Update for 2018.05.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

.gitlab-ci.yml

@@ -258,6 +258,7 @@ zynq_zybo_defconfig: *defconfig
 tests.boot.test_atf.TestATFAllwinner: *runtime_test
 tests.boot.test_atf.TestATFMarvell: *runtime_test
 tests.boot.test_atf.TestATFVexpress: *runtime_test
+tests.core.test_file_capabilities.TestFileCapabilities: *runtime_test
 tests.core.test_post_scripts.TestPostScripts: *runtime_test
 tests.core.test_rootfs_overlay.TestRootfsOverlay: *runtime_test
 tests.core.test_timezone.TestGlibcAllTimezone: *runtime_test

CHANGES

@@ -1,3 +1,85 @@
+2018.05.3, Released October 6th, 2018
+
+	Important / security related fixes.
+
+	Add a number of patches to fix build errors for host utilities
+	on modern distributions using glibc-2.28.
+
+	mkusers: Ensure existing group members are preserved when a
+	group is reprocessed.
+
+	printvars: Fix issue with exceeding shell command line length
+	limits for certain setups.
+
+	Updated/fixed packages: acpid, android-tools, apache,
+	arp-scan, bandwidthd, bind, bison, brltty, chipmunk, connman,
+	cppcms, fio, gcc, ghostscript, gnupg, httping, igmpproxy,
+	imagemagick, imlib2, ipsec-tools, lcm2, libcurl, libesmtp,
+	libnfs, libssh, libxslt, links, mediastreamer, minicom,
+	moarvm, nilfs-utils, ocrad, parted, php, postgresql, pv,
+	python-django, qt, qt5quickcontrols, qt5webengine, screen,
+	sdl2, shairport-sync, squashfs, strongswan, vboot-utils,
+	webkitgtk, wireguard, x265, xen, xlib_libXfont, xlib_libXft,
+	xlib_libxshmfence, zeromq
+
+2018.05.2, Released August 28th, 2018
+
+	Important / security related fixes.
+
+	Defconfigs: Raspberrypi2: Bump rootfs size, T7680: Fix
+	genimage.cfg issue, ARM Juno: Bump ATF to v1.3 to fix build
+	issue.
+
+	Updated/fixed packages: acl, attr, apache, bind,
+	boot-wrapper-aarch64, brltty, bzip2, chrony, crda, cryptsetup,
+	dahdi-tools, dmidecode, dropbear, eigen, ffmpeg, gawk, gcc,
+	ghostscript, gnutls, imx-gpu-viv, ipsec-tools, libarchive,
+	libfuse, libglib2, libopenssl, libselinux, libsoup, lighttpd,
+	linuxptp, lttng-modules, lttng-tools, lua-flu, lvm2, m4,
+	makedevs, mariadb, mbedtls, mesa3d-heders, mtd, ncurses,
+	nodejs, openssh, php, python-django, rauc, ruby, samba4,
+	stress-ng, ti-utils, uboot-tools, uclibc, vim, waylandpp,
+	wireless_tools, wireless-regdb, wireshark, wpa_supplicant,
+	xorriso, znc
+
+	Issues resolved (http://bugs.uclibc.org):
+
+	#10781: cryptsetup luksOpen container_file container causes..
+	#10986: Installing package attr when already supplied by..
+	#11191: xattr and check-package issue
+
+2018.05.1, Released July 20th, 2018
+
+	Important / security related fixes.
+
+	U-Boot: Ensure host version of ncurses is picked up and not
+	host-ncurses built by buildroot, as that otherwise causes
+	widechar/non-widechar conflicts and corrupted menuconfig
+	menus.
+
+	Linux: Enable CONFIG_PERF_EVENTS when perf is enabled.
+
+	Toolchain: ARC tools updated to arc-2018.03.
+
+	pkg-stats: Fix python 3.x compatibility.
+
+	dl-wrapper: Fix support for URIs containing '+', fix
+	no-check-hash for inferred site method.
+
+	Defconfigs: Raspberrypi3: Bump rootfs size, Minnowboard-max:
+	Support ethernet on Turbot variant.
+
+	Updated/fixed packages: audit, bind, btrfs-progs, cifs-utils,
+	clamav, collectd, coreutils, docker-containerd, dos2unix,
+	edid-decode, file, gcc, gdb, gnupg, gnupg2, heimdal, hidapi,
+	imagemagick, libcurl, libgcrypt, libglib2, liblogging,
+	libostree, libressl, libsoup, libv4l, libvncserver, libvorbis,
+	libwebsockets, libxslt, lm-sensors, mariadb, mpg123, ncurses,
+	network-manager, nodejs, patchelf, perl, php-amqp, pinentry,
+	pixiewps, qpdf, qt53d, qt5base, qt5charts, qt5script, redis,
+	systemd, triggerhappy, uboot, wireguard, wireless-regdb,
+	wireshark
+
 2018.05, Released June 1st, 2018
 
 	Minor fixes.

Makefile

@@ -87,9 +87,9 @@ all:
 .PHONY: all
 
 # Set and export the version string
-export BR2_VERSION := 2018.05
+export BR2_VERSION := 2018.05.3
 # Actual time the release is cut (for reproducible builds)
-BR2_VERSION_EPOCH = 1527884000
+BR2_VERSION_EPOCH = 1538812000
 
 # Save running make version since it's clobbered by the make package
 RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -977,7 +977,8 @@ $(BUILD_DIR)/.br2-external.in: $(BUILD_DIR)
 # displayed.
 .PHONY: printvars
 printvars:
-	@:$(foreach V, \
+	@:
+	$(foreach V, \
 		$(sort $(if $(VARS),$(filter $(VARS),$(.VARIABLES)),$(.VARIABLES))), \
 		$(if $(filter-out environment% default automatic, \
 				$(origin $V)), \
@@ -1020,8 +1021,8 @@ help:
 	@echo '  silentoldconfig        - Same as oldconfig, but quietly, additionally update deps'
 	@echo '  olddefconfig           - Same as silentoldconfig but sets new symbols to their default value'
 	@echo '  randconfig             - New config with random answer to all options'
-	@echo '  defconfig              - New config with default answer to all options'
-	@echo '                             BR2_DEFCONFIG, if set, is used as input'
+	@echo '  defconfig              - New config with default answer to all options;'
+	@echo '                             BR2_DEFCONFIG, if set on the command line, is used as input'
 	@echo '  savedefconfig          - Save current config to BR2_DEFCONFIG (minimal config)'
 	@echo '  allyesconfig           - New config where all options are accepted with yes'
 	@echo '  allnoconfig            - New config where all options are answered with no'

board/minnowboard/linux.config

@@ -21,6 +21,7 @@ CONFIG_SATA_AHCI=y
 CONFIG_ATA_PIIX=y
 CONFIG_NETDEVICES=y
 CONFIG_R8169=y
+CONFIG_IGB=y
 CONFIG_INPUT_EVDEV=y
 CONFIG_SERIAL_8250=y
 CONFIG_SERIAL_8250_CONSOLE=y

board/technologic/ts7680/genimage.cfg

@@ -3,7 +3,7 @@ image sdcard.img {
 	}
 
 	partition unused {
-		size =  512B
+		size =  512
 	}
 
 	partition rootfs {

boot/at91bootstrap3/Config.in

@@ -10,6 +10,8 @@ config BR2_TARGET_AT91BOOTSTRAP3
 	  - Physical media algorithm such as DataFlash, NandFlash, NOR
 	    Flash...
 
+	  https://www.at91.com/linux4sam/bin/view/Linux4SAM/AT91Bootstrap
+
 if BR2_TARGET_AT91BOOTSTRAP3
 
 choice

boot/boot-wrapper-aarch64/boot-wrapper-aarch64.mk

@@ -6,7 +6,7 @@
 
 BOOT_WRAPPER_AARCH64_VERSION = 4266507a84f8c06452109d38e0350d4759740694
 BOOT_WRAPPER_AARCH64_SITE = git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git
-BOOT_WRAPPER_AARCH64_LICENSE = BSD3c
+BOOT_WRAPPER_AARCH64_LICENSE = BSD-3-Clause
 BOOT_WRAPPER_AARCH64_LICENSE_FILES = LICENSE.txt
 BOOT_WRAPPER_AARCH64_DEPENDENCIES = linux
 BOOT_WRAPPER_AARCH64_INSTALL_IMAGES = YES

boot/uboot/uboot.mk

@@ -211,7 +211,15 @@ endif # BR2_TARGET_UBOOT_USE_DEFCONFIG
 
 UBOOT_KCONFIG_FRAGMENT_FILES = $(call qstrip,$(BR2_TARGET_UBOOT_CONFIG_FRAGMENT_FILES))
 UBOOT_KCONFIG_EDITORS = menuconfig xconfig gconfig nconfig
-UBOOT_KCONFIG_OPTS = $(UBOOT_MAKE_OPTS)
+
+# UBOOT_MAKE_OPTS overrides HOSTCC / HOSTLDFLAGS to allow the build to
+# find our host-openssl. However, this triggers a bug in the kconfig
+# build script that causes it to build with /usr/include/ncurses.h
+# (which is typically wchar) but link with
+# $(HOST_DIR)/lib/libncurses.so (which is not).  We don't actually
+# need any host-package for kconfig, so remove the HOSTCC/HOSTLDFLAGS
+# override again.
+UBOOT_KCONFIG_OPTS = $(UBOOT_MAKE_OPTS) HOSTCC="$(HOSTCC)" HOSTLDFLAGS=""
 define UBOOT_HELP_CMDS
 	@echo '  uboot-menuconfig       - Run U-Boot menuconfig'
 	@echo '  uboot-savedefconfig    - Run U-Boot savedefconfig'

boot/vexpress-firmware/Config.in

@@ -4,3 +4,5 @@ config BR2_TARGET_VEXPRESS_FIRMWARE
 	help
 	  Versatile Express firmware from ARM, with Linaro mods last
 	  change.
+
+	  https://git.linaro.org/arm/vexpress-firmware.git

boot/xloader/Config.in

@@ -5,6 +5,8 @@ config BR2_TARGET_XLOADER
 	  The x-loader bootloader. It is mainly used on OMAP-based
 	  platforms.
 
+	  http://omappedia.org/wiki/Linux_OMAP_Kernel_Main
+
 if BR2_TARGET_XLOADER
 config BR2_TARGET_XLOADER_BOARDNAME
 	string "x-loader board name"

configs/arm_juno_defconfig

@@ -12,7 +12,7 @@ BR2_LINUX_KERNEL_INTREE_DTS_NAME="arm/juno arm/juno-r1 arm/juno-r2"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_GIT=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_URL="https://github.com/ARM-software/arm-trusted-firmware.git"
-BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.2"
+BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.3"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="juno"
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
 BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33=y

configs/raspberrypi2_defconfig

@@ -30,6 +30,7 @@ BR2_PACKAGE_HOST_MTOOLS=y
 # Filesystem / image
 BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_4=y
+BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
 # BR2_TARGET_ROOTFS_TAR is not set
 BR2_ROOTFS_POST_BUILD_SCRIPT="board/raspberrypi2/post-build.sh"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/raspberrypi2/post-image.sh"

configs/raspberrypi3_defconfig

@@ -28,6 +28,7 @@ BR2_PACKAGE_HOST_MTOOLS=y
 # Filesystem / image
 BR2_TARGET_ROOTFS_EXT2=y
 BR2_TARGET_ROOTFS_EXT2_4=y
+BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
 # BR2_TARGET_ROOTFS_TAR is not set
 BR2_ROOTFS_POST_BUILD_SCRIPT="board/raspberrypi3/post-build.sh"
 BR2_ROOTFS_POST_IMAGE_SCRIPT="board/raspberrypi3/post-image.sh"

configs/snps_archs38_hsdk_defconfig

@@ -13,7 +13,7 @@ BR2_SYSTEM_DHCP="eth0"
 # Kernel
 BR2_LINUX_KERNEL=y
 BR2_LINUX_KERNEL_CUSTOM_VERSION=y
-BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.14.4"
+BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.14.47"
 BR2_LINUX_KERNEL_DEFCONFIG="hsdk"
 BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES="board/synopsys/hsdk/linux.fragment"
 

docs/manual/adding-packages-generic.txt

@@ -200,11 +200,24 @@ information is (assuming the package name is +libfoo+) :
   package. Note that if +HOST_LIBFOO_VERSION+ doesn't exist, it is
   assumed to be the same as +LIBFOO_VERSION+. It can also be a
   revision number or a tag for packages that are fetched directly
-  from their version control system. Do not use a branch name as
-  version; it does not work. Examples:
+  from their version control system. Examples:
   ** a version for a release tarball: +LIBFOO_VERSION = 0.1.2+
   ** a sha1 for a git tree: +LIBFOO_VERSION = cb9d6aa9429e838f0e54faa3d455bcbab5eef057+
   ** a tag for a git tree +LIBFOO_VERSION = v0.1.2+
++
+.Note:
+Using a branch name as +FOO_VERSION+ is not supported, because it does
+not and can not work as people would expect it should:
++
+  1. due to local caching, Buildroot will not re-fetch the repository,
+     so people who expect to be able to follow the remote repository
+     would be quite surprised and disappointed;
+  2. because two builds can never be perfectly simultaneous, and because
+     the remote repository may get new commits on the branch anytime,
+     two users, using the same Buildroot tree and building the same
+     configuration, may get different source, thus rendering the build
+     non reproducible, and people would be quite surprised and
+     disappointed.
 
 * +LIBFOO_SOURCE+ may contain the name of the tarball of the package,
   which Buildroot will use to download the tarball from

docs/manual/adding-packages-perl.txt

@@ -46,7 +46,7 @@ built.
 
 Most of these data can be retrieved from https://metacpan.org/.
 So, this file and the Config.in can be generated by running
-the script +supports/scripts/scancpan Foo-Bar+ in the Buildroot directory
+the script +utils/scancpan Foo-Bar+ in the Buildroot directory
 (or in a br2-external tree).
 This script creates a Config.in file and foo-bar.mk file for the
 requested package, and also recursively for all dependencies specified by

docs/manual/prerequisite.txt

@@ -23,8 +23,8 @@ between distributions).
 ** +make+ (version 3.81 or any later)
 ** +binutils+
 ** +build-essential+ (only for Debian based systems)
-** +gcc+ (version 2.95 or any later)
-** `g++` (version 2.95 or any later)
+** +gcc+ (version 4.4 or any later)
+** `g++` (version 4.4 or any later)
 ** +bash+
 ** +patch+
 ** +gzip+

linux/Config.in

@@ -33,7 +33,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
 	bool "Latest version (4.16)"
 
 config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
-	bool "Latest CIP SLTS version (v4.4.130-cip23)"
+	bool "Latest CIP SLTS version (v4.4.138-cip25)"
 	help
 	  CIP launched in the spring of 2016 to address the needs of
 	  organizations in industries such as power generation and
@@ -121,7 +121,7 @@ endif
 config BR2_LINUX_KERNEL_VERSION
 	string
 	default "4.16.13" if BR2_LINUX_KERNEL_LATEST_VERSION
-	default "v4.4.130-cip23" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
+	default "v4.4.138-cip25" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
 	default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
 		if BR2_LINUX_KERNEL_CUSTOM_VERSION
 	default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL

linux/linux.mk

@@ -292,6 +292,8 @@ define LINUX_KCONFIG_FIXUP_CMDS
 		$(call KCONFIG_ENABLE_OPT,CONFIG_ENABLE_DEFAULT_TRACERS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_FUNCTION_TRACER,$(@D)/.config))
+	$(if $(BR2_PACKAGE_LINUX_TOOLS_PERF),
+		$(call KCONFIG_ENABLE_OPT,CONFIG_PERF_EVENTS,$(@D)/.config))
 	$(if $(BR2_PACKAGE_SYSTEMD),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_CGROUPS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_INOTIFY_USER,$(@D)/.config)

package/Makefile.in

@@ -239,7 +239,7 @@ HOST_LDFLAGS  += -L$(HOST_DIR)/lib -Wl,-rpath,$(HOST_DIR)/lib
 # Exit code chooses option. "$$TMP" is can be used as temporary file and
 # is automatically cleaned up.
 try-run = $(shell set -e;               \
-	TMP="$$(tempfile)";             \
+	TMP="$$(mktemp)";               \
 	if ($(1)) >/dev/null 2>&1;      \
 	then echo "$(2)";               \
 	else echo "$(3)";               \

package/acl/0001-Build-with-old-GCC-versions.patch

@@ -0,0 +1,32 @@
+From a42519dceef0493ece45538375ae1791313f16d3 Mon Sep 17 00:00:00 2001
+From: Hollis Blanchard <hollis_blanchard@mentor.com>
+Date: Mon, 30 Jul 2018 14:29:46 -0700
+Subject: [PATCH] Remove pragmas inside functions
+
+GCC 4.4.7, as found in RHEL6, reports:
+    libacl/acl_from_text.c:307: error: #pragma GCC diagnostic not allowed inside functions
+
+Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
+---
+ libacl/acl_from_text.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
+index 09790c9..fb6bc07 100644
+--- a/libacl/acl_from_text.c
++++ b/libacl/acl_from_text.c
+@@ -304,11 +304,8 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
+ create_entry:
+ 	if (acl_create_entry(acl_p, &entry_d) != 0)
+ 		return -1;
+-#pragma GCC diagnostic push
+-#pragma GCC diagnostic ignored "-Waddress"
+ 	if (acl_copy_entry(entry_d, int2ext(&entry_obj)) != 0)
+ 		return -1;
+-#pragma GCC diagnostic pop
+ 	return 0;
+ 
+ fail:
+-- 
+2.13.0
+

package/acl/0001-support-static-installation.patch

@@ -1,29 +0,0 @@
-Support installation of .a file when doing static linking
-
-When doing static linking (i.e ENABLE_SHARED != yes), the acl build
-logic wasn't installing any library at all, not even the .a file which
-is needed for static linking. This patch fixes that.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/include/buildmacros
-===================================================================
---- a/include/buildmacros
-+++ b/include/buildmacros
-@@ -97,7 +97,15 @@
- 
- INSTALL_LTLIB_STATIC = \
- 	cd $(TOPDIR)/$(LIBNAME)/.libs; \
--	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
-+	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
-+	../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
-+	../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
-+	if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
-+	fi
- 
- INSTALL_MAN = \
- 	@for d in $(MAN_PAGES); do \

package/acl/0002-add-__acl_-prefixes-to-internal-symbols.patch

@@ -1,292 +0,0 @@
-From debbe4f7b591b3f35d0ed65c17fa81b196b2eb2d Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Tue, 12 Aug 2014 08:37:25 -0400
-Subject: [PATCH] add __acl_ prefixes to internal symbols
-
-When static linking libacl, people sometimes run into symbol collisions
-because their own code defines symbols like "quote".  So for acl internal
-symbols, use an __acl_ prefix.
-
-[Rahul Bedarkar: backported from upstream 
-  http://git.savannah.gnu.org/cgit/acl.git/commit/?id=a2c4d71c2e84419a49db503ed59de4d3d1dca7dd ]
-Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
----
- exports                    | 12 ++----------
- getfacl/getfacl.c          |  4 ++--
- include/misc.h             |  8 ++++----
- libacl/__acl_to_any_text.c |  4 ++--
- libacl/acl_from_text.c     |  4 ++--
- libmisc/high_water_alloc.c |  2 +-
- libmisc/next_line.c        |  6 +++---
- libmisc/quote.c            |  4 ++--
- libmisc/unquote.c          |  2 +-
- setfacl/parse.c            | 10 +++++-----
- setfacl/setfacl.c          |  4 ++--
- 11 files changed, 26 insertions(+), 34 deletions(-)
-
-diff --git a/exports b/exports
-index 7d8e69e..bf15d84 100644
---- a/exports
-+++ b/exports
-@@ -59,22 +59,14 @@ ACL_1.0 {
- 	acl_to_any_text;
- 
-     local:
--    	# Library internal stuff
-+	# Library internal stuff
- 	__new_var_obj_p;
- 	__new_obj_p_here;
- 	__free_obj_p;
- 	__check_obj_p;
- 	__ext2int_and_check;
--	__acl_reorder_entry_obj_p;
--	__acl_reorder_obj_p;
--	__acl_init_obj;
--	__acl_create_entry_obj;
--	__acl_free_acl_obj;
--	__acl_to_any_text;
-+	__acl_*;
- 	__apply_mask_to_mode;
--
--	quote;
--	unquote;
- };
- 
- ACL_1.1 {
-diff --git a/getfacl/getfacl.c b/getfacl/getfacl.c
-index f8eaf25..af9e225 100644
---- a/getfacl/getfacl.c
-+++ b/getfacl/getfacl.c
-@@ -90,7 +90,7 @@ int opt_numeric;  /* don't convert id's to symbolic names */
- 
- static const char *xquote(const char *str, const char *quote_chars)
- {
--	const char *q = quote(str, quote_chars);
-+	const char *q = __acl_quote(str, quote_chars);
- 	if (q == NULL) {
- 		fprintf(stderr, "%s: %s\n", progname, strerror(errno));
- 		exit(1);
-@@ -718,7 +718,7 @@ int main(int argc, char *argv[])
- 	do {
- 		if (optind == argc ||
- 		    strcmp(argv[optind], "-") == 0) {
--			while ((line = next_line(stdin)) != NULL) {
-+			while ((line = __acl_next_line(stdin)) != NULL) {
- 				if (*line == '\0')
- 					continue;
- 
-diff --git a/include/misc.h b/include/misc.h
-index 0c5fdcc..c25accf 100644
---- a/include/misc.h
-+++ b/include/misc.h
-@@ -15,9 +15,9 @@
-   along with this program.  If not, see <http://www.gnu.org/licenses/>.
-  */
- 
--extern int high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
-+extern int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
- 
--extern const char *quote(const char *str, const char *quote_chars);
--extern char *unquote(char *str);
-+extern const char *__acl_quote(const char *str, const char *quote_chars);
-+extern char *__acl_unquote(char *str);
- 
--extern char *next_line(FILE *file);
-+extern char *__acl_next_line(FILE *file);
-diff --git a/libacl/__acl_to_any_text.c b/libacl/__acl_to_any_text.c
-index a4f9c34..19f1ccc 100644
---- a/libacl/__acl_to_any_text.c
-+++ b/libacl/__acl_to_any_text.c
-@@ -159,7 +159,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
- 				if (options & TEXT_NUMERIC_IDS)
- 					str = NULL;
- 				else
--					str = quote(user_name(
-+					str = __acl_quote(user_name(
- 						entry_obj_p->eid.qid), ":, \t\n\r");
- 				if (str != NULL) {
- 					strncpy(text_p, str, size);
-@@ -182,7 +182,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
- 				if (options & TEXT_NUMERIC_IDS)
- 					str = NULL;
- 				else
--					str = quote(group_name(
-+					str = __acl_quote(group_name(
- 						entry_obj_p->eid.qid), ":, \t\n\r");
- 				if (str != NULL) {
- 					strncpy(text_p, str, size);
-diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
-index 1e05322..f6165be 100644
---- a/libacl/acl_from_text.c
-+++ b/libacl/acl_from_text.c
-@@ -206,7 +206,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
- 			str = get_token(text_p);
- 			if (str) {
- 				entry_obj.etag = ACL_USER;
--				error = get_uid(unquote(str),
-+				error = get_uid(__acl_unquote(str),
- 						&entry_obj.eid.qid);
- 				free(str);
- 				if (error) {
-@@ -225,7 +225,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
- 			str = get_token(text_p);
- 			if (str) {
- 				entry_obj.etag = ACL_GROUP;
--				error = get_gid(unquote(str),
-+				error = get_gid(__acl_unquote(str),
- 						&entry_obj.eid.qid);
- 				free(str);
- 				if (error) {
-diff --git a/libmisc/high_water_alloc.c b/libmisc/high_water_alloc.c
-index c127dc1..951f4bb 100644
---- a/libmisc/high_water_alloc.c
-+++ b/libmisc/high_water_alloc.c
-@@ -21,7 +21,7 @@
- #include <stdlib.h>
- #include "misc.h"
- 
--int high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
-+int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
- {
- #define CHUNK_SIZE	256
- 	/*
-diff --git a/libmisc/next_line.c b/libmisc/next_line.c
-index 0566d7a..126a364 100644
---- a/libmisc/next_line.c
-+++ b/libmisc/next_line.c
-@@ -23,7 +23,7 @@
- 
- #define LINE_SIZE getpagesize()
- 
--char *next_line(FILE *file)
-+char *__acl_next_line(FILE *file)
- {
- 	static char *line;
- 	static size_t line_size;
-@@ -31,7 +31,7 @@ char *next_line(FILE *file)
- 	int eol = 0;
- 
- 	if (!line) {
--		if (high_water_alloc((void **)&line, &line_size, LINE_SIZE))
-+		if (__acl_high_water_alloc((void **)&line, &line_size, LINE_SIZE))
- 			return NULL;
- 	}
- 	c = line;
-@@ -47,7 +47,7 @@ char *next_line(FILE *file)
- 		if (feof(file))
- 			break;
- 		if (!eol) {
--			if (high_water_alloc((void **)&line, &line_size,
-+			if (__acl_high_water_alloc((void **)&line, &line_size,
- 					     2 * line_size))
- 				return NULL;
- 			c = strrchr(line, '\0');
-diff --git a/libmisc/quote.c b/libmisc/quote.c
-index bf8f9eb..a28800c 100644
---- a/libmisc/quote.c
-+++ b/libmisc/quote.c
-@@ -23,7 +23,7 @@
- #include <string.h>
- #include "misc.h"
- 
--const char *quote(const char *str, const char *quote_chars)
-+const char *__acl_quote(const char *str, const char *quote_chars)
- {
- 	static char *quoted_str;
- 	static size_t quoted_str_len;
-@@ -40,7 +40,7 @@ const char *quote(const char *str, const char *quote_chars)
- 	if (nonpr == 0)
- 		return str;
- 
--	if (high_water_alloc((void **)&quoted_str, &quoted_str_len,
-+	if (__acl_high_water_alloc((void **)&quoted_str, &quoted_str_len,
- 			     (s - (unsigned char *)str) + nonpr * 3 + 1))
- 		return NULL;
- 	for (s = (unsigned char *)str, q = quoted_str; *s != '\0'; s++) {
-diff --git a/libmisc/unquote.c b/libmisc/unquote.c
-index bffebf9..4f4ce7c 100644
---- a/libmisc/unquote.c
-+++ b/libmisc/unquote.c
-@@ -22,7 +22,7 @@
- #include <ctype.h>
- #include "misc.h"
- 
--char *unquote(char *str)
-+char *__acl_unquote(char *str)
- {
- 	unsigned char *s, *t;
- 
-diff --git a/setfacl/parse.c b/setfacl/parse.c
-index e7e6add..7433459 100644
---- a/setfacl/parse.c
-+++ b/setfacl/parse.c
-@@ -226,7 +226,7 @@ user_entry:
- 			str = get_token(text_p);
- 			if (str) {
- 				cmd->c_tag = ACL_USER;
--				error = get_uid(unquote(str), &cmd->c_id);
-+				error = get_uid(__acl_unquote(str), &cmd->c_id);
- 				free(str);
- 				if (error) {
- 					*text_p = backup;
-@@ -245,7 +245,7 @@ user_entry:
- 			str = get_token(text_p);
- 			if (str) {
- 				cmd->c_tag = ACL_GROUP;
--				error = get_gid(unquote(str), &cmd->c_id); 
-+				error = get_gid(__acl_unquote(str), &cmd->c_id);
- 				free(str);
- 				if (error) {
- 					*text_p = backup;
-@@ -466,7 +466,7 @@ read_acl_comments(
- 		if (strncmp(cp, "file:", 5) == 0) {
- 			cp += 5;
- 			SKIP_WS(cp);
--			cp = unquote(cp);
-+			cp = __acl_unquote(cp);
- 			
- 			if (path_p) {
- 				if (*path_p)
-@@ -483,7 +483,7 @@ read_acl_comments(
- 			if (uid_p) {
- 				if (*uid_p != ACL_UNDEFINED_ID)
- 					goto fail;
--				if (get_uid(unquote(cp), uid_p) != 0)
-+				if (get_uid(__acl_unquote(cp), uid_p) != 0)
- 					continue;
- 			}
- 		} else if (strncmp(cp, "group:", 6) == 0) {
-@@ -493,7 +493,7 @@ read_acl_comments(
- 			if (gid_p) {
- 				if (*gid_p != ACL_UNDEFINED_ID)
- 					goto fail;
--				if (get_gid(unquote(cp), gid_p) != 0)
-+				if (get_gid(__acl_unquote(cp), gid_p) != 0)
- 					continue;
- 			}
- 		} else if (strncmp(cp, "flags:", 6) == 0) {
-diff --git a/setfacl/setfacl.c b/setfacl/setfacl.c
-index 81062a6..fb2d172 100644
---- a/setfacl/setfacl.c
-+++ b/setfacl/setfacl.c
-@@ -92,7 +92,7 @@ int promote_warning;
- 
- static const char *xquote(const char *str, const char *quote_chars)
- {
--	const char *q = quote(str, quote_chars);
-+	const char *q = __acl_quote(str, quote_chars);
- 	if (q == NULL) {
- 		fprintf(stderr, "%s: %s\n", progname, strerror(errno));
- 		exit(1);
-@@ -311,7 +311,7 @@ int next_file(const char *arg, seq_t seq)
- 	args.seq = seq;
- 
- 	if (strcmp(arg, "-") == 0) {
--		while ((line = next_line(stdin)))
-+		while ((line = __acl_next_line(stdin)))
- 			errors = walk_tree(line, walk_flags, 0, do_set, &args);
- 		if (!feof(stdin)) {
- 			fprintf(stderr, _("%s: Standard input: %s\n"),
--- 
-2.6.2
-

package/acl/0003-all-use-install-1-to-install-executables.patch

@@ -1,67 +0,0 @@
-From d3bd7b29b79147b4155e78a8ea06ded98b91f92a Mon Sep 17 00:00:00 2001
-From: "Yann E. MORIN" <yann.morin.1998@free.fr>
-Date: Tue, 8 May 2018 15:23:57 +0200
-Subject: [PATCH] all: use install(1) to install executables
-
-When the destination file already exists, the current install script
-will overwrite it with the new executable.
-
-However, when the existing executable is a symlink or hardlink to
-something else, like busybox, this effectively overwrites that something
-with the new executable, and thus replaces busybox and all its applets
-with the code for either of the three commands.
-
-We fix that by simply calling install(1). install(1) is sufficiently
-widespread that we don't bother checking for it, as tis is just a
-workaround while waiting for the version bump that will eventually fix
-it for good.
-
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
----
- chacl/Makefile   | 4 ++--
- getfacl/Makefile | 4 ++--
- setfacl/Makefile | 4 ++--
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/chacl/Makefile b/chacl/Makefile
-index 33858d6..c857329 100644
---- a/chacl/Makefile
-+++ b/chacl/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/getfacl/Makefile b/getfacl/Makefile
-index 7fbafda..8ac63e0 100644
---- a/getfacl/Makefile
-+++ b/getfacl/Makefile
-@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/setfacl/Makefile b/setfacl/Makefile
-index c44e7c0..eea2ede 100644
---- a/setfacl/Makefile
-+++ b/setfacl/Makefile
-@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
--- 
-2.14.1
-

package/acl/acl.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	179074bb0580c06c4b4137be4c5a92a701583277967acdb5546043c7874e0d23	acl-2.2.52.src.tar.gz
+sha256  06be9865c6f418d851ff4494e12406568353b891ffe1f596b34693c387af26c7  acl-2.2.53.tar.gz

package/acl/acl.mk

@@ -4,54 +4,18 @@
 #
 ################################################################################
 
-ACL_VERSION = 2.2.52
-ACL_SOURCE = acl-$(ACL_VERSION).src.tar.gz
+ACL_VERSION = 2.2.53
 ACL_SITE = http://download.savannah.gnu.org/releases/acl
-ACL_INSTALL_STAGING = YES
-ACL_DEPENDENCIES = attr
-ACL_CONF_OPTS = --enable-gettext=no
 ACL_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 ACL_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
 
-# While the configuration system uses autoconf, the Makefiles are
-# hand-written and do not use automake. Therefore, we have to hack
-# around their deficiencies by:
-# - explicitly passing CFLAGS (LDFLAGS are passed on from configure,
-#   CFLAGS are not).
-# - explicitly passing the installation prefix, not using DESTDIR.
-
-ACL_MAKE_ENV = CFLAGS="$(TARGET_CFLAGS)"
-
-ACL_INSTALL_STAGING_OPTS = \
-	prefix=$(STAGING_DIR)/usr \
-	exec_prefix=$(STAGING_DIR)/usr \
-	PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
-	install-dev install-lib
-
-ACL_INSTALL_TARGET_OPTS = \
-	prefix=$(TARGET_DIR)/usr \
-	exec_prefix=$(TARGET_DIR)/usr \
-	install install-lib
-
-# The libdir variable in libacl.la is empty, so let's fix it. This is
-# probably due to acl not using automake, and not doing fully the
-# right thing with libtool.
-define ACL_FIX_LIBTOOL_LA_LIBDIR
-	$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
-		$(STAGING_DIR)/usr/lib/libacl.la
-endef
-
-ACL_POST_INSTALL_STAGING_HOOKS += ACL_FIX_LIBTOOL_LA_LIBDIR
-
+ACL_DEPENDENCIES = attr
 HOST_ACL_DEPENDENCIES = host-attr
-HOST_ACL_CONF_OPTS = --enable-gettext=no
-HOST_ACL_MAKE_ENV = CFLAGS="$(HOST_CFLAGS)"
-HOST_ACL_INSTALL_OPTS = \
-	prefix=$(HOST_DIR) \
-	exec_prefix=$(HOST_DIR) \
-	PKG_DEVLIB_DIR=$(HOST_DIR)/lib \
-	install-dev install-lib
-# For the host, libacl.la is correct, no fixup needed.
+
+ACL_INSTALL_STAGING = YES
+
+ACL_CONF_OPTS = --disable-nls
+HOST_ACL_CONF_OPTS = --disable-nls
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/acpid/acpid.mk

@@ -15,9 +15,15 @@ define ACPID_INSTALL_INIT_SYSV
 		$(TARGET_DIR)/etc/init.d/S02acpid
 endef
 
+ifeq ($(BR2_INIT_SYSV)$(BR2_INIT_SYSTEMD),y)
+ACPID_POWEROFF_CMD = /sbin/shutdown -hP now
+else
+ACPID_POWEROFF_CMD = /sbin/poweroff
+endif
+
 define ACPID_SET_EVENTS
 	mkdir -p $(TARGET_DIR)/etc/acpi/events
-	printf "event=button[ /]power\naction=/sbin/poweroff\n" \
+	printf 'event=button[ /]power\naction=%s\n' '$(ACPID_POWEROFF_CMD)' \
 		>$(TARGET_DIR)/etc/acpi/events/powerbtn
 endef
 

package/android-tools/0008-Include-sysmacros.h-to-compile-with-glibc-2.28.patch

@@ -0,0 +1,42 @@
+usb_linux.c: fix minor()/major() build failure due to glibc 2.28
+
+glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
+and therefore <sys/sysmacros.h> must be included explicitly when
+major()/minor() are used.
+
+This commit adds a patch to directly include <sys/sysmacros.h> into
+all usb_linux.c files where minor() and major() macros are used.
+
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c	2013-02-18 15:49:03.000000000 +0100
++++ host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c	2018-09-09 11:47:16.476292546 +0200
+@@ -20,6 +20,7 @@
+ #include <string.h>
+ 
+ #include <sys/ioctl.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <dirent.h>
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c	2018-09-09 02:32:57.154503866 +0200
++++ host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c	2018-09-09 11:47:28.148353880 +0200
+@@ -20,6 +20,7 @@
+ #include <string.h>
+ 
+ #include <sys/ioctl.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <sys/time.h>
+ #include <dirent.h>
+diff -urpN host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c
+--- host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c	2013-02-18 15:49:03.000000000 +0100
++++ host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c	2018-09-09 11:46:53.028169154 +0200
+@@ -33,6 +33,7 @@
+ 
+ #include <sys/ioctl.h>
+ #include <sys/stat.h>
++#include <sys/sysmacros.h>
+ #include <sys/types.h>
+ #include <dirent.h>
+ #include <fcntl.h>

package/android-tools/Config.in

@@ -15,6 +15,8 @@ config BR2_PACKAGE_ANDROID_TOOLS
 	  can be used to interact with target devices using of these
 	  protocols.
 
+	  https://wiki.debian.org/AndroidTools#Original_android-tools_package
+
 if BR2_PACKAGE_ANDROID_TOOLS
 
 # We need kernel headers that support the __SANE_USERSPACE_TYPES__

package/apache/apache.hash

@@ -1,3 +1,4 @@
-# From http://archive.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.sha256
-sha256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 httpd-2.4.33.tar.bz2
+# From http://archive.apache.org/dist/httpd/httpd-2.4.35.tar.bz2.sha256
+sha256 2607c6fdd4d12ac3f583127629291e9432b247b782396a563bec5678aae69b56 httpd-2.4.35.tar.bz2
+# Locally computed
 sha256 c49c0819a726b70142621715dae3159c47b0349c2bc9db079070f28dadac0229 LICENSE

package/apache/apache.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-APACHE_VERSION = 2.4.33
+APACHE_VERSION = 2.4.35
 APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
 APACHE_SITE = http://archive.apache.org/dist/httpd
 APACHE_LICENSE = Apache-2.0

package/arp-scan/Config.in

@@ -7,4 +7,4 @@ config BR2_PACKAGE_ARP_SCAN
 	  arp-scan is a command-line tool that uses the ARP protocol to
 	  discover and fingerprint IP hosts on the local network.
 
-	  http://www.nta-monitor.com/wiki/index.php/Arp-scan_Documentation
+	  https://github.com/royhills/arp-scan

package/attr/0001-build-with-older-GCCs.patch

@@ -0,0 +1,87 @@
+From 3ac428794ea0f95c854166c9c0cffb0267c5e98b Mon Sep 17 00:00:00 2001
+From: Hollis Blanchard <hollis_blanchard@mentor.com>
+Date: Mon, 30 Jul 2018 14:17:21 -0700
+Subject: [PATCH] Remove messages in "deprecated" gcc attributes
+
+GCC versions up through 4.4.7 (which is used in RHEL 6) do not accept
+any argument for the deprecated attribute. GCC 4.5 and later say the
+"msg" argument is optional. We don't need the messages during
+Buildroot builds anyways.
+
+Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
+---
+ include/attributes.h | 20 ++++++++++----------
+ 1 file changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/include/attributes.h b/include/attributes.h
+index 14beb8f..23c39c8 100644
+--- a/include/attributes.h
++++ b/include/attributes.h
+@@ -127,10 +127,10 @@ typedef struct attr_multiop {
+  */
+ EXPORT int attr_get (const char *__path, const char *__attrname,
+ 			char *__attrvalue, int *__valuelength, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr or lgetxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
+ 			int *__valuelength, int __flags)
+-	__attribute__ ((deprecated ("Use fgetxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Set the value of an attribute, creating the attribute if necessary.
+@@ -139,11 +139,11 @@ EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
+ EXPORT int attr_set (const char *__path, const char *__attrname,
+ 			const char *__attrvalue, const int __valuelength,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use setxattr or lsetxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_setf (int __fd, const char *__attrname,
+ 			const char *__attrvalue, const int __valuelength,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use fsetxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Remove an attribute.
+@@ -151,9 +151,9 @@ EXPORT int attr_setf (int __fd, const char *__attrname,
+  */
+ EXPORT int attr_remove (const char *__path, const char *__attrname,
+ 			int __flags)
+-	__attribute__ ((deprecated ("Use removexattr or lremovexattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
+-	__attribute__ ((deprecated ("Use fremovexattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * List the names and sizes of the values of all the attributes of an object.
+@@ -164,10 +164,10 @@ EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
+  */
+ EXPORT int attr_list(const char *__path, char *__buffer, const int __buffersize,
+ 		int __flags, attrlist_cursor_t *__cursor)
+-	__attribute__ ((deprecated ("Use listxattr or llistxattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
+ 		int __flags, attrlist_cursor_t *__cursor)
+-	__attribute__ ((deprecated ("Use flistxattr instead")));
++	__attribute__ ((deprecated));
+ 
+ /*
+  * Operate on multiple attributes of the same object simultaneously.
+@@ -188,10 +188,10 @@ EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
+  */
+ EXPORT int attr_multi (const char *__path, attr_multiop_t *__oplist,
+ 			int __count, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
++	__attribute__ ((deprecated));
+ EXPORT int attr_multif (int __fd, attr_multiop_t *__oplist,
+ 			int __count, int __flags)
+-	__attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
++	__attribute__ ((deprecated));
+ 
+ #ifdef __cplusplus
+ }
+-- 
+2.13.0
+

package/attr/0001-support-static-installation.patch

@@ -1,29 +0,0 @@
-Support installation of .a file when doing static linking
-
-When doing static linking (i.e ENABLE_SHARED != yes), the attr build
-logic wasn't installing any library at all, not even the .a file which
-is needed for static linking. This patch fixes that.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/include/buildmacros
-===================================================================
---- a/include/buildmacros
-+++ b/include/buildmacros
-@@ -97,7 +97,15 @@
- 
- INSTALL_LTLIB_STATIC = \
- 	cd $(TOPDIR)/$(LIBNAME)/.libs; \
--	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
-+	../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
-+	../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
-+	../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
-+	../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
-+	if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
-+	../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
-+	fi
- 
- INSTALL_MAN = \
- 	@for d in $(MAN_PAGES); do \

package/attr/0002-avoid-glibc-specific-decls-defines.patch

@@ -1,37 +0,0 @@
-From 667137acaffb8d0cc62b47821a67a52ba0637d5c Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Fri, 10 Jan 2014 13:56:37 +0000
-Subject: avoid glibc-specific DECLS defines
-
-This matches what we do in all the other headers.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
-diff --git a/include/xattr.h b/include/xattr.h
-index 70a84be..070d7c5 100644
---- a/include/xattr.h
-+++ b/include/xattr.h
-@@ -30,8 +30,9 @@
- #define XATTR_CREATE  0x1       /* set value, fail if attr already exists */
- #define XATTR_REPLACE 0x2       /* set value, fail if attr does not exist */
- 
--
--__BEGIN_DECLS
-+#ifdef __cplusplus
-+extern "C" {
-+#endif
- 
- extern int setxattr (const char *__path, const char *__name,
- 		      const void *__value, size_t __size, int __flags) __THROW;
-@@ -58,6 +59,8 @@ extern int removexattr (const char *__path, const char *__name) __THROW;
- extern int lremovexattr (const char *__path, const char *__name) __THROW;
- extern int fremovexattr (int __filedes,   const char *__name) __THROW;
- 
--__END_DECLS
-+#ifdef __cplusplus
-+}
-+#endif
- 
- #endif	/* __XATTR_H__ */
---
-cgit v0.9.0.2

package/attr/0003-portability-fixes.patch

@@ -1,37 +0,0 @@
-From 92247401984dd9a80d9d0c8c030692323f980678 Mon Sep 17 00:00:00 2001
-From: Emmanuel Dreyfus <manu@netbsd.org>
-Date: Mon, 30 Jun 2014 13:06:05 +0000
-Subject: Portability fixes
-
-- <features.h>  is Linux specific
-- Define __THROW for non glibc based systems
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
----
-(limited to 'include/xattr.h')
-
-diff --git a/include/xattr.h b/include/xattr.h
-index 070d7c5..fd1f268 100644
---- a/include/xattr.h
-+++ b/include/xattr.h
-@@ -20,7 +20,18 @@
- #ifndef __XATTR_H__
- #define __XATTR_H__
- 
-+#if defined(linux)
- #include <features.h>
-+#endif
-+
-+/* Portability non glibc c++ build systems */
-+#ifndef __THROW
-+# if defined __cplusplus
-+#  define __THROW       throw ()
-+# else
-+#  define __THROW
-+# endif
-+#endif
- 
- #include <errno.h>
- #ifndef ENOATTR
---
-cgit v0.9.0.2

package/attr/0004-all-use-install-1-to-install-executables.patch

@@ -1,67 +0,0 @@
-From 4187e60ab52cac3ed36036a354977310dab68dcb Mon Sep 17 00:00:00 2001
-From: "Yann E. MORIN" <yann.morin.1998@free.fr>
-Date: Tue, 8 May 2018 15:16:10 +0200
-Subject: [PATCH] all: use install(1) to install executables
-
-When the destination file already exists, the current install script
-will overwrite it with the new executable.
-
-However, when the existing executable is a symlink or hardlink to
-something else, like busybox, this effectively overwrites that something
-with the new executable, and thus replaces busybox and all its applets
-with the code for either of the three commands.
-
-We fix that by simply calling install(1). install(1) is sufficiently
-widespread that we don't bother checking for it, as this is just a
-workaround while waiting for the version bump that will eventually fix
-it for good.
-
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
----
- attr/Makefile     | 4 ++--
- getfattr/Makefile | 4 ++--
- setfattr/Makefile | 4 ++--
- 3 files changed, 6 insertions(+), 6 deletions(-)
-
-diff --git a/attr/Makefile b/attr/Makefile
-index 1c467e8..326dd7e 100644
---- a/attr/Makefile
-+++ b/attr/Makefile
-@@ -29,6 +29,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/getfattr/Makefile b/getfattr/Makefile
-index 91d3df2..f913172 100644
---- a/getfattr/Makefile
-+++ b/getfattr/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
-diff --git a/setfattr/Makefile b/setfattr/Makefile
-index d55461b..26dc5d8 100644
---- a/setfattr/Makefile
-+++ b/setfattr/Makefile
-@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
- include $(BUILDRULES)
- 
- install: default
--	$(INSTALL) -m 755 -d $(PKG_BIN_DIR)
--	$(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
-+	install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
-+
- install-dev install-lib:
--- 
-2.14.1
-

package/attr/attr.hash

@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	25772f653ac5b2e3ceeb89df50e4688891e21f723c460636548971652af0a859	attr-2.4.47.src.tar.gz
+sha256  5ead72b358ec709ed00bbf7a9eaef1654baad937c001c044fe8b74c57f5324e7  attr-2.4.48.tar.gz

package/attr/attr.mk

@@ -4,43 +4,15 @@
 #
 ################################################################################
 
-ATTR_VERSION = 2.4.47
-ATTR_SOURCE = attr-$(ATTR_VERSION).src.tar.gz
+ATTR_VERSION = 2.4.48
 ATTR_SITE = http://download.savannah.gnu.org/releases/attr
-ATTR_INSTALL_STAGING = YES
-ATTR_CONF_OPTS = --enable-gettext=no
-HOST_ATTR_CONF_OPTS = --enable-gettext=no
 ATTR_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 ATTR_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
 
-# While the configuration system uses autoconf, the Makefiles are
-# hand-written and do not use automake. Therefore, we have to hack
-# around their deficiencies by passing installation paths.
-ATTR_INSTALL_STAGING_OPTS = \
-	prefix=$(STAGING_DIR)/usr \
-	exec_prefix=$(STAGING_DIR)/usr \
-	PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
-	install-dev install-lib
+ATTR_INSTALL_STAGING = YES
 
-ATTR_INSTALL_TARGET_OPTS = \
-	prefix=$(TARGET_DIR)/usr \
-	exec_prefix=$(TARGET_DIR)/usr \
-	install install-lib
-
-HOST_ATTR_INSTALL_OPTS = \
-	prefix=$(HOST_DIR) \
-	exec_prefix=$(HOST_DIR) \
-	install-dev install-lib
-
-# The libdir variable in libattr.la is empty, so let's fix it. This is
-# probably due to attr not using automake, and not doing fully the
-# right thing with libtool.
-define ATTR_FIX_LIBTOOL_LA_LIBDIR
-	$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
-		$(STAGING_DIR)/usr/lib/libattr.la
-endef
-
-ATTR_POST_INSTALL_STAGING_HOOKS += ATTR_FIX_LIBTOOL_LA_LIBDIR
+ATTR_CONF_OPTS = --disable-nls
+HOST_ATTR_CONF_OPTS = --disable-nls
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/audit/audit.mk

@@ -51,8 +51,8 @@ define AUDIT_INSTALL_INIT_SYSTEMD
 endef
 
 define AUDIT_INSTALL_CLEANUP
-	$(RM) -rf $(TARGET_DIR)/etc/rc.d
-	$(RM) -rf $(TARGET_DIR)/etc/sysconfig
+	$(RM) $(TARGET_DIR)/etc/rc.d/init.d/auditd
+	$(RM) $(TARGET_DIR)/etc/sysconfig/auditd
 endef
 AUDIT_POST_INSTALL_TARGET_HOOKS += AUDIT_INSTALL_CLEANUP
 

package/bandwidthd/Config.in

@@ -25,8 +25,10 @@ config BR2_PACKAGE_BANDWIDTHD
 	  available on github that works on making BandwidthD's build
 	  process more compatible with buildroot's.
 
-	  Upstream: http://bandwidthd.sourceforge.net/
-	  Github fork: http://github.com/nroach44/bandwidthd
+	  Upstream:
+	  http://bandwidthd.sourceforge.net/
+	  Github fork:
+	  http://github.com/nroach44/bandwidthd
 
 if BR2_PACKAGE_BANDWIDTHD
 

package/bind/bind.hash

@@ -1,3 +1,4 @@
-# Verified from http://ftp.isc.org/isc/bind9/9.11.2-P1/bind-9.11.2-P1.tar.gz.sha256.asc
-sha256 cec31548832fca3f85d95178d4019b7d702039e8595d4c93914feba337df1212 bind-9.11.2-P1.tar.gz
-sha256 d3906dfe153e2c48440d3ca1d5319f5e89b4b820cdfc5d0779c23d7ac2b175e9 COPYRIGHT
+# Verified from https://ftp.isc.org/isc/bind9/9.11.4-P1/bind-9.11.4-P1.tar.gz.asc
+# with key BE0E9748B718253A28BB89FFF1B11BF05CF02E57
+sha256 a85af7b629109d41285c7adeae1515daac638bbe4d5dc30d1f4b343dff09d811 bind-9.11.4-P2.tar.gz
+sha256 336f3c40e37a1a13690efb4c63e20908faa4c40498cc02f3579fb67d3a1933a5 COPYRIGHT

package/bind/bind.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-BIND_VERSION = 9.11.2-P1
+BIND_VERSION = 9.11.4-P2
 BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
 # bind does not support parallel builds.
 BIND_MAKE = $(MAKE1)
@@ -33,7 +33,7 @@ BIND_CONF_OPTS = \
 	--enable-filter-aaaa
 
 ifeq ($(BR2_PACKAGE_ZLIB),y)
-BIND_CONF_OPTS += --with-zlib=$(STAGING_DIR)/usr/include
+BIND_CONF_OPTS += --with-zlib=$(STAGING_DIR)/usr
 BIND_DEPENDENCIES += zlib
 else
 BIND_CONF_OPTS += --without-zlib
@@ -61,7 +61,9 @@ BIND_CONF_ENV += \
 	ac_cv_func_EVP_sha512=yes
 BIND_CONF_OPTS += \
 	--with-openssl=$(STAGING_DIR)/usr LIBS="-lz" \
-	--with-ecdsa=yes
+	--with-ecdsa=yes \
+	--with-eddsa=no \
+	--with-aes=yes
 # GOST cipher support requires openssl extra engines
 ifeq ($(BR2_PACKAGE_OPENSSL_ENGINES),y)
 BIND_CONF_OPTS += --with-gost=yes

package/binutils/Config.in.host

@@ -26,7 +26,7 @@ endchoice
 
 config BR2_BINUTILS_VERSION
 	string
-	default "arc-2018.03-rc2"	if BR2_BINUTILS_VERSION_ARC
+	default "arc-2018.03"	if BR2_BINUTILS_VERSION_ARC
 	default "2.28.1"	if BR2_BINUTILS_VERSION_2_28_X
 	default "2.29.1"	if BR2_BINUTILS_VERSION_2_29_X
 	default "2.30"		if BR2_BINUTILS_VERSION_2_30_X

package/binutils/binutils.hash

@@ -4,4 +4,4 @@ sha512  d748d22306477d60d921078804d21943248c23fca0707aac9b016a352c01c75ca69e8262
 sha512  e747ea20d8d79fcd21b9d9f6695059caa7189d60f19256da398e34b789fea9a133c32b192e9693b5828d27683739b0198431bf8b3e39fb3b04884cf89d9aa839  binutils-2.30.tar.xz
 
 # Locally calculated (fetched from Github)
-sha512  c9d41001bd41d96f1cd78748c1e8df9715aab1158c0a1c9c90a2010e335c357d0d6816202b7fcf7c7d8d4a65e25920b0b35af6a59edd0d29fd9edddd8be95a48  binutils-arc-2018.03-rc2.tar.gz
+sha512  bea88164ed48733bad63393fe702e12e651efd113aa4f3fe2e253e05c4c1e5da20b5a99333f0b5528df6d32ce806f799211c568e1916845a87999901dde28817  binutils-arc-2018.03.tar.gz

package/binutils/binutils.mk

@@ -9,13 +9,13 @@
 BINUTILS_VERSION = $(call qstrip,$(BR2_BINUTILS_VERSION))
 ifeq ($(BINUTILS_VERSION),)
 ifeq ($(BR2_arc),y)
-BINUTILS_VERSION = arc-2018.03-rc2
+BINUTILS_VERSION = arc-2018.03
 else
 BINUTILS_VERSION = 2.29.1
 endif
 endif # BINUTILS_VERSION
 
-ifeq ($(BINUTILS_VERSION),arc-2018.03-rc2)
+ifeq ($(BINUTILS_VERSION),arc-2018.03)
 BINUTILS_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,binutils-gdb,$(BINUTILS_VERSION))
 BINUTILS_SOURCE = binutils-$(BINUTILS_VERSION).tar.gz
 BINUTILS_FROM_GIT = y

package/bison/0001-fflush-adjust-to-glibc-2.28-libio.h-removal.patch

@@ -0,0 +1,50 @@
+From 4af4a4a71827c0bc5e0ec67af23edef4f15cee8e Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Mon, 5 Mar 2018 10:56:29 -0800
+Subject: [PATCH 1/1] fflush: adjust to glibc 2.28 libio.h removal
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Problem reported by Daniel P. Berrangé in:
+https://lists.gnu.org/r/bug-gnulib/2018-03/msg00000.html
+* lib/fbufmode.c (fbufmode):
+* lib/fflush.c (clear_ungetc_buffer_preserving_position)
+(disable_seek_optimization, rpl_fflush):
+* lib/fpending.c (__fpending):
+* lib/fpurge.c (fpurge):
+* lib/freadable.c (freadable):
+* lib/freadahead.c (freadahead):
+* lib/freading.c (freading):
+* lib/freadptr.c (freadptr):
+* lib/freadseek.c (freadptrinc):
+* lib/fseeko.c (fseeko):
+* lib/fseterr.c (fseterr):
+* lib/fwritable.c (fwritable):
+* lib/fwriting.c (fwriting):
+Check _IO_EOF_SEEN instead of _IO_ftrylockfile.
+* lib/stdio-impl.h (_IO_IN_BACKUP) [_IO_EOF_SEEN]:
+Define if not already defined.
+---
+ lib/fseterr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+[yann.morin.1998@free.fr: partially backport from upstream gnulib]
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+
+diff --git a/lib/fseterr.c b/lib/fseterr.c
+index 82649c3ac..adb637256 100644
+--- a/lib/fseterr.c
++++ b/lib/fseterr.c
+@@ -29,7 +29,7 @@ fseterr (FILE *fp)
+   /* Most systems provide FILE as a struct and the necessary bitmask in
+      <stdio.h>, because they need it for implementing getc() and putc() as
+      fast macros.  */
+-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+   fp->_flags |= _IO_ERR_SEEN;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+   /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+-- 
+2.14.1
+

package/bison/0002-fflush-be-more-paranoid-about-libio.h-change.patch

@@ -0,0 +1,46 @@
+From 74d9d6a293d7462dea8f83e7fc5ac792e956a0ad Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Thu, 8 Mar 2018 16:42:45 -0800
+Subject: [PATCH 2/2] fflush: be more paranoid about libio.h change
+
+Suggested by Eli Zaretskii in:
+https://lists.gnu.org/r/emacs-devel/2018-03/msg00270.html
+* lib/fbufmode.c (fbufmode):
+* lib/fflush.c (clear_ungetc_buffer_preserving_position)
+(disable_seek_optimization, rpl_fflush):
+* lib/fpending.c (__fpending):
+* lib/fpurge.c (fpurge):
+* lib/freadable.c (freadable):
+* lib/freadahead.c (freadahead):
+* lib/freading.c (freading):
+* lib/freadptr.c (freadptr):
+* lib/freadseek.c (freadptrinc):
+* lib/fseeko.c (fseeko):
+* lib/fseterr.c (fseterr):
+* lib/fwritable.c (fwritable):
+* lib/fwriting.c (fwriting):
+Look at _IO_ftrylockfile as well as at _IO_EOF_SEEN.
+---
+ lib/fseterr.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+[yann.morin.1998@free.fr: partially backport from upstream gnulib]
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+
+diff --git a/lib/fseterr.c b/lib/fseterr.c
+index adb637256..fd9da6338 100644
+--- a/lib/fseterr.c
++++ b/lib/fseterr.c
+@@ -29,7 +29,8 @@ fseterr (FILE *fp)
+   /* Most systems provide FILE as a struct and the necessary bitmask in
+      <stdio.h>, because they need it for implementing getc() and putc() as
+      fast macros.  */
+-#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1
++  /* GNU libc, BeOS, Haiku, Linux libc5 */
+   fp->_flags |= _IO_ERR_SEEN;
+ #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
+   /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
+-- 
+2.14.1
+

package/brltty/0004-buildsys-fix-cross-compilation.patch

@@ -0,0 +1,41 @@
+From 088666535a045dae71bd2fcc6b3a1553023106ce Mon Sep 17 00:00:00 2001
+From: "Yann E. MORIN" <yann.morin.1998@free.fr>
+Date: Wed, 22 Aug 2018 10:10:19 +0200
+Subject: [PATCH] buildsys: fix cross-compilation
+
+Some identifiers for includes and libs paths may contain digit, e.g.
+X11_PACKAGE or ATSPI2_PACKAGE or GLIB2_PACKAGE...
+
+Also detect those identifiers when doing cros-compilation, so that the
+_FOR_BUILD variants are really created and do not clash with the target
+variants.
+
+Fixes:
+    http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/build-end.log
+    http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/build-end.log
+    [...]
+
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+---
+Upstram status: submitted
+https://github.com/brltty/brltty/pull/142
+---
+ mk4build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/mk4build b/mk4build
+index db90c86a9..551283825 100755
+--- a/mk4build
++++ b/mk4build
+@@ -112,7 +112,7 @@ fi
+ 
+ sedScript="${outputName}.${sedExtension}"
+ sed -n -e '
+-s/^ *\([A-Za-z][A-Za-z_]*\) *=.*$/\1/
++s/^ *\([A-Za-z][A-Za-z0-9_]*\) *=.*$/\1/
+ t found
+ d
+ :found
+-- 
+2.14.1
+

package/brltty/brltty.hash

@@ -1,3 +1,4 @@
 sha256 4ebf1df5922df0efccac4795f5bd1c514fc850348c34d9ec0868e2798b565a36 brltty-5.5.tar.xz
 sha256 91df39d1816bfb17a4dda2d3d2c83b1f6f2d38d53e53e41e8f97ad5ac46a0cad LICENSE-GPL
 sha256 d80c9d084ebfb50ea1ed91bfbc2410d6ce542097a32c43b00781b83adcb8c77f LICENSE-LGPL
+sha256 6ba58188449642de8adefd7adabb436185792c5c51a4b5d04650423c2151dc50 README

package/brltty/brltty.mk

@@ -9,7 +9,8 @@ BRLTTY_SOURCE = brltty-$(BRLTTY_VERSION).tar.xz
 BRLTTY_SITE = http://brltty.com/archive
 BRLTTY_INSTALL_STAGING_OPTS = INSTALL_ROOT=$(STAGING_DIR) install
 BRLTTY_INSTALL_TARGET_OPTS = INSTALL_ROOT=$(TARGET_DIR) install
-BRLTTY_LICENSE_FILES = LICENSE-GPL LICENSE-LGPL
+BRLTTY_LICENSE = GPL-2.0+, LGPL-2.1+ (data, client side)
+BRLTTY_LICENSE_FILES = LICENSE-GPL LICENSE-LGPL README
 
 BRLTTY_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES) host-autoconf host-pkgconf
 

package/btrfs-progs/0001-Makefile-install-static-library-and-headers-in-insta.patch

@@ -41,8 +41,8 @@ index 67fbc48..d9e34be 100644
  	$(LN_S) -f btrfs.static $(DESTDIR)$(bindir)/btrfsck.static
 +	$(INSTALL) -m755 -d $(DESTDIR)$(libdir)
 +	$(INSTALL) $(libs_static) $(DESTDIR)$(libdir)
-+	$(INSTALL) -m755 -d $(DESTDIR)$(incdir)
-+	$(INSTALL) -m644 $(libbtrfs_headers) $(DESTDIR)$(incdir)
++	$(INSTALL) -m755 -d $(DESTDIR)$(incdir)/btrfs
++	$(INSTALL) -m644 $(libbtrfs_headers) $(DESTDIR)$(incdir)/btrfs
  
  $(INSTALLDIRS):
  	@echo "Making install in $(patsubst install-%,%,$@)"

package/bzip2/Config.in

@@ -5,5 +5,3 @@ config BR2_PACKAGE_BZIP2
 	  It typically compresses files to within 10% to 15% of the best
 	  available techniques, while being around twice as fast at
 	  compression and six times faster at decompression.
-
-	  http://www.bzip.org

package/bzip2/bzip2.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 BZIP2_VERSION = 1.0.6
-BZIP2_SITE = http://www.bzip.org/$(BZIP2_VERSION)
+BZIP2_SITE = http://sources.buildroot.net
 BZIP2_INSTALL_STAGING = YES
 BZIP2_LICENSE = bzip2 license
 BZIP2_LICENSE_FILES = LICENSE

package/chipmunk/0001-Fix-build-failure-on-musl.patch

@@ -0,0 +1,37 @@
+From 231c1fb97785290aaac89ed74d7cb24eaa74b363 Mon Sep 17 00:00:00 2001
+From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Date: Sun, 2 Sep 2018 12:05:22 +0200
+Subject: [PATCH] Fix build failure on musl
+
+Build fails on:
+/home/test/autobuild/run/instance-0/output/build/chipmunk-7.0.2/src/cpHastySpace.c:11:24: fatal error: sys/sysctl.h: No such file or directory
+
+Indeed, sys/sysctl.h is not available on musl so include this header
+only if __APPLE__ is defined as sysctlbyname is only used in this case.
+
+Fixes:
+ - http://autobuild.buildroot.org/results/e5be2f8eb9315a9054e1c8d854dec37cbb28eed7
+
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Upstream status: https://github.com/slembcke/Chipmunk2D/pull/171]
+---
+ src/cpHastySpace.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/cpHastySpace.c b/src/cpHastySpace.c
+index 8dca425..e087df8 100644
+--- a/src/cpHastySpace.c
++++ b/src/cpHastySpace.c
+@@ -8,7 +8,9 @@
+ 
+ //#include <sys/param.h >
+ #ifndef _WIN32
++#ifdef __APPLE__
+ #include <sys/sysctl.h>
++#endif
+ #include <pthread.h>
+ #else
+ #ifndef WIN32_LEAN_AND_MEAN
+-- 
+2.17.1
+

package/chrony/0002-util-fall-back-to-reading-dev-urandom-when-getrandom.patch

@@ -0,0 +1,42 @@
+From 7c5bd948bb7e21fa0ee22f29e97748b2d0360319 Mon Sep 17 00:00:00 2001
+From: Miroslav Lichvar <mlichvar@redhat.com>
+Date: Thu, 17 May 2018 14:16:58 +0200
+Subject: [PATCH] util: fall back to reading /dev/urandom when getrandom()
+ blocks
+
+With recent changes in the Linux kernel, the getrandom() system call may
+block for a long time after boot on machines that don't have enough
+entropy. It blocks the chronyd's initialization before it can detach
+from the terminal and may cause a chronyd service to fail to start due
+to a timeout.
+
+At least for now, enable the GRND_NONBLOCK flag to make the system call
+non-blocking and let the code fall back to reading /dev/urandom (which
+never blocks) if the system call failed with EAGAIN or any other error.
+
+This makes the start of chronyd non-deterministic with respect to files
+that it needs to open and possibly also makes it slightly easier to
+guess the transmit/receive timestamp in client requests until the
+urandom source is fully initialized.
+
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ util.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/util.c b/util.c
+index 4b3e455..76417d5 100644
+--- a/util.c
++++ b/util.c
+@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, unsigned int len)
+       if (disabled)
+         break;
+ 
+-      if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
++      if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) {
+         disabled = 1;
+         break;
+       }
+-- 
+2.11.0
+

package/cifs-utils/cifs-utils.mk

@@ -15,7 +15,7 @@ CIFS_UTILS_DEPENDENCIES = host-pkgconf
 
 # Let's disable PIE unconditionally. We want PIE to be enabled only by
 # the global BR2_RELRO_FULL option.
-CIFS_UTILS_CONF_OPTS = --disable-pie
+CIFS_UTILS_CONF_OPTS = --disable-pie --disable-man
 
 ifeq ($(BR2_PACKAGE_KEYUTILS),y)
 CIFS_UTILS_DEPENDENCIES += keyutils

package/clamav/clamav.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 c5c5edaf75a3c53ac0f271148fd6447310bce53f448ec7e6205124a25918f65c  clamav-0.100.0.tar.gz
+sha256 4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6  clamav-0.100.2.tar.gz
 sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584  COPYING
 sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed  COPYING.bzip2
 sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6  COPYING.file

package/clamav/clamav.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-CLAMAV_VERSION = 0.100.0
+CLAMAV_VERSION = 0.100.2
 CLAMAV_SITE = https://www.clamav.net/downloads/production
 CLAMAV_LICENSE = GPL-2.0
 CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \

package/collectd/collectd.hash

@@ -1,2 +1,6 @@
 # From https://collectd.org/files/SHA256SUM
 sha256	7edd3643c0842215553b2421d5456f4e9a8a58b07e216b40a7e8e91026d8e501	collectd-5.7.1.tar.bz2
+
+# Hash for license files
+sha256	ed0409b2b1c30566dab5fcdaf46ee70e140c99788e22f0267645a9357b476ae4	COPYING
+sha256	f18a0811fa0e220ccbc42f661545e77f0388631e209585ed582a1c693029c6aa	libltdl/COPYING.LIB

package/collectd/collectd.mk

@@ -9,8 +9,8 @@ COLLECTD_SITE = http://collectd.org/files
 COLLECTD_SOURCE = collectd-$(COLLECTD_VERSION).tar.bz2
 COLLECTD_CONF_ENV = ac_cv_lib_yajl_yajl_alloc=yes
 COLLECTD_INSTALL_STAGING = YES
-COLLECTD_LICENSE = GPL-2.0, LGPL-2.1
-COLLECTD_LICENSE_FILES = COPYING
+COLLECTD_LICENSE = MIT (daemon, plugins), GPL-2.0 (plugins), LGPL-2.1 (plugins)
+COLLECTD_LICENSE_FILES = COPYING libltdl/COPYING.LIB
 
 # These require unmet dependencies, are fringe, pointless or deprecated
 COLLECTD_PLUGINS_DISABLE = \

package/connman/Config.in

@@ -14,7 +14,7 @@ config BR2_PACKAGE_CONNMAN
 	  for managing internet connections within embedded devices
 	  running the Linux operating system.
 
-	  For more information, see https://01.org/connman
+	  https://01.org/connman
 
 if BR2_PACKAGE_CONNMAN
 

package/coreutils/coreutils.mk

@@ -120,7 +120,8 @@ define COREUTILS_CLEANUP
 	# link for archaic shells
 	ln -fs test $(TARGET_DIR)/usr/bin/[
 	# gnu thinks chroot is in bin, debian thinks it's in sbin
-	mv -f $(TARGET_DIR)/usr/bin/chroot $(TARGET_DIR)/usr/sbin/chroot
+	rm -f $(TARGET_DIR)/usr/bin/chroot
+	ln -sf ../bin/coreutils $(TARGET_DIR)/usr/sbin/chroot
 endef
 
 COREUTILS_POST_INSTALL_TARGET_HOOKS += COREUTILS_CLEANUP

package/cppcms/cppcms.hash

@@ -3,3 +3,5 @@ sha1	15f21897c14acfd4b0c74622e49d95857f2fe939	cppcms-1.0.5.tar.bz2
 md5	d668c201dd31fff8090380ebdc0bcc2b	cppcms-1.0.5.tar.bz2
 # Locally computed:
 sha256	84b685977bca97c3e997497f227bd5906adb80555066d811a7046b01c2f51865	cppcms-1.0.5.tar.bz2
+sha256	2ff22bab712c46dbadf9bae0f759bbc95d5d87614cacb7ebc3d5a50910603d6a	COPYING.TXT
+sha256	70fbf0194bee0f444c57ecd47e7d976a3e5a890e4421a21aab49f2d214267e69	THIRD_PARTY_SOFTWARE.TXT

package/cppcms/cppcms.mk

@@ -6,8 +6,8 @@
 
 CPPCMS_VERSION = 1.0.5
 CPPCMS_SOURCE = cppcms-$(CPPCMS_VERSION).tar.bz2
-CPPCMS_LICENSE = LGPL-3.0
-CPPCMS_LICENSE_FILES = COPYING.TXT
+CPPCMS_LICENSE = LGPL-3.0, BSL-1.0 (boost), MIT (base64.cpp), Public Domain (json2.js), Zlib (md5)
+CPPCMS_LICENSE_FILES = COPYING.TXT THIRD_PARTY_SOFTWARE.TXT
 CPPCMS_SITE = http://downloads.sourceforge.net/project/cppcms/cppcms/$(CPPCMS_VERSION)
 CPPCMS_INSTALL_STAGING = YES
 CPPCMS_CXXFLAGS = $(TARGET_CXXFLAGS)

package/crda/Config.in

@@ -15,7 +15,7 @@ config BR2_PACKAGE_CRDA
 	  query and apply the regulatory domain settings wireless
 	  devices may operate within for a given location.
 
-	  http://linuxwireless.org/en/developers/Regulatory/CRDA
+	  https://wireless.wiki.kernel.org/en/developers/regulatory/crda
 
 comment "crda needs a toolchain w/ threads, dynamic library"
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS

package/cryptsetup/0001-Remove-json_object-typedef.patch

@@ -0,0 +1,46 @@
+From 567e7f8664c621f8aeaa95d9f4ab4b590574f572 Mon Sep 17 00:00:00 2001
+From: Baruch Siach <baruch@tkos.co.il>
+Date: Wed, 15 Aug 2018 14:13:46 +0300
+Subject: [PATCH] Remove json_object typedef
+
+The json-c header already defines the same typedef. While C11 allows
+typedef redefinition to the same type, older versions of gcc disallow
+that.
+
+In file included from lib/luks2/luks2_internal.h:32,
+                 from lib/luks2/luks2_disk_metadata.c:24:
+lib/luks2/luks2.h:86: error: redefinition of typedef 'json_object'
+
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+ lib/luks2/luks2.h | 1 -
+ lib/setup.c       | 1 +
+ 2 files changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/luks2/luks2.h b/lib/luks2/luks2.h
+index ee57b41ba974..25e36190da45 100644
+--- a/lib/luks2/luks2.h
++++ b/lib/luks2/luks2.h
+@@ -83,7 +83,6 @@ struct luks2_hdr_disk {
+ /*
+  * LUKS2 header in-memory.
+  */
+-typedef struct json_object json_object;
+ struct luks2_hdr {
+ 	size_t		hdr_size;
+ 	uint64_t	seqid;
+diff --git a/lib/setup.c b/lib/setup.c
+index fddbe7ef7897..856f6e80f465 100644
+--- a/lib/setup.c
++++ b/lib/setup.c
+@@ -28,6 +28,7 @@
+ #include <sys/utsname.h>
+ #include <fcntl.h>
+ #include <errno.h>
++#include <json-c/json.h>
+ 
+ #include "libcryptsetup.h"
+ #include "luks.h"
+-- 
+2.18.0
+

package/cryptsetup/cryptsetup.hash

@@ -1,4 +1,4 @@
 # From https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/sha256sums.asc
-sha256 4f8105d7f3bf758d58da3058b3cbd66c0ca81492b2dafe8ae7c049cc9e939e97  cryptsetup-2.0.2.tar.xz
+sha256 4d6cca04c1f5ff4a68d045d190efb2623087eda0274ded92f92a4b6911e501d4  cryptsetup-2.0.3.tar.xz
 sha256 45670cce8b6a0ddd66c8016cd8ccef6cd71f35717cbacc7f1e895b3855207b33  COPYING
 sha256 8c33cc37871654ec7ed87e6fbb896c8cf33ef5ef05b1611a5aed857596ffafa5  COPYING.LGPL

package/cryptsetup/cryptsetup.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 CRYPTSETUP_VERSION_MAJOR = 2.0
-CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).2
+CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).3
 CRYPTSETUP_SOURCE = cryptsetup-$(CRYPTSETUP_VERSION).tar.xz
 CRYPTSETUP_SITE = $(BR2_KERNEL_MIRROR)/linux/utils/cryptsetup/v$(CRYPTSETUP_VERSION_MAJOR)
 CRYPTSETUP_DEPENDENCIES = lvm2 popt util-linux host-pkgconf json-c \
@@ -36,7 +36,8 @@ HOST_CRYPTSETUP_DEPENDENCIES = \
 	host-json-c \
 	host-openssl
 
-HOST_CRYPTSETUP_CONF_OPTS = --with-crypto-backend=openssl
+HOST_CRYPTSETUP_CONF_OPTS = --with-crypto_backend=openssl \
+	--disable-kernel_crypto
 
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/dahdi-tools/Config.in

@@ -15,9 +15,5 @@ config BR2_PACKAGE_DAHDI_TOOLS
 
 	  http://www.asterisk.org/downloads/dahdi
 
-# Two comments, otherwise it may not fit in menuconfig for narrow terminals
-comment "dahdi-tools needs a toolchain w/ threads"
+comment "dahdi-tools needs a toolchain w/ threads and a Linux kernel to be built"
 	depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_LINUX_KERNEL
-
-comment "dahdi-tools needs a Linux kernel to be built"
-	depends on !BR2_LINUX_KERNEL

package/dmidecode/Config.in

@@ -1,6 +1,6 @@
 config BR2_PACKAGE_DMIDECODE
 	bool "dmidecode"
-	depends on BR2_i386 || BR2_x86_64
+	depends on BR2_aarch64 || BR2_i386 || BR2_x86_64
 	help
 	  Dmidecode reports information about your system's hardware
 	  as described in your system BIOS according to the SMBIOS/DMI

package/docker-containerd/docker-containerd.mk

@@ -21,6 +21,7 @@ DOCKER_CONTAINERD_INSTALL_BINS = containerd containerd-shim
 define DOCKER_CONTAINERD_INSTALL_SYMLINKS
 	ln -fs runc $(TARGET_DIR)/usr/bin/docker-runc
 	ln -fs containerd-shim $(TARGET_DIR)/usr/bin/docker-containerd-shim
+	ln -fs containerd $(TARGET_DIR)/usr/bin/docker-containerd
 endef
 
 DOCKER_CONTAINERD_POST_INSTALL_TARGET_HOOKS += DOCKER_CONTAINERD_INSTALL_SYMLINKS

package/dos2unix/dos2unix.mk

@@ -24,6 +24,10 @@ ifeq ($(BR2_USE_WCHAR),)
 DOS2UNIX_MAKE_OPTS += UCS=
 endif
 
+ifeq ($(BR2_STATIC_LIBS),y)
+DOS2UNIX_MAKE_OPTS += LDFLAGS_USER=-static
+endif
+
 define DOS2UNIX_BUILD_CMDS
 	$(TARGET_CONFIGURE_OPTS) $(MAKE) -C $(@D) $(DOS2UNIX_MAKE_OPTS)
 endef

package/dropbear/0002-Wait-to-fail-invalid-usernames.patch

@@ -0,0 +1,236 @@
+From 52adbb34c32d3e2e1bcdb941e20a6f81138b8248 Mon Sep 17 00:00:00 2001
+From: Matt Johnston <matt@ucc.asn.au>
+Date: Thu, 23 Aug 2018 23:43:12 +0800
+Subject: [PATCH] Wait to fail invalid usernames
+
+[hg: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00]
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ auth.h           |  6 +++---
+ svr-auth.c       | 19 +++++--------------
+ svr-authpam.c    | 26 ++++++++++++++++++++++----
+ svr-authpasswd.c | 27 ++++++++++++++-------------
+ svr-authpubkey.c | 11 ++++++++++-
+ 5 files changed, 54 insertions(+), 35 deletions(-)
+
+diff --git a/auth.h b/auth.h
+index da498f5..98f5468 100644
+--- a/auth.h
++++ b/auth.h
+@@ -37,9 +37,9 @@ void recv_msg_userauth_request(void);
+ void send_msg_userauth_failure(int partial, int incrfail);
+ void send_msg_userauth_success(void);
+ void send_msg_userauth_banner(const buffer *msg);
+-void svr_auth_password(void);
+-void svr_auth_pubkey(void);
+-void svr_auth_pam(void);
++void svr_auth_password(int valid_user);
++void svr_auth_pubkey(int valid_user);
++void svr_auth_pam(int valid_user);
+ 
+ #if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
+ int svr_pubkey_allows_agentfwd(void);
+diff --git a/svr-auth.c b/svr-auth.c
+index c19c090..edde86b 100644
+--- a/svr-auth.c
++++ b/svr-auth.c
+@@ -149,10 +149,8 @@ void recv_msg_userauth_request() {
+ 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ 				strncmp(methodname, AUTH_METHOD_PASSWORD,
+ 					AUTH_METHOD_PASSWORD_LEN) == 0) {
+-			if (valid_user) {
+-				svr_auth_password();
+-				goto out;
+-			}
++			svr_auth_password(valid_user);
++			goto out;
+ 		}
+ 	}
+ #endif
+@@ -164,10 +162,8 @@ void recv_msg_userauth_request() {
+ 		if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
+ 				strncmp(methodname, AUTH_METHOD_PASSWORD,
+ 					AUTH_METHOD_PASSWORD_LEN) == 0) {
+-			if (valid_user) {
+-				svr_auth_pam();
+-				goto out;
+-			}
++			svr_auth_pam(valid_user);
++			goto out;
+ 		}
+ 	}
+ #endif
+@@ -177,12 +173,7 @@ void recv_msg_userauth_request() {
+ 	if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
+ 			strncmp(methodname, AUTH_METHOD_PUBKEY,
+ 				AUTH_METHOD_PUBKEY_LEN) == 0) {
+-		if (valid_user) {
+-			svr_auth_pubkey();
+-		} else {
+-			/* pubkey has no failure delay */
+-			send_msg_userauth_failure(0, 0);
+-		}
++		svr_auth_pubkey(valid_user);
+ 		goto out;
+ 	}
+ #endif
+diff --git a/svr-authpam.c b/svr-authpam.c
+index 05e4f3e..d201bc9 100644
+--- a/svr-authpam.c
++++ b/svr-authpam.c
+@@ -178,13 +178,14 @@ pamConvFunc(int num_msg,
+  * Keyboard interactive would be a lot nicer, but since PAM is synchronous, it
+  * gets very messy trying to send the interactive challenges, and read the
+  * interactive responses, over the network. */
+-void svr_auth_pam() {
++void svr_auth_pam(int valid_user) {
+ 
+ 	struct UserDataS userData = {NULL, NULL};
+ 	struct pam_conv pamConv = {
+ 		pamConvFunc,
+ 		&userData /* submitted to pamvConvFunc as appdata_ptr */ 
+ 	};
++	const char* printable_user = NULL;
+ 
+ 	pam_handle_t* pamHandlep = NULL;
+ 
+@@ -204,12 +205,23 @@ void svr_auth_pam() {
+ 
+ 	password = buf_getstring(ses.payload, &passwordlen);
+ 
++	/* We run the PAM conversation regardless of whether the username is valid
++	in case the conversation function has an inherent delay.
++	Use ses.authstate.username rather than ses.authstate.pw_name.
++	After PAM succeeds we then check the valid_user flag too */
++
+ 	/* used to pass data to the PAM conversation function - don't bother with
+ 	 * strdup() etc since these are touched only by our own conversation
+ 	 * function (above) which takes care of it */
+-	userData.user = ses.authstate.pw_name;
++	userData.user = ses.authstate.username;
+ 	userData.passwd = password;
+ 
++	if (ses.authstate.pw_name) {
++		printable_user = ses.authstate.pw_name;
++	} else {
++		printable_user = "<invalid username>";
++	}
++
+ 	/* Init pam */
+ 	if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
+ 		dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s", 
+@@ -242,7 +254,7 @@ void svr_auth_pam() {
+ 				rc, pam_strerror(pamHandlep, rc));
+ 		dropbear_log(LOG_WARNING,
+ 				"Bad PAM password attempt for '%s' from %s",
+-				ses.authstate.pw_name,
++				printable_user,
+ 				svr_ses.addrstring);
+ 		send_msg_userauth_failure(0, 1);
+ 		goto cleanup;
+@@ -253,12 +265,18 @@ void svr_auth_pam() {
+ 				rc, pam_strerror(pamHandlep, rc));
+ 		dropbear_log(LOG_WARNING,
+ 				"Bad PAM password attempt for '%s' from %s",
+-				ses.authstate.pw_name,
++				printable_user,
+ 				svr_ses.addrstring);
+ 		send_msg_userauth_failure(0, 1);
+ 		goto cleanup;
+ 	}
+ 
++	if (!valid_user) {
++		/* PAM auth succeeded but the username isn't allowed in for another reason
++		(checkusername() failed) */
++		send_msg_userauth_failure(0, 1);
++	}
++
+ 	/* successful authentication */
+ 	dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
+ 			ses.authstate.pw_name,
+diff --git a/svr-authpasswd.c b/svr-authpasswd.c
+index bdee2aa..69c7d8a 100644
+--- a/svr-authpasswd.c
++++ b/svr-authpasswd.c
+@@ -48,22 +48,14 @@ static int constant_time_strcmp(const char* a, const char* b) {
+ 
+ /* Process a password auth request, sending success or failure messages as
+  * appropriate */
+-void svr_auth_password() {
++void svr_auth_password(int valid_user) {
+ 	
+ 	char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
+ 	char * testcrypt = NULL; /* crypt generated from the user's password sent */
+-	char * password;
++	char * password = NULL;
+ 	unsigned int passwordlen;
+-
+ 	unsigned int changepw;
+ 
+-	passwdcrypt = ses.authstate.pw_passwd;
+-
+-#ifdef DEBUG_HACKCRYPT
+-	/* debugging crypt for non-root testing with shadows */
+-	passwdcrypt = DEBUG_HACKCRYPT;
+-#endif
+-
+ 	/* check if client wants to change password */
+ 	changepw = buf_getbool(ses.payload);
+ 	if (changepw) {
+@@ -73,12 +65,21 @@ void svr_auth_password() {
+ 	}
+ 
+ 	password = buf_getstring(ses.payload, &passwordlen);
+-
+-	/* the first bytes of passwdcrypt are the salt */
+-	testcrypt = crypt(password, passwdcrypt);
++	if (valid_user) {
++		/* the first bytes of passwdcrypt are the salt */
++		passwdcrypt = ses.authstate.pw_passwd;
++		testcrypt = crypt(password, passwdcrypt);
++	}
+ 	m_burn(password, passwordlen);
+ 	m_free(password);
+ 
++	/* After we have got the payload contents we can exit if the username
++	is invalid. Invalid users have already been logged. */
++	if (!valid_user) {
++		send_msg_userauth_failure(0, 1);
++		return;
++	}
++
+ 	if (testcrypt == NULL) {
+ 		/* crypt() with an invalid salt like "!!" */
+ 		dropbear_log(LOG_WARNING, "User account '%s' is locked",
+diff --git a/svr-authpubkey.c b/svr-authpubkey.c
+index aa6087c..ff481c8 100644
+--- a/svr-authpubkey.c
++++ b/svr-authpubkey.c
+@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
+ 
+ /* process a pubkey auth request, sending success or failure message as
+  * appropriate */
+-void svr_auth_pubkey() {
++void svr_auth_pubkey(int valid_user) {
+ 
+ 	unsigned char testkey; /* whether we're just checking if a key is usable */
+ 	char* algo = NULL; /* pubkey algo */
+@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
+ 	keybloblen = buf_getint(ses.payload);
+ 	keyblob = buf_getptr(ses.payload, keybloblen);
+ 
++	if (!valid_user) {
++		/* Return failure once we have read the contents of the packet
++		required to validate a public key. 
++		Avoids blind user enumeration though it isn't possible to prevent
++		testing for user existence if the public key is known */
++		send_msg_userauth_failure(0, 0);
++		goto out;
++	}
++
+ 	/* check if the key is valid */
+ 	if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
+ 		send_msg_userauth_failure(0, 0);
+-- 
+2.11.0
+

package/edid-decode/Config.in

@@ -3,4 +3,4 @@ config BR2_PACKAGE_EDID_DECODE
 	help
 	  Decode EDID data in human-readable format.
 
-	  http://cgit.freedesktop.org/xorg/app/edid-decode/
+	  https://git.linuxtv.org/edid-decode.git/

package/edid-decode/edid-decode.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 EDID_DECODE_VERSION = f56f329ed23a25d002352dedba1e8f092a47286f
-EDID_DECODE_SITE = git://anongit.freedesktop.org/git/xorg/app/edid-decode.git
+EDID_DECODE_SITE = git://linuxtv.org/edid-decode.git
 EDID_DECODE_LICENSE = MIT
 EDID_DECODE_LICENSE_FILES = edid-decode.c
 

package/efl/Config.in

@@ -97,6 +97,11 @@ config BR2_PACKAGE_EFL_LIBSNDFILE
 config BR2_PACKAGE_EFL_PULSEAUDIO
 	bool "Enable pulseaudio support (recommended)"
 	default y
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
+	depends on BR2_USE_WCHAR
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on !BR2_STATIC_LIBS
+	depends on BR2_USE_MMU
 	select BR2_PACKAGE_PULSEAUDIO
 	help
 	  The only audio output method supported by Ecore right now is

package/eigen/eigen.mk

@@ -23,7 +23,8 @@ endif
 # Generate the .pc file at build time
 define EIGEN_BUILD_CMDS
 	sed -r -e 's,^Version: .*,Version: $(EIGEN_VERSION),' \
-		-e 's,^Cflags: .*,Cflags: -I$(EIGEN_DEST_DIR),' \
+		-e 's,^Cflags: .*,Cflags: -I$$\{prefix\}/include/eigen3,' \
+		-e 's,^prefix.*,prefix=/usr,' \
 		$(@D)/eigen3.pc.in >$(@D)/eigen3.pc
 endef
 

package/espeak/Config.in

@@ -35,6 +35,7 @@ config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_ALSA
 
 config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_PULSEAUDIO
 	bool "pulseaudio"
+	depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
 	select BR2_PACKAGE_PULSEAUDIO
 
 endchoice

package/ffmpeg/ffmpeg.hash

@@ -1,5 +1,5 @@
 # Locally calculated
-sha256 2b92e9578ef8b3e49eeab229e69305f5f4cbc1fdaa22e927fc7fca18acccd740  ffmpeg-3.4.2.tar.xz
+sha256 386f7601e865df6bddde05bb6927119b5a853f0b92e2e9834f59c125a17d3fc6  ffmpeg-3.4.4.tar.xz
 sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING.GPLv2
 sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe  COPYING.LGPLv2.1
 sha256 73d99bc83313fff665b426d6672b4e0479102bc402fe22314ac9ce94a38aa5ff  LICENSE.md

package/ffmpeg/ffmpeg.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FFMPEG_VERSION = 3.4.2
+FFMPEG_VERSION = 3.4.4
 FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
 FFMPEG_SITE = http://ffmpeg.org/releases
 FFMPEG_INSTALL_STAGING = YES
@@ -231,6 +231,13 @@ ifeq ($(BR2_PACKAGE_FFMPEG_GPL)$(BR2_PACKAGE_LIBEBUR128),yy)
 FFMPEG_DEPENDENCIES += libebur128
 endif
 
+ifeq ($(BR2_PACKAGE_LIBDRM),y)
+FFMPEG_CONF_OPTS += --enable-libdrm
+FFMPEG_DEPENDENCIES += libdrm
+else
+FFMPEG_CONF_OPTS += --disable-libdrm
+endif
+
 ifeq ($(BR2_PACKAGE_LIBOPENH264),y)
 FFMPEG_CONF_OPTS += --enable-libopenh264
 FFMPEG_DEPENDENCIES += libopenh264

package/file/0001-Avoid-reading-past-the-end-of-buffer-Rui-Reis.patch

@@ -0,0 +1,30 @@
+From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Sat, 9 Jun 2018 16:00:06 +0000
+Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis)
+
+[baruch: drop file version string update hunk]
+Signed-off-by: Baruch Siach <baruch@tkos.co.il>
+---
+Upstream status: commit a642587a9c9 in github mirror
+
+ src/readelf.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index 79c83f9f5048..1f41b46113c3 100644
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,
+ 
+ 				cname = (unsigned char *)
+ 				    &nbuf[doff + prpsoffsets(i)];
+-				for (cp = cname; *cp && isprint(*cp); cp++)
++				for (cp = cname; cp < nbuf + size && *cp
++				    && isprint(*cp); cp++)
+ 					continue;
+ 				/*
+ 				 * Linux apparently appends a space at the end
+-- 
+2.17.1
+

package/file/file.hash

@@ -1,2 +1,5 @@
 # Locally calculated
-sha256 8639dc4d1b21e232285cd483604afc4a6ee810710e00e579dbe9591681722b50  file-5.32.tar.gz
+sha256 1c52c8c3d271cd898d5511c36a68059cda94036111ab293f01f83c3525b737c6  file-5.33.tar.gz
+sha256 3c0ad13c36f891a9b4f951e59eb2fc108065a46f849697cc6fd3cdb41cc23a3d  COPYING
+sha256 d98ee4d8d95e7d021a5dfc41f137ecc3b624a7b98e8bd793130202d12a21ed57  src/mygetopt.h
+sha256 85e358d575ad4ac5b38b623a25b24246ccff3c7e680d930c0a9ff5228fe434b6  src/vasprintf.c

package/file/file.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FILE_VERSION = 5.32
+FILE_VERSION = 5.33
 FILE_SITE = ftp://ftp.astron.com/pub/file
 FILE_DEPENDENCIES = host-file zlib
 HOST_FILE_DEPENDENCIES = host-zlib
@@ -13,5 +13,12 @@ FILE_INSTALL_STAGING = YES
 FILE_LICENSE = BSD-2-Clause, BSD-4-Clause (one file), BSD-3-Clause (one file)
 FILE_LICENSE_FILES = COPYING src/mygetopt.h src/vasprintf.c
 
+ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
+FILE_CONF_OPTS += --enable-libseccomp
+FILE_DEPENDENCIES += libseccomp
+else
+FILE_CONF_OPTS += --disable-libseccomp
+endif
+
 $(eval $(autotools-package))
 $(eval $(host-autotools-package))

package/fio/fio.hash

@@ -1,2 +1,4 @@
 # Locally computed
 sha256 1952db4d534221e6e8454f851dfcc38328b0ed4a3f499ea25a51ca2b5ccc8136  fio-fio-2.20.tar.gz
+sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994  COPYING
+sha256 8a240c1ad13d1fe3e58588643d81d0695899be4a669fe6d8fafa76ca6a89db2c  MORAL-LICENSE

package/fio/fio.mk

@@ -6,8 +6,8 @@
 
 FIO_VERSION = fio-2.20
 FIO_SITE = git://git.kernel.dk/fio.git
-FIO_LICENSE = GPL-2.0 + special obligations
-FIO_LICENSE_FILES = COPYING
+FIO_LICENSE = GPL-2.0
+FIO_LICENSE_FILES = COPYING MORAL-LICENSE
 
 ifeq ($(BR2_PACKAGE_LIBAIO),y)
 FIO_DEPENDENCIES += libaio

package/freescale-imx/imx-gpu-viv/imx-gpu-viv.mk

@@ -65,7 +65,7 @@ endif
 ifeq ($(IMX_GPU_VIV_LIB_TARGET),x11)
 define IMX_GPU_VIV_FIXUP_PKGCONFIG
 	for lib in egl gbm glesv1_cm glesv2 vg; do \
-		ln -sf $${lib}_x11.pc $(@D)/gpu-core/usr/lib/pkgconfig/$${lib}.pc
+		ln -sf $${lib}_x11.pc $(@D)/gpu-core/usr/lib/pkgconfig/$${lib}.pc || exit 1; \
 	done
 endef
 endif

package/gawk/gawk.mk

@@ -39,7 +39,7 @@ endif
 HOST_GAWK_CONF_OPTS = --without-readline --without-mpfr
 
 define GAWK_CREATE_SYMLINK
-	ln -sf /usr/bin/gawk $(TARGET_DIR)/usr/bin/awk
+	ln -sf gawk $(TARGET_DIR)/usr/bin/awk
 endef
 
 GAWK_POST_INSTALL_TARGET_HOOKS += GAWK_CREATE_SYMLINK

package/gcc/6.4.0/0002-fix-building-on-ppc64.patch

@@ -0,0 +1,38 @@
+From 765527ad3725c5f3e82ab2b8e5031120b409983d Mon Sep 17 00:00:00 2001
+From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Fri, 15 Jun 2018 08:51:28 +0000
+Subject: [PATCH] Partial backport r256656
+
+2018-06-15  Martin Liska  <mliska@suse.cz>
+
+	Backport from mainline
+	2018-01-10  Kelvin Nilsen  <kelvin@gcc.gnu.org>
+
+	* lex.c (search_line_fast): Remove illegal coercion of an
+	unaligned pointer value to vector pointer type and replace with
+	use of __builtin_vec_vsx_ld () built-in function, which operates
+	on unaligned pointer values.
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ libcpp/lex.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+index e5a0397f3099..b789686f1c49 100644
+--- a/libcpp/lex.c
++++ b/libcpp/lex.c
+@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
+     {
+       vc m_nl, m_cr, m_bs, m_qm;
+ 
+-      data = *((const vc *)s);
++      data = __builtin_vec_vsx_ld (0, s);
+       s += 16;
+ 
+       m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
+-- 
+2.17.1
+

package/gcc/6.4.0/871-xtensa-fix-PR-target-65416.patch

@@ -0,0 +1,101 @@
+From 87fda0741d210727672cba5e54a37a189e8ac04e Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 17 Jun 2018 21:18:39 -0700
+Subject: [PATCH] xtensa: fix PR target/65416
+
+The issue is caused by reordering of stack pointer update after stack
+space allocation with instructions that write to the allocated stack
+space. In windowed ABI register spill area for the previous call frame
+is located just below the stack pointer and may be reloaded back into
+the register file on movsp.
+Implement allocate_stack pattern for windowed ABI configuration and
+insert an instruction that prevents reordering of frame memory access
+and stack pointer update.
+
+gcc/
+2018-06-19  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.md (UNSPEC_FRAME_BLOCKAGE): New unspec
+	constant.
+	(allocate_stack, frame_blockage, *frame_blockage): New patterns.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r261755
+---
+ gcc/config/xtensa/xtensa.md | 46 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 46 insertions(+)
+
+diff --git a/gcc/config/xtensa/xtensa.md b/gcc/config/xtensa/xtensa.md
+index 84967dbedc08..209f839cfb0f 100644
+--- a/gcc/config/xtensa/xtensa.md
++++ b/gcc/config/xtensa/xtensa.md
+@@ -38,6 +38,7 @@
+   (UNSPEC_MEMW		11)
+   (UNSPEC_LSETUP_START  12)
+   (UNSPEC_LSETUP_END    13)
++  (UNSPEC_FRAME_BLOCKAGE 14)
+ 
+   (UNSPECV_SET_FP	1)
+   (UNSPECV_ENTRY	2)
+@@ -1676,6 +1677,32 @@
+ 
+ ;; Miscellaneous instructions.
+ 
++;; In windowed ABI stack pointer adjustment must happen before any access
++;; to the space allocated on stack is allowed, otherwise register spill
++;; area may be clobbered.  That's what frame blockage is supposed to enforce.
++
++(define_expand "allocate_stack"
++  [(set (match_operand 0 "nonimmed_operand")
++        (minus (reg A1_REG) (match_operand 1 "add_operand")))
++   (set (reg A1_REG)
++        (minus (reg A1_REG) (match_dup 1)))]
++  "TARGET_WINDOWED_ABI"
++{
++  if (CONST_INT_P (operands[1]))
++    {
++      rtx neg_op0 = GEN_INT (-INTVAL (operands[1]));
++      emit_insn (gen_addsi3 (stack_pointer_rtx, stack_pointer_rtx, neg_op0));
++    }
++  else
++    {
++      emit_insn (gen_subsi3 (stack_pointer_rtx, stack_pointer_rtx,
++			     operands[1]));
++    }
++  emit_move_insn (operands[0], virtual_stack_dynamic_rtx);
++  emit_insn (gen_frame_blockage ());
++  DONE;
++})
++
+ (define_expand "prologue"
+   [(const_int 0)]
+   ""
+@@ -1767,6 +1794,25 @@
+   [(set_attr "length" "0")
+    (set_attr "type" "nop")])
+ 
++;; Do not schedule instructions accessing memory before this point.
++
++(define_expand "frame_blockage"
++  [(set (match_dup 0)
++        (unspec:BLK [(match_dup 1)] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++{
++  operands[0] = gen_rtx_MEM (BLKmode, gen_rtx_SCRATCH (Pmode));
++  MEM_VOLATILE_P (operands[0]) = 1;
++  operands[1] = stack_pointer_rtx;
++})
++
++(define_insn "*frame_blockage"
++  [(set (match_operand:BLK 0 "" "")
++        (unspec:BLK [(match_operand:SI 1 "" "")] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++  ""
++  [(set_attr "length" "0")])
++
+ (define_insn "trap"
+   [(trap_if (const_int 1) (const_int 0))]
+   ""
+-- 
+2.11.0
+

package/gcc/6.4.0/872-gcc-xtensa-fix-NAND-code-in-xtensa_expand_atomic.patch

@@ -0,0 +1,39 @@
+From 6765eecde2ed8d4be0fc217408b9e9b92a840aff Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Tue, 4 Sep 2018 00:39:32 -0700
+Subject: [PATCH] gcc: xtensa: fix NAND code in xtensa_expand_atomic
+
+NAND is ~(a1 & a2), but xtensa_expand_atomic does ~a1 & a2.
+That fixes libatomic tests atomic-op-{1,2}.
+
+gcc/
+2018-09-04  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.c (xtensa_expand_atomic): Reorder AND and
+	XOR operations in NAND case.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r264087
+---
+ gcc/config/xtensa/xtensa.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 7cfe64d42895..080bb4ad765d 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -1614,9 +1614,9 @@ xtensa_expand_atomic (enum rtx_code code, rtx target, rtx mem, rtx val,
+       break;
+ 
+     case MULT: /* NAND */
+-      tmp = expand_simple_binop (SImode, XOR, old, ac.modemask,
++      tmp = expand_simple_binop (SImode, AND, old, val,
+ 				 NULL_RTX, 1, OPTAB_DIRECT);
+-      tmp = expand_simple_binop (SImode, AND, tmp, val,
++      tmp = expand_simple_binop (SImode, XOR, tmp, ac.modemask,
+ 				 new_rtx, 1, OPTAB_DIRECT);
+       break;
+ 
+-- 
+2.11.0
+

package/gcc/7.3.0/0002-fix-building-on-ppc64.patch

@@ -0,0 +1,40 @@
+From aa65a43516da1d48011ef621ed5988289711d99b Mon Sep 17 00:00:00 2001
+From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Fri, 29 Jun 2018 09:31:30 +0000
+Subject: [PATCH] Partial backport r256656
+
+2018-06-29  Martin Liska  <mliska@suse.cz>
+
+	Backport from mainline
+	2018-01-10  Kelvin Nilsen  <kelvin@gcc.gnu.org>
+
+	* lex.c (search_line_fast): Remove illegal coercion of an
+	unaligned pointer value to vector pointer type and replace with
+	use of __builtin_vec_vsx_ld () built-in function, which operates
+	on unaligned pointer values.
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-7-branch@262243 138bc75d-0d04-0410-961f-82ee72b054a4
+Signed-off-by: Joel Stanley <joel@jms.id.au>
+---
+ libcpp/lex.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libcpp/lex.c b/libcpp/lex.c
+index 097c78002cbb..e0fb9e822c44 100644
+--- a/libcpp/lex.c
++++ b/libcpp/lex.c
+@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
+     {
+       vc m_nl, m_cr, m_bs, m_qm;
+ 
+-      data = *((const vc *)s);
++      data = __builtin_vec_vsx_ld (0, s);
+       s += 16;
+ 
+       m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
+-- 
+2.17.1
+

package/gcc/7.3.0/0002-xtensa-fix-PR-target-65416.patch

@@ -0,0 +1,101 @@
+From 87fda0741d210727672cba5e54a37a189e8ac04e Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Sun, 17 Jun 2018 21:18:39 -0700
+Subject: [PATCH] xtensa: fix PR target/65416
+
+The issue is caused by reordering of stack pointer update after stack
+space allocation with instructions that write to the allocated stack
+space. In windowed ABI register spill area for the previous call frame
+is located just below the stack pointer and may be reloaded back into
+the register file on movsp.
+Implement allocate_stack pattern for windowed ABI configuration and
+insert an instruction that prevents reordering of frame memory access
+and stack pointer update.
+
+gcc/
+2018-06-19  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.md (UNSPEC_FRAME_BLOCKAGE): New unspec
+	constant.
+	(allocate_stack, frame_blockage, *frame_blockage): New patterns.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r261755
+---
+ gcc/config/xtensa/xtensa.md | 46 +++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 46 insertions(+)
+
+diff --git a/gcc/config/xtensa/xtensa.md b/gcc/config/xtensa/xtensa.md
+index 84967dbedc08..209f839cfb0f 100644
+--- a/gcc/config/xtensa/xtensa.md
++++ b/gcc/config/xtensa/xtensa.md
+@@ -38,6 +38,7 @@
+   (UNSPEC_MEMW		11)
+   (UNSPEC_LSETUP_START  12)
+   (UNSPEC_LSETUP_END    13)
++  (UNSPEC_FRAME_BLOCKAGE 14)
+ 
+   (UNSPECV_SET_FP	1)
+   (UNSPECV_ENTRY	2)
+@@ -1676,6 +1677,32 @@
+ 
+ ;; Miscellaneous instructions.
+ 
++;; In windowed ABI stack pointer adjustment must happen before any access
++;; to the space allocated on stack is allowed, otherwise register spill
++;; area may be clobbered.  That's what frame blockage is supposed to enforce.
++
++(define_expand "allocate_stack"
++  [(set (match_operand 0 "nonimmed_operand")
++        (minus (reg A1_REG) (match_operand 1 "add_operand")))
++   (set (reg A1_REG)
++        (minus (reg A1_REG) (match_dup 1)))]
++  "TARGET_WINDOWED_ABI"
++{
++  if (CONST_INT_P (operands[1]))
++    {
++      rtx neg_op0 = GEN_INT (-INTVAL (operands[1]));
++      emit_insn (gen_addsi3 (stack_pointer_rtx, stack_pointer_rtx, neg_op0));
++    }
++  else
++    {
++      emit_insn (gen_subsi3 (stack_pointer_rtx, stack_pointer_rtx,
++			     operands[1]));
++    }
++  emit_move_insn (operands[0], virtual_stack_dynamic_rtx);
++  emit_insn (gen_frame_blockage ());
++  DONE;
++})
++
+ (define_expand "prologue"
+   [(const_int 0)]
+   ""
+@@ -1767,6 +1794,25 @@
+   [(set_attr "length" "0")
+    (set_attr "type" "nop")])
+ 
++;; Do not schedule instructions accessing memory before this point.
++
++(define_expand "frame_blockage"
++  [(set (match_dup 0)
++        (unspec:BLK [(match_dup 1)] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++{
++  operands[0] = gen_rtx_MEM (BLKmode, gen_rtx_SCRATCH (Pmode));
++  MEM_VOLATILE_P (operands[0]) = 1;
++  operands[1] = stack_pointer_rtx;
++})
++
++(define_insn "*frame_blockage"
++  [(set (match_operand:BLK 0 "" "")
++        (unspec:BLK [(match_operand:SI 1 "" "")] UNSPEC_FRAME_BLOCKAGE))]
++  ""
++  ""
++  [(set_attr "length" "0")])
++
+ (define_insn "trap"
+   [(trap_if (const_int 1) (const_int 0))]
+   ""
+-- 
+2.11.0
+

package/gcc/7.3.0/0003-gcc-xtensa-fix-NAND-code-in-xtensa_expand_atomic.patch

@@ -0,0 +1,39 @@
+From 6765eecde2ed8d4be0fc217408b9e9b92a840aff Mon Sep 17 00:00:00 2001
+From: Max Filippov <jcmvbkbc@gmail.com>
+Date: Tue, 4 Sep 2018 00:39:32 -0700
+Subject: [PATCH] gcc: xtensa: fix NAND code in xtensa_expand_atomic
+
+NAND is ~(a1 & a2), but xtensa_expand_atomic does ~a1 & a2.
+That fixes libatomic tests atomic-op-{1,2}.
+
+gcc/
+2018-09-04  Max Filippov  <jcmvbkbc@gmail.com>
+
+	* config/xtensa/xtensa.c (xtensa_expand_atomic): Reorder AND and
+	XOR operations in NAND case.
+
+Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
+Backported from: r264087
+---
+ gcc/config/xtensa/xtensa.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
+index 7cfe64d42895..080bb4ad765d 100644
+--- a/gcc/config/xtensa/xtensa.c
++++ b/gcc/config/xtensa/xtensa.c
+@@ -1614,9 +1614,9 @@ xtensa_expand_atomic (enum rtx_code code, rtx target, rtx mem, rtx val,
+       break;
+ 
+     case MULT: /* NAND */
+-      tmp = expand_simple_binop (SImode, XOR, old, ac.modemask,
++      tmp = expand_simple_binop (SImode, AND, old, val,
+ 				 NULL_RTX, 1, OPTAB_DIRECT);
+-      tmp = expand_simple_binop (SImode, AND, tmp, val,
++      tmp = expand_simple_binop (SImode, XOR, tmp, ac.modemask,
+ 				 new_rtx, 1, OPTAB_DIRECT);
+       break;
+ 
+-- 
+2.11.0
+

package/gcc/7.3.0/1000-arm-PR-target-81497-Fix-arm_acle.h-for-C.patch

@@ -0,0 +1,324 @@
+From 1a259ac3e39bf87e6e6a5eface8b0ebc6b2a0dfe Mon Sep 17 00:00:00 2001
+From: ktkachov <ktkachov@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Tue, 5 Jun 2018 09:50:16 +0000
+Subject: [PATCH] [arm] PR target/81497: Fix arm_acle.h for C++
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: 8bit
+
+When trying to compile something with arm_acle.h using G++ we get a number of nasty errors:
+arm_acle.h:48:49: error: invalid conversion from ‘const void*’ to ‘const int*’ [-fpermissive]
+    return __builtin_arm_ldc (__coproc, __CRd, __p);
+
+This is because the intrinsics that are supposed to be void return the "result" of their builtin,
+which is void. C lets that slide but C++ complains.
+
+After fixing that we run into further errors:
+arm_acle.h:48:46: error: invalid conversion from 'const void*' to 'const int*' [-fpermissive]
+    return __builtin_arm_ldc (__coproc, __CRd, __p);
+                                               ^~~
+Because the pointer arguments in these intrinsics are void pointers but the builtin
+expects int pointers. So this patch introduces new qualifiers for void pointers and their
+const-qualified versions and uses that in the specification of these intrinsics.
+
+This gives us the opportunity of creating an arm subdirectory in g++.dg and inaugurates it
+with the first arm-specific C++ tests (in that directory).
+
+
+	PR target/81497
+	* config/arm/arm-builtins.c (arm_type_qualifiers): Add
+	qualifier_void_pointer and qualifier_const_void_pointer.
+	(arm_ldc_qualifiers, arm_stc_qualifiers): Use the above.
+	(arm_init_builtins): Handle the above.
+	* config/arm/arm_acle.h (__arm_cdp, __arm_ldc, __arm_ldcl, __arm_stc,
+	__arm_stcl, __arm_mcr, __arm_cdp2, __arm_ldc2, __arm_ldcl2, __arm_stc2,
+	__arm_stcl2,__arm_mcr2, __arm_mcrr, __arm_mcrr2): Remove return for
+	void intrinsics.
+
+	* g++.target/arm/arm.exp: New file.
+	* g++.target/arm/pr81497.C: Likewise.
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@261191 138bc75d-0d04-0410-961f-82ee72b054a4
+Upstream-Status: Merged (gcc-8-branch)
+Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
+[gportay: drop gcc/{,testsuite/}ChangeLog changes]
+---
+ gcc/config/arm/arm-builtins.c          | 42 +++++++++++++---------
+ gcc/config/arm/arm_acle.h              | 28 +++++++--------
+ gcc/testsuite/g++.target/arm/arm.exp   | 50 ++++++++++++++++++++++++++
+ gcc/testsuite/g++.target/arm/pr81497.C |  9 +++++
+ 4 files changed, 99 insertions(+), 30 deletions(-)
+ create mode 100644 gcc/testsuite/g++.target/arm/arm.exp
+ create mode 100644 gcc/testsuite/g++.target/arm/pr81497.C
+
+diff --git a/gcc/config/arm/arm-builtins.c b/gcc/config/arm/arm-builtins.c
+index 7fde7a04672..183a7b907f6 100644
+--- a/gcc/config/arm/arm-builtins.c
++++ b/gcc/config/arm/arm-builtins.c
+@@ -78,7 +78,11 @@ enum arm_type_qualifiers
+   /* Lane indices - must be within range of previous argument = a vector.  */
+   qualifier_lane_index = 0x200,
+   /* Lane indices for single lane structure loads and stores.  */
+-  qualifier_struct_load_store_lane_index = 0x400
++  qualifier_struct_load_store_lane_index = 0x400,
++  /* A void pointer.  */
++  qualifier_void_pointer = 0x800,
++  /* A const void pointer.  */
++  qualifier_const_void_pointer = 0x802
+ };
+ 
+ /*  The qualifier_internal allows generation of a unary builtin from
+@@ -202,7 +206,7 @@ arm_cdp_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+ static enum arm_type_qualifiers
+ arm_ldc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+   = { qualifier_void, qualifier_unsigned_immediate,
+-      qualifier_unsigned_immediate, qualifier_const_pointer };
++      qualifier_unsigned_immediate, qualifier_const_void_pointer };
+ #define LDC_QUALIFIERS \
+   (arm_ldc_qualifiers)
+ 
+@@ -210,7 +214,7 @@ arm_ldc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+ static enum arm_type_qualifiers
+ arm_stc_qualifiers[SIMD_MAX_BUILTIN_ARGS]
+   = { qualifier_void, qualifier_unsigned_immediate,
+-      qualifier_unsigned_immediate, qualifier_pointer };
++      qualifier_unsigned_immediate, qualifier_void_pointer };
+ #define STC_QUALIFIERS \
+   (arm_stc_qualifiers)
+ 
+@@ -1095,19 +1099,25 @@ arm_init_builtin (unsigned int fcode, arm_builtin_datum *d,
+       if (qualifiers & qualifier_pointer && VECTOR_MODE_P (op_mode))
+ 	op_mode = GET_MODE_INNER (op_mode);
+ 
+-      eltype = arm_simd_builtin_type
+-	(op_mode,
+-	 (qualifiers & qualifier_unsigned) != 0,
+-	 (qualifiers & qualifier_poly) != 0);
+-      gcc_assert (eltype != NULL);
+-
+-      /* Add qualifiers.  */
+-      if (qualifiers & qualifier_const)
+-	eltype = build_qualified_type (eltype, TYPE_QUAL_CONST);
+-
+-      if (qualifiers & qualifier_pointer)
+-	eltype = build_pointer_type (eltype);
+-
++      /* For void pointers we already have nodes constructed by the midend.  */
++      if (qualifiers & qualifier_void_pointer)
++	eltype = qualifiers & qualifier_const
++		 ? const_ptr_type_node : ptr_type_node;
++      else
++	{
++	  eltype
++	    = arm_simd_builtin_type (op_mode,
++				     (qualifiers & qualifier_unsigned) != 0,
++				     (qualifiers & qualifier_poly) != 0);
++	  gcc_assert (eltype != NULL);
++
++	  /* Add qualifiers.  */
++	  if (qualifiers & qualifier_const)
++	    eltype = build_qualified_type (eltype, TYPE_QUAL_CONST);
++
++	  if (qualifiers & qualifier_pointer)
++	    eltype = build_pointer_type (eltype);
++	}
+       /* If we have reached arg_num == 0, we are at a non-void
+ 	 return type.  Otherwise, we are still processing
+ 	 arguments.  */
+diff --git a/gcc/config/arm/arm_acle.h b/gcc/config/arm/arm_acle.h
+index 9a2f0ba30dc..c0f6ea2d156 100644
+--- a/gcc/config/arm/arm_acle.h
++++ b/gcc/config/arm/arm_acle.h
+@@ -38,35 +38,35 @@ __arm_cdp (const unsigned int __coproc, const unsigned int __opc1,
+ 	   const unsigned int __CRd, const unsigned int __CRn,
+ 	   const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_cdp (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
++  __builtin_arm_cdp (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc (const unsigned int __coproc, const unsigned int __CRd,
+ 	   const void * __p)
+ {
+-  return __builtin_arm_ldc (__coproc, __CRd, __p);
++  __builtin_arm_ldc (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldcl (const unsigned int __coproc, const unsigned int __CRd,
+ 	    const void * __p)
+ {
+-  return __builtin_arm_ldcl (__coproc, __CRd, __p);
++  __builtin_arm_ldcl (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc (const unsigned int __coproc, const unsigned int __CRd,
+ 	   void * __p)
+ {
+-  return __builtin_arm_stc (__coproc, __CRd, __p);
++  __builtin_arm_stc (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stcl (const unsigned int __coproc, const unsigned int __CRd,
+ 	    void * __p)
+ {
+-  return __builtin_arm_stcl (__coproc, __CRd, __p);
++  __builtin_arm_stcl (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+@@ -74,7 +74,7 @@ __arm_mcr (const unsigned int __coproc, const unsigned int __opc1,
+ 	   uint32_t __value, const unsigned int __CRn, const unsigned int __CRm,
+ 	   const unsigned int __opc2)
+ {
+-  return __builtin_arm_mcr (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
++  __builtin_arm_mcr (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline uint32_t __attribute__ ((__always_inline__))
+@@ -90,35 +90,35 @@ __arm_cdp2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    const unsigned int __CRd, const unsigned int __CRn,
+ 	    const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_cdp2 (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
++  __builtin_arm_cdp2 (__coproc, __opc1, __CRd, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc2 (const unsigned int __coproc, const unsigned int __CRd,
+ 	    const void * __p)
+ {
+-  return __builtin_arm_ldc2 (__coproc, __CRd, __p);
++  __builtin_arm_ldc2 (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_ldc2l (const unsigned int __coproc, const unsigned int __CRd,
+ 	     const void * __p)
+ {
+-  return __builtin_arm_ldc2l (__coproc, __CRd, __p);
++  __builtin_arm_ldc2l (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc2 (const unsigned int __coproc, const unsigned int __CRd,
+ 	    void * __p)
+ {
+-  return __builtin_arm_stc2 (__coproc, __CRd, __p);
++  __builtin_arm_stc2 (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_stc2l (const unsigned int __coproc, const unsigned int __CRd,
+ 	     void * __p)
+ {
+-  return __builtin_arm_stc2l (__coproc, __CRd, __p);
++  __builtin_arm_stc2l (__coproc, __CRd, __p);
+ }
+ 
+ __extension__ static __inline void __attribute__ ((__always_inline__))
+@@ -126,7 +126,7 @@ __arm_mcr2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint32_t __value, const unsigned int __CRn,
+ 	    const unsigned int __CRm, const unsigned int __opc2)
+ {
+-  return __builtin_arm_mcr2 (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
++  __builtin_arm_mcr2 (__coproc, __opc1, __value, __CRn, __CRm, __opc2);
+ }
+ 
+ __extension__ static __inline uint32_t __attribute__ ((__always_inline__))
+@@ -143,7 +143,7 @@ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_mcrr (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint64_t __value, const unsigned int __CRm)
+ {
+-  return __builtin_arm_mcrr (__coproc, __opc1, __value, __CRm);
++  __builtin_arm_mcrr (__coproc, __opc1, __value, __CRm);
+ }
+ 
+ __extension__ static __inline uint64_t __attribute__ ((__always_inline__))
+@@ -159,7 +159,7 @@ __extension__ static __inline void __attribute__ ((__always_inline__))
+ __arm_mcrr2 (const unsigned int __coproc, const unsigned int __opc1,
+ 	    uint64_t __value, const unsigned int __CRm)
+ {
+-  return __builtin_arm_mcrr2 (__coproc, __opc1, __value, __CRm);
++  __builtin_arm_mcrr2 (__coproc, __opc1, __value, __CRm);
+ }
+ 
+ __extension__ static __inline uint64_t __attribute__ ((__always_inline__))
+diff --git a/gcc/testsuite/g++.target/arm/arm.exp b/gcc/testsuite/g++.target/arm/arm.exp
+new file mode 100644
+index 00000000000..1a169d2f220
+--- /dev/null
++++ b/gcc/testsuite/g++.target/arm/arm.exp
+@@ -0,0 +1,50 @@
++#  Specific regression driver for arm.
++#  Copyright (C) 2009-2018 Free Software Foundation, Inc.
++#
++#  This file is part of GCC.
++#
++#  GCC is free software; you can redistribute it and/or modify it
++#  under the terms of the GNU General Public License as published by
++#  the Free Software Foundation; either version 3, or (at your option)
++#  any later version.
++#
++#  GCC is distributed in the hope that it will be useful, but
++#  WITHOUT ANY WARRANTY; without even the implied warranty of
++#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++#  General Public License for more details.
++#
++#  You should have received a copy of the GNU General Public License
++#  along with GCC; see the file COPYING3.  If not see
++#  <http://www.gnu.org/licenses/>.  */
++
++# GCC testsuite that uses the `dg.exp' driver.
++
++# Exit immediately if this isn't an arm target.
++if {![istarget arm*-*-*] } then {
++  return
++}
++
++# Load support procs.
++load_lib g++-dg.exp
++
++global DEFAULT_CXXFLAGS
++if ![info exists DEFAULT_CXXFLAGS] then {
++    set DEFAULT_CXXFLAGS " -pedantic-errors"
++}
++
++
++global dg_runtest_extra_prunes
++set dg_runtest_extra_prunes ""
++lappend dg_runtest_extra_prunes "warning: switch -m(cpu|arch)=.* conflicts with -m(cpu|arch)=.* switch"
++
++# Initialize `dg'.
++dg-init
++
++# Main loop.
++dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.C]] \
++        "" $DEFAULT_CXXFLAGS
++
++# All done.
++set dg_runtest_extra_prunes ""
++dg-finish
++
+diff --git a/gcc/testsuite/g++.target/arm/pr81497.C b/gcc/testsuite/g++.target/arm/pr81497.C
+new file mode 100644
+index 00000000000..0519a3a3045
+--- /dev/null
++++ b/gcc/testsuite/g++.target/arm/pr81497.C
+@@ -0,0 +1,9 @@
++/* { dg-do compile } */
++/* { dg-require-effective-target arm_thumb2_ok } */
++
++#include <arm_acle.h>
++
++int main ()
++{
++  return 0;
++}
+-- 
+2.17.1
+

package/gcc/Config.in.host

@@ -32,6 +32,8 @@ config BR2_GCC_VERSION_4_9_X
 	depends on !(BR2_TOOLCHAIN_USES_MUSL && (BR2_mips64 || BR2_mips64el))
 	# glibc >= 2.26 needs gcc >= 6.2
 	depends on !(BR2_TOOLCHAIN_USES_GLIBC && BR2_powerpc64le)
+	# glibc >= 2.27 needs gcc >= 5
+	depends on !(BR2_TOOLCHAIN_USES_GLIBC && (BR2_aarch64 || BR2_aarch64_be))
 	select BR2_TOOLCHAIN_GCC_AT_LEAST_4_9
 
 config BR2_GCC_VERSION_5_X
@@ -73,7 +75,7 @@ config BR2_GCC_VERSION
 	default "5.5.0"     if BR2_GCC_VERSION_5_X
 	default "6.4.0"     if BR2_GCC_VERSION_6_X
 	default "7.3.0"     if BR2_GCC_VERSION_7_X
-	default "arc-2018.03-rc2" if BR2_GCC_VERSION_ARC
+	default "arc-2018.03" if BR2_GCC_VERSION_ARC
 	default "or1k-musl-5.4.0-20170218" if BR2_GCC_VERSION_OR1K
 
 config BR2_EXTRA_GCC_CONFIG_OPTIONS