entries are specified for _MESON_EXTRA_BINARIES, the current
sed expression will only replace the first one.
Specifically, from GNU sed 4.8 the manual says:
/regexp/
Match lines matching the regular expression regexp. Matching
is performed on the current pattern space, which can be modified
with commands such as ``s///''.
so after the first binary has been added, the next entry no longer
matches since the pattern space has been modifed.
Instead of adding a script for each value, apply the match once and add
a subsitution for all entries at once.
Signed-off-by: John Keeping <john@metanate.com>
Tested-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: do a single substitution]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Mostly straightforward conversion but keeping custom config/build env
to apply the python2 workaround.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The conversion is mostly straightforward. The jsc binary was not
installed by the qt5webkit build system, so we're keeping some custom
hook to install it.
It's worth mentioning that the package build system installs
QtWebProcess in /usr/libexec/ instead of /usr/bin.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The values in the cross-compilation file are expected to be quoted with
single quotes, which we have in our template.
However, the endian value we are injecting comes from Kconfig, so it is
double-quoted, and those quotes end up in the cross-compilation files we
generate (the internal one, and the SDK one):
endian = '"little"'
So qstrip the value before we inject it.
Propagate the fix to the two generated files by using the same variable
HOST_MESON_TARGET_ENDIAN in both cases, rather than replicating the
(flawed) logic.
While at it, also use the common GCC_TARGET_CPU variable for the SDK
file too.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It seems the old method was missing some files from the install
step since after the conversion the following additional files
appear in target after a build with all config options selected:
usr/lib/qt/plugins/lipi_toolkit/libactivedtw.so
usr/lib/qt/plugins/lipi_toolkit/libboxfld.so
usr/lib/qt/plugins/lipi_toolkit/libl7.so
usr/lib/qt/plugins/lipi_toolkit/liblipiengine.so
usr/lib/qt/plugins/lipi_toolkit/liblogger.so
usr/lib/qt/plugins/lipi_toolkit/libneuralnet.so
usr/lib/qt/plugins/lipi_toolkit/libnn.so
usr/lib/qt/plugins/lipi_toolkit/libnpen.so
usr/lib/qt/plugins/lipi_toolkit/libpointfloat.so
usr/lib/qt/plugins/lipi_toolkit/libpreproc.so
usr/lib/qt/plugins/lipi_toolkit/libsubstroke.so
usr/lib/qt/plugins/virtualkeyboard/libqtvirtualkeyboard_lipi.so
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use generic configure command but for now keep custom build and
install logic, as we only build some parts of qt5tools depending on
the selected sub-options.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
$$(STAGING_DIR) -> $(STAGING_DIR) in PKG_MESON_INSTALL_CROSS_CONF.
$$ resulted in `$(STAGING_DIR)` in the file instead of the expanded
value.
Note that this change only affects the etc config at:
host/etc/meson/cross-compilation.conf
Per-package cross-compilation.conf files are already correct.
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The "network" script allows configuring an interface by means of two
/etc/ifup.<if_name> and /etc/ifdown.<if_name> files with the commands
required to bring it up and down, respectively. So we can support the
BR2_SYSTEM_DHCP config if netifrc is not selected.
- Replace the dependency on !BR2_PACKAGE_OPENRC in Config.in by a
dependency on !BR2_PACKAGE_NETIFRC.
- Add an IFUPDOWN_SCRIPTS_DHCP_OPENRC macro to create the ifup.<if_name>
and ifdown.<if_name> files.
- Add an IFUPDOWN_SCRIPTS_INSTALL_INIT_OPENRC hook that includes the
IFUPDOWN_SCRIPTS_{PREAMBLE,DHCP,DHCP_OPENRC} macros. LOCALHOST is not
required, since "lo" is configured by the "loopback" script.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- adapt after the preamble was spit to itw own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, we always suppose that localhost settings will always come
before the (optional) DHCP ones. This is always true when using
sysvinit/busybox or systemd.
However, with openrc, this will no longer be the case: only the DHCP
settings will be present (OpenRC handles lo on his own).
So, prepare the macros to be independent one from the other, and for
symetry, in both:
- use append-redirection >> to populate the interfaces file,
- prepend a leading empty line at the beginning of each section.
The origianl singe '>' redirection would ensure the file would not grow
on a reinstall, but that's no longer the case, so reset the file prior
to filling it, using the canned preamble.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Generate it in the IFUPDOWN_SCRIPTS_INSTALL_INIT_<FOO> hook. This will
allow creating a file to configure an interface via DHCP for the openrc
network service, in a forthcoming change.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use the qmake infrastructure for its generic configure and build steps
but keep the manipulation of qwtconfig.pri as a PRE_CONFIGURE_HOOK as
well as the custom install steps.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The script is minuscle and can be useful to configure an interface via
DHCP at run-time.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Two simple tests to ensure that openrc boots without any services crashing
with a read only and a read write filing system.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr: really check the init process]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a patch to prevent starting agetty on tty[1-6]. Buildroot starts a
single getty, according to the system configuration. Also tty[1-6] may
not even exist (e.g. embedded devices with serial consoles only).
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In Buildroot getty is provided by BusyBox or util-linux (agetty). Both
create a /sbin/getty symlink pointing to the actual program, so make the
agetty service use that path instead of /sbin/agetty.
Also start agetty after all other services, to prevent mixing startup
messages with the getty prompt on devices with a single serial console,
as the custom unit we're dopping was doing already.
This allows us to drop the custom getty service, which causes an error
message from openrc 0.42.1 (in a forthcoming patch):
Error: getty is the name of a real and virtual service.
The patches are required because it's not possible to override the
command or startup order by means of a configuration file. Anyway it's
still better to patch something maintained upstream than depending on a
custom piece that may easily become obsolete.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- expand commit log to explain why we ve 'after *' in the same patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Convert build, staging and target install to the qmake infra commands.
This removes a lot of conditional code because we solely rely on all install
rules being properly generated according to the configured options.
Of course we keep the configure command/logic as is, because qmake does not
yet exist.
Handling of the custom qt.conf is now done in the post staging hook.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As we are about to convert qt5base to the qmake-package
infrastructure, we need to avoid a circular dependency: the qt5base
package itself should not depend on qt5base.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit converts the qextserialport to the qmake infra, which is a
straightforward conversion as it doesn't require any custom
environment option or additional hook.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This converts all qmake packages to the new infra for which no custom
environments, option or additional hooks are needed.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This provides generic functions for Qt5 qmake based packages. It will
make it possible to remove lots of redefinition of
QT5_xxx_{CONFIGURE|BUILD|INSTALL_STAGING}_CMDS. Additionally it
provides a generic target install method which will make most of the
package specific commands obsolete.
This is done by re-running the install step of the qmake generated
Makefile with the package build directory prepended (to the
staging/host path). Even though this does create lengthy pathes it
allows for easy separation of the staging files from the host destined
files by just omitting the resulting BUILD_DIR+HOST_DIR path from the
following rsync call to the real target folder. The cleanup of many
files we dont want in target is deferred to the target-finalize
step. In addition to what's being removed already, we also have to
cleanup some Qt5 specific files (prl) and the documentation directory.
This approach was chosen over copying all files recorded in the pkg-files-list
after some discussion which Thomas Petazzoni summed up:
"We don't yet use pkg-files-list really as part of the build
process anywhere, I feel a bit more comfortable at this point with what
Andreas is proposing."
Thanks to this infrastructure, it will be possible to get rid of the
many conditional install commands because qmake already takes care of
this when generating the Makefile install targets with the given or
autodetected configure options of each package.
However, custom install steps may have to remain in cases where a
particular Buildroot option has no corresponding setting in the
packages configuration options.
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On master during the stabilisation phase, a new patch was added to
systemd; in parallel, on the next branch, systemd was bumped. Then, when
next was merged into master, there was no merge conflict, so the uneeded
patch was left unnoticed.
That patch was applied upstream, and is present in the version we now
have, so it no longer applies.
Drop that patch.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop first patch (already in version)
- Update second patch
- License is GPL-3.0+ since version 4.3.0 and
85094197cf
- Switch to cmake-package and so drop third patch as autotools is not
updated anymore (and fails to build due to missing po/Makefile.in.in)
- Add a mandatory dependency to mbedtls (to enable crypto support in
bctoolbox)
- Add bcg729, jpegturbo, libgsm, libpcap, libsrtp and zxing-cpp optional
dependencies
- Add a dependency on dynamic library as no pkg-config calls are done in
cmake (static build with ffmepg and opus will fail for example)
- Drop libupnp optional dependency (not available anymore)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add openssl linker flags via LIBS to fix configure gensio
library detection.
Fixes:
http://autobuild.buildroot.net/results/66e0d3e0a2a8dc5a62c267d16a53216f0f2ce8dd
checking gensio/gensio.h usability... yes
checking gensio/gensio.h presence... yes
checking for gensio/gensio.h... yes
checking for str_to_gensio in -lgensio... no
configure: error: libgensio won't link, please install gensio dev package
The build/ser2net-4.1.1/config.log files states:
.../arm-buildroot-linux-uclibcgnueabi/bin/ld: .../host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgensio.a(gensio_filter_ssl.o): in function `gensio_do_ssl_init':
gensio_filter_ssl.c:(.text+0x34): undefined reference to `OPENSSL_init_ssl'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Buildroot's gitlab testing infra reported a build issue
with the qemu_arm_vexpress_tz_defconfig due to host-python3
modules issues [1]. Thoses issues has been fixed by the
previous patch.
But the defconfig doesn't boot with the current master
(2020.02-rc3).
It turn out that is an Qemu 4.2.0 regression that was
fixed upstream by [2]. This issue was found by using
git bisect old/new.
Fixes:
$ ../host/bin/qemu-system-arm -machine virt -machine secure=on -cpu cortex-a15 -smp 1 -s -m 1024 -d unimp -serial stdio -netdev user,id=vmnic -device virtio-net-device,netdev=vmnic -semihosting-config enable,target=native -bios bl1.bin
NOTICE: Booting Trusted Firmware
NOTICE: BL1: v2.0(release):2020.02-rc3-43-g9abf171ea6
NOTICE: BL1: Built : 12:44:52, Mar 8 2020
ERROR: Failed to load BL2 firmware.
After fixing host-python3 issue from [1]
[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/456818689
[2] 21bf9b06cb
Signed-off-by: Adrien Grassein <adrien.grassein@smile.fr>
[Romain:
- improve commit log
- add upstream link
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Cc: Gerome Burlats <gerome.burlats@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
TypeError: cannot use a str to initialize an array with typecode 'B'
File "../../scripts/file_to_c.py", line 32, in main
for x in array.array("B", inf.read()):
for x in array.array("B", inf.read()):
TypeError: cannot use a str to initialize an array with typecode 'B'
TypeError: cannot use a str to initialize an array with typecode 'B'
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[Peter: reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
optee-os needs host-python-pycrypto build for python3. The only way we can
force building host-python modules for python3 is to select python3 package
for the target.
Since we want to avoid adding more host-python3-<modules>
(host-python-pycrypto host-python-pyelftools), select python3 package
even if it's not used.
This problem will be fixed as soon as python2 is removed.
Fixes:
File "scripts/pem_to_pub_c.py", line 24, in main
from Crypto.PublicKey import RSA
ImportError: No module named 'Crypto'
https://gitlab.com/buildroot.org/buildroot/-/jobs/456818689
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
xtensa ld fails with the following message
ld: BFD (GNU Binutils) 2.31.1 internal error, aborting at
elf32-xtensa.c:3283 in elf_xtensa_finish_dynamic_sections
during domoticz package build. It happens because of mismatch between
the size allocated for dynamic relocations in the executable image and
the number of PLT relocations actually written to the image. The
mismatch is caused by the fact that undefined weak symbol is treated as
dynamic (and thus needing PLT relocation), but xtensa linker not
expecting that.
Fixes: http://autobuild.buildroot.net/results/7885705f1b1c0f31cf21b464150f5509929c1906/
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Backported from: e15a8da9c71336b06cb5f2706c3f6b7e6ddd95a3
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Apply patch from upstream and set PPPD_INGORE_CVES appropriately.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We need to set -DPROTOBUF_UPDATE_FILES=ON otherwise our protobuf
headers will be incompatible.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-userdbd is a system service that multiplexes user/group lookups
to all local services that provide JSON user/group record definitions
to the system. In addition it synthesizes JSON user/group records from
classic UNIX/glibc NSS user/group records in order to provide full
backwards compatibility.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd-repart grows and adds partitions to a partition table, based on
the configuration files described in repart.d.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set default-dns-over-tls to opportunistic when dns-over-tls is enabled
as it should be fully backwards compatible. The DNSOverTLS config in
resolved.conf can be used to override default-dns-over-tls.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When running ser2net it looks for config files in the legacy conf
format and the new yaml format so we need to allow either in the
sysv init script.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a configuration to enable the JavaScript shell (default off). So
far only libmozjs is required (by polkit) and the shell takes around
24MiB.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The web-interface files (~1.8MB) are by default installed under
/usr/share/doc/cups, which is unfortunate as Buildroot removes usr/share/doc
in target-finalize, breaking the webui.
As a fix, store the web-interface files under /usr/share/cups/doc-root,
similar to how it is done in Debian.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
[Peter: use --with-docdir, update description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The SWUPDATE_SET_BUILD_OPTIONS macro sets a number of swupdate
configuration options with local build details, especially the
cross-compiler path and sysroot path.
This means that if one stores an swupdate defconfig file as part of
Buildroot, generated with "make swupdate-update-defconfig", it will
contain things like:
CONFIG_CROSS_COMPILE="/home/thomas/projets/buildroot/output/host/bin/arm-linux-"
CONFIG_SYSROOT="/home/thomas/projets/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot"
which obviously are not good, as they are specific to where the build
was done.
So instead this commit:
- Uses the CROSS_COMPILE environment variable to pass the
cross-compiler path.
- Drops entirely the use of CONFIG_SYSROOT, since all it does is pass
a --sysroot option to the compiler, which is not needed in the
context of Buildroot.
- Pass EXTRA_CFLAGS/EXTRA_LDFLAGS also through the environment.
Thanks to that the swupdate defconfig file no longer contains any
local build details, and can be re-used by different users of a given
Buildroot configuration.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- disable introspection unconditionally (as already done for all
other original gstreamer1 packages)
- use '=' instead of '+=' for the first usage of GST1_VALIDATE_CONF_OPTS
Fixes:
http://autobuild.buildroot.net/results/e6e43fb85c71af9bb599ea8bbe2e805b392cf1ad
GEN GstValidate-1.0.gir
Couldn't find include 'GstPbutils-1.0.gir' (search path: '['/nvmedata/autobuild/instance-6/output-1/host/bin/../aarch64-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/usr/share/gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share', 'gir-1.0', '/nvmedata/autobuild/instance-6/output-1/host/share/gir-1.0', '/usr/share/gir-1.0']')
make[5]: *** [Makefile:1612: GstValidate-1.0.gir] Error 1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-thrift can fail if a broken Qt4 is found on host:
CMake Error in lib/cpp/CMakeLists.txt:
Imported target "Qt4::QtCore" includes non-existent path
"/nvmedata/autobuild/instance-4/output-1/host/usr/mkspecs/default"
in its INTERFACE_INCLUDE_DIRECTORIES. Possible reasons include:
* The path was deleted, renamed, or moved to another location.
* An install or uninstall procedure did not complete successfully.
* The installation package was faulty and references files it does not
provide.
Fixes:
- http://autobuild.buildroot.org/results/57cad5313896c868e99b0b9534678f1c83a386f2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If there is no infra set or infra is virtual the status is set to 'na'.
This is done for the follwing checks:
- license
- license-files
- hash
- hash-license
- patches
- version
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This value can be used for later processing.
In the buildroot-stats application this is used to create links pointing
to the git repo of buildroot.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Unify the status check information. The status is stored in a tuple. The
first entry is the status that can be 'ok', 'warning' or 'error'. The
second entry is a verbose message.
The following checks are performed:
- url: status of the URL check
- license: status of the license presence check
- license-files: status of the license file check
- hash: status of the hash file presence check
- patches: status of the patches count check
- pkg-check: status of the check-package script result
- developers: status if a package has developers in the DEVELOPERS file
- version: status of the version check
With that status information the following variables are replaced:
has_license, has_license_files, has_hash, url_status
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the function 'parse_developers' function from getdeveloperlib that
collect the information about the developers and the files they
maintain. Then set the maintainer(s) to each package.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch changes the type of the latest_version variable to a dict.
This is for better readability/usability of the data. With this the json
output is more descriptive in later processing of the json output.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
During the CVE checking phase, we can still see a huge amount of
Python processes (actually 128) running on the host, even though
the CVE step is entirely ran in the main thread.
These are actually the worker processes spawned to check for the
packages URL statuses and the latest versions from release-monitoring.
This is because of an issue in Python's multiprocessing implementation:
https://bugs.python.org/issue34172
The problem was already there before the CVE matching step was
introduced, but because pkg-stat was terminating right after the
release-monitoring step, it went unnoticed.
Also, do not hold a reference to the multiprocessing pool from
the Package class, as this is not needed.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In Python 3, the functions from the subprocess module return bytes
(and no longer strings as in Python 2), which must be decoded for
further text operations.
Now, pkg-stats can be run in Python 3.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It seems like throughout the series that the CVE pkg-stats support
went through, the support for ignoring CVEs in the per-package
<pkg>_IGNORE_CVES variable was forgotten.
Let's re-introduce this, which is now very simple thanks to the CVE
class, its .identifier() propertly and the .is_cve_ignored() method of
the Package class
Cc: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog (since 1.60):
- 1.61 2020-01-11 Fixed errors in the documentation for bcm2835_spi_write.
Fixes issue seen on Raspberry Pi 4 boards where 64-bit off_t is used by
default via -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64. The offset was
being incorrectly converted, this way is clearer and fixes the problem.
Contributed by Jonathan Perkin.
- 1.62 2020-01-12 Fixed a problem that could cause compile failures with
size_t and off_t
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The tools option installs more than gst-launch and gst-inspect, so
simplify its prompt to just "install tools", and update the Config.in
help text. While at it, we list them alphabetically.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add tools option to disable building/installing of gst-discoverer,
gst-device-monitor and gst-play command line tools (similar to
BR2_PACKAGE_GSTREAMER1_INSTALL_TOOLS).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- drop legacy patch 0001-configure-add-disable-runtime-tests-option.patch
and use -Dtests=disabled instead
- drop host-pkgconf dependency as pkgconf is only used in case tests
are enabled to find the check package (checked via meson output -
no 'Found pkg-config' - and via strace)
- update host-python dependency to host-python3 as the script
libevdev/make-event-names.py which is used to generate the
header file event-names.h is updated to python3:
'#!/usr/bin/env python3'
This made no difference with autotools build as the script
was called with '$(PYTHON) libevdev/make-event-names.py'.
We use BR2_PYTHON3_HOST_DEPENDENCY instead of depending on
host-python3, to use any available Python 3.x interpreter on the
build machine instead of building our own, if possible.
- add patch to fix tools compile with older toolchains adding
the local include path (only the meson build is affected)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
checking for a Python interpreter with version >= 2.6... none
configure: error: no suitable Python interpreter found
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
checking for a Python interpreter with version >= 2.6... none
configure: error: no suitable Python interpreter found
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash for LICENSE has changed due to the copyright being updated and
the note about licensing types has been moved to the bottom.
The hash for chomp.c has been changed due to the copyright being updated and
code changes in that file.
Changelog:
https://github.com/troglobit/libite/releases/tag/v2.1.2
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The dependency for libite was removed in upstream commit e27bfbf
dating back a couple of years.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds an option to support installing firmware files for the
Microchip/Microsemi VSC85xx networking PHY family.
There is a mismatch between Linux and Linux-firmware on the name of the
PHY (Microchip vs Microsemi), due to the acquisition of Microsemi by
Microchip. We chose here the name in Linux-firmware, but mentioned the
other one in the Kconfig help of the option.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some symlinks were not created correctly when installing the
Linux-firmware package. This patch fixes the support for all symlinks of
the form:
a/foo -> bar
a/foo -> b/bar
a/foo -> ../b/bar
With this patch all forms of symlinks described in the WHENCE file
should be supported, whether they are in nested directories, or in
non-existing ones.
As some symlinks could be in directories that do not exist, we must
maje sure to canonicalize the path before testing the linked-to file.
We compared the symlinks installed pre-20200122 to what we have now, and
it seems we're handling all of them with this patch.
Fixes: 55df4059d2 ("package/linux-firmware: fix symlink support")
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
[yann.morin.1998@free.fr:
- use readlink in canonicalize-missing mode, to avoid
creating-then-removing directories
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested-by: Antoine Tenart <antoine.tenart@bootlin.com>
Reviewed-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Activate already existing mesa3d solution for the isinf compile
failure for uclibc based toolchains instead of using a custom
workaround.
- remove 0005-src-gallium-drivers-nouveau-codegen-nv50_ir_ra.cpp-p.patch
- add 0004-c99_math-import-isinf-for-uclibc-based-toolchains.patch
Fixes:
http://autobuild.buildroot.net/results/cbefc5d4a4fefb674e596400fa1d2698cd89c5b3/http://autobuild.buildroot.net/results/dc974da012f53fa4ed3be616f937b0afae423d66/
../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp: In member function 'bool nv50_ir::GCRA::simplify()':
../src/gallium/drivers/nouveau/codegen/nv50_ir_ra.cpp:1348:19: error: expected unqualified-id before '(' token
if (std::isinf(bestScore)) {
^
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It was discovered the fix for CVE-2018-19758 (libsndfile) was not
complete and still allows a read beyond the limits of a buffer in
wav_write_header() function in wav.c. A local attacker may use this flaw
to make the application crash.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There is a heap-based buffer over-read at wav.c in wav_write_header in
libsndfile 1.0.28 that will cause a denial of service.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Several users of rolling-release distributions have been reporting on
IRC that Buildroot is broken now that they have switched to the newly
released make 4.3.
It turns out that the constructs we use to generated and include the
internal br2-external related fragments is no longer working with
make-4.3.
Indeed, an upstream bug report [0] seems to imply that it so far was
working by chance. There has been no further feedback, whether this is
really considered a fix for a previous ill-defined behaviour, or an
actual regression...
In the meantime, we add a workaround, suggested in that same bug report,
that fixes the issue for make 4.3, and that should not break on older
make versions either (verified on all relevant versions: from 3.81,
3.82, 4.0, 4.1, and 4.2).
[0] https://savannah.gnu.org/bugs/?57676
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Mircea Gliga <mgliga@bitdefender.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2019-1010301: jhead 3.03 is affected by: Buffer Overflow. The
impact is: Denial of service. The component is: gpsinfo.c Line 151
ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG
file.
- Fix CVE-2019-1010302: jhead 3.03 is affected by: Incorrect Access
Control. The impact is: Denial of service. The component is: iptc.c
Line 122 show_IPTC(). The attack vector is: the victim must open a
specially crafted JPEG file.
- Fix CVE-2019-19035: jhead 3.03 is affected by: heap-based buffer
over-read. The impact is: Denial of service. The component is:
ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is:
Open a specially crafted JPEG file.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS
functions and aggregates on Oracle.
GIS functions and aggregates on Oracle were subject to SQL injection,
using a suitably crafted tolerance.
For more details, see the advisory:
https://www.djangoproject.com/weblog/2020/mar/04/security-releases/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 9ea528f84b (package/python-nfc: bump to version 0.13.5) changed the
python-nfc package to download from github, so the package no longer needs
bzr on the host.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add patch to fix static linking of tools.
Fixes:
http://autobuild.buildroot.net/results/b33019b3c9ad856aced34215c69bb292b536e25e
.../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `gst_plugin_register_func':
gstplugin.c:(.text+0x3bc): undefined reference to `g_module_make_resident'
.../bin/ld: .../usr/lib/libgstreamer-1.0.a(gstplugin.c.o): in function `_priv_gst_plugin_load_file_for_registry':
gstplugin.c:(.text+0x1228): undefined reference to `g_module_supported'
.../bin/ld: gstplugin.c:(.text+0x126c): undefined reference to `g_module_open'
.../bin/ld: gstplugin.c:(.text+0x1368): undefined reference to `g_module_symbol'
.../bin/ld: gstplugin.c:(.text+0x1494): undefined reference to `g_module_supported'
.../bin/ld: gstplugin.c:(.text+0x17f4): undefined reference to `g_module_close'
.../bin/ld: gstplugin.c:(.text+0x1a2c): undefined reference to `g_module_error'
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With classpath removed, no packages select these symbols any more - So drop
them and their corresponding logic in dependencies.sh / genrandconfig.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package has been abandoned by upstream since 2016 and has not
had a release since 2012. In addition the GNU Compiler for Java
that classpath was written to be used with has been removed as of
GCC 7.
It is no longer feasible to support classpath as it requires a java
compiler capable of producing java 1.5 compatible bytecode which is
not possible on hosts with a recent java compiler.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop both patches:
- 0001-Prepend-zero-byte-before-unsigned-integers.patch is upstream
as of 949ae648bf7c654b8fae607a0988bfa672607156
- 0002-mib.c-allow-unsigned-integers-to-have-an-extra-byte.patch is
upstream as of
Use the systemd unit file provided by the upstream project instead of
our own, just add an /etc/default/ file to add the -a option to
preserve the same behavior.
This new version now needs pkg-config.
v1.6 changelog:
Bug fix release.
- Fix#16: regression in ifTable for point-to-point interfaces
- Fix#17: major memory leak in Linux backend
- Fix#18: consistent timeout handling in .conf file and command line
v1.5 changelog:
Major feature release. Support for TCP-MIB, UDP-MIB, IP-MIB,
ifXTable with 64-bit counters.
- Majority of new features from [NDM Systems][]
- CVE fixes from [Cisco Talos Intelligence Group][talos]
- Add support for ifXTable (64-bit counters), from NDM Systems
- Add support for TCP-MIB, from NDM Systems
- Add support for UDP-MIB, from NDM Systems
- Add support for IP-MIB, from NDM Systems
- Add support for ifType
- Add support for ifMtu
- Binary and man page renamed: `mini_snmpd` --> `mini-snmpd`
- New command line option `-l LEVEL` replaces `--verbose`
- New command line option `-v` to show program version
- Create PID file when daemon is ready to receive signals
- Add support for systemd unit file on Linux
- Add support for /etc/mini-snmpd.conf, disabled by default
- CVE-2020-6060: Fix stack overflow in client connection handler
- CVE-2020-6059: Fix out-of-bounds read in parsing of SNMP packet
- CVE-2020-6058: Fix out-of-bounds read in parsing of SNMP packet
- Let `-s` flag control use of syslog, when running in foreground
- Removed all (known) GNU:isms; i.e., `__progname` and `%m`
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to
overwrite arbitrary files via a .. (dot dot) in a zip file, because of
the function unzzip_cat in the bins/unzzipcat-mem.c file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
An issue was discovered in ZZIPlib through 0.13.69. There is a memory
leak triggered in the function __zzip_parse_root_directory in zip.c,
which will lead to a denial of service attack.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed
style diff payload with shell metacharacters. The ed editor does not
need to be present on the vulnerable system. This is different from
CVE-2018-1000156.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings
beginning with a ! character. NOTE: this is the same commit as for
CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to
a shell metacharacter.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The comment "Check files that are touched by more than one package"
was previously located right before the calls to the check-uniq-files
script. However, this script and the logic calling it have been
removed in commit 2496189a42 ("core:
drop check-uniq-files"), so the comment no longer makes any sense:
let's drop it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since Linux-firmware's commit 9cfefbd7fbda ("Remove duplicate symlinks")
symlinks aren't distributed anymore. They are rather created at
installation time by a script provided in the project, copy-firmware.sh.
The description of the symlinks is done in the WHENCE file. Since the
bump to version 20200122, in commit 48cc1a89ae, installation for many
firmwares was broken as Buildroot tried to install missing symlinks from
Linux-firmware.
The fix is not only to remove now missing symlinks, but to add logic to
create those symlinks as kernel modules will depend on them. The
solution taken by this patch is to create dynamically symlinks based on
their description in the WHENCE file *and* only if the file they'll
point to was installed in the target directory.
Fixes: 48cc1a89ae ("package/linux-firmware: bump to version 20200122")
Cc: james.hilliard1@gmail.com
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
[yann.morin.1998@free.fr:
- don't use a post-install hook
- consolidate grep+sed into a single sed
- split long ling
- detect ln error and exit
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a
memory leak (CWE-655) in VNC server code, which allow an attacker to
read stack memory and can be abused for information disclosure. Combined
with another vulnerability, it can be used to leak stack memory and
bypass ASLR. This attack appear to be exploitable via network
connectivity. These vulnerabilities have been fixed in commit
d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability
in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
During the CVE checking phase, we can still see a huge amount of
Python processes (actually 128) running on the host, even though
the CVE step is entirely ran in the main thread.
These are actually the worker processes spawned to check for the
packages URL statuses and the latest versions from release-monitoring.
This is because of an issue in Python's multiprocessing implementation:
https://bugs.python.org/issue34172
The problem was already there before the CVE matching step was
introduced, but because pkg-stat was terminating right after the
release-monitoring step, it went unnoticed.
Also, do not hold a reference to the multiprocessing pool from
the Package class, as this is not needed.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In Python 3, the functions from the subprocess module return bytes
(and no longer strings as in Python 2), which must be decoded for
further text operations.
Now, pkg-stats can be run in Python 3.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib
1.11.1 allows remote attackers to cause information disclosure
(heap-based buffer over-read) via a crafted audio file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building qdoc requires a llvm and clang for the host.
However, there is a limitation in the llvm and clang packages in
Buildroot, which makes it impossible to have a host variant without
a target variant.
So, propagate the dependencies of the target llvm and clang, to ensure
we can only have a host-llvm and -clang packages that are correctly
built.
Note that we do propagate all of the dependencies (instead of just the
architecture part), to be consistent.
Reported-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes the following CVEs:
- CVE-2020-9428:
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
the EAP dissector could crash. This was addressed in
epan/dissectors/packet-eap.c by using more careful sscanf parsing.
- CVE-2020-9429:
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash.
This was addressed in epan/dissectors/packet-wireguard.c by
handling the situation where a certain data structure intentionally
has a NULL value.
- CVE-2020-9430:
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
the WiMax DLMAP dissector could crash.
This was addressed in plugins/epan/wimax/msg_dlmap.c by validating
a length field.
- CVE-2020-9431:
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
the LTE RRC dissector could leak memory. This was addressed in
epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a
stack-based buffer over-read.
Same patch as for CVE-2017-14160
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- update 0001-*.patch to also reference CVE-2018-10393
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not
validate the number of channels, which allows remote attackers to cause
a denial of service (heap-based buffer overflow or over-read) or
possibly have unspecified other impact via a crafted file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and
Android, has a buffer overflow in the dev_map_read function in
btt/devmap.c because the device and devno arrays are too small, as
demonstrated by an invalid free when using the btt program with a
crafted file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
While investigating [1] one units failed due to missing kernel option
CONFIG_BINFMT_MISC needed by "proc-sys-fs-binfmt_misc.mount" service.
It's because the kernel support autofs4 but not MISC binaries.
Since the systemd test infra use the default defconfig (vexpress),
we need to provide a linux fragment to enable CONFIG_BINFMT_MISC.
[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/454255917
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- move the kernel config with the others in conf/
]
Tested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read
has been detected in the pure_strcmp function in utils.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the
listdir function in ls.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through
2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a
different issue than CVE-2020-6851.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
OpenJPEG through 2.3.1 has a heap-based buffer overflow in
opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of
opj_j2k_update_image_dimensions validation.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In OpenJPEG 2.3.1, there is excessive iteration in the
opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could
leverage this vulnerability to cause a denial of service via a crafted
bmp file. This issue is similar to CVE-2018-6616.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in
the HTTP request parsing logic. By sending a crafted multipart/form-data
HTTP request, an attacker could exploit this to force shellinaboxd into
an infinite loop, exhausting available CPU resources and taking the
service down.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in Suricata 5.0.0. It is possible to
bypass/evade any tcp based signature by overlapping a TCP segment with a
fake FIN packet. The fake FIN packet is injected just before the PUSH
ACK packet we want to bypass. The PUSH ACK packet (containing the data)
will be ignored by Suricata because it overlaps the FIN packet (the
sequence and ack number are identical in the two packets). The client
will ignore the fake FIN packet because the ACK flag is not set. Both
linux and windows clients are ignoring the injected packet.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666
regardless of the configured umask, leading to disclosure of information
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input
file can result in an infinite loop and hang, with high CPU consumption.
Remote attackers could leverage this vulnerability to cause a denial of
service via a crafted file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream patch to fix CVE-2018-19876: cairo 1.16.0, in
cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a
free function incompatible with WebKit's fastMalloc, leading to an
application crash with a "free(): invalid pointer" error.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in
types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory
in crwimage_int.cpp, because there is no validation of the relationship
of the total size to the offset and size.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2019-15682: RDesktop version 1.8.4 contains multiple
out-of-bound access read vulnerabilities in its code, which results in
a denial of service (DoS) condition. This attack appear to be
exploitable via network connectivity. These issues have been fixed in
version 1.8.5
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
keymaps and save-keymaps require kbd_mode and dumpkeys, respectively, so
remove them if the kbd package is not selected (e.g. devices with serial
console, only).
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- expand to three commands to match the existing hook
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This CVE does not affect the boost package, but is misclassified by our
CVS tracker. As per the advisory:
Unspecified vulnerability in Boost before 6.x-1.03, a module for
Drupal, allows remote attackers to create new webroot directories
via unknown attack vectors.
Ignore the CVS, and expand a comment to explain it.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: expand the comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
openrc provides scripts that have been written for the big-gun kmod, and
so use options unknown to the busybox' provided applets:
- Busybox modprobe does not have a "--first-time" option,
- the "--verbose" option is just "-v",
- the "--use-blacklist" option is just "-b". Also blacklist support is
not selected in our default busybox configuration.
One of two options, is to "fix" or "adapt" openrc's scripts to busybox,
which means for the openrc package to go peek into files from the
busybox package, which is not nice, and can't work because that is not
available by the time we scan our Makefiles.
The other option, which this patch implements, is to just add a
dependency onto kmod and its tools.
Reported-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In all steps, we print the message indicating the start of the step
using the MESSAGE macro before running pre-hooks. Except in the image
installation step, where the message is printed after the pre-hooks.
Let's fix this inconsistency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
modern versions of exim are installed into sbin not bin
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2020-9308: archive_read_support_format_rar5.c in libarchive
before 3.4.2 attempts to unpack a RAR5 file with an invalid or
corrupted header (such as a header size of zero), leading to a SIGSEGV
or possibly unspecified other impact.
- use --with-nettle to enable nettle support, see
f96a71144b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- drop new optional dependency to mbedtsl, forced off for now
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in
packet.c has an integer overflow in a bounds check, enabling an attacker
to specify an arbitrary (out-of-bounds) offset for a subsequent memory
read. A crafted SSH server may be able to disclose sensitive information
or cause a denial of service condition on the client system when a user
connects to the server.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A vulnerability was found in dnsmasq before version 2.81, where the
memory leak allows remote attackers to cause a denial of service
(memory consumption) via vectors involving DHCP response creation.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2019-17543: LZ4 before 1.9.2 has a heap-based buffer overflow
in LZ4_write32 (related to LZ4_compress_destSize), affecting
applications that call LZ4_compress_fast with a large input. (This
issue can also lead to data corruption.) NOTE: the vendor states "only
a few specific / uncommon usages of the API are at risk."
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2019-20044: In Zsh before 5.8, attackers able to execute
commands can regain privileges dropped by the --no-PRIVILEGED option.
Zsh fails to overwrite the saved uid, so the original privileges can
be restored by executing MODULE_PATH=/dir/with/module zmodload with a
module that calls setuid().
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As discussed during the FOSDEM2019 develop days, Qt 5.6 is very old (5.6.3
was released in September 2017, and 5.6.x became EOL in March 2019), so drop
it before the new Buildroot LTS release:
https://elinux.org/Buildroot:DeveloperDaysFOSDEM2019#Qt5_versions_to_support:_keep_5.6_or_a_newer_LTS.3F
And add legacy handling for it.
There are a number of places where code checks for
BR2_PACKAGE_QT5_VERSION_LATEST, so leave that as a blind option for now to
not break the build.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The current solution used to collect the list of files installed by
packages does not work for top-level parallel build. Indeed, we rely
on a file created after the installation of the previous package to
build the list of files installed by the current package.
This works well when packages are built sequentially, but badly fails
when using top-level parallel build.
More specifically, top-level parallel build can fail with:
comm: /home/thomas/buildroot/output/build/.files-list-host.new: No such file or directory
Because that file has been removed concurrently by the build process
of another package.
This commit reworks the logic in a very straight-forward way. Before
the installation of each package, we store the list of files that are
already installed and store it in the package build directory. After
the installation of each package, we store again that list of files,
calculate the difference with the before file, and store that as the
list of files installed by that package, still in the package build
directory.
At the end of the build, in target-finalize we collect all the
collected information into the global package file lists, that
continue to be installed in the same location as before, with the same
name.
There are however some differences:
(1) The files are no longer ordered in build order, but by alphabetic
ordering of packages. Indeed, "build order" no longer makes any
sense in the context of top-level parallel build.
(2) Some files which were incorrectly tracked are no longer
tracked. For example, the toolchain package is a target package,
but it installs files in $(HOST_DIR). In the previous logic, the
files installed by the toolchain package in $(HOST_DIR) were
incorrectly affected to the next host package that was installed
after the toolchain package. With our new logic, those files are
no longer tracked at all. To fix this, we would have to change
the logic to scan HOST_DIR/TARGET_DIR/STAGING_DIR for all
installation steps, not just for the install-host, install-target
and install-staging steps respecitively. But the result was
already incorrect anyway, and therefore this should be fixed
separately.
Note that the check_bin_arch hook needs to be adjusted: it was using
the global package-file-list.txt file, but this file is now created
only at the very end of the build. So instead, we use the current
package .file-list.txt file to know which packages have been installed
by the current package in $(TARGET_DIR).
Fixes:
http://autobuild.buildroot.net/results/4e60fa31b1cd08bc7fdf9c5dd3a3f4941e029ba3/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use the same trick in step_pkg_size as the one used in check_bin_arch:
factorize the two $(filter ...) calls into one, checking in one step
the step and whether it's the beginning or end of the step.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bugfix release, fixing a number of issues. For details, see the
announcement:
https://docs.python.org/release/3.8.2/whatsnew/changelog.html#python-3-8-2-final
Adjust the spacing in the hash file and update the hash of the license file
for a change in copyright years:
-2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019 Python Software Foundation;
+2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Python Software Foundation;
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As pointed by Peter combined condition of the 2 gcc bugs is potentially
wrong, but as Thomas pointed in this case it's not harmful. Let's fix it
anyway since it's basically wrong even it doesn't cause harm.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The host-swig package installs the swig binary as 'swig' and adds a
swig<major> symlink (E.G. swig4.0). This causes issues for older software
which may not know about the 4.0 version of swig, E.G. CMake 3.10.x
contains the following swig detection logic:
find_program(SWIG_EXECUTABLE NAMES swig3.0 swig2.0 swig)
If the host has a 3.x or 2.x variant of swig installed, then that will be
used instead of our host-swig.
As a workaround, also add a swig3.0 symlink so our host-swig will be used.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Peter: reworded]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Select udev-gentoo-scripts and avoid installing the sysv init script.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr: use a fake openrc init hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Gentoo scripts to initialize udev via openrc, to be used by eudev.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr: fix commit title]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2020-9273: In ProFTPD 1.3.7, it is possible to corrupt the memory pool
by interrupting the data transfer channel. This triggers a use-after-free
in alloc_pool in pool.c, and possible remote code execution.
And additionally, fixes a number of other issues. For details, see the
release notes:
https://github.com/proftpd/proftpd/blob/1.3.6/RELEASE_NOTES
This also bumps the bundled libcap, so
0001-fix-kernel-header-capability-version.patch can be dropped.
While we are at it, adjust the white space in the .hash function to match
the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Similar to the fix for the base beaglebone defconfig in commit 38912a61be
(configs/beaglebone: kernel builds needs host-openssl), the qt5 variant uses
the same kernel, so also needs host-openssl.
Fixes:
914 scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
915 #include <openssl/bio.h>
https://gitlab.com/buildroot.org/buildroot/-/jobs/451176891
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The recent bump of python-pyyaml to version 5.3 causes a runtime
failure in docker-compose:
pkg_resources.ContextualVersionConflict: (PyYAML 5.3 (/usr/lib/python3.8/site-packages), Requirement.parse('PyYAML<5.2,>=3.10'), {'docker-compose'})
https://gitlab.com/buildroot.org/buildroot/-/jobs/442151461
Fix it by adjusting 0003-support-PyYAML-up-to-5.1-version.patch to
allow all pyyaml 5.x versions, similar to what upstream has done
post-1.24.1:
c818bfc62c
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also:
* Drop patch 0003 which is included in the new version.
* Update hash value of the COPYRIGHT file as the copyright year was
updated.
>From the release history [1]:
This release moves all 32-bit archs to 64-bit time_t, enabling them
to represent times beyond January of 2038.
There are no new requirements on kernel version, and this is not a
hard ABI break, but the type changes do impact compatibility between
code built against previous versions of musl and code built against
musl 1.2. Users upgrading 32-bit systems should read the detailed
time64 release notes [2]. 64-bit systems are not affected.
In addition, character data has been updated to align with Unicode
12.1.0, along with fixes for some errors in the data and a replacement
for inefficient and unmaintainable case-mapping code. Correctness of
results has been improved in the math library, particularly some complex
functions and 32-bit x86 asm. Various arch-specific bugs have also been
fixed.
[1] https://musl.libc.org/releases.html
[2] https://musl.libc.org/time64.html
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patch for avro-c that was applied upstream
- Fix inconsistency in PYTHON_AVRO_SITE
- Adopt new spacing convention in .hash files
- Add upstream patch for python-avro
- Add patch to remove installation-time linting in python-avro
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
0001-configure-add-without-demo-option: adapt patch to 5.2.8 version
0002-use-gdlib-config-properly: already applied upstream
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building host-util-linux, the systemdsystemunitdir is set to the
real host directory, so the install step fails with:
/usr/bin/install: cannot remove '/usr/lib/systemd/system/fstrim.service': Permission denied
/usr/bin/install: cannot remove '/usr/lib/systemd/system/fstrim.timer': Permission denied
Since we don't need systemd support in host-util-linux, unconditionally
disable it for the host build.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 3f8ace0028
("board/freescale/common/imx: add support for i.MX8") had its
conflicts incorrectly tweaked when applied to Buildroot. The
ahab-container.img is installed with this name (ahab-container.img) by
the imx-firmware package, and not mx8qm-ahab-container.img or
mx8qx-ahab-container.img.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Julien Olivain <juju@cotds.org>
Tested-by: Julien Olivain <juju@cotds.org>
Reported-by: Fabio Estevam <festevam@gmail.com>
Tested-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
brltty builds host tools which rely on the expat library, and
pkg-config is used to detect the expat library.
Since commit cd16e18584 ("pkgconf:
always keep system libs"), the wrapper script added
--keep-system-libs, which adds a -L$(STAGING_DIR)/usr/lib to the
pkg-config results instead of just -lexpat. So, previously, by chance,
the pkg-config result for the target expat was "good enough" for the
host expat as well. But now that -L$(STAGING_DIR)/usr/lib is added, it
breaks the build in all sort of ways as obviously building host
binaries with the library search path pointing to $(STAGING_DIR) is
not a good idea.
To fix that, this commit adjusts the brltty build system so that the
PKG_CONFIG_FOR_BUILD variable is used when using pkg-config to build
host binaries.
Fixes:
http://autobuild.buildroot.net/results/5a64dfb845389882c366b6c91aaf5868c090a802/
Many thanks to the initial work from Fabrice Fontaine at
http://patchwork.ozlabs.org/patch/1238163/ which provided an initial
starting point for this investigation.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also add the line "HOST_VALA_CONF_OPTS += --disable-valadoc"
as valadoc requires libgvc which is not available in Buildroot.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch to correct a typo in the Makefile, so -fno-stack-protector /
-fno-stack-protector-all are really used. With this applied, kvm-unit-tests
will always be built without SSP as intented by upstream. This will fix the
build on ppc64 with SSP that started to fail for an unknown reason since
November 27th.
Moreover, the Arch Linux workaround could also be removed in a follow-up
patch.
Fixes:
- http://autobuild.buildroot.org/results/ad689b08173548af21dd1fb0e827fd561de6dfef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This includes the following changes:
66c8f65 Makefile.am: use BUILT_SOURCES instead of BUILD_SOURCES
f7a354d Generate image headers from their PNG source, while still including them in dist tarball
983837e Import png source for images, extracted from headers
3bd1557 Cleanup poky logo
773a397 Add configure flags for fullscreen logo and no startup message
2913c24 Double buffering support
8188d68 Support --with-font configure option to use other font headers
88c4b71 Add SPDX License information to files, drop boilerplate
904f4aa add systemd support
e94bd11 process consecutive commands
568f28e use /run for communication FIFO
ee053e0 add recovered bar.png
2015f70 Fix text width calculation.
Also:
- remove the 'psplash-quit.service' unit file
- add 'psplash-systemd.service' to use the new systemd support in psplash
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For additional post-244 fixes.
Update the hash of the README after commit faba5b2b (Revert "Drop dbus
activation stub service") changed a comment about dbus:
- dbus >= 1.11.0 (strictly speaking optional, but recommended)
+ dbus >= 1.4.0 (strictly speaking optional, but recommended)
+ NOTE: If using dbus < 1.9.18, you should override the default
+ policy directory (--with-dbuspolicydir=/etc/dbus-1/system.d).
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As discussed during the FOSDEM2019 develop days, Qt 5.6 is very old (5.6.3
was released in September 2017, and 5.6.x became EOL in March 2019), so drop
it before the new Buildroot LTS release:
https://elinux.org/Buildroot:DeveloperDaysFOSDEM2019#Qt5_versions_to_support:_keep_5.6_or_a_newer_LTS.3F
And add legacy handling for it.
There are a number of places where code checks for
BR2_PACKAGE_QT5_VERSION_LATEST, so leave that as a blind option for now to
not break the build.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Workaround for:
ld: hv_vss_daemon.o: unable to initialize decompress status for section .debug_info
ld: hv_vss_daemon.o: unable to initialize decompress status for section .debug_info
hv_vss_daemon.o: file not recognized: File format not recognized
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a patch to correct a typo in the Makefile, so -fno-stack-protector /
-fno-stack-protector-all are really used. With this applied, kvm-unit-tests
will always be built without SSP as intented by upstream. This will fix the
build on ppc64 with SSP that started to fail for an unknown reason since
November 27th.
Moreover, the Arch Linux workaround could also be removed in a follow-up
patch.
Fixes:
- http://autobuild.buildroot.org/results/ad689b08173548af21dd1fb0e827fd561de6dfef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The NVD files that are used to build the list of CVEs affecting
Buildroot packages are quite large (a few hundreds MB of json),
and cause the pkg-stats scripts to have a huge memory footprint
(a few GB with Python 2.7).
However, because we only need to iterate on CVE items one by one,
we can process them in streaming (ie decoding one CVE at a time
from the JSON representation). Because the json module from the
python standard library does not support such a mode of operation,
we switch to the third-party package ijson, which is compatible
with both Python 2 and Python3.
To run the script with these modifications, one should install
the ijson python package. This can be done with pip:
`pip install ijson`. On Debian based distributions, this can
also be done with the apt package manager:
`apt install python-ijson`.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop second and third patches (already in version)
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The regular expressions used in the sed commands assumes that there is a
space after '/dev/root' but the skeleton file contains a tab. Use a more
flexible '[[:blank:]]', instead.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This bump also includes:
* Drop upstream security patch which is included in the new version
* Unconditionally disable support for Qt5 [1] (same as Qt3 and Qt4)
* Drop dependency on host-inttool, as avahi switched to host-gettext [2]
* Conditionally enable support for libevent [3]
[1] 5dbb32767a
[2] 3d5a0c6805
[3] 998e20cd76
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A project could quite possibly have a custom rcw file
that does not rely on any custom rcw include files (rcwi).
Allow the build to succeed if this is the case.
Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
[yann.morin.1998@free.fr: install includes in a separate hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Call BUSYBOX_INSTALL_INDIVIDUAL_BINARIES in BUSYBOX_INSTALL_TARGET_CMDS,
not in BUSYBOX_INSTALL_INIT_SYSV. This should have been done in commit
b1e07d6d79 but was somehow lost during the
review/aply process.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
GCC later than 5.x produce _fdti1.so file with an undefined
symbol str2charp_size due to C99 inline semantics change. So
remove this keyword.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[yann.morin.1998@free.fr: add upstream status]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bugfix release, fixing a number of issues:
- Fixed mixing salted and unsalted sessions in the same ESAPI context
- Removed use of VLAs from TPML marshal code
- Added check for object node before calling compute_session_value function
- Fixed auth calculation in Esys_StartAuthSession called with optional parameters
- Fixed compute_encrypted_salt error handling in Esys_StartAuthSession
- Fixed exported symbols map for libtss2-mu
The 2.3.3 tarball accidently contains a Makefile-fuzz-generated.am with
content from a fuzz testing run (rather than an empty file as in earlier
releases), confusing autoreconf together with our
0001-configure-Only-use-CXX-when-fuzzing.patch.
Work around that by adding a post-patch hook to truncate the file. The
issue has been reported upstream and the release logic has been changed to
ensure this does not happen again for future releases:
d163041e3b
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Unlike <PKG>_DEPENDENCIES, <PKG>_PATCH_DEPENDENCIES only guarantees
extract and patch of listed dependencies, not build. Make this subtlety
more explicit in the documentation.
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: slight fix]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix potential memory overread when performing an ECDSA signature
operation. The overread only happens with cryptographically low
probability (of the order of 2^-n where n is the bitsize of the
curve) unless the RNG is broken, and could result in information
disclosure or denial of service (application crash or extra resource
consumption).
- To avoid a side channel vulnerability when parsing an RSA private
key, read all the CRT parameters from the DER structure rather than
reconstructing them.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- systemd optional dependency has been added in version 7.0
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the Config.in file has the line:
select BR2_PACKAGE_PYTHON3 if !BR2_PACKAGE_PYTHON
This line is incorrect as gobject-introspection does not support python2.
Instead, remove the select line and make python3 a dependency with a new
message that explains that gobject-introspection requires python3.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- move the explanations from the commit log to the code
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Removed patch that was applied upstream
- Removed AUTORECONF request that came with patch
- Updated library's download name
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We don't provide a configuration file, so disable radvd by default.
Update the help message with instructions on how to enable radvd at
build time with systemd.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit adds a user-visible option
BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG, which will allow the user to
indicate if the custom external toolchain does or does not have
SSP_STRONG support. Depending on this, the user will be able to use
(or not) the BR2_SSP_STRONG option.
Checking if what the user said is true or not about this is already
done in toolchain/toolchain-external/pkg-toolchain-external.mk:
$$(Q)$$(call check_toolchain_ssp,$$(TOOLCHAIN_EXTERNAL_CC),$(BR2_SSP_OPTION))
If the user selects BR2_SSP_STRONG, this will check if
-fstack-protector-strong is really supported.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This will allow toolchain to indicate if they support
-fstack-protector-strong or not.
Whenever the gcc version is >= 4.9, we always have SSP_STRONG support
if we have SSP support. However, some toolchains older than gcc 4.9
might have backported SSP_STRONG support, which is why we cannot rely
just on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9.
Having this "default" value allows to avoid adding a "select
BR2_TOOLCHAIN_HAS_SSP_STRONG" in the internal toolchain logic plus in
almost external toolchains. But it allows custom external toolchains
that are pre-4.9 to potentially declare that they support strong SSP.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix a check-package error introduce by 6bf74ce3db (package/sdbusplus:
create m4 directory before autoreconf):
package/sdbusplus/sdbusplus.mk:29: expected indent with tabs
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: John Faith <jfaith@impinj.com>
Cc: Michael Walle <michael@walle.cc>
GObject introspection is a middleware layer between C
libraries (using GObject) and language bindings. The C library
can be scanned at compile time and generate a metadata file,
in addition to the actual native C library. Then at runtime,
language bindings can read this metadata and automatically
provide bindings to call into the C library.
There's an XML format called GIR used by GObject-Introspection.
The purpose of it is to provide a standard structure to access the complete
available API that a library or other unit of code exports. It's
language-agnostic using namespaces to separate core, language, or
library-specific functionality.
Cross-compiling gobject-introspection is not an easy task. The main issue is
that in the process of creating the XML files, gobject-introspection must first
run and scan the binary, which, if the binary is cross-compiled, would not
typically be possible from the host system.
Because of this limitation, we use several wrappers to call instead first out
qemu, which runs the native scanner to create the binaries.
There are seven total patches and four different wrapper files needed to
successfully cross-compile and run this package, many of them are from
open-embedded, but one of them is of my own doing.
1) Revert a previous, incomplete attempt at adding cross-compiling support.
2) Add support for cross-compiling with meson.
3) Disable tests.
4) Add an option to use a binary wrapper; this patch will force giscanner to
use a wrapper executable to run binaries it's producing, instead of
attempting to run them from the host.
5) Add an option to use an LDD wrapper, again, useful for cross-compiled
environments.
6) Add a --lib-dirs-envar option to pass to giscanner. (See patch for details.)
7) Add rpath-links to ccompiler: when passing the PACKAGE_GIR_EXTRA_LIBS_PATH
to the ccompiler.py script, ccompiler.py needs to add -Wl,-rpath-link to the
environment for the package to correctly link against the passed on paths.
8) Ignore error return codes from ldd-wrapper because prelink-rtld returns 127
when it can't find a library, which breaks subprocess.check_output().
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- host-prelink-cross has no Kconfig entry
- reorder dependencies for arch deps first
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Many autotools packages call pkg-conf to inquire as to where the following
utilities are:
g_ir_scanner
g_ir_compiler
g_ir_generate
Because gobject uses wrappers to call qemu, prepending the sysroot to the paths
of these compilers is necessary.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Prelink-cross emulates a runtime linker for a given sysroot. This is
necessary to allow gobject-introspection to build its typelib files
during cross-compiling.
We're using a sha1 on the cross_prelink branch, as we need the
RTLD-enabled variant of prelink-cross.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- drop HOST_ prefix for inherited variables
- fix licensing info to "or-later"
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If present, GDB may use a system installed libiberty. As such, we must ensure
that host-libiberty is installed first.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some packages, like prelink-cross, want to use libiberty but do not bundle
their own instance (which is good!).
However, libiberty is made for being bundled in packages: all GNU
packages that use libiberty (gcc, Binutils, gdb, et al...) all have their own
bundled variant. This common practice means that there is no official upstream
for libiberty, the closest being as part of the combined Binutils-gdb tree.
So we introduce a new host-only package, that installs just libiberty from a
Binutils released tarball.
Again, as packages usually bundle libiberty, it usually only installs a static
version. Furthermore, it does not obey the usual --enable-shared and
--disable-static flags; it only ever builds a static version.
Furthermore, -fPIC is not used with this library, but some packages may pick it
to build shared objects. This behavior is the case for host-gdb, for example,
which accidentally picks that library instead of its internal one.
So, rather than fix the various gdb versions and variants we can use, we ensure
that the libiberty we install is usable in shared objects, and we always build
before host-gdb.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- fix DL_SUBDIR for a host-only package
- add licensing info
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a section to the support page for commercial support.
Add Mind, Bootlin and Smile in that section.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The NVD files that are used to build the list of CVEs affecting
Buildroot packages are quite large (a few hundreds MB of json),
and cause the pkg-stats scripts to have a huge memory footprint
(a few GB with Python 2.7).
However, because we only need to iterate on CVE items one by one,
we can process them in streaming (ie decoding one CVE at a time
from the JSON representation). Because the json module from the
python standard library does not support such a mode of operation,
we switch to the third-party package ijson, which is compatible
with both Python 2 and Python3.
To run the script with these modifications, one should install
the ijson python package. This can be done with pip:
`pip install ijson`. On Debian based distributions, this can
also be done with the apt package manager:
`apt install python-ijson`.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d255b67972 fixed the handling of
the a package local m4/ directory which might be missing. But this
only works if it is the very first argument. But for this package this
is not possible because we already occupy this with the extra include
directory for autoconf-archive. Bring back the hook to create the m4/
directory to fix this.
Fixes:
http://autobuild.buildroot.net/results/dc907421a343b8523b14fc9a846e0caf7abe630c/
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Create the staging symlink the same way as the host symlink. This means
using a make dependency rather than recreating it every time.
In coreutils versions below 8.27, re-creation of symbolic links was not
atomic. This means that there is a period in time where the existing link is
removed, before the new one is created. In coreutils 8.27 this was fixed,
see [1]. Note that CentOS 7 ships with coreutils 8.22.
In the following scenario, this is a problem:
- an application is compiled using the sysroot prepared by Buildroot and
links against Xenomai userspace libraries, but its build process is steered
from outside of Buildroot
- to know the correct flags, the application makefile uses the 'xeno-config'
file to request them, and passes DESTDIR=/buildroot/output/staging
- the xeno-config responds with flags based on the path
'/buildroot/output/staging/...'
- while the application build is ongoing, a 'make' happens in Buildroot,
causing the 'staging' symlink to be recreated (even though it already
existed)
- when exactly at this time, the application calls the compiler with -I
flags pointing to output/staging, the build fails with:
-I/buildroot/output/staging/usr/include/xenomai/mercury: Error: ^ is not a directory
-I/buildroot/output/staging/usr/include/xenomai: Error: ^ is not a directory
-I/buildroot/output/staging/usr/include/xenomai/xenomai: Error: ^ is not a directory
-I/buildroot/output/staging/usr/include/xenomai/psos: Error: ^ is not a directory
Failed: ** ^ *
Work around this problem by only creating the staging symlink once, similar
to how the host symlink (if any) is created.
See also commit d0f4f95e39 which changed the
way these symlinks are made. The reasoning in this commit is to move away
from the 'dirs' target.
[1] 376967889e
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It seems like throughout the series that the CVE pkg-stats support
went through, the support for ignoring CVEs in the per-package
<pkg>_IGNORE_CVES variable was forgotten.
Let's re-introduce this, which is now very simple thanks to the CVE
class, its .identifier() propertly and the .is_cve_ignored() method of
the Package class
Cc: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This includes the following changes:
ba952d0 BUG: variable lists not released in close()
690f868 Variables are not removed when loading from file
9e3586a Make sure there's no file descriptor leakage in case of error
03647c4 Check config file defines a non-zero Sector size
3b2d4f1 Check environment size from fw_env.config
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With per-package directory support, Python external modules are
causing a problem: the _sysconfigdata.py module installed by the
Python interpreter contains a number of paths that are relative to the
current package per-package directory, i.e python or python3. For
example:
'BLDSHARED': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-gcc -shared',
'CC': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-gcc',
'CXX': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-g++',
etc.
These paths are problematic, because it means that the wrong compiler
gets used when building external Python modules: instead of using the
compiler from the external Python module per-package host directory,
it uses the one from the 'python' or 'python3' per-package host
directory. Due to this, any native dependency needed by the external
Python module is not found, even though it is properly present in the
current package per-package directory.
Of course, the problem occurs with both target Python modules and host
Python modules.
To fix this, we simply rewrite those paths in _sysconfigdata.py before
building a Python package.
Interestingly, until now, the _sysconfidata.py that was used during
the build was the one from $(TARGET_DIR), which is a bit unusual: it
is more common to use files from $(STAGING_DIR) during the build
process. So this commit changes the PYTHON_PATH and PYTHON3_PATH
variables so that they point to $(STAGING_DIR), which makes the
_sysconfigdata.py fixup in $(STAGING_DIR) effective.
Fixes:
http://autobuild.buildroot.net/results/a24b0555fd4261b50dc3986635c30717d9cbe764/ (python-psycopg2)
http://autobuild.buildroot.net/results/080fa893e1b0e7a8c8a31ac1c98eb8871b97264d/ (python-alsaaudio)
http://autobuild.buildroot.net/results/79bc070f98d6d9d8ef78df12b248cdc7d0e405c3/ (python-lxml)
and many more Python packages that use native code with a native library
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When APR_INCLUDEDIR and APU_INCLUDEDIR point to the same directory,
Apache builds properly. However, with per-package directory support,
they point to different directories, and APU_INCLUDEDIR contains both
the APR headers and the APU headers.
Due to this, the Apache Makefile logic to generate its exports.c file
leads to duplicate definitions, because the APR headers are considered
twice: once from APR_INCLUDEDIR, once from APU_INCLUDEDIR.
We fix this by introducing a patch to the Apache build system.
In addition, apr provides a special libtool script that gets used by
apr-util and apache. apr-util already had a fixup for this, but apache
did not, which was causing the gcc from apr-util per-package
directories be used during the apache build, causing build failures.
To fix this, we adjust this libtool script to point to the correct
tools in apache's per-package directories.
There are no autobuilder failures for this, because Apache needs
apr-util, and apr-util currently fails to build when
BR2_PER_PACKAGE_DIRECTORIES=y.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With per-package directories support enabled, the build of apr-util
fails, for two reasons:
- The rules.mk file is generated by the 'apr' package, and then
copied into the 'apr-util' source directory. This is done by the
'apr-util' build process. Unfortunately, this rules.mk file has a
number of hardcoded paths: to the compiler and to the libtool
script.
Due to this, the compiler from the 'apr' per-package directory gets
used. But this compiler uses the 'apr' package sysroot, which does
not have all the dependencies of the 'apr-util' package, causing
the build to fail because <expat.h> is not found.
- Similarly, the libtool script itself has some hardcoded paths,
which make it use the compiler/linker from the 'apr' per-package
directory, so it does not find the expat library.
We fix both issues by doing the necessary replacement in both rules.mk
and libtool.
Fixes:
http://autobuild.buildroot.net/results/2a67b5d58f79348e20a972125e4797eff5585716/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-20388: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10
allows an xmlSchemaValidateStream memory leak.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues (12.15.0):
- CVE-2019-15606: HTTP header values do not have trailing OWS trimmed
- CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding
header
- CVE-2019-15604: Remotely trigger an assertion on a TLS server with a
malformed certificate string
For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/
On top of this, 12.16.0 brings a number of changes and bugfixes.
Update the license hash for an addition of the (MIT) licensing terms for the
uvwsai module:
+
+- uvwasi, located at deps/uvwasi, is licensed as follows:
+ """
+ MIT License
+
+ Copyright (c) 2019 Colin Ihrig and Contributors
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in all
+ copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+ """
While we are at it, adjust the white space in the .hash function to match
the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 64c42c5e2c removed the hook for
creating the m4local directory with the assumption that it would be
created because the first include is treated in a special way if it
doesn't exists
However, this assumption was wrong as m4local is the second include, the
first one is m4 (which already exists in the archive). So put back the
hook. The other solutions would be to patch:
- Makefile.{am,in} to remove m4local
- configure.ac and Makefile.{am,in} to add m4local before m4
However, both solutions don't seem to be upstreamable
Fixes:
- http://autobuild.buildroot.org/results/e40313c6ec193d6156e26eff62303545fba09413
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The package instrumentation step 'step_pkg_size' is populating the files:
output/build/packages-file-list.txt
output/build/packages-file-list-staging.txt
output/build/packages-file-list-host.txt
by comparing the list of files before and after installation of a package,
with some clever tricks to detect changes to existing files etc.
As an optimization, instead of gathering this list before and after each
package, where the 'after-state' of one package is the same as the
'before-state' of the next package, only the 'after-state' is used and
is shared between packages.
This works fine, except at the end of the build, as explained next.
In the target-finalize step, many files will be touched. For example, files
like /etc/hosts, /etc/os-release, but also all object files that are
stripped, and all files touched by post-build scripts or created by rootfs
overlays. This means that the 'after-state' of the last package does not
reflect the actual situation after target-finalize is run.
For a single complete build this poses no problem. But, if one incrementally
rebuilds a package after the initial build, e.g. with 'make foo-rebuild',
then all changes that happened in target-finalize at the end of the initial
build (the 'after-state' of the last package built) will be detected as
changes caused by the rebuild of package foo. As a result, all these files
will incorrectly be treated as 'owned' by package foo.
Correct this situation by capturing a new state at the end of
target-finalize, so that the 'before-state' of an incremental build will be
correct.
Note: the reasoning above talks about packages-file-list.txt and
target-finalize, but also applies to
packages-file-list-staging.txt/staging-finalize and
packages-file-list-host.txt/host-finalize.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reorder imports using the isort utility to fix a warning from pylint3:
wrong-import-order: standard import "import multiprocessing" should be
placed before "import nose2"
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 12c0f68caf (package/nfs-utils: bump version to 2.4.3) added an
extra empty line, causing check-package to whine:
package/nfs-utils/nfs-utils.mk:27: consecutive empty lines
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current Buildroot defconfigs for qemu_x86 and qemu_x86_64
instantiate a console on tty1, which appears on QEMU's
graphical window. Add a console on the serial port (ttyS0) to
be used later for gitlab testing.
This change is need since the script used for gitlab testing
needs to use a serial output with pexpect.
This change is similar to the one made for raspberrypi [1] to
handle HDMI and serial console:
This requires three changes:
1. have two 'console=' entries in the kernel command line: tty1,
then ttyS0;
2. change BR2_TARGET_GENERIC_GETTY_PORT to "console", so it starts
a getty on the last console= passed to the kernel, ttyS0;
3. add a new getty on tty1 to the generated inittab.
Step 2 is actually obtained by removing BR2_TARGET_GENERIC_GETTY_PORT
entirely from the defconfigs, since "console" is the default value.
Step 3 requires a post-build script since the Buildroot makefiles can
configure only one console.
Note: instead of simply adding a new getty on ttyS0 (which would
work) this patch actually changes BR2_TARGET_GENERIC_GETTY_PORT to
instantiate a console on UART, then adds back tty1 via
post-build.sh. This is done only to avoid the "GENERIC_SERIAL" comment
where we instantiate a console on QEMU graphical window, then
instantiate a really-serial console on another line.
The result is these two inittab lines:
console::respawn:/sbin/getty -L console 0 vt100 # GENERIC_SERIAL
tty1::respawn:/sbin/getty -L tty1 0 vt100 # QEMU graphical window
[1] 20878a1017
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This defconfig was generated by savedefconfig but we usually
use a manually modified defconfig to add some comments for
Kconfig symbols.
No content change intended.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Joel Stanley <joel@jms.id.au>
Acked-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Other changes:
- Update License hash which properly adds the OpenSSL exception.
Tested with Debian 8:
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: SKIPPED
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Other changes:
- Remove upstream patches
- Update COPYING.LIB hash as upstream updated the file to match the new LGPL
2.1 license from upstream. See:
f0d44cc446
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
[Peter: change libssh2 to libssh as pointed out by Vincent Fazio]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to version 2.4.3 of nfs-utils. All patches have been upstreamed, so
drop them all. It now needs rpcgen built by host-nfs-utils, to do this
let's pass its path to --with-rpcgen= instead of 'internal'.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
[Peter: drop AUTORECONF, explicitly depend on host-nfs-utils]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to PEP8 empty sequences should be checked as booleans.
Fixes the following PEP8 warning:
Do not use `len(SEQUENCE)` to determine if a sequence is empty
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit de591c5c3a (package/wireguard-linux-compat: new package) split up
the wireguard package in wireguard-tools and wireguard-linux-compat, but
forgot to update the conditional in linux.mk, so the kernel config fixups
needed for wireguard are no longer applied.
Update the conditional to use the BR2_PACKAGE_WIREGUARD_LINUX_COMPAT symbol
instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-3862: Impact: A malicious website may be able to cause a denial
of service. Description: A denial of service issue was addressed with
improved memory handling.
- CVE-2020-3864: Impact: A DOM object context may not have had a unique
security origin. Description: A logic issue was addressed with improved
validation.
- CVE-2020-3865: Impact: A top-level DOM object context may have incorrectly
been considered secure. Description: A logic issue was addressed with
improved validation.
- CVE-2020-3867: Impact: Processing maliciously crafted web content may lead
to universal cross site scripting. Description: A logic issue was
addressed with improved state management.
- CVE-2020-3868: Impact: Processing maliciously crafted web content may lead
to arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
For more details, see the advisory:
https://wpewebkit.org/security/WSA-2020-0002.html
While we are at it, adjust the white space in the .hash function to match
the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CMakeLists.txt contains a toolchain check:
if (${CMAKE_CXX_COMPILER_ID} STREQUAL "GNU")
if (${CMAKE_CXX_COMPILER_VERSION} VERSION_LESS "7.3.0")
message(FATAL_ERROR "GCC 7.3 or newer is required to build WebKit. Use a newer GCC version or Clang.")
endif ()
endif ()
So bump the toolchain dependency to >= GCC 7. The check is really about >=
7.3.0, but we do not have such detailed version checks. Given that GCC
7.3.0 was released in January 2018 (and 7.1.0 in May 2017), most external
GCC 7.x toolchains probably use >= 7.3.0.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-3862: Impact: A malicious website may be able to cause a denial
of service. Description: A denial of service issue was addressed with
improved memory handling.
- CVE-2020-3864: Impact: A DOM object context may not have had a unique
security origin. Description: A logic issue was addressed with improved
validation.
- CVE-2020-3865: Impact: A top-level DOM object context may have incorrectly
been considered secure. Description: A logic issue was addressed with
improved validation.
- CVE-2020-3867: Impact: Processing maliciously crafted web content may lead
to universal cross site scripting. Description: A logic issue was
addressed with improved state management.
- CVE-2020-3868: Impact: Processing maliciously crafted web content may lead
to arbitrary code execution. Description: Multiple memory corruption
issues were addressed with improved memory handling.
For more details, see the advisory:
https://webkitgtk.org/security/WSA-2020-0002.html
While we are at it, adjust the white space in the .hash function to match
the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CMakeLists.txt contains a toolchain check:
if (${CMAKE_CXX_COMPILER_ID} STREQUAL "GNU")
if (${CMAKE_CXX_COMPILER_VERSION} VERSION_LESS "7.3.0")
message(FATAL_ERROR "GCC 7.3 or newer is required to build WebKit. Use a newer GCC version or Clang.")
endif ()
endif ()
So bump the toolchain dependency to >= GCC 7. The check is really about >=
7.3.0, but we do not have such detailed version checks. Given that GCC
7.3.0 was released in January 2018 (and 7.1.0 in May 2017), most external
GCC 7.x toolchains probably use >= 7.3.0.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Package optional or choice config symbols are usually prefixed with the
package config symbol name. Rename BR2_PACKAGE_CURL to
BR2_PACKAGE_LIBCURL_CURL to conform.
Update references to the old name.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit extends the pkg-stats script to grab information about the
CVEs affecting the Buildroot packages.
To do so, it downloads the NVD database from
https://nvd.nist.gov/vuln/data-feeds in JSON format, and processes the
JSON file to determine which of our packages is affected by which
CVE. The information is then displayed in both the HTML output and the
JSON output of pkg-stats.
To use this feature, you have to pass the new --nvd-path option,
pointing to a writable directory where pkg-stats will store the NVD
database. If the local database is less than 24 hours old, it will not
re-download it. If it is more than 24 hours old, it will re-download
only the files that have really been updated by upstream NVD.
Packages can use the newly introduced <pkg>_IGNORE_CVES variable to
tell pkg-stats that some CVEs should be ignored: it can be because a
patch we have is fixing the CVE, or because the CVE doesn't apply in
our case.
>From an implementation point of view:
- A new class CVE implement most of the required functionalities:
- Downloading the yearly NVD files
- Reading and extracting relevant data from these files
- Matching Packages against a CVE
- The statistics are extended with the total number of CVEs, and the
total number of packages that have at least one CVE pending.
- The HTML output is extended with these new details. There are no
changes to the code generating the JSON output because the existing
code is smart enough to automatically expose the new information.
This development is a collective effort with Titouan Christophe
<titouan.christophe@railnova.eu> and Thomas De Schampheleire
<thomas.de_schampheleire@nokia.com>.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-1720: ALTER ... DEPENDS ON EXTENSION is missing authorization checks
https://www.postgresql.org/about/news/2011/
Update the license hash for a change in copyright years:
-Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group
+Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a memory corruption issue in OSC 49 handling. Notice that this is
only enabled if screen is built with --enable-rxvt_osc, which isn't the case
in Buildroot. From the release notes:
As last fix, fixes potential memory overwrite of quite big size (~768
bytes), and even though I'm not sure about potential exploitability of
that issue, I highly recommend everyone to upgrade as soon as possible.
This issue is present at least since v.4.2.0 (haven't checked earlier).
https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html
Upstream changed the gnu.org URLs to use HTTPS, so adjust
0005-rename-sched_h.patch to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2020-7046: Truncated UTF-8 can be used to DoS submission-login and
lmtp processes
lib-smtp doesn't handle truncated command parameters properly, resulting
in infinite loop taking 100% CPU for the process. This happens for LMTP
(where it doesn't matter so much) and also for submission-login where
unauthenticated users can trigger it.
- CVE-2020-7957: Specially crafted mail can crash snippet generation
Snippet generation crashes if:
- message is large enough that message-parser returns multiple body
blocks
- The first block(s) don't contain the full snippet (e.g. full of
whitespace)
- input ends with '>'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libsigrok has not needed autoreconf since b428801934 (package/libsigrok:
bump version to 0.4.0), 4 years ago now.
As such, we no longer need the autoreconf options, nor the dependency on
the autoconf archive.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Bartosz Golaszewski <brgl@bgdev.pl>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the kernel has CONFIG_SHMEM disabled, /dev is a ramfs (instead of a
tmpfs) and the name_to_handle_at system call is not supported. This
causes eudev's monitor application to exit on startup.
Upstream eudev has added this fix which is not yet part of a release.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2018-14042: In Bootstrap before 4.1.2, XSS is possible in the
data-container property of tooltip.
- Fix an XSS vulnerability (CVE-2019-8331) in our tooltip and popover
plugins by implementing a new HTML sanitizer
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2019-19307: An integer overflow in parse_mqtt in mongoose.c in
Cesanta Mongoose 6.16 allows an attacker to achieve remote DoS
(infinite loop), or possibly cause an out-of-bounds write, by sending
a crafted MQTT protocol packet.
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also install "fileop", another file system benchmarking tool
provided by the iozone package.
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also enabled support for Opus music playback using opusfile library
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On some architectures, atomic binutils are provided by the libatomic
library from gcc. Linking with libatomic is therefore necessary,
otherwise the build fails with:
/home/test/autobuild/run/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/8.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: ../../lib/libOgreMain.so.1.12.0: undefined reference to `__atomic_fetch_add_8'
This is often for example the case on sparc v8 32 bits.
Fixes:
- http://autobuild.buildroot.org/results/3a09e2d1d26b19243244eb7f9235c85488a788d2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the r300 driver was introduced in c5ae77c97 (package/mesa3d: add
support for gallium r300 driver), a last-minute fix was introduced by
Yann, to properly propagate the dependency of a selected symbol.
However, this ended up causing a spurious circular dependency that does
not really exists, but that Kconfig is not smart enough to detect is in
fact OK.
Fixing this is pretty non-obvious, but we have an easy way out: the
dependency is about libdrm's radeon driver requirement for a toolchain
that has the sync4 family of primitives, which is always a given for an
x86 toolchain. As the radeon r300 driver is x86-only, this dependency is
forcefully fulfilled.
So, we drop the propagated dependency, and replace it by a fat comment.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add missing qstrip wrapping to the new
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_TARGETS option.
Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Forcibly disable the JavaScriptCore JIT compilation support
for MIPSr6 processors, which are unsupported.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
exim builds some files during the 'make install' step, and these fail with
an error:
lookups/lf_quote.c:49:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int j = 0; j < vlength; j++)
^
Fix by passing the -std=c99 here, as it is already passed in the build
step.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building with the Sourcery CodeBench ARM 2014.05 the build fails with this
error:
>>> exim_dbmbuild utility built
.../buildroot/output/host/bin/arm-none-linux-gnueabi-gcc -DEXIM_DUMPDB exim_dbutil.c
exim_dbutil.c: In function 'main':
exim_dbutil.c:568:1: error: 'for' loop initial declarations are only allowed in C99 mode
for (uschar * key = dbfn_scan(dbm, TRUE, &cursor);
^
exim_dbutil.c:568:1: note: use option -std=c99 or -std=gnu99 to compile your code
exim_dbutil.c:630:2: error: 'for' loop initial declarations are only allowed in C99 mode
for (int i = 1; i <= wait->count; i++)
^
exim_dbutil.c:642:6: error: 'for' loop initial declarations are only allowed in C99 mode
for (int j = 0; j < MESSAGE_ID_LENGTH; j++)
^
Fix by enforcing C99. This completes commit
2c692e81a8 ("package/exim: fix host build")
to also fix target builds.
Fixes: http://autobuild.buildroot.net/results/6b7e08090f5f0f2627cc3e89b349c2052b6e3116/
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Select BR2_PACKAGE_BLUEZ5_UTILS only if all its reverse dependencies
are selected
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Recent is*_l fix broke uclibc build because removed __isctype_l
definition was used in libc/misc/ctype/ctype.c. Restore it.
Fixes: 8723c5e7a6 ("package/uclibc: fix ctype.h is*_l definitions")
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
[yann.morin.1998@free.fr:
- add new patch, don't fix existing one
- add URL to upstream ML post
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2016-6328: A vulnerability was found in libexif. An integer overflow
when parsing the MNOTE entry data of the input file. This can cause
Denial-of-Service (DoS) and Information Disclosure (disclosing some
critical heap chunk metadata, even other applications' private data).
- CVE-2017-7544: libexif through 0.6.21 is vulnerable to out-of-bounds heap
read vulnerability in exif_data_save_data_entry function in
libexif/exif-data.c caused by improper length computation of the allocated
data of an ExifMnote entry which can cause denial-of-service or possibly
information disclosure.
- CVE-2018-20030: An error when processing the EXIF_IFD_INTEROPERABILITY and
EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to
exhaust available CPU resources.
- CVE-2019-9278: In libexif, there is a possible out of bounds write due to
an integer overflow. This could lead to remote escalation of privilege in
the media content provider with no additional execution privileges needed.
User interaction is needed for exploitation.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Backport patch from upstream to fix build failures such as:
In file included from /home/buildroot/autobuild/instance-0/output-1/build/gnuradio-3.8.0.0/gr-digital/lib/glfsr.cc:23:
/home/buildroot/autobuild/instance-0/output-1/build/gnuradio-3.8.0.0/gr-digital/lib/../include/gnuradio/digital/glfsr.h:42:5: error: 'uint32_t' does not name a type; did you mean 'u_int32_t'?
uint32_t d_shift_register;
^~~~~~~~
u_int32_t
Since Gnuradio policy is Less boost == better and C++11 is used, use cstdint
instead of boost/cstdint.hpp.
Applied in gnuradio master (475e4a156b516c089175afb998acdc80b740b437)
fix:
- http://autobuild.buildroot.net/results/14015f499e58fee530877ac052878bbe2f799942/
- http://autobuild.buildroot.net/results/53239f98dd5e03d4dc1bb4eb91ed765f77dbf0ec/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[yann.morin.1998@free.fr:
- add upstream reference in the patch itself
- minor eye-candy in commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: also guard comment with x86 dependency]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
iris is inherently an x86-only driver, and it hard codes gcc options
specific to x86m like -msse2, causing build breakage on other
architectures.
iris also does not use kmsro, but the select was accidentally added when
iris was introduced.
Fix both by adding the missing dependency to x86, and by removing the
select to kmsro.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- ad dependency to x86
- reword commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
These updated patches fix the same issues but are backported from upstream
commits instead of pull requests.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Gstreamer 0.10 has been deprecated upstream since 2012 and is missing a lot
of features and (security) fixes compared to gstreamer1, so remove it.
All gstreamer-0.10 sub packages depends on gstreamer, so we only need to add
a legacy entry for that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for installing
binaries using gstreamer 0.10.x in nvidia-tegra23-binaries must go as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building freerdp
with support for it must go as well.
As there is now a single option for gstreamer (1.x) support, convert the
gstreamer support choice to a normal option for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building opencv3
with support for it must go as well.
As there is now a single option for gstreamer (1.x) support, convert the
gstreamer support choice to a normal option for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building opencv
with support for it must go as well.
As there is now a single option for gstreamer (1.x) support, convert the
gstreamer support choice to a normal option for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Libplayer is dead upstream. The mercurial repo is no longer online, it
hasn't seen any releases since 2010 and the mplayer backend was removed from
Buildroot in 2018.
With the upcoming removal of gstreamer 0.10, there is no longer any backends
available in Buildroot, so remove the package.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building
qt5multimeda with support for it must go as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building
libnice with support for it must go as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building
gupnp-dlna with support for it must go as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the upcoming removal of gstreamer 0.10, the logic for building
classpath with support for it must go as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Most, but not all our C code follows the Linux kernel code style (as
documented in Documentation/process/coding-style.rst). Adjust the few
places doing differently:
- Braces:
..but the preferred way, as shown to us by the prophets Kernighan
and Ritchie, is to put the opening brace last on the line
- Spaces after keywords:
Use a space after (most) keywords
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When Buildroot is released, it knows up to a certain kernel header
version, and no later. However, it is possible that an external
toolchain will be used, that uses headers newer than the latest version
Buildroot knows about.
This may also happen when testing a development, an rc-class, or a newly
released kernel, either in an external toolchain, or with an internal
toolchain with custom headers (same-as-kernel, custom version, custom
git, custom tarball).
In the current state, Buildroot would refuse to use such toolchains,
because the test is for strict equality.
We'd like to make that situation possible, but we also want the user not
to be lenient at the same time, and select the right headers version
when it is known.
So, we add a new Kconfig blind option that the latest kernel headers
version selects. This options is then used to decide whether we do a
strict or loose check of the kernel headers.
Suggested-by: Aaron Sierra <asierra@xes-inc.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[yann.morin.1998@free.fr:
- only do a loose check for the latest version
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The default inittab files added by busybox and sysvinit runs 'swapon -a'
during init and 'swapoff -a' during shutdown, but those programs are not
guaranteed to be available, so the boot log may become polluted by error
messages like this:
swapon: not found
Add a target-finalize hook to skeleton-init-sysv that enables or disables
the swapon/swapoff lines in /etc/inittab, depending on the existence of
$(TARGET_DIR)/sbin/swap{on,off}.
Based on a previous patch sent by Thomas De Schampheleire.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
After d255b67972 (autotools: do not overwrite first include path), the
ordering of include paths has changed: the system directories are
specified with explicit options passed to autoreconf, which means that
any directory specified in the package _AUTORECONF_OPTS are no longer
first:
- in package/autoconf/autoconf.mk, we define AUTORECONF as:
AUTOCONF = $(HOST_DIR)/bin/autoconf -I "$(ACLOCAL_DIR)" -I "$(ACLOCAL_HOST_DIR)"
- in package/pkg-autotools.mk, we call AUTORECONF with:
$($(PKG)_AUTORECONF_ENV) $(AUTORECONF) $($(PKG)_AUTORECONF_OPTS)
So, the include directory specified by SDL_MIXER_AUTORECONF_OPTS is now
lagging behind the system headers, and the very issue that d255b67972
was suposed to fix in a generic way, pops up back for this specific
case.
We fix that by patching sdl_mixer so that it uses the bog-down standard
mechanisms, to specify the macro directory from within configure.in,
instead of specifying it on the command line, so that the magic
introduced by d255b67972 does happen.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The glibc package has been updating the toolchain version
dependency since 2.28.x. The dependencies don't currently
apply to the localedef build of the package, so this
patchset relaxes the restriction such that builds can still
occur on older host machines.
The current supported minimum versions after this patch
is applied are:
GCC 4.8
Binutils 2.24
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
an internal API change introduced by version 3.3.0 causes the following failure:
```
Error: LuaRocks 3.3.1 bug (please report at https://github.com/luarocks/luarocks/issues).
Arch.: linux-x86_64
.../user/build/qarm/host/share/lua/5.3/luarocks/queries.lua:55: assertion failed!
stack traceback:
[C]: in function 'assert'
.../user/build/qarm/host/share/lua/5.3/luarocks/queries.lua:55: in function 'luarocks.queries.new'
...m/host/share/lua/5.3/luarocks/cmd/external/buildroot.lua:322: in function 'luarocks.cmd.external.buildroot.command'
(...tail calls...)
[C]: in function 'xpcall'
/home/user/build/qarm/host/share/lua/5.3/luarocks/cmd.lua:620: in function 'luarocks.cmd.run_command'
/home/user/build/qarm/host/bin/luarocks:38: in main chunk
[C]: in ?
```
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches already applied upstream and, consequently, AUTORECONF.
util-linux 2.35.1 Release Notes
===============================
build-sys:
- add --disable-hwclock-gplv3 [Karel Zak]
chrt:
- Use sched_setscheduler system call directly [jonnyh64]
lib/randutils:
- use explicit data types for bit ops [Karel Zak]
libfdisk:
- fix __copy_partition() [Karel Zak]
- make sure we use NULL after free [Karel Zak]
libmount:
- fix x- options use for non-root users [Karel Zak]
po:
- update uk.po (from translationproject.org) [Yuri Chornoivan]
sfdisk:
- make sure we do not overlap on --move [Karel Zak]
- remove broken step alignment for --move [Karel Zak]
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If the host cmake is 3.10, the configuration step produces
the following error:
CMake Error at CMakeLists.txt:87 (target_link_libraries):
Target "libninja" of type OBJECT_LIBRARY may not be linked into another
target. One may link only to STATIC or SHARED libraries, or to executables
with the ENABLE_EXPORTS property set.
This patch fixes CMakeLists.txt to use the object library as it was intended
in cmake 3.10.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12546
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Damian Tometzki <dti@familie-tometzki.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop libmnl dependency. From the announcement:
* netlink: remove libmnl requirement
We no longer require libmnl. It turns out that inlining the small subset of
libmnl that we actually use results in a smaller binary than the overhead of
linking to the external library.
pkg-config is still used for the systemd support though, so move the
host-pkgconf dependency there.
For more details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2020-February/004963.html
While we are at it, adjust the white space in the .hash file to match the
new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstreamed patch that reorders find_package() commands.
This way Python interpreter will be detected first and based on
it the Python libraries can be found.
Fixes the following CMake error:
Could NOT find PythonLibs (missing: PYTHON_LIBRARIES PYTHON_INCLUDE_DIRS)
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2020-3123: A vulnerability in the Data-Loss-Prevention (DLP)
module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0
could allow an unauthenticated, remote attacker to cause a denial of service
condition on an affected device. The vulnerability is due to an
out-of-bounds read affecting users that have enabled the optional DLP
feature. An attacker could exploit this vulnerability by sending a crafted
email file to an affected device. An exploit could allow the attacker to
cause the ClamAV scanning process crash, resulting in a denial of service
condition.
Release notes:
https://lists.clamav.net/pipermail/clamav-announce/2020/000045.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can only know the details of the license files for known versions. For
custom, older or newer versions, the license files may change, or may be
moved around.
So, do for optee-os as was done for other packages in the recent past,
and only define the list of license files for the latest version.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can only know the details of the license files for known versions. For
custom, older or newer versions, the license files may change, or may be
moved around.
So, do for at91bootstrap3 as was done for other packages in the recent
past, and only define the list of license files for the latest version.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can only know the details of the license files for known versions. For
custom, older or newer versions, the license files may change, or may be
moved around.
So, do for Barebox as was done for ATF, linux, and linux-headers, and
only define the list of license files for the latest version.
Add the hash for that license file, and align hashes to the new spacing
convention.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can only know the details of the license files for known versions. For
custom, older or newer versions, the license files may change, or may be
moved around.
So, do for U-Boot as was done for ATF, linux, and linux-headers, and only
define the list of license files for the latest version.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Like we did for the linux kernel, change linux-headers to only check the
license hashes for the latest known version as the content of COPYING has
changed between versions.
To simplify the test, we introduce an intermediate, blind option that get
selected when the latest kernel sources are used.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The content of COPYING changed between v4.16 and v4.17. Since kernels
before and after the change are supported, storing the hash for this
file will cause an error during "make legal-info" when a kernel with the
respective other hash is being used.
So, for the kernel, we do like we did for ATF: the license file is only
listed for the latest version.
In the process, add the missing license files referenced from COPYING
and align the fields to the new spacing convention.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr:
- only list the licenses files for the latest version
- restore the hash for COPYING
- introduce hashes for the two new license files
- expand commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
GLSL Sandbox standalone player allow one to run and render
(most of) nice shaders available online on the
http://glslsandbox.com/ website, but without the need of an
Internet connection, a web browser or any of its
dependencies. Instead, the only requirement of
glslsandbox-player is a working EGL and GLESv2 libraries.
This package is useful for stressing and testing GLES shader
compiler in GPU drivers.
https://github.com/jolivain/glslsandbox-player
Signed-off-by: Julien Olivain <juju@cotds.org>
[Arnout: add dependency on threads and make BUSYBOX_SHOW_OTHERS
conditional]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This fixes CVE-2020-7044:
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash.
This was addressed in epan/dissectors/packet-wassp.c by using
>= and <= to resolve off-by-one errors.
Also change the hash file to the new spacing convention introduced
by Yann E. Morin.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes CVE-2019-5188:
A code execution vulnerability exists in the directory rehashing
functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4
directory can cause an out-of-bounds write on the stack, resulting
in code execution. An attacker can corrupt a partition to trigger
this vulnerability.
Also change the hash file to the new spacing convention introduced
by Yann E. Morin.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Xen was bumped from 4.12 to 4.13 in commit
268e5689b5, but the license file hash
was not updated. However, the license file has changed, with a new
paragraph about the Sphinx documentation being licensed under CC-BY
4.0 was added. Update the SHA to match the new license.
Take this opportunity to re-align the hashes.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The seperation of the fields in the hash file should be 2 spaces for
consitency
Update the manual accordingly.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- drop the notes part, reword the first hunk
- update the examples
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This makes slight modifications to the waf build definition files
that make possible to compile norm with Waf running on Python3.
This has been tested on my experimental Python3 waf-package
infrastructure, and still works with the actual Py2 setup.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The original download server (downloads.pf.itd.nrl.navy.mil)
is quite unreliable, which lead to the download being very slow
or even failing. Since the project is now hosted on Github, we
switch to that site, which makes the download tractable.
Update the hash, and use the opportunity to realign fields to the new
spacing convention.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[yann.morin.1998@free.fr: spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit a17402e42d has conditionally
enabled NEON and VFPv3 optimizations. However, the VFPv3 logic is
causing issues on some targets such as Cortex-A5 with VFPv4-D16 but
not VFPv4.
Since the ENABLE_VFPV3=ON option only adds CFLAGS, we can always set
it to OFF, and let Buildroot pass appropriate CFLAGS.
However, the ENABLE_NEON option also adds the build of NEON-specific
code, so we keep this logic.
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=11996
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2018-10754: In ncurses before 6.1.20180414, there is a NULL Pointer
Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It
could lead to a remote denial of service if the terminfo library code is
used to process untrusted terminfo data in which a use-name is invalid
syntax (REJECTED).
- CVE-2018-19211: In ncurses 6.1, there is a NULL pointer dereference at
function _nc_parse_entry in parse_entry.c that will lead to a denial of
service attack. The product proceeds to the dereference code path even
after a "dubious character `*' in name or alias field" detection.
- CVE-2018-19217: In ncurses, possibly a 6.x version, there is a NULL
pointer dereference at the function _nc_name_match that will lead to a
denial of service attack. NOTE: the original report stated version 6.1,
but the issue did not reproduce for that version according to the
maintainer or a reliable third-party.
- CVE-2019-17594: There is a heap-based buffer over-read in the
_nc_find_entry function in tinfo/comp_hash.c in the terminfo library in
ncurses before 6.1-20191012.
- CVE-2019-17595: There is a heap-based buffer over-read in the fmt_entry
function in tinfo/comp_hash.c in the terminfo library in ncurses before
6.1-20191012.
Ncurses upstream uses a fairly special way of releasing (security) bugfixes.
Approximately once a week an incremental .patch.gz is released, and once in
a while these incremental patches are bundled up to a bigger patch relative
to the current release in .patch.sh.bz2 format (a bzip2 compressed patch
with a small shell script prepended, luckily apply-patches can handle that),
and the relative patch files deleted.
For details of this process, see the upstream FAQ:
https://invisible-island.net/ncurses/ncurses.faq.html#applying_patches
Apply the latest .patch.sh.bz2 and incremental patches up to 20200118 to fix
a number of (security) issues. Notice that these patch files are NOT
available on the GNU mirrors.
The license file COPYING is updated with the new Copyright year (2019 ->
2020), so update the hash accordingly.
While we are at it, adjust the white space in the .hash file to match
sha256sum output for consistency.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[fix whitespace inconsistency after 'sha256' keyword]
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[yann.morin.1998@free.fr: fix license hash for (C) year]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
meson is able to distinguish between host (= native) and target (=
cross) compilation. It will explicitly pass different options to
pkg-config to distinguish them. Therefore, we don't need to use the
pkg-config wrapper when using meson, and can instead pass the pkg-config
settings through the cross-compilation.conf.
This is important because in some situations (e.g. for the Python
configuration), meson sets the PKG_CONFIG_LIBDIR variable to a different
value before calling pkg-config. Relying on our wrapper script doesn't
work in that case (except if the script would unconditionally set
PKG_CONFIG_LIBDIR, which it doesn't do at the moment).
Add the sys_root and pkg_config_lib settings to cross-compilation.conf
and use pkgconf directly instead of the wrapper.
Note that this requires us to substitute STAGING_DIR as well, with an
absolute path. This is not a big deal since cross-compilation.conf is
regenerated for every package.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To allow meson to distinguish between pkg-config for host (= native)
and pkg-config for target (= cross), we want to be able to give a
different pkg_config_libdir for host and for target. meson already has a
'sys_root' option that sets the sysroot that is used by pkg-config, but
we also need explicit search directories for pkg-config.
Therefore, back-port an upstream patch (will be included in 0.54) that
adds this feature.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
pkg-meson defines variables _MESON_SED_CFLAGS, _MESON_SED_LDFLAGS and
_MESON_SED_CXXFLAGS that reformat the make-style flags (space-separated
and unquoted) as meson-style flags (comma-separated and double-quoted).
Similar variables are also defined in meson.mk. A future patch will add
even more similar cases.
However, we already have a macro that does something similar for
generating JSON output: make-comma-list. So let's use that. However,
make-comma-list doesn't add all the shell-expanded magic like
_MESON_SED_CFLAGS, which results in the double quotes being removed by
the shell. Therefore, we also need to change the quoting around it to
single quotes instead of double quotes. For consistency, the quotes of
the other sed expressions are changed as well. Except for the
_MESON_EXTRA_BINARIES: the values set by packages (e.g. mesa3d) already
contain single quotes, so changing the surrounding double quotes to
single quotes would break them.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[yann.morin.1998@free.fr: slight fix in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This makes libimxvpuapi use the Waf package ditributed in Buildroot,
instead of its own one, as the latter does not support Python3.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This makes gst1-imx use the Waf package ditributed in Buildroot,
instead of its own one, as the latter does not support Python3.
Also backport a patch from upstream that tweaks the wscript,
such as to make it run on Waf >=2.0.12
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Google also sponsored the meeting location for the developer days after
FOSDEM 2020.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new text is unfortunately too long to fit in the box, so bump the
height to 400px for the top row.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The gstreamer1 opengl plugin was moved from gst1-plugins-bad to
gst1-plugins-base so we need to update webkitgtk to depend on the
correct package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This release hasn't been published to pypi, so we switch to the Github
release archive instead. This new version is Python 3.x compatible.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The default inittab files added by busybox and sysvinit run 'swapon -a'
during init and 'swapoff -a' during shutdown.
But, the swapon/swapoff programs are not guaranteed to be
available. For the busybox versions, it is steered by
CONFIG_SWAPON/CONFIG_SWAPOFF. For the util-linux versions, it is steered by
BR2_PACKAGE_UTIL_LINUX_BINARIES.
In a case where swapon/swapoff is not available but the inittab tries to
execute them, the boot log would be polluted by error messages like:
swapon: not found
Avoid this by commenting out the swapon/swapoff lines if the swapon/swapoff
binaries are not available.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[Peter: test with -x]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version brings Python 3.x support, so we make the package
available with Python 3.x. Also, iniparse now requires six, which has
been detected thanks to the runtime tests.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[Thomas: drop depends on python || python3]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The issue fixed by 0003-Link-with-LDLIBS-instead-of-LIBS-for-DED.patch (ERL-529)
has been fixed since OTP20.3 (a5cbcbdb85) and is no longer required.
OTP provides wrapper scripts (otp_build and configure) which perform tasks
previously handled directly by autotools i.e. autoreconf.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
[Thomas:
- drop the save_bootstrap step, which is not needed
- properly run the autoconf step for both the host and target
variants]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2019-19921: runc volume mount race condition with shared mounts
- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
19.03.2-ce and other products, allows AppArmor restriction bypass because
libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
malicious Docker image can mount over a /proc directory.
For details, see the announcement:
https://github.com/containerd/containerd/releases/tag/v1.2.12
containerd is now a separate CNCF sponsored project, and is no longer
explicitly associated with docker/moby.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-9755: An integer underflow issue exists in ntfs-3g 2017.3.23.
A local attacker could potentially exploit this by running /bin/ntfs-3g with
specially crafted arguments from a specially crafted directory to cause a
heap buffer overflow, resulting in a crash or the ability to execute
arbitrary code. In installations where /bin/ntfs-3g is a setuid-root
binary, this could lead to a local escalation of privileges.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2020-7595: xmlStringLenDecodeEntities in parser.c in libxml2
2.9.10 has an infinite loop in a certain end-of-file situation.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerabilities:
- CVE-2014-9638: oggenc in vorbis-tools 1.4.0 allows remote attackers to
cause a denial of service (divide-by-zero error and crash) via a WAV file
with the number of channels set to zero.
- CVE-2014-9639: Integer overflow in oggenc in vorbis-tools 1.4.0 allows
remote attackers to cause a denial of service (crash) via a crafted number
of channels in a WAV file, which triggers an out-of-bounds memory access.
- CVE-2014-9640: oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote
attackers to cause a denial of service (out-of-bounds read) via a crafted
raw file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In gcc 5.1.0, a change was introduced which causes internal search paths
inside the sysroot to be relative to 'lib64' rather than 'lib'. See [1] [2]
and [3].
For example for dtc:
LD convert-dtsv0
/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/bin/ld: cannot find crt1.o: No such file or directory
/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/bin/ld: cannot find crti.o: No such file or directory
collect2: error: ld returned 1 exit status
make[1]: *** [Makefile:236: convert-dtsv0] Error 1
make[1]: *** Waiting for unfinished jobs....
make[1]: Leaving directory '/opt/buildroot/output/build/dtc-1.4.7'
make: *** [package/pkg-generic.mk:241: /opt/buildroot/output/build/dtc-1.4.7/.stamp_built] Error 2
In this case, crt1.o was searched for in following locations:
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/n32/octeon3/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/n32/octeon3/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/lib/mips64-octeon-linux-gnu/7.3.0/n32/octeon3/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/lib/../lib32-fp/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/lib64/mips64-octeon-linux-gnu/7.3.0/n32/octeon3/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/lib64/../lib32-fp/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/usr/lib64/mips64-octeon-linux-gnu/7.3.0/n32/octeon3/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/usr/lib64/../lib32-fp/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/lib/mips64-octeon-linux-gnu/7.3.0/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/mips64-octeon-linux-gnu/7.3.0/../../../../mips64-octeon-linux-gnu/lib/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/lib64/mips64-octeon-linux-gnu/7.3.0/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/lib64/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/usr/lib64/mips64-octeon-linux-gnu/7.3.0/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
16073 access("/opt/buildroot/output/host/mips64-buildroot-linux-gnu/sysroot/usr/lib64/crt1.o", R_OK) = -1 ENOENT (No such file or directory)
As can be seen above, all attempted paths contain 'lib64' as base,
instead of 'lib' or 'lib32', e.g.
.../sysroot/lib64/../lib32-fp/crt1.o
.../sysroot/lib64/crt1.o
This problem was detected on a gcc 7.x toolchain provided by Marvell as part
of their Octeon SDK. For this toolchain, here are the values of the paths
as detected by the Buildroot toolchain logic, for two different Octeon
processors:
- octeon2 (soft-float) (-mabi=n32 -march=octeon2):
SYSROOT_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/sys-root/;
ARCH_SYSROOT_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/sys-root/;
ARCH_SUBDIR=;
ARCH_LIB_DIR=lib32/octeon2;
SUPPORT_LIB_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/lib32/octeon2/
- octeon3 (hard-float) (-mabi=n32 -march=octeon3):
SYSROOT_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/sys-root/;
ARCH_SYSROOT_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/sys-root/;
ARCH_SUBDIR=;
ARCH_LIB_DIR=lib32-fp;
SUPPORT_LIB_DIR=/opt/buildroot/output/host/opt/ext-toolchain/mips64-octeon-linux-gnu/lib32-fp/
For both cases (MIPS64n32) Buildroot created a symlink 'lib32->lib', from
SYSTEM_LIB_SYMLINK in system/system.mk. Additionally, the function
create_lib_symlinks in
toolchain/toolchain-external/pkg-toolchain-external.mk will use ARCH_LIB_DIR
and create an additional link $(ARCH_LIB_DIR)->lib.
For the Octeon3 case this thus results in the following symlinks (where the
'lib32' one is normally not needed):
lib32 -> lib/
lib32-fp -> lib/
Since the toolchain is searching based on a 'lib64' component, it will fail
to find its internal paths.
To solve the problem, we need to create an additional symlink 'lib64':
lib64 -> lib/
[1] 257ccd463a
[2] https://gcc.gnu.org/ml/gcc-patches/2014-10/msg03377.html
[3] https://gcc.gnu.org/ml/gcc-patches/2014-11/msg00539.html
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Make the package available on AArch64 now that it is supported, and
add hashes for the license files.
Signed-off-by: Refik Tuzakli <tuzakli.refik@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop both patches (already in version)
- Add libgcrypt optional dependency (added in version 4.15.1 with
037106ecc8)
- Add openmp support (added in version 4.15.1 with
464d21dc8c)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/d9a/d9a84b642357f758c3f84270fb9a109abd7e2684/
configure.ac contains a test using $ax_cv_check_cl_libcl:
if test "$build_modules" != 'no' || test "X$ax_cv_check_cl_libcl" != Xno; then
AC_MSG_RESULT([-------------------------------------------------------------])
AC_MSG_CHECKING([for libltdl])
But ax_cv_check_cl_libcl is only assigned a value (yes/no) if
--disable-opencl is NOT passed, as the assignment logic is inside a
conditional:
AC_ARG_ENABLE([opencl],
[AC_HELP_STRING([--disable-opencl],
[do not use OpenCL])],
[disable_opencl=$enableval],
[disable_opencl='yes'])
if test "$disable_opencl" = 'yes'; then
..
AC_CACHE_CHECK([for OpenCL library], [ax_cv_check_cl_libcl],
So configure errors out if --disable-opencl is passed on setups where
libltdl isn't available:
checking if libltdl package is complete... no
configure: error: in `/home/naourr/work/instance-0/output-1/build/imagemagick-7.0.8-59':
configure: error: libltdl is required for modules and OpenCL builds
As a workaround, explictly set ax_cv_check_cl_libcl=no to skip this
conditional.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since alsa-lib version 1.1.7 [1] the location for add-on config files
has changed.
In fact, the path for the alsa add-on config files has never been
correct set in the package (it should have been
`/usr/share/alsa/alsa.conf.d`).
With alsa-lib version 1.1.7 or later the correct path is
`/etc/alsa/conf.d`.
[1] 93e03bdc2a
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://mariadb.com/kb/en/library/mariadb-10322-release-notes/
Changelog:
https://mariadb.com/kb/en/library/mariadb-10322-changelog/
Fixes the following security vulnerability (10.3.22):
CVE-2020-2574 - Vulnerability in the MySQL Client product of Oracle MySQL
(component: C API). Supported versions that are affected are 5.6.46 and
prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit
vulnerability allows unauthenticated attacker with network access via
multiple protocols to compromise MySQL Client. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Client.
Fixes the following security vulnerabilities (10.3.19):
CVE-2019-2974 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: Server: Optimizer). Supported versions that are affected are
5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server.
CVE-2019-2938 - Vulnerability in the MySQL Server product of Oracle MySQL
(component: InnoDB). Supported versions that are affected are 5.7.27 and
prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high
privileged attacker with network access via multiple protocols to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Patch 0002-fix-build-error-with-newer-cmake.patch has been removed as it
has been applied upstream.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Support for v3d was added in mainline 4.18, and requires a few options
to be set in the kernel, so we list that in the help text.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: tweak the help text]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Remove the old gcc 5.5 fork for or1k architecture
that start to fail to build with recent version
of Binutils >= 2.32 with the following error:
host-gcc-final-or1k-musl-5.4.0-20170218/build/./gcc/crtbeginS.o: addend should be zero for plt relocations
host/or1k-buildroot-linux-uclibc/bin/ld: final link failed: bad value
https://gitlab.com/kubu93/buildroot/-/jobs/391938988
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to meson buildsystem and so drop:
- !BR2_BINFMT_FLAT dependency
- hooks (not needed thanks to orc-test and tools options)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Data validation and settings management using python 3.6
type hinting.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since systemd/udev version 243, there's a new message printed if unsupported
OPTIONS value is used:
Invalid value for OPTIONS key, ignoring: 'event_timeout=180'
Add a patch to drop this invalid value.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The aclocal program is provided by the automake package, so it makes
sense to define aclocal-related variables in automake.mk.
Add an exception to check-package to ignore that variable.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
egrep/fgrep are wrapper scripts, calling the grep binary with the correct
arguments.
The shell wrappers use the value of SHELL at build time as the shebang value
in these wrapper scripts, which in Buildroot points to /bin/bash.
The target may not have bash available, causing runtime errors.
As a fix, add a post-install hook to change this to /bin/sh.
If the target does not have /bin/sh, simply remove the aliases.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the grep package is selected, it should be installed at the same exact
location where busybox installs it too, this way the grep/egrep/fgrep
executables will end up overwriting the busybox provided ones.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We currently install the default database by passing --user=mysql to the
install script. With the upcoming bump to the 10.4 series, this does not
work as intended. An error occurs because of missing PAM modules. We work
around this now by creating the default db as root and calling chown to
change the files to user mysql.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default, mariadb creates logging files under the data directory.
This patch updates the startup scripts to log under /var/log/mysql.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For consistency with the to-be-added MYSQL_LOGFILE variable.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In order to check if the initial database needs created, the startup
script calls ls -1 $MYSQL_LIB | wc -l to check the number of files in
the directory. If the directory does not exist, an error is printed.
We fix this by redirecting stderr to /dev/null for the ls call.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We already remove mysql_config from the target since it's only useful in
staging. The same is true for mariadb_config. Thus, we remove it from the
target as well.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mysql_install_db is currently called in the systemd unit without
--user=mysql that the sysv script uses. This will generate the initial
database files with root permissions. However, mysqld runs as user mysql
so this will cause problems. We fix this by calling chown instead of
passing the user parameter because an upcoming version bump will fail when
ran this way.
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
autoconf.mk defines AUTOCONF and AUTOHEADER variables, use them in packages
using autoconf.
This is a refactoring which shouldn't impact the final behavior.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we do not override the automagic handling of include
directories witbh aclocal, the missing m4 directories will be
automatically created by aclocal itself.
So we can drop of hooks.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: slight rewording in the commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The first include path is special in aclocal. For example it is the path
for the --install option. Also, the first include is treated in a
special way if it doesn't exists. This might be the case if there is the
following construct:
configure.ac: AC_CONFIG_MACRO_DIR([m4])
Makefile.am: ACLOCAL_AMFLAGS="-I m4"
If the package doesn't have local macros, the m4/ directory might not
exist. aclocal will then just issue a warning instead of aborting the
execution with a fatal error. See discussion here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=565663
Don't use the "-I" option in aclocal. Instead use ACLOCAL_PATH to pass
the system-wide include dirs.
As a side effect this should fix the use of $(ACLOCAL) alone. Up until
now, $(ACLOCAL) didn't include the ACLOCAL_HOST_DIR system include path.
autoreconf will pass the "-I" options to every tool it runs, of which
aclocal, which, as seen above, we don't want. So move the argument down
to each individual tool, except for aclocal.
Signed-off-by: Michael Walle <michael@walle.cc>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: slight rewording of the commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python was listed in jack2 dependencies, but is actually
not needed. Also tested with an experimental python3 based
Waf package infrastructure, so we can exclude that jack2
"accidentally" uses the host-python2 pulled in by Waf.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Be more specific for the hash source URL and change from
summary page (.mirrorlist) to direct sha256 download page
(.sha256).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Be more specific for the hash source URL and change from
summary page (.mirrorlist) to direct sha256 download page
(.sha256).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove the upstreamed patch and change the license information, as the
GPL-2.0+ files have been relicensed as GPL-2.0 since
59f92965b9
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Peter: clarify licensing change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package provides an OpenVPN plugin for network manager.
Signed-off-by: Alex Michel <alex.michel@wiedemann-group.com>
[Peter: add Config.in, DEVELOPERS entry]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump to the latest version of Xen and remove the no longer required
patch.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By using the interface in the filename for the networkd config file,
we have a clear association between the config file and the interface
it applies to.
This is beneficical for systems that have multiple interfaces.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since 2019/08/09 a new version of gnuradio is available.
This patch bump to this version with some modifications:
- suppress the applied patch 0001-socket_pdu_impl.cc-fix-build-with-boost-1.70.0.patch
- backport patch to have boost unit_test_framework optional instead of mandatory:
https://github.com/gnuradio/gnuradio/pull/2927
- backport patch to fix neon version detection:
https://github.com/gnuradio/volk/pull/319
- add boost atomic (used by pmt), log4cpp (now mandatory) and gmp as dependencies
- suppress the no more available BR2_PACKAGE_GNURADIO_LOG, since log4cpp is mandatory. Since this
option is now always true no need to add an entry in legacy.
- suppress all workaround for neon. Now volk is able to detect correctly neon
version.
- add explictly path to python interpreter
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Gnuradio 3.8 has made some API changes. The current gr-osmosdr release
does not support these changes, so move to a more recent gr-osmosdr
commit, which has Gnuradio 3.8 support.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BlueZ 4.x is deprecated since a long time (BlueZ 5.x has been released
in 2012) so drop it.
For cwiid, sconeserver and ussp-push, replace bluez_utils by
bluez5_utils. All other packages already support bluez5_utils so just
drop bluez_utils.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to the latest version of the PRU software support.
Formatting for the license file has been updated compared with the
previous package version 5.1.0 but the licenses used appear the same.
Signed-off-by: Ash Charles <ashcharles@gmail.com>
[yann.morin.1998@free.fr: fold the license hash patch into this patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The RocksDB library provides a persistent key value store. Keys and
values are arbitrary byte arrays. The keys are ordered within the key
value store according to a user-specified comparator function.
The library is maintained by the Facebook Database Engineering Team, and
is based on LevelDB, by Sanjay Ghemawat and Jeff Dean at Google.
http://rocksdb.org
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting with 2020.01, uboot started using the 'undefine' make
directive, which was only introduced with make 4.0.
In the general case, we do not have a way to know if the uboot
selected by the user is older or later than 2020.01, so we have
no way to know before hand if make >= 4.0 is needed or not. As
such, we have no other option than to always require it.
So, use the existing $(BR2_MAKE_HOST_DEPENDENCY) and $(BR2_MAKE),
both of each will ensure that we do use a make that is at least 4.0.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fail2ban needs python-systemd for its systemd backend to
be able to read logs from systemd/journald
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The fail2ban codebase is still native python2, but 2to3 is supported
upstream.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
[Peter: ensure host-python3 is available]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Quoting https://www.gnu.org/software/libiconv/
"When configured with the option --enable-extra-encodings, it also
provides support for a few extra encodings:
European languages
CP{437,737,775,852,853,855,857,858,860,861,863,865,869,1125}
Semitic languages
CP864
Japanese
EUC-JISX0213, Shift_JISX0213, ISO-2022-JP-3
Chinese
BIG5-2003 (experimental)
Turkmen
TDS565
Platform specifics
ATARIST, RISCOS-LATIN1"
Updating Kodi from version 17.6 to 18.5 caused runtime errors on systems
with locale support disabled, here Kodi uses libiconv but needs CP437:
ERROR: customConvert: iconv_open() for "CP437" -> "UTF-8" failed,
errno = 22 (Invalid argument)
Due to the size increase of libiconv.so.2.6.0 from 941K to 1,1M a new
Config.in option was added.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: fix check-package warning]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adjust license hash as the copyright year was changed:
-Copyright (C) 1997-2018 Sam Lantinga <slouken@libsdl.org>
+Copyright (C) 1997-2019 Sam Lantinga <slouken@libsdl.org>
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The autotools build system is deprecated and replaced with meson for weston.
We need to enable pango when building demo clients since it is required
by meson.
The dbus option in autotools is replaced with launcher-logind in meson
which is only ever used with systemd, so add it to the condition.
Replaced WESTON_NATIVE_BACKEND with backend-default in meson.
Added systemd dependency as launcher-logind depends on both dbus
and systemd and is the only dependency that requires dbus.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some packages installs libOpenCL without declaring
BR2_PACKAGE_PROVIDES_LIBOPENCL (e.g. imx-gpu-viv). ImageMagick will detect
the library and will require libtool. Since libtool is not in dependencies,
build might fail.
To prevent that situation, explicitly disable opencl support for target and host.
Signed-off-by: Julien Olivain <juju@cotds.org>
[Peter: drop unneeded ax_cv_check_cl_libcl=no]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the fis and gadgetfs-test packages were removed, their respective
options in Config.in.legacy were placed before the "Legacy options
removed in 2020.02", while they should have been placed after. Let's
fix that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Following commit 0dcb5513ef
("package/refpolicy: remove dependency on policycoreutils"), we have a
build failure on some configurations:
Makefile:571: *** libselinux is in the dependency chain of busybox that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
This is because refpolicy selects the busybox SELinux support when
Busybox is enabled, which it turns selects libselinux, but we no
longer pay attention to the libselinux dependencies while doing this.
Since it's quite weird to have refpolicy mess with Busybox SELinux
support, this commit changes the logic to have Busybox automatically
enable its SELinux support as soon as SELinux support is enabled,
while still allowing it to be disabled.
Fixes:
http://autobuild.buildroot.net/results/5d8fda7c488a03c14942d87467d501acd633d24a/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If a policy is built that is newer than the kernel can support, the
libsepol will fail to load that policy.
Indeed, a user can manually select the policy version in the config
as-is. However, it is not a friendly solution. The best solution available
is to set a default policy version based off of the toolchain header kernel
version. While a user may have a toolchain that has older kernel headers than
the built kernel, it is still better than setting the default to the maximum
available version that SELinux can support.
The following defaults policy versions are as follows for the given toolchain
headers:
31 >= 4.13
30 >= 4.3
29 >= 3.14
28 >= 3.5
26 >= 2.6
default 25
Note: Version 27 was never released.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The policy version has to be a number, as such, set the type to int.
Due to the type change, we can't any longer do the legacy handling of
re-using the refpolicy policy version.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, a user sets a policy version via the refpolicy package.
Having the option here has a few disadvantages:
- The Refpolicy package is not technically needed to use SELinux.
- When building a modular policy, Refpolicy will ignore the version string
and build the highest version possible which will cause libsemanage to
possibly fail when loading the policy.
Specifying a manual policy version in /etc/selinux/semanage.conf
forces libsemanage to load a specific policy version, which fixes the
above issue. However, because refpolicy currently defines the policy
version, libsemanage does not have a way to determine the policy
version, as refpolicy is not a dependency of libsemanage.
To work around these limitations, move the policy version number
selection to libsepol, as a system using SELinux always requires this
library.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove gadgetfs-test as gadgetfs has been deprecated in favour of
functionfs.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Depend on host-python3, as python2 support was removed.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Only host-policycoreutils is needed to build refpolicy. Remove the uneeded
target package.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove fis as RedBoot hasn't been updated for over 10 years.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: rebase libplist after bump]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream changes include:
- Fix loading FreeBSD kernels with multiple PT_LOAD sections.
- Use autotools to configure and build kexec-lite
- Add support for kexec_file_load
The packaging is adjusted to account for the change in build systems.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Add --with-stdc++lib=dynamic to openjdk.mk or else openjdk will fail to
build because it defaults to looking for a static libstdc++ library.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Convert patch 0005-Fix-installation-of-class-headers.patch to git
format and re-number it to 0004-Fix-installation-of-class-headers.patch.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Ninja 1.10.0 now supports cmake as a build system. This change makes the make
file much more straightforward.
The host-python2 dependency is no longer needed as it is no longer
used during the build. We however need to keep install commands as
there is no installation step planned in CMakeLists.txt.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The meson script includes the full path to the python interpreter. In
deep build trees, this path can be more than 128 characters long, which
is the limit for how long a shebang may be.
Notice that this has been bumped to 256 since kerel 5.1, but the issue still
persists:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eb3c3d0a52dca337e327ae8868ca1f44a712e02
In older kernels, this limit was silently ignored, leading to potential
bugs, but newer kernels enforce that limit, and refuse to execve() the
script, returning with NOEXEC. Since the script is +x, the shell (any
bourne shell, as well as the C shell) will conclude from that situation that
they should interpret it as a shell script, which it obviously is not.
Fix the problem by replacing the shebang with a call to /usr/bin/env
which will redirect to the correct python3 interpreter found in the
PATH.
Note however that this means our meson installation can no longer be
called from outside of the meson-package infrastructure anymore (not
that we ever supported it before, but who knows what people may have
done in their br2-external), unless one does set the PATH to include
$(HOST_DIR)/bin/ earlier than a system-provided python3 would be found.
Fixes: #12331#12461
Reported-by: Jean-pierre Cartal <jpcartal@free.fr>
Reported-by: Matthias Weißer <m.weisser.m@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Kodi 18.0-Leia implements stand-alone gbm support alongside x11 &
wayland. To enable building gbm support in mesa3d without x11 &
wayland we need to add a specific configure option for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For details see upstream PR 12664.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- add BR2_PACKAGE_HAS_LIBGL dependency to
BR2_PACKAGE_KODI_PLATFORM_SUPPORTS_WAYLAND_GL
- don't select BR2_PACKAGE_WAYLANDPP from the blind options, but
instead from the visible options]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the upcoming bump to weston 8, the meaning for the "native backend"
has been removed, and replaced by a new option to set the "default
backend". However, the way we handle the "native backend" option
nowadays is very semantically similar to the upcoming "default backend"
option.
However, as of today, when more than one backend are enabled, the last
one defined in the .mk wins, which is not obvious when looking at the
menuconfig order...
So, we introduce a choice to select the default backend. That enforces
the backend is enabed, leaving the others as additional backends.
It is to be noted that the RDP backend can't be selected as the native
(soon default) backend, so it does not get an entry in the choice.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- write a commit log
- merge short lines
- rename optons (no _BACKEND)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream commit
99bb0ee7cb
removed the dependency on locale support provided by the toolchain.
Removed reverse dependencies as well.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
collectd has sub-options for all its different plugins and features,
so let's do the same for the lua functionality, instead of using
automatic dependencies.
Signed-off-by: Tom Marcuzzi <tom.marcuzzi@orolia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the kernel is built for the target, the build may need various host
libraries depending on config (and kernel version), so use HOST_MAKE_ENV
instead of TARGET_MAKE_ENV.
In particular, this ensures that our host-pkgconf will look for host
libraries and not target ones.
Fixes building scripts/dtc for Buildroot configurations enabling libyaml and
host-pkgconf for kernels after commit 067c650c45 (dtc: Use pkg-config to
locate libyaml).
With this enabled, we can drop the PKG_CONFIG_* variables for the
_NEEDS_HOST_LIBELF conditional, as those are included in HOST_MAKE_ENV.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
At this point Buildroot doesn't allow to use mbedTLS crypto
backend even though libssh supports it. In case of fully statically
linked ELF executables the size difference between OpenSSL and mbedTLS
is significant: it matters for embedded targets with very limited
storage.
This patch adds support for compiling libssh with mbedTLS as a crypto
backend. It also allows the selection of the crypto backend libssh will use
through a choice in the package config, similar to libssh2.
Currently, the selection of the backend is based on a priority order,
which is not always desirable, as in some cases multiple backends
can exists at the same time for various reasons.
Signed-off-by: Mircea Gliga <gliga.mircea@gmail.com>
[Peter: use depends on rather can select for consistency with libssh2]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch #2. Upstream commit d8a5d49c2d8359 includes stddef.h in a
higher level header.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version brings bug fixes, enhancements and a new script utility,
scriptlive. For detailed information see the release notes:
http://www.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes
Pull some fixed applied after the release.
Disable the use of code under GPLv3 included in hwclock since v2.30. The
subject was discussed upstream[1] and it was decided that hwclock will
be made GPLv2-only again in v2.36, so do it in advance in Buildroot.
Meanwhile, be warned that all OS images selecting hwclock built with
Buildroot since commit 74235a6854 (util-linux: bump to version 2.30)
contain code under GPLv3, which imposes some technical difficulties to
include in embedded systems. For more information see GPLv3, Section 6,
"Conveying Non-Source Forms", and the definitions of User Product and
Installation Information[2].
1. https://lore.kernel.org/util-linux/20200127202152.4jh2w4chch37wgee@ws.net.home/T/#t
2. https://www.gnu.org/licenses/gpl-3.0.html
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This will ensure the downloads have nicer filenames in the download
directory, e.g.:
4.0.4-Leia-18.4.tar.gz --> kodi-ffmpeg-4.0.4-Leia-18.4.tar.gz
Update the hashes list accordingly.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: expand comit log with additional explanations]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Lots of changes with this big leap:
- autotools is deprecated and replaced with meson
- demo clients now need pango
---------------------------
The dbus option in autotools is replaced with launcher-logind in meson.
Replaced WESTON_NATIVE_BACKEND with backend-default in meson.
Added optional pipewire dependency.
Added patch fixing missing include in os-compatibility.c.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Stock weston has been migrated to meson, now the only buildsystem
starting with version 8, but the IMX fork is still stuck With the
older version 6, which only has the autotools buildsystem.
As a consequence, either we make weston a hybrid package that calls
to the appropriate package macro infra, or we split the IMX fork off
to its own package.
meson and autotools have two different ways to express passing options,
so we can't factorise the code paths to support both buildsystems:
we'd need to duplicate those depending on the variant used.
So, it's much more sensible to spin he IMX variant away. Besides, that
will make it easier to drop it, should it eventually gets merged
upstream (or the fork just dies off).
We ensure that the two variants, vanilla and IMX, can't get selected at
the same time, by making weston-imx depend on !weston, and hiding it
behind IMX conditionals.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- drop !BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_WL dependency from stock weston
- make weston-imx depends on !weston
- rework commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The oldest toolchain we test in the autobuilders is the Sourcery ARM
toolchain which is GCC 4.8 and kernel headers 3.13. Therefore, it is
likely that we're missing the required _AT_LEAST dependencies to exclude
packages that don't build with older GCC/headers.
Add a comment to the custom external toolchain that warns when an
untested GCC or kernel headers version is selected.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Notice that 1.8.31 fixes a security issue with the non-default pwfeedback
option, but according to the advisory this is not exploitable in 1.8.28:
versions 1.8.26 through 1.8.30 it is not exploitable due to a change in EOF
handling introduced in sudo 1.8.26
https://www.sudo.ws/alerts/pwfeedback.html
Adjust license hash as the copyright year was changed:
- Copyright (c) 1994-1996, 1998-2019
+ Copyright (c) 1994-1996, 1998-2020
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixed the following security issue:
- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
search for certain plugins first on the current working directory of the
application, which allows an attacker that can place files in the file
system and influence the working directory of Qt-based applications to
load and execute malicious code. This issue was verified on macOS and
Linux and probably affects all other Unix operating systems. This issue
does not affect Windows.
- CVE-2020-0570: QLibrary in Qt versions 5.12.0 through 5.14.0, on certain
x86 machines, would search for certain libraries and plugins relative to
current working directory of the application, which allows an attacker
that can place files in the file system and influence the working
directory of Qt-based applications to load and execute malicious code.
This issue was verified on Linux and probably affects all Unix operating
systems, other than macOS (Darwin). This issue does not affect Windows.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed the following security issue:
- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
search for certain plugins first on the current working directory of the
application, which allows an attacker that can place files in the file
system and influence the working directory of Qt-based applications to
load and execute malicious code. This issue was verified on macOS and
Linux and probably affects all other Unix operating systems. This issue
does not affect Windows.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Allow specifying additional build targets for ATF.
This might be more useful when using a custom git repository.
For example, when using with the ATF repository from NXP QorIQ,
there is a new build target 'pbl' which is used to build the
pbl binary image. Note that in the specific case of the 'pbl'
target, additional build variables also need to be specified
through BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES.
Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
patch 0005 has been sourced from upstream, and can be dropped when
7.4.3 is released.
The mbstrings module used to use a bundled oniguruma library, but now
uses an external one, hence the new dependency on this package for the
mbstrings module.
The hash of the license file has changed due to this change in the
copyright year:
-Copyright (c) 1999 - 2018 The PHP Group. All rights reserved.
+Copyright (c) 1999 - 2019 The PHP Group. All rights reserved.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
lzma package is a host-only package so replace this wrong dependency by
xz package
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The name of the package diverges slightly from upstream to maintain
consistency with other nginx modules already present.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The dependency on !BR2_STATIC_LIBS is due to missing Libs.private in the
libmodconfig pkg-config file making builds that statically link against
libmodsecurity fail.
Lua is disabled due to using the host libraries.
Yajl is disabled as enabling it forces the tests to be built. These tests have a
hard dependency on libmodsecurity.a which is not built when --disable-static is
used in the configuration. There is no flag to disable these tests.
Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This includes the following changes:
879c073 Do not hardcode path for install
d9c639b libubootenv: add pkg-config support
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1
parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates. net/http clients
can be made to crash by an HTTPS server, while net/http servers that accept
client certificates will recover the panic and are unaffected. Thanks to
Project Wycheproof for providing the test cases that led to the discovery of
this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix --with-openssl argument and allow gensio to use
pkg-config to retrieve openssl dependencies otherwise the detection of
openssl will fail on architecture that needs to link with -latomic such as
sparc v8 32 bits:
configure:9379: checking for openssl/ssl.h in /home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr
configure:9386: result: yes
configure:9402: checking whether compiling and linking against OpenSSL works
Trying link with OPENSSL_LDFLAGS=-L/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib; OPENSSL_LIBS=-lssl -lcrypto; OPENSSL_INCLUDES=-I/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/include
configure:9424: /home/fabrice/buildroot/output/host/bin/sparc-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -static -I/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/include -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -static -L/home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib conftest.c -lssl -lcrypto -lpthread >&5
/home/fabrice/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/8.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/fabrice/buildroot/output/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_lib.o): in function `CRYPTO_UP_REF.isra.6':
ssl_lib.c:(.text+0x3c8): undefined reference to `__atomic_fetch_add_4'
Fixes:
- No autobuilder failures (silent error)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2019-8835: Multiple memory corruption issues were addressed with
improved memory handling
- CVE-2019-8844: Multiple memory corruption issues were addressed with
improved memory handling
- CVE-2019-8846: A use after free issue was addressed with improved memory
management
For details, see the advisory:
https://webkitgtk.org/security/WSA-2020-0001.html
Drop now upstreamed patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2019-8835: Multiple memory corruption issues were addressed with
improved memory handling
- CVE-2019-8844: Multiple memory corruption issues were addressed with
improved memory handling
- CVE-2019-8846: A use after free issue was addressed with improved memory
management
For details, see the advisory:
https://webkitgtk.org/security/WSA-2020-0001.html
Drop now upstreamed patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes build error:
output/build/kodi-visualisation-goom-2.1.0-Leia/lib/goom/src/lines.c:
In function 'goom_lines_draw':
output/build/kodi-visualisation-goom-2.1.0-Leia/lib/goom/src/lines.c:232:3:
error: 'for' loop initial declarations are only allowed in C99 or C11 mode
for (int i = 1; i < AUDIO_SAMPLE_LEN; i++) {
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch site to github to get latest release
- Drop patch (already in version) and so autoreconf
- Update hash of license files ($Id$ strings removed with
52b1059a5b)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also:
* Conditionally enable support for integration with UPower D-Bus
service if BR2_PACKAGE_UPOWER is selected
* The copyright year was updated in the LICENSE file, therefore
the hash value was also recalculated.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Keep rpi-firmware up-to-date with the kernel
vesion bump (4.19.97).
Go back to sha1 version scheme instead of official tag (after
only two tag versions) to keep up with the up-to-date kernel
version (as the offical last tag is for 4.19.94).
Update boot/LICENCE.broadcom hash according to the
'Update to support customisation program ' change ([1]).
[1] dd9e9ebb5d (diff-b7cccbd9821a372750de822dfd97a843)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now based on 4.19.97 (from 4.19.75).
Go back to sha1 version scheme instead of official tag (after
only two tag versions) to get an up-to-date kernel version
(as the offical last tag is for 4.19.94).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ptm2human is a decoder for trace data outputted by Program
Trace Macrocell (PTM) and Embedded Trace Macrocell (ETMv4).
It deconstructs ID packets and data packets from the
formatter of ARM Coresight ETB, and then translates the
trace data to a human-readable format.
./utils/test-pkg --package ptm2human --all
44 builds, 29 skipped, 0 build failed, 0 legal-info failed
Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr:
- drop the host variant
- introduce _ARCH_SUPPORTS
- comment why we need autoreconf
- drop spurious empty line
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
His e-mail address is bouncing:
Your message to bachmann@tofwerk.com couldn't be delivered.
bachmann wasn't found at tofwerk.com.
thomas.petazzoni Office 365 bachmann
Action Required Recipient
Unknown To address
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
His e-mail address is bouncing:
----- The following addresses had permanent fatal errors -----
<sbobroff@linux.ibm.com>
(reason: 550 5.1.1 <sbobroff@linux.ibm.com>: Recipient address rejected: User unknown in local recipient table)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove celt051 package as celt has been merged into the IETF Opus codec
and is now obsolete (see http://celt-codec.org/).
The only reverse dependency of celt051 is spice. Opus support on spice
has been added upstream 6 years ago with:
ce9b714137
Spice disabled celt by default since version 0.14.1 and:
72b0d603e1
Spice evens error out, by default, if Opus is missing but not explicitly
disabeld since:
f522473842
This will also fix a static build failure on spice with celt051 and opus.
Fixes:
- http://autobuild.buildroot.org/results/96c786f85d35f33508e9c71778043d16b87f72cd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: slight rephrasing in legacy help]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A library to abstract stream I/O like serial port, TCP, telnet, UDP,
SSL, IPMI SOL, etc.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: explain why we need to unconditionally pass --with-openssl]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When 'make' includes a new Makefile, it appends its path to the MAKEFILE_LIST
variable. From that variable, we construct a few set of derivative
variables:
pkgdir = $(dir $(lastword $(MAKEFILE_LIST)))
pkgname = $(lastword $(subst /, ,$(pkgdir)))
Essentially, pkgdir is the full directory where the package is located
(either relative to Buildroot's top directory for in-tree packages, or
absolute for packages in br2-external trees), while pkgname is the last
component of that directory.
pkgdir is in turn used to seed FOO_PKGDIR.
This all happens when we eventually call the package-generic infra,
later down in the file.
When they are parsed, the Makefiles for each linux-extensions are
appended to MAKEFILE_LIST, after the linux.mk one. But since they are
located in the same directory as the main linux.mk, the last component
of MAKEFILE_LIST, which is no longer the main linux.mk, will still yield
the correct values for the linux package.
This is a tough assumption we made there and then.
When we added the support for br2-external linux extensions, we where
very cautious to explicitly scan them from a directory named 'linux', so
that this would yield the correct package name.
And that worked well so far, until someone needed to build an older
kernel, for which our conditional patch is needed, and which just
failed:
/bin/bash: [...]/buildroot-external-linux-test/linux//0001-timeconst.pl-Eliminate-Perl-warning.patch.conditional: No such file or directory
When we scan linux extensions from a br2-external tree, the last
component of MAKEFILE_LIST is no longer in the same directory as the
main linux.mk, and thus the assumption above falls to pieces...
Again, when we added support for linux extensions from br2-external,
although we cared about the package name (pkgname), we completely missed
out on the package directory, and the LINUX_PKGDIR variable.
We do not have a very clean way out of this mess, but we have a nice
dirty trick: Scan the linux extensions from a br2-external tree before we
scan the in-tree ones. That way, the last component of MAKEFILE_LIST is
back to one that is in the same directory as the main linux.mk, and
we're back on tracks.
This is still very fragile, though, but short of a complete overhaul on
how packages are parsed and evaluated, this is the best we can come in
short order.
Reported-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Heiko Thiery <heiko.thiery@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Also:
* Regenerate patch 0002 so it applies without fuzz.
* Add patch 0003, which drops generated/autoconf.h from imximage as we
need uboot-tools without a board configuration.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
the year of LICENSE was upgraded:
- This software is copyright (c) 2019 by Toby Inkster.
+ This software is copyright (c) 2020 by Toby Inkster.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All patches, including two additional ones contributed by Fabrice, are
included in this version.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Qt5 has predefined optimization flags depending if you're building for
size, for debug etc. These flags are defined in
mkspecs/common/gcc-base.conf:
QMAKE_CFLAGS_OPTIMIZE = -O2
QMAKE_CFLAGS_OPTIMIZE_FULL = -O3
QMAKE_CFLAGS_OPTIMIZE_DEBUG = -Og
QMAKE_CFLAGS_OPTIMIZE_SIZE = -Os
Then, in the same file, they use them to set
QMAKE_CFLAGS_RELEASE/QMAKE_CXXFLAGS_RELEASE:
QMAKE_CFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CXXFLAGS_RELEASE += $$QMAKE_CFLAGS_RELEASE
At this point there is our chance to override QMAKE_CFLAGS_OPTIMIZE_* in
qmake.conf, but it's too late, because QMAKE_CFLAGS_RELEASE is already
set (i.e. -O2) so trying to add or remove QMAKE_CFLAGS_OPTIMIZE (that is
reset now on) from QMAKE_CLAGS_RELEASE in
common/features/default_post.prf won't work:
optimize_size {
!isEmpty(QMAKE_CFLAGS_OPTIMIZE):!isEmpty(QMAKE_CFLAGS_OPTIMIZE_SIZE) {
QMAKE_CFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CXXFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_SIZE
QMAKE_CXXFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_SIZE
}
} else: optimize_full {
!isEmpty(QMAKE_CFLAGS_OPTIMIZE):!isEmpty(QMAKE_CFLAGS_OPTIMIZE_FULL) {
QMAKE_CFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CXXFLAGS_RELEASE -= $$QMAKE_CFLAGS_OPTIMIZE
QMAKE_CFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_FULL
QMAKE_CXXFLAGS_RELEASE += $$QMAKE_CFLAGS_OPTIMIZE_FULL
}
}
So let's reset:
QMAKE_CFLAGS_RELEASE
QMAKE_CFLAGS_DEBUG
QMAKE_CXXFLAGS_RELEASE
QMAKE_CXXFLAGS_DEBUG
in our qmake.conf since the only assignment done in
mkspecs/common/gcc-base.conf only regards optimization.
This package is also affected by BR2_TOOLCHAIN_HAS_GCC_BUG_90620 and
it's been worked around by appending -O0 to CFLAGS/CXXFLAGS. This bug
prevented workaround to work overriding optimization flags, so solving
this also solves workaround problem.
Fixes:
http://autobuild.buildroot.net/results/ada/adaa9b4bcc6f9d2b5e82c479859a07e8abf5cf13/http://autobuild.buildroot.net/results/a83/a83bdd1f3bf309c07abebe871b017c331ed36e67/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Tested-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: add a comment to qmake.conf.in]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
License hash has changed because it is a source file, but also because
the name changed from XBMC to Kodi, and the year bumped to 2019.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Added patch to fix cstddef include and license hash.
Repo was moved to the xbmc project:
89d0272e88
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Added dependency to glm.
Although glm depends on BR2_INSTALL_LIBSTDCPP this dependency was not
added because Kodi itself already depends on C++.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Updated dependencies after upstream commit
dbb8853696
Although glm depends on BR2_INSTALL_LIBSTDCPP this dependency was not
added because Kodi itself already depends on C++.
Also removed patch 0002 because this package has no direct dependency
for X libraries anymore.
Removed patch 0001 which was applied upstream
b9dda499db
Added patch to disable building the drempels screensaver which depends
on imagemagick6. Even though rsxs has a minimal bundled imagemagick, we
simply disable drempels to avoid using a bundled library.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Changed _SITE after upstream relocated all audio decoders to xbmc repos
4c900f6835
Changed dependency from kodi-platform to kodi itself, the dependency to
kodi-platform was removed upstream.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reworked raspberry pi handling, it is not treated as separate platform
anymore.
Added dependencies to autoreconf cpluff. The autoreconf is normally
called from CMake, but it's better if we do it under our control.
Rebased patch
- 0001-kodi-config.cmake-use-CMAKE_FIND_ROOT_PATH-to-fix-cr.patch
Removed unneeded patch
- 0002-CMake-Remove-dependency-on-gmp-and-libintl-from-Find.patch
Removed backported patches
- 0003-cmake-iconv-is-a-required-dependency.patch
- 0004-Fix-ffmpeg-build-for-mips.patch
- kodi-texturepacker/0002-fix_reallocarray.patch
Added backported patches
- 0003-Add-missing-cassert-includes.patch
- 0004-Backport-Add-missing-cstddef-includes.patch
Updated dependencies
- bzip2 is not used anymore
- flatbuffers (upstream PR 14209)
- fmt (upstream PR 11039)
- fstrcmp (upstream PR 14221)
- yajl was replaced by RapidJSON (upstream PR 8008)
- internal rar support was removed (upstream PR 11912)
CMake option ENABLE_NONFREE was also removed
- internal sftp support was removed (upstream PR 12005)
- host-zip was removed (upstream PR 12643)
- CMake option ENABLE_OPENSSL was removed (upstream PR 13650)
- lirc support is now provided by lirc-tools (upstream PR 13761)
- IMX support was removed (upstream PR 12990)
- ENABLE_X11 was renamed to -DCORE_PLATFORM_NAME=x11 (upstream PR 12134)
License hash changes because it was converted to markdown.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Fix CVE-2018-11813: libjpeg 9c has a large loop because read_pixel in
rdtarga.c mishandles EOF.
- Update hash of README (small updates such as authors, year ...)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes: https://www.samba.org/samba/history/samba-4.11.5.html
This is a security release in order to address the following defects:
CVE-2019-14902: Replication of ACLs set to inherit down a subtree on AD
Directory not automatic.
CVE-2019-14907: Crash after failed character conversion at log level 3
or above.
CVE-2019-19344: Use after free during DNS zone scavenging in Samba AD
DC.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The libnss patch adding ZLIB_INCLUDE_DIR is added to upstream on
2020-01-07 but the 3.49.1 release on 2020-01-13 does not contain this
patch, so we have actually prematurely removed it from Buildroot.
This only affects host-libnss when libzlib is not installed in the host
system. When building for the target, the toolchain-wrapper already
looks in the target sysroot default include path - where zlib.h is
installed.
Re-add this patch, so that we can build host-libnss 3.49.1.
Signed-off-by: Thomas Preston <thomas.preston@codethink.co.uk>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As recently reported to the list:
http://lists.busybox.net/pipermail/buildroot/2020-January/271937.html
The hardcoded rootfs partition size can lead to hard to understand build
failures if more packages are added.
So drop the hardcoded partition size. Genimage will then size the partition
to match the size of the rootfs image (which by default is also 60MB for ext4).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add patch to fix build issue introduced in buildroot commit
e2a2fab11b which bumped ICU to
version 65.1.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop all patches. All but
0001-rpc-tirpc-disable-tirpc_auth_authdes_-create-tests.patch were
backported from this release, this one is not needed any more due
upstream commit f7199c464 ("rpc-tirpc: Remove authdes related tests")
Thus remove also LTP_TESTSUITE_AUTORECONF.
Update also list of unsupported tests on musl (broken rpc-tirpc tests
were fixed in this release).
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The copyright year was updated in LICENSE, therefore the value of the
hash was updated, too.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.12.2 release brings a large number of fixes:
https://xenproject.org/downloads/xen-project-archives/xen-project-4-12-series/xen-project-4-12-2/
Including a number of security fixes:
XSA-296: VCPUOP_initialise DoS (CVE-2019-18420)
XSA-298: missing descriptor table limit checking in x86 PV emulation
(CVE-2019-18425)
XSA-299: Issues with restartable PV type change operations (CVE-2019-18421)
XSA-301: add-to-physmap can be abused to DoS Arm hosts (CVE-2019-18423)
XSA-302: passed through PCI devices may corrupt host memory after
deassignment (CVE-2019-18424)
XSA-303: ARM: Interrupts are unconditionally unmasked in exception handlers
(CVE-2019-18422)
XSA-304: x86: Machine Check Error on Page Size Change DoS (CVE-2018-12207)
XSA-305: TSX Asynchronous Abort speculative side channel (CVE-2019-11135)
XSA-306: Device quarantine for alternate pci assignment methods
(CVE-2019-19579)
XSA-307: find_next_bit() issues (CVE-2019-19581 CVE-2019-19582)
XSA-308: VMX: VMentry failure with debug exceptions and blocked states
(CVE-2019-19583)
XSA-309: Linear pagetable use / entry miscounts (CVE-2019-19578)
XSA-310: Further issues with restartable PV type change operations
(CVE-2019-19580)
XSA-311: Bugs in dynamic height handling for AMD IOMMU pagetables
(CVE-2019-19577)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/14af2dc3219847a92c6ec2db14ba387159b61fde
The Xen build system builds and embeds a default XSM FLASK (Flux Advanced
Security Kernel) security policy if it detects SELinux checkpolicy on the
build machine.
If enabled, a gen-policy.py python script is used to convert the binary
FLASK policy to a C array initialization list to embed it in the Xen binary.
Depending on the python version and locale available on the host, this fails
with byte values outside the 0..255 range:
policy.c:7:10: error: unsigned conversion from 'int' to 'unsigned char' changes value from '56575' to '255' [-Werror=overflow]
0xdc8c, 0xdcff, 0x7c, 0xdcf9, 0x08, 0x00, 0x00, 0x00, 0x58, 0x65, 0x6e, 0x46, 0x6c,
To fix this and ensure a consistent build, pass XEN_HAS_CHECKPOLICY=n to
disable the checkpolicy detection.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When building with path containing "m4/" occurence(i.e. make
O=output-m4) gettext-tiny install recipe copies files to wrong place and
later some package using autotools fail to autoreconf(i.e. minicom).
This is due to buggy gettext-tiny Makefile install recipe where they
substitute every "m4/" in INSTALL destination path, including the "m4/"
part of our build folder. Add patch to fix this by using $(patsubst ...)
instead of $(subst m4/,,$@) to substitute only last "m4/" occurence in
path.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12481
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The README file saved by legal-info does not mention the host package
variant of the saved material. Add them.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This list dates back to 2012. Since a long time now Buildroot saves the
patches applied as well as the actual source code for some external
toolchains. Update the manual accordingly.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Upstream no longer pushes tarballs to their release directory, so
switch to github, which has the latest releases
- Drop patch (already in version)
- Add poprouting plugin (added in version 0.9.7 with
316901040f)
- Add hash for license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch bumps mono to version 6.8.0.96 and its related dependency
monolite to version ABB721D6-116A-4555-B4FD-9248146D2051.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch bump Pillow to version 7.0.0.
Latest Pillow version doesn't support python2 anymore, thus
enforce the dependency on python3.
It updates also the LICENSE hash due to copyright year update.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2019-18222: Our bignum implementation is not constant
time/constant trace, so side channel attacks can retrieve the blinded
value, factor it (as it is smaller than RSA keys and not guaranteed to
have only large prime factors), and then, by brute force, recover the
key. Reported by Alejandro Cabrera Aldaya and Billy Brumley.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Remove first patch and use --with-readline-lib as a slightly updated
version of this patch has been merged with:
af9fde5f93
- Remove autoreconf as it does not seem needed anymore
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host tar is used to create the archives in the VCS download backends
(git, cvs, svn, hg...) and tar 1.30 and forward have changed the way
they generate the archives.
So, all the archives that have been generated before 1.30 was released
are not bit-for-bit reproducible (even though the extracted content
would be), so the hashes we have for those archives would not match.
Hence host-tar must be kept at version 1.29.
For the target variant, this is less important, so bump it to the latest
version.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12256
Signed-off-by: Luc Creti <luc.creti@atos.net>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr: move all host-related comments and variables]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With Qt 5.12.x only handwriting/lipi-toolkit needs 3rdparty parts
installation (with Qt 5.6.x although zn_CZ/pinyin and zh_TW tcime).
Fixes:
- https://bugs.busybox.net/show_bug.cgi?id=12456
cp: cannot stat '.../host/arm-buildroot-linux-gnueabihf/sysroot/usr/qtvirtualkeyboard': No such file or directory
Also fix the way we test the variable: we very seldomly use ifdef,
instead we usually test for equality.
Reported-by: Sam Petrocelli <sam.petrocelli@gmail.com>
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: also fix the way we test the variable]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds a new manual section that captures an overview
of the run-tests tool, how to manually run a test and where to
find the test case script.
A brief set of steps is included to go through how to add a new
test case and suggestions on how to test/debug.
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[yann.morin.1998@free.fr:
- switch the creating and debugging sections
- minor reformatting
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patch. Upstream commit 509400106aeb fixed no-MMU build in a
different way.
Add patch fixing no-MMU build.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2019-10155 (IKEv1 information exchange packet's integrity check
value is not verified)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch site to github to get latest release
- Remove all patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch site to github to get latest release
- Drop first and second patches (already in version)
- Drop third patch and OPENSSL_INCLUDE_DIR (not needed since
4e713175ea)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 3.3.0 and its commit
1c4c58d1b5,
opencv3 bundles its own copy of protobuf. Instead of using the bundled
protobuf library, this commit disables building protobuf
(BUILD_PROTOBUF=OFF) and instead uses the protobuf Buildroot package
(using the WITH_PROTOBUF=ON/OFF option).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the latest commit since there is no release since 1.2 (8 years ago).
While testing with test-pkg, the last build issue was
due to the gcc 4.8.3 compiler missing C++11 feature:
"std::list.erase(const_iterator pos) not implemented" [1]
arm-none-linux-gnueabi/include/c++/4.8.3/bits/vector.tcc:134:5: note:
no known conversion for argument 1 from '__gnu_cxx::__normal_iterator<const alure::Source*, std::vector<alure::Source> >'
to 'std::vector<alure::Source>::iterator {aka __gnu_cxx::__normal_iterator<alure::Source*, std::vector<alure::Source> >}
14beed2a86/src/context.cpp (L1357)
[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=57158
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2019-14491: An issue was discovered in OpenCV before 3.4.7
and 4.x before 4.1.1. There is an out of bounds read in the function
cv::predictOrdered<cv::HaarEvaluator> in
modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
- Fix CVE-2019-14492: An issue was discovered in OpenCV before 3.4.7
and 4.x before 4.1.1. There is an out of bounds read/write in the
function HaarEvaluator::OptFeature::calc in
modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
- atomic workaround is not needed since version 3.4.8 and
464972855e
- Update hash of license file (Xperience.AI added:
766465ce94)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
- http://autobuild.buildroot.net/results/17802b5ad87f494a86d158f2547e68edddcc0a68
../../src/util.h:377:21: error: static declaration of 'gettid' follows non-static declaration
static inline pid_t gettid(void)
^~~~~~
In file included from .../host/aarch64-buildroot-linux-gnu/sysroot/usr/include/unistd.h:1170,
from .../host/aarch64-buildroot-linux-gnu/sysroot/usr/include/daq_common.h:25,
from .../host/aarch64-buildroot-linux-gnu/sysroot/usr/include/daq.h:26,
from ../../src/decode.h:48,
from ../../src/spo_plugbase.h:31,
from ../../src/snort.h:36,
from sfcontrol.c:37:
.../host/aarch64-buildroot-linux-gnu/sysroot/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of 'gettid' was here
extern __pid_t gettid (void) __THROW;
^~~~~~
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit fe4b9321e5 ("package/libpcap:
remove unnecessary dependency on zlib"), the depedency of libpcap on
zlib was removed as it was not needed. However, it was thanks to this
dependency that the snort package satisfied its dependency on zlib,
which is now missing. This commit fixes that by adding a dependency of
snort on zlib.
Fixes:
checking zlib.h usability... no
checking zlib.h presence... no
checking for zlib.h... no
ERROR! zlib header not found, go get it from
http://www.zlib.net
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Option to disable fluidsynth is --disable-music-midi-fluidsynth since
version 2.0.0 and
9fe78ec49f
Before this commit, the configure option was
--disable-music-fluidsynth-midi (and not --disable-fluidsynth)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since [1], glibc package has a new option to install glibc utils to the
target. But this option is displayed below "Kernel Header Options".
As for uClibc package, add a comment line to separate Glibc options
from kernel header options.
[1] c6cd512fe2
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit "gpio: add cdev implementation"
(d0a973cca2),
c-periphery needs linux headers >= 4.8.
The hash of the license file is updated due to an update in the
copyright year:
- Copyright (c) 2014-2016 vsergeev / Ivan (Vanya) A. Sergeev
+ Copyright (c) 2014-2019 vsergeev / Ivan (Vanya) A. Sergeev
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumping to version e0e40dd in commit
ad9c5bbfa7 included the following upstream
commit:
bccad40551
This commit adds an optional dependency on opencv so add it and fix it
through two patches
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumping to version e0e40dd in commit
ad9c5bbfa7 included the following upstream
commit:
4e2b4fe166
This commit contains CMake improvements and especially a new
BUILD_TESTING option that disable the testrunner compile, use this
instead of the ZXING_CPP_MAKE_OPTS workaround.
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add two patches to fix openssl support:
- 0003-Fix-openssl-detection.patch (suggested by Jonathan Kimmitt)
- 0004-Support-OpenSSL-1.1.0.patch (taken from upstream)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Use the LICENSE file for the license. This prevents having to change the
sha256sum on every version bump due to PKG-INFO containing the version
number.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes (part of):
http://autobuild.buildroot.net/results/5659e1c91831921bd9ad6af670258783771b4dc8/
Commit 6b37dda2a9 (package/iputils: create ping6 symlink), added a
ping6 symlink, but used the absolute (build) path to ping as the target,
which is naturally no good at runtime:
ls -l target/bin/ping6
lrwxrwxrwx 1 peko peko 58 Jan 10 08:25 target/bin/ping6 -> /home/peko/source/buildroot/output-iputils/target/bin/ping
Instead use a relative symlink.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 5eecaf354c (package/rtl8821au: switch to abperiasamy fork) changed
the upstream location, but didn't update the link in the help text.
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since a very long time (at least version 3.5.1 in 2011 and
accb9f2fe8),
gr-pager option is named ENABLE_GR_PAGER, not ENABLE_PAGER
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the kernel support for WireGuard getting mainlined, the upstream repo
has been split in a wireguard-tools repo for the userspace tooling and
wireguard-linux-compat for the kernel side (for 3.10+ legacy kernels).
Add a wireguard-linux-compat for the compatibility out-of-tree kernel
module, and update the Config.in.legacy handling to use it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the kernel support for WireGuard getting mainlined, the upstream repo
has been split in a wireguard-tools repo for the userspace tooling and
wireguard-linux-compat for the kernel side (for 3.10+ legacy kernels).
So rename the package to wireguard-tools, use the new upstream and drop the
kernel module handling.
Also add Config.in.legacy handling for existing users.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable the option to use SO_REUSEADDR on the built-in miniserver
socket to allow clean restarts [1].
This fixes a runtime issue with Gerbera and possible other programs
which does not allow a graceful restart otherwise.
[1] 629dec7561
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In case cppunit dependency is found the testrunner is build
which needs c++11 compile support enabled, avoid by building
only libzxing and zxing targets.
Fixes:
- http://autobuild.buildroot.net/results/f7c2c03a2b5a0147a041d873c1a36143861be764
[ 85%] Building CXX object CMakeFiles/testrunner.dir/core/tests/src/common/BitArrayTest.cpp.o
In file included from .../host/opt/ext-toolchain/mips64el-buildroot-linux-uclibc/include/c++/5.5.0/type_traits:35:0,
from .../host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cppunit/tools/StringHelper.h:7,
from .../host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cppunit/TestAssert.h:8,
from .../host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cppunit/TestCase.h:6,
from .../host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cppunit/TestCaller.h:5,
from .../host/mips64el-buildroot-linux-uclibc/sysroot/usr/include/cppunit/extensions/HelperMacros.h:9,
from .../build/zxing-cpp-0db7f855135222becff193671faae79c083424b6/core/tests/src/common/BitArrayTest.h:24,
from .../build/zxing-cpp-0db7f855135222becff193671faae79c083424b6/core/tests/src/common/BitArrayTest.cpp:21:
.../host/opt/ext-toolchain/mips64el-buildroot-linux-uclibc/include/c++/5.5.0/bits/c++0x_warning.h:32:2: error: #error This file requires compiler and library support for the ISO C++ 2011 standard. This support must be enabled with the -std=c++11 or -std=gnu++11 compiler options.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The tcpdump package currently depends on zlib, but this is not
needed. The commit removes this non-mandatory dependency.
Signed-off-by: Mircea Gliga <gliga.mircea@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libpcap package currently depends on zlib, but this is not
needed. The commit removes this non-mandatory dependency.
Signed-off-by: Mircea Gliga <gliga.mircea@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
NSS Makefile emits -DLINUX to OS_CFLAGS only if OS_TEST=Linux when
building for Target. But nsinstall.c is a host utility and it uses
NATIVE_FLAGS instead of OS_CFLAGS, this is why -DLINUX is not emitted.
This is necessary for the case one builds for Target OS Linux on a Host
OS that is not Linux.
After discussing upstream [*], it turned out that our current patch,
introduced with commit fe4b47a121 (package/libnss: fix build failure
on RHEL 7) to fix the bug, is wrong. The best way to fix it is to append
-DLINUX to NATIVE_FLAGS in libnss.mk.
[*] https://bugzilla.mozilla.org/show_bug.cgi?id=1603398
So let's append -DLINUX to NATIVE_FLAGS after HOST_CFLAGS to make sure
<getopt.h> is included, since in nsintall.c it is included only if LINUX
macro is defined and this caused the build failure not finding getopt
functions and macros in some build environment(i.e. RHEL 7). On other
build environments getopt.h is indirectly included by unistd.h this is
why it worked on them.
This reverts commit fe4b47a121.
Fixes:
http://autobuild.buildroot.net/results/797/797f07ff757e7972d8c96b6a9f6abe68d17e0808/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- meld the two commits into one
- update and rearrange the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Math::BigInt is a Perl core module (ie. bundled with perl)
This package was never released with BR,
so no need to add an entry in Config.legacy
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
we don't want create new BR package with perl core module,
because core modules are already included in perl distribution,
and built with the BR package perl.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Version 2.0.0 adds support for MP3 with lame and full MPEG support with
mpg123, both optional.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The license text is now included in the tarball, so add it to _LICENSE_FILES
and add a hash for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Samba does not need python on the target for file server functionality.
It does need it for the Active Directory Domain Controller feature,
which is already configured in buildroot as optional and already depends
on python3 since commit 4485a75859.
An unnecessary target python greatly increases the size of the target
filesystem. A somewhat minimal configuration with a samba server shunk
from an 82 MB rootfs to 53 MB with this patch.
Signed-off-by: Trent Piepho <trent.piepho@synapse.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Notice that 7.68.0 includes a Windows-only security fix:
- CVE-2019-15601: SMB access smuggling via FILE URL on Windows
https://curl.haxx.se/docs/CVE-2019-15601.html
So not applicable to Buildroot.
Update the license hash for a copyright year update:
-Copyright (c) 1996 - 2019, Daniel Stenberg, <daniel@haxx.se>, and many
+Copyright (c) 1996 - 2020, Daniel Stenberg, <daniel@haxx.se>, and many
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without the device-mapper udev rules, dm devices will not get a proper
symlink like /dev/disk/by-label/LABEL, which in turn causes fstab
LABEL= mounts to fails.
And by extension causes shenanigans with systemd, where it will
unmount a manually mounted disk because it can't resolve the label.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Until version 8.23, we needed to patch coreutils to ensure that options
be passed before non-options when calling help2man (during the build).
Our patch would just swap around two consecutive lines, and required
autoreconfguring and gettextising.
However, in coreutils 8.24, upstream applied a semantically equivalent
fix, but we did not notice, and we blindly fixed the patch by swapping
the previously faulty lines, even though the issue was no longer present
to begin with (if one would need an example of cargo cult, this is it).
Drop our patch, as it has not been needed for the past 4.5 years.
This means that we can also stop autoreconfiguring and gettextising.
Woot!
Rename the remaining patch.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
cc628ee libuboot: wrap libuboot in extern "C" for C++
bf6ff63 Prepare 0.2
3393485 Fix compiler warning
8f7c00a uboot_env: fix the resarch of ubi volume
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerabilities:
- CVE-2019-19221: In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c
has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example,
bsdtar crashes via a crafted archive.
And adds various security fixes. For details, see :
https://github.com/libarchive/libarchive/releases/tag/v3.4.1
Also remove upstreamed patch.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
erlang-p1-iconv does not exist as a package in buildroot and cause warning
with get-developers :
./utils/get-developers -p erlang-p1-iconv
WARNING: 'package/erlang-p1-iconv/' doesn't match any file
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Many tools use __FILE__ or __BASE_FILE__ for debugging and both
capture the build path. This results in non-reproducible images when
building in different directories.
If the config uses GCC 8 or above, we use -ffile-prefix-map=old=new
and let gcc take care of the path remapping in __FILE__. Since GCC
versions before v8 did not have this feature, we use an empty string
in that case, and disable the builtin-macro-redefined warning which
would otherwise trigger and cause build issues with -Werror.
Signed-off-by: Atharva Lele <itsatharva@gmail.com>
[Thomas:
- as suggested by Arnout, use the empty string for the __FILE__ and
__BASE_FILE__ value
- as suggested by Romain, also handle __BASE_FILE__ in addition to
__FILE__
- pass -Wno-builtin-macro-redefined to avoid build errors when
-Werror is passed]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mender-grubenv currently has 3 problems that prevent an x86_64-efi image from
successfully being made with the genimage.sh script.
- mender-grubenv does not currently depend on Grub2.
While Grub2 is not needed to build the mender-grubenv package, Grub2 needs
to be built first for mender-grubenv to overwrite the default Grub2 files
reliably.
- The MENDER_GRUBENV_ENV_DIR variable points to /boot/efi/EFI/BOOT instead of
/boot/EFI/BOOT, which is where the Grub2 package installs the default files.
This variable now points to the correct location.
- The Grub2 package installs images to $(BINARIES_DIR)/efi-part, which the
mender-grubenv package currently does not do. As such; the default Grub2
configuration file is used instead of the one provided by mender-grubenv.
Adding a MENDER_GRUBENV_INSTALL_IMAGES_CMDS define in mender-grubenv.mk which
copies the installed files from $(TARGET_DIR)/boot/EFI to
$(BINARIES_DIR)/efi-part fixes this issue.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[Thomas:
- drop "runtime" on the depends on BR2_TARGET_GRUB2 since we now have
a build-time dependency on it
- explicitly copy the files installed by mender-grubenv in
MENDER_GRUBENV_INSTALL_IMAGES_CMDS instead of blindly copying
everything that is in $(TARGET_DIR)/boot/EFI]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
More and more packages are now depending on ln --relative, some require
realpath, both of which only got introduced in "recent" versions of
coreutils; older distros had a separate realpath, though, but that is
not in the list of our required dependencies, and was not installed by
default.
So, we introduce a minimal host variant of coreutils to provide those
programs.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package was a dependency to ejabberd-18.09. It is not anymore
use by any package nor maintain upstream, so remove it.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There are two remainning patches to:
- change the Makefile rules so dependencies are not downloaded/compiled;
- fix ejabberd user in ejabberdctl script.
The erlang-p1-iconv package is not anymore a dependency for ejabberd.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit ada40afb32 updated the raspberrypi*defconfigs to use
-add-miniuart-bt-overlay instead of -add-pi3-miniuart-bt-overlay.
Update raspberrypi0w_defconfig also.
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Remove the patch that's now upstream.
Signed-off-by: Bartosz Golaszewski <bgolaszewski@baylibre.com>
[Peter: drop _AUTORECONF]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-14271: In Docker 19.03.x before 19.03.1 linked against the GNU C
Library (aka glibc), code injection can occur when the nsswitch facility
dynamically loads a library inside a chroot that contains the contents of
the container
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-14271: In Docker 19.03.x before 19.03.1 linked against the GNU C
Library (aka glibc), code injection can occur when the nsswitch facility
dynamically loads a library inside a chroot that contains the contents of
the container
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
containerd 1.2.9/gRPC:
- CVE-2019-9512: Some HTTP/2 implementations are vulnerable to ping floods,
potentially leading to a denial of service. The attacker sends continual
pings to an HTTP/2 peer, causing the peer to build an internal queue of
responses. Depending on how efficiently this data is queued, this can
consume excess CPU, memory, or both
- CVE-2019-9514: Some HTTP/2 implementations are vulnerable to a reset
flood, potentially leading to a denial of service. The attacker opens a
number of streams and sends an invalid request over each stream that
should solicit a stream of RST_STREAM frames from the peer. Depending on
how the peer queues the RST_STREAM frames, this can consume excess memory,
CPU, or both
- CVE-2019-9515: Some HTTP/2 implementations are vulnerable to a settings
flood, potentially leading to a denial of service. The attacker sends a
stream of SETTINGS frames to the peer. Since the RFC requires that the
peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS
frame is almost equivalent in behavior to a ping. Depending on how
efficiently this data is queued, this can consume excess CPU, memory, or
both
containerd 1.2.10/runc:
- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
19.03.2-ce and other products, allows AppArmor restriction bypass because
libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
malicious Docker image can mount over a /proc director
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerability:
- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
19.03.2-ce and other products, allows AppArmor restriction bypass because
libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
malicious Docker image can mount over a /proc directory.
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 5.3.x series is now EOL so remove the option and add legacy
handling for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The hyperv integration services offer convenience features for guest
operating systems running on the microsoft hyperv virtualization
platform. They roughly are for HyperV what openvmtools are for VMWare.
The installed binary names are derived from what seems common in large
distros like RedHat:
linux kernel source name -> installed binary name
hv_vss_daemon -> hypervvssd
hv_kvp_daemon -> hypervkvpd
hv_fcopy_daemon -> hypervfcopyd
Each tool was introduced at different points in the kernel history, so
we need to check each of them.
We provide a single init script that is responsible for starting all
enabled programs. The global status will be the status of the last
program to fail to start, or empty (i.e. success) if they all started
successfuly.
However, we provide one systemd unit per program, because it is not easy
to use a single unit to start (and monitor) more than one executable.
Additionally, we do not provide a template that is filled at tinstall
time either, because it does not gain much (three simple units vs. a
template and some replacement code in the .mk).
Finally, the key-value daemon uses a few helper scripts to get/set the
network config. All are optional (their presence is checked before
running them), but one, hv_set_ifconfig. However, it is not strictly
speaking required either, so we just symlink it to /bin/true to avoid
any warning at runtime. Providing actual helpers is left to the end
user, to adapt to their own environment.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
[yann.morin.1998@free.fr:
- aggregate all three tools in a single sub-package
- introduce the main HV option, use a sub-option for each tool
- aggregate the three init scripts into one
- don't install the helpers; symlink the mandatory one
- don't create symlinks for systemd units (systemctl preset-all does
it for us now)
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some linux tools (e.g. the Microsoft HyperV convenience utilities) will
install programs tostart at boot time, so they need to be able to
install init files (systemd units, sysv init script, or openrc units).
Unlike the other commands, we are redefining the real _INSTALL_INIT_*
macros, rather than use hooks, to let the infra call those at the right
moment.
We must be careful about the openrc support, though: if two tools are
enabled, one which provides sysv scripts but no openrc config, and the
other which provides openrc config, and we are using openrc as init
system, then we want to use the sysv scripts from the former as well as
the openrc config of the latter. Thus we need to duplicate a bit the
openrc logic here.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
[yann.morin.1998@free.fr:
- define macros, not hooks
- introduce support for openrc too
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The test-case for python-gitdb2 consists solely in verifying that the
module can indeed be imported.
However, flake8 errors out on unused imports. Furthermore, it also
errors about wildcard imports, as it can detect unused symbols.
Commit d8c86be9cd (support/testing: fix python-gitdb2 test) tried to
address this issue, by explicitly squelching the two errors, F401 and
F403.
While that works on recent distros, the image used by our docker
pipeline is laggign behind and the flake8 there only handles at most a
single error in the noqa list.
Do as is done with the other python samples, and just blindly ignore
all errors.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 9fa2add810 (support/testing: add test for python-avro) added a
test for python-avro but failed to update .gitlab-ci.yml. Do that now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Set AM_CFLAGS to an empty value to avoid the following redefinition
error when building with our custom _FORTIFY_SOURCE:
/accts/mlweber1/rc-buildroot-test/scripts/instance-1/output/host/bin/mips-linux-gnu-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Wall -Werror -Wuninitialized -Wundef -D_FILE_OFFSET_BITS=64 -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_FORTIFY_SOURCE=1 -Wp,-MMD,3rdparty/hmac_sha/.hmac_sha2.o.d,-MT,3rdparty/hmac_sha/hmac_sha2.o -c 3rdparty/hmac_sha/hmac_sha2.c -o 3rdparty/hmac_sha/hmac_sha2.o
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
Fixes:
- http://autobuild.buildroot.org/results/cfef9315441b5f4909b58a6dccd8bea8e67ae992
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the linux-pam package is selected, add the package to the
dependency list and explicitly set --enable-plugin-auth-pam.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
intltool has been replaced by gettext since version 12.99.1 and
57e3ccaf51
so replace host-intltool by $(TARGET_NLS_DEPENDENCIES)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
intltool has been replaced by gettext since version 3.33.4 and
4fb05684d2
so replace host-intltool by $(TARGET_NLS_DEPENDENCIES)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libnss expects OS_TEST to be set to ppc, ppc64, or ppc64le instead of
the usual values defined by Buildroot, respectively powerpc, powerpc64,
or powerpc64le.
This fixes the inconsistencies where functions would be prototyped and
called, but no implementation would be provided, causing link issues.
Define all the variants (of which the existing aarch64be) in Kconfig.
The latest default uses the usual architecture names as defined by
Buildroot, BR2_ARCH.
Additionally, libnss makes use of Altivec intrinsics which are only
available starting with gcc 8, not gcc 5, so we patch it to fix that
condition.
Fixes:
http://autobuild.buildroot.org/results/579/57928e6cf69d584b430a1d9a99156c57f29b692f/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- move the arch setting to kconfig (like recently done in e3159cad71)
- add the build failure
- add pointer to upstream bug report and patch sybmission
- reformat and reword commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that the metadata_csum ext4 option is disabled, we no longer need
the U-Boot workaround.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The U-Boot ext4 write support doesn't work with the metadata_csum
option, and the stm32mp157 U-Boot defconfig uses an environment stored
in an ext4 filesystem, so we must create the ext4 root filesystem
without the metadata_csum option enabled.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[Thomas: only disable the metadata_csum option, the 64bit and
dir_index options can be kept enabled]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The proj package exhibits gcc bug 68485 when building for the
Microblaze architecture C files (which was already worked around), but
also for C++ files.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 when compiling C++ files too if
BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y.
Fixes:
http://autobuild.buildroot.net/results/dc9/dc9bc52ff3d5a83dcfe4a86a391590bef57e1cf0/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Thomas: rework implementation to use a single condition for both CFLAGS and CXXFLAGS]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
/usr/bin/suricatactl and /usr/bin/suricatasc have their interpreter set
to the path of python in the HOST machine.
Use distutils' option '-e' to specify a better shabang.
[yann.morin.1998@free.fr:
- author did not provide their SoB, but it's simple enough to
not require it for once
- reword commit log
- use git-formatted patch, with a proper commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The original UBOOT_FIXUP_LIBFDT_INCLUDE hook only works for u-boot versions
starting from v2017.11.
As older u-boot versions are still in common use today, e.g. in the
ci20_defconfig, extend the hook to cover a wider range of u-boot versions.
The main code change was proposed by Arnout Vandecappelle in [1].
Testing and comment changes were done by Thomas De Schampheleire.
Additional (build) testing done by Yann.
[1] http://lists.busybox.net/pipermail/buildroot/2019-May/251231.html
This was tested with the following defconfigs, that each excercise one
case:
----.-- No defconfig identified
2010.06 'lib/libfdt/', used to be simply 'libfdt' before upstream commit 0de71d507157...
2013.10 ci20_defconfig
2014.04 'srctree' used to be called 'SRCTREE' before upstream commit 01286329b27b27ea...
2017.05 olimex_a13_olinuxino_defconfig
2017.11 scripts/dtc/libfdt only exists since upstream commit c0e032e0090d6541549b19cc...
2018.01 mx6udoo_defconfig
2018.03 core change is equivalent to upstream commit e0d20dc1521e74b82dbd69be53a04884...
2019.10 nanopi_neo_defconfig
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
[yann.morin.1998@free.fr: add the build-test results]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
TinySSH is a minimalistic SSH server which implements only a subset of
SSHv2 features.
Might be useful for small systems.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[yann.morin.1998@free.fr:
- add missing licence file, as noticed by Giulio
- update the version to bring two fixes
- update hash file accordingly (version and licence file)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Following Arnout review of "autofs: fix mount, umount and fsck program
paths" in https://patchwork.ozlabs.org/patch/1148086, set
ac_cv_path_E2FSCK to /sbin/fsck and ac_cv_path_E{3,4}FSCK to no so that
the fsck wrapper will always gets used (if the e3 and e4 versions don't
exist, the e2 version is used regardless of fs type).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The apitrace package exhibits gcc bug 68485 when built for the
Microblaze architecture with optimization enabled, which causes a build
failure. This is mainly due to 3rd party brotli embedded in apitrace
that already has been fixed in Buildroot as single package. After
working around this bug overriding -O0 to CFLAGS(Brotli is a C program),
gcc bug 81580 showed off while compiling C++ files.
So, as done for other packages in Buildroot, work around this gcc bug by
setting optimization to -O0(in CFLAGS) if
BR2_TOOLCHAIN_HAS_GCC_BUG_68485=y. And do the same(but in CXXFLAGS) if
BR2_TOOLCHAIN_HAS_GCC_BUG_85180=y as already done for other packages.
Fixes:
http://autobuild.buildroot.net/results/a46/a46626cc50f07f41d831614306f556d346d31429/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: reorganise the conditions]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
the upstream php-fpm sample configuration is placed in
/etc/php-fpm.d/www.conf.default
in recent version of php, so adjust the build cleanup
accordingly
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
[yann.morin.1998@free.fr: only remove the file, not the directory]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Linux version is changed to 4.19.91 (the last version of 4.19).
Build- and runtime-tested for aarch64 and x86_64.
Signed-off-by: Philippe Reynes <philippe.reynes@softathome.com>
[yann.morin.1998@free.fr: add the test report provided by Philipe on IRC]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since we already have a choice to select the backend to do crypto, push
the limits even further and add an option to do no crypto.
Usually, we would have added that option first in the choice, but if we
were to do that now, existing defconfigs that previously used openssl
(the first item in the choice) would now default to non crypto, which is
not so nice. So we add the new option last in the choice.
Each crypto backend option is used in a conditional block, each of which
default to disabling said backend. So, selecting none will indeed
disable all.
We can now drop the blind intermediate option that would hide the choice
when no backend library was available; there will now always be at least
the none option in the choice, so we need not hide it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Cc: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update dependency documentation to detail the order-only relationship
associated with the DEPENDENCIES variable. See the thread at [1] for
details.
[1] http://lists.busybox.net/pipermail/buildroot/2019-October/262685.html
Signed-off-by: Dan Walkes <danwalkes@trellis-logic.com>
[yann.morin.1998@free.fr: indentation & slight rephrasing]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Libcurl recipe allows selecting between various TLS backends. Users can
already select between several options but WolfSSL was missing. WolfSSL
is an efficient TLS library, it supports TLS 1.3 and is used in many
embedded systems.
Add WolfSSL to libcurl "SSL/TLS library to use" choice list when WolfSSL
package is enabled. When selected in the list, use libcurl
--with-wolfssl configure option. Explicitly set --without-wolfssl
when it is not selected.
Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Lothar added the beaglebone and beaglebone_qt5 defconfigs, and has
been regularly maintaining them, so it makes sense to have him listed
as a contact for those two defconfigs.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Theo added this defconfig in 2016, and is listed as the contact for
the pugixml package, so it probably makes sense to have him listed as
a contact for the beagleboardx15_defconfig as well.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Masahiro is the last person who made significant changes to this
defconfig, so let's add him as a contact for it, so that he receives
notifications of build failures and gets Cc'ed on patches.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Nicholas was the most recent person to make significant changes to the
galileo_defconfig, so let's add him as a contact for this defconfig,
so that he receives notification of build failures and gets Cc'ed on
patches.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicholas Sielicki <sielicki@yandex.com>
Cc: Ray Kinsella <ray.kinsella@intel.com>
Cc: Padraig James Connolly <padraig.connolly@intel.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Joao added this defconfig a while ago, and is still active
contributing to Buildroot, so let's add him as the contact for this
defconfig, so that he receives build failure notifications and gets
Cc'ed on patches.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Joao Pinto <jpinto@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Julien originally added this defconfig in 2017, so let's add him as a
contact for it, so that he receives build failure notifications and is
Cc'ed on patches.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Julien Grossholtz <julien.grossholtz@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We have an existing patch to configure.in that chains the test to find
fltk (supposedly because a symbol of fltk got renamed sometime in the
past). By doing so, this chaining breaks the build when configure later
checks for the alsa libraries.
This is because chaining calls to AC_CHECK_LIBS() one in the other would
be expanded in such a way that internal functions, like ac_fn_c_try_link,
would get defined after being called, which results in configure failures
(see new bundled patch).
So, we change configure to use AC_SEARCH_LIBS() instead, which allows us
to memorise the result of each test, and we only fail when both tests
failed.
We can now drop the ac_cv overrides we had.
Incidentally, this also fixes detection of newer alsa-libs, where
atopology functions were offloaded to their own separate library:
75d393a563
Fixes:
http://autobuild.buildroot.org/results/564c1561e83e0c064f3859d25e68dec96640e060
(Note: upstream has been basically dead for at least 15 years now, so we
did not even try to submit the patch there...)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since e3159cad71 (package/libopenssl: move target arch selection
to Config.in), we have a Config.in that contains a few options to
configure libopenssl (openSSL, the original).
As such, it makes sense to move the remaining options there too.
We also move the condition there, mimicking what is done for the
external toolchains' options too.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since glibc 2.30, a tgkill() function is exposed by the C library, but
google-breakpad has its own internal definition of it, which now
conflicts. This causes build failures on modern build machines (when
building google-breakpad for the host).
This commit adds a patch that simply renames the internal tgkill()
function to BreakpadTgkill() to avoid the naming conflict.
We do that instead of a configure.ac change to avoid having to
autoreconf this package, and because the fix is anyway not
upstreamable as upstream simply dropped the internal tgkill()
implementation, but using that would break building google-breakpad on
older systems.
Fixes:
http://autobuild.buildroot.net/results/bc2ae827b830d23094c8b70e5b34911d060295a3/ (host)
http://autobuild.buildroot.net/results/21257e5a87f41487c6bf4db4e15ce49f1af1ac1e/ (target)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses an intermittent 'Invalid(404)' URL status in the
package stats web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr: use an even more specific home page]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use support/scripts/genimage.sh, instead, which prevents duplicating
TARGET_DIR under ${BUILD_DIR}/genimage.tmp/root.
Use a post-build script to copy uEnv.txt to BINARIES_DIR, as made for
beaglebone.
Drop the post-image script.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use the same kernel repository and version as configs/beaglebone
- Rename kernel fragment file
- Update U-Boot to 2019.07
- Select weston and qt5wayland
- Select host-uboot-tools with FIT support, required to create the
images.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ti-sgx-um
- Bump the version that matches TI SDK 06.00.00.07 plus one pull request
that updates the EGL/GLES headers required to build qt5base.
- Rewrite the init script, following the current template and using the
pvrsrvctl command (pvrsrvinit does not exit anymore).
- Remove powervr.ini, no longer used in the TI SDK.
- Select and add a dependency on wayland, or else packages that link to
libEGL (e.g. cairo) fail to link due to a missing libwayland-server.
- Update license file name.
ti-sgx-demos
- Bump the version that matches TI SDK 06.00.00.07 plus one pull request
(matching ti-sgx-um).
ti-sgx-km
- Bump the version that matches TI SDK 06.00.00.07.
- Remove stray empty lines.
- Fix license file path.
All packages
- Use HTTP to clone Git repositories.
- Update URL in Config.in files, pointing to cgit and using HTTPS.
- Add hashes for all license files.
The buildroot package only supports the target am335x. Support for other
boards can be added by adding menu entries to select the correct target
product.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Thomas:
- add missing depends on BR2_PACKAGE_HAS_UDEV from Config.in,
inherited from ti-sgx-libgbm]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A custom ti version of libgbm for SGX graphics accelerator, required by
the binary libraries of the ti-sgx-um package.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[Thomas:
- fix LICENSE variable, as noticed by Yegor
- fix alphabetic ordering in package/Config.in
- add missing select BR2_PACKAGE_LIBDRM in Config.in, and the
corresponding dependencies
- add missing depends on BR2_PACKAGE_HAS_UDEV in Config.in
- use gbm.h as license file, instead of extracting the first 26 lines
of the header file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gnupg installs a shell script called gpg-zip, which contains a
reference to the 'tar' program. Unfortunately, the location of the tar
program is determined at build time, and is therefore incorrect on the
target. This causes runtime issues, but also potentially leaks some
host paths into the target, causing BR2_REPRODUCIBLE=y failures.
gnupg has a --with-tar option, but it doesn't work properly as the
implementation of the GNUPG_CHECK_USTAR m4 macro in m4/tar-ustar.m4 is
incomplete:
- If --with-tar is passed, AC_PATH_PROG is not called, so the TAR
variable is not defined and AC_SUBST([TAR]) is not called, so the
@TAR@ replacement in tools/gpg-zip.in is replaced by the empty
string.
- If --with-tar is passed, the check that this tar version support
the ustar format is not executed, so the HAVE_USTAR automake
conditional is never defined. There is unfortunately no way to
determine if the target tar supports ustar or not, but since even
the Busybox variant apparently does, we can probably assume all tar
versions that Buildroot can build support the ustar format.
Fixing this logic is a bit cumbersome, gnupg 1.4.x is not really
maintained anymore and fixing the logic would require an AUTORECONF =
YES.
So we just opt with a very simple solution: replace TAR=something by
TAR=/bin/tar, through a post-install target hook. We only do this if
gpg-zip is installed, since its installation is optional. Note that
the logic is still not ideal, because the installation (or not) of
gpg-zip depends on whether the system/host tar has ustar format or
not.
Fixes the gpg-zip reproducibility issue reported in:
http://autobuild.buildroot.net/results/d1c/d1c5ad34ba928edfbb5901eb936c7e4457cc9083//diffoscope-results.txt
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Remove patches (already in version)
- Add patch to fix static build with pcap by reverting an upstream
commit. This patch has been sent upstream and there is already some
comments on it. However, upstream does not seem to really care/test
static builds. So, perhaps an easier road would to add a dynamic
library dependency on wireshark instead of fixing things again and
again each time wireshark is bumped...
- Add mandatory speexdsp dependency to avoid using internal one when
building wireshark or sharkd:
186f985793
- Disable -Werror (it is now enabled by default)
- Add brotli optional dependency:
9ce60b173b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
FluidR3 is the third release of Frank Wen's pro-quality GM/GS
soundfont. The soundfont has lots of excellent samples, including all
the GM instruments along side with the GS instruments that are
recycled and reprogrammed versions of the GM presets.
This package contains Fluid General Midi (GM) soundfont in soundfont
2.0 (.sf2) format.
This soundfont can be used with a software synthesizer, like
FluidSynth.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The logic to select the proper OpenSSL target arch in libopenssl.mk is
not easy to read, so let's move it to Config.in where we have some
nice constructs for that kind of value selection.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Simple bump of the toolchain components. For nios2, the toolchain now
has SSP support as well.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- fix version it commit title
- mention SSP for nios2
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The build of raspberrypi3_qt5we_defconfig currently fails because the
filesystem image size is no longer large enough to contain everything:
the filesystem image size is 360 MB, but the total filesystem size
reported by "make graph-size" is 370 MB.
Let's increase the size to 400 MB for good measure.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/389451889
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To generate a reproducible archive from a svn repository mainly the same
aproach is done like for the archives from a git repository.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: get the date of the revision]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This adds a test case for python-avro, with a script that
performs a simple deserialization.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[yann.morin.1998@free.fr:
- backport the patch from upstream now it'sapplied
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream URL to the help text in Config.in. This
addresses the issue where an incorrect URL is displayed
on the package stats web page.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When at91bootstrap3 was bumped to 3.9.0 in commit
513899e471, an incorrect hash was set:
it was the hash of the tarball generated by the Git download logic of
Buildroot, and not the hash of the tarball auto-generated by Github,
which is the one that we really download by default.
Fixes:
ERROR: at91bootstrap3-v3.9.0.tar.gz has wrong sha256 hash:
ERROR: expected: 9960b0d18fe42feee566d4c52efa0d7c8251685bf9acfdf343f30a27951ada1e
ERROR: got : e23e6df23b79ca81e412cb73a1f48bd95df8d46c7d52a1d073c2ed9d4f3a1a71
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Reported-by: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Thomas: improved commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This sysrepo version is a complete rewrite of the older versions.
Thus several changes are made in the package to support this new version.
- several cmake config options dropped
- no systemd service scripts availble in upstream version
- no sysrepod daemon available
- drop patches that are no longer needed
- add new patch
Signed-off-by: Heiko Thiery <heiko.thiery@kontron.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump kernel, ATF and U-Boot to the versions found in the NXP BSP 4.14.98.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
boost-thread needs std::current_exception since version 1.71.0 and
386f5507cb
std::current_exception depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 as a
result, gnuradio fails to build on:
[ 12%] Building CXX object gnuradio-runtime/lib/pmt/CMakeFiles/gnuradio-pmt.dir/pmt_pool.cc.o
In file included from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/detail/exception_ptr.hpp:15:0,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception_ptr.hpp:9,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread/exceptional_ptr.hpp:10,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread/future.hpp:34,
from /home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/thread.hpp:24,
from /home/test/autobuild/run/instance-2/output-1/build/gnuradio-3.7.13.5/gnuradio-runtime/include/pmt/pmt_pool.h:27,
from /home/test/autobuild/run/instance-2/output-1/build/gnuradio-3.7.13.5/gnuradio-runtime/lib/pmt/pmt.cc:31:
/home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::string boost::current_exception_diagnostic_information(bool)':
/home/test/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:49:26: error: 'current_exception' is not a member of 'std'
else if (auto* p=std::current_exception().__cxa_exception_type())
^
So add this dependency on boost-thread, boost-log and gnuradio (the only
reverse dependencies of boost-thread that does not already depends on
!BR2_TOOLCHAIN_HAS_GCC_BUG_64735)
Finally, add this dependency on gqrx as it is a reverse dependency of
gnuradio
Fixes:
- http://autobuild.buildroot.org/results/c384205cf50929c320d90b620f2390837721d9f9
- http://autobuild.buildroot.org/results/47440354b336b943b74b72fa303b079dc962bfd0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back in the day we relied on a default value that used to be 8KiB
and it worked perfectly fine for ARC's default 8KiB page as well as
4 KiB ones, but not for 16 KiB, see [1] for more details.
So that we fixed by setting "max-page-size" if 16KiB pages are in use by
commit d024d369b8 ("arch/arc: Accommodate 16 KiB MMU pages").
But as Yann very rightfully mentioned here [2] we should be setting this
thing explicitly for all page sizes because:
1. Defaults might change unexpectedly
2. Explicitly set stuff is better understood
3. We act similarly to all settings but not only addressing some corner cases
[1] https://git.buildroot.org/buildroot/commit/?id=d024d369b82d2d3d9d4d75489c19e9488202bca0
[2] https://patchwork.ozlabs.org/patch/1212544/#2330647
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
python-lockfile is needed for runtime. Without it, importing python-daemon
results in an import error.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The lockfile package exports a LockFile class which provides a
simple API for locking files. Unlike the Windows
msvcrt.locking function, the fcntl.lockf and flock functions,
and the deprecated posixfile module, the API is identical
across both Unix (including Linux and Mac) and Windows
platforms.
The lock mechanism relies on the atomic nature of the link
(on Unix) and mkdir (on Windows) system calls. An
implementation based on SQLite is also provided, more as a
demonstration of the possibilities it provides than as
production-quality code.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PBR is a library that injects some useful and sensible default
behaviors into a setuptools run.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch from the upstream AutoGen package that allows POSIX_SHELL
to be taken from the environment, then define that to be '/bin/sh'.
Since we are cross-compiling, the original behaviour of detecting the
host shell is not useful as we cannot assume that the target uses the
same shell, and it can prevent builds being reproducible because a
different host environment will result in a different target binary.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
FCGI is abandonned (https://repo.or.cz/fcgi2.git). Replace it by a maintained
fork (https://github.com/FastCGI-Archives/fcgi2).
Patchs status:
0001-eof.patch -> fixed by commit 122e55cc354dd4a78849aed8d36c61ed9edeaeb2
0002-link-against-libfcgi-la.patch -> included in commit 2a575066bcbdadfc161d46ef816a45f6edf9d529
0004-make-autoreconfable.patch -> fixed in commits 854643b36e87cf1262da2eb82b3f10b56185131b and ad30485fa12be4415d57422702ee4f64a09b7bea
0006-fix-CVE-2012-6687.patch -> applied in commit 5c15a7bb5260bc83715090c9fd386d704c139671
Signed-off-by: Louis Rannou <louis.rannou@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If linux-pam is enabled, we want to build pam_ecryptfs.so and install
it into /lib/security/.
Signed-off-by: Yi Zheng <goodmenzy@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. Removing
the text from the beginning of the URL line addresses the 'Missing'
URL status in the package stats web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested with test-pkg, all tests passed:
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: SKIPPED
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In board/freescale/common/imx/imx8-bootloader-prepare.sh, when
invoking mkimage_fit_atf.sh, the U-Boot DTB is passed as parameter, to
be included in the FIT image. This parameter usually comes from
BR2_ROOTFS_POST_SCRIPT_ARGS config option. The variable
BL33=u-boot.bin set in the invocation uses the u-boot image which is
including its embedded DTB. This means the U-Boot DTB is included
twice.
The upstream script mkimage_fit_atf.sh plus its Buildroot patch are
meant to use by default the nodtb variant and use the DTB in a
separate image. See [1] and [2].
The U-Boot default DTB which will be included in u-boot.bin image is
selected with U-Boot CONFIG_DEFAULT_DEVICE_TREE, or DEVICE_TREE
variable when invoking "make". If one of those option is not aligned
to the BR2_ROOTFS_POST_SCRIPT_ARGS config option, it's possible the
two included U-Boot DTBs are different. If such case happens, the
built-in DTB is always used, regardless of the other one, selected
with BR2_ROOTFS_POST_SCRIPT_ARGS.
For example, this case happens for TechNexion Pico Pi i.MX8M and
i.MX8MMini. Since the U-Boot defconfig assumes the nodtb version will
be used, it does not set the default DTB. The u-boot.bin will include
the fsl-imx8mm-evk instead. Including the wrong board DTB breaks the
USB and UMS commands (and possibly others). Since those boards does
not have SD card slots, a recovery serial download is needed at every
update.
This patch make sure that only the separate U-Boot DTB will be
included in the FIT image by using the nodtb variant.
[1] https://source.codeaurora.org/external/imx/imx-mkimage/tree/iMX8M/mkimage_fit_atf.sh?h=rel_imx_4.14.98_2.0.0_ga#n35
[2] https://git.busybox.net/buildroot/tree/package/imx-mkimage/0001-add-support-for-overriding-bl32-and-bl33-not-only-bl.patch?h=2019.11#n42
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
"tio" is a simple TTY terminal application which features a
straightforward commandline interface to easily connect to
TTY devices for basic input/output.
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
[Thomas:
- license is GPL-2.0+ (noticed by Baruch)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CCTZ is a C++ library for translating between absolute
and civil times using the rules of a time zone.
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-DLINUX flag was passed to OS_CFLAGS instead of DEFINES, but OS_CFLAGS
is only used when cross-compiling, not when native building.
Add patch to fix build failure on RHEL 7 host by substituting OS_CFLAGS
with DEFINES.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The function was wrong, missing '$', and we also fix the filename,
which was prefixed at91bootstrap and not at91bootstrap3 as it should
have been.
Fixes: 8064095332 ("configs/atmel: use tarballs to fetch U-Boot and at91bootstrap")
Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the following warning from `make check-package`:
package/samba4/samba4.mk:34: line contains trailing whitespace
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since kernel commit a5a56f07c272 ("ARM: imx_v6_v7_defconfig: Select the
coda driver as module") the VPU coda driver is selected as module, so it can
be safely removed from linux_qt5.fragment.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The correct syntax that Qt5 understands for display names is
"HDMI1" and "LVDS1", so fix it accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
FluidSynth is a real-time software synthesizer based on the SoundFont
2 specifications and has reached widespread distribution. FluidSynth
itself does not have a graphical user interface, but due to its
powerful API several applications utilize it and it has even found its
way onto embedded systems and is used in some mobile apps.
http://www.fluidsynth.org/
Signed-off-by: Julien Olivain <juju@cotds.org>
Reviewed-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
4edfde1 Update raw output to show pull registers on 2711
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds an option to include the tools on target that allow
the saving and restoring of ebtables. The upstream save utility is
replaced in this commit as it depended on perl which is not always
possible on an embedded system. The commit used to replace this
script seems to note it as a common approach across a few distros.
Signed-off-by: David Owens <david.owens@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
make loops are more commonly used in Buildroot, are shorter, and have
built-in error handling.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This variable is never defined, so it is empty. Using it makes the
code needlessly more complicated than it needs to be, so let's drop
it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ARC processors are known for its configurability and one of those
configurable things is MMU page size which might be set to any
power of two from 4 KiB to 16 MiB, though in the Linux kernel we
only support 4, 8 and 16 KiB due to practical considerations.
And the most used setting is 8 KiB thus GNU LD assumes maximum
page size is 8 KiB by default and while this works for smaller
pages (it's OK to align segments by larger value it will be still
peoperly aligned) this breaks execution of user-space apps on HW
with larger pages because Elf sections might very well span across
allocated pages and thus make executable broken.
Simplest example:
------------------------------------>8-----------------------------------
$ arc-linux-gcc test.c
$ arc-linux-readelf --segments a.out
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
...
LOAD 0x000000 0x00010000 0x00010000 0x003e8 0x003e8 R E 0x2000 <-- See
LOAD 0x001f24 0x00013f24 0x00013f24 0x000f0 0x0010c RW 0x2000
------------------------------------>8-----------------------------------
Fortunately we may override default page size settings with "max-page-size"
linker option this way:
------------------------------------>8-----------------------------------
$ arc-linux-gcc test.c -Wl,-z,max-page-size=16384
$ arc-linux-readelf --segments a.out
Elf file type is EXEC (Executable file)
Entry point 0x102c4
There are 8 program headers, starting at offset 52
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
...
LOAD 0x000000 0x00010000 0x00010000 0x003e8 0x003e8 R E 0x4000 <-- See
LOAD 0x001f24 0x00015f24 0x00015f24 0x000f0 0x0010c RW 0x4000
------------------------------------>8-----------------------------------
Which we implement with that change.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
[yann.morin.1998@free.fr: fix comment: s/8196/8192/]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
ARC processors have configurable size of MMU page. This configuration
happens during ASIC design and couldn't be changed in final silicone
not to mention runtime changes.
Given PAGE_SIZE macro is used a lot throughout the Linux kernel sources
we just hardcode a required value during the kernel configuration.
We used to support different MMU page sizes for ARC in Buildroot for
quite some time now but so far we only tweaked uClibc on the matter.
That left us with the kernel configured with whatever was in used defconfig.
In most of real cases that's OK because typically we're building firmware
for a particular ASIC which is supposed to have a unique kernel defconfig.
But if we're dealing with FPGA-based boards or even simlators like
Synopsys DesignWare nSIM or QEMU it's possible to have dfferent MMU page
size configured in that target mostly for the sake of testing.
And so we're trying to solve 2 problems here:
1. Make sure both user-space (via libc settings) and the Linux kernel
are "on the same page", i.e. expect to use the same MMU page size.
2. Simplify process of testing different page sizes.
As now we first need to set page size in Buildroot and then in the
kernel via "make linux-configure" or via Kconfig fragment.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
[yann.morin.1998@free.fr: simplify the conditions]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream provides an md5 of the tarball, so we add it (even though
that's a weak hash).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: add the md5 from upstream]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop first patch (not needed anymore) and all jimtcl related
workarounds as embedded jimtcl has been removed
- Parallel build issue has been fixed
- Update hash of COPYING as this file has been updated to reflect that
dispatcher.c is under BSD-2-Clause
Full ChangeLog: http://www.draisberghof.de/usb_modeswitch/ChangeLog
Upstream provides an md5 of the tarball, so we add it (even though
that's a weak hash).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- meld with the license fix patch
- simplify license list
- add md5 from upstream
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This version is aligned with i.MX NXP BSP components version
rel_imx_4.14.98_2.0.0_ga
This patch also add the hash file.
Signed-off-by: Julien Olivain <juju@cotds.org>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add sha245 hashes for the source taball and the license file.
Note: the upstream subversion tree for open2300 is off-line (and the
package is no longer maintained), so the tarball is retrieved from
sources.buildroot.org, which makes it a stable (reproducible) tarball,
when our svn backend is in fact not stable.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- add the comment in the .hash file
- update the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 1a49188a69 (package/libnfc: add sub-options to enable
individual drivers), the dependency on threads was moved down to
the individual drivers that need it, and libnfc as a whole lost
that dependency.
However, the global comment was not removed. Do so now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After the firmware-imx bump to version 8.1.1 the following
error is observed when building freescale_imx8qxpmek_defconfig:
>> firmware-imx 8.1.1 Installing to images directory
cp /home/fabio/buildroot/output/build/firmware-imx-8.1.1/firmware/seco/ahab-container.img
/home/fabio/buildroot/output/images/ahab-container.img
cp: cannot stat
'/home/fabio/buildroot/output/build/firmware-imx-8.1.1/firmware/seco/ahab-container.img':
No such file or directory
In the firmware-imx-8.1.1 (and newer) the i.MX8QXP container image was
renamed to mx8qx-ahab-container.img, so fix it accordingly.
Fixes: 3ec818769d ("package/freescale-imx/firmware-imx: bump version to 8.1.1")
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For musl toolchain timezone.c needs time.h include.
Fixes:
http://autobuild.buildroot.net/results/77346a2cdb9eeef661527fb9566019f3cd1b82c9
In file included from util.c:28:
timezone.c: In function 'mktime':
timezone.c:644:18: error: dereferencing pointer to incomplete type 'struct tm'
save_isdst = tm->tm_isdst;
timezone.c:661:11: warning: implicit declaration of function 'localtime'; did you mean 'dostime'? [-Wimplicit-function-declaration]
ltm = localtime(&then);
timezone.c:661:9: warning: assignment to 'struct tm *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
ltm = localtime(&then);
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The organization of dropbear.mk was no longer very clear: for some
post-extract blocks, the block was separated from the place where it was
enabled, but for others they were grouped.
Regroup all blocks with their call site and inside the condition, if
present.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Selects jimtcl instead of using the bundled one and drop first patch as
it is not needed anymore
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
[yann.morin.1998@free.fr: fix leading spaces in Config.in]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For some obscure reason, the order in which the libdrm/libgbm libraries
are loaded matters.
Without this fix, the first call to check_modesetting() will work and
load then unload all symbols properly, but the second call to this
function will lock up as soon as dlopen() is called on libdrm.
Swapping the order in which the libdrm and libgbm libraries are loaded
is enough to fix (or work around?) this issue.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[yann.morin.1998@free.fr: add upstream commit URL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
KF5_KCOREADDONS_CONF_OPTS is set both outside and inside the
conditional block, so the value set outside would be lost if
the condition were to be true.
Use append-assignement in this case, as reported by check-package.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The videotestsrc Gstreamer plugin is very useful for testing.
Enable it by default.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerability:
- CVE-2019-19844: Potential account hijack via password reset form
By submitting a suitably crafted email address making use of Unicode
characters, that compared equal to an existing user email when lower-cased
for comparison, an attacker could be sent a password reset token for the
matched account
In addition, a number of bugs have been fixed. For details, see the release
notes:
https://docs.djangoproject.com/en/dev/releases/3.0.1/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the sysv-rcs script has two issues:
- The return code of each RCS script is not checked.
- The output does not match the formatting of the other openrc
init scripts.
Modify the script in the following ways to fix both issues:
- Remove the "einfo "Starting sysv rc scripts"" at the top of the
start function in favor of "einfo "Starting $i" in the loop
itself.
- Add a "> /dev/null" to the end of $i start; this suppresses
stdout while still allowing for stderr messages to print to the
terminal.
- add an "eend $? to both the start and stop functions, this
allows for openrc to show if an RCS script returned 0 or
not.
The following is the startup output of OpenRC on a minimal system
with S01syslogd modified to exit with a return code 1 for testing
purposes:
Before:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting sysv rc scripts
Starting syslogd: OK
Starting klogd: OK
Running sysctl: OK
After:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting /etc/init.d/S01syslogd ...
[ !! ]
* Starting /etc/init.d/S02klogd ...
[ ok ]
* Starting /etc/init.d/S02sysctl ...
[ ok ]
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds a patch from upstream chromium[1] that allows passing
-I instead of -isystem to CFLAGS.
Fixes:
In file included from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/bits/stl_algo.h:59:0,
from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/algorithm:62,
from /usr/include/qt5/QtCore/qglobal.h:85,
from /usr/include/qt5/QtCore/qalgorithms.h:37,
from /usr/include/qt5/QtCore/qlist.h:37,
from /usr/include/qt5/QtCore/qstringlist.h:34,
from /usr/include/qt5/QtCore/QStringList:1,
from base/http/requestparser.cpp:32:
/usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/cstdlib:75:25: fatal error: stdlib.h: No such file or directory
#include_next <stdlib.h>
[1] a8c8396fd2
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[Thomas: improved commit log with comments from Giulio.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Import "0001-image-vfat-Add-label-option-to-set-volume-name.patch" from
the upstream repository. The changes made to the README.rst file had to
be removed from the patch so that the package can be compiled in
buildroot. The patch has been accepted upstream, but no releases have
been made yet which includes the feature.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/openrc has the file sysv-rcs which starts sysvinit services
not written for openrc. However, currently it is not installed to
the target.
Install this file to $(TARGET_DIR)/etc/init.d during the
target_install step.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[yann.morin.1998@free.fr: use full-path for destination, not just dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no posix.wrappers anymore, but cobalt and modechk. Those only
play a role when building in combination with wrap-link.sh.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
That's a testsuite tool.
Rename XENOMAI_REMOVE_SKIN_LIST at this chance as it's cleaning
libraries, not only skins. Ditto, rename the hook accordingly.
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
[yann.morin.1998@free.fr: also rename the hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_PACKAGE_GLIBC_UTILS config must not exist if we use other libc than glibc
Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switched to latest version on GitHub as linuxco.de is no longer
active. The appropriate entry for tcping on release-monitoring.org
has been updated and a new mapping has been added for the Buildroot
project.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Switch to github to get latest version
- Drop patches (already in version)
- Fix CVE-2018-19840: The function WavpackPackInit in pack_utils.c in
libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
denial-of-service (resource exhaustion caused by an infinite loop) via
a crafted wav audio file because WavpackSetConfiguration64 mishandles
a sample rate of zero.
- Fix CVE-2018-19841: The function WavpackVerifySingleBlock in
open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers
to cause a denial-of-service (out-of-bounds read and application
crash) via a crafted WavPack Lossless Audio file, as demonstrated by
wvunpack.
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Microblaze ld emits warnings like:
'
FDE encoding in
CMakeFiles/KF5CoreAddons.dir/KF5CoreAddons_autogen/mocs_compilation.cpp.o(.eh_frame)
prevents .eh_frame_hdr table being created
'
Since '-Wl,--fatal-warnings' is passed by default, build fails, so don't
treat warnings as errors by appending "-Wl,--no-fatal-warnings" to
CMAKE_SHARED_LINKER_FLAGS that is previously defined in package
dependency kf5-extra-cmake-modules.
Fixes:
http://autobuild.buildroot.net/results/f19/f198c86930535c50393e17fc7a70fb4f27b096ee/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The polkit daemon requires a polkitd user with permission to access the
following directories:
- /etc/polkit-1
- /usr/share/polkit-1
The /usr/bin/pkexec file must be owned by owned by root with the
permissions 4755 or else the error "pkexec must be setuid root" is
thrown when it's ran.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr:
- use the git tree instead of the 8-year old freshmeat webpage
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr: use offical (de) homepage]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
License files were updated since the previous version.
This patch update to the new license hashes. It also fixes the
"make legal-info" command failure due to the hash mismatch.
Fixes:
- http://autobuild.buildroot.org/results/d9d/d9d82dd6727b82a643cbb75ca33b88a4636bd5fe
Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr: add autobuilder reference]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cthe test-case for python-gitdb2 consists solely in verifying that the
module can indeed be imported.
However, flake8 errors out on unused imports. Furthermore, it also
errors about wildcard imports, as it can detect unused symbols.
Squelch those errors.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This allows the user to enable/disable manually the unit.
It is enabled by default
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split logn lines
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
upstream-provided service has no WantedBy, which means that rauc won't
be enabled by default
Add a WantedBy instead of manually creating the symlink so the user can
enable/disable the unit properly
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of using a manual symlink we use add a DefaultInstance= to the
config file
This is how upstream wants us to do it and allows systemctl preset to
correctly restore it if needed
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All services were installed but not enabled.
This change enables the non-templated service but disables the
templated ones.
Enabling the templates creates weird links which are probably an
upstream bug.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NM has three services
* NetworkManger.service : the main daemon
* NetworkManger-dispatcher.service : a daemon handling network callbacks
* NetworkManager-wait-online.service : sync of other services with network-online
Only the first two were activated. We now also enable
wait-online. Not enabling it was probably a bug.
Note that buildroot adds an alias dbus-org.freedesktop.NetworkManager
Adding an alias that is not known upstream is not clean,
but I left it for backward compatibility
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
linuxptp has two services
* linuxptp.service : the actual daemon
* linuxptp-system-clock.service : sync the linux clock to the phc clock
The first was enabled, the second was not, we now enable both
The second has an incorrect (though harmless) WantedBy : there is an
explicit Wants= in linuxptp.service
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
connman has two services
* connman.service which is the real daemon
* connman-wait-online.service which is a sync point for network-online.target
Only the first one was enabled. This adaptation enables both.
Not enabling connman-wait-online.service is probably a bug
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All these packages have an upstream-provided service, but buildroot
enabled manually the services in exactly the same way as the [Install]
section.
This is not needed anymore
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All the packages in this list have the following properties
* units are provided by buildroot in the package directory
* the SYSTEMD_INSTALL_INIT_HOOK is exactly equivalent to what the
[Install] section of the unit does
The fix removes the soflinking in the .mk file
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Handling of tty is a bit tricky, we need to aggressively disable what
systemd does with tty1 then update for what buildroot wants to do
Rework the whole tty generation to work with presets
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- fold long lines
- drop spurious empty lines removals
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
since v234 upstream recommands using systemctl preset-all to enable units.
* add a buildroot specific preset file
* use that file to disable getty@tty1
* make systemd depend on host-systemd
* remove all link-creating code that systemd does for us.
Most packages will not be affected by this change, but a few packages
were installing units without manually enabling them. Those packages
will now be automatically enabled.
The fact that those packages were not enabled is almost certainly a bug,
but it is a change of behaviour that needs to be reported
host-systemd also builds udevadm for the host. That means we no longer
need to depend on host-eudev to provide udevadm (that would conflict).
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- also remove the hwdb sources on fs generation
- fix check-package errors
- few typoes and reformatting in commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The relative paths currently used to install the systemd units causes an
incorrect installation, where units are installed in (notice the double
usr in the paths):
target/usr/usr/lib/systemd/system/sysrepod.service
staging/usr/usr/lib/systemd/system/sysrepod.service
Fix that by using an absolute path.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split into its own commit
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add the infrastructure to build the host version of systemd
* disable all optional features, they can be re-added when needed
* systemd has creative way of dealing with cross compile
we build a "normal" host systemd, but install it in $HOST_DIR
we use systemctl --root to correctly act on TARGET_DIR
* we need to adjust RPATH using patchelf because meson can't do it
correctly by itsel
The first question is: why do we use --prefix=/usr ?
systemd will store its --prefix in all the executables it generates. As
such, systemctl will have a hardcoded 'prefix', where it will manipulate
and create files/symlinks in. When called natively, this is nice and
shinny.
However, for cross-setup, that does not work obviously.
So, systemd has its tools know about the 'root' directory where this
prefix should be related to. We can call systemctl --root=$(TARGET_DIR)
and systemctl wil do the links and such in there.
However, it does so by appending its known prefix to it.
So, if we were to configure host-systemd as we usually do, with
--prefix=$(HOST_DIR), then when we would call host systemctl --root=$(TARGET_DIR)
it would look for files in $(TARGET_DIR)/$(HOST_DIR), which is wrong.
Calling the host systemctl without --root is also wrong, as it would look for
files in $(HOST_DIR)
So, there is no satisfying official support for this case.
The trick then, is to configure systemd with the prefix it would expect
at runtime (on the target!), that is with /usr, but install out-of-tree.
That was it for the first part of the question: why do we use --prefix.
Now, the second question is: why do we need to muck up with the rpath
after installation?
Well, this boils down to meson (and not systemd itself). When it
installs executables, meson will handily insert whatever rpath the
package meson.build would tell it to use. systemd installs libs in
$(prefix)/lib/systemd and has a NEEDED to those libs, so it uses an
RPATH to find those libs, and meson does inject that RPATH into the
installed executables.
However, we Buildroot also want to insert our own RPATH, because systemd
uses util-linux' libs and libcap, installed in $(HOST_DIR), so it needs
our RPATH.
However, meson can not extend the RPATH from the LDFLAGS in the
environment; meson can only set the RPATH from what it knows about from
the package's meson.build.
That, in addition to the --prefix=/usr issue above, means that the
executables installed by host-systemd have an RPATH set to
/usr/lib/systemd. when we would want it to be set to
$(HOST_DIR)/lib:$(HOST_DIR)/lib/systemd
That's what is done in the post-install hook: set the RPATH to the
appropriate values.
Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- reformatting in commit log
- declare host variant after target variant
- simplify comments
- slight reordering of variable (HOST_SYSTEMD_NINJA_ENV moved)
- reformatting for mutli-line variable (HOST_SYSTEMD_HOST_TOOLS)
- don't split HOST_SYSTEMD_CONF_OPTS in two sets
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For now, the extractor dependencies were only calculated for
<pkg>_SOURCE, so if the package manually downloads another file using
<pkg>_EXTRA_DOWNLOADS and then extracts it with $(call
suitable-extractor), we are missing the corresponding dependency on
the appropriate extracting tool.
Since the vast majority of <pkg>_EXTRA_DOWNLOADS are compressed files
that will be uncompressed at build time, it makes sense to derive the
corresponding extractor dependencies directly in the common package
infrastructure, rather than having each and every package using
<pkg>_EXTRA_DOWNLOADS making this effort.
On a system without xzcat, before this patch:
$ make printvars VARS=HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES
HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES=host-tar
After this patch:
$ make printvars VARS=HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES
HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES=host-tar host-xz
This commit most notably fixes the build of host-gettext-tiny on
systems without xzcat, and with per-package support enabled. Indeed,
the main _SOURCE for gettext-tiny is a .gz file, but it has a .xz file
in its _EXTRA_DOWNLOADS, which is then extracted. Except that xzcat
being missing from the dependencies, it is not built.
Fixes:
http://autobuild.buildroot.net/results/83c6d47c06334bef27791a59bdd491b1de124c49/
Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of manually calculating the EXTRACT_DEPENDENCIES value based
on the archive extension, let's use the newly introduced
extractor-pkg-dependency macro.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we have the EXTRACTOR_PKG_DEPENDENCY.* variables available,
we can use them to implement extractor-system-dependency: if for a
given archive type, the corresponding EXTRACTOR_PKG_DEPENDENCY.<type>
variable is empty, then it means we need the corresponding extractor
tool to be provided by the system.
Following this, EXTRACTOR_DEPENDENCY_PRECHECKED_EXTENSIONS is no
longer used, so we can drop it from support/dependencies/.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To extract some archive types, if the extracting tool is not available
on the system where Buildroot runs on, we build it using a Buildroot
host package.
Such dependencies are currently explicitly handled by the
inner-generic-package macro, but in fact we also need to handle them
in all places where the "suitable-extractor" macro is invoked, and
some packages invoke it directly. Otherwise, such packages may be
missing a dependency to the appropriate host Buildroot package
building the extracting tool they need. An example is gettext-tiny,
whose source code is a gzip-compressed tarball, but in addition
manually extracts a xz-compressed tarball.
This extractor-pkg-dependency macro will be used in follow-up commits
to ensure all the packages that use suitable-extractor properly add
the correct dependencies.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
GitDB allows you to access bare git repositories for reading and
writing. It aims at allowing full access to loose objects as well as
packs with performance and scalability in mind. It operates
exclusively on streams, allowing to handle large objects with a small
memory footprint.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Thomas: fix license]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a simple test case that imports the module and instantiates a new
SlidingWindowMapManager class.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Smmap wraps an interface around mmap and tracks the mapped files as
well as the amount of clients who use it. If the system runs out of
resources, or if a memory limit is reached, it will automatically
unload unused maps to allow continued operation.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The extractor-dependency macro returns which system-provided tools are
needed to be able to extract the archive passed as argument. The
result of this macro is added to DL_TOOLS_DEPENDENCIES so that the
logic in support/dependencies/ verifies that the necessary tools are
provided by the system.
However, we are going to add another macro, extractor-pkg-dependency,
which says which Buildroot packages are needed to extract the archive
passed as argument. Indeed, for those archive types, if the extractor
is not provided system-wide, we build it as a host Buildroot package.
To clarify the distinction between the upcoming
extractor-pkg-dependency and existing extractor-dependency, we rename
the latter to extractor-system-dependency.
We take this opportunity to extend the documentation of this macro.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This version is aligned with i.MX NXP BSP components version
rel_imx_4.14.98_2.0.0_ga
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.
This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.
This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build with lua 5.1 has been fixed since version 1.6.1 and
611f81a90d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: keep a select BR2_PACKAGE_LUAJIT, but make it "if
!BR2_PACKAGE_LUA_5_1"]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PipeWire is a server and user space API to deal with multimedia
pipelines.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- further bump to 0.2.7
- select BR2_PACKAGE_DBUS instead of depending on it]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch site from debian to github official mirror
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following CVE:
- CVE-2019-1351: Windows provides the ability to substitute
drive letters with arbitrary letters, including multi-byte
Unicode letters. To fix any potential issues arising from
interpreting such paths as relative paths, we have extended
detection of DOS drive prefixes to accomodate for such cases.
- CVE-2019-1352: by using NTFS-style alternative file streams for
the ".git" directory, it is possible to overwrite parts of the
repository. While this has been fixed in the past for Windows,
the same vulnerability may also exist on other systems that
write to NTFS filesystems. We now reject any paths starting
with ".git:" on all systems.
- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
possible to write to the ".git" directory and thus overwrite
parts of the repository, leading to possible remote code
execution. While this problem was already fixed in the past for
Windows, other systems accessing NTFS filesystems are
vulnerable to this issue too. We now enable NTFS protecions by
default on all systems to fix this attack vector.
- CVE-2019-1354: on Windows, backslashes are not a valid part of
a filename but are instead interpreted as directory separators.
As other platforms allowed to use such paths, it was possible
to write such invalid entries into a Git repository and was
thus an attack vector to write into the ".git" dierctory. We
now reject any entries starting with ".git" on all systems.
libgit2 is not affected by these git CVE:
- CVE-2019-1348: the fast-import stream command "feature
export-marks=path" allows writing to arbitrary file paths.
- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
alternate filesystreams, it is possible to cause submodules to
be written into pre-existing directories during a recursive
clone using git.
- CVE-2019-1350: recursive clones may lead to arbitrary remote
code executing due to improper quoting of command line
arguments.
- CVE-2019-1387: it is possible to let a submodule's git
directory point into a sibling's submodule directory, which may
result in overwriting parts of the Git repository and thus lead
to arbitrary command execution. As libgit2 doesn't provide any
way to do submodule clones natively, it is not susceptible to
this vulnerability. Users of libgit2 that have implemented
recursive submodule clones manually are encouraged to review
their implementation for this vulnerability.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Support for OpenSSL was added in version 0.1.15:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html
With the option of using OpenSSL as a crypto provider, we can't keep
GnuTLS as the default, because using:
select BR2_PACKAGE_GNUTLS if !BR2_PACKAGE_OPENSSL
causes a Kconfig circular dependency:
package/openssl/Config.in:4:error: recursive dependency detected!
package/openssl/Config.in:4: symbol BR2_PACKAGE_OPENSSL is selected by BR2_PACKAGE_GNUTLS
package/gnutls/Config.in:1: symbol BR2_PACKAGE_GNUTLS is selected by BR2_PACKAGE_OPENSSL
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: pass --with-crypto-library argument]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- drop patch 0001-pool-Fix-alignment-assertion.patch, which is in
upstream commit aade9b70aabd8a97dd8a28cda2cf4d0694dd7350, available
since version 2.6.0
- further bump to 2.6.4]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Import "0001-Fix-musl-compilation-by-adding-TEMP_FAILURE_RETRY.patch"
from the upstream repository, which allows building against the musl
libc (or any other which does not define the TEMP_FAILURE_RETRY macro).
The patch has been accepted upstream, but no releases have been made yet
which include the fix.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).
The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solution (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: select libseccomp]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Select BR2_PACKAGE_LIBSECCOMP when the sandboxing support is enabled
during configuration.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patch (already in version)
- Update hash of license file (copyrights retained since version 4.0 and
e4b469724e)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: disable man pages build]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop dbus dependency as it is not needed since version 2.2.0 and
c1d42c9ebe
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explicitly disable doxygen, plymouth, initramfstools and mkinitcpio support
as it is not needed / available in Buildroot.
Also use the new --disable-defaultflags option to ensure our compiler flags
are used rather than trying to disable -fstackprotector-all, similar to how
it is done in tpm2-tss.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop patch (already in version)
- Update hash of license file (SPDX ID has been removed with
0dbc84ee45)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Until now, the arygon and pn53x_usb were unconditionally enabled, and
there were no options to choose other drivers. Therefore, we had
sub-options for each individual driver, keeping arygon and pn53x_usb
enabled by default to preserve backward compatibility.
Also, due to this, the BR2_TOOLCHAIN_HAS_THREADS dependency on the
libnfc package is no longer needed, and is only needed for some of the
sub-options.
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
[Thomas:
- drop the default ""
- remove the top-level HAS_THREADS dependency, and move it down to
the sub-options that need it
- improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerability:
- CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes a number of regressions in 1.3-20190808:
- Menu shadows are not longer (erroneously) drawn with --no-shadow
- Spaces in menu fields are now correctly handled on uClibc-ng
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
polkit depends on spidermonkey since bump to version 0.116 in commit
ce2a5eff78 however build fails with gcc 5:
/home/naourr/work/instance-0/output-1/host/opt/ext-toolchain/mips-linux-gnu/include/c++/5.3.0/bits/c++0x_warning.h:32:2: error: #error This file requires compiler and library support for the ISO C++ 2011 standard. This support is currently experimental, and must be enabled with the -std=c++11 or -std=gnu++11 compiler options.
#error This file requires compiler and library support for the \
^
polkitbackendjsauthority.cpp:223:13: warning: G_ADD_PRIVATE
PolkitBackendJsAuthorityPrivate);
^
In file included from /home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/js/RequiredDefines.h:32:0,
from <command-line>:0:
/home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/mozilla/Char16.h:136:15: error: 'char16_t' does not name a type
typedef const char16_t* char16ptr_t;
^
Fixes:
- http://autobuild.buildroot.org/results/a7ea21a8e10f32239ee28f58331899912f232ca2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 57f85e52a7 ("package/gpsd:
unconditionally enable NTP time hinting support"), the option
BR2_PACKAGE_GPSD_NTP_SHM was removed, because NTP time hinting support
is now enabled unconditionally.
However, in one place, a select of this option was kept, which is
obviously no longer needed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There is no option BR2_PACKAGE_OPENPOWERLINK_PCAP_DAEMON, and we never
had any option named like this, so it seems like a leftover from
previous iterations of the openpowerlink patch series. Since the
option does not exist, the select doesn't do anything, and we can
simply drop it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since openssl was converted to a virtual package,
BR2_PACKAGE_OPENSSL_BIN no longer exists: it was renamed to
BR2_PACKAGE_LIBOPENSSL_BIN, but easy-rsa was not changed accordingly.
easy-rsa needs to take into account the two providers of openssl, and
select the appropriate suboptions depending on which openssl
implementation was chosen.
Ideally, we would probably need a more elaborate option that ensures
easy-rsa doesn't have to know the details of which openssl
implementation is selected, but practically speaking with just two
providers of openssl at the moment, the proposed solution is good
enough.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The eventlog package was removed as part of commit
5e0b1f9c23 ("package/eventlog: remove
package"). It used to be a separate package, but it is now part of
syslog-ng itself, which is why the eventlog package was removed.
But commit 5e0b1f9c23 forgot to drop the
select BR2_PACKAGE_EVENTLOG, so let's fix this.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_WEBRTC does not exist, and we already select
BR2_PACKAGE_WEBRTC_AUDIO_PROCESSING, which is the package really
needed by the webrtcdsp plugin.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit dd90d40b52 (package/python-pylibftdi: bump version to 0.18.1)
bumped the version of the package but failed to take into account the change
of copyright year in the license file:
-Copyright (c) 2010-2018 Ben Bass
+Copyright (c) 2010-2019 Ben Bass
Adjust the license file to match the new content.
Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
[Peter: extend commit message, add SOB]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_PYASN does not exist, it is BR2_PACKAGE_PYTHON_PYASN that
should be selected.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The option BR2_PACKAGE_XLIB_LIBXP does not exist, but is select by
efl/Config.in since the package was introduced. Since all xlib_*
dependency in the .mk file each have a corresponding select in the
Config.in file, we simply drop this bogus dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).
The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solutions (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).
Patch "0002-GTK-WPE-Do-not-run-the-Bubblewrap-executable-when-co.patch"
is imported from upstream, as it is needed to avoid trying to run
the "bwrap" command from the target during cross-compilation.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
xdg-dbus-proxy is a filtering proxy for D-Bus connections, which can
be used to limit access to a set of services. Typically it is used in
combination with containers to provide them with access to certain
services running outside the container.
https://github.com/flatpak/xdg-dbus-proxy
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: license is LGPL-2.1+]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When Tremor is enabled, configure SDL_mixer to use this Vorbis decoding
library instead of libvorbis. Since Tremor does fixed-point math, it is
safe to assume that if it's enabled then it is faster than libvorbis on
the target architecture.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This reverts commit 6f35d96756.
Repeat after me: on the master branch you will not work. On the master
branch you will not work.
This definitely shouldn't have been pushed. Sorry about that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch improves the DTB handling, using a parameter
in more recent versions of the bootwrapper.
Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Running "git fetch origin ${cset}:${cset}" to create a local ref
${cset} from the remote ref ${cset} causes Git to issue a warning like
the below, when the version is a full commit hash:
===
warning: refname '49eb4ecb1ef9879ebc6789a1bdb536ab2b1d9871' is ambiguous.
Git normally never creates a ref that ends with 40 hex characters
because it will be ignored when you just specify 40-hex. These refs
may be created by mistake. For example,
git switch -c $br $(git rev-parse ...)
where "$br" is somehow empty and a 40-hex ref is created. Please
examine these refs and maybe delete them. Turn this message off by
running "git config advice.objectNameWarning false"
===
This warning is very confusing for users, and is caused by the fact
that Git doesn't like our local ref name to look like a commit hash.
So, this commit proposes to fix the issue by having the local ref
named buildroot-${cset}, i.e
buildroot-${version-specified-by-the-package}.
The generated tarballs are exactly identical, nothing changes, it is
really just internally the local ref we are using to checkout the
correct version that is different. And it avoids the confusing
warning.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
--without-pam was wrongly put back when next was merged into master for
2019.02 in commit 13c43455a0 (Merge branch 'next')
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: mention next merge]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit c4e6d5c8be ("core: implement
per-package SDK and target") had a mistake on the regexp that is used
to match $(PER_PACKAGE_DIR)/<something>/, and due to this, the regexp
was never matched.
The + sign in [^/]+ which was suggested by Yann E. Morin during the
review of the per-package patch series (instead of [^/]*) needs to be
escaped to be taken into account correctly. Without this, the regexp
doesn't match, and the replacement is not done, causing:
(1) For the libtool fixup in pkg-generic.mk, the lack of replacement
causes libtool .la files to not be tweaked as expected, which it
turn causes build failures reported by the autobuilder.
(2) For the fix-rpath, the RPATH of host binaries in the SDK were not
correct.
Interestingly, we have the same regexp in
support/scripts/check-host-rpath, but here the + sign does not need to
be escaped.
Fixes:
http://autobuild.buildroot.net/results/d4d996f3923699e266afd40cc7180de0f7257d99/ (libsvg-cairo)
http://autobuild.buildroot.net/results/56330f86872f67a2ce328e09b4c7b12aa835a432/ (bind)
http://autobuild.buildroot.net/results/9e0fc42d2c9f856b92954b08019b83ce668ef289/ (ibrcommon)
and probably a number of other similar issues
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
* CVE-2019-1348:
The --export-marks option of git fast-import is exposed also via
the in-stream command feature export-marks=... and it allows
overwriting arbitrary paths.
* CVE-2019-1349:
When submodules are cloned recursively, under certain circumstances
Git could be fooled into using the same Git directory twice. We now
require the directory to be empty.
* CVE-2019-1350:
Incorrect quoting of command-line arguments allowed remote code
execution during a recursive clone in conjunction with SSH URLs.
* CVE-2019-1351:
While the only permitted drive letters for physical drives on
Windows are letters of the US-English alphabet, this restriction
does not apply to virtual drives assigned via subst <letter>:
<path>. Git mistook such paths for relative paths, allowing writing
outside of the worktree while cloning.
* CVE-2019-1352:
Git was unaware of NTFS Alternate Data Streams, allowing files
inside the .git/ directory to be overwritten during a clone.
* CVE-2019-1353:
When running Git in the Windows Subsystem for Linux (also known as
"WSL") while accessing a working directory on a regular Windows
drive, none of the NTFS protections were active.
* CVE-2019-1354:
Filenames on Linux/Unix can contain backslashes. On Windows,
backslashes are directory separators. Git did not use to refuse to
write out tracked files with such filenames.
* CVE-2019-1387:
Recursive clones are currently affected by a vulnerability that is
caused by too-lax validation of submodule names, allowing very
targeted attacks via remote code execution in recursive clones.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add support for playing back tracker modules using libmodplug.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For A64 frequency stability.
git shortlog --invert-grep --grep=travis --no-merges
a5e38ca3f05f0f74fdd5e85a711c964383ad23df..
Vasily Khoruzhick (1):
Set GPU clock to 432MHz on A64
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This remove the file boot.cmd to use an extlinux.conf instead.
Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With the change to pkg-python to use TARGET_CONFIGURE_OPTS in
PKG_PYTHON_SETUPTOOLS_ENV in commit 1745fcde74, the
LIRC_TOOLS_MAKE_ENV is incorrect as it sets the SETUPTOOLS_ENV using
double quotes. This causes issues because the
PKG_PYTHON_SETUPTOOLS_ENV contain double quotes as well. This causes a
build error such as:
/bin/sh: -I/home/naourr/work/instance-0/output-1/host/include
CXXFLAGS_FOR_BUILD=-O2: No such file or directory
Fix this by using single quotes with PKG_PYTHON_SETUPTOOLS_ENV instead
of double quotes.
Fixes:
http://autobuild.buildroot.net/results/f7a9c02add9bde563c7289f7c0be2cb7aefd96b8
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add support for:
* mbedTLS as SSL choice
* zstd as compression option
* libgpiod to support microcontroller firmware update
* efibootmgr to support EFI Boot Guard
* libwebsockets and liburiparser to support SWU forwarder
Also:
* drop upstream patches
* drop CONFIG_GUNZIP. Setting it because Buxybox provides a binary named gunzip is wrong.
CONFIG_GUNZIP should only be set if zlib is provided, which Buxybox'
gunzip does not.
Regenerated the .config file by doing:
```
make swupdate-menuconfig
make swupdate-update-config
```
.. and removing the paths for the build options manually.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch update the imx-mkimage package to version
rel_imx_4.14.98_2.0.0_ga.
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Shairport Sync added support for the MQTT protocol in version 3.2. For
full MQTT support Avahi and DBus support are required.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Already in version 3.1, shairport-sync added audio DSP convolution support. This
optional feature requires the sndfile library.
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We've been using libyang, sysrepo, libnetconf2 and the Netopeer2 suite
of software for more than two years, so let's make this official.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libnetconf2 library is a dependency of Netopeer2. Sysrepo does not
have a NETCONF server or a NETCONF client, so it does not use this
library.
Signed-off-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Acked-by: Heiko Thiery <heiko.thiery@kontron.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
wchar is used in src/tinyformat.h and is a reverse dependency of boost
Fixes:
- No autobuilder failure (as package can't be enabled yet)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
bitcoin can never be enabled because BR2_PACKAGE_BITCOIN_ARCH_SUPPORTS
is never set as it has no default value
Fixes:
- No autobuilder failure
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Obviously, bitcoin depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735, not on
BR2_TOOLCHAIN_HAS_GCC_BUG_64735
Fixes:
- No autobuilder failure
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch was missing the following section:
@@ -1,4 +1,4 @@
-project('glib', 'c', 'cpp',
+project('glib', 'c',
version : '2.62.3',
# NOTE: We keep this pinned at 0.49 because that's what Debian 10 ships
meson_version : '>= 0.49.2',
As such, the package still depended on g++.
Update the patch to add the above section.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch which has been merged upstream which allows apitrace to be
compiled under uClibc and musl.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It allows you to add the u-boot.itb to the list of U-Boot images that
can be created. Like the others, this one is also copied to the image
folder.
Signed-off-by: Dario Binacchi <dariobin@libero.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Kernel, U-Boot and ATF to NXP BSP version rel_imx_4.14.98_2.0.0_ga
Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The pi3-minuart-bt Device Tree overlay has been renamed to
miniuart-bt, as it is useful/usable for other platforms than the
RPi3. So we use this DT overlay and rename the
--add-pi3-miniuart-bt-overlay option to --add-miniuart-bt-overlay
accordingly.
Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Update hash for README due to added licence directory tools/chromiumos.
- Add hash for tools/chromiumos/LICENSE
- Added BSD-3-Clause (tools/chromiumos) in systemd.mk due to the new
tools/chromiumos directory.
- Added tools/chromiumos/LICENSE to SYSTEMD_LICENSE_FILES in systemd.mk
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If a inittab file was already provided in the skeleton, don't overwrite
it with the one that comes with the busybox package.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump to upstream version 9.0, released 2019-11-26.
This may have been the case already in 8.0, but it is possible to
compile without X11 by just specifying ENABLE_X11=OFF, so the package
was updated to remove the X11 dependency.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Add spidermonkey as a dependency.
- Add 0001-make-netgroup-support-optional.patch to allow building on musl.
- Add a runtime dependency on dbus.
- Add --disable-libelongind.
- Add --disable-libsystemd-login.
- Update dependencies for systemd pam support.
- Update dependencies for udisks.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Remove upstream patch 0004-Fix-gettid-naming-conflict.patch
- Remove upstream patch 0005-Rename-gettid-functions.patch
- Add a check for BR2_TOOLCHAIN_GCC_AT_LEAST_5 in grpc.mk. If the
selected toolchain is not at least version 5 or higher and the
optimization level is -Os, set the GRPC_CFLAGS and GRPC_CXXFLAGS
optimizations to -O2. This check prevents the following error:
error: failure memory model cannot be stronger than success memory model for '__atomic_compare_exchange'
Tested with test-pkg, all tests passed:
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: SKIPPED
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable all dependencies through -DUSE_BUNDLED_DEPS=OFF instead of
disabling them one by one
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
NSS 3.48 requires NSPR 4.24 already bumped. It already fixed
CVE-2019-11745 but in version 3.47.1 it's already fixed. Anyway from
3.47 to 3.48 it fixes:
CVE-2019-11745: EncryptUpdate should use maxout, not block size
Remove an upstreamed patch but introduce a new one to fix building with
signal.h include.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
License is GPL-2.0+ not GPL-2.0 as specified in files that contain
license information: tilde.{h,c} and xmalloc.{h,c}
Release 2.00 also added a comment about this in CHANGES and README
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The -trimpath option (introduced in go 1.13) removes absolute build paths
from the target binary. This results in more consistent / reproducible
builds across different systems with varying paths to Buildroot.
Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention that this is a go 1.13+ feature]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove patch (already in version)
- Add hash for license file
- Drop host-intltool dependency for $(TARGET_NLS_DEPENDENCIES), see
d15e95f785
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove patch (already in version)
- Update hash of LICENSE file and remove xxhsum.c from
XXHASH_LICENSE_FILES as LICENSE contains both licenses
(BSD-2-Clause and GPL-2.0+) since
330444389b
- Update XXHASH_LICENSE to specify that BSD-2-Clause is for the library
and GPL-2.0+ for xxhsum CLI
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fork is based on LuaJIT 2.1.0-beta3 which supports ARM64.
The license file is changed with the copyright from the Moonjit
developers, and an additional copy of the MIT license. Therefore the
license terms are still the same: MIT.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add details about why the hash of the license file changes]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building host or target python packages, we need to ensure that
the build environment utilize {HOST|TARGET}_CONFIGURE_OPTS. This
ensures that the correct linker and compiler environment variables are
set to compile utilizing either the host or target folders.
It was discovered that when compiling a host-python package, it was
using linking against the build machines library folder instead of the
host folder because LDFLAGS was not properly set and was improperly
detecting whether or not a shared or static library was present in the
host folder.
CC: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Update hash for PKG-INFO due to a version bump in the file.
- select BR2_PACKAGE_PYTHON_TWISTED_TLS as a runtime dependency.
- Update 0001-remove-pytest-runner-requirement.patch to work with the new
version.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an option that selects all of the necessary python packages to
ensure that twisted has HTTP2 support.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an option that selects all of the necessary python packages to
ensure that twisted has TLS support.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested with
run-tests tests.package.test_python_twisted.TestPythonPy3Twisted -d ./dl -o ./o
Ran 1 test in 388.506s
OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed patches 0006 & 0007 which were applied upstream as single
commit on the server-1.20-branch branch:
07efd81b81
Updated upstream URL for patch 0001.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current ARC glibc version in buildroot arc-2019.09-rc1 allows to
build an ARC big endian configuration, so let's allow this.
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
<daniel.nystrom@timeterminal.se>: host ASPMX.L.GOOGLE.COM[172.217.218.26] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
https://support.google.com/mail/?p=NoSuchUser o14si10209151edi.116 - gsmtp
(in reply to RCPT TO command)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 600132f8c0 added a test for
python-gobject but failed to update .gitlab-ci.yml. Do that now.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
years updated in LICENSE:
< This software is copyright (c) 2002-2017 by Gisle Aas.
> This software is copyright (c) 2002-2019 by Gisle Aas.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The dependency was added because ldd uses bash-specific syntax to
localize messages. Add a post-patch hook, instead, to replace the
occurrences of $"foo" by "foo", simply, so the code becomes POSIX
sh compliant if bash is not selected.
Also set the configuration environment accordingly to replace the
/bin/bash hashbang by /bin/sh.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This test comprises of four simple steps:
1: Start a new simple project called testsite.
2: Run ./manage.py migrate on the new testsite.
3: Run ./manage.py runserver 0.0.0.0:1234 & sleep 30
- The sleep 30 is necessary as it may take several seconds for
the django server to fully start.
4: Run netstat to ensure the server opened port 1234.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[Thomas: use self.assertRunOk() when appropriate]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Select BR2_PACKAGE_PYTHON_ASGIREF as a new runtime dependency.
- Select BR2_PACKAGE_PYTHON_SQLPARSE as a new runtime dependency.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This release contains two minor improvements (smaller library size, and
updates to the GL registry), plus a couple of build fixes which are not
relevant for Buildroot (one for Solaris; another for unit tests, which
we do not build):
https://github.com/anholt/libepoxy/releases/tag/1.5.4
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since Java 11 (and possibly earlier), OpenJDK now has its own official
repository at hg.openjdk.java.net which is referenced in all OpenJDK
documentation. This patch brings buildroot into line with that
source, reducing the opportunity for code injection, and allowing
consistent patching both across projects and for patches specific to
buildroot environments.
diff -ru shows that the only changes between the downstream and upstream files at
this point in time is the addition of a .hg_archive.txt file, containing:
repo: fd16c54261b32be1aaedd863b7e856801b7f8543
node: 7b6accc7c009304dd2979ea16c1cb15bf749a1fc
branch: default
tag: jdk-12.0.2+10
tag: jdk-12.0.2-ga
This does, however, change the hash for the tar.gz file (but not for the license).
With respect to the concern regarding upstream hash consistency, we have now been
using these archives for just over a year (since OpenJDK 11) and we haven't seen an
archive hash change in that time. This was a vast improvement on the previous
Mercurial forest. /archive is exactly as is sounds. It's an archive that doesn't
change, which is why it effectively negates the need for a "downstream" mirror.
Tests completed successfully (which is not surprising since there are no code changes here):
$ ./support/testing/run-tests -d ./dl/ -k -o test_dir tests.package.test_openjdk.TestOpenJdk
14:35:25 TestOpenJdk Starting
['Hello, World']
['Test: Get JNI Version passed', 'Test: Read Native String Constant passed', 'Test: Write Java String to Native Library passed', 'Test: Write Java Char Array to Native Library passed', 'Test: Write String Member to Native Library passed', 'Test: Set String Member from Native Library passed', 'Test: Execeute Java Function from Native Library passed', 'Test: Instantiate Java Class passed', 'Test: Call Native Library to Set System Time passed']
14:35:46 TestOpenJdk Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 20.614s
OK
Signed-off-by: Tudor Holton <tudor@tudorholton.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 4b81badbcc
Currently, calling foo-reconfigure for a kconfig-based package will not
re-trigger the configuration (kconfig-wise) step for the package.
was supposed to solve this problem and lately we had
Commit 05fea6e4a6
infra/pkg-kconfig: do not rely on package's .config as a timestamp
that introduced the .stamp_dotconfig file.
For this reason, to trigger a kconfig package reconfigure is now
necessary to remove the .stamp_dotconfig file.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other changes:
- Add a sha256sum for LIC_FILES_CHKSUM.sha256
- Remove duplicated license file vendor/github.com/stretchr/testify/LICENSE
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that the support for per-package directories has been merged, it
is time to get some exposure for it in the autobuilders, so let's
build 1 out of 15 builds with this feature enabled, at least as an
initial step.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a simple test case that imports the module.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Version 2.86.6 of python-gobject is quite old and no longer works with
Python versions > 3.7. When importing a user will recieve the following error:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/lib/python3.8/site-packages/gobject/__init__.py", line 26, in
<module>
File "/usr/lib/python3.8/site-packages/glib/__init__.py", line 22, in <module>
SystemError: initialization of _glib raised unreported exception
Because new versions of python-gobject require gobject-introspection, which is
not currently available in Buildroot, add a dependency on python2 to prevent
users from receiving the above error.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=12286
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
One usecase for tini is as the init process for a container which has
a single executable and no C runtime library. It therefore needs to be
independent of any C runtime library within the container.
Previously, we didn't build statically to avoid problems with
BR2_SHARED_LIBS=y. However, it turns out that tini can successfully link
statically even with glibc and BR2_SHARED_LIBS=y, because libc.a is
still included in staging, and tini doesn't use any NSS functionality.
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
pgsql as a tool does not exist, it's called psql
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
With Python 3.7, genrandconfig fails with:
'str' object has no attribute 'decode'
We are already working on str objects, and there is no need to decode
them, so we drop the call to decode_byte_list() and its definition as
it was only used there.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop 0001-configure.ac-fix-architecture-detection.patch as it is now
upstream. Aarch64 is now supported, so update _ARCH_SUPPORTS to match.
Add a hash for the license file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
COPYING was renamed into LICENSE since version 0.12 and
db509f9d9e
So update KYUA_LICENSE_FILES and add hash for LICENSE file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add additional input validation to prevent integer overflow when parsing
a frame header. This addresses CVE-2019-18609.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-19118: Privilege escalation in the Django admin
Additionally, 2.2.8 (and 2.2.7) fixes a number of bugs and adds python 3.8
support.
For more details, see the release notes:
https://docs.djangoproject.com/en/dev/releases/2.2.8/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bubblewrap is a sandboxing tool based on kernel namespaces, typically
used as lower-level infastructure by other end-user tools e.g. Flatpak.
https://github.com/containers/bubblewrap
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: needs mmu and !musl toolchain]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that binutils 2.33.1 has been introduced, and we have moved to
2.32 as the default version, it is time to drop support for binutils
2.30.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that binutils 2.33.1 has been released, it is time to move to
binutils 2.32 as the default binutils version, instead of 2.31.1.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add 0003-test-asclen-CVE-2018-19540.patch:
If txtdesc->asclen is < 1, the array index of
txtdesc->ascdata will be negative which causes the heap based overflow.
Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/198
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add 0002-check-null-in-jp2_decode.patch:
Patch was proposed upstream[1] but upstream is very inactive.
Linux distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/200
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add 0001-verify-data-range-CVE-2018-19541.patch:
We need to verify the data is in the expected range. Otherwise we get
problems later.
Patch was proposed upstream[1] but upstream is very inactive. Linux
distributions use the same fix to patch their packages.
1: https://github.com/mdadams/jasper/pull/211
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As already done in post-build.sh, to prevent hiding errors.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Autobuild has a "version bump" checker that sends message to a package
maintainer if its declared version does not match the latest one on
release-monitoring.org. In case of openpgm the version _is_ the latest one,
but a mismatch is caused by including a "release-" prefix into tags on
upstream and excluding them on other websites when referring to the
package's version.
This also fixes sha256 value for the downloaded archive.
Signed-off-by: Alexander Lukichev <alexander.lukichev@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/3b6/3b6280b0b7a9634b747db2865b21c6266007c725/
The PYTHON_KEEP_PY_FILES global variable conflicts with the per-package
<pkg>_KEEP_PY_FILES variable for the python package, causing make to
complain:
package/zlib/zlib.mk:7: *** Recursive variable 'PYTHON_KEEP_PY_FILES' references itself (eventually). Stop.
As a workaround, rename the global variable to KEEP_PYTHON_PY_FILES so it
cannot conflict with the per-package variable.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
adds ConditionVirtualization=vmware to vmtoolsd.service
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a bugfix release for the stable 0.11 branch. It is recommended
for all users of 0.11.x to upgrade.
Important note for those upgrading: Previous releases did not
automatically expire messages from group chat (MUC) archives, so if
mod_muc_mam was loaded and enabled for a MUC, archives would grow
indefinitely. This is not what most deployments want, therefore
automatic expiry is now implemented and enabled with a default 7 day
retention. You can configure this with the muc_log_expires_after
configuration option, which can be set to "never" to restore the old
behaviour and preserve any existing logs older than 7 days.
For details see:
https://prosody.im/doc/release/0.11.3
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 7643ab05de
("package/network-manager: drop obsolete dependencies") was a bit too
brutal in its dependency removal, as it forgot that removing dbus-glib
as a dependency would make libglib2 no longer part of the dependencies
of network-manager.
However, network-manager does require libglib2. From configure.ac:
PKG_CHECK_MODULES(GLIB, [gio-unix-2.0 >= 2.37.6 gmodule-2.0],
[AC_SUBST(LOG_DRIVER, '$(top_srcdir)/build-aux/tap-driver.sh')
AC_SUBST(AM_TESTS_FD_REDIRECT, '--tap')],
[PKG_CHECK_MODULES(GLIB, gio-unix-2.0 >= 2.40 gmodule-2.0)
AC_SUBST(LOG_DRIVER, '$(top_srcdir)/build-aux/test-driver')])
So this commit re-adds libglib2 as a dependency, and propagates the
appropriate "depends on". Nothing selects BR2_PACKAGE_NETWORK_MANAGER,
so we don't have to propagate these additional "depends on" anywhere.
Fixes:
http://autobuild.buildroot.net/results/2025b1bd721bb5c5fa6638ccf389d2fd8fd10339/https://bugs.busybox.net/show_bug.cgi?id=12326
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Lubomir Rintel <lkundrak@v3.sk>
Cc: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes include:
- Rename 0002-add-option-to-build-tests.patch to
0002-allow-explicit-disabling-of-tests.patch to work with 2.62.3.
Upstream now has an option called "installed_tests," which can be used to
prevent the unit tests from being built. However, the check only works for
cross-compiling and not host builds, which would mean that the tests still
build when compiling the host variant.
This conditional causes an error on older systems such as Debian8 or Centos7
because the command `objcopy --add-symbol` is used when building the test
"test_resources2," which is not available with the older version of objcopy
provided by those distributions.
Removing the conditionals and checking for just the installed_tests_enabled
option allows for a much simpler patch.
- Change -Dtests=false to -Dinstalled_tests=false in libglib2.mk as per the
above comment.
br-arm-full [1/6]: OK
br-arm-cortex-a9-glibc [2/6]: OK
br-arm-cortex-m4-full [3/6]: SKIPPED
br-x86-64-musl [4/6]: OK
br-arm-full-static [5/6]: OK
sourcery-arm [6/6]: OK
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.13.4 (released 2019/10/31) with fixes to the net/http and syscall packages.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The OpenCV Python module does a fairly strange thing to read a few
configuration details: it uses Python's execfile() to execute two .py
files and access a few variables. However, execfile() only works with
.py files and not .pyc files.
When BR2_PACKAGE_PYTHON{,3}_PYC_ONLY=y, the .py files are all removed,
causing the OpenCV Python module to not work:
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 89, in <module>
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 58, in bootstrap
File "usr/lib/python3.7/site-packages/cv2/__init__.py", line 56, in load_first_config
ImportError: OpenCV loader: missing configuration file: ['config.py']. Check OpenCV installation.
To fix this problem, this commit uses the newly introduced
<pkg>_KEEP_PY_FILES mechanism, to ensure the important config*.py
files are kept.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12171
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When BR2_PACKAGE_PYTHON{,3}_PYC_ONLY=y, we force remove all .py files
from the system, as they have all been byte-compiled into their .pyc
variants.
However, it turns out that some packages (e.g: OpenCV) do some funky
things with a few .py files: they pass them through Python's
execfile() facility, which only works with .py files and not .pyc
files. It is used by OpenCV for example to read two small
configuration files.
In order to support such use cases, this commit introduces a very
simple mechanism by which packages can exclude some path patterns from
the .py removal: a per-package <pkg>_KEEP_PY_FILES variable that is
collected into a global PYTHON_KEEP_PY_FILES variable, then used by
the python/python3 target-finalize hooks.
This variable is intentionally not documented, this is really a hack
that we ideally would like to see go away, and we'd rather not see its
usage spread too much.
This is necessary to be able to fix bug #12171.
[Peter: check if PYTHON_KEEP_PY_FILES contains non-white space]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As suggested by Arnout Vandecappelle, this commit adjusts the
generic-package documentation to document the effect of per-package
directory support on HOST_DIR, STAGING_DIR and TARGET_DIR.
Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The pkg-kconfig infrastructure hijacks the regular chain of build
steps to insert its own step to prepare the configuration of kconfig
packages. This additional step may have dependencies of its own, such
as host-flex, host-bison or toolchain.
In the context of per-package directory support, those dependencies
must be copied to the per-package directory of the current package
prior to doing the config preparation. This commit implements this
logic by adding a call to prepare-per-package-directory at the right
spot.
Reported-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Libtool .la files unfortunately contain a number of absolute paths,
which now refer to per-package directories. Due to this, when building
package A, .la files may contain absolute paths referring to
directories in package B per-package sysroot. This causes some -L
flags referring to other sysroot from being added, which doesn't work
as the linker no longer realizes that such paths are within its
sysroot.
To fix this, we introduce a replacement step of .la files in the
configure step, to make sure all paths refer to this package
per-package directory.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With per-package folder support, top-level parallel build becomes
safe, so we can enclose the .NOTPARALLEL statement in a
!BR2_PER_PACKAGE_DIRECTORIES condition.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit implements the core of the move to per-package SDK and
target directories. The main idea is that instead of having a global
output/host and output/target in which all packages install files, we
switch to per-package host and target directories, that only contain
their explicit dependencies.
There are two main benefits:
- Packages will now see only the dependencies they explicitly list in
their <pkg>_DEPENDENCIES variable, and the recursive dependencies
thereof.
- We can support top-level parallel build properly, because a package
only "sees" its own host directory and target directory, isolated
from the build of other packages that can happen in parallel.
It works as follows:
- A new output/per-package/ directory is created, which will contain
one sub-directory per package, and inside it, a "host" directory
and a "target" directory:
output/per-package/busybox/target
output/per-package/busybox/host
output/per-package/host-fakeroot/target
output/per-package/host-fakeroot/host
This output/per-package/ directory is PER_PACKAGE_DIR.
- The global TARGET_DIR and HOST_DIR variable now automatically point
to the per-package directory when PKG is defined. So whenever a
package references $(HOST_DIR) or $(TARGET_DIR) in its build
process, it effectively references the per-package host/target
directories. Note that STAGING_DIR is a sub-dir of HOST_DIR, so it
is handled as well.
- Of course, packages have dependencies, so those dependencies must
be installed in the per-package host and target directories. To do
so, we simply rsync (using hard links to save space and time) the
host and target directories of the direct dependencies of the
package to the current package host and target directories.
We only need to take care of direct dependencies (and not
recursively all dependencies), because we accumulate into those
per-package host and target directories the files installed by the
dependencies. Note that this only works because we make the
assumption that one package does *not* overwrite files installed by
another package.
This is done for "extract dependencies" at the beginning of the
extract step, and for "normal dependencies" at the beginning of the
configure step.
This is basically enough to make per-package SDK and target work. The
only gotcha is that at the end of the build, output/target and
output/host are empty, which means that:
- The filesystem image creation code cannot work.
- We don't have a SDK to build code outside of Buildroot.
In order to fix this, this commit extends the target-finalize step so
that it starts by populating output/target and output/host by
rsync-ing into them the target and host directories of all packages
listed in the $(PACKAGES) variable. It is necessary to do this
sequentially in the target-finalize step and not in each
package. Doing it in package installation means that it can be done in
parallel. In that case, there is a chance that two rsyncs are creating
the same hardlink or directory at the same time, which makes one of
them fail.
This change to per-package directories has an impact on the RPATH
built into the host binaries, as those RPATH now point to various
per-package host directories, and no longer to the global host
directory. We do not try to rewrite such RPATHs during the build as
having such RPATHs is perfectly fine, but we still need to handle two
fallouts from this change:
- The check-host-rpath script, which verifies at the end of each
package installation that it has the appropriate RPATH, is modified
to understand that a RPATH to $(PER_PACKAGE_DIR)/<pkg>/host/lib is
a correct RPAT.
- The fix-rpath script, which mungles the RPATH mainly for the SDK
preparation, is modified to rewrite the RPATH to not point to
per-package directories. Indeed the patchelf --make-rpath-relative
call only works if the RPATH points to the ROOTDIR passed as
argument, and this ROOTDIR is the global host directory. Rewriting
the RPATH to not point to per-package host directories prior to
this is an easy solution to this issue.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dustismo.LICENSE contains the license for the Dustismo_Sans.ttf font
file. The rest is licensed under the same terms as Perl as specified
in README
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- lzma program is licensed under GPL-2.0+
- lzmadec program has no license information in source file
- lzmainfo program is licensed under LGPL-2.1+
- LzmaDecode.h is licensed under LGPL-2.1+ (or CPL) as stated in
src/sdk/7zip/Compress/LZMA_C/LzmaDecode.{c,h}, other sdk files have no
license information
- lzmore and lzgrep scripts are licensed under GPL-2.0+
- lzdiff script has no license information
- basic and perms tests are licensed under GPL-3.0+
- mkdtemp and test-lib.sh tests have no license information
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Just like _SITE, _SOURCE, _SITE_METHOD, it is very likely that if
<pkg>_DL_OPTS is defined, the same value should be used for
HOST_<pkg>_DL_OPTS, so let's have the same inheritance logic than the
one we have for other variables.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12321
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#12366 [1]
The rpi-userland extra include paths where added with [2] including
a rpi-userland dependency for the dispmanx option.
The dispmanx option was moved to gst1-plugins-base with commit [3],
including the rpi-userland dependency, excluding the extra include
paths.
Tested gst1-plugins-base with dispmanx enabled compiles without
failures. It seems to be safe to remove the extra includes from
gst1-plugins-bad.
Fixes (from meson-log.txt):
Sanity check compile stderr:
arm-buildroot-linux-uclibcgnueabihf-gcc.br_real: error:
/.../host/arm-buildroot-linux-uclibcgnueabihf/sysroot/usr/include/IL:
No such file or directory
arm-buildroot-linux-uclibcgnueabihf-gcc.br_real: error:
/.../host/arm-buildroot-linux-uclibcgnueabihf/sysroot/usr/include/interface/vcos/pthreads:
No such file
arm-buildroot-linux-uclibcgnueabihf-gcc.br_real: error:
/.../host/arm-buildroot-linux-uclibcgnueabihf/sysroot/usr/include/interface/vmcs_host/linux:
No such file
[1] https://bugs.busybox.net/show_bug.cgi?id=12366
[2] https://git.buildroot.net/buildroot/commit/?id=962ffda68cd9b0c4ab6055c97c14e762a5439571
[3] https://git.buildroot.net/buildroot/commit/?id=3f2aef56127fbe71378e6a2d55192a0835d962ab
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Dustismo.LICENSE contains the license for the Dustismo_Sans.ttf font
file. The rest is licensed under the same terms as Perl as specified
in README so add README to license files and add GPL-2.0+ to license
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerability:
- CVE-2019-18840: In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity
checks of memory accesses in parsing ASN.1 certificate data while
handshaking. Specifically, there is a one-byte heap-based buffer overflow
inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because
the domain name location index is mishandled. Because a pointer is
overwritten, there is an invalid free.
For details, see the writeup:
https://medium.com/@social_62682/heap-overflow-in-wolfssl-cve-2019-18840-185d233c27de
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(500)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a short package description. Add an upstream URL to address
the 'Missing' URL status in the package stats web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-19330: The HTTP/2 implementation in HAProxy before 2.0.10
mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd),
line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka
Intermediary Encapsulation Attacks.
In addition, 2.0.6..10 fixes a number of bugs. See the changelog for
details:
https://www.haproxy.org/download/2.0/src/CHANGELOG
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. Removing
the trailing comment from the URL line addresses the 'Missing'
status in the package stats web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
[Peter: also add URL to BR2_TOOLCHAIN_BUILDROOT_MUSL help]
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
glibc versions prior to 2.23 have a <fts.h> implementation that is not
compatible with large file support, causing build failures such as:
In file included from selinux_restorecon.c:17:0:
/home/naourr/work/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/fts.h:41:3: error: #error "<fts.h> cannot be used with -D_FILE_OFFSET_BITS==64"
# error "<fts.h> cannot be used with -D_FILE_OFFSET_BITS==64"
Prior to commit 3fce6f1c15
("package/libselinux: fix the build with Python 3.8"), we were not
passing PKG_PYTHON_DISTUTILS_ENV in the environment. But with
3fce6f1c15, we are now passing the
PKG_PYTHON_DISTUTILS_ENV variable, provided by pkg-python.mk, into the
build environment. While this is part of fixing the build of
libselinux with Python 3.8, it breaks the build because we are no
longer filtering out the -D_FILE_OFFSET_BITS=64 option from
CFLAGS. Indeed, while we do so at the beginning of libselinux.mk, it
gets overridden later by the addition of $(PKG_PYTHON_DISTUTILS_ENV).
To avoid this, we pass CFLAGS/LDFLAGS *after*
$(PKG_PYTHON_DISTUTILS_ENV) has been added. In practice, the
CFLAGS/LDFLAGS passed by $(PKG_PYTHON_DISTUTILS_ENV) are just
$(TARGET_CFLAGS) and $(TARGET_LDFLAGS), so we are not missing anything
specific.
Fixes:
http://autobuild.buildroot.net/results/ef6ff91086a094eb25b145d66d072c6d2fc60154/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
--with-yajl is not recognized so replace it by the correct
--with-libyajl option
The option is named --with-libyajl since a very long time (since at
least version 4.8.0 and
f154fb21fb)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
After building host tools, we currently run a pass of patchelf to add
the proper RPATH to these tools so that they are able to find the
libraries they depend on.
Unfortunately, the "torque" host tool is used during the build itself,
before we have a chance to run "patchelf" on it. Since it is linked
against libcrypto.so available in $(HOST_DIR)/lib, the build aborts
because the RPATH is not set.
To fix this, we make sure that $(HOST_LDFLAGS) are properly taken into
account: since they contain the -Wl,-rpath option, the host tools will
have the correct RPATH. This both fixes the build failure, and makes
the patchelf hack no longer necessary.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12211http://autobuild.buildroot.net/results/a1f5e336ddaf386ba08eb5a7a299a48e2bdfe2d9/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
nodejs can use some FPU instructions on ARM, but it needs to know that
thanks to the --with-arm-fpu option. Without this, it may use the
wrong FPU setting, such as use VFPv3 even if only a VFPv3-D16 is
available. This has been reported as bug #12166, where the compiled
node binary had some floating point instructions using floating point
registers above 16 on a VFPv3-D16 system.
This commit makes sure we pass the appropriate --with-arm-fpu value
when it makes sense. Note that NodeJS only has explicit support for a
subset of the FPUs, for the ones that are not explicitly supported, we
simply pass no --with-arm-fpu value.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=12166
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When commit 0064132ba0 introduced ARM64
support in nodejs.mk, it incorrectly kept the NODEJS_ARM_FP
definition. This variable is used to pass --with-arm-float-abi, which
in NodeJS's configure.py script is only used when --dest-cpu=arm, and
not when --dest-cpu=arm64.
So we are passing --with-arm-float-abi=<something> for ARM64, which
has no effect, and we are no longer passing it on ARM.
This commit fixes that by putting the NODEJS_ARM_FP definition back at
the right location.
Fixes:
0064132ba0
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changes:
* PLAIN mechanism is used only when no other mechanisms are supported
* Legacy authentication is disabled by default, can be enabled with
connection flag XMPP_CONN_FLAG_LEGACY_AUTH
* Session is not established if it is optional
* Fixed a bug causing a reused connection not to cleanup properly
* Improved debug logging in OpenSSL module
* Few memory leaks fixed
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in as it
is pointing to an old page.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(405)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This includes the following changes:
9294981 handle protected mmcblk_boot_ devices
ac6d18a add missing includes
8106b65 add .editorconfig file
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Acked-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in.host. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(406)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Minicom's configure script will set values for the default port and lock
directory based on the configuration of the host machine, which is not
useful for cross-compiling or reproducible builds, so instead set them
to sensible default values.
Signed-off-by: James Byrne <james.byrne@origamienergy.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33 is
enabled, the arm-trusted-firmware package assumes that the BL33 image
provided by U-Boot is u-boot.bin. However for some platforms, the name
may be different (for example u-boot-dtb.bin). To support such use
cases, this commit adds a string option
BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_BL33_IMAGE to configure the
U-Boot image name, which defaults to u-boot.bin to preserve backward
compatibility.
Signed-off-by: Jerry Huang <jerry.huang@nxp.com>
Reviewed-by: Sergey Matyukevich <geomatsi@mail.com>
[Thomas: rewrite commit log and Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(404)' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.
Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix these warnings:
E122 continuation line missing indentation or outdented
E127 continuation line over-indented for visual indent
E265 block comment should start with '# '
E302 expected 2 blank lines, found 1
F401 'pexpect' imported but unused
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/360824861
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Spidermonkey is Mozilla's JavaScript engine written in C and C++. It is used in
various Mozilla products, including Firefox, and is available under the MPL2.
There are 10 patches currently required to properly cross-compile spidermonkey:
1) allow-newer-autoconf-versions
- Spidermonkey is hardcoded to use Autoconf 2.13, which is from 1999!
The reasoning behind using 2.13 is because newer versions of Autoconf do not
work correctly with the custom m4 macros in the source code.
However: Because we are building just the Spidermonkey engine instead of the
entire Firefox package, newer versions of Autoconf work without issue.
See: See: https://bugzilla.mozilla.org/show_bug.cgi?id=104642
for further explanation.
2) allow-building-in-tree
- By default, spidermonkey must be configured and built out-of-tree, otherwise
the following error occurs:
FATAL ERROR PROCESSING MOZBUILD FILE
==============================
The error occurred while processing the following file or one of the files
it includes:
js/src/shell/moz.build
The error occurred when validating the result of the execution. The reported
error is:
The path specified in LOCAL_INCLUDES is not allowed:
.. (resolved to js/src)
Remove this check, as spidermonkey builds without issue in-tree.
3) allow-unknown-configuration-options
- By default, if an unknown parameter is passed to configure, an error is
raised. Replace the raise with a pass and continue.
Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1379540
4) fix-building-with-musl
- The MIPS specific header <sgidefs.h> is not provided by musl.
The Linux kernel headers <asm/sgidefs.h> provide the same definitions.
5) add-riscv-support
- Submitted upstream:
See: https://bugzilla.mozilla.org/show_bug.cgi?id=1318905
6) copy-headers-on-install-instead-of-symlinking
- When installing, instead of linking the headers to the source directory,
copy them.
7) ensure-proper-running-on-64-bit-and-32-bit-be-platforms
- Taken from the Fedora RPM
Applied upstream.
Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1488552
8) 0008-save-and-restore-non-volatile-x28-on-ARM64-for-generated-unboxed-obje
- Taken from the Fedora RPM:
Applied upstream.
Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1375074
9) save-x28-before-clobbering-it-in-the-regex-compiler
- Taken from the Fedora RPM:
Applied upstream.
Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1445907
10) always-use-the-equivalent-year-to-determine-the-time-zone
- Taken from the Fedora RPM:
Applied upstream.
Fixes: https://bugzilla.mozilla.org/show_bug.cgi?id=1415202
Typically, The Firefox source tarball is used to build spidermonkey; however,
this has two disadvantages:
- It's large. The Firefox source tarball is over 250M.
- It requires Autoconf 2.13
Instead, use a tarball with only the Spidermonkey source code in it with a
pre-setup configure file. This tarball reduces the size to 31M and prevents the
Autoconf 2.13 requirement.
Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[Thomas: adjust how the libnspr arch dependency is handled]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The directory $(1)/usr/include may not exist before copy files.
Signed-off-by: Jens Kleintje <scooby22@web.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security vulnerabilities:
- CVE-2019-2201: In generate_jsimd_ycc_rgb_convert_neon of
jsimd_arm64_neon.S, there is a possible out of bounds write due to a
missing bounds check. This could lead to remote code execution in an
unprivileged process with no additional execution privileges needed.
For more details, see the upstream bugtracker:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/361
Additionally, it fixes a number of other issues. From the release notes:
- Fixed a regression in the SIMD feature detection code, introduced by the
AVX2 SIMD extensions (2.0 beta1[1]), that was known to cause an illegal
instruction exception, in rare cases, on CPUs that lack support for CPUID
leaf 07H (or on which the maximum CPUID leaf has been limited by way of a
BIOS setting.)
- The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in the
decompressor now uses a similar bias pattern to that of the 4:2:2 (h2v1)
fancy chroma upsampling algorithm, rounding up or down the upsampled
result for alternate pixels rather than always rounding down. This
ensures that, regardless of whether a 4:2:2 JPEG image is rotated or
transposed prior to decompression (in the frequency domain) or after
decompression (in the spatial domain), the final image will be similar.
- Fixed a regression introduced by 2.0 beta1[15] whereby attempting to
generate a progressive JPEG image on an SSE2-capable CPU using a scan
script containing one or more scans with lengths divisible by 16 would
result in an error ("Missing Huffman code table entry") and an invalid
JPEG image.
- Fixed an issue whereby tjDecodeYUV() and tjDecodeYUVPlanes() would throw
an error ("Invalid progressive parameters") or a warning ("Inconsistent
progression sequence") if passed a TurboJPEG instance that was previously
used to decompress a progressive JPEG image.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security vulnerabilities:
- CVE-2019-6477: TCP-pipelined queries can bypass tcp-clients limit
For details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.13/RELEASE-NOTES-bind-9.11.13.html
(9.11.11..12 were not released)
Upstream moved to a 2019-2020 signing key, so update comment in hash file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Crontab module for reading and writing crontab files and accessing
the system cron automatically and simply using a direct API.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The GPL only applies to the C++ bindings and eeprom utility, which are
conditionally enabled with BR2_PACKAGE_LIBFTDI1_LIBFTDIPP1 and
BR2_PACKAGE_LIBFTDI1_FDTI_EEPROM, respectively.
The COPYING.LIB is indeed the LGPL-2.0, but the source file for
libftdi1 states LGPL-2.1-only, see src/ftdi.c
The src/ftdi_stream.c also bears a notice of the MIT license, so the
library itself is under both LGPL-2.1-only and MIT.
Note: the COPYING.GPL license file may get added twice to the list, but
that is not a problem in practice: it is just copied twice.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- GPL-2.0 also applies to the ftdi_eeprom utility
- s/ftdipp1/libftdipp1/
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 9b0b15e90b (package/libftdi: add license) was too hastily fixed,
with confusion between libftdi and libftdi1. The MIT-licensed file is
not present in libftdi; it is only in libftdi1.
Remove the unused MIT license from the list.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The COPYING.LIB license file contains the test of the LGPL-2.0, but the
source code itself explicitly refers to the GPL-2.1-only. Additionally,
parts of the library (src/ftdi_stream.c) are under the MIT license.
The C++ bindings are udner the GPL-2.0-only with an exception, which is
expressed in the LICENSE file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- the library is under both GPL-2.1-only and MIT
- the GPL-2.0-only only applies to the C++ bindings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gob2 itself is GPL-2.0+, but it is a code generator. The code generated
by gob2 id not covered by gob2's license, and this is made explicit in
an accompanying license file.
So we include both license files.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- add COPYING.generated-code
- expand commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
cpuburn-arm burns CPU cycles to generate as much heat as possible.
Useful for stress testing.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr:
- fix title (Thomas)
- simplify and rename _ARCH_SUPPORTS (Thomas)
]
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
librsync can be built statically through the standard cmake
BUILD_SHARED_LIBS option since version 2.2.0 and
1ad3c7c600
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As pointed out by Carlos, ldconfig normally goes into /sbin, and getconf +
ldd into /usr/bin, so do that here as well instead of installing everything
to /bin.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With this patch we introduce an option for glibc, which
installs getconf, ldconfig and ldd utilities on target, that
may be useful in debugging. By default these utilities are
built, but not installed to the target.
ldd is a bash script, so it has bash dependency.
Signed-off-by: Nikita Sobolev <Nikita.Sobolev@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The test starts a simple container with an iperf3 server.
The container is using the tini init system, with a shared rootfs.
An iperf3 client is started from the host to check that the container
is really up and running.
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This method asserts that the given command ran successfully.
The goal is for it to be used by the different tests when needed.
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This version changed the (optional) dependency from sdl and
sdl-config to sdl2 and pkg-config. Therefore, the patch
0002-sdl-config.patch has been dropped and the dependency
has been changed to BR2_PACKAGE_SDL2.
Since SDL2 (required to build force-feedback utilities)
requires shared library support to compile, a dependency
on !BR2_STATIC_LIBS was added to the configuration option
that enables force-feedback utilities.
Signed-off-by: Koen Martens <gmc@sonologic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Downloading from https a tarball is faster than cloning a git repo.
If needed, BR2_LINUX_KERNEL_CUSTOM_GIT can be used as a fallback
mechanism to downlad the CIP kernel with git.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
[Thomas: fix typo in Config.in, disable installation to staging, both
were noticed by Yann E. Morin]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
uMTP-Responder is a lightweight USB Media Transfer Protocol (MTP)
responder daemon for GNU/Linux.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[Thomas: license is GPL-3.0+]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dropped autoreconf and non-standard pthread yield patches as they merged
upstream.
[Peter: really drop autoreconf]
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
New package which provides the driver and binary blob libraries for
the STM32MP157 vivante gcnano gpu. The precompiled libraries depend
on wayland and libdrm.
Signed-off-by: Jens Kleintje <scooby22@web.de>
[Thomas:
- add missing dependency on glibc
- add missing dependencies on threads (wayland, libdrm) and !static
(wayland)
- introduce GCNANO_BINARIES_LIB_VERSION,
GCNANO_BINARIES_DRIVER_VERSION and GCNANO_BINARIES_USERLAND_VERSION
variables to simplify code a bit
- greatly simplify the installation, by using more the available
libraries/files. This also avoids the installation of duplicate
release/debug libraries]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated patch 1 to handle changed context.
Removed patch 2 which is now upstream.
The update allows QEMU's configure script to successfully detect libfdt.
Signed-off-by: Sam Bobroff <sbobroff@linux.ibm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libfdt headers are installed at $(HOST_DIR)/include/libfdt now, to
prevent conflicts with the kernel dtc code. Pass that path to the qemu
configure script, otherwise it uses its bundled copy of libfdt.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Installing the libfdt headers at $(HOST_DIR)/include interferes with the
build of the kernel, as in beaglebone:
2019-11-01T22:23:16 /usr/bin/make -f ./scripts/Makefile.build obj=scripts
2019-11-01T22:23:16 /usr/bin/make -f ./scripts/Makefile.build obj=scripts/dtc need-builtin=
2019-11-01T22:23:16 (cat /dev/null; ) > scripts/dtc/modules.order
2019-11-01T22:23:16 /usr/bin/gcc -O2 -I/work/beaglebone/host/include -L/work/beaglebone/host/lib -Wl,-rpath,/work/beaglebone/host/lib -Wp,-MD,scripts/dtc/libfdt/.fdt_ro.o.d -Wall -Wmissing-prototypes -Wstrict-p>
2019-11-01T22:23:16 scripts/dtc/libfdt/fdt_ro.c:92:10: error: redefinition of ‘fdt_get_max_phandle’
2019-11-01T22:23:16 uint32_t fdt_get_max_phandle(const void *fdt)
2019-11-01T22:23:16 ^~~~~~~~~~~~~~~~~~~
2019-11-01T22:23:16 In file included from scripts/dtc/libfdt/fdt_ro.c:54:
2019-11-01T22:23:16 /work/beaglebone/host/include/libfdt.h:384:24: note: previous definition of ‘fdt_get_max_phandle’ was here
2019-11-01T22:23:16 static inline uint32_t fdt_get_max_phandle(const void *fdt)
2019-11-01T22:23:16 ^~~~~~~~~~~~~~~~~~~
2019-11-01T22:23:16 make[4]: *** [scripts/Makefile.host:107: scripts/dtc/libfdt/fdt_ro.o] Error 1
2019-11-01T22:23:16 make[3]: *** [scripts/Makefile.build:544: scripts/dtc] Error 2
2019-11-01T22:23:16 make[2]: *** [Makefile:1066: scripts] Error 2
2019-11-01T22:23:16 make[1]: *** [package/pkg-generic.mk:241: /work/beaglebone/build/linux-4dae378bbe721277b08699d1d88ffae12acc9b09/.stamp_built] Error 2
We cannot simply disable dtc support and patching the kernel makefiles
is risky and error-prone, so let's just install the host-dtc headers at
$(HOST_DIR)/include/libfdt to circumvent the problem.
Packages that depend on those headers (e.g. host-qemu) must be updated
to user the correct path but this is small change.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A C++ library for interacting with sd-bus and a C++ bindings generator.
The host build produces a code generation tool, sdbus++ while the
target build gives libsdbusplus.
The code generator requires host-python-pyyaml, host-python-inflection,
and host-python-mako. Since it isn't built for the target, the target
build does not require them.
The host package includes a code and documentation generation program,
which is useful for including in a buildroot SDK, even if no target
package needs it, so make it a user-selectable host package.
host-autoconf-archive is added as a dependency since configure.ac
uses the AX_PKG_CHECK_MODULES macro.
Signed-off-by: John Faith <jfaith@impinj.com>
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
[Thomas: use host-python3 when BR2_PACKAGE_PYTHON3=y]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When the rcw tools is built, it is probably to generate the RCW (Reset
Configuration Word) of the target. So it makes sense to do this directly
in the Buildroot infra and install it in the images directory, just like
we do for e.g. device tree blobs.
Add an option BR2_PACKAGE_HOST_RCW_CUSTOM_PATH that allows to specify
the source for the RCW. And while we're at it, make it possible to
specify multiple .rcw and .rcwi files, just like for device trees.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
[Arnout:
* Reword help text and commit message
* Remove definition of RCW_DELIVERY_FILE
* Define and use RCW_FILES
* Enclose everything in ifneq($(RCW_FILES),)
* Enclose error in ifeq($(BR_BUILDING),y)
* Add actual error message
* Don't limit to only %.rcwi files
* Don't delete *.bin
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
3cebf12 dev_table: add STM32G07xxx/08xxx
5ad1f87 Makefile: Check if CC and AR are defined
ee5b009 Fix comparison between signed and unsigned integer
74bfe1a serial_w32: remove always false if-then
d302abf Add comment on switch fall-through
12f06e3 Fix warning for unused parameters with mingw-gcc
4957909 Fix compile warning for unused parameters
475da89 Fix signed/unsigned comparison
68cc278 Fix dev_table for Android compilation
2e09c51 Fix indentation warning from GCC 7.1.1
c4293d3 Flip PEMPTY bit before SW reset on STM32L452
acf15a2 dev_table: add device STM32L01xxx/02xxx
59d08c2 dev_table: add device family H7
12bfd33 dev_table: fix flash layout of STM32F72xxx/73xxx
0c84669 dev_table: add STM32L45xxx/46xxx
e2a4f65 dev_table: fix option byte end address for STM32L43xxx/44xxx
76da7c4 dev_table: L4: reorder with AN2606 rev 31
cc70634 dev_table: F0: reorder with AN2606 rev 31
8a0d423 dev_table: F4: reorder and align names with AN2606 rev 31
bc0876d dev_table: fix RAM size for STM32F412xx
2783493 Add some more F4/F7/L4 devices
27626f5 Add autotools support
6b6b6e5 Let user decide length for unknown memory areas
671561e Allow read/write to full option byte area and system memory
843c6f5 Don't write diagnostics messages to stdout unconditionally
3a07489 Don't always print banner to stdout
cc97bca Treat filenames starting with hyphen correctly
a1b2fe4 Improve validation of GPIO sequence
7683db8 Allow specifying more than 255 pages to erase
033aaa8 Report RAM and flash size as maximal values
1f10b4e Serial POSIX: Check if tty is already opened by another stm32flash
8aa685c Add ctrl-C signal handler
3daa90e Print message on failing read/write protect/unprotect
7b5b33a Verbose error message on GPIO signal change failure
d5df420 Add message and fix return code on failed boot entry sequence
a285a09 Flush port after boot GPIO sequence
ee7c963 Fix return code from GPIO bootloader exit sequence
de7332e Fix return code from GPIO bootloader entry sequence
efeab97 Allow extra delay or no delay at all in GPIO sequences
d202bd0 Make termios timeout settable via TERMIOS_TIMEOUT_MS define
0242da6 Ensure correct precedence of bit and logic comparisons
26854ef Fix return value in case of successful protect/unprotect operation
3772e95 Fix return code in case of flash failure
7a7b4c9 Always run GPIO exit sequence if present
d581ce8 Put Linux specific GPIO code under conditional compile
8c4aa65 dev_table: Mark 0x417, 0x429, 0x427 for no mass-erase
2381ce3 Fix parity setting/checking on *BSD and MacOSX
5361ed8 Fix for device 0x442: System memory start address
Also add hash for license file
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Out-of-tree driver has been updated to work with Linux kernels v5.x.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ARC glibc fenv.h has the needed macros for quite some time now so
allow ffmpeg builds.
Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the pi3-miniuart-bt device tree overlay (as the 32bit raspberrypi3
defconfig) instead of the enable_uart option.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enables the usage of the standard Raspberry Pi overlays (as already
possible for all 32bit defconfigs and as expected by most Raspberry Pi
defconfig users), follow up patch will use the overlay feature to
enable the ttyS0 serial console in the same way as done for the
raspberrypi3_defconfig case (instead using an alternative approach).
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
That change will alphabetically set list order
of required packages in Config.in file automatically.
Example below:
before: ['python-pyserial', 'python-pyaes', 'python-ecdsa']
after: ['python-ecdsa', 'python-pyaes', 'python-pyserial']
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The package now fully supports Python 3.8, so the pre-build
hook and the dependency on host-python-cython can be removed.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Added hash of LICENSE file in valijson.hash
- Updated hash of valijson tar file in valijson.hash file
- Added option to set tests off which drops the curlpp dependency
Signed-off-by: Santosh Multhalli <santosh.multhalli@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
if test "${mesontimer}"="0"; then fdt rm /meson_timer; fdt rm /cpus/cpu@0/timer; fdt rm /cpus/cpu@1/timer; fdt rm /cpus/cpu@2/timer; fdt rm /cpus/cpu@3/timer; fi
if test "${mesontimer}"="1"; then fdt rm /timer; fi
if test "${nographics}"="1"; then fdt rm /reserved-memory; fdt rm /aocec; fi
if test "${nographics}"="1"; then fdt rm /meson-fb; fdt rm /amhdmitx; fdt rm /picdec; fdt rm /ppmgr; fi
if test "${nographics}"="1"; then fdt rm /meson-vout; fdt rm /mesonstream; fdt rm /meson-fb; fi
if test "${nographics}"="1"; then fdt rm /deinterlace; fdt rm /codec_mm; fi
The login prompt will appear in the terminal that started Qemu.
Ethernet support is not working, yet.
Tested with QEMU 2.12.0.
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
