Compare commits

..

277 Commits

Author SHA1 Message Date
Peter Korsgaard 8c9284703c Update for 2018.02.7
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-25 20:43:18 +02:00
Bernd Kuhls 7da5629626 package/live555: security bump to version 2018.10.17
Changelog: http://www.live555.com/liveMedia/public/changelog.txt

Fixes CVE-2018-4013:
https://security-tracker.debian.org/tracker/CVE-2018-4013

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 01d7686c90)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:58:25 +02:00
Bernd Kuhls a5672d609a package/live555: bump version to 2018.08.05
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e305ae1c1b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:58:19 +02:00
Bernd Kuhls 52b83f394e package/live555: Add a pkg-config file for the shared libraries
Needed for vlc to fix linking issue.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 13f7959e8d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:58:13 +02:00
Yann E. MORIN 336befc8e4 core: support host gcc of the future
When we do a release, we know only of a set of gcc versions that the
host may have. But in the future, distributions with newer gcc versions
may show up.

Currently, we do not recognise those versions, and thus we do as if they
were older than the oldest we know of. This means that a set of packages
become unselectable, when they should be.

We fix that by capping the detected version to the highest we know of.

Reported-by: gargar_ on IRC
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3950e69dad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:55:31 +02:00
Joshua Henderson 1a8801a2a8 qt5base: Qt KMS support does not depend on opengl
Qt KMS support should not explicitly depend on the availability of opengl.
Don't explicitly disable KMS if opengl is not available and fallback to
detecting if libdrm is available before disabling kms.

The scenario where this is necessary involves using the Qt linuxfb backend
"dumb buffer" support via the DRM API.  This is new in Qt 5.9 [1] and only
requires KMS, but not opengl. Although on Qt 5.6, only eglfs actually
uses libdrm/kms, it doesn't hurt to add the dependency and the -kms
option there as well, and doing so keeps the logic in the .mk file
simple.

[1] http://doc.qt.io/qt-5/embedded-linux.html#linuxfb

Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit f91ea94a6f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:53:43 +02:00
Bernd Kuhls adeedc9d24 package/mariadb: add option to disable build of embedded server
Size of output/target/usr:

with embedded: 1,7G
without embedded: 648M

This config option saves space on the target if the embedded server
is not used by any other package:

https://mariadb.com/kb/en/library/embedded-mariadb-interface/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Ryan Coe <bluemrp9@gmail.com>
[Peter: make Config.in option depend on _MARIADB_SERVER]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 19df27ed03)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 17:51:23 +02:00
Marcel Patzlaff 994ab8b2f5 utils/diffconfig: remove BR2_* prefix restriction
The utils/diffconfig script works only on variables with the BR2_
prefix. This is OK for Buildroot [def]configs since this is the prefix
for all user-facing variables, but it prevents using the same script
to compare configs from kconfig-based packages.

Remove the BR2_ restriction, allowing usage such as:

  ./utils/diffconfig \
	board/qemu/xtensa-lx60/linux.config \
	board/qemu/xtensa-lx60/linux-nommu.config

Signed-off-by: Marcel Patzlaff <m.patzlaff@pilz.de>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Tested-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bf9ccfc37b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:48:56 +02:00
Thomas Petazzoni c494470c57 package/mongoose: add security patch fixing CVE-2018-10945
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dea3ab6840)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:46:07 +02:00
Thomas Petazzoni 6e2e798242 package/gcc: disable libcilkrts when there is no thread support
The libcilkrts configure script errors out with "Pthreads are required
to build libcilkrts" if the C library doesn't have thread support. To
fix that, we disable libcilkrts when thread support is not available.

This issue was not noticed until now, because we only regularly build
a no-thread toolchain for ARM, and libcilkrts was enabled on ARM only
starting in gcc 7.x.

This fixes the build of no-thread toolchains on architectures where
libcilkrts is supported, i.e x86/x86-64, ARM and Sparc.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 076fd27da7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:35:42 +02:00
Martin Bark df81782687 package/ca-certificates: create ca-certificates.crt reproducibly
Sort the certificates into alphabetical order so the contents of
ca-certificates.crt can be built reproducibly.

Note: The certificates are sorted uppercase then lowercase filenames
so the contents of ca-certificates.crt matches the source debian package.

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit c61b49e5b5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:34:06 +02:00
Martin Bark 89500d4219 package/ca-certificates: fix rebuilds
Rebuilding ca-certificates using make ca-certificates-rebuild
caused duplicate certificates to be installed in the target. Its build
system is broken: it doesn't detect that the output file already exists,
and instead of overwriting it, a duplicate is generated under a
different name. The net effect is that all certificates are installed
twice after rebuild.

Fix this by cleaning the build directory before building the package.

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 42b10634c6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:33:02 +02:00
Martin Bark 8ca7134eca package/ca-certificates: don't hash certificates.crt
c_rehash looks at all files in /etc/ssl/certs, generates the hash for
the certificates in them, and makes a symlink from the hash to the
certificate file.

However, ca-certificates.crt is also installed in /etc/ssl/certs and
it contains all the certificates. c_rehash will take one of them (the
first?) and create a symlink from that hash to ca-certificates.crt.
Usually, this results in an error like:

WARNING: Skipping duplicate certificate ca-certificates.crt

and all is well. However, depending on filesystem order,
ca-certificates.crt may come first, and the actual certificate is
not symlinked.

To fix this install certificates.crt to /etc/ssl/certs *after* we run
c_rehash to prevent it getting hashed by mistake.

Note: $(TARGET_DIR)/etc/ssl/certs/ is already removed during install so
this fix also works for rebuilds.

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit d07ddd8e4e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:31:49 +02:00
Yann E. MORIN 2fcf3e1295 core: detect and reject build paths which contain an '@'
gcc does not build when the srcdir path contains a '@', because that
path is then substitued in a texi file as argument to an @include
directive. But then, the '@' in the path will start a command evaluation
of its own, thus breaking the build. For example, with a $(O) path set
to /home/ymorin/dev/buildroot/O/to@ti :

    perl ../../gcc/../contrib/texi2pod.pl ../../gcc/doc/invoke.texi > gcc.pod
    ../../gcc/doc/invoke.texi:1678: unknown command `ti'
    ../../gcc/doc/invoke.texi:1678: @include: could not find /home/ymorin/dev/buildroot/O/to/build/host-gcc-initial-7.3.0/build/gcc/../../gcc/../libiberty/at-file.texi

[Peter: use findstring instead of subst/compare]
Reported-by: c32 on IRC
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 7007dc2bc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:29:53 +02:00
Francois Gerin 7b02eb66cd qt download site update
The download link was broken, former qt versions are stored into a
distinct location.

Signed-off-by: Francois Gerin <francois.gerin@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2e6cd5c2d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:28:32 +02:00
Peter Korsgaard b5c0f5967b spice: security bump to version 0.14.1
Fixes CVE-2018-10873: A vulnerability was discovered in SPICE before version
0.14.1 where the generated code used for demarshalling messages lacked
sufficient bounds checks.  A malicious client or server, after
authentication, could send specially crafted messages to its peer which
would result in a crash or, potentially, other impacts.

Drop patches as they are now upstream.

Add host-pkgconf as the configure script uses pkg-config.  Drop removed
--disable-automated-tests configure flag.

Add optional opus support, as that is now supported and needs to be
explicitly disabled to not use.  Explicitly disable optional gstreamer
support for now as the dependency tree is fairly complicated.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f33f7a4f64)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:23:50 +02:00
Peter Korsgaard 13ea5c877f spice-protocol: bump version to 0.12.14
Needed by spice 0.14.x

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit de8a4b747f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:23:19 +02:00
Baruch Siach 6bbc887846 psmisc: correct license
The license heading in source files includes the "or any later"
language.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cfa3447a78)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:19:47 +02:00
Baruch Siach 5d3e778fb9 libarchive: security bump to version 3.3.3
Fixes CVE-2017-14501: An out-of-bounds read flaw exists in
parse_file_info in archive_read_support_format_iso9660.c in libarchive
3.3.2 when extracting a specially crafted iso9660 iso file, related to
archive_read_format_iso9660_read_header.

Drop upstream patches.

Use upstream provided tarball hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 946f136fe1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:19:02 +02:00
Bernd Kuhls 9191d78db9 {linux, linux-headers}: bump 4.{4, 9, 14, 18}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0064c7b251)
[Peter: drop 4.18.x, linux.hash]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:12:32 +02:00
Yann E. MORIN c8aacabc50 package/nodejs: use per-build cache directories
When two Buildroot builds run in parallel, and they both happen to call
npm at roughly the same time, the two npm instances may conflict when
accessing the npm cache, which is by default ~/.npm

Although npm is supposed to lock access to the cache, it seems it does
sometimes fail to do so properly, bailling out in error, when it would
never ever crash at all when not running in parallel. We suspect that
the sequence leading to such failures are something like:

    npm-1                           npm-2
      lock(retry=few, sleep=short)    .
      does-stuff()                    .
      .                               lock(retry=few, sleep=short)
      .                               # can't lock local cache
      .                               download-module()
      .                                 # can't download
      .                                 exit(1)
      unlock()

As per the docs [0], few = 10, short = 10. So if the first npm (npm-1)
takes more than 100s (which can happen behind slow links and/or big
modules that contain native code that is compiled), then the second npm
(npm-2) will bail out (the download would fail if there is no network
access, for example, and only local modules are used).

Point npm to use a per-build cache directory, so they no longer compete
across builds.

That would still need some care when we do top-level parallel builds,
though.

Note also that the conflicts are not totally eliminated: two or more npm
instances may still compete for some other resource that has not yet
been identified.

But, at least, the conflict window has been drastically shortened now,
to the point where it now seldom occurs.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a16182d5f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 14:06:12 +02:00
Peter Korsgaard d8dc74d196 wireshark: security bump to version 2.2.17
Fixes the following security issues:

CVE-2018-16058: Bluetooth AVDTP dissector crash:
https://www.wireshark.org/security/wnpa-sec-2018-44.html

CVE-2018-16056: Bluetooth Attribute Protocol dissector crash:
https://www.wireshark.org/security/wnpa-sec-2018-45.html

CVE-2018-16057: Radiotap dissector crash:
https://www.wireshark.org/security/wnpa-sec-2018-46.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 11f4562cc5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:59:25 +02:00
Frank Hunleth 0f148f4a5c erlang: always use Buildroot's zlib
While Erlang includes a version of zlib, it's intended for Windows and
there's an expectation that non-Windows platforms provide it. It's also
not as regularly updated as the one in Buildroot. This change makes
Erlang always use a Buildroot-provided zlib.

Fixes this compile error:

 CC	/home/buildroot/autobuild/run/instance-0/output/build/erlang-21.0/erts/emulator/zlib/obj/x86_64-buildroot-linux-musl/opt/adler32.o
In file included from zlib/adler32.c:11:0:
zlib/zutil.h:172:39: error: "_LFS64_LARGEFILE" is not defined [-Werror=undef]
     (!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
                                       ^~~~~~~~~~~~~~~~

See http://autobuild.buildroot.net/results/fc633f80c7c36a90e641487f5a888fbb767c2a54/.

Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ec5378038f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:58:03 +02:00
Thomas Petazzoni a37a50e0b8 boot/uboot: fix environment image generation on big endian systems
As reported by Jeff Wittrock in bug #11396, the U-Boot environment
image checksum is invalid for big endian targets, because the test on
the BR2_ENDIAN Config.in option doesn't take into account that it is
double quoted.

The fix was provided by Jeff himself on bugzilla.

Fixes bug #11396.

Reported-by: Jeff Wittrock <jwittrock@faultrecorder.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6fcf044a7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:56:27 +02:00
Fabrice Fontaine 323255f36a gvfs: fix activation of http/dav backend
Since gvfs version 1.2.3, http/dav backend needs libxml2:
https://gitlab.gnome.org/GNOME/gvfs/commit/2ef5b4192f95f9205204215aec33787641608e58

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a78848202b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:50:31 +02:00
Thomas Petazzoni 08e0f9bb73 ustr: remove source code from target
For some reason, ustr installs its own source code, which means we end
up with 448 KB of source code in /usr/share in the target filesystem:

$ tree output/target/usr/share/
output/target/usr/share/
└── ustr-1.0.4
    ├── malloc-check.h
    ├── ustr-b-code.h
    ├── ustr-b-dbg-code.c
    ├── ustr-b-opt-code.c
    ├── ustr-cmp-code.h
    ├── ustr-cmp-dbg-code.c
    ├── ustr-cmp-internal.h
    ├── ustr-cmp-opt-code.c
    ├── ustr-cntl-code.h
    ├── ustr-fmt-code.h
    ├── ustr-fmt-dbg-code.c
    ├── ustr-fmt-internal.h
    [...]

$ du -sh output/target/usr/share/ustr-1.0.4/
448K	output/target/usr/share/ustr-1.0.4/

So let's drop this source code in a post-install target hook.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c27484b2ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:45:20 +02:00
Baruch Siach 61b2dcb49e libssh: security bump to version 0.8.4
Fixes CVE-2018-10933: authentication bypass vulnerability in the server
code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in
place of the SSH2_MSG_USERAUTH_REQUEST message which the server would
expect to initiate authentication, the attacker could successfully
authenticate without any credentials.

  https://www.libssh.org/security/advisories/CVE-2018-10933.txt

Drop an upstream patch.

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit de24e47d90)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:15:53 +02:00
Baruch Siach a1bc7d71d7 libssh: bump to version 0.8.3
Drop GNU glob detection patch; issue fixed upstream.

Add upstream patch that completes the build fix when GNU glob is not
present.

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 540e37bf74)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:15:40 +02:00
Baruch Siach 5ece68f555 libssh: fix build with musl libc
libssh uses GNU extensions to the glob() API. Update the cmake test to
take that into account so that glob() is not used with musl libc.

Fixes:
http://autobuild.buildroot.net/results/0c2/0c2d17316fd6bd2bf1359e23a2a1273fa349cf2a/
http://autobuild.buildroot.net/results/936/936abac5362b33980fd1efe8b830409ee2f86f6b/
http://autobuild.buildroot.net/results/51b/51b1b136ab4209ee443c1b450a932341b2ff81b7/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 81e33bc77c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:15:21 +02:00
Baruch Siach 14d4522783 libssh: fix cross compile with older cmake
Old version of cmake break cross-compilation when FindThreads is used
because of a try_run call. Add a workaround that avoids try_run.

cmake bug report: https://gitlab.kitware.com/cmake/cmake/issues/16920

Should fix:
http://autobuild.buildroot.net/results/8aa/8aa2bd894416a4508ca7140f8947ff46243f8b78/
http://autobuild.buildroot.net/results/f2c/f2cc965bb134bf4fd9e625eb267b67c949c202fc/

Cc: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f34f33baa6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:15:14 +02:00
Bernd Kuhls f429a69b71 package/libssh: bump version to 0.8.1
Fixed broken _SITE, added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 23430a63a7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:15:06 +02:00
Fabrice Fontaine a8f6c9f95d open-plc-utils: fix build with static musl
Pass TARGET_LDFLAGS to EXTRA_LDFLAGS to fix following issue:
/home/buildroot/autobuild/run/instance-3/output/build/host-gcc-final-7.3.0/build/arm-buildroot-linux-musleabihf/libgcc/../../../libgcc/config/arm/lib1funcs.S:1545: undefined reference to `raise'

Also pass TARGET_CFLAGS to EXTRA_CFLAGS and TARGET_CXXFLAGS to
EXTRA_CXXFLAGS and move all these variables to
OPEN_PLC_UTILS_MAKE_OPTS for readability

Fixes:
 - http://autobuild.buildroot.org/results/67bc5e7ac8ae1c49c035b022a394d2f746705cf2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d8738d3b97)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 13:10:17 +02:00
Thomas Petazzoni c9bf7176e7 freetype: drop calling autogen, no longer needed
In commit a31a66802a ("freetype:
security bump to version 2.5.3"), the freetype package was changed to
call ./autogen.sh to regenerate the autotools stuff, because the
ltmain.sh provided by upstream freetype was not compatible with
Buildroot libtool-patching logic.

Since then, freetype has been bumped several times, and the current
version packaged in Buildroot has an ltmain.sh that is compatible with
our libtool-patching logic.

Therefore, this commit drops the no longer needed autogen stuff.

This autogen stuff was badly breaking per-package host/target
directory, because the autogen happened at the post-patch hook step,
at which point the host-automake/host-autoconf/host-libtool
dependencies have not yet been copied into this package host
directory.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88c6329521)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 12:39:28 +02:00
Fabrice Fontaine 7652cbed45 nmap: use system liblinear
Use system liblinear instead of using included liblinear.
liblinear in buildroot is at version 2.20 released on December 2017
whereas liblinear in nmap has not been updated since 7 years (except for
liblinear.vcxproj which has been updated 2 years ago)

Do not use --with-liblinear option as otherwise nmap will forget to add
-llinear to LIBS due to the following line in configure.ac:

if test $have_liblinear != yes; then
  AC_CHECK_HEADERS([linear.h],
    AC_CHECK_LIB(linear, predict, [have_liblinear=yes; LIBLINEAR_LIBS="-llinear"; break],, [-lm])
)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c0d9ba562c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 12:27:26 +02:00
Yegor Yefremov 9610b1dd23 scanpypi: improve BSD licence handling
When used without spdx_lookup the BSD licence cannot be
detected correctly because many Python packages just specify
BSD without the exact version in their metadata. So add a
special message warning the user instead of the licence id.

Bonus: fix typo.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d05e41eb1a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:08:03 +02:00
Baruch Siach 361d9ae731 ntp: fix build without libcap and no threads
When threads support is missing the ntp build system builds the
work_fork code. This code added call to set_user_group_ids() that is
under HAVE_DROPROOT, which is disabled when libcap is not built.

Add a patch fixing that.

Fixes:
http://autobuild.buildroot.net/results/ab9/ab9ceff1151b8b5e6b9fa77d39c0f9b0cac1a080/

Cc: Artyom Panfilov <apanfilov@spectracom.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 13dcc69a39)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:05:02 +02:00
Baruch Siach 8fb6893ef4 ntp: fix build for no-MMU with libcap
Commit 87d759ced5 (ntp: fix build for no-MMU) added a patch to make MMU
dependent code hidden behind HAVE_WORKING_FORK. It turns out that the
patch covers too much code. When libcap is enabled we pass
--enable-linuxcaps, which in turn enables HAVE_DROPROOT. This adds calls
to code that is covered by HAVE_WORKING_FORK.

Update the no-MMU fix so that HAVE_WORKING_FORK only covers the no-MMU
incompatible routine.

Fixes:
http://autobuild.buildroot.net/results/c5c/c5cf28bb969fec7c07864cdd094dedfa4d5439d2/

Cc: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7cf152852d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:04:57 +02:00
Baruch Siach 25d126cfe2 ntp: fix build for no-MMU
Code rearrange in the latest ntp version exposed code that used to be
hidden behind HAVE_WORKING_FORK. Put this code back where it belongs.

Fixes:
http://autobuild.buildroot.net/results/9f4/9f4710b451df1a60f95ab6503cfb7788ad998a65/
http://autobuild.buildroot.net/results/d0b/d0b20a6c0f37a8b06841afc2764c8aab6ffd27d2/
http://autobuild.buildroot.net/results/85c/85c89f5e9d36915567b8d14b9c99e3720c866577/

Cc: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 87d759ced5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:04:50 +02:00
Artyom Panfilov 35f859ecdb package/ntp: fix md5sum.
Signed-off-by: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f3c6452729)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:04:45 +02:00
Artyom Panfilov a048bdf49d package/ntp: security bump to version 4.2.8p12
Release notes:
https://www.nwtime.org/network-time-foundation-publishes-ntp-4-2-8p12

Fixed security issues:

  CVE-2016-1549 / CVE-2018-7170: Sybil vulnerability: ephemeral association
  attack

  CVE-2018-12327: The openhost() function used during command-line hostname
  processing by ntpq and ntpdc can write beyond its buffer limit

Signed-off-by: Artem Panfilov <apanfilov@spectracom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cf9344c45e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:04:39 +02:00
Fabrice Fontaine e9420f955a jasper: update license
Add hash for license file and use SPDX short term identifier

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab666003e2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 01:00:52 +02:00
Thomas Petazzoni 9e67f4a3db ptpd2: fix patch 0002 so that it applies properly
The patch
0002-ntp_isc_md5-rename-EVP_MD_CTX-into-PTPD_EVP_MD_CTX.patch added in
commit 5b7bc560a5 ("ptpd2: fix build
failures due to EVP_MD_CTX conflict and U64 missing") was broken and
did not apply correctly.

This commit fixes the patch so that it applies properly.

Fixes:

  http://autobuild.buildroot.net/results/ffa28ee2cecc77d66d934fdb03e1f2014189e45b/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d60973af00)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 00:58:31 +02:00
Giulio Benetti 4db458dd16 ptpd2: fix build failures due to EVP_MD_CTX conflict and U64 missing
In src/dep/ntpengine/ntp_isc_md5.*, the typedef of EVP_MD_CTX
conflicts with a definition of the same type done by OpenSSL. This
issue is referenced at https://github.com/ptpd/ptpd/issues/54, and has
been fixed upstream in commit
https://github.com/ptpd/ptpd/commit/838b985510c360e651d18134e64f258f2f4c6e7c.

In src/dep/snmp.c, U64 can be missing or conflicts with new perl as
reported at https://github.com/ptpd/ptpd/issues/25. This issue has
been fixed upstream in commit
https://github.com/ptpd/ptpd/commit/1886522b50fe44e5c0dedd01d13ac456b941f744. This
commit is adapted to apply on the current version of ptpd2 we have in
Buildroot.

Fixes:
http://autobuild.buildroot.net/results/47b99a6de256bfc0f5a8ae1484bb34e93b407237/
http://autobuild.buildroot.net/results/08365fc559dda74640b9750358c82e84600a68ea/
http://autobuild.buildroot.net/results/9b41c513500c63a9890973a0f17ffdb84d44d580/
http://autobuild.buildroot.net/results/2ed79d01635c9a5e1018229dc6f4b7240a995b87/
http://autobuild.buildroot.net/results/6d1b7e191f573334115684b85165f2bc27d75d8f/
http://autobuild.buildroot.net/results/f54c6fd841b3ea77dc12048c81f3f2991b679252/
http://autobuild.buildroot.net/results/332bc77bcde0bef1b2fd7b9993409dd051c27cd6/
http://autobuild.buildroot.net/results/4b416edaec9528d75a82c9570b8f8297718ca62d/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5b7bc560a5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 00:58:23 +02:00
Yegor Yefremov 6bc94e5f41 poco: disable fpenvironment for soft floating point configuration
Many platforms don't provide all FPU features needed by Poco when
configured for soft floating point in their fenv.h header. So
disable fpenvironment for this configuration to avoid build breakage.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c735f39881)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 00:54:16 +02:00
Matt Weber 40d02fabe5 package/setools: host variant needs host-python-enum34
The enum34 dependency is required for python2.7 for both the host and
target builds.  This patch adds the host dependency to match what is
already in place for the target.

The host build is used by the setools package seinfo tool offline for
host based policy analysis. The analysis is easiest performed offline
as the policy is checked for path/reachability, which is something
that occurs by taking the policy file and using debug libraries to
perform test cases.

Fixes the following runtime error:

$ ./output/host/bin/sesearch
Traceback (most recent call last):
[...]
  File "/home/test/buildroot/output/host/lib/python2.7/site-packages/setools-4.1.1-py2.7-linux-x86_64.egg/setools/policyrep/util.py", line 21, in <module>
    from enum import Enum
ImportError: No module named enum

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a5e4eddb84)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 00:48:21 +02:00
Matt Weber b150c9fa62 package/python-enum34: enable host build
This is initially used by the setools package to do offline
policy analysis using host tools.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3ec98f0564)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-24 00:48:13 +02:00
Peter Korsgaard 1aa66ce3e8 tinc: security bump to version 1.0.35
Fixes the following security issues:

CVE-2018-16758: Michael Yonli discovered that tinc 1.0.34 and earlier allow
a man-in-the-middle attack that, even if the MITM cannot decrypt the traffic
sent between the two endpoints, when the MITM can correctly predict when an
ephemeral key exchange message is sent in a TCP connection between two
nodes, allows the MITM to force one node to send UDP packets in plaintext.
The tinc 1.1pre versions are not affected by this.

CVE-2018-16738: Michael Yonli discoverd that tinc versions 1.0.30 to 1.0.34
allow an oracle attack, similar to CVE-2018-16737, but due to the
mitigations put in place for the Sweet32 attack in tinc 1.0.30, it now
requires a timing attack that has only a limited time to complete.  Tinc
1.1pre16 and earlier are also affected if there are nodes on the same VPN
that still use the legacy protocol from tinc version 1.0.x.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d0758184c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-23 18:07:37 +02:00
Bernd Kuhls c9e87d9434 package/tinc: bump version to 1.0.34
Updated license hash after upstream commit:
http://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff;h=54b18a85f68652f94ac5ecffbd9d100879ed06ea

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2dbc549ca6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-23 18:07:30 +02:00
Thomas Petazzoni 9c04f4847b ljlinenoise: fix upstream URL in Config.in
The current URL no longer exists, as detected by the new pkg-stats.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 05200ad014)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-23 18:06:35 +02:00
Romain Naour cfe4f3cd3e package/binutils: remove binutils 2.27 patches
binutils 2.27 support was removed in commit
453d29f1f4.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9861d487e1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 23:26:44 +02:00
Fabrice Fontaine 79393851f9 nmap: update license
nmap is licensed under GPL-2.0 but with additional restrictions (see
COPYING, especially the "IMPORTANT NMAP LICENSE TERMS" part).

So, following advices of Yann and Arnout (see
https://patchwork.ozlabs.org/patch/979081), set license to nmap license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f6199d3654)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:58:03 +02:00
Fabrice Fontaine ac7b4c7e10 leveldb: fix parallel build
Build of leveldb sometimes fails on:
Fatal error: can't create out-shared/db/db_bench.o: No such file or directory

Patch is not upstreamable as upstream switched to cmake

Fixes:
 - http://autobuild.buildroot.net/results/945bb8096c1f98f307161a6def5a9f7f25b2454a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit abba4e7012)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:52:37 +02:00
Peter Korsgaard 1bad6d2a4e file: explicitly disable libseccomp support for host
Fixes:
http://autobuild.buildroot.net/results/8a2/8a2ea2e4426416447705492237f526fc84b595d7/
http://autobuild.buildroot.net/results/a1f/a1f2369d31c2387efdec908877e0bcaa728b5aeb/

file-5.33 added optional seccomp support, but the filters did not cover all
needed syscalls, leading to errors when the freshly built host-file is
executed as part of the build on distributions with seccomp support (E.G.
Arch Linux):

checking for seccomp_init in -lseccomp... yes
..
../src/file -C -m magic
make[3]: *** [Makefile:764: magic.mgc] Bad system call

This has been fixed in file-5.34, but it anyway makes sense to explicitly
disable libseccomp support for consistency as we do not need it for the host
build.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a609f83296)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:50:32 +02:00
Peter Korsgaard 3f32198bf2 utils/get-developers: make it callable from elsewhere than the toplevel directory
get-developers tries to open DEVELOPERS in the current directory, so it
breaks when calling it from elsewhere than the toplevel Buildroot directory.

Traceback (most recent call last):
  File "../utils/get-developers", line 107, in <module>
    __main__()
  File "../utils/get-developers", line 26, in __main__
    devs = getdeveloperlib.parse_developers(os.path.dirname()
  File "/home/peko/source/buildroot/utils/getdeveloperlib.py", line 161, in parse_developers
    with open(os.path.join(basepath, "DEVELOPERS"), "r") as f:
IOError: [Errno 2] No such file or directory: '/home/peko/source/buildroot/output-foo/DEVELOPERS'

Fix it by instead figuring out where the DEVELOPERS file is relative to the
location of get-developers (E.G. one level up).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout:
  - add realpath to support a symlinked get-developers script;
  - pass devs_dir argument to check_developers() to support -c in subdir;
  - convert basepath to absolute path to support -f option.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

(cherry picked from commit 62d5558f76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:45:05 +02:00
Grégoire Delattre feea4715e1 utils/get-developers: fix python 3.x compatibility
This fixes a syntax error introduced in bcf2ed5cc3.

Output before the patch:
    $ ./utils/get-developers outgoing/*
        File "./utils/get-developers", line 97
            print dev
                    ^
        SyntaxError: Missing parentheses in call to 'print'. Did you mean
        print(dev)?

Output after the patch:
    $ ./utils/get-developers outgoing/*
    git send-email --to buildroot@buildroot.org

Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8320ad3341)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:44:52 +02:00
Peter Korsgaard 0aac4d6f3e utils/get-developers: add -e flag to only list email addresses for git send-email
When called with a list of patches, get-developers prints the entire git
send-email invocation line:

./utils/get-developers 0001-git-security-bump-to-version-2.16.5.patch
git send-email --to buildroot@buildroot.org --cc "Matt Weber <matthew.weber@rockwellcollins.com>"

This may be handy when creating an entire patch series and editing a cover
letter, but it does mean that this has to be explicitly executed and
get-developers cannot be used directly by the --cc-cmd option of git
send-email to automatically CC affected developers.

So add an -e flag to only let get-developers print the email addresses of
the affected developers in the one-email-per-line format expected by git
send-email, similar to how get_maintainer.pl works in the Linux kernel.

With this and a suitable git configuration:

git config sendemail.to buildroot@buildroot.org
git config sendemail.ccCmd "$(pwd)/utils/get-developers -e"

You can simply do:

git send-email master

To automatically mail the buildroot list and CC affected developers on
patches.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bcf2ed5cc3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 14:44:39 +02:00
Peter Korsgaard 01e4db9fcb qemu: security bump to 2.12.1
>From the release notes:

This update contains new mitigation functionality for CVE-2018-3639
(Speculative Store Bypass) in x86. There are also bug fixes for
migration, Intel IOMMU emulation, block layer/image handling, ARM
emulation, and various other areas.

https://www.mail-archive.com/qemu-devel@nongnu.org/msg553574.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b400c2ae0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:51:41 +02:00
Adam Duskett d6e1cdab58 qemu: bump to 2.12.0
In addition:
  - Update 0001-user-exec-fix-usage-of-mcontext-structure-on-ARM-uCl.patch
    with new line numbers and file location.
  - Remove upstream 0002-memfd-fix-configure-test.patch
  - Add new options found in 2.12.0 in qemu.mk as disabled.
  - Remove --with-system-pixman as it's no longer optional.

Tested with test-pkg:

./utils/test-pkg -p qemu -c configs/qemu_min_defconfig
                             br-arm-full [1/6]: OK
                  br-arm-cortex-a9-glibc [2/6]: OK
                   br-arm-cortex-m4-full [3/6]: SKIPPED
                          br-x86-64-musl [4/6]: OK
                      br-arm-full-static [5/6]: OK
                armv5-ctng-linux-gnueabi [6/6]: OK
6 builds, 1 skipped, 0 build failed, 0 legal-info failed

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 06e3957c16)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:51:27 +02:00
Thomas Petazzoni 5c5a3c6096 package/qemu: declare target variant before host variant
Our package infrastructure uses inheritance of a number of values from
the target package to the host package, which assumes the target
package is defined before the host package. In addition, future
changes are going to make this requirement even more important.

Therefore, let's fix the qemu package so that it declares its target
variant before its host variant, like all other packages in
Buildroot. We handle qemu separately from other packages, because
unlike other packages, it didn't had the "eval" for the host and
target packages at the end of the file, but rather all variables
related to the host variant first, then the call to the package
infrastructure for the host variant, then the variables related to the
target variant, and finally the call to the package infrastructure for
the target variant. We are inverting the order of those two big parts
in this commit.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2ae7b21e0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:51:10 +02:00
Adam Duskett 3855afdaf3 qemu: disable qemu user emulation on MIPS64 for host variant
According to target/mips/TODO in the Qemu sources:

MIPS64
------
- Userland emulation (both n32 and n64) not functional.

And indeed, trying to run a mips64n32 binary under qemu user emulation
results in:

Invalid ELF image for this architecture

So we move the BR2_mips64(el) dependency from
BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS to
BR2_PACKAGE_HOST_QEMU_SYSTEM_ARCH_SUPPORTS, so that only the system
emulation is available on mips64, and not the user-mode emulation.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 17024f5900)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:50:54 +02:00
Thomas Petazzoni 146cdbd540 qemu: introduce BR2_PACKAGE_HOST_QEMU_{SYSTEM, USER}_ARCH_SUPPORTS
Not all architectures are supported by both the system emulation and
user-mode emulation in Qemu, so a single
BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS doesn't work very well.

Therefore, this commit introduces the
BR2_PACKAGE_HOST_QEMU_{SYSTEM,USER}_ARCH_SUPPORTS hidden options. We
keep the BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS option for the (numerous)
architectures supported by both system emulation and user-mode
emulation.

The 'select' logic to make sure that at least either system emulation
or user-mode emulation is selected is reworked, and done carefully to
avoid recursive Kconfig dependencies.

For now BR2_PACKAGE_HOST_QEMU_SYSTEM_ARCH_SUPPORTS and
BR2_PACKAGE_HOST_QEMU_USER_ARCH_SUPPORTS are the same, but they will
become different in a follow-up commit.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d7f74dced9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:50:18 +02:00
Thomas Petazzoni ed56d69f15 qemu: rewrite BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS to be more readable
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 65e05cd914)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:50:09 +02:00
Ricardo Martincoski 6564d85f73 qemu/Config.in.host: fix overindented depends on
Do the same as used in all other Config.in files and use only one tab.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f9b9ad206a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:49:51 +02:00
Adam Duskett 4d6f105c40 qemu: remove support for some PowerPC processors in host qemu
The 620, 630, and 970 are not supported at this time by qemu.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit efc67deef3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:49:33 +02:00
Adam Duskett e538642aa1 qemu: add BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS
Match the style used with other packages such as valgrind.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 62099784d4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-21 10:49:25 +02:00
Giulio Benetti 7948dcf3a8 netsnmp: improve linking avoiding useless -lz listing in shared build
In commit:
https://git.buildroot.net/buildroot/commit/?id=13722d58f77d0e9fea9eefc50bf083d19f835433
Patch "0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch"
was intended to fix AC_CHECK_FUNCS() failure on openssl functions. This
was due to missing -lz during static linking.
But the patch is wrong and results in explicitly linking against -lz in
both shared and static build.
This makes no sense, since shared linking has transitive dependency so
it doesn't need to list -lz after -lssl, -lssl is enough.
Differently static linking needs -lz to be listed after -lssl.

So the real cause of previous build failure:
http://autobuild.buildroot.net/results/881/881139fb049738b16609d39ad5a49bd77ff6b4aa/
is that when AC_CHECK_FUNCS(), $LIBS variable is overwritten with
$LIBCRYPTO without taking into accout previous $LIBS content(i.e. where
-lz is present). This results in AC_CHEC_FUNCS() to fail while trying to
statically link without listing -lz.

Then:
- Remove current "0003-configure-Invert-AC_CHECK_LIB-EVP_md5-.-without-lz-w.patch"
- Add patch "0003-configure-fix-AC_CHECK_FUNCS-EVP_sha224-EVP_sha384-..patch"
  where add $LIBS content to tail of new $LIBS variable like this:
  LIBS="$LIBCRYPTO $LIBS"
  NOTE: $LIBS is at the end to ensure static linking to work correctly.
- Add patch 0004-configure-fix-AC_CHECK_FUNCS-TLS_method-TLSv1_method.patch
  where add $LIBS content to tail of new $LIBS variable like this:
  LIBS="-lssl $LIBCRYPTO $LIBS"
  NOTE: $LIBS is at the end to ensure static linking to work correctly.

This way AC_CHECK_FUNCS(), when static linking, try to link with -lz too
appending it at the end of linking library list.
And after every AC_CHECK_FUNCS(), previously saved $LIBS variable gets
back to its original value(i.e. containing -lz if present) resulting in
having or not -lz appended to library list according to static or
shared build.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c5a7c287de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 18:56:47 +02:00
Giulio Benetti aa0c2b3ec3 netsnmp: fix static build failure due to missing -lssl and -lz
During configure some checking needing -lssl and -lz don't have them
appended to linker tail. Since we are building static this leads to
configure failure because of mandatory functions lack produces:
"configure: error: The DTLS based transports require the libssl library
from OpenSSL to be available and support DTLS"

- Add 1 patch to fix -lssl lack in configure and .ac modules:
upstreamed: https://sourceforge.net/p/net-snmp/code/ci/bd59be8e4e339870a1400f6866a7b73ca11f6460/
- Add 2 patches to fix -lz lack in configure and .ac modules:
1 upstreamed: https://sourceforge.net/p/net-snmp/code/ci/13da2bcde8e22dd0127a668374fdf79bed04d353/
1 in Merge Request: https://sourceforge.net/p/net-snmp/code/merge-requests/19/
- Add NETSNMP_AUTORECONF = YES

Fixes:
http://autobuild.buildroot.net/results/ece/ece7af756c910f65f618c1d04a5de70cc574b5f4/
http://autobuild.buildroot.net/results/2a7/2a7020de6a4095cf9991d09fbe8f6e364783f63b/
http://autobuild.buildroot.net/results/e27/e2787d15f72949cbb347e8a1d344f5f80b4d7697/
http://autobuild.buildroot.net/results/439/4393ce8ddee294f91bdc3e6fb53e08d56fe52184/
http://autobuild.buildroot.net/results/da6/da6bbbbb3a8d8193ec1389b9d976164181e88ae2/
http://autobuild.buildroot.net/results/cf5/cf57686e7620cc0ec361631a9ff906aa0123fdb4/
http://autobuild.buildroot.net/results/104/1043a958314529240627005d1bf21a76f4e6fcf5/
http://autobuild.buildroot.net/results/885/8855545bd09388e0da451a3cb53b312e13b29c2c/
http://autobuild.buildroot.net/results/a3d/a3dab9618a7ed88f94597418a5892c87adc23c66/
http://autobuild.buildroot.net/results/18e/18e70b88c9bcb3b8ede7308e54bba9417d1fd3fb/
http://autobuild.buildroot.net/results/ee3/ee34f65f26da20c0f2fdb9e86bcbddd389f59a29/
http://autobuild.buildroot.net/results/a1e/a1eb848079080ddf7cf2fc9e554cdd63ade0e9aa/
http://autobuild.buildroot.net/results/4dc/4dc8b53ff9f504c0a3dfc2d72c2609ad4d34559b/
http://autobuild.buildroot.net/results/9cc/9cc19e481de20ea0b4b5163e45c5aee525b81229/
http://autobuild.buildroot.net/results/f15/f15c22e0257d7498456049d8aae195ed6a265d2e/
http://autobuild.buildroot.net/results/1b3/1b30f9813a4605056963bfe4532374f725830fda/
http://autobuild.buildroot.net/results/d02/d02afc174ac4c9888f0a2cf725820cc1f05fc4bf/
http://autobuild.buildroot.net/results/57b/57b3f4663058d728987ef848e4b346656cae21d4/
http://autobuild.buildroot.net/results/ed4/ed4c27bdffccc4374ab7f951c30baba8171d30e1/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 13722d58f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 18:56:36 +02:00
Bernd Kuhls a6e588e219 package/netsnmp: security bump to version 5.8
Fixes CVE-2018-18065: _set_key in agent/helpers/table_container.c in
Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an
authenticated attacker to remotely cause the instance to crash via a crafted
UDP packet, resulting in Denial of Service.

For more details, see description and PoC:
https://dumpco.re/blog/net-snmp-5.7.3-remote-dos

Removed patch, applied upstream, autoreconf is not needed anymore.
Added sha256 hashes for tarball and license file.
Switched _SITE to https.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1fe32e8375)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 18:56:28 +02:00
Peter Korsgaard 0709404fc3 git: security bump to version 2.16.5
Fixes CVE-2018-17456: RCE issue in handling of git submodules

For more details, see the announcement:
https://marc.info/?l=git&m=153875888916397&w=2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 063eff9bc6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 00:01:28 +02:00
Baruch Siach f75f370c82 libcurl: add brotli optional dependency
The brotli package has recently been added to Buildroot. Add brotli an
an optional dependency to libcurl to make the build consistent.

It turns out that libcurl configure script uses pkg-config to figure
out link libraries only when --with-brotli is explicitly set. So this
also fixes static build failure.

Fixes:
http://autobuild.buildroot.net/results/64b/64bc0dfe284206390ae0680b94c0876863a3c0f3/
http://autobuild.buildroot.net/results/233/23376d8653dea6361e42b0f17b6aaab3c14d99cf/
http://autobuild.buildroot.net/results/b19/b198db4b69e18e6d01ec95aae9c6096c1912dd9c/

Cc: Adrian Perez de Castro <aperez@igalia.com>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e7d658e029)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-11 20:32:48 +02:00
Olivier Schonken 45e5d2ce68 cups-filters: add autoreconf
Because we are patching Makefile.am, Makefile.am is newer than Makefile.in

Signed-off-by: Olivier Schonken <olivier.schonken@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-08 10:34:06 +02:00
Peter Korsgaard 67d61cbef5 Update for 2018.02.6
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-07 09:19:35 +02:00
Trent Piepho 3164df615c gnupg: drop mandatory dependency on ncurses
This package only needs ncurses when readline support is enabled, as
it's the autoconf macro file for readline (used by autoconf to create
the gnupg configure script) that checks for and pulls in ncurses.

Since readline already depends on ncurses, gnupg need only depend on
readline (when enabled).

The host package always forces readline support off, so the
host-ncurses dependency can be removed entirely.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 51e17496cc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:36:32 +02:00
Fabrice Fontaine cd9eb4fd91 screen: fix parallel build
comm.h is needed to build list_display.o and list_generic.o otherwise
parallel builds will sometimes fail

Fixes:
 - http://autobuild.buildroot.org/results/43105f14857dbe72d8878fc7b3db67f7bdca93cc
 - http://autobuild.buildroot.org/results/47f4ecbec1355285633df287fc9c4e7cccde9378

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 72e6c20809)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:34:39 +02:00
Bernd Kuhls 5e28da8cd6 package/clamav: security bump to 0.100.2
Fixes CVE-2018-15378, CVE-2018-14680, CVE-2018-14681 & CVE-2018-14682:
http://lists.clamav.net/pipermail/clamav-announce/2018/000033.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbd6fb9c2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:33:07 +02:00
Peter Korsgaard e82e94688c python-django: bump version to 1.11.16
Fixes a race condition in QuerySet.update_or_create() that could result in
data loss:

https://code.djangoproject.com/ticket/29499

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit feb811f567)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:29:35 +02:00
Peter Korsgaard 238f4415b8 links: fix X11 library/includes detection
Fixes:
http://autobuild.buildroot.net/results/4b0/4b02713ed5c10b58f390f96ea25f2a45c9a47af4/
http://autobuild.buildroot.net/results/ac6/ac668f867b9de7a2c61d263a894480afc181dd9b/
http://autobuild.buildroot.net/results/f02/f0248b3bf4a73210f210f422c8df067a6ea28aa1/

The configure script uses AC_PATH_X, which searches the host for the X11
libraries/headers, causing build failures.

https://www.gnu.org/software/autoconf/manual/autoconf-2.65/html_node/System-Services.html

Fix it by using --x-includes / --x-libraries like we do elsewhere.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 49a04acca3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:13:28 +02:00
Fabrice Fontaine 40c7b5c087 x265: disable parallel build
It seems package has a parallel build issue on ARM cortex A8 or A9 since
at least version 2.5:

[ 94%] Linking CXX shared library libx265.so
ipfilter8.S.o: file not recognized: File truncated
collect2: error: ld returned 1 exit status
CMakeFiles/x265-shared.dir/build.make:221: recipe for target 'libx265.so.160' failed

Fixes:
 - http://autobuild.buildroot.org/results/f6ea88324a8f9ac8ee780ddd71ec61f922e20210
 - http://autobuild.buildroot.org/results/3bd91a5694936650ce936a408ddd50338f65f8b0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 03bfbc5ab2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:12:36 +02:00
Peter Korsgaard c5291cccd5 xen: security bump to version 4.10.2
Drop 0003-memfd-fix-configure-test.patch applied upstream.

The 4.10.2 version brings a large number of fixes:

https://xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4102.html

Including a number of security fixes:

XSA-260: x86: mishandling of debug exceptions (CVE-2018-8897)
XSA-261: x86 vHPET interrupt injection errors (CVE-2018-10982)
XSA-262: qemu may drive Xen into unbounded loop (CVE-2018-10981)
XSA-263: Speculative Store Bypass (CVE-2018-3639)
XSA-264: preemption checks bypassed in x86 PV MM handling (CVE-2018-12891)
XSA-265: x86: #DB exception safety check can be triggered by a guest
         (CVE-2018-12893)
XSA-266: libxl fails to honour readonly flag on HVM emulated SCSI disks
         (CVE-2018-12892)
XSA-267: Speculative register leakage from lazy FPU context switching
         (CVE-2018-3665)
XSA-268: Use of v2 grant tables may cause crash on ARM (CVE-2018-15469)
XSA-269: x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS
         (CVE-2018-15468)
XSA-272: oxenstored does not apply quota-maxentity (CVE-2018-15470)
XSA-273: L1 Terminal Fault speculative side channel (CVE-2018-3620,
         CVE-2018-3646)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 059d655f5c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 22:01:03 +02:00
Peter Korsgaard 2e886ffdf9 strongswan: add upstream security fix for CVE-2018-17540
The fix for CVE-2018-16151 / 16152 contained an exploitable bug.
For details, see:

https://www.strongswan.org/blog/2018/10/01/strongswan-vulnerability-(cve-2018-17540).html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 040cf15a87)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:59:24 +02:00
Peter Korsgaard 1807dafc01 strongswan: add upstream security patch
Fixes the following security issues:

CVE-2018-16151: The OID parser in the ASN.1 code in gmp allows any number of
random bytes after a valid OID.

CVE-2018-16152: The algorithmIdentifier parser in the ASN.1 code in gmp
doesn't enforce a NULL value for the optional parameter which is not used
with any PKCS#1 algorithm.

For more details, see the advisory:
https://www.strongswan.org/blog/2018/09/24/strongswan-vulnerability-(cve-2018-16151,-cve-2018-16152).html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5e04cdde19)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:59:09 +02:00
Paresh Chaudhary c168ac2188 strongswan: bump to version 5.6.3
Signed-off-by: Paresh Chaudhary <paresh.chaudhary@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d759195b44)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:58:22 +02:00
Bernd Kuhls 0a7062f437 package/apache: security bump to version 2.4.35
Fixes: CVE-2018-11763: mod_http2, DoS via continuous SETTINGS frames
https://lists.apache.org/thread.html/d435b0267a76501b9e06c552b20c887171064cde38e46d678da4d3dd@%3Cannounce.httpd.apache.org%3E

Release notes:
https://lists.apache.org/thread.html/5d604774652fc073b1b161584d0d1efbdba7898c40ae2e2334725e5f@%3Cannounce.httpd.apache.org%3E

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ac22fafdc8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:45:24 +02:00
Gilles Talis 7bb2eb9e52 httping: add license hash
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1e2ca0455e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:41:19 +02:00
Gilles Talis e846fa1715 ocrad: add license hash
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 31e1768150)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:40:38 +02:00
Peter Korsgaard 479e15d57f bind: security bump to version 9.11.4-P2
>From the release notes
(http://ftp.isc.org/isc/bind9/9.11.4-P2/RELEASE-NOTES-bind-9.11.4-P2.txt):

 * There was a long-existing flaw in the documentation for ms-self,
   krb5-self, ms-subdomain, and krb5-subdomain rules in update-policy
   statements.  Though the policies worked as intended, operators who
   configured their servers according to the misleading documentation may
   have thought zone updates were more restricted than they were; users of
   these rule types are advised to review the documentation and correct
   their configurations if necessary.  New rule types matching the
   previously documented behavior will be introduced in a future maintenance
   release.  [GL !708]

 * named could crash during recursive processing of DNAME records when
   deny-answer-aliases was in use.  This flaw is disclosed in CVE-2018-5740.
   [GL #387]

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 63eb34fa12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:38:16 +02:00
Bernd Kuhls 430c0ea2cc package/ghostscript: fix removal of included lcms2
Ghostscript 9.24 changed the internal lcms2 version:
https://www.ghostscript.com/doc/9.24/News.htm

With this change the directory name was also changed which broke our
code to force the usage of the buildroot lcms2 package.

Fixes
http://autobuild.buildroot.net/results/d04/d04ad017bf06a442a7397f935959994ba72824e1/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d5f83cfc88)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:23:31 +02:00
Peter Korsgaard fe98673790 ghostscript: security bump to version 9.25
Fixes the following security issues:

- CVE-2018-16543: In Artifex Ghostscript before 9.24, gssetresolution and
  gsgetresolution allow attackers to have an unspecified impact

- CVE-2018-17183: Artifex Ghostscript before 9.25 allowed a user-writable
  error exception table, which could be used by remote attackers able to
  supply crafted PostScript to potentially overwrite or replace error
  handlers to inject code.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b054797eca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:23:20 +02:00
Fabrice Fontaine 8f8142b0e2 ghostscript: don't use lcms2art
Delete lcsm2art directory to use the buildroot lcms2 library

Fixes:
 - http://autobuild.buildroot.net/results/cda9c22bf29278cc24ab852094df19b773d0f151

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b0bf1f5888)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:22:46 +02:00
Fabrice Fontaine edcf93bb51 ghostscript: bump to version 9.23
- Remove sha256 (not provided anymore) and keep only sha512
- Update patch
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 60c4bd8ba4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 21:22:38 +02:00
Fabrice Fontaine 1d3478ba79 nilfs-utils: no comment if BR2_USE_MMU is true
Don't display comment if BR2_USE_MMU is true
Moreover, move BR2_USE_MMU dependency at the top of dependency list

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Kurt Van Dijck <dev.kurt@vandijck-laurijssen.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0dbab1bb45)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 20:34:52 +02:00
Peter Korsgaard 3ac80e4543 wireguard: bump version to 0.0.20180925
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0a656bc065)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 20:32:15 +02:00
Fabio Estevam cce01c44ef linux-headers: bump 4.{4, 9, 14, 18}.x series
[Peter: drop 4.18.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit fbfda3fc06)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 20:29:58 +02:00
Adrian Perez de Castro b0cffca8e8 webkitgtk: add dependency on the woff2 package
The woff2 dependency is used to support Web fonts in WOFF2 format.
This is a Web-facing feature that Web sites expect WebKit to support,
and it is recommended to be unconditionally enabled. While it is
possible to disable the feature at build time, upstream only recommends
doing so if the target system cannot provide a woff2 package.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 51b3fe094a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:09 +02:00
Adrian Perez de Castro 73221e79db webkitgtk: bump to version 2.22.2
Release notes:

    https://webkitgtk.org/2018/09/03/webkitgtk2.22.0-released.html
    https://webkitgtk.org/2018/09/20/webkitgtk2.22.1-released.html
    https://webkitgtk.org/2018/09/21/webkitgtk2.22.2-released.html

No corresponding security advisories for 2.22.x have been published.
Nevertheless, due to skipping over versions in the 2.20.x series,
the following 2.20.x advisories apply:

    https://webkitgtk.org/security/WSA-2018-0003.html
    https://webkitgtk.org/security/WSA-2018-0004.html
    https://webkitgtk.org/security/WSA-2018-0005.html
    https://webkitgtk.org/security/WSA-2018-0006.html

This also bumps the required GCC version, due to the WebKit code
now using more modern C++ features which were introduced in version
6.x of the compiler. The dependency is propagated to the midori
package as well. Last but not least, BR2_PACKAGE_WEBP_DEMUX and
BR2_PACKAGE_GST1_PLUGINS_BAD_PLUGIN_MPEGTSDEMUX are selected as
they are unconditionally needed by the newer WebKitGTK+ releases
when multimedia support is enabled.

An upstream patch for 32-bit ARM which did not make it to be included
in this new version is included as well, and can be removed once it
gets picked in a new release.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bd1bde0dc8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:09 +02:00
Fabrice Fontaine 486cd48f05 woff2: fix build on m68k
Same issue on woff2 than in some other packages such as lcdapi: see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79509

Fixes:
 - http://autobuild.buildroot.net/results/6c97a08e6ca2e914d54fbb525b3f0bb90023ef07

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 07ce2885fd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Adrian Perez de Castro b66cc0c7b2 woff2: fix static builds
Include a patch to make CMake correctly find the Brotli libraries when
they have been built as static libraries.

Fixes:
- http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/
- http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0ceb847af5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Adrian Perez de Castro 366f20c5a7 woff2: new package
Add the woff2 package to Builroot. This is needed by webkitgtk from
version 2.20.0 onwards. WebKitGTK+ used to bundle a copy of the library,
but it stopped doing so now that the upstream is has been making
releases.

[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 70afd4afa7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Adrian Perez de Castro 3ac0e6c501 brotli: fix building of static libraries
Include a patch to make CMake honor the BUILD_SHARED_LIBS which
Buildroot sets to choose the kind of libraries to build.

Fixes:
- http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/
- http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 557cd845b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Adrian Perez de Castro e387aa3149 brotli: disable unneeded check for C++ compiler
This adds a local patch, also submitted upstream, which modifies
CMakeLists.txt to avoid the check for the unneeded C++ compiler.

Fixes:
- http://autobuild.buildroot.net/results/68e05c634e62ba4b6f6eb8dc95eeb16faa58fd60

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bfda8371d4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Adrian Perez de Castro 796344c283 brotli: new package
Add the brotli package to Buildroot. This is needed by woff2, which in
turn is needed by webkitgtk from version 2.20.0 onwards. WebKitGTK+ used
to bundle a copy of the library, but it stopped doing so now that the
upstream has started making releases.

[Peter: fix license hash]
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 4f634160b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 15:17:08 +02:00
Fabrice Fontaine 2d484d8c94 imlib2: update license
- Use SPDX short identifier (Imlib2) instead of full name
- Add COPYING-PLAIN to license files
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e29fcc1480)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 14:03:43 +02:00
Marcel Patzlaff ad3df4780c libesmtp: update/fix site URL
The old URL was not working for quite some time.

Signed-off-by: Marcel Patzlaff <m.patzlaff@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 43e7667fc8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 14:02:43 +02:00
Fabrice Fontaine 5fdabdb1de igmpproxy: fix license
mrouted part of igmpproxy is licensed under BSD-3-Clause so add this in
IGMPPROXY_LICENSE and add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c60c928614)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 14:00:29 +02:00
Fabrice Fontaine e7912e6f87 libnfs: fix license and add hashes for license files
As specified in COPYING, examples are licensed under GPL-3.0+ and .x
files are licensed under BSD-2-Clause.

So update LIBNFS_LICENSE, add COPYING, LICENCE-BSD.txt and
LICENCE-GPL-3.txt to LIBNFS_LICENSE_FILES and add hash for all license
files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1b486d4fa3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:59:12 +02:00
Ferdinand van Aartsen c44cc1c649 libxslt: point to the correct xml2-config location
Currently libxslt configure finds native /usr/bin/xml2-config.

Signed-off-by: Ferdinand van Aartsen <ferdinand@ombud.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f8f8ff3347)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:57:14 +02:00
Fabrice Fontaine 949184518d cppcms: fix license
cppcms contains embedded third party software so add
THIRD_PARTY_SOFTWARE.TXT to CPPCMS_LICENSE_FILES as well as the
additional licenses to CPPCMS_LICENSE.
Also add hash for COPYING.TXT and THIRD_PARTY_SOFTWARE.TXT

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c17310450b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:54:09 +02:00
Matt Weber da7e17d229 boot/xloader: add upstream URL in Config.in help
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 78dd830f15)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:46:21 +02:00
Matt Weber 00438938ba package/bandwidthd: put upstream URL on separate lines in Config.in help
Allows scripting of URL checking to be simplier

Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4bdb24c5d9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:46:07 +02:00
Matt Weber 209b4cef67 package/connman: simplify upstream URL
The "For more information, see" is a bit useless, and not having the
URL alone on its own line prevents scripted URL checking.

Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b7de9139e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:44:54 +02:00
Matt Weber e5bfa32941 package/arp-scan: update upstream URL in Config.in help
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9835025476)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:44:37 +02:00
Matt Weber 02a4f31b47 package/android-tools: update upstream URL in Config.in help
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b7490dbd31)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:42:15 +02:00
Matt Weber 2cab577b48 boot/at91bootstrap3: add upstream URL in Config.in help text
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8084c33b39)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:41:56 +02:00
Matt Weber cc768cb645 boot/vexpress-firmware: add upstream URL in Config.in help text
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 49fff788d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:41:08 +02:00
Fabio Estevam 4f7cc212f7 linux-headers: bump 4.{4, 9, 14, 18}.x series
[Peter: drop 4.18.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit aad4493266)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:40:09 +02:00
Trent Piepho afdf97ca76 Makefile: fix issue with printvars executing giant shell command
The underlying problem is that $(foreach V,1 2 3,) does not evaluate to
an empty string.  It evaluates to "  ", three empty strings separated by
whitespace.

A construct of this format, with a giant list in the foreach, is part of
the printvars command.  This means that "@:$(foreach ....)", which is
intended to expand to a null command, in fact expands to "@:       "
with a great deal of whitespace.  Make chooses to execute this command
with:
    execve("/bin/sh", ["/bin/sh", "-c", ":       "]

But with far more whitespace.  So much that it can exceed shell command
line length limits.

This solution is to move the foreach to another step in the recipe.  The
"@:" is retained as the first line so the recipe is not Empty, which
would cause a change in make behavior when make builds the target.  The
2nd line, all whitespace, will be skipped by make.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b8d0aadc6d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-05 13:31:25 +02:00
Fabrice Fontaine 64720455f6 ipsec-tools: needs host-bison
Making all in racoon
/bin/sh ../../ylwrap cfparse.y y.tab.c cfparse.c y.tab.h `echo cfparse.c | sed -e s/cc$/hh/ -e s/cpp$/hpp/ -e s/cxx$/hxx/ -e s/c++$/h++/ -e s/c$/h/` y.output cfparse.output -- yacc -d
../../ylwrap: line 176: yacc: command not found
make[5]: *** [cfparse.c] Error 127

Fixes:
 - http://autobuild.buildroot.org/results/88c8bba943300df98b428646387c240f4522f40a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7dd5c78afa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 23:42:47 +02:00
Fabio Estevam b1f9d107a3 linux-headers: bump 4.{4, 9, 14, 18}.x series
[Peter: drop 4.18.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ebe0636db8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 23:37:26 +02:00
Bernd Kuhls 89e7af9a54 package/x11r7/xlib_libXft: remove autoreconf
Nine years ago we added autoreconf to fix libtool-related problems
with the matchbox package:

https://git.buildroot.net/buildroot/commit/?id=51ef5b81224c243aa7f937c4690b1a120c81ccbc

After building this defconfig with autoreconf removed from this package

BR2_x86_64=y
BR2_x86_core_avx2=y
BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XLIB_LIBXFONT=y
BR2_PACKAGE_MATCHBOX=y
BR2_PACKAGE_MATCHBOX_SM=y
BR2_PACKAGE_MATCHBOX_COMMON=y
BR2_PACKAGE_MATCHBOX_COMMON_PDA=y
BR2_PACKAGE_MATCHBOX_DESKTOP=y
BR2_PACKAGE_MATCHBOX_KEYBOARD=y
BR2_PACKAGE_MATCHBOX_PANEL=y
BR2_PACKAGE_MATCHBOX_STARTUP_MONITOR=y

it is obvious that the problem which existed nine years ago seems to be
gone, therefore we remove autoreconf from this package because there is
no need for it anymore.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3ae61eac51)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 23:28:43 +02:00
Bernd Kuhls 653624ad25 package/x11r7/xlib_libXfont: remove autoreconf
Nine years ago we added autoreconf to fix libtool-related problems
with the matchbox package:

https://git.buildroot.net/buildroot/commit/?id=51ef5b81224c243aa7f937c4690b1a120c81ccbc

Autoreconf for this package needs the xutil_util-macros but after
building this defconfig with autoreconf removed from this package

BR2_x86_64=y
BR2_x86_core_avx2=y
BR2_TOOLCHAIN_BUILDROOT_LOCALE=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_PACKAGE_XORG7=y
BR2_PACKAGE_XLIB_LIBXFONT=y
BR2_PACKAGE_MATCHBOX=y
BR2_PACKAGE_MATCHBOX_SM=y
BR2_PACKAGE_MATCHBOX_COMMON=y
BR2_PACKAGE_MATCHBOX_COMMON_PDA=y
BR2_PACKAGE_MATCHBOX_DESKTOP=y
BR2_PACKAGE_MATCHBOX_KEYBOARD=y
BR2_PACKAGE_MATCHBOX_PANEL=y
BR2_PACKAGE_MATCHBOX_STARTUP_MONITOR=y

it is obvious that the problem which existed nine years ago seems to be
gone. So instead of fixing autoreconf we remove it from this package
because there is no need for it anymore.

Fixes
http://autobuild.buildroot.net/results/30c/30cf5cc139f9f6a9dc070953270f74e18b9310d4/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 534706e260)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 23:27:46 +02:00
Thomas Petazzoni 3e73f13c71 libssh: fix download location
The current download location fails, and Buildroot falls back to
sources.b.o:

--2018-08-20 23:41:39--  https://red.libssh.org/attachments/download/218/libssh-0.7.5.tar.xz
Resolving red.libssh.org (red.libssh.org)... 78.46.80.163
Connecting to red.libssh.org (red.libssh.org)|78.46.80.163|:443... connected.
The certificate's owner does not match hostname ‘red.libssh.org’
--2018-08-20 23:41:39--  http://sources.buildroot.net/libssh/libssh-0.7.5.tar.xz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.211.19, 104.25.210.19, 2400:cb00:2048:1::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.211.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 351632 (343K) [application/x-xz]

This commit fixes the download location:

--2018-08-20 23:43:04--  https://www.libssh.org/files/0.7/libssh-0.7.5.tar.xz
Resolving www.libssh.org (www.libssh.org)... 87.98.168.187, 2001:41d0:2:f80c::4
Connecting to www.libssh.org (www.libssh.org)|87.98.168.187|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 351632 (343K) [application/x-tar]

This patch is extracted from a contribution from Bernd Kuhls who was
also bumping the package at the same time
(http://patchwork.ozlabs.org/patch/959192/).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac26da5275)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 21:42:46 +02:00
Bernd Kuhls 3f8a1fbbe7 package/php: security bump to version 7.2.10
Changelog: http://de2.php.net/ChangeLog-7.php#7.2.10

Fixes https://bugs.php.net/bug.php?id=76582, CVE ID pending.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7f3e2d2580)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 21:28:44 +02:00
Johan Oudinet d8c4b16166 support/scripts/mkusers: preserve group members
When the function add_one_group is called on an existing group,
make sure the members of this group are not removed in the process of
deleting then re-adding the group.

Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: add curly braces when referencing ${members}, as suggested by
Yann.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

(cherry picked from commit 497f7134fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 21:18:56 +02:00
Giulio Benetti dbff294954 vboot-utils: fix major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major() are used.

This commit adds an upstream patch to directly include
<sys/sysmacros.h> into cgpt_wrapper.c and dump_kernel_config_lib.c files
where major() macro is used.

The upstream patch has been taken from:
https://chromium.googlesource.com/chromiumos/platform/vboot_reference/+/435fbcee218b37a87368e2b22fa33366875d458c

Fixes:
http://autobuild.buildroot.net/results/4a2/4a21307984cb16d7879149dd9b9b062181b0388f/
http://autobuild.buildroot.net/results/899/899569165112fe577cf191cd4f0c698cbedeb9b1/
http://autobuild.buildroot.net/results/0e5/0e527d231fa791ec8e3375804f1a0043f92d73d0/
http://autobuild.buildroot.net/results/184/1849be60dd13c1debfbcfb8fba5cec113e81af62/
http://autobuild.buildroot.net/results/38f/38fcefe4feabfd95692cf6b3f7ecf84259fca4de/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2834e06c95)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 21:15:00 +02:00
Bernd Kuhls f31867ac0e linux-headers: bump 4.{4, 9, 14}.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 57022f5160)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 21:03:34 +02:00
Carlos Santos 704ed15334 acpid: use shutdown for poweroff, if available, not /sbin/poweroff
It's preferable to use "shutdown -hP now" to ensure that the runlevel is
known, preventing this message on the system console and log:

  WARNING: could not determine runlevel - doing soft poweroff
    (it's better to use shutdown instead of poweroff from the command line)

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab842ce21d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 20:55:42 +02:00
Giulio Benetti 6b3c1fa482 parted: fix minor()/major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major()/minor() are used.

This commit adds a patch to directly include <sys/sysmacros.h> into
libparted/arch/linux.c files where minor() and major() macros are used.

Patch has been taken from parted upstream commit:
http://git.savannah.gnu.org/cgit/parted.git/commit/?id=ba5e0451b51c983e40afd123b6e0d3eddb55e610

Fixes:
http://autobuild.buildroot.net/results/323/3230abaf78b8df8d23310b37b4099050fdc76eb0//
http://autobuild.buildroot.net/results/d3a/d3a3cd9963e5a2be1cec8fb553f5b20fc2e3c85c//
http://autobuild.buildroot.net/results/ecf/ecfb634b5e6dac2c88b399fc1f1adc68ca42504c//

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1bc14626e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 20:33:56 +02:00
Jörg Krause 8739da2a37 shairport-sync: add upstream patch to fix soxr configure issue
Commit e047dee241 adds an upstream patch
to fix a build issue with soxr.  The patch also adds detecting soxr
using pkg-config. Upstream detected an config issue [1], where the
resulting binary lacks soxr support, although libsoxr was correctly
detected.

This patch adds a define for `HAVE_LIBSOXR` when using pkg-config.

Backported from: cd6a99a7cfde1c5e1c1cc74ee6a77041bb4012d9

[1] https://github.com/mikebrady/shairport-sync/issues/740

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac4bca24ad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 20:30:54 +02:00
Fabrice Fontaine 005c8c657a fio: fix license
fio does not have any special conditions since version 2.2.6 indeed
MORAL-LICENSE has been updated to replace "promising" by "encouraged"
and "must" by "should":
https://github.com/axboe/fio/commit/67f4822ce3dc6af76b963c6ac467a8f0471a7faf

So fix LICENSE, add MORAL-LICENSE to LICENSE_FILES and add hash for both
licenses

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c4f923176a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 16:53:17 +02:00
Giulio Benetti 694b65e8bc android-tools: fix minor()/major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major()/minor() are used.

This commit adds a patch to directly include <sys/sysmacros.h> into
all usb_linux.c files where minor() and major() macros are used.

Fixes:
http://autobuild.buildroot.net/results/901/9011c6af71fb81988c2a05f2acee913a2bae2eff//
http://autobuild.buildroot.net/results/142/142c5672fdc44f2d68f18df3509e5051b3295df5//
http://autobuild.buildroot.net/results/b55/b55aa69654e758af5232ae69618ba1ea5c245074//

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c8e8f8b0f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-01 16:45:13 +02:00
Peter Korsgaard 61547602fa glibc: bump to latest on 2.26.x branch for additional fixes
Daniel Alvarez (1):
      getifaddrs: Don't return ifa entries with NULL names [BZ #21812]

Florian Weimer (8):
      libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
      Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
      libio: Disable vtable validation in case of interposition [BZ #23313]
      NEWS: Reorder out-of-order bugs
      Synchronize support/ infrastructure with master
      libio: Add tst-vtables, tst-vtables-interposed
      stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
      conform/conformtest.pl: Escape literal braces in regular expressions

Gabriel F. T. Gomes (1):
      Fix parameter type in C++ version of iseqsig (bug 23171)

H.J. Lu (2):
      x86: Correct index_cpu_LZCNT [BZ #23456]
      x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]

Martin Kuchta (1):
      pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]

Stefan Liebler (1):
      Fix segfault in maybe_script_execute.

Steve Ellcey (1):
      Check length of ifname before copying it into to ifreq structure.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-30 20:42:24 +02:00
Giulio Benetti 3b82cc0459 cramfs: fix minor()/major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major()/minor() are used.

This commit adds a patch to directly include <sys/sysmacros.h> into
cramfsck.c and mkcramfs.c where minor() and major() macros are used.

Fixes:
http://autobuild.buildroot.net/results/8c5/8c5997017568f8be1d2f664998fb2fdc433a51d3/
http://autobuild.buildroot.net/results/fad/fad1553d45a8c35ba84c5c340410e99322e21c44/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-30 10:46:39 +02:00
Peter Korsgaard a2222b6c02 libcurl: security bump to version 7.61.1
Fixes CVE-2018-14618: NTLM password overflow via integer overflow

For more details, see the advisory:
https://curl.haxx.se/docs/CVE-2018-14618.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 87d58cccf1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:57:20 +02:00
Peter Korsgaard ed820226c7 lcms2: add upstream security fix for CVE-2018-16435
Little CMS (aka Little Color Management System) 2.9 has an integer overflow
in the AllocateDataSet function in cmscgats.c, leading to a heap-based
buffer overflow in the SetData function via a crafted file in the second
argument to cmsIT8LoadFromFile.

For more details, see:
https://github.com/mm2/Little-CMS/issues/171
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16435

The upstream fix unfortunately includes a number of unrelated changes, but
thse files are not used when building for Linux.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9f81f578eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:54:46 +02:00
Fabrice Fontaine bb34fb0663 lcms2: bump to version 2.9
- Remove two patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b2561d0844)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:54:35 +02:00
Fabrice Fontaine fd37f6065e moarvm: fix build on powerpc64 / powerpc64le
Build fails with:
 In file included from dyncall_callback.c:35:0:
dyncall_callback_ppc64.c: In function 'dcbNewCallback':
dyncall_callback_ppc64.c:42:13: warning: implicit declaration of function 'dcAllocWX' [-Wimplicit-function-declaration]
   int err = dcAllocWX(sizeof(DCCallback), (void**) &pcb);
             ^~~~~~~~~
dyncall_callback_ppc64.c: In function 'dcbFreeCallback':
dyncall_callback_ppc64.c:53:3: warning: implicit declaration of function 'dcFreeWX' [-Wimplicit-function-declaration]
   dcFreeWX(pcb, sizeof(DCCallback));
   ^~~~~~~~
dyncall_callback_ppc64.S: Assembler messages:
dyncall_callback_ppc64.S:180: Error: operand out of range (3 is not between 0 and 1)

So select BR2_PACKAGE_LIBFFI for BR2_powerpc64 and BR2_powerpc64le as it
is already done for MIPS

Fixes:
 - http://autobuild.buildroot.org/results/97b53a74d9847c07f26178daeb1daff3b6c24813
 - http://autobuild.buildroot.org/results/c35ac4bbc5fb04aabf5a719eddeedf55f7f1f4eb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1b35eb9c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:49:09 +02:00
Max Filippov 66e9965818 package/gcc: xtensa: fix atomic NAND code generation
xtensa gcc incorrectly generates code for atomic NAND operation as
~a1 & a2 instead of ~(a1 & a2). Fix that.

Backported from: r264087
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Peter: drop gcc-8.x patch]
(cherry picked from commit 84efe72b78)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:45:50 +02:00
Fabrice Fontaine 517c70cc6d screen: fix rare build failure on T_N undeclared
/usr/lfs/v0/rc-buildroot-test/scripts/instance-2/output/host/bin/arm-none-linux-gnueabi-gcc -c -I. -I.  -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DETCSCREENRC='"/usr/etc/screenrc"' -DSCREENENCODINGS='"/usr/share/screen/utf8encodings"' -DHAVE_CONFIG_H -DGIT_REV=\"\" \
     -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os  -D_GNU_SOURCE list_display.c
In file included from screen.h:150:0,
                 from list_display.c:36:
display.h:154:19: error: 'T_N' undeclared here (not in a function)
   union tcu d_tcs[T_N];  /* terminal capabilities */

Macro T_N is defined in header file term.h but it may not be created
then fails. Backport patch to make sure term.h is created before compile
other source codes.

Fixes:
 - http://autobuild.buildroot.org/results/a62bea1fd32246526d59f029df3dca60f1cd710f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d496329a19)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:44:26 +02:00
Matt Weber 8712899fa6 package/xen: disable tools/qemu-xen/ opengl
Resolves:
http://autobuild.buildroot.net/results/a7f2bf387458c2f0db6a4b555c51004f321f9320

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 13c6754f3c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:42:36 +02:00
Giulio Benetti 09fe1d4175 mediastreamer: fix avcodec functions conflict
Autotools miss avcodec function check when linking statically, leading to
conflicts between local functions and avcodec functions.

Add patch to swap $FFMPEG_LIBS and -lavutil which are checked when
AC_CHECK_LIB on avcodec_* functions. $FFMPEG_LIBS contain -ldrm that must
be listed after -lavutil.

Fixes:
http://autobuild.buildroot.net/results/394/3945e06ea0dd1e16013184fbab5b67b3561c87ce/
http://autobuild.buildroot.net/results/576/576c7d71313c45753848462717200b2b8ff5bb0e/
http://autobuild.buildroot.net/results/f33/f339ac6ea30815eeb8ecb144c971f56c06a9f995

[Peter: adjust commit message to clarify that this is for static linking]
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit daf7dd87f4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:41:22 +02:00
Peter Korsgaard 29c70a4005 imagemagick: security bump to version 7.0.7-39
>From the release notes:

2018-06-06  7.0.7-39  <quetzlzacatenango@image...>
  * Fixed numerous use of uninitialized values, integer overflow, memory
    exceeded, and timeouts (credit to OSS Fuzz).

The most critical of these are:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8772
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8782

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 811734ef90)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-28 14:36:07 +02:00
Richard Kunze 26fe491b8b package/squashfs: fix build on hosts with glibc >= 2.28
Since glibc 2.28, sys/sysmacros.h is no longer included from sys/types.h
This patch fixes the resulting build error by explicitly including
sys/sysmacros.h

See also https://github.com/plougher/squashfs-tools/pull/52

Signed-off-by: Richard Kunze <richard.kunze@web.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ed0e55675e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:23:16 +02:00
Peter Seiderer 262002e88d squashfs: add license hash
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 10d4c1222a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:23:07 +02:00
Peter Seiderer 9080a475fd squashfs: bump version to e38956b92f738518c29734399629e7cdb33072d3
- delete patch 0001-musl.patch (superseeded by upstream commit [1])
- disable new zstd support for host/target

[1] https://git.kernel.org/pub/scm/fs/squashfs/squashfs-tools.git/commit/?id=a81678d6a698b8a016f9abac9f3d981281cc52eb

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 50b1a05fb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:22:58 +02:00
Peter Thompson 284d2f0f5d sdl2: add upstream patch to fix DirectFB renderer handling
The configure script enables the DirectFB video driver, but forgets to
enable the renderer driver, causing SDL_CreateRenderer() to fail. Add an upstream patch to fix this.

[Peter: reword/extend commit text,
	add git formatted patch from https://github.com/spurious/SDL-mirror]
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit d114494456)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:21:45 +02:00
Fabrice Fontaine c70b6f77d6 qt: fix build on powerpc_e500mc
gcc bug internal compiler error: in validate_condition_mode, at
config/rs6000/rs6000.c:180744. Bug is fixed since gcc 7.
Workaround is to set -mno-isel, see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60818 and
https://gcc.gnu.org/ml/gcc-patches/2016-02/msg01036.html

This bug is also raised on BR2_powerpc_8540, BR2_powerpc_8548 and
BR2_powerpc_e5500.

Fixes:
 - http://autobuild.buildroot.net/results/9b9d11b3281a72c8f54fc675408acb96d24d8e7e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 75f975f8ad)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:18:23 +02:00
Laurent Hartanerot 5ca1c55a83 qt5webengine: rename chromium.inc to chromium-latest.inc
For consistency with chromium-lts.inc, rename chromium.inc to
chromium-latest.inc.

Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b36fd21f2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:16:52 +02:00
Laurent Hartanerot 390b98876a qt5webengine: add separate file for chromium license files for Qt LTS
The qtwebengine package used by Qt LTS has a different set of license
files for chromium, so this commit introduces a separate
chromium-lts.inc with the right contents.

This fixes legal-info of qt5webengine with Qt LTS.

Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b105dc2b0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 23:00:56 +02:00
Giulio Benetti ebf7d54f88 minicom: add COPYING sha256 to hash
In minicom package hash file lacks sha256 entry for COPYING file even if
it is added to MINICOM_LICENSE_FILES.

Add COPYING sha256 entry to minicom.hash file.

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6edfa41a0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:27:49 +02:00
Fabio Estevam 2442ef936b linux-headers: bump 4.{4, 9, 14}.x series
Signed-off-by: Fabio Estevam <fabio.estevam@nxp.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2809b6e98f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:12:18 +02:00
Bernd Kuhls 2e84a7c625 linux-headers: bump 4.4.x series
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e2f7fca4b8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:11:33 +02:00
Mark Corbin 75997e34ab package/linux-headers: add help text for manual header selection
Add kconfig help text that explains how to manually specify an
official Linux version to use for the kernel headers.

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3beba26d76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:11:12 +02:00
Bernd Kuhls 062d9034a6 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 182a6c231b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:10:17 +02:00
Fabio Estevam 4711b3fa00 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 59af8a3a22)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-27 22:09:31 +02:00
Fabrice Fontaine 4e6ea0d043 linuxptp: needs NPTL
/home/buildroot/autobuild/run/instance-1/output/host/bin/or1k-linux-gcc   phc_ctl.o phc.o sk.o util.o clockadj.o sysoff.o print.o version.o  -lm -lrt  -o phc_ctl
phc2sys.o: In function `do_loop':
phc2sys.c:(.text+0x18bc): undefined reference to `clock_nanosleep'

Fixes:
 - http://autobuild.buildroot.org/results/a31e0a5ae15e1164115e4e5981ef5fb3c3284bcc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-20 23:38:07 +02:00
Yann E. MORIN 10012bef11 package/bison: fix build on host with glibc-2.28
Similarly to c48f8a6462 (package/m4: fix build on host with glibc-2.28),
backport the two fixes fromn gnulib upstream, that allows building
host-bison on systems using glibc 2.28.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 373ac58b82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-20 22:18:24 +02:00
Peter Korsgaard 6f9e4e637f qt5quickcontrols: correct license files for 5.9.x version
Fixes:
http://autobuild.buildroot.net/results/9326cb85c8ce4f98aa9d0a1238ffdab3e9829637/

Similar in spirit to commit 83d33f76 (qt5quickcontrols: update license file
names for Qt 5.6 version), but on 2018.02.x the list of files was correct
for the 5.6 version but not the 5.9 version.

Also add hashes for these licese files.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-04 22:45:20 +02:00
Peter Korsgaard c6caa2dc3b php: pdo mysql extension needs hash as well
Fixes:
http://autobuild.buildroot.net/results/69cf9326539c8df8fa50c5e7acb2ce3bb985ede2/

The PDO mysql extension also needs the hash extension - so select it,
similar to how it was done for the mysqli extension in commit 65f9645263
(php: fix build with mysqli).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 45215ffc8a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-03 09:22:28 +02:00
Peter Korsgaard 2b407a984f pv: fix build failures when building under a path containing 'yes'
Depending on the configuration, the cpp output may contain the string 'yes'
in a comment if built under a path containing 'yes', confusing the _AIX
test:

${CROSS}-cpp conftest.h
\# 1 "conftest.h"
\# 1 "<built-in>"
\# 1 "<command-line>"
\# 31 "<command-line>"
\# 1 "/home/peko/source/buildroot/output-yes/host/x86_64-buildroot-linux-gnu/sysroot/usr/include/stdc-predef.h"
\# 32 "<command-line>" 2
\# 1 "conftest.txt"

If misdetected, the configure script adds -lc128 to LIBS, causing the
AC_CHECKS_FUNCS check for stat64 to fail, which in turn causes compilation
errors about redefinition of symbols:

In file included from ./src/include/pv-internal.h:9:0,
                 from src/pv/file.c:5:
./src/include/config.h:76:18: error: redefinition of 'struct stat'
  #  define stat64 stat
                   ^
Fix it by only matching on 'yes' on a line by itself.

As pv doesn't cleanly autoreconf (it doesn't use automake and configure.in
is located in subdir), instead directly patch configure.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 994a47649b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-29 23:22:37 +02:00
Peter Korsgaard b07116644d Update for 2018.02.5
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-29 17:56:17 +02:00
Adam Duskett 4e4472670a postgresql: security bump to 10.5
Fixes CVE-2018-10915 & CVE-2018-10925

Changelog: https://www.postgresql.org/docs/10/static/release-10-5.html

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 81ccf146a7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-29 08:38:52 +02:00
Jörg Krause 2aafa0366f package/shairport-sync: add upstream patch to fix build issue with soxr
Add upstream patch to fix build issue detected by the Buildroot autobuilder:

```
arm-buildroot-linux-uclibcgnueabi/sysroot/usr//lib/libsoxr.a(soxr.c.o): In function `soxr_create':
soxr.c:(.text+0xd4c): undefined reference to `av_get_cpu_flags'
collect2: error: ld returned 1 exit status
```

A quick look at the soxr source code shows that `soxr_create()` might use
`av_get_cpu_flags()` depending on the architecture.

For the sake of simplicity link with `-lavutil` if it is found when using soxr.

Even better, as soxr provides a pkg-config file, this should be prefered.

Upstream issue: https://github.com/mikebrady/shairport-sync/issues/733
Upstream status: 5101ab2d13e2b89ea3c1276df5fb7413634eeccd

Fixes:
http://autobuild.buildroot.net/results/53d/53d21686780aa2485745b59e812b6280dd39f1c5
http://autobuild.buildroot.net/results/605/60576363adfca404c3a7883d5d46e8a4a9ee8171
http://autobuild.buildroot.net/results/806/806867ab1c6f42ad1b34d44844efc57272d48235
http://autobuild.buildroot.net/results/840/840810601fbb8a7957ea9dae175b959a7f9b7491
.. and more.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e047dee241)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-29 07:58:35 +02:00
Baruch Siach 08b9bc2f61 openssh: security bump to version 7.8
Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying
bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed.

Some OpenSSH developers don't consider this a security issue:

  https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ef5b39bd4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 16:13:40 +02:00
Baruch Siach 59d4d89f39 openssh: bump to version 7.7p1
Drop upstream patches, renumber the rest.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a08cd50e98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 16:13:33 +02:00
Julien BOIBESSOT ef12eee254 package/openssh: also install ssh-copy-id script
This script is useful to copy SSH keys between client and server [1] and
installed on most distributions (for example on debian: [2]).

[1] https://www.ssh.com/ssh/copy-id
[2] https://packages.debian.org/fr/jessie/armhf/openssh-client/filelist

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: use full destination path.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

(cherry picked from commit 0552b7fc38)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 16:13:28 +02:00
Baruch Siach 309269ca91 libsoup: add upstream security fix
Fixes CVE-2018-12910: The get_cookies function in soup-cookie-jar.c in
libsoup 2.63.2 allows attackers to have unspecified impact via an empty
hostname.

Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8a4536b2dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 15:44:10 +02:00
Peter Korsgaard 261ca83121 mbedtls: fix x86 PIC build with GCC < 5
Fixes:
http://autobuild.buildroot.net/results/d6d/d6dc9a640aa1f6650a3e7b9397f2fe2ae3433f4d/
http://autobuild.buildroot.net/results/ab5/ab5a58ea7845f9f378454ee1aa7e872448618ba9/

ebx was recently added to the x86 inline asm MULADDC_STOP clobber list to
fix #1550, but this causes the build to fail with GCC < 5 when building in
PIC mode with errors like:

include/mbedtls/bn_mul.h:46:13: error: PIC register clobbered by ‘ebx’ in ‘asm’

This is because older GCC versions treated the x86 ebx register (which is
used for the GOT) as a fixed reserved register when building as PIC.

This is fixed by an improved register allocator in GCC 5+.  From the release
notes:

Register allocation improvements: Reuse of the PIC hard register, instead of
using a fixed register, was implemented on x86/x86-64 targets.  This
improves generated PIC code performance as more hard registers can be used.

https://www.gnu.org/software/gcc/gcc-5/changes.html

As a workaround, add a patch to detect this situation and disable the inline
assembly, similar to the MULADDC_CANNOT_USE_R7 logic.

Patch submitted upstream: https://github.com/ARMmbed/mbedtls/pull/1986

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 11241ac656)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 10:12:26 +02:00
Christopher McCrory 64e63b6ce6 php: fix build with mysqli
This fixes autobuild failures like
http://autobuild.buildroot.net/results/3288b742cee650ee47a41c5b4d6aaef1fe67bff1

php compile breaks with:

ext/mysqlnd/mysqlnd_auth.o: In function `php_mysqlnd_scramble_sha2':
mysqlnd_auth.c:(.text+0x1054): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1064): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1070): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x1078): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x1088): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x1094): undefined reference to `PHP_SHA256Final'
mysqlnd_auth.c:(.text+0x109c): undefined reference to `PHP_SHA256Init'
mysqlnd_auth.c:(.text+0x10ac): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10bc): undefined reference to `PHP_SHA256Update'
mysqlnd_auth.c:(.text+0x10c8): undefined reference to `PHP_SHA256Final'

It looks like the php mysqli extension needs the hash extension to work.  This
seems to be a php Make dependany bug.  This patch works around it until the
upstream maintainers can fix it.

Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 65f9645263)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-28 10:12:21 +02:00
Peter Korsgaard 6e2dd4549b dropbear: add upstream security fix for CVE-2018-15599
dropbear is affected by an user enumeration vulnerability similar to the
recent issue in openssh (CVE-2018-15473).  Add an upstream patch fixing the
issue.

For more details, see the discussion on the mailing list:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002110.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a3b0ba38f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:32:38 +02:00
Stefan Sørensen 25c079de0e dropbear: Do not build static binary
Dropbear 2018.76 now uses the --enable-static option to indicate that a static
binary should be built. This will incorrectly pick up the generic buildroot
option intended for building static libraries, causing an unwanted static
binary build with BR2_SHARED_STATIC_LIBS.

Fix by appending an --disable-static configure flag, overriding the buildroot
default.

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c9922a4d2f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:31:28 +02:00
Stefan Sørensen c354b1edb5 dropbear: Fix host key loading with 521 bit ecdsa keys
Dropbear 2018.76 changed the default ecdsa host key size form 521 to 256
bits, but this breaks systems with an existing 521 bit key, blocking ssh
logins.

Apply the upstream fix from https://secure.ucc.asn.au/hg/dropbear/rev/0dc3103a5900 :

  Only advertise a single server ecdsa key when -R (generate as required) is
  specified. Fixes -R now that default ecdsa key size has changed.

[Peter: apply-patches.sh does not like suffix-less filename, so include
	patch in Buildroot]
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 8a38d7cc9a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:31:16 +02:00
Francois Perrad 2450968021 dropbear: unbundle libtomath & libtomcrypt
DROPBEAR_SMALL_CODE could be only honored with bundled libtomcrypt

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cf9b5522d1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:30:57 +02:00
Thomas Petazzoni dccaff8e82 dropbear: fix build with non-SSP capable toolchain
By default, Dropbear's configure script enables hardening
flags. Unfortunately, the check for SSP only uses AC_COMPILE_IFELSE(),
and therefore doesn't properly test for the availability of libssp,
visible only at link time.

In addition, Buildroot passes its own hardening flags, depending on
various global options. So, we simply disable hardening flags in
Dropbear.

This fixes a build failure with non-SSP capable toolchains happening
since the bump to 2018.76.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b0aafef619)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:30:29 +02:00
Francois Perrad e7fc3403bb dropbear: bump to version 2018.76
with this new version:
  - "configure --enable-static" should now be used instead of
    "make STATIC=1"
  - any customised options should be put in localoptions.h

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2e035a9aec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-27 11:30:22 +02:00
Yann E. MORIN 743fd97689 package/brltty: fix cross-compilation
brltty has a very inventive buildsystem, where it internall runs
./configure for the build machine In doing so, it generates a list
of make variables to define what the build machine supports, like
it does for the target.

However, the build variables are generated with a convoluted sed
script that scans the target list, and appends _FOR_BUILD to each
target variables. Then, both lists are included from the Makefile,
on the assumption that the build variables will not clash with the
target variables.

Where it gets interesting, is that that sed script considers the
variables names to match '[A-Za-z][A-Za-z0-9_]*'

And there we see why ATSPI2_PACKAGE does not match: it contains a
digit.

So, some build variables will inevitably override target ones.

Fix that by simply expanding the matching regexp to allow digits
in variable names.

Fixes:
    http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/
    http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Mario Lang <mlang@blind.guru>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8909897ab3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-26 23:23:07 +02:00
Yann E. MORIN 70ea0f8421 docs/manual: expand on why using a branch name is not supported
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a2e0003141)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-26 23:18:30 +02:00
Peter Korsgaard 4f09ed89b3 mbedtls: security bump to version 2.7.5
Fixes the following security issues:

- CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites
  through a timing side-channel

- CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through
  a cache based side-channel

For more info, see the advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7a7a159135)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-26 23:15:10 +02:00
Yann E. MORIN 79baca104d package/lua-flu: fix to use the system xattr header
We can't carry a mercurial patch, because the luarocks package is not
organised with the same layout as the upstream package source tree is.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Marcin Niestroj <m.niestroj@grinn-global.com>
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27e0cad2da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-26 22:20:52 +02:00
Vadim Kochan 7d06574716 wireless_tools: Fix site URL does not work
Replace broken http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux
by https://hewlettpackard.github.io/wireless-tools.

[Peter: also adjust URL in Config.in]
Signed-off-by: Vadim Kochan <vadim.kochan@petcube.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit 052d3cbb0e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 11:59:21 +02:00
Bernd Kuhls 9e5c172f0f package/nodejs: security bump version to 8.11.4
Release notes:
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/

Fixes CVE-2018-12115, also CVEs were fixed in included OpenSSL code
which do not use for the target build.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bfc5dc9920)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 11:58:17 +02:00
Bernd Kuhls 7ec02006bf package/ipsec-tools: add security patch to fix CVE-2016-10396
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a3422534c8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 11:56:58 +02:00
Bernd Kuhls a237f9dd63 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d2965cbb7e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 11:54:33 +02:00
Bernd Kuhls 61c4f41a78 package/bind: security bump to version 9.11.4-P1
Fixes CVE-2018-5740: https://ftp.isc.org/isc/bind9/9.11.4-P1/CHANGES

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 21d0077a2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 11:04:17 +02:00
Bernd Kuhls d8fc62edbb package/php: security bump to version 7.2.9
Version 7.2.8 fixed CVE-2018-12882, CVE-2018-14883 & CVE-2018-14851:
http://www.php.net/ChangeLog-7.php#7.2.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit addd279d73)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:59:54 +02:00
Ricardo Martincoski 42ab95458b php: use $() to reference make variables instead of ${}
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit dba254cdf0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:59:42 +02:00
Peter Korsgaard 392148e28f ruby: security bump to version 2.4.4
Fixes the following security issues:

CVE-2017-17405: Command injection vulnerability in Net::FTP (2.4.3):
https://www.ruby-lang.org/en/news/2017/12/14/net-ftp-command-injection-cve-2017-17405/

CVE-2017-17742: HTTP response splitting in WEBrick (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/http-response-splitting-in-webrick-cve-2017-17742/

CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/unintentional-file-and-directory-creation-with-directory-traversal-cve-2018-6914/

CVE-2018-8777: DoS by large request in WEBrick (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/large-request-dos-in-webrick-cve-2018-8777/

CVE-2018-8778: Buffer under-read in String#unpack (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/

CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket (2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-unixsocket-cve-2018-8779/

CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
(2.4.4):
https://www.ruby-lang.org/en/news/2018/03/28/poisoned-nul-byte-dir-cve-2018-8780/

Multiple vulnerabilities in RubyGems (2.4.4):
https://www.ruby-lang.org/en/news/2018/02/17/multiple-vulnerabilities-in-rubygems/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 46cfed78b1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:57:33 +02:00
Matt Flax 00d400f976 eigen: Fix pkg-config file prefix error
eigen generates	a pkg-config file which	has a broken prefix
(@CMAKE_INSTALL_PREFIX@).  This broken prefix causes an incorrect path when
other packages call pkg-config --cflags eigen.

This patch fixes the prefix in the generated eigen pc file, so projects
which depend on this pc file can now correctly find the eigen include
directory at build time.

Also correct the Cflags output to use the runtime prefix instead of the
build time STAGING_DIR, like we do elsewhere.

[Peter: drop backslashes, tweak commit message]
Signed-off-by: Matt Flax <flatmax@flatmax.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

(cherry picked from commit e477dc19b5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:47:17 +02:00
Peter Korsgaard c0ddd9dd07 python-django: security bump to version 1.11.15
Bump to the latest release of the 1.11.x LTS series as 1.10.x is no longer
supported upstream:

https://www.djangoproject.com/download/

Fixes the following security issues:

- CVE-2017-12794: Possible XSS in traceback section of technical 500 debug
  page (1.11.5)

- CVE-2018-6188: Information leakage in AuthenticationForm (1.11.10)

- CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
  template filters (1.11.11)

- CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
  truncatewords_html template filters (1.11.11)

- CVE-2018-14574: Open redirect possibility in CommonMiddleware (1.11.15)

Also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ae977e9428)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:46:41 +02:00
Yann E. MORIN 8cecfc3401 package/m4: fix build on host with glibc-2.28
glibc-2.28 did quite some lifting in their headers, which breaks the
way some packages were detecting glibc, like gnulib.

However, packages do bundle gnulib (it was meant to be bundled),
and so does m4.

Since m4 hasn't seen the slightest commit since 2017-01-09, it is
bundling an old gnulib version, that predates glibc-2.28, and thus
breaks. It also means that upstream hasn't already fixed the issue.

Furthermore, as upstream is using a git submodule for gnulib, and
that the paths are not the same in the release tarball (in lib/)
and in the git tree (in gnulib/), we can't do a plain backport.

So, we selectively backport the two patches from gnulib upstream,
restricted to only the files that happen to be used in m4.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reported-by: c32 on IRC
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c48f8a6462)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:45:29 +02:00
Baruch Siach d49f42c3be dahdi-tools: unify dependencies comments
The threads dependency comment is currently shown even though the
toolchain supports threads, only because kernel build is disabled.

Merge the kernel and threads comments. This is similar to what we have
in other packages that need the kernel.

Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f70b13a7cb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:44:41 +02:00
Peter Korsgaard c6989413b9 libfuse: security bump to version 2.9.8
Fixes CVE-2018-10906 - In fuse before versions 2.9.8 and 3.x before 3.2.5,
fusermount is vulnerable to a restriction bypass when SELinux is active.
This allows non-root users to mount a FUSE file system with the
'allow_other' mount option regardless of whether 'user_allow_other' is set
in the fuse configuration.  An attacker may use this flaw to mount a FUSE
file system, accessible by other users, and trick them into accessing files
on that file system, possibly causing Denial of Service or other unspecified
effects.

And additionally:

- libfuse no longer segfaults when fuse_interrupted() is called outside the
  event loop.

- The fusermount binary has been hardened in several ways to reduce
  potential attack surface.  Most importantly, mountpoints and mount options
  must now match a hard-coded whitelist.  It is expected that this whitelist
  covers all regular use-cases.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9c2bbc3fc9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:42:37 +02:00
Fabrice Fontaine d635824608 libfuse: add hash for license files
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 72660a1185)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:42:29 +02:00
Bernd Kuhls 97e18877a6 package/libopenssl: security bump to version 1.0.2p
Fixes CVE-2018-0732 & CVE-2018-0737:
https://www.openssl.org/news/vulnerabilities.html

Added upstream sha1 hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8654a214ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:40:56 +02:00
Bernd Kuhls 6d6bcb6b25 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 345a8eeda1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:39:19 +02:00
Thomas Petazzoni 61909a06cd libselinux: use correct name and content for patch 0004
Commit 6288409642 ("libselinux: add
patch to fix build with gcc < 4.7") introduced a patch, but its file
name was incorrect, so it was never applied. In addition, the patch
was generated against the Git repository of SELinux, which includes
all projects, and therefore it doesn't apply to the libselinux source
code extracted from the tarball: the "libselinux/" component path
needs to be removed from the patch.

This commit fixes both problems, which should finally and really fix:

  http://autobuild.buildroot.net/results/c3272566bb808e43bb77ec59cfe596f7e0fe9a64/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cb8d1743ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:36:49 +02:00
Thomas Petazzoni affa919039 libselinux: add patch to fix build with gcc < 4.7
This commit adds a patch from Hollis Blanchard on libselinux to fix
build on host machines that have gcc < 4.7.

Fixes:

  http://autobuild.buildroot.net/results/a82bb0c0b22ff24263ad7a7d165b21c0df7b3b1d/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6288409642)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:36:41 +02:00
Baruch Siach a4d7b285cf bzip2: change upstream site
The bzip.org website is down. Use the Buildroot backup download site.
Remove the website link as there is no clear alternative upstream at
this point.

  https://lwn.net/Articles/762264/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f45976b2c7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:35:05 +02:00
Marcin Niestroj fe2e175b9d package/lvm2: Fix runtime crash when using uclibc
When using uclibc libdevmapper.so was calling dm_task_get_info_base()
function recursively, leading to segmentation fault. This was
happening because uclibc linker loader just takes first existing
'dm_task_get_info' (which is 'dm_task_get_info_base') symbol in elf
binary, instead of default version.

Add upstreamable lvm2 patch [1], which introduces
--enable-symvers[=STYLE] switch. Use that switch to disable symbol
versions, as we do not plan to support binaries compiled against
old libdevmapper library.

Fixes bug #10781.

[1] https://www.redhat.com/archives/dm-devel/2018-July/msg00187.html

Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5313c50aa3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:32:28 +02:00
Peter Korsgaard 92c8a5cd3c lvm2: add license hashes
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 70dc00e1c2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:32:20 +02:00
Laurent Hartanerot ab22e87402 lighttpd: Add systemd tmpfile to fix lighttpd systemd boot
Problem starting lighttpd application with systemd.

/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
2018-06-22 11:21:34: (server.c.733) opening errorlog '/var/log/lighttpd-error.log' failed: Permission denied
2018-06-22 11:21:34: (server.c.1420) Opening errorlog failed. Going down.

Lighttpd can not write the 'lighttpd-access.log' and 'lighttpd-error.log' files
to the directory '/var/log/'.

When using systemd the directory '/var/log' does not allow the user www-data to
write.

To correct the problem, we add /usr/lib/tmpfiles.d/lighttpd.conf.
This file create the 'lighttpd-access.log' and 'lighttpd-error.log' files  with
the permission

Signed-off-by: Laurent Hartanerot <laurent.hartanerot@atos.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7c2eb68cac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:29:47 +02:00
Thomas Petazzoni 2a85a2cc8a configs/arm_juno: bump ATF to v1.3
ATF in version 1.2 fails to build with:

./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'

This has been fixed in ATF v1.3. Even though there are even newer
versions of ATF available, we take a conservative approach, and bump
to the first version that has the build issue fixed.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/88314771

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 395bc11dde)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:27:29 +02:00
Thomas Petazzoni c3a8c834fe board/technologic/ts7680: fix bogus size in genimage.cfg
512B is not a correct size to express "512 bytes", and causes a
genimage failure:

  ERROR: Invalid size suffix 'B' in '512B'

To express "512 bytes", using just "512" is sufficient. With this
commit, genimage works fine, and we indeed have a 512 bytes unused
partition:

$ fdisk -l output/images/sdcard.img
Disk output/images/sdcard.img: 60 MiB, 62915584 bytes, 122882 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x00000000

Device                    Boot Start    End Sectors  Size Id Type
output/images/sdcard.img1          1      1       1  512B  0 Empty
output/images/sdcard.img2          2 524289  524288  256M 83 Linux

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/88314963

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f1bdb63ff4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:26:48 +02:00
Thomas Petazzoni 948831e805 configs/raspberrypi2: increase ext4 filesystem size
The default size of the ext4 filesystem is no longer sufficient to
hold all the kernel modules built by the RPi Linux kernel
configuration. Let's increase to 120 MB, like we did for
raspberrypi3_defconfig.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/88314938

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 272bf797c9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:23:16 +02:00
Thomas Petazzoni 1200f10bda mesa3d-headers: fix logic to generate the dri.pc file
As noted by Arnout in [1], the logic in mesa3d-headers.mk generates a
bogus dri.pc file, which looks like this:

prefix=/usr
exec_prefix=/usr
libdir=/lib
includedir=/include
dridriverdir=/dri

Indeed, the ${...} are expanded as shell variables when the sed
command is executed, while the intention is that those ${...} should
go in the .pc file. By escaping those using $${...}, we get the
expected .pc file:

prefix=/usr
exec_prefix=/usr
libdir=${exec_prefix}/lib
includedir=${prefix}/include
dridriverdir=${libdir}/dri

This was detected by the not yet committed check-package improvement
from Ricardo that detects bogus ${...} usage to reference make
variables.

[1] http://lists.busybox.net/pipermail/buildroot/2018-July/225402.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 98e3c1eee5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:19:37 +02:00
David Owens fb8c4deb1a mtd: backport upstream bug fix
A regression in the mtd package prevents non-consecutive ubi volume
IDs from working properly. This change backported from upstream
reverts the commit [0]. The issue was originally described on the mtd
mailing list:

http://lists.infradead.org/pipermail/linux-mtd/2018-June/081562.html

[0] http://git.infradead.org/mtd-utils.git/commitdiff/dede98ffb706676309488d7cc660f569548d5930

Signed-off-by: David Owens <david.owens@rockwellcollins.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fd127c8e59)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:06:39 +02:00
Baruch Siach b74f66c978 mtd: bump to version 2.0.2
Add license file hash.

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ea72187746)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 10:06:33 +02:00
Baruch Siach 416eed9540 uboot-tools: force host CFLAGS
U-Boot now adds -std=gnu11 when building its build utilities, like
fixdep. This option is only supported since gcc version 4.7.

  https://gcc.gnu.org/gcc-4.7/changes.html

Force usage of Buildroot HOST_CFLAGS, like we do already for
host-uboot-tools, to avoid the -std=gnu11 option.

Fixes:
http://autobuild.buildroot.net/results/ea0/ea09b614a3c10d494939d9551c0c3bfca4626ece/
http://autobuild.buildroot.net/results/f8e/f8efd9af4d86c51fe4f5afe44db9abf9adc5718f/
http://autobuild.buildroot.net/results/c0a/c0ab35c3cb46f84863fe20c0ee92ecc2379578b6/

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 03a808a099)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:38:22 +02:00
Peter Korsgaard 162388a74d ncurses: disable terminfo database install for host-ncurses
Since commit b35ad5d0b4 (ncurses: make host-ncurses use host terminfo), we
are now pointing host-ncurses to the host terminfo (typically) located in
/usr/share/terminfo.

With this change we are reusing the existing host terminfo database, so
there is no point in trying to install our own on top.  The user running
buildroot typically will have no write access to /usr/share/terminfo, but
tic in that case falls back to writing the database to $HOME/.terminfo.
Neither of which are desirable.

In case $HOME/.terminfo also isn't writable, tic fails, breaking the install
step for host-ncurses:

** Building terminfo database, please wait...
Running sh ./shlib tic to install /usr/share/terminfo ...

        You may see messages regarding extended capabilities, e.g., AX.
        These are extended terminal capabilities which are compiled
        using
                tic -x
        If you have ncurses 4.2 applications, you should read the INSTALL
        document, and install the terminfo without the -x option.

"terminfo.tmp", line 21272, terminal 'v3220': /home/peko/.terminfo: permission denied (errno 30)

To fix all of this, simply disable the terminfo database install.

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b42fb29048)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:34:39 +02:00
Peter Korsgaard 9cfa7578f7 chrony: backport upstream patch to fix blocking on getrandom() at startup with recent kernels
chrony calls getrandom() at startup if available, so it needs a workaround
for the blocking behaviour on recent (4.14.39+), similar to what was done
for util-linux in commit c4d86707cd (util-linux: add two upstream patches
to fix blocking on getrandom() with recent kernels).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d9937b62e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:33:18 +02:00
Bernd Kuhls edd8cae05e package/waylandpp: fix build error with gcc 4.4/4.9
Fixes
http://autobuild.buildroot.net/results/51a/51afcd6d3c3c4839d8216b7b0dba35c8e38211f4/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c4a3cdd06a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:21:20 +02:00
Bernd Kuhls 2f694c9e60 package/waylandpp: bump version to 0.2.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 10ddd8881c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:21:14 +02:00
Bernd Kuhls e98a088291 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8e1b07230f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:18:48 +02:00
Bernd Kuhls 7ade3c11f2 package/wpa_supplicant: add upstream security fix
Fixes CVE-2018-14526:
http://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 904d5d7179)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 09:02:50 +02:00
André Hentschel 45cfb7dbd3 wireshark: bump version to 2.2.16 (security)
Security fixes since 2.2.15:

- wnpa-sec-2018-06
  RPKI-Router infinite loop. Bug 14414. CVE-2018-7325.
- wnpa-sec-2018-34
  BGP dissector large loop. Bug 13741. CVE-2018-14342.
- wnpa-sec-2018-35
  ISMP dissector crash. Bug 14672. CVE-2018-14344.
- wnpa-sec-2018-36
  Multiple dissectors could crash. Bug 14675. CVE-2018-14340.
- wnpa-sec-2018-37
  ASN.1 BER dissector crash. Bug 14682. CVE-2018-14343.
- wnpa-sec-2018-38
  MMSE dissector infinite loop. Bug 14738. CVE-2018-14339.
- wnpa-sec-2018-39
  DICOM dissector crash. Bug 14742. CVE-2018-14341.
- wnpa-sec-2018-40
  Bazaar dissector infinite loop. Bug 14841.
- wnpa-sec-2018-41
  HTTP2 dissector crash. Bug 14869.

Full release notes:

  https://www.wireshark.org/docs/relnotes/wireshark-2.2.16.html

Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 14d287098a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 08:49:12 +02:00
Bernd Kuhls c140a16758 package/samba4: Fix uClibc build on 64bit platforms by including stdint.h
Patch needed to be updated for samba-4.8.4

Fixes
http://autobuild.buildroot.net/results/140/1404a594583ff192d70086ef590f924472465c89/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6d37231476)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:40:11 +02:00
Bernd Kuhls e998257b68 package/samba4: security bump to version 4.8.4
Release notes: https://www.samba.org/samba/history/samba-4.8.4.html

Fixes

o  CVE-2018-1139  (Weak authentication protocol allowed.)
o  CVE-2018-1140  (Denial of Service Attack on DNS and LDAP server.)
o  CVE-2018-10858 (Insufficient input validation on client directory
                   listing in libsmbclient.)
o  CVE-2018-10918 (Denial of Service Attack on AD DC DRSUAPI server.)
o  CVE-2018-10919 (Confidential attribute disclosure from the AD LDAP
                   server.)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3d7ce0124a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:40:01 +02:00
Bernd Kuhls e1dafc11c2 package/samba4: disable build of manpages and documentation
Fixes
http://autobuild.buildroot.net/results/3f214cbb1fe2dc2c2cbfb630032e13eba81c1b5a/
and many others

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: reformat patch as Git formatted]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

(cherry picked from commit f38c8d7ed6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:39:52 +02:00
Thomas Petazzoni 85fb63649e package/samba4: drop patch numbering in patch 0003
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 15045fba99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:39:45 +02:00
Thomas Petazzoni f4579f94e8 package/samba4: reformat patch 0002 as Git-formatted patch
This commit reformats
0002-patch-source3__libads__kerberos_keytab.c.patch as a Git-formatted
patch.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 90b26f8764)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:39:39 +02:00
Bernd Kuhls 0060ade136 package/samba4: bump version to 4.8.3
Removed patch applied upstream.

Release notes: https://www.samba.org/samba/history/samba-4.8.3.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bcc3a15baf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:39:31 +02:00
Bernd Kuhls 9cf1cf46a8 package/samba4: bump version to 4.8.2
Release notes: https://www.samba.org/samba/history/samba-4.8.2.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 78e020726c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:39:19 +02:00
Bernd Kuhls 1ca3a38e9b package/samba4: bump version to 4.8.1
Release notes: https://www.samba.org/samba/history/samba-4.8.1.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 62dca337fe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:38:59 +02:00
Bernd Kuhls 8f4ca74c84 package/samba4: bump version to 4.8.0
Changelog: https://www.samba.org/samba/history/samba-4.8.0.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f4e8dcc1d5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:38:50 +02:00
Peter Korsgaard 93bea331a9 boot-wrapper-aarch64: use SPDX identifier for 3 clause BSD
Use the correct SPDX identifier for the 3 clause BSD license, like we do
elsewhere.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f2d748e13b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:19:06 +02:00
Angelo Compagnucci 10a3e2ea85 linux: bump CIP to version v4.4.138-cip25
This patch bumps the CIP Linux kernel to version v4.4.138-cip25

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f2e3e37124)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:17:44 +02:00
Bernd Kuhls 5fe70325f5 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ce1af4db2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:16:33 +02:00
Baruch Siach 7eabe71874 libarchive: add upstream security patches
Add patches for the following security issues:

CVE-2017-14501 - An out-of-bounds read flaw exists in parse_file_info in
archive_read_support_format_iso9660.c when extracting a specially
crafted iso9660 iso file.

CVE-2017-14502 - Off-by-one error for UTF-16 names in RAR archives,
leading to an out-of-bounds read in archive_read_format_rar_read_header.

CVE-2017-14503 - Out-of-bounds read within lha_read_data_none() in
archive_read_support_format_lha.c when extracting a specially crafted
lha archive.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 760fbe789c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:13:32 +02:00
Fabrice Fontaine 7213c2dc66 libarchive: add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a3f5bf52b9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:13:26 +02:00
Thomas Petazzoni d5fd16d2d4 linuxptp: add patch to fix no-thread/linuxthreads uClibc builds
linuxptp missing.h header implements a replacement clock_nanosleep()
function, which was used when the thread implementation was not NPTL,
because uClibc failed to provide clock_nanosleep() in such
configurations.

However, uClibc-ng has fixed this problem upstream, and has backported
this change in Buildroot in patch
package/uclibc/0002-librt-declare-clock_nanosleep-independent-of-thread-.patch
(the code is upstream and will be part of uClibc-ng 1.0.31). Due to
this, there is now a conflicting definition of clock_nanosleep()
between the C library and the linuxptp missing.h code, which manifests
itself by the following build failure:

missing.h:117:19: error: static declaration of 'clock_nanosleep' follows non-static declaration
 static inline int clock_nanosleep(clockid_t clock_id, int flags,
                   ^~~~~~~~~~~~~~~
In file included from clockadj.h:24:0,
                 from clockadj.c:24:

This commit fixes that by adding a patch that removes the replacement
clock_nanosleep() implementation from the linuxptp code base.

Fixes:

  http://autobuild.buildroot.net/results/bf400095a853f5beb28c77a50fcffefe52c3d769/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ae2cae70b8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:10:26 +02:00
Carlos Santos 3005bdece1 vim: install /bin/vi as a relative symlink
Prevent creating a dangling symlink when vim is not present on the host
machine. With BR2_ROOTFS_MERGED_USR, just link to "vim", since they are
on the same directory, otherwise link to "../usr/bin/vim".

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 52385d789a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:09:13 +02:00
Baruch Siach 20d363fb9e docs/manual: update host gcc minimum required version
The oldest gcc that is known to work with current Buildroot is that of
RHEL 6, version 4.4.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27797caf76)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:05:37 +02:00
Bernd Kuhls 565bcaa546 package/lttng-tools: bump version to 2.10.5
Added sha256 and license hashes, switched _SITE to https.

This bump includes
https://github.com/lttng/lttng-tools/commit/b4cf0332cc1164684bbc708b6c46c1d69a15b847
which fixes a musl build error:
http://autobuild.buildroot.net/results/09d/09d6d5e2d1c50dbd6c026e12aa245fc90687eb19/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 81ea4a243b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-24 00:02:19 +02:00
Thomas Petazzoni 1e0db1a880 package: propagate pulseaudio dependencies correctly
The BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC dependency of
BR2_PACKAGE_PULSEAUDIO was not properly propagated to reverse
dependencies, causing the following kconfig warning:

warning: (BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_PULSEAUDIO && BR2_PACKAGE_GST_PLUGINS_GOOD_PLUGIN_PULSE && BR2_PACKAGE_GST1_PLUGINS_GOOD_PLUGIN_PULSE && BR2_PACKAGE_KODI_PULSEAUDIO && BR2_PACKAGE_MPD_PULSEAUDIO && BR2_PACKAGE_EFL_PULSEAUDIO) selects BR2_PACKAGE_PULSEAUDIO which has unmet direct dependencies (BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC && BR2_USE_WCHAR && BR2_TOOLCHAIN_HAS_THREADS && !BR2_STATIC_LIBS && BR2_USE_MMU)

This commit fixes that by propagating the dependency as it should have
been done.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 68161802eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 23:58:36 +02:00
Joel Stanley 24e8c76e71 gcc: Fix building on ppc64le GCC 8 host
When building on a ppc64le host we see this error:

    build/genmatch --gimple ../../gcc/match.pd \
        > tmp-gimple-match.c
    ../../gcc/match.pd:120:1 error: expected (, got NAME
       negative value by 0 gives -0, not +0.  */

This was reported upstream[1] and fixed on the GCC 6 [2] and GCC 7 [3]
branches:

    Backport from mainline
    2018-01-10  Kelvin Nilsen  <kelvin@gcc.gnu.org>

    * lex.c (search_line_fast): Remove illegal coercion of an
    unaligned pointer value to vector pointer type and replace with
    use of __builtin_vec_vsx_ld () built-in function, which operates
    on unaligned pointer values.

The patches included in Buildroot contain just the code changes, and not
the changelog, to make it easer to manage backporting.

Tested on Ubuntu Cosmic ppc64le.

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=86162
[2] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=261621
[3] https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=262243

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88a161b388)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 23:51:57 +02:00
Hollis Blanchard cecdbb8e69 attr: build fix for GCC < 4.5
GCC 4.4 and before do not support a message associated to the
"deprecated" gcc attribute. Since such messages are not that useful in
the context of Buildroot, this commit adds a patch that removes them
in the attr source code.

Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f910320143)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:42:06 +02:00
Yann E. MORIN cbbfe11d41 package/attr: bump version
The current version of attr uses a canned custom buildsystem, that
is borked in quite a few ways (no support for static, overwrites
destination files without unlinking...)

There has been a release recently-ish, with a complete overhaul of
the buildsystem. We can now drop all our patches.

The option to disable NLS has changed, so update accordingly.

Fixes: #10986

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: use the original SITE instead of a specific mirror]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

(cherry picked from commit b02616cff4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:42:06 +02:00
Hollis Blanchard 44a440bfd3 acl: build fix with GCC 4.4.7
The acl source code uses pragmas inside functions, which is not
supported by gcc 4.4, still in use in older distributions. This commit
adds a patch that drops such pragma. Indeed, this acl is not built
with -Werror, the warning removals are not that important.

Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a957cdfbb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:42:06 +02:00
Yann E. MORIN db54bd889a package/acl: bump version
Of most interest is the build system overhaul, and the drop of the
dependency on attr-provided <attr/xattr.h> in favour of the
system-provided <sys/xattr.h>.

That last bit meaning that we will be able to bump attr.

We can drop our patches: static is now natively supported thanks to
the use of libtool, and the internal symbols patch was a backport,
and finally, our install patch is superseded by the use of autotools.

The option to disable NLS has changed, so update accordingly.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a37657f44e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:42:06 +02:00
Yann E. MORIN 4245816f7a package/xorriso: fix to use the system xattr header
We don't carry a git-formatted patch, because upstream is in fact a
collection of git trees, while the release tarball is an aggregate
of those repositories. Thus, the layout is different between the
tarball and the SCM...

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Steve Kenton <skenton@ou.edu>
[Thomas:
 - add host-pkgconf as a dependency of host-xorriso, since it's needed
   for autoreconf to work
 - drop HOST_XORRISO_AUTORECONF = YES, since it's implied by
   XORRISO_AUTORECONF = YES.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

(cherry picked from commit 798d1ec309)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:40:30 +02:00
Baruch Siach 2106720f3b stress-ng: fix build with kernel headers v3.9
Add a patch correcting the kernel headers version test macro.

Fixes:
http://autobuild.buildroot.net/results/cbf/cbfb80117840bddd5712bcda3caeaaff61745b0b/
http://autobuild.buildroot.net/results/649/64941ac5b7dcd9c100bdc47cdfe73cce5f23c3d8/
http://autobuild.buildroot.net/results/741/741f5881d3cb745d1003ede3f762c20eb72de0b5/

Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ca54f17a0e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:38:00 +02:00
Yann E. MORIN d831ad4844 package/stress-ng: bump version
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 18a3556220)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:38:00 +02:00
Ryan Coe 1aeeaea2f0 mariadb: needs dynamic library support
In a static-only configuration, mariadb fails to build because it
tries to build a shared library:

[ 18%] Linking CXX shared module ha_spider.so
output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/6.4.0/../../../../arm-buildroot-linux-uclibcgnueabi/lib/libstdc++.a(eh_globals.o)(.text.__cxa_get_globals_fast+0x14): R_ARM_TLS_LE32 relocation not permitted in shared object

This is not detected by the autobuilders, because mariadb is part of a
Config.in choice, and such choices are not randomized by our current
testing infrastructure.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 58cb24d883)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:17:57 +02:00
Bernd Kuhls 6f5a0c5622 package/mariadb: security bump to version 10.1.35
Fixes CVE-2018-3064, CVE-2018-3063, CVE-2018-3058 & CVE-2018-3066:
https://mariadb.com/kb/en/library/mariadb-10135-release-notes/

Added all hashes provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dbe8483b20)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:16:03 +02:00
Ryan Coe acd9e32dfe mariadb: move comments outside of define block
There are two comments inside the post install define block that show up in
the build. Fix this by moving the comments outside the block.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d0a0d49c20)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:13:50 +02:00
Thomas Ehrhardt 54d2e39bca ghostscript: set correct font path on target
GHOSTSCRIPT_FONTS_TARGET_DIR is set to $(TARGET_DIR)/usr/share/fonts/gs
in ghostscript-fonts.mk. If we pass this full path to ghostscript, it
will look for fonts in $(TARGET_DIR), which doesn't exist on the
target.

Instead of /usr/share/fonts/gs, use /usr/share/fonts so ghostscript can
also access other fonts than the ones installed by ghostscript-fonts.

Signed-off-by: Thomas Ehrhardt <tehrhardt@innovaphone.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit a76eab228f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:12:09 +02:00
Arnout Vandecappelle (Essensium/Mind) 24b78f0de9 Makefile: help: BR2_DEFCONFIG for defconfig must be on command line
The help text says that BR2_DEFCONFIG will be used as input, but a
BR2_DEFCONFIG specified in the existing .config file will *not* be
used. So say explicitly that it must be specified on the command line.
Note that both "BR2_DEFCONFIG=... make defconfig" and
"make defconfig BR2_DEFCONFIG=..." will work.

While we're at it, add a semicolon to separate the two statements.

Note that this overflows the help text beyond 80 characters, but that
is already the case in many other lines.

Reported-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27aa7ae618)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 22:02:41 +02:00
Bernd Kuhls 1888d61307 linux-headers: bump 4.{4, 9, 14, 16, 17}.x series
[Peter: drop 4.16.x/4.17.x change]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 30fc1bee72)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:55:00 +02:00
Fabio Estevam e723063131 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 871d0edf5b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:51:19 +02:00
Trent Piepho 9361360bfd lttng-tools: bump to version 2.10.4
Remove patches now present upstream and drop no longer needed
autoreconf.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7417daf0eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:47:12 +02:00
John Faith 3e408c8436 lttng-tools: Install to staging
Install the LTTng control library headers and shared objects
to staging.

The C interface to LTTng described here:
https://lttng.org/docs/v2.10/#doc-liblttng-ctl-lttng
requires including <lttng/lttng.h> and linking against liblttng-ctl,
but those parts are not available unless this package does a staging
install.

Signed-off-by: John Faith <jfaith@impinj.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3466298b0f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:46:39 +02:00
Trent Piepho 078dd40b2f lttng-modules: bump version to 2.10.6
This is needed for kernel 2.16.x compatiblity.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dda7a90624)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:45:36 +02:00
Bernd Kuhls 051eccdd89 package/znc: security bump to 1.7.1
Fixes CVE-2018-14055 & CVE-2018-14056.

Changelog: https://wiki.znc.in/ChangeLog/1.7.1

Removed 0001-Fix-build-without-SSL-support.patch, applied upstream:
https://github.com/znc/znc/commit/e567f4cb73a1637141f7e4fc3b0ef44e79568048

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 92fc6273d9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:40:38 +02:00
Baruch Siach 3e04c26c54 znc: fix build without openssl
Add a patch to include <memory> unconditionally.

Fixes:
http://autobuild.buildroot.net/results/4c3/4c3d9f6f5214052b7eda4c7bbfabe5b463080b12/
http://autobuild.buildroot.net/results/d06/d06176f00109ad0707032b0d76fe94f1d414106c/

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1b86479da5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:39:32 +02:00
Fabrice Fontaine 7c8a1ccab3 znc: add mandatory dependency on threads
Threads support is mandatory since version 1.7.0:
https://github.com/znc/znc/commit/582cd635f5a047761b1052a40088ab86e62fffc1

Fixes:
 - http://autobuild.buildroot.net/results/cc56c7dbee594056288296398772ef9e22846299

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bfbba99e01)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:36:06 +02:00
Bernd Kuhls fcb1e07ccd package/znc: python support depends on icu
Upstream checks for icu when build with python support:
https://github.com/znc/znc/commit/4fe4a45dd62411ba9ede04750ca44f071e7d6cbb

Fixes
http://autobuild.buildroot.net/results/9e4/9e44159820789f1d25efcbd24318b0e05e132371/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0f095a5318)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:35:50 +02:00
Bernd Kuhls 205142b16c package/znc: bump version to 1.7.0
Increased minimum gcc version to 4.8 as mentioned in the Changelog:
https://wiki.znc.in/ChangeLog/1.7.0

Removed all patches:
- 0001 was applied upstream:
https://github.com/znc/znc/commit/483074cbf82a48a3ff01838fcbaec00553d1882c

- 0002 is not needed anymore after upstream switched Csocket to a git
  submodule:
https://github.com/znc/znc/commit/9166e6ed40f0c7a85eee0d024b12510c13863f55#diff-8a725997e024d92d67b33a90cffb8342

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f02d8c1b58)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:35:35 +02:00
Bernd Kuhls d9d1f7c52c package/znc: bump version to 1.6.6
Added license hash, switched _UPSTREAM to an upstream directory which
also contains older release tarballs.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 621363f5ac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:35:26 +02:00
Fabio Estevam a6ce2f6733 linux-headers: bump 4.{4, 9, 14, 17}.x series
[Peter: drop 4.17.x change]
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3ea6325af0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:30:30 +02:00
Fabrice Fontaine 8a2d7c15bc mbedtls: bump to version 2.7.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 023cc02d0a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:26:40 +02:00
Julien BOIBESSOT 70f63a8c52 package/ti-utils: update website URL
As kernel wireless wiki doesn't seem to have the doc about wl12xx
calibration, points to a backup of the old site.

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f0a0ace421)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:21:11 +02:00
Julien BOIBESSOT 7a38de3d8e package/crda: update website URL
Now Linux wireless infos are on corresponding wiki.

Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit abc6db8b66)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:20:26 +02:00
Geoff Levand f470492c0f dmidecode: enable for aarch64
arm64 systems support SMBIOS, so update the dmidecode config
to allow building dmidecode for arm64.

Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6e00a671bc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:18:20 +02:00
Carlos Santos 9090ea58b6 gawk: install /usr/bin/awk as a relative symlink
Fixes:
  http://autobuild.buildroot.net/results/bf3937882023df7ed319dc76f1af10f79785112f/

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d4b5a92c53)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:17:40 +02:00
Baruch Siach 11e775ec59 cryptsetup: fix build with pre C11 toolchains
Add a patch removing a redefined typedef. Redefinition of typedef, even
to the same type, used to be illegal before C11.

Fixes:
http://autobuild.buildroot.net/results/93b/93b300a62f2ddbad66eab08e25fc3225969f224b/
http://autobuild.buildroot.net/results/6c6/6c6092d633400498ee5b8090733a949a9632e473/
http://autobuild.buildroot.net/results/f46/f46ef6123b5fa92753ff534b4ef7bea3f53ac388/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Tested-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d9cfe343d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:06:24 +02:00
Baruch Siach 6ed7468245 cryptsetup: fix build with old host kernel headers
By default cryptsetup configure fails when the if_alg.h kernel header is
not available. Kernels older than 2.6.38, like the one in RHEL 6 hosts,
do not provide this header. Since we don't need the kernel crypto
feature for host tools, just disable this feature to allow successful
completion of the configure script.

While at it, fix a typo in the --with-crypto_backend option (hyphen ->
underscore).

Should fix:
http://autobuild.buildroot.net/results/ffd/ffda2579b215b53161025b7bc703091cb30ef95d/
http://autobuild.buildroot.net/results/c48/c48015f76b13fec38f650f66824e7b986eb28572/
http://autobuild.buildroot.net/results/be6/be621f71bf9da8719bf7fc943eccc9b4dc2cc43e/

Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bef1786475)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:06:16 +02:00
Marcin Niestroj 3d4857c173 package/cryptsetup: bump version to 2.0.3
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dffbda3853)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:06:02 +02:00
Baruch Siach 01b75ec247 cryptsetup: bump to version 2.0.2
Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Martin Hicks <mort@bork.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5b85b59709)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 21:05:35 +02:00
Bernd Kuhls 5cb7352111 package/erlang: bump version to 20.3
Removed patch 0001, not needed anymore after upstream commit
https://github.com/erlang/otp/commit/aa9054e0ea48a127f2aeafcdce1df4d1aec09574

Renumbered remaining patches, added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 25cc880794)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 20:01:45 +02:00
Bernd Kuhls c61f61b909 package/gnutls: bump version to 3.5.19
Release notes:
https://lists.gnupg.org/pipermail/gnutls-devel/2018-July/008583.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 08d64f47eb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 17:51:31 +02:00
Baruch Siach f40f75cc81 gnutls: bump to version 3.5.18
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 16956889f7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-23 17:51:26 +02:00
Bernd Kuhls 753337dcd9 package/ffmpeg: bump version to 3.4.4
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fbeeb8ce06)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-15 22:48:04 +02:00
Bernd Kuhls 5d267c45e8 package/ffmpeg: bump version to 3.4.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9987955106)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-15 22:47:53 +02:00
Bernd Kuhls 840d0ee198 package/ffmpeg: add optional support for libdrm
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5c1ae91a24)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-15 22:47:41 +02:00
Sébastien Szymanski b8f6745893 qt5xmlpatterns: fix license files for 5.9.x variant
Similar to commit 3c6958423f (qt5: bump latest version to 5.10.1), the
5.9.x (and 5.8.x) versions of qt5xmlpatterns doesn't have the 'v' in the
license file names, as slightly different formatting/content, so adjust the
_LICENSE_FILES and hashes to match.

Fixes:
 http://autobuild.buildroot.net/results/8a9e40a8c56f2bf1cbf2d2dcab4a874a3fefa367

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-10 10:36:12 +02:00
Ricardo Martincoski 510f2c91d9 support/testing: add test for file capabilities
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5f201de0dc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-10 08:26:45 +02:00
Ricardo Martincoski 1369d30a99 makedevs: allow leading whitespace for capabilities
Currently makedevs silently ignores extended attributes with leading
whitespace, for example those added to a <PACKAGE>_PERMISSIONS following
the recommended style from check-package.

Makedevs already ignores leading whitespace for normal entries (file
permission changes and device files creation). Do the same for extended
attributes.

Fixes: #11191.

Reported-by: Jean-pierre Cartal <jpcartal@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2d8d5ced10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-10 08:26:32 +02:00
Bernd Kuhls 574d32606a package/apache: security bump version to 2.4.34
Fixes:
  *) SECURITY: CVE-2018-8011 (cve.mitre.org)
     mod_md: DoS via Coredumps on specially crafted requests

  *) SECURITY: CVE-2018-1333 (cve.mitre.org)
     mod_http2: DoS for HTTP/2 connections by specially crafted requests

Changelog: http://www.apache.org/dist/httpd/CHANGES_2.4.34

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8ef1aaa084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-09 22:58:37 +02:00
328 changed files with 5174 additions and 3495 deletions
+1
View File
@@ -237,6 +237,7 @@ zynq_zybo_defconfig: *defconfig
tests.boot.test_atf.TestATFAllwinner: *runtime_test
tests.boot.test_atf.TestATFMarvell: *runtime_test
tests.boot.test_atf.TestATFVexpress: *runtime_test
tests.core.test_file_capabilities.TestFileCapabilities: *runtime_test
tests.core.test_post_scripts.TestPostScripts: *runtime_test
tests.core.test_rootfs_overlay.TestRootfsOverlay: *runtime_test
tests.core.test_timezone.TestGlibcAllTimezone: *runtime_test
+79
View File
@@ -1,3 +1,82 @@
2018.02.7, Released October 25th, 2018
Important / security related fixes.
Detect and reject build paths containing '@', as this confuses
a number of packages, including GCC.
utils/get-developers: Add -e option for use with git
send-email.
utils/diffconfig: Make it work for (non-Buildroot) config
files not using the BR2_ prefix.
u-boot: Fix for environment image handling on big endian
systems.
Updated/fixed packages: binutils, ca-certificates,
cups-filters, erlang, libarchive, libcurl, libssh, live555,
ljlinenoise, file, freetype, gcc, git, gvfs, leveldb, mariadb,
mongoose, netsnmp, nmap, nodejs, ntp, open-plc-utils, poco,
psmisc, qptpd2, python-enum34, qemu, qt, qt5base, spice,
spice-protocols, setools, tinc, ustr, wireshark
Issues resolved (http://bugs.uclibc.org):
#11396: uboot environment image checksum invalid if target is big endian
2018.02.6, Released October 7th, 2018
Important / security related fixes.
Add a number of patches to fix build errors for host utilities
on modern distributions using glibc-2.28.
mkusers: Ensure existing group members are preserved when a
group is reprocessed.
printvars: Fix issue with exceeding shell command line length
limits for certain setups.
Updated/fixes packages: acpid, android-tools, apache,
arp-scan, bandwidthd, bind, bison, clamav, connman, cppcms,
cramfs, fio, gcc, ghostscript, glibc, gnupg, httping,
igmpproxy, imagemagick, imlib2, ipsec-tools, lcms2, libcurl,
libesmtp, libnfs, libssh, libxslt, links, linuxptp,
mediastreamer, minicom, moarvm, nilfs-utils, ocrad, parted,
php, pv, python-django, qt, qt5quickcontrols, qt5webengine,
screen, sdl2, shairport-sync, squashfs, strongswan,
vboot-utils, webkitgtk, wireguard, x265, xen, xlib_libXfont,
xlib_libXft
New packages: brotli, woff2
2018.02.5, Released August 29th, 2018
Important / security related fixes.
Defconfigs: Raspberrypi2: Bump rootfs size, T7680: Fix
genimage.cfg issue, ARM Juno: Bump ATF to v1.3 to fix build
issue.
Updated/fixed packages: acl, apache, attr, bind,
boot-wrapper-aarch64, brltty, bzip2, chrony, crda, cryptsetup,
dahdi-tools, dmidecode, dropbear, eigen, erlang, ffmpeg, gawk,
gcc, ghostscript, gnutls, ipsec-tools, libarchive, libfuse,
libopenssl, libselinux, libsoup, lighttpd, linuxptp,
lttng-modules, lttng-tools, lua-flu, lvm2, m4, makedevs,
mariadb, mbedtls, mesa3d-headers, mtd, ncurses, nodejs,
openssh, php, postgresql, python-django, qt5xmlpatterns, ruby,
samba4, shairport-sync, stress-ng, ti-utils, uboot-tools, vim,
waylandpp, wireless_tools, wireshark, wpa_supplicant, xorriso,
znc
Issues resolved (http://bugs.uclibc.org):
#10781: cryptsetup luksOpen container_file container causes..
#10986: Installing package attr when already supplied by..
#11191: xattr and check-package issue
2018.02.4, Released July 21th, 2018
Important / security related fixes.
+3
View File
@@ -67,6 +67,9 @@ config BR2_HOST_GCC_AT_LEAST_8
default y if BR2_HOST_GCC_VERSION = "8"
select BR2_HOST_GCC_AT_LEAST_7
# When adding new entries above, be sure to update
# the HOSTCC_MAX_VERSION variable in the Makefile.
# Hidden boolean selected by packages in need of Java in order to build
# (example: kodi)
config BR2_NEEDS_HOST_JAVA
+2
View File
@@ -60,8 +60,10 @@ F: package/setools/
F: package/sngrep/
N: Adrian Perez de Castro <aperez@igalia.com>
F: package/brotli/
F: package/libepoxy/
F: package/webkitgtk/
F: package/woff2/
N: Adrien Gallouët <adrien@gallouet.fr>
F: package/glorytun/
+19 -7
View File
@@ -60,6 +60,11 @@ override O := $(patsubst %/,%,$(patsubst %.,%,$(O)))
# avoid empty CANONICAL_O in case on non-existing entry.
CANONICAL_O := $(shell mkdir -p $(O) >/dev/null 2>&1)$(realpath $(O))
# gcc fails to build when the srcdir contains a '@'
ifneq ($(findstring @,$(CANONICAL_O)),)
$(error The build directory can not contain a '@')
endif
CANONICAL_CURDIR = $(realpath $(CURDIR))
REQ_UMASK = 0022
@@ -87,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2018.02.4
export BR2_VERSION := 2018.02.7
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1532126000
BR2_VERSION_EPOCH = 1540493000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -355,8 +360,14 @@ export HOSTARCH := $(shell LC_ALL=C $(HOSTCC_NOCCACHE) -v 2>&1 | \
-e 's/macppc/powerpc/' \
-e 's/sh.*/sh/' )
HOSTCC_VERSION := $(shell $(HOSTCC_NOCCACHE) --version | \
sed -n -r 's/^.* ([0-9]*)\.([0-9]*)\.([0-9]*)[ ]*.*/\1 \2/p')
# When adding a new host gcc version in Config.in,
# update the HOSTCC_MAX_VERSION variable:
HOSTCC_MAX_VERSION := 8
HOSTCC_VERSION := $(shell V=$$($(HOSTCC_NOCCACHE) --version | \
sed -n -r 's/^.* ([0-9]*)\.([0-9]*)\.([0-9]*)[ ]*.*/\1 \2/p'); \
[ "$${V%% *}" -le $(HOSTCC_MAX_VERSION) ] || V=$(HOSTCC_MAX_VERSION); \
printf "%s" "$${V}")
# For gcc >= 5.x, we only need the major version.
ifneq ($(firstword $(HOSTCC_VERSION)),4)
@@ -976,7 +987,8 @@ $(BUILD_DIR)/.br2-external.in: $(BUILD_DIR)
# displayed.
.PHONY: printvars
printvars:
@:$(foreach V, \
@:
$(foreach V, \
$(sort $(if $(VARS),$(filter $(VARS),$(.VARIABLES)),$(.VARIABLES))), \
$(if $(filter-out environment% default automatic, \
$(origin $V)), \
@@ -1019,8 +1031,8 @@ help:
@echo ' silentoldconfig - Same as oldconfig, but quietly, additionally update deps'
@echo ' olddefconfig - Same as silentoldconfig but sets new symbols to their default value'
@echo ' randconfig - New config with random answer to all options'
@echo ' defconfig - New config with default answer to all options'
@echo ' BR2_DEFCONFIG, if set, is used as input'
@echo ' defconfig - New config with default answer to all options;'
@echo ' BR2_DEFCONFIG, if set on the command line, is used as input'
@echo ' savedefconfig - Save current config to BR2_DEFCONFIG (minimal config)'
@echo ' allyesconfig - New config where all options are accepted with yes'
@echo ' allnoconfig - New config where all options are answered with no'
+1 -1
View File
@@ -3,7 +3,7 @@ image sdcard.img {
}
partition unused {
size = 512B
size = 512
}
partition rootfs {
+2
View File
@@ -8,6 +8,8 @@ config BR2_TARGET_AT91BOOTSTRAP3
- Peripheral drivers such as PIO, PMC or SDRAMC...
- Physical media algorithm such as DataFlash, NandFlash, NOR Flash...
https://www.at91.com/linux4sam/bin/view/Linux4SAM/AT91Bootstrap
if BR2_TARGET_AT91BOOTSTRAP3
choice
@@ -6,7 +6,7 @@
BOOT_WRAPPER_AARCH64_VERSION = 4266507a84f8c06452109d38e0350d4759740694
BOOT_WRAPPER_AARCH64_SITE = git://git.kernel.org/pub/scm/linux/kernel/git/mark/boot-wrapper-aarch64.git
BOOT_WRAPPER_AARCH64_LICENSE = BSD3c
BOOT_WRAPPER_AARCH64_LICENSE = BSD-3-Clause
BOOT_WRAPPER_AARCH64_LICENSE_FILES = LICENSE.txt
BOOT_WRAPPER_AARCH64_DEPENDENCIES = linux
BOOT_WRAPPER_AARCH64_INSTALL_IMAGES = YES
+1 -1
View File
@@ -262,7 +262,7 @@ define UBOOT_GENERATE_ENV_IMAGE
>$(@D)/buildroot-env.txt
$(HOST_DIR)/bin/mkenvimage -s $(BR2_TARGET_UBOOT_ENVIMAGE_SIZE) \
$(if $(BR2_TARGET_UBOOT_ENVIMAGE_REDUNDANT),-r) \
$(if $(filter BIG,$(BR2_ENDIAN)),-b) \
$(if $(filter "BIG",$(BR2_ENDIAN)),-b) \
-o $(BINARIES_DIR)/uboot-env.bin \
$(@D)/buildroot-env.txt
endef
+2
View File
@@ -4,3 +4,5 @@ config BR2_TARGET_VEXPRESS_FIRMWARE
help
Versatile Express firmware from ARM, with Linaro mods last
change.
https://git.linaro.org/arm/vexpress-firmware.git
+2
View File
@@ -5,6 +5,8 @@ config BR2_TARGET_XLOADER
The x-loader bootloader. It is mainly used on OMAP-based
platforms.
http://omappedia.org/wiki/Linux_OMAP_Kernel_Main
if BR2_TARGET_XLOADER
config BR2_TARGET_XLOADER_BOARDNAME
string "x-loader board name"
+1 -1
View File
@@ -12,7 +12,7 @@ BR2_LINUX_KERNEL_INTREE_DTS_NAME="arm/juno arm/juno-r1 arm/juno-r2"
BR2_TARGET_ARM_TRUSTED_FIRMWARE=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_GIT=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_URL="https://github.com/ARM-software/arm-trusted-firmware.git"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.2"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION="v1.3"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="juno"
BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y
BR2_TARGET_ARM_TRUSTED_FIRMWARE_UBOOT_AS_BL33=y
+1
View File
@@ -31,6 +31,7 @@ BR2_PACKAGE_HOST_MTOOLS=y
# Filesystem / image
BR2_TARGET_ROOTFS_EXT2=y
BR2_TARGET_ROOTFS_EXT2_4=y
BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
# BR2_TARGET_ROOTFS_TAR is not set
BR2_ROOTFS_POST_BUILD_SCRIPT="board/raspberrypi2/post-build.sh"
BR2_ROOTFS_POST_IMAGE_SCRIPT="board/raspberrypi2/post-image.sh"
+15 -2
View File
@@ -198,11 +198,24 @@ information is (assuming the package name is +libfoo+) :
package. Note that if +HOST_LIBFOO_VERSION+ doesn't exist, it is
assumed to be the same as +LIBFOO_VERSION+. It can also be a
revision number or a tag for packages that are fetched directly
from their version control system. Do not use a branch name as
version; it does not work. Examples:
from their version control system. Examples:
** a version for a release tarball: +LIBFOO_VERSION = 0.1.2+
** a sha1 for a git tree: +LIBFOO_VERSION = cb9d6aa9429e838f0e54faa3d455bcbab5eef057+
** a tag for a git tree +LIBFOO_VERSION = v0.1.2+
+
.Note:
Using a branch name as +FOO_VERSION+ is not supported, because it does
not and can not work as people would expect it should:
+
1. due to local caching, Buildroot will not re-fetch the repository,
so people who expect to be able to follow the remote repository
would be quite surprised and disappointed;
2. because two builds can never be perfectly simultaneous, and because
the remote repository may get new commits on the branch anytime,
two users, using the same Buildroot tree and building the same
configuration, may get different source, thus rendering the build
non reproducible, and people would be quite surprised and
disappointed.
* +LIBFOO_SOURCE+ may contain the name of the tarball of the package,
which Buildroot will use to download the tarball from
+2 -2
View File
@@ -23,8 +23,8 @@ between distributions).
** +make+ (version 3.81 or any later)
** +binutils+
** +build-essential+ (only for Debian based systems)
** +gcc+ (version 2.95 or any later)
** `g++` (version 2.95 or any later)
** +gcc+ (version 4.4 or any later)
** `g++` (version 4.4 or any later)
** +bash+
** +patch+
** +gzip+
+2 -2
View File
@@ -33,7 +33,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
bool "Latest version (4.15)"
config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
bool "Latest CIP SLTS version (v4.4.130-cip23)"
bool "Latest CIP SLTS version (v4.4.138-cip25)"
help
CIP launched in the spring of 2016 to address the needs of
organizations in industries such as power generation and
@@ -121,7 +121,7 @@ endif
config BR2_LINUX_KERNEL_VERSION
string
default "4.15.16" if BR2_LINUX_KERNEL_LATEST_VERSION
default "v4.4.130-cip23" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
default "v4.4.138-cip25" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
if BR2_LINUX_KERNEL_CUSTOM_VERSION
default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL
+2
View File
@@ -63,6 +63,7 @@ menu "Audio and video applications"
endmenu
menu "Compressors and decompressors"
source "package/brotli/Config.in"
source "package/bzip2/Config.in"
source "package/gzip/Config.in"
source "package/lz4/Config.in"
@@ -1170,6 +1171,7 @@ menu "Graphics"
source "package/waylandpp/Config.in"
source "package/webkitgtk/Config.in"
source "package/webp/Config.in"
source "package/woff2/Config.in"
source "package/zbar/Config.in"
source "package/zxing-cpp/Config.in"
endmenu
@@ -0,0 +1,32 @@
From a42519dceef0493ece45538375ae1791313f16d3 Mon Sep 17 00:00:00 2001
From: Hollis Blanchard <hollis_blanchard@mentor.com>
Date: Mon, 30 Jul 2018 14:29:46 -0700
Subject: [PATCH] Remove pragmas inside functions
GCC 4.4.7, as found in RHEL6, reports:
libacl/acl_from_text.c:307: error: #pragma GCC diagnostic not allowed inside functions
Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
---
libacl/acl_from_text.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
index 09790c9..fb6bc07 100644
--- a/libacl/acl_from_text.c
+++ b/libacl/acl_from_text.c
@@ -304,11 +304,8 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
create_entry:
if (acl_create_entry(acl_p, &entry_d) != 0)
return -1;
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Waddress"
if (acl_copy_entry(entry_d, int2ext(&entry_obj)) != 0)
return -1;
-#pragma GCC diagnostic pop
return 0;
fail:
--
2.13.0
@@ -1,29 +0,0 @@
Support installation of .a file when doing static linking
When doing static linking (i.e ENABLE_SHARED != yes), the acl build
logic wasn't installing any library at all, not even the .a file which
is needed for static linking. This patch fixes that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Index: b/include/buildmacros
===================================================================
--- a/include/buildmacros
+++ b/include/buildmacros
@@ -97,7 +97,15 @@
INSTALL_LTLIB_STATIC = \
cd $(TOPDIR)/$(LIBNAME)/.libs; \
- ../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
+ ../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
+ ../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
+ ../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
+ ../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
+ ../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
+ if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
+ ../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
+ ../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
+ fi
INSTALL_MAN = \
@for d in $(MAN_PAGES); do \
@@ -1,292 +0,0 @@
From debbe4f7b591b3f35d0ed65c17fa81b196b2eb2d Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Tue, 12 Aug 2014 08:37:25 -0400
Subject: [PATCH] add __acl_ prefixes to internal symbols
When static linking libacl, people sometimes run into symbol collisions
because their own code defines symbols like "quote". So for acl internal
symbols, use an __acl_ prefix.
[Rahul Bedarkar: backported from upstream
http://git.savannah.gnu.org/cgit/acl.git/commit/?id=a2c4d71c2e84419a49db503ed59de4d3d1dca7dd ]
Signed-off-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
---
exports | 12 ++----------
getfacl/getfacl.c | 4 ++--
include/misc.h | 8 ++++----
libacl/__acl_to_any_text.c | 4 ++--
libacl/acl_from_text.c | 4 ++--
libmisc/high_water_alloc.c | 2 +-
libmisc/next_line.c | 6 +++---
libmisc/quote.c | 4 ++--
libmisc/unquote.c | 2 +-
setfacl/parse.c | 10 +++++-----
setfacl/setfacl.c | 4 ++--
11 files changed, 26 insertions(+), 34 deletions(-)
diff --git a/exports b/exports
index 7d8e69e..bf15d84 100644
--- a/exports
+++ b/exports
@@ -59,22 +59,14 @@ ACL_1.0 {
acl_to_any_text;
local:
- # Library internal stuff
+ # Library internal stuff
__new_var_obj_p;
__new_obj_p_here;
__free_obj_p;
__check_obj_p;
__ext2int_and_check;
- __acl_reorder_entry_obj_p;
- __acl_reorder_obj_p;
- __acl_init_obj;
- __acl_create_entry_obj;
- __acl_free_acl_obj;
- __acl_to_any_text;
+ __acl_*;
__apply_mask_to_mode;
-
- quote;
- unquote;
};
ACL_1.1 {
diff --git a/getfacl/getfacl.c b/getfacl/getfacl.c
index f8eaf25..af9e225 100644
--- a/getfacl/getfacl.c
+++ b/getfacl/getfacl.c
@@ -90,7 +90,7 @@ int opt_numeric; /* don't convert id's to symbolic names */
static const char *xquote(const char *str, const char *quote_chars)
{
- const char *q = quote(str, quote_chars);
+ const char *q = __acl_quote(str, quote_chars);
if (q == NULL) {
fprintf(stderr, "%s: %s\n", progname, strerror(errno));
exit(1);
@@ -718,7 +718,7 @@ int main(int argc, char *argv[])
do {
if (optind == argc ||
strcmp(argv[optind], "-") == 0) {
- while ((line = next_line(stdin)) != NULL) {
+ while ((line = __acl_next_line(stdin)) != NULL) {
if (*line == '\0')
continue;
diff --git a/include/misc.h b/include/misc.h
index 0c5fdcc..c25accf 100644
--- a/include/misc.h
+++ b/include/misc.h
@@ -15,9 +15,9 @@
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-extern int high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
+extern int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize);
-extern const char *quote(const char *str, const char *quote_chars);
-extern char *unquote(char *str);
+extern const char *__acl_quote(const char *str, const char *quote_chars);
+extern char *__acl_unquote(char *str);
-extern char *next_line(FILE *file);
+extern char *__acl_next_line(FILE *file);
diff --git a/libacl/__acl_to_any_text.c b/libacl/__acl_to_any_text.c
index a4f9c34..19f1ccc 100644
--- a/libacl/__acl_to_any_text.c
+++ b/libacl/__acl_to_any_text.c
@@ -159,7 +159,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
if (options & TEXT_NUMERIC_IDS)
str = NULL;
else
- str = quote(user_name(
+ str = __acl_quote(user_name(
entry_obj_p->eid.qid), ":, \t\n\r");
if (str != NULL) {
strncpy(text_p, str, size);
@@ -182,7 +182,7 @@ acl_entry_to_any_str(const acl_entry_t entry_d, char *text_p, ssize_t size,
if (options & TEXT_NUMERIC_IDS)
str = NULL;
else
- str = quote(group_name(
+ str = __acl_quote(group_name(
entry_obj_p->eid.qid), ":, \t\n\r");
if (str != NULL) {
strncpy(text_p, str, size);
diff --git a/libacl/acl_from_text.c b/libacl/acl_from_text.c
index 1e05322..f6165be 100644
--- a/libacl/acl_from_text.c
+++ b/libacl/acl_from_text.c
@@ -206,7 +206,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
str = get_token(text_p);
if (str) {
entry_obj.etag = ACL_USER;
- error = get_uid(unquote(str),
+ error = get_uid(__acl_unquote(str),
&entry_obj.eid.qid);
free(str);
if (error) {
@@ -225,7 +225,7 @@ parse_acl_entry(const char **text_p, acl_t *acl_p)
str = get_token(text_p);
if (str) {
entry_obj.etag = ACL_GROUP;
- error = get_gid(unquote(str),
+ error = get_gid(__acl_unquote(str),
&entry_obj.eid.qid);
free(str);
if (error) {
diff --git a/libmisc/high_water_alloc.c b/libmisc/high_water_alloc.c
index c127dc1..951f4bb 100644
--- a/libmisc/high_water_alloc.c
+++ b/libmisc/high_water_alloc.c
@@ -21,7 +21,7 @@
#include <stdlib.h>
#include "misc.h"
-int high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
+int __acl_high_water_alloc(void **buf, size_t *bufsize, size_t newsize)
{
#define CHUNK_SIZE 256
/*
diff --git a/libmisc/next_line.c b/libmisc/next_line.c
index 0566d7a..126a364 100644
--- a/libmisc/next_line.c
+++ b/libmisc/next_line.c
@@ -23,7 +23,7 @@
#define LINE_SIZE getpagesize()
-char *next_line(FILE *file)
+char *__acl_next_line(FILE *file)
{
static char *line;
static size_t line_size;
@@ -31,7 +31,7 @@ char *next_line(FILE *file)
int eol = 0;
if (!line) {
- if (high_water_alloc((void **)&line, &line_size, LINE_SIZE))
+ if (__acl_high_water_alloc((void **)&line, &line_size, LINE_SIZE))
return NULL;
}
c = line;
@@ -47,7 +47,7 @@ char *next_line(FILE *file)
if (feof(file))
break;
if (!eol) {
- if (high_water_alloc((void **)&line, &line_size,
+ if (__acl_high_water_alloc((void **)&line, &line_size,
2 * line_size))
return NULL;
c = strrchr(line, '\0');
diff --git a/libmisc/quote.c b/libmisc/quote.c
index bf8f9eb..a28800c 100644
--- a/libmisc/quote.c
+++ b/libmisc/quote.c
@@ -23,7 +23,7 @@
#include <string.h>
#include "misc.h"
-const char *quote(const char *str, const char *quote_chars)
+const char *__acl_quote(const char *str, const char *quote_chars)
{
static char *quoted_str;
static size_t quoted_str_len;
@@ -40,7 +40,7 @@ const char *quote(const char *str, const char *quote_chars)
if (nonpr == 0)
return str;
- if (high_water_alloc((void **)&quoted_str, &quoted_str_len,
+ if (__acl_high_water_alloc((void **)&quoted_str, &quoted_str_len,
(s - (unsigned char *)str) + nonpr * 3 + 1))
return NULL;
for (s = (unsigned char *)str, q = quoted_str; *s != '\0'; s++) {
diff --git a/libmisc/unquote.c b/libmisc/unquote.c
index bffebf9..4f4ce7c 100644
--- a/libmisc/unquote.c
+++ b/libmisc/unquote.c
@@ -22,7 +22,7 @@
#include <ctype.h>
#include "misc.h"
-char *unquote(char *str)
+char *__acl_unquote(char *str)
{
unsigned char *s, *t;
diff --git a/setfacl/parse.c b/setfacl/parse.c
index e7e6add..7433459 100644
--- a/setfacl/parse.c
+++ b/setfacl/parse.c
@@ -226,7 +226,7 @@ user_entry:
str = get_token(text_p);
if (str) {
cmd->c_tag = ACL_USER;
- error = get_uid(unquote(str), &cmd->c_id);
+ error = get_uid(__acl_unquote(str), &cmd->c_id);
free(str);
if (error) {
*text_p = backup;
@@ -245,7 +245,7 @@ user_entry:
str = get_token(text_p);
if (str) {
cmd->c_tag = ACL_GROUP;
- error = get_gid(unquote(str), &cmd->c_id);
+ error = get_gid(__acl_unquote(str), &cmd->c_id);
free(str);
if (error) {
*text_p = backup;
@@ -466,7 +466,7 @@ read_acl_comments(
if (strncmp(cp, "file:", 5) == 0) {
cp += 5;
SKIP_WS(cp);
- cp = unquote(cp);
+ cp = __acl_unquote(cp);
if (path_p) {
if (*path_p)
@@ -483,7 +483,7 @@ read_acl_comments(
if (uid_p) {
if (*uid_p != ACL_UNDEFINED_ID)
goto fail;
- if (get_uid(unquote(cp), uid_p) != 0)
+ if (get_uid(__acl_unquote(cp), uid_p) != 0)
continue;
}
} else if (strncmp(cp, "group:", 6) == 0) {
@@ -493,7 +493,7 @@ read_acl_comments(
if (gid_p) {
if (*gid_p != ACL_UNDEFINED_ID)
goto fail;
- if (get_gid(unquote(cp), gid_p) != 0)
+ if (get_gid(__acl_unquote(cp), gid_p) != 0)
continue;
}
} else if (strncmp(cp, "flags:", 6) == 0) {
diff --git a/setfacl/setfacl.c b/setfacl/setfacl.c
index 81062a6..fb2d172 100644
--- a/setfacl/setfacl.c
+++ b/setfacl/setfacl.c
@@ -92,7 +92,7 @@ int promote_warning;
static const char *xquote(const char *str, const char *quote_chars)
{
- const char *q = quote(str, quote_chars);
+ const char *q = __acl_quote(str, quote_chars);
if (q == NULL) {
fprintf(stderr, "%s: %s\n", progname, strerror(errno));
exit(1);
@@ -311,7 +311,7 @@ int next_file(const char *arg, seq_t seq)
args.seq = seq;
if (strcmp(arg, "-") == 0) {
- while ((line = next_line(stdin)))
+ while ((line = __acl_next_line(stdin)))
errors = walk_tree(line, walk_flags, 0, do_set, &args);
if (!feof(stdin)) {
fprintf(stderr, _("%s: Standard input: %s\n"),
--
2.6.2
@@ -1,67 +0,0 @@
From d3bd7b29b79147b4155e78a8ea06ded98b91f92a Mon Sep 17 00:00:00 2001
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
Date: Tue, 8 May 2018 15:23:57 +0200
Subject: [PATCH] all: use install(1) to install executables
When the destination file already exists, the current install script
will overwrite it with the new executable.
However, when the existing executable is a symlink or hardlink to
something else, like busybox, this effectively overwrites that something
with the new executable, and thus replaces busybox and all its applets
with the code for either of the three commands.
We fix that by simply calling install(1). install(1) is sufficiently
widespread that we don't bother checking for it, as tis is just a
workaround while waiting for the version bump that will eventually fix
it for good.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
chacl/Makefile | 4 ++--
getfacl/Makefile | 4 ++--
setfacl/Makefile | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/chacl/Makefile b/chacl/Makefile
index 33858d6..c857329 100644
--- a/chacl/Makefile
+++ b/chacl/Makefile
@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
diff --git a/getfacl/Makefile b/getfacl/Makefile
index 7fbafda..8ac63e0 100644
--- a/getfacl/Makefile
+++ b/getfacl/Makefile
@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
diff --git a/setfacl/Makefile b/setfacl/Makefile
index c44e7c0..eea2ede 100644
--- a/setfacl/Makefile
+++ b/setfacl/Makefile
@@ -31,6 +31,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
--
2.14.1
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
sha256 179074bb0580c06c4b4137be4c5a92a701583277967acdb5546043c7874e0d23 acl-2.2.52.src.tar.gz
sha256 06be9865c6f418d851ff4494e12406568353b891ffe1f596b34693c387af26c7 acl-2.2.53.tar.gz
+7 -43
View File
@@ -4,54 +4,18 @@
#
################################################################################
ACL_VERSION = 2.2.52
ACL_SOURCE = acl-$(ACL_VERSION).src.tar.gz
ACL_VERSION = 2.2.53
ACL_SITE = http://download.savannah.gnu.org/releases/acl
ACL_INSTALL_STAGING = YES
ACL_DEPENDENCIES = attr
ACL_CONF_OPTS = --enable-gettext=no
ACL_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
ACL_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
# While the configuration system uses autoconf, the Makefiles are
# hand-written and do not use automake. Therefore, we have to hack
# around their deficiencies by:
# - explicitly passing CFLAGS (LDFLAGS are passed on from configure,
# CFLAGS are not).
# - explicitly passing the installation prefix, not using DESTDIR.
ACL_MAKE_ENV = CFLAGS="$(TARGET_CFLAGS)"
ACL_INSTALL_STAGING_OPTS = \
prefix=$(STAGING_DIR)/usr \
exec_prefix=$(STAGING_DIR)/usr \
PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
install-dev install-lib
ACL_INSTALL_TARGET_OPTS = \
prefix=$(TARGET_DIR)/usr \
exec_prefix=$(TARGET_DIR)/usr \
install install-lib
# The libdir variable in libacl.la is empty, so let's fix it. This is
# probably due to acl not using automake, and not doing fully the
# right thing with libtool.
define ACL_FIX_LIBTOOL_LA_LIBDIR
$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
$(STAGING_DIR)/usr/lib/libacl.la
endef
ACL_POST_INSTALL_STAGING_HOOKS += ACL_FIX_LIBTOOL_LA_LIBDIR
ACL_DEPENDENCIES = attr
HOST_ACL_DEPENDENCIES = host-attr
HOST_ACL_CONF_OPTS = --enable-gettext=no
HOST_ACL_MAKE_ENV = CFLAGS="$(HOST_CFLAGS)"
HOST_ACL_INSTALL_OPTS = \
prefix=$(HOST_DIR) \
exec_prefix=$(HOST_DIR) \
PKG_DEVLIB_DIR=$(HOST_DIR)/lib \
install-dev install-lib
# For the host, libacl.la is correct, no fixup needed.
ACL_INSTALL_STAGING = YES
ACL_CONF_OPTS = --disable-nls
HOST_ACL_CONF_OPTS = --disable-nls
$(eval $(autotools-package))
$(eval $(host-autotools-package))
+7 -1
View File
@@ -15,9 +15,15 @@ define ACPID_INSTALL_INIT_SYSV
$(TARGET_DIR)/etc/init.d/S02acpid
endef
ifeq ($(BR2_INIT_SYSV)$(BR2_INIT_SYSTEMD),y)
ACPID_POWEROFF_CMD = /sbin/shutdown -hP now
else
ACPID_POWEROFF_CMD = /sbin/poweroff
endif
define ACPID_SET_EVENTS
mkdir -p $(TARGET_DIR)/etc/acpi/events
printf "event=button[ /]power\naction=/sbin/poweroff\n" \
printf 'event=button[ /]power\naction=%s\n' '$(ACPID_POWEROFF_CMD)' \
>$(TARGET_DIR)/etc/acpi/events/powerbtn
endef
@@ -0,0 +1,42 @@
usb_linux.c: fix minor()/major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major()/minor() are used.
This commit adds a patch to directly include <sys/sysmacros.h> into
all usb_linux.c files where minor() and major() macros are used.
diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c
--- host-android-tools-4.2.2+git20130218.orig/core/adb/usb_linux.c 2013-02-18 15:49:03.000000000 +0100
+++ host-android-tools-4.2.2+git20130218/core/adb/usb_linux.c 2018-09-09 11:47:16.476292546 +0200
@@ -20,6 +20,7 @@
#include <string.h>
#include <sys/ioctl.h>
+#include <sys/sysmacros.h>
#include <sys/types.h>
#include <sys/time.h>
#include <dirent.h>
diff -urpN host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c
--- host-android-tools-4.2.2+git20130218.orig/core/adbd/usb_linux.c 2018-09-09 02:32:57.154503866 +0200
+++ host-android-tools-4.2.2+git20130218/core/adbd/usb_linux.c 2018-09-09 11:47:28.148353880 +0200
@@ -20,6 +20,7 @@
#include <string.h>
#include <sys/ioctl.h>
+#include <sys/sysmacros.h>
#include <sys/types.h>
#include <sys/time.h>
#include <dirent.h>
diff -urpN host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c
--- host-android-tools-4.2.2+git20130218.orig/core/fastboot/usb_linux.c 2013-02-18 15:49:03.000000000 +0100
+++ host-android-tools-4.2.2+git20130218/core/fastboot/usb_linux.c 2018-09-09 11:46:53.028169154 +0200
@@ -33,6 +33,7 @@
#include <sys/ioctl.h>
#include <sys/stat.h>
+#include <sys/sysmacros.h>
#include <sys/types.h>
#include <dirent.h>
#include <fcntl.h>
+2
View File
@@ -15,6 +15,8 @@ config BR2_PACKAGE_ANDROID_TOOLS
can be used to interact with target devices using of these
protocols.
https://wiki.debian.org/AndroidTools#Original_android-tools_package
if BR2_PACKAGE_ANDROID_TOOLS
# We need kernel headers that support the __SANE_USERSPACE_TYPES__
+3 -2
View File
@@ -1,3 +1,4 @@
# From http://archive.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.sha256
sha256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 httpd-2.4.33.tar.bz2
# From http://archive.apache.org/dist/httpd/httpd-2.4.35.tar.bz2.sha256
sha256 2607c6fdd4d12ac3f583127629291e9432b247b782396a563bec5678aae69b56 httpd-2.4.35.tar.bz2
# Locally computed
sha256 c49c0819a726b70142621715dae3159c47b0349c2bc9db079070f28dadac0229 LICENSE
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
APACHE_VERSION = 2.4.33
APACHE_VERSION = 2.4.35
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd
APACHE_LICENSE = Apache-2.0
+1 -1
View File
@@ -7,4 +7,4 @@ config BR2_PACKAGE_ARP_SCAN
arp-scan is a command-line tool that uses the ARP protocol to
discover and fingerprint IP hosts on the local network.
http://www.nta-monitor.com/wiki/index.php/Arp-scan_Documentation
https://github.com/royhills/arp-scan
@@ -0,0 +1,87 @@
From 3ac428794ea0f95c854166c9c0cffb0267c5e98b Mon Sep 17 00:00:00 2001
From: Hollis Blanchard <hollis_blanchard@mentor.com>
Date: Mon, 30 Jul 2018 14:17:21 -0700
Subject: [PATCH] Remove messages in "deprecated" gcc attributes
GCC versions up through 4.4.7 (which is used in RHEL 6) do not accept
any argument for the deprecated attribute. GCC 4.5 and later say the
"msg" argument is optional. We don't need the messages during
Buildroot builds anyways.
Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
---
include/attributes.h | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/include/attributes.h b/include/attributes.h
index 14beb8f..23c39c8 100644
--- a/include/attributes.h
+++ b/include/attributes.h
@@ -127,10 +127,10 @@ typedef struct attr_multiop {
*/
EXPORT int attr_get (const char *__path, const char *__attrname,
char *__attrvalue, int *__valuelength, int __flags)
- __attribute__ ((deprecated ("Use getxattr or lgetxattr instead")));
+ __attribute__ ((deprecated));
EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
int *__valuelength, int __flags)
- __attribute__ ((deprecated ("Use fgetxattr instead")));
+ __attribute__ ((deprecated));
/*
* Set the value of an attribute, creating the attribute if necessary.
@@ -139,11 +139,11 @@ EXPORT int attr_getf (int __fd, const char *__attrname, char *__attrvalue,
EXPORT int attr_set (const char *__path, const char *__attrname,
const char *__attrvalue, const int __valuelength,
int __flags)
- __attribute__ ((deprecated ("Use setxattr or lsetxattr instead")));
+ __attribute__ ((deprecated));
EXPORT int attr_setf (int __fd, const char *__attrname,
const char *__attrvalue, const int __valuelength,
int __flags)
- __attribute__ ((deprecated ("Use fsetxattr instead")));
+ __attribute__ ((deprecated));
/*
* Remove an attribute.
@@ -151,9 +151,9 @@ EXPORT int attr_setf (int __fd, const char *__attrname,
*/
EXPORT int attr_remove (const char *__path, const char *__attrname,
int __flags)
- __attribute__ ((deprecated ("Use removexattr or lremovexattr instead")));
+ __attribute__ ((deprecated));
EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
- __attribute__ ((deprecated ("Use fremovexattr instead")));
+ __attribute__ ((deprecated));
/*
* List the names and sizes of the values of all the attributes of an object.
@@ -164,10 +164,10 @@ EXPORT int attr_removef (int __fd, const char *__attrname, int __flags)
*/
EXPORT int attr_list(const char *__path, char *__buffer, const int __buffersize,
int __flags, attrlist_cursor_t *__cursor)
- __attribute__ ((deprecated ("Use listxattr or llistxattr instead")));
+ __attribute__ ((deprecated));
EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
int __flags, attrlist_cursor_t *__cursor)
- __attribute__ ((deprecated ("Use flistxattr instead")));
+ __attribute__ ((deprecated));
/*
* Operate on multiple attributes of the same object simultaneously.
@@ -188,10 +188,10 @@ EXPORT int attr_listf(int __fd, char *__buffer, const int __buffersize,
*/
EXPORT int attr_multi (const char *__path, attr_multiop_t *__oplist,
int __count, int __flags)
- __attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
+ __attribute__ ((deprecated));
EXPORT int attr_multif (int __fd, attr_multiop_t *__oplist,
int __count, int __flags)
- __attribute__ ((deprecated ("Use getxattr, setxattr, listxattr, removexattr instead")));
+ __attribute__ ((deprecated));
#ifdef __cplusplus
}
--
2.13.0
@@ -1,29 +0,0 @@
Support installation of .a file when doing static linking
When doing static linking (i.e ENABLE_SHARED != yes), the attr build
logic wasn't installing any library at all, not even the .a file which
is needed for static linking. This patch fixes that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Index: b/include/buildmacros
===================================================================
--- a/include/buildmacros
+++ b/include/buildmacros
@@ -97,7 +97,15 @@
INSTALL_LTLIB_STATIC = \
cd $(TOPDIR)/$(LIBNAME)/.libs; \
- ../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR);
+ ../$(INSTALL) -m 755 -d $(PKG_DEVLIB_DIR); \
+ ../$(INSTALL) -m 644 -T old_lib $(LIBNAME).la $(PKG_DEVLIB_DIR); \
+ ../$(INSTALL) -m 644 $(LIBNAME).la $(PKG_DEVLIB_DIR)/$(LIBNAME).la ; \
+ ../$(INSTALL) -m 755 -d $(PKG_LIB_DIR); \
+ ../$(INSTALL) -T so_base $(LIBNAME).la $(PKG_LIB_DIR); \
+ if test "x$(PKG_DEVLIB_DIR)" != "x$(PKG_LIB_DIR)" ; then \
+ ../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).a $(PKG_LIB_DIR)/$(LIBNAME).a; \
+ ../$(INSTALL) -S $(PKG_DEVLIB_DIR)/$(LIBNAME).la $(PKG_LIB_DIR)/$(LIBNAME).la; \
+ fi
INSTALL_MAN = \
@for d in $(MAN_PAGES); do \
@@ -1,37 +0,0 @@
From 667137acaffb8d0cc62b47821a67a52ba0637d5c Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Fri, 10 Jan 2014 13:56:37 +0000
Subject: avoid glibc-specific DECLS defines
This matches what we do in all the other headers.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
diff --git a/include/xattr.h b/include/xattr.h
index 70a84be..070d7c5 100644
--- a/include/xattr.h
+++ b/include/xattr.h
@@ -30,8 +30,9 @@
#define XATTR_CREATE 0x1 /* set value, fail if attr already exists */
#define XATTR_REPLACE 0x2 /* set value, fail if attr does not exist */
-
-__BEGIN_DECLS
+#ifdef __cplusplus
+extern "C" {
+#endif
extern int setxattr (const char *__path, const char *__name,
const void *__value, size_t __size, int __flags) __THROW;
@@ -58,6 +59,8 @@ extern int removexattr (const char *__path, const char *__name) __THROW;
extern int lremovexattr (const char *__path, const char *__name) __THROW;
extern int fremovexattr (int __filedes, const char *__name) __THROW;
-__END_DECLS
+#ifdef __cplusplus
+}
+#endif
#endif /* __XATTR_H__ */
--
cgit v0.9.0.2
-37
View File
@@ -1,37 +0,0 @@
From 92247401984dd9a80d9d0c8c030692323f980678 Mon Sep 17 00:00:00 2001
From: Emmanuel Dreyfus <manu@netbsd.org>
Date: Mon, 30 Jun 2014 13:06:05 +0000
Subject: Portability fixes
- <features.h> is Linux specific
- Define __THROW for non glibc based systems
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
---
(limited to 'include/xattr.h')
diff --git a/include/xattr.h b/include/xattr.h
index 070d7c5..fd1f268 100644
--- a/include/xattr.h
+++ b/include/xattr.h
@@ -20,7 +20,18 @@
#ifndef __XATTR_H__
#define __XATTR_H__
+#if defined(linux)
#include <features.h>
+#endif
+
+/* Portability non glibc c++ build systems */
+#ifndef __THROW
+# if defined __cplusplus
+# define __THROW throw ()
+# else
+# define __THROW
+# endif
+#endif
#include <errno.h>
#ifndef ENOATTR
--
cgit v0.9.0.2
@@ -1,67 +0,0 @@
From 4187e60ab52cac3ed36036a354977310dab68dcb Mon Sep 17 00:00:00 2001
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
Date: Tue, 8 May 2018 15:16:10 +0200
Subject: [PATCH] all: use install(1) to install executables
When the destination file already exists, the current install script
will overwrite it with the new executable.
However, when the existing executable is a symlink or hardlink to
something else, like busybox, this effectively overwrites that something
with the new executable, and thus replaces busybox and all its applets
with the code for either of the three commands.
We fix that by simply calling install(1). install(1) is sufficiently
widespread that we don't bother checking for it, as this is just a
workaround while waiting for the version bump that will eventually fix
it for good.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
attr/Makefile | 4 ++--
getfattr/Makefile | 4 ++--
setfattr/Makefile | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/attr/Makefile b/attr/Makefile
index 1c467e8..326dd7e 100644
--- a/attr/Makefile
+++ b/attr/Makefile
@@ -29,6 +29,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
diff --git a/getfattr/Makefile b/getfattr/Makefile
index 91d3df2..f913172 100644
--- a/getfattr/Makefile
+++ b/getfattr/Makefile
@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
diff --git a/setfattr/Makefile b/setfattr/Makefile
index d55461b..26dc5d8 100644
--- a/setfattr/Makefile
+++ b/setfattr/Makefile
@@ -30,6 +30,6 @@ default: $(LTCOMMAND)
include $(BUILDRULES)
install: default
- $(INSTALL) -m 755 -d $(PKG_BIN_DIR)
- $(LTINSTALL) -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)
+ install -D -m 755 $(LTCOMMAND) $(PKG_BIN_DIR)/$(LTCOMMAND)
+
install-dev install-lib:
--
2.14.1
+1 -1
View File
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
sha256 25772f653ac5b2e3ceeb89df50e4688891e21f723c460636548971652af0a859 attr-2.4.47.src.tar.gz
sha256 5ead72b358ec709ed00bbf7a9eaef1654baad937c001c044fe8b74c57f5324e7 attr-2.4.48.tar.gz
+4 -32
View File
@@ -4,43 +4,15 @@
#
################################################################################
ATTR_VERSION = 2.4.47
ATTR_SOURCE = attr-$(ATTR_VERSION).src.tar.gz
ATTR_VERSION = 2.4.48
ATTR_SITE = http://download.savannah.gnu.org/releases/attr
ATTR_INSTALL_STAGING = YES
ATTR_CONF_OPTS = --enable-gettext=no
HOST_ATTR_CONF_OPTS = --enable-gettext=no
ATTR_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
ATTR_LICENSE_FILES = doc/COPYING doc/COPYING.LGPL
# While the configuration system uses autoconf, the Makefiles are
# hand-written and do not use automake. Therefore, we have to hack
# around their deficiencies by passing installation paths.
ATTR_INSTALL_STAGING_OPTS = \
prefix=$(STAGING_DIR)/usr \
exec_prefix=$(STAGING_DIR)/usr \
PKG_DEVLIB_DIR=$(STAGING_DIR)/usr/lib \
install-dev install-lib
ATTR_INSTALL_STAGING = YES
ATTR_INSTALL_TARGET_OPTS = \
prefix=$(TARGET_DIR)/usr \
exec_prefix=$(TARGET_DIR)/usr \
install install-lib
HOST_ATTR_INSTALL_OPTS = \
prefix=$(HOST_DIR) \
exec_prefix=$(HOST_DIR) \
install-dev install-lib
# The libdir variable in libattr.la is empty, so let's fix it. This is
# probably due to attr not using automake, and not doing fully the
# right thing with libtool.
define ATTR_FIX_LIBTOOL_LA_LIBDIR
$(SED) "s,libdir=.*,libdir='$(STAGING_DIR)'," \
$(STAGING_DIR)/usr/lib/libattr.la
endef
ATTR_POST_INSTALL_STAGING_HOOKS += ATTR_FIX_LIBTOOL_LA_LIBDIR
ATTR_CONF_OPTS = --disable-nls
HOST_ATTR_CONF_OPTS = --disable-nls
$(eval $(autotools-package))
$(eval $(host-autotools-package))
+4 -2
View File
@@ -25,8 +25,10 @@ config BR2_PACKAGE_BANDWIDTHD
available on github that works on making BandwidthD's build
process more compatible with buildroot's.
Upstream: http://bandwidthd.sourceforge.net/
Github fork: http://github.com/nroach44/bandwidthd
Upstream:
http://bandwidthd.sourceforge.net/
Github fork:
http://github.com/nroach44/bandwidthd
if BR2_PACKAGE_BANDWIDTHD
+2 -2
View File
@@ -1,4 +1,4 @@
# Verified from https://ftp.isc.org/isc/bind9/9.11.4/bind-9.11.4.tar.gz.asc
# Verified from https://ftp.isc.org/isc/bind9/9.11.4-P1/bind-9.11.4-P1.tar.gz.asc
# with key BE0E9748B718253A28BB89FFF1B11BF05CF02E57
sha256 595070b031f869f8939656b5a5d11b121211967f15f6afeafa895df745279617 bind-9.11.4.tar.gz
sha256 a85af7b629109d41285c7adeae1515daac638bbe4d5dc30d1f4b343dff09d811 bind-9.11.4-P2.tar.gz
sha256 336f3c40e37a1a13690efb4c63e20908faa4c40498cc02f3579fb67d3a1933a5 COPYRIGHT
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
BIND_VERSION = 9.11.4
BIND_VERSION = 9.11.4-P2
BIND_SITE = http://ftp.isc.org/isc/bind9/$(BIND_VERSION)
# bind does not support parallel builds.
BIND_MAKE = $(MAKE1)
@@ -1,22 +0,0 @@
bfd/ChangeLog
2016-08-23 Nick Clifton <address@hidden>
* elf32-arm.c (elf32_arm_count_additional_relocs): Return zero if
there is no arm data associated with the section.
[Thomas: taken from https://lists.gnu.org/archive/html/bug-binutils/2016-08/msg00165.html.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
diff --git a/bfd/elf32-arm.c b/bfd/elf32-arm.c
index 1eba21b..4478238 100644
--- a/bfd/elf32-arm.c
+++ b/bfd/elf32-arm.c
@@ -18688,7 +18688,7 @@ elf32_arm_count_additional_relocs (asection *sec)
{
struct _arm_elf_section_data *arm_data;
arm_data = get_arm_elf_section_data (sec);
- return arm_data->additional_reloc_count;
+ return arm_data == NULL ? 0 : arm_data->additional_reloc_count;
}
/* Called to set the sh_flags, sh_link and sh_info fields of OSECTION which
-46
View File
@@ -1,46 +0,0 @@
From 1ceee199e9a32034c6def7700fdbb26335ca76a3 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:38:13 +0100
Subject: [PATCH] sh-conf
Likewise, binutils has no idea about any of these new targets either, so we
fix that up too.. now we're able to actually build a real toolchain for
sh2a_nofpu- and other more ineptly named toolchains (and yes, there are more
inept targets than that one, really. Go look, I promise).
[Romain: rebase on top of 2.26]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
configure | 2 +-
configure.ac | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure b/configure
index 34b66f7..905bc7b 100755
--- a/configure
+++ b/configure
@@ -3939,7 +3939,7 @@ case "${target}" in
or1k*-*-*)
noconfigdirs="$noconfigdirs gdb"
;;
- sh-*-* | sh64-*-*)
+ sh*-*-* | sh64-*-*)
case "${target}" in
sh*-*-elf)
;;
diff --git a/configure.ac b/configure.ac
index 4977d97..1e69ee2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1276,7 +1276,7 @@ case "${target}" in
or1k*-*-*)
noconfigdirs="$noconfigdirs gdb"
;;
- sh-*-* | sh64-*-*)
+ sh*-*-* | sh64-*-*)
case "${target}" in
sh*-*-elf)
;;
--
2.4.3
@@ -1,33 +0,0 @@
From 78fb7e37eb8bb08ae537d6c487996ff17c810332 Mon Sep 17 00:00:00 2001
From: Trevor Saunders <tbsaunde+binutils@tbsaunde.org>
Date: Mon, 26 Sep 2016 12:42:11 -0400
Subject: [PATCH] tc-xtensa.c: fixup xg_reverse_shift_count typo
gas/ChangeLog:
2016-09-26 Trevor Saunders <tbsaunde+binutils@tbsaunde.org>
* config/tc-xtensa.c (xg_reverse_shift_count): Pass cnt_arg instead of
cnt_argp to concat.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
---
gas/config/tc-xtensa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gas/config/tc-xtensa.c b/gas/config/tc-xtensa.c
index d062044..ca261ae 100644
--- a/gas/config/tc-xtensa.c
+++ b/gas/config/tc-xtensa.c
@@ -2228,7 +2228,7 @@ xg_reverse_shift_count (char **cnt_argp)
cnt_arg = *cnt_argp;
/* replace the argument with "31-(argument)" */
- new_arg = concat ("31-(", cnt_argp, ")", (char *) NULL);
+ new_arg = concat ("31-(", cnt_arg, ")", (char *) NULL);
free (cnt_arg);
*cnt_argp = new_arg;
--
2.1.4
@@ -1,42 +0,0 @@
From 3c8788dbb70b40e737d4b8e30cab81406e5c5091 Mon Sep 17 00:00:00 2001
From: Max Filippov <jcmvbkbc@gmail.com>
Date: Wed, 2 Aug 2017 00:36:05 -0700
Subject: [PATCH] xtensa: fix memory corruption by broken sysregs
In some xtensa configurations there may be system/user registers in
xtensa-modules with negative index. ISA initialization for such config
may clobber heap and result in program termination.
Don't update lookup table entries for register with negative indices.
They are not directly accessible via RSR/WSR/XSR or RUR/WUR, so this
change should not affect processing of valid assembly/binary code.
bfd/
2017-08-02 Max Filippov <jcmvbkbc@gmail.com>
* xtensa-isa.c (xtensa_isa_init): Don't update lookup table
entries for sysregs with negative indices.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
---
Backported from: d84ed528d4817b0ff854006b65a9f6ec75f0407a
bfd/xtensa-isa.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/bfd/xtensa-isa.c b/bfd/xtensa-isa.c
index 8da75bea8109..8c6ee88fdeae 100644
--- a/bfd/xtensa-isa.c
+++ b/bfd/xtensa-isa.c
@@ -292,7 +292,8 @@ xtensa_isa_init (xtensa_isa_status *errno_p, char **error_msg_p)
xtensa_sysreg_internal *sreg = &isa->sysregs[n];
is_user = sreg->is_user;
- isa->sysreg_table[is_user][sreg->number] = n;
+ if (sreg->number >= 0)
+ isa->sysreg_table[is_user][sreg->number] = n;
}
/* Set up the interface lookup table. */
--
2.1.4
@@ -1,41 +0,0 @@
From d76a7549b43974fe8564971a3f40459bc495a8a7 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:40:53 +0100
Subject: [PATCH] ld-makefile
[Romain: rebase on top of 2.26]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
ld/Makefile.am | 2 +-
ld/Makefile.in | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/ld/Makefile.am b/ld/Makefile.am
index 0b3b049..3871c74 100644
--- a/ld/Makefile.am
+++ b/ld/Makefile.am
@@ -57,7 +57,7 @@ endif
# We put the scripts in the directory $(scriptdir)/ldscripts.
# We can't put the scripts in $(datadir) because the SEARCH_DIR
# directives need to be different for native and cross linkers.
-scriptdir = $(tooldir)/lib
+scriptdir = $(libdir)
EMUL = @EMUL@
EMULATION_OFILES = @EMULATION_OFILES@
diff --git a/ld/Makefile.in b/ld/Makefile.in
index ed98f87..530e4c9 100644
--- a/ld/Makefile.in
+++ b/ld/Makefile.in
@@ -413,7 +413,7 @@ AM_CFLAGS = $(WARN_CFLAGS) $(ELF_CLFAGS)
# We put the scripts in the directory $(scriptdir)/ldscripts.
# We can't put the scripts in $(datadir) because the SEARCH_DIR
# directives need to be different for native and cross linkers.
-scriptdir = $(tooldir)/lib
+scriptdir = $(libdir)
BASEDIR = $(srcdir)/..
BFDDIR = $(BASEDIR)/bfd
INCDIR = $(BASEDIR)/include
--
2.4.3
@@ -1,36 +0,0 @@
From ebe1cba46df52d7bf86def3d681271fd05fb453b Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:41:47 +0100
Subject: [PATCH] check-ldrunpath-length
[Romain: rebase on top of 2.26]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
ld/emultempl/elf32.em | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/ld/emultempl/elf32.em b/ld/emultempl/elf32.em
index 0405d4f..efd3300 100644
--- a/ld/emultempl/elf32.em
+++ b/ld/emultempl/elf32.em
@@ -1242,6 +1242,8 @@ fragment <<EOF
&& command_line.rpath == NULL)
{
lib_path = (const char *) getenv ("LD_RUN_PATH");
+ if ((lib_path) && (strlen (lib_path) == 0))
+ lib_path = NULL;
if (gld${EMULATION_NAME}_search_needed (lib_path, &n,
force))
break;
@@ -1523,6 +1525,8 @@ gld${EMULATION_NAME}_before_allocation (void)
rpath = command_line.rpath;
if (rpath == NULL)
rpath = (const char *) getenv ("LD_RUN_PATH");
+ if ((rpath) && (strlen (rpath) == 0))
+ rpath = NULL;
for (abfd = link_info.input_bfds; abfd; abfd = abfd->link.next)
if (bfd_get_flavour (abfd) == bfd_target_elf_flavour)
--
2.4.3
@@ -1,52 +0,0 @@
From 30628870e583375f8927c04398c7219c6e9f703c Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:42:48 +0100
Subject: [PATCH] add sysroot fix from bug #3049
Always try to prepend the sysroot prefix to absolute filenames first.
http://bugs.gentoo.org/275666
http://sourceware.org/bugzilla/show_bug.cgi?id=10340
Signed-off-by: Sven Rebhan <odinshorse@googlemail.com>
[Romain: rebase on top of 2.26]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
ld/ldfile.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/ld/ldfile.c b/ld/ldfile.c
index 96f9ecc..1439309 100644
--- a/ld/ldfile.c
+++ b/ld/ldfile.c
@@ -335,18 +335,25 @@ ldfile_open_file_search (const char *arch,
directory first. */
if (! entry->flags.maybe_archive)
{
- if (entry->flags.sysrooted && IS_ABSOLUTE_PATH (entry->filename))
+ /* For absolute pathnames, try to always open the file in the
+ sysroot first. If this fails, try to open the file at the
+ given location. */
+ entry->flags.sysrooted = is_sysrooted_pathname (entry->filename);
+ if (!entry->flags.sysrooted && IS_ABSOLUTE_PATH (entry->filename)
+ && ld_sysroot)
{
char *name = concat (ld_sysroot, entry->filename,
(const char *) NULL);
if (ldfile_try_open_bfd (name, entry))
{
entry->filename = name;
+ entry->flags.sysrooted = TRUE;
return TRUE;
}
free (name);
}
- else if (ldfile_try_open_bfd (entry->filename, entry))
+
+ if (ldfile_try_open_bfd (entry->filename, entry))
return TRUE;
if (IS_ABSOLUTE_PATH (entry->filename))
--
2.4.3
@@ -1,306 +0,0 @@
From be366461dd49e760440fb28eaee5164eb281adcc Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Fri, 25 Dec 2015 11:45:38 +0100
Subject: [PATCH] poison-system-directories
Patch adapted to binutils 2.23.2 and extended to use
BR_COMPILER_PARANOID_UNSAFE_PATH by Thomas Petazzoni.
[Romain: rebase on top of 2.26]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[Gustavo: adapt to binutils 2.25]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Upstream-Status: Inappropriate [distribution: codesourcery]
Patch originally created by Mark Hatle, forward-ported to
binutils 2.21 by Scott Garman.
purpose: warn for uses of system directories when cross linking
Code Merged from Sourcery G++ binutils 2.19 - 4.4-277
2008-07-02 Joseph Myers <joseph@codesourcery.com>
ld/
* ld.h (args_type): Add error_poison_system_directories.
* ld.texinfo (--error-poison-system-directories): Document.
* ldfile.c (ldfile_add_library_path): Check
command_line.error_poison_system_directories.
* ldmain.c (main): Initialize
command_line.error_poison_system_directories.
* lexsup.c (enum option_values): Add
OPTION_ERROR_POISON_SYSTEM_DIRECTORIES.
(ld_options): Add --error-poison-system-directories.
(parse_args): Handle new option.
2007-06-13 Joseph Myers <joseph@codesourcery.com>
ld/
* config.in: Regenerate.
* ld.h (args_type): Add poison_system_directories.
* ld.texinfo (--no-poison-system-directories): Document.
* ldfile.c (ldfile_add_library_path): Check
command_line.poison_system_directories.
* ldmain.c (main): Initialize
command_line.poison_system_directories.
* lexsup.c (enum option_values): Add
OPTION_NO_POISON_SYSTEM_DIRECTORIES.
(ld_options): Add --no-poison-system-directories.
(parse_args): Handle new option.
2007-04-20 Joseph Myers <joseph@codesourcery.com>
Merge from Sourcery G++ binutils 2.17:
2007-03-20 Joseph Myers <joseph@codesourcery.com>
Based on patch by Mark Hatle <mark.hatle@windriver.com>.
ld/
* configure.ac (--enable-poison-system-directories): New option.
* configure, config.in: Regenerate.
* ldfile.c (ldfile_add_library_path): If
ENABLE_POISON_SYSTEM_DIRECTORIES defined, warn for use of /lib,
/usr/lib, /usr/local/lib or /usr/X11R6/lib.
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
ld/config.in | 3 +++
ld/configure | 14 ++++++++++++++
ld/configure.ac | 10 ++++++++++
ld/ld.h | 8 ++++++++
ld/ld.texinfo | 12 ++++++++++++
ld/ldfile.c | 17 +++++++++++++++++
ld/ldlex.h | 2 ++
ld/ldmain.c | 2 ++
ld/lexsup.c | 21 +++++++++++++++++++++
9 files changed, 89 insertions(+)
diff --git a/ld/config.in b/ld/config.in
index 276fb77..35c58eb 100644
--- a/ld/config.in
+++ b/ld/config.in
@@ -14,6 +14,9 @@
language is requested. */
#undef ENABLE_NLS
+/* Define to warn for use of native system library directories */
+#undef ENABLE_POISON_SYSTEM_DIRECTORIES
+
/* Additional extension a shared object might have. */
#undef EXTRA_SHLIB_EXTENSION
diff --git a/ld/configure b/ld/configure
index a446283..d1f9504 100755
--- a/ld/configure
+++ b/ld/configure
@@ -786,6 +786,7 @@ with_lib_path
enable_targets
enable_64_bit_bfd
with_sysroot
+enable_poison_system_directories
enable_gold
enable_got
enable_compressed_debug_sections
@@ -1442,6 +1443,8 @@ Optional Features:
--disable-largefile omit support for large files
--enable-targets alternative target configurations
--enable-64-bit-bfd 64-bit support (on hosts with narrower word sizes)
+ --enable-poison-system-directories
+ warn for use of native system library directories
--enable-gold[=ARG] build gold [ARG={default,yes,no}]
--enable-got=<type> GOT handling scheme (target, single, negative,
multigot)
@@ -15491,7 +15494,18 @@ else
fi
+# Check whether --enable-poison-system-directories was given.
+if test "${enable_poison_system_directories+set}" = set; then :
+ enableval=$enable_poison_system_directories;
+else
+ enable_poison_system_directories=no
+fi
+
+if test "x${enable_poison_system_directories}" = "xyes"; then
+$as_echo "#define ENABLE_POISON_SYSTEM_DIRECTORIES 1" >>confdefs.h
+
+fi
# Check whether --enable-got was given.
if test "${enable_got+set}" = set; then :
diff --git a/ld/configure.ac b/ld/configure.ac
index 188172d..2cd8443 100644
--- a/ld/configure.ac
+++ b/ld/configure.ac
@@ -95,6 +95,16 @@ AC_SUBST(use_sysroot)
AC_SUBST(TARGET_SYSTEM_ROOT)
AC_SUBST(TARGET_SYSTEM_ROOT_DEFINE)
+AC_ARG_ENABLE([poison-system-directories],
+ AS_HELP_STRING([--enable-poison-system-directories],
+ [warn for use of native system library directories]),,
+ [enable_poison_system_directories=no])
+if test "x${enable_poison_system_directories}" = "xyes"; then
+ AC_DEFINE([ENABLE_POISON_SYSTEM_DIRECTORIES],
+ [1],
+ [Define to warn for use of native system library directories])
+fi
+
dnl Use --enable-gold to decide if this linker should be the default.
dnl "install_as_default" is set to false if gold is the default linker.
dnl "installed_linker" is the installed BFD linker name.
diff --git a/ld/ld.h b/ld/ld.h
index d84ec4e..3476b26 100644
--- a/ld/ld.h
+++ b/ld/ld.h
@@ -164,6 +164,14 @@ typedef struct {
/* If set, display the target memory usage (per memory region). */
bfd_boolean print_memory_usage;
+ /* If TRUE (the default) warn for uses of system directories when
+ cross linking. */
+ bfd_boolean poison_system_directories;
+
+ /* If TRUE (default FALSE) give an error for uses of system
+ directories when cross linking instead of a warning. */
+ bfd_boolean error_poison_system_directories;
+
/* Big or little endian as set on command line. */
enum endian_enum endian;
diff --git a/ld/ld.texinfo b/ld/ld.texinfo
index 1dd7492..fb1438e 100644
--- a/ld/ld.texinfo
+++ b/ld/ld.texinfo
@@ -2332,6 +2332,18 @@ string identifying the original linked file does not change.
Passing @code{none} for @var{style} disables the setting from any
@code{--build-id} options earlier on the command line.
+
+@kindex --no-poison-system-directories
+@item --no-poison-system-directories
+Do not warn for @option{-L} options using system directories such as
+@file{/usr/lib} when cross linking. This option is intended for use
+in chroot environments when such directories contain the correct
+libraries for the target system rather than the host.
+
+@kindex --error-poison-system-directories
+@item --error-poison-system-directories
+Give an error instead of a warning for @option{-L} options using
+system directories when cross linking.
@end table
@c man end
diff --git a/ld/ldfile.c b/ld/ldfile.c
index 1439309..086b354 100644
--- a/ld/ldfile.c
+++ b/ld/ldfile.c
@@ -114,6 +114,23 @@ ldfile_add_library_path (const char *name, bfd_boolean cmdline)
new_dirs->name = concat (ld_sysroot, name + 1, (const char *) NULL);
else
new_dirs->name = xstrdup (name);
+
+#ifdef ENABLE_POISON_SYSTEM_DIRECTORIES
+ if (command_line.poison_system_directories
+ && ((!strncmp (name, "/lib", 4))
+ || (!strncmp (name, "/usr/lib", 8))
+ || (!strncmp (name, "/usr/local/lib", 14))
+ || (!strncmp (name, "/usr/X11R6/lib", 14))))
+ {
+ if (command_line.error_poison_system_directories)
+ einfo (_("%X%P: error: library search path \"%s\" is unsafe for "
+ "cross-compilation\n"), name);
+ else
+ einfo (_("%P: warning: library search path \"%s\" is unsafe for "
+ "cross-compilation\n"), name);
+ }
+#endif
+
}
/* Try to open a BFD for a lang_input_statement. */
diff --git a/ld/ldlex.h b/ld/ldlex.h
index 6f11e7b..0ca3110 100644
--- a/ld/ldlex.h
+++ b/ld/ldlex.h
@@ -144,6 +144,8 @@ enum option_values
OPTION_PRINT_MEMORY_USAGE,
OPTION_REQUIRE_DEFINED_SYMBOL,
OPTION_ORPHAN_HANDLING,
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES,
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES,
};
/* The initial parser states. */
diff --git a/ld/ldmain.c b/ld/ldmain.c
index bb0b9cc..a23c56c 100644
--- a/ld/ldmain.c
+++ b/ld/ldmain.c
@@ -257,6 +257,8 @@ main (int argc, char **argv)
command_line.warn_mismatch = TRUE;
command_line.warn_search_mismatch = TRUE;
command_line.check_section_addresses = -1;
+ command_line.poison_system_directories = TRUE;
+ command_line.error_poison_system_directories = FALSE;
/* We initialize DEMANGLING based on the environment variable
COLLECT_NO_DEMANGLE. The gcc collect2 program will demangle the
diff --git a/ld/lexsup.c b/ld/lexsup.c
index 4cad209..be7d584 100644
--- a/ld/lexsup.c
+++ b/ld/lexsup.c
@@ -530,6 +530,14 @@ static const struct ld_option ld_options[] =
{ {"orphan-handling", required_argument, NULL, OPTION_ORPHAN_HANDLING},
'\0', N_("=MODE"), N_("Control how orphan sections are handled."),
TWO_DASHES },
+ { {"no-poison-system-directories", no_argument, NULL,
+ OPTION_NO_POISON_SYSTEM_DIRECTORIES},
+ '\0', NULL, N_("Do not warn for -L options using system directories"),
+ TWO_DASHES },
+ { {"error-poison-system-directories", no_argument, NULL,
+ OPTION_ERROR_POISON_SYSTEM_DIRECTORIES},
+ '\0', NULL, N_("Give an error for -L options using system directories"),
+ TWO_DASHES },
};
#define OPTION_COUNT ARRAY_SIZE (ld_options)
@@ -542,6 +550,7 @@ parse_args (unsigned argc, char **argv)
int ingroup = 0;
char *default_dirlist = NULL;
char *shortopts;
+ char *BR_paranoid_env;
struct option *longopts;
struct option *really_longopts;
int last_optind;
@@ -1516,6 +1525,14 @@ parse_args (unsigned argc, char **argv)
}
break;
+ case OPTION_NO_POISON_SYSTEM_DIRECTORIES:
+ command_line.poison_system_directories = FALSE;
+ break;
+
+ case OPTION_ERROR_POISON_SYSTEM_DIRECTORIES:
+ command_line.error_poison_system_directories = TRUE;
+ break;
+
case OPTION_PUSH_STATE:
input_flags.pushed = xmemdup (&input_flags,
sizeof (input_flags),
@@ -1559,6 +1576,10 @@ parse_args (unsigned argc, char **argv)
command_line.soname = NULL;
}
+ BR_paranoid_env = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
+ if (BR_paranoid_env && strlen(BR_paranoid_env) > 0)
+ command_line.error_poison_system_directories = TRUE;
+
while (ingroup)
{
lang_leave_group ();
--
2.4.3
@@ -1,36 +0,0 @@
From c646b02fdcae5f37bd88f33a0c4683ef13ad5c82 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 31 Oct 2016 12:46:38 +1030
Subject: [PATCH] Revert part "Set dynamic tag VMA and size from dynamic
section when possible"
PR 20748
* elf32-microblaze.c (microblaze_elf_finish_dynamic_sections): Revert
2016-05-13 change.
Signed-off-by: Alan Modra <amodra@gmail.com>
Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org>
diff --git a/bfd/elf32-microblaze.c b/bfd/elf32-microblaze.c
index 477e7b3..5c66808 100644
--- a/bfd/elf32-microblaze.c
+++ b/bfd/elf32-microblaze.c
@@ -3396,13 +3396,13 @@ microblaze_elf_finish_dynamic_sections (bfd *output_bfd,
{
asection *s;
- s = bfd_get_linker_section (dynobj, name);
+ s = bfd_get_section_by_name (output_bfd, name);
if (s == NULL)
dyn.d_un.d_val = 0;
else
{
if (! size)
- dyn.d_un.d_ptr = s->output_section->vma + s->output_offset;
+ dyn.d_un.d_ptr = s->vma;
else
dyn.d_un.d_val = s->size;
}
--
2.1.4
@@ -1,33 +0,0 @@
Fix ld segfault for microblaze when --gc-sections is used
Upstream: pending
https://sourceware.org/bugzilla/show_bug.cgi?id=21180
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
diff -Nur binutils-2.27.orig/bfd/elf32-microblaze.c binutils-2.27/bfd/elf32-microblaze.c
--- binutils-2.27.orig/bfd/elf32-microblaze.c 2016-08-03 09:36:50.000000000 +0200
+++ binutils-2.27/bfd/elf32-microblaze.c 2017-02-23 19:43:12.612313590 +0100
@@ -3297,13 +3297,20 @@
|| h->dynindx == -1))
{
asection *sec = h->root.u.def.section;
+ bfd_vma value;
+
+ value = h->root.u.def.value;
+ if (sec->output_section != NULL)
+ /* PR 21180: If the output section is NULL, then the symbol is no
+ longer needed, and in theory the GOT entry is redundant. But
+ it is too late to change our minds now... */
+ value += sec->output_section->vma + sec->output_offset;
+
microblaze_elf_output_dynamic_relocation (output_bfd,
srela, srela->reloc_count++,
/* symindex= */ 0,
R_MICROBLAZE_REL, offset,
- h->root.u.def.value
- + sec->output_section->vma
- + sec->output_offset);
+ value);
}
else
{
@@ -1,88 +0,0 @@
From 29a4659015ca7044c2d425d32a0b828e0fbb5ac1 Mon Sep 17 00:00:00 2001
From: Richard Earnshaw <Richard.Earnshaw@arm.com>
Date: Wed, 7 Sep 2016 17:14:54 +0100
Subject: [PATCH] Automatically enable CRC instructions on supported ARMv8-A
CPUs.
2016-09-07 Richard Earnshaw <rearnsha@arm.com>
* opcode/arm.h (ARM_ARCH_V8A_CRC): New architecture.
2016-09-07 Richard Earnshaw <rearnsha@arm.com>
* config/tc-arm.c ((arm_cpus): Use ARM_ARCH_V8A_CRC for all
ARMv8-A CPUs except xgene1.
Upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=patch;h=27e5a270962fb92c07e7d476966ba380fa3bb68e
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
---
gas/config/tc-arm.c | 18 +++++++++---------
include/opcode/arm.h | 2 ++
2 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/gas/config/tc-arm.c b/gas/config/tc-arm.c
index 73d05316..7c86184d 100644
--- a/gas/config/tc-arm.c
+++ b/gas/config/tc-arm.c
@@ -25332,17 +25332,17 @@ static const struct arm_cpu_option_table arm_cpus[] =
"Cortex-A15"),
ARM_CPU_OPT ("cortex-a17", ARM_ARCH_V7VE, FPU_ARCH_NEON_VFP_V4,
"Cortex-A17"),
- ARM_CPU_OPT ("cortex-a32", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a32", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A32"),
- ARM_CPU_OPT ("cortex-a35", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a35", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A35"),
- ARM_CPU_OPT ("cortex-a53", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a53", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A53"),
- ARM_CPU_OPT ("cortex-a57", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a57", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A57"),
- ARM_CPU_OPT ("cortex-a72", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a72", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A72"),
- ARM_CPU_OPT ("cortex-a73", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("cortex-a73", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Cortex-A73"),
ARM_CPU_OPT ("cortex-r4", ARM_ARCH_V7R, FPU_NONE, "Cortex-R4"),
ARM_CPU_OPT ("cortex-r4f", ARM_ARCH_V7R, FPU_ARCH_VFP_V3D16,
@@ -25361,10 +25361,10 @@ static const struct arm_cpu_option_table arm_cpus[] =
ARM_CPU_OPT ("cortex-m1", ARM_ARCH_V6SM, FPU_NONE, "Cortex-M1"),
ARM_CPU_OPT ("cortex-m0", ARM_ARCH_V6SM, FPU_NONE, "Cortex-M0"),
ARM_CPU_OPT ("cortex-m0plus", ARM_ARCH_V6SM, FPU_NONE, "Cortex-M0+"),
- ARM_CPU_OPT ("exynos-m1", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("exynos-m1", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Samsung " \
"Exynos M1"),
- ARM_CPU_OPT ("qdf24xx", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("qdf24xx", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"Qualcomm "
"QDF24XX"),
@@ -25389,7 +25389,7 @@ static const struct arm_cpu_option_table arm_cpus[] =
/* APM X-Gene family. */
ARM_CPU_OPT ("xgene1", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"APM X-Gene 1"),
- ARM_CPU_OPT ("xgene2", ARM_ARCH_V8A, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
+ ARM_CPU_OPT ("xgene2", ARM_ARCH_V8A_CRC, FPU_ARCH_CRYPTO_NEON_VFP_ARMV8,
"APM X-Gene 2"),
{ NULL, 0, ARM_ARCH_NONE, ARM_ARCH_NONE, NULL }
diff --git a/include/opcode/arm.h b/include/opcode/arm.h
index 60715cf8..feace5cd 100644
--- a/include/opcode/arm.h
+++ b/include/opcode/arm.h
@@ -263,6 +263,8 @@
#define ARM_ARCH_V7M ARM_FEATURE_CORE (ARM_AEXT_V7M, ARM_EXT2_V6T2_V8M)
#define ARM_ARCH_V7EM ARM_FEATURE_CORE (ARM_AEXT_V7EM, ARM_EXT2_V6T2_V8M)
#define ARM_ARCH_V8A ARM_FEATURE_CORE (ARM_AEXT_V8A, ARM_AEXT2_V8A)
+#define ARM_ARCH_V8A_CRC ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8A, \
+ CRC_EXT_ARMV8)
#define ARM_ARCH_V8_1A ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8_1A, \
CRC_EXT_ARMV8 | FPU_NEON_EXT_RDMA)
#define ARM_ARCH_V8_2A ARM_FEATURE (ARM_AEXT_V8A, ARM_AEXT2_V8_2A, \
--
2.11.0
@@ -0,0 +1,50 @@
From 4af4a4a71827c0bc5e0ec67af23edef4f15cee8e Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon, 5 Mar 2018 10:56:29 -0800
Subject: [PATCH 1/1] fflush: adjust to glibc 2.28 libio.h removal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Problem reported by Daniel P. Berrangé in:
https://lists.gnu.org/r/bug-gnulib/2018-03/msg00000.html
* lib/fbufmode.c (fbufmode):
* lib/fflush.c (clear_ungetc_buffer_preserving_position)
(disable_seek_optimization, rpl_fflush):
* lib/fpending.c (__fpending):
* lib/fpurge.c (fpurge):
* lib/freadable.c (freadable):
* lib/freadahead.c (freadahead):
* lib/freading.c (freading):
* lib/freadptr.c (freadptr):
* lib/freadseek.c (freadptrinc):
* lib/fseeko.c (fseeko):
* lib/fseterr.c (fseterr):
* lib/fwritable.c (fwritable):
* lib/fwriting.c (fwriting):
Check _IO_EOF_SEEN instead of _IO_ftrylockfile.
* lib/stdio-impl.h (_IO_IN_BACKUP) [_IO_EOF_SEEN]:
Define if not already defined.
---
lib/fseterr.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[yann.morin.1998@free.fr: partially backport from upstream gnulib]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
diff --git a/lib/fseterr.c b/lib/fseterr.c
index 82649c3ac..adb637256 100644
--- a/lib/fseterr.c
+++ b/lib/fseterr.c
@@ -29,7 +29,7 @@ fseterr (FILE *fp)
/* Most systems provide FILE as a struct and the necessary bitmask in
<stdio.h>, because they need it for implementing getc() and putc() as
fast macros. */
-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
fp->_flags |= _IO_ERR_SEEN;
#elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
--
2.14.1
@@ -0,0 +1,46 @@
From 74d9d6a293d7462dea8f83e7fc5ac792e956a0ad Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 8 Mar 2018 16:42:45 -0800
Subject: [PATCH 2/2] fflush: be more paranoid about libio.h change
Suggested by Eli Zaretskii in:
https://lists.gnu.org/r/emacs-devel/2018-03/msg00270.html
* lib/fbufmode.c (fbufmode):
* lib/fflush.c (clear_ungetc_buffer_preserving_position)
(disable_seek_optimization, rpl_fflush):
* lib/fpending.c (__fpending):
* lib/fpurge.c (fpurge):
* lib/freadable.c (freadable):
* lib/freadahead.c (freadahead):
* lib/freading.c (freading):
* lib/freadptr.c (freadptr):
* lib/freadseek.c (freadptrinc):
* lib/fseeko.c (fseeko):
* lib/fseterr.c (fseterr):
* lib/fwritable.c (fwritable):
* lib/fwriting.c (fwriting):
Look at _IO_ftrylockfile as well as at _IO_EOF_SEEN.
---
lib/fseterr.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
[yann.morin.1998@free.fr: partially backport from upstream gnulib]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
diff --git a/lib/fseterr.c b/lib/fseterr.c
index adb637256..fd9da6338 100644
--- a/lib/fseterr.c
+++ b/lib/fseterr.c
@@ -29,7 +29,8 @@ fseterr (FILE *fp)
/* Most systems provide FILE as a struct and the necessary bitmask in
<stdio.h>, because they need it for implementing getc() and putc() as
fast macros. */
-#if defined _IO_EOF_SEEN || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */
+#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1
+ /* GNU libc, BeOS, Haiku, Linux libc5 */
fp->_flags |= _IO_ERR_SEEN;
#elif defined __sferror || defined __DragonFly__ || defined __ANDROID__
/* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Minix 3, Android */
--
2.14.1
@@ -0,0 +1,41 @@
From 088666535a045dae71bd2fcc6b3a1553023106ce Mon Sep 17 00:00:00 2001
From: "Yann E. MORIN" <yann.morin.1998@free.fr>
Date: Wed, 22 Aug 2018 10:10:19 +0200
Subject: [PATCH] buildsys: fix cross-compilation
Some identifiers for includes and libs paths may contain digit, e.g.
X11_PACKAGE or ATSPI2_PACKAGE or GLIB2_PACKAGE...
Also detect those identifiers when doing cros-compilation, so that the
_FOR_BUILD variants are really created and do not clash with the target
variants.
Fixes:
http://autobuild.buildroot.org/results/a37/a37782b3cfc1a96cc129db8fade20a36a7b2d470/build-end.log
http://autobuild.buildroot.org/results/97e/97edc6a47d2140968e84b409cdc960604e5896f2/build-end.log
[...]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
---
Upstram status: submitted
https://github.com/brltty/brltty/pull/142
---
mk4build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mk4build b/mk4build
index db90c86a9..551283825 100755
--- a/mk4build
+++ b/mk4build
@@ -112,7 +112,7 @@ fi
sedScript="${outputName}.${sedExtension}"
sed -n -e '
-s/^ *\([A-Za-z][A-Za-z_]*\) *=.*$/\1/
+s/^ *\([A-Za-z][A-Za-z0-9_]*\) *=.*$/\1/
t found
d
:found
--
2.14.1
@@ -0,0 +1,144 @@
From b60b613e7c2c9bf7a142c3c486ac6e77ad93f5d1 Mon Sep 17 00:00:00 2001
From: Adrian Perez de Castro <aperez@igalia.com>
Date: Mon, 26 Mar 2018 19:08:31 +0100
Subject: [PATCH] CMake: Allow using BUILD_SHARED_LIBS to choose static/shared
libs
By convention projects using CMake which can build either static or
shared libraries use a BUILD_SHARED_LIBS flag to allow selecting between
both: the add_library() command automatically switches between both using
this variable when the library kind is not passed to add_library(). It
is also usual to expose the BUILD_SHARED_LIBS as an user-facing setting
with the option() command.
This way, the following will both work as expected:
% cmake -DBUILD_SHARED_LIBS=OFF ...
% cmake -DBUILS_SHARED_LIBS=ON ...
This is helpful for distributions which need (or want) to build only
static libraries.
---
CMakeLists.txt | 42 ++++++++++++++----------------------------
c/fuzz/test_fuzzer.sh | 6 +++---
2 files changed, 17 insertions(+), 31 deletions(-)
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Upstream-Status: Submitted [https://github.com/google/brotli/pull/655]
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 99b9258..3867931 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -6,6 +6,8 @@ cmake_minimum_required(VERSION 2.8.6)
project(brotli C)
+option(BUILD_SHARED_LIBS "Build shared libraries" ON)
+
# If Brotli is being bundled in another project, we don't want to
# install anything. However, we want to let people override this, so
# we'll use the BROTLI_BUNDLED_MODE variable to let them do that; just
@@ -114,10 +116,6 @@ set(BROTLI_LIBRARIES_CORE brotlienc brotlidec brotlicommon)
set(BROTLI_LIBRARIES ${BROTLI_LIBRARIES_CORE} ${LIBM_LIBRARY})
mark_as_advanced(BROTLI_LIBRARIES)
-set(BROTLI_LIBRARIES_CORE_STATIC brotlienc-static brotlidec-static brotlicommon-static)
-set(BROTLI_LIBRARIES_STATIC ${BROTLI_LIBRARIES_CORE_STATIC} ${LIBM_LIBRARY})
-mark_as_advanced(BROTLI_LIBRARIES_STATIC)
-
if(${CMAKE_SYSTEM_NAME} MATCHES "Linux")
add_definitions(-DOS_LINUX)
elseif(${CMAKE_SYSTEM_NAME} MATCHES "FreeBSD")
@@ -137,24 +135,22 @@ endfunction()
transform_sources_list("scripts/sources.lst" "${CMAKE_CURRENT_BINARY_DIR}/sources.lst.cmake")
include("${CMAKE_CURRENT_BINARY_DIR}/sources.lst.cmake")
-add_library(brotlicommon SHARED ${BROTLI_COMMON_C})
-add_library(brotlidec SHARED ${BROTLI_DEC_C})
-add_library(brotlienc SHARED ${BROTLI_ENC_C})
-
-add_library(brotlicommon-static STATIC ${BROTLI_COMMON_C})
-add_library(brotlidec-static STATIC ${BROTLI_DEC_C})
-add_library(brotlienc-static STATIC ${BROTLI_ENC_C})
+add_library(brotlicommon ${BROTLI_COMMON_C})
+add_library(brotlidec ${BROTLI_DEC_C})
+add_library(brotlienc ${BROTLI_ENC_C})
# Older CMake versions does not understand INCLUDE_DIRECTORIES property.
include_directories(${BROTLI_INCLUDE_DIRS})
+if(BUILD_SHARED_LIBS)
+ foreach(lib brotlicommon brotlidec brotlienc)
+ target_compile_definitions(${lib} PUBLIC "BROTLI_SHARED_COMPILATION" )
+ string(TOUPPER "${lib}" LIB)
+ set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION" )
+ endforeach()
+endif()
+
foreach(lib brotlicommon brotlidec brotlienc)
- target_compile_definitions(${lib} PUBLIC "BROTLI_SHARED_COMPILATION" )
- string(TOUPPER "${lib}" LIB)
- set_target_properties (${lib} PROPERTIES DEFINE_SYMBOL "${LIB}_SHARED_COMPILATION" )
-endforeach()
-
-foreach(lib brotlicommon brotlidec brotlienc brotlicommon-static brotlidec-static brotlienc-static)
target_link_libraries(${lib} ${LIBM_LIBRARY})
set_property(TARGET ${lib} APPEND PROPERTY INCLUDE_DIRECTORIES ${BROTLI_INCLUDE_DIRS})
set_target_properties(${lib} PROPERTIES
@@ -167,9 +163,6 @@ endforeach()
target_link_libraries(brotlidec brotlicommon)
target_link_libraries(brotlienc brotlicommon)
-target_link_libraries(brotlidec-static brotlicommon-static)
-target_link_libraries(brotlienc-static brotlicommon-static)
-
# For projects stuck on older versions of CMake, this will set the
# BROTLI_INCLUDE_DIRS and BROTLI_LIBRARIES variables so they still
# have a relatively easy way to use Brotli:
@@ -183,7 +176,7 @@ endif()
# Build the brotli executable
add_executable(brotli ${BROTLI_CLI_C})
-target_link_libraries(brotli ${BROTLI_LIBRARIES_STATIC})
+target_link_libraries(brotli ${BROTLI_LIBRARIES})
# Installation
if(NOT BROTLI_BUNDLED_MODE)
@@ -199,13 +192,6 @@ if(NOT BROTLI_BUNDLED_MODE)
RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
)
- install(
- TARGETS ${BROTLI_LIBRARIES_CORE_STATIC}
- ARCHIVE DESTINATION "${CMAKE_INSTALL_LIBDIR}"
- LIBRARY DESTINATION "${CMAKE_INSTALL_LIBDIR}"
- RUNTIME DESTINATION "${CMAKE_INSTALL_BINDIR}"
- )
-
install(
DIRECTORY ${BROTLI_INCLUDE_DIRS}/brotli
DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}"
diff --git a/c/fuzz/test_fuzzer.sh b/c/fuzz/test_fuzzer.sh
index 5c754e1..e85e12f 100755
--- a/c/fuzz/test_fuzzer.sh
+++ b/c/fuzz/test_fuzzer.sh
@@ -14,12 +14,12 @@ mkdir bin
cd bin
cmake $BROTLI -DCMAKE_C_COMPILER="$CC" -DCMAKE_CXX_COMPILER="$CXX" \
- -DBUILD_TESTING=OFF -DENABLE_SANITIZER=address
-make -j$(nproc) brotlidec-static
+ -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=OFF -DENABLE_SANITIZER=address
+make -j$(nproc) brotlidec
${CXX} -o run_decode_fuzzer -std=c++11 -fsanitize=address -I$SRC/include \
$SRC/fuzz/decode_fuzzer.cc $SRC/fuzz/run_decode_fuzzer.cc \
- ./libbrotlidec-static.a ./libbrotlicommon-static.a
+ ./libbrotlidec.a ./libbrotlicommon.a
mkdir decode_corpora
unzip $BROTLI/java/org/brotli/integration/fuzz_data.zip -d decode_corpora
--
2.16.3
@@ -0,0 +1,31 @@
From fea0b1e46c486225d57e730cc0f94fa06b5b93fc Mon Sep 17 00:00:00 2001
From: Adrian Perez de Castro <aperez@igalia.com>
Date: Mon, 26 Mar 2018 12:12:00 +0100
Subject: [PATCH] Tell CMake to not check for a C++ compiler
By default CMake checks both for C and C++ compilers, while the latter
is not needed. Setting the list of languages to just "C" in the call to
project() removes the unneeded check.
---
CMakeLists.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Upstream-Status: Submitted [https://github.com/google/brotli/pull/653]
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2dc7232..3fbcbfb 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -4,7 +4,7 @@
# support 2.8.7.
cmake_minimum_required(VERSION 2.8.6)
-project(brotli)
+project(brotli LANGUAGES C)
# If Brotli is being bundled in another project, we don't want to
# install anything. However, we want to let people override this, so
--
2.16.3
+12
View File
@@ -0,0 +1,12 @@
config BR2_PACKAGE_BROTLI
bool "brotli"
help
Generic-purpose lossless compression library. The algorithm
compresses data using a combination of a modern variant of
the LZ77 algorithm, Huffman coding and 2nd order context
modeling, with a compression ratio comparable to the best
currently available general-purpose compression methods. It
is similar in speed with deflate but offers more dense
compression.
https://github.com/google/brotli
+5
View File
@@ -0,0 +1,5 @@
# Locally generated:
sha512 93adcf437d730ac403e444285ac8aefbb2c8a6b5e1b064e8ee33684c067287a8159e0ee73d2217c167881e87da73fa494792d963a15508fd42b2ac4a5b52823c v1.0.3.tar.gz
# Hash for license files:
sha512 bae78184c2f50f86d8c727826d3982c469454c42b9af81f4ef007e39036434fa894cf5be3bf5fc65b7de2301f0a72d067a8186e303327db8a96bd14867e0a3a8 LICENSE
+17
View File
@@ -0,0 +1,17 @@
################################################################################
#
# brotli
#
################################################################################
BROTLI_VERSION = 1.0.3
BROTLI_SOURCE = v$(BROTLI_VERSION).tar.gz
BROTLI_SITE = https://github.com/google/brotli/archive
BROTLI_LICENSE = MIT
BROTLI_LICENSE_FILES = LICENSE
BROTLI_INSTALL_STAGING = YES
BROTLI_CONF_OPTS = \
-DBROTLI_DISABLE_TESTS=ON \
-DBROTLI_BUNDLED_MODE=OFF
$(eval $(cmake-package))
-2
View File
@@ -5,5 +5,3 @@ config BR2_PACKAGE_BZIP2
It typically compresses files to within 10% to 15% of the best
available techniques, while being around twice as fast at
compression and six times faster at decompression.
http://www.bzip.org
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
BZIP2_VERSION = 1.0.6
BZIP2_SITE = http://www.bzip.org/$(BZIP2_VERSION)
BZIP2_SITE = http://sources.buildroot.net
BZIP2_INSTALL_STAGING = YES
BZIP2_LICENSE = bzip2 license
BZIP2_LICENSE_FILES = LICENSE
+8 -4
View File
@@ -16,7 +16,7 @@ CA_CERTIFICATES_LICENSE = GPL-2.0+ (script), MPL-2.0 (data)
CA_CERTIFICATES_LICENSE_FILES = debian/copyright
define CA_CERTIFICATES_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) all
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) clean all
endef
define CA_CERTIFICATES_INSTALL_TARGET_CMDS
@@ -31,13 +31,17 @@ define CA_CERTIFICATES_INSTALL_TARGET_CMDS
# Create symlinks to certificates under /etc/ssl/certs
# and generate the bundle
cd $(TARGET_DIR) ;\
for i in `find usr/share/ca-certificates -name "*.crt"` ; do \
for i in `find usr/share/ca-certificates -name "*.crt" | LC_COLLATE=C sort` ; do \
ln -sf ../../../$$i etc/ssl/certs/`basename $${i} .crt`.pem ;\
cat $$i >>etc/ssl/certs/ca-certificates.crt ;\
done
cat $$i ;\
done >$(@D)/ca-certificates.crt
# Create symlinks to the certificates by their hash values
$(HOST_DIR)/bin/c_rehash $(TARGET_DIR)/etc/ssl/certs
# Install the certificates bundle
$(INSTALL) -D -m 644 $(@D)/ca-certificates.crt \
$(TARGET_DIR)/etc/ssl/certs/ca-certificates.crt
endef
$(eval $(generic-package))
@@ -0,0 +1,42 @@
From 7c5bd948bb7e21fa0ee22f29e97748b2d0360319 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Thu, 17 May 2018 14:16:58 +0200
Subject: [PATCH] util: fall back to reading /dev/urandom when getrandom()
blocks
With recent changes in the Linux kernel, the getrandom() system call may
block for a long time after boot on machines that don't have enough
entropy. It blocks the chronyd's initialization before it can detach
from the terminal and may cause a chronyd service to fail to start due
to a timeout.
At least for now, enable the GRND_NONBLOCK flag to make the system call
non-blocking and let the code fall back to reading /dev/urandom (which
never blocks) if the system call failed with EAGAIN or any other error.
This makes the start of chronyd non-deterministic with respect to files
that it needs to open and possibly also makes it slightly easier to
guess the transmit/receive timestamp in client requests until the
urandom source is fully initialized.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util.c b/util.c
index 4b3e455..76417d5 100644
--- a/util.c
+++ b/util.c
@@ -1224,7 +1224,7 @@ get_random_bytes_getrandom(char *buf, unsigned int len)
if (disabled)
break;
- if (getrandom(rand_buf, sizeof (rand_buf), 0) != sizeof (rand_buf)) {
+ if (getrandom(rand_buf, sizeof (rand_buf), GRND_NONBLOCK) != sizeof (rand_buf)) {
disabled = 1;
break;
}
--
2.11.0
+1 -1
View File
@@ -1,5 +1,5 @@
# Locally calculated
sha256 84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f clamav-0.100.1.tar.gz
sha256 4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6 clamav-0.100.2.tar.gz
sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584 COPYING
sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed COPYING.bzip2
sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6 COPYING.file
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
CLAMAV_VERSION = 0.100.1
CLAMAV_VERSION = 0.100.2
CLAMAV_SITE = https://www.clamav.net/downloads/production
CLAMAV_LICENSE = GPL-2.0
CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \
+1 -1
View File
@@ -14,7 +14,7 @@ config BR2_PACKAGE_CONNMAN
for managing internet connections within embedded devices
running the Linux operating system.
For more information, see https://01.org/connman
https://01.org/connman
if BR2_PACKAGE_CONNMAN
+2
View File
@@ -3,3 +3,5 @@ sha1 15f21897c14acfd4b0c74622e49d95857f2fe939 cppcms-1.0.5.tar.bz2
md5 d668c201dd31fff8090380ebdc0bcc2b cppcms-1.0.5.tar.bz2
# Locally computed:
sha256 84b685977bca97c3e997497f227bd5906adb80555066d811a7046b01c2f51865 cppcms-1.0.5.tar.bz2
sha256 2ff22bab712c46dbadf9bae0f759bbc95d5d87614cacb7ebc3d5a50910603d6a COPYING.TXT
sha256 70fbf0194bee0f444c57ecd47e7d976a3e5a890e4421a21aab49f2d214267e69 THIRD_PARTY_SOFTWARE.TXT
+2 -2
View File
@@ -6,8 +6,8 @@
CPPCMS_VERSION = 1.0.5
CPPCMS_SOURCE = cppcms-$(CPPCMS_VERSION).tar.bz2
CPPCMS_LICENSE = LGPL-3.0
CPPCMS_LICENSE_FILES = COPYING.TXT
CPPCMS_LICENSE = LGPL-3.0, BSL-1.0 (boost), MIT (base64.cpp), Public Domain (json2.js), Zlib (md5)
CPPCMS_LICENSE_FILES = COPYING.TXT THIRD_PARTY_SOFTWARE.TXT
CPPCMS_SITE = http://downloads.sourceforge.net/project/cppcms/cppcms/$(CPPCMS_VERSION)
CPPCMS_INSTALL_STAGING = YES
CPPCMS_CXXFLAGS = $(TARGET_CXXFLAGS)
@@ -0,0 +1,33 @@
Fix minor()/major() build failure due to glibc 2.28
glibc 2.28 no longer includes <sys/sysmacros.h> from <sys/types.h>,
and therefore <sys/sysmacros.h> must be included explicitly when
major()/minor() are used.
This commit directly includes <sys/sysmacros.h> into cramfsck.c and
mkcramfs.c files where minor() and major() macros are used.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
---
diff -urpN host-cramfs-1.1.orig/cramfsck.c host-cramfs-1.1/cramfsck.c
--- host-cramfs-1.1.orig/cramfsck.c 2018-09-27 16:48:09.704782201 +0200
+++ host-cramfs-1.1/cramfsck.c 2018-09-27 16:49:12.841138657 +0200
@@ -38,6 +38,7 @@
#define _GNU_SOURCE
#include <sys/types.h>
+#include <sys/sysmacros.h>
#include <stdio.h>
#include <stdarg.h>
#include <sys/stat.h>
diff -urpN host-cramfs-1.1.orig/mkcramfs.c host-cramfs-1.1/mkcramfs.c
--- host-cramfs-1.1.orig/mkcramfs.c 2018-09-27 16:48:09.712782246 +0200
+++ host-cramfs-1.1/mkcramfs.c 2018-09-27 16:48:59.777064921 +0200
@@ -24,6 +24,7 @@
#define _GNU_SOURCE
#include <sys/types.h>
+#include <sys/sysmacros.h>
#include <stdio.h>
#include <sys/stat.h>
#include <unistd.h>
+1 -1
View File
@@ -15,7 +15,7 @@ config BR2_PACKAGE_CRDA
query and apply the regulatory domain settings wireless
devices may operate within for a given location.
http://linuxwireless.org/en/developers/Regulatory/CRDA
https://wireless.wiki.kernel.org/en/developers/regulatory/crda
comment "crda needs a toolchain w/ threads, dynamic library"
depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
@@ -0,0 +1,46 @@
From 567e7f8664c621f8aeaa95d9f4ab4b590574f572 Mon Sep 17 00:00:00 2001
From: Baruch Siach <baruch@tkos.co.il>
Date: Wed, 15 Aug 2018 14:13:46 +0300
Subject: [PATCH] Remove json_object typedef
The json-c header already defines the same typedef. While C11 allows
typedef redefinition to the same type, older versions of gcc disallow
that.
In file included from lib/luks2/luks2_internal.h:32,
from lib/luks2/luks2_disk_metadata.c:24:
lib/luks2/luks2.h:86: error: redefinition of typedef 'json_object'
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
lib/luks2/luks2.h | 1 -
lib/setup.c | 1 +
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/luks2/luks2.h b/lib/luks2/luks2.h
index ee57b41ba974..25e36190da45 100644
--- a/lib/luks2/luks2.h
+++ b/lib/luks2/luks2.h
@@ -83,7 +83,6 @@ struct luks2_hdr_disk {
/*
* LUKS2 header in-memory.
*/
-typedef struct json_object json_object;
struct luks2_hdr {
size_t hdr_size;
uint64_t seqid;
diff --git a/lib/setup.c b/lib/setup.c
index fddbe7ef7897..856f6e80f465 100644
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -28,6 +28,7 @@
#include <sys/utsname.h>
#include <fcntl.h>
#include <errno.h>
+#include <json-c/json.h>
#include "libcryptsetup.h"
#include "luks.h"
--
2.18.0
+1 -1
View File
@@ -1,4 +1,4 @@
# From https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/sha256sums.asc
sha256 adc623b9e3e3ab5c14145b8baf21b741e513ee5bf90d2b4d85a745c2f05da199 cryptsetup-2.0.0.tar.xz
sha256 4d6cca04c1f5ff4a68d045d190efb2623087eda0274ded92f92a4b6911e501d4 cryptsetup-2.0.3.tar.xz
sha256 45670cce8b6a0ddd66c8016cd8ccef6cd71f35717cbacc7f1e895b3855207b33 COPYING
sha256 8c33cc37871654ec7ed87e6fbb896c8cf33ef5ef05b1611a5aed857596ffafa5 COPYING.LGPL
+3 -2
View File
@@ -5,7 +5,7 @@
################################################################################
CRYPTSETUP_VERSION_MAJOR = 2.0
CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).0
CRYPTSETUP_VERSION = $(CRYPTSETUP_VERSION_MAJOR).3
CRYPTSETUP_SOURCE = cryptsetup-$(CRYPTSETUP_VERSION).tar.xz
CRYPTSETUP_SITE = $(BR2_KERNEL_MIRROR)/linux/utils/cryptsetup/v$(CRYPTSETUP_VERSION_MAJOR)
CRYPTSETUP_DEPENDENCIES = lvm2 popt util-linux host-pkgconf json-c \
@@ -36,7 +36,8 @@ HOST_CRYPTSETUP_DEPENDENCIES = \
host-json-c \
host-openssl
HOST_CRYPTSETUP_CONF_OPTS = --with-crypto-backend=openssl
HOST_CRYPTSETUP_CONF_OPTS = --with-crypto_backend=openssl \
--disable-kernel_crypto
$(eval $(autotools-package))
$(eval $(host-autotools-package))
+2 -1
View File
@@ -8,7 +8,8 @@ CUPS_FILTERS_VERSION = 1.20.3
CUPS_FILTERS_SITE = http://openprinting.org/download/cups-filters
CUPS_FILTERS_LICENSE = GPL-2.0, GPL-2.0+, GPL-3.0, GPL-3.0+, LGPL-2, LGPL-2.1+, MIT, BSD-4-Clause
CUPS_FILTERS_LICENSE_FILES = COPYING
# 0001-Replace-relative-linking-with-absolute-linking.patch
CUPS_FILTERS_AUTORECONF = YES
CUPS_FILTERS_DEPENDENCIES = cups libglib2 lcms2 qpdf fontconfig freetype jpeg
CUPS_FILTERS_CONF_OPTS = --disable-imagefilters \
+1 -5
View File
@@ -15,9 +15,5 @@ config BR2_PACKAGE_DAHDI_TOOLS
http://www.asterisk.org/downloads/dahdi
# Two comments, otherwise it may not fit in menuconfig for narrow terminals
comment "dahdi-tools needs a toolchain w/ threads"
comment "dahdi-tools needs a toolchain w/ threads and a Linux kernel to be built"
depends on !BR2_TOOLCHAIN_HAS_THREADS || !BR2_LINUX_KERNEL
comment "dahdi-tools needs a Linux kernel to be built"
depends on !BR2_LINUX_KERNEL
+1 -1
View File
@@ -1,6 +1,6 @@
config BR2_PACKAGE_DMIDECODE
bool "dmidecode"
depends on BR2_i386 || BR2_x86_64
depends on BR2_aarch64 || BR2_i386 || BR2_x86_64
help
Dmidecode reports information about your system's hardware
as described in your system BIOS according to the SMBIOS/DMI
@@ -0,0 +1,113 @@
# HG changeset patch
# User Matt Johnston <matt@ucc.asn.au>
# Date 1520519133 -28800
# Node ID 0dc3103a5900971d1d06d9101e062ddbd1112436
# Parent 0f149d63068d90705db7fb52c8dea15ff32eedd7
Only advertise a single server ecdsa key when -R (generate as required) is
specified. Fixes -R now that default ecdsa key size has changed.
Upstream-URL: https://secure.ucc.asn.au/hg/dropbear/rev/0dc3103a5900
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
diff -r 0f149d63068d -r 0dc3103a5900 svr-runopts.c
--- a/svr-runopts.c Thu Mar 08 22:22:11 2018 +0800
+++ b/svr-runopts.c Thu Mar 08 22:25:33 2018 +0800
@@ -526,8 +526,10 @@
void load_all_hostkeys() {
int i;
- int disable_unset_keys = 1;
int any_keys = 0;
+#ifdef DROPBEAR_ECDSA
+ int loaded_any_ecdsa = 0;
+#endif
svr_opts.hostkey = new_sign_key();
@@ -552,14 +554,8 @@
#endif
}
-#if DROPBEAR_DELAY_HOSTKEY
- if (svr_opts.delay_hostkey) {
- disable_unset_keys = 0;
- }
-#endif
-
#if DROPBEAR_RSA
- if (disable_unset_keys && !svr_opts.hostkey->rsakey) {
+ if (!svr_opts.delay_hostkey && !svr_opts.hostkey->rsakey) {
disablekey(DROPBEAR_SIGNKEY_RSA);
} else {
any_keys = 1;
@@ -567,39 +563,54 @@
#endif
#if DROPBEAR_DSS
- if (disable_unset_keys && !svr_opts.hostkey->dsskey) {
+ if (!svr_opts.delay_hostkey && !svr_opts.hostkey->dsskey) {
disablekey(DROPBEAR_SIGNKEY_DSS);
} else {
any_keys = 1;
}
#endif
+#if DROPBEAR_ECDSA
+ /* We want to advertise a single ecdsa algorithm size.
+ - If there is a ecdsa hostkey at startup we choose that that size.
+ - If we generate at runtime we choose the default ecdsa size.
+ - Otherwise no ecdsa keys will be advertised */
-#if DROPBEAR_ECDSA
+ /* check if any keys were loaded at startup */
+ loaded_any_ecdsa =
+ 0
#if DROPBEAR_ECC_256
- if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 256)
- && !svr_opts.hostkey->ecckey256) {
+ || svr_opts.hostkey->ecckey256
+#endif
+#if DROPBEAR_ECC_384
+ || svr_opts.hostkey->ecckey384
+#endif
+#if DROPBEAR_ECC_521
+ || svr_opts.hostkey->ecckey521
+#endif
+ ;
+ any_keys |= loaded_any_ecdsa;
+
+ /* Or an ecdsa key could be generated at runtime */
+ any_keys |= svr_opts.delay_hostkey;
+
+ /* At most one ecdsa key size will be left enabled */
+#if DROPBEAR_ECC_256
+ if (!svr_opts.hostkey->ecckey256
+ && (!svr_opts.delay_hostkey || loaded_any_ecdsa || ECDSA_DEFAULT_SIZE != 256 )) {
disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP256);
- } else {
- any_keys = 1;
}
#endif
-
#if DROPBEAR_ECC_384
- if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 384)
- && !svr_opts.hostkey->ecckey384) {
+ if (!svr_opts.hostkey->ecckey384
+ && (!svr_opts.delay_hostkey || loaded_any_ecdsa || ECDSA_DEFAULT_SIZE != 384 )) {
disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP384);
- } else {
- any_keys = 1;
}
#endif
-
#if DROPBEAR_ECC_521
- if ((disable_unset_keys || ECDSA_DEFAULT_SIZE != 521)
- && !svr_opts.hostkey->ecckey521) {
+ if (!svr_opts.hostkey->ecckey521
+ && (!svr_opts.delay_hostkey || loaded_any_ecdsa || ECDSA_DEFAULT_SIZE != 521 )) {
disablekey(DROPBEAR_SIGNKEY_ECDSA_NISTP521);
- } else {
- any_keys = 1;
}
#endif
#endif /* DROPBEAR_ECDSA */
@@ -0,0 +1,236 @@
From 52adbb34c32d3e2e1bcdb941e20a6f81138b8248 Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Thu, 23 Aug 2018 23:43:12 +0800
Subject: [PATCH] Wait to fail invalid usernames
[hg: https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
auth.h | 6 +++---
svr-auth.c | 19 +++++--------------
svr-authpam.c | 26 ++++++++++++++++++++++----
svr-authpasswd.c | 27 ++++++++++++++-------------
svr-authpubkey.c | 11 ++++++++++-
5 files changed, 54 insertions(+), 35 deletions(-)
diff --git a/auth.h b/auth.h
index da498f5..98f5468 100644
--- a/auth.h
+++ b/auth.h
@@ -37,9 +37,9 @@ void recv_msg_userauth_request(void);
void send_msg_userauth_failure(int partial, int incrfail);
void send_msg_userauth_success(void);
void send_msg_userauth_banner(const buffer *msg);
-void svr_auth_password(void);
-void svr_auth_pubkey(void);
-void svr_auth_pam(void);
+void svr_auth_password(int valid_user);
+void svr_auth_pubkey(int valid_user);
+void svr_auth_pam(int valid_user);
#if DROPBEAR_SVR_PUBKEY_OPTIONS_BUILT
int svr_pubkey_allows_agentfwd(void);
diff --git a/svr-auth.c b/svr-auth.c
index c19c090..edde86b 100644
--- a/svr-auth.c
+++ b/svr-auth.c
@@ -149,10 +149,8 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
strncmp(methodname, AUTH_METHOD_PASSWORD,
AUTH_METHOD_PASSWORD_LEN) == 0) {
- if (valid_user) {
- svr_auth_password();
- goto out;
- }
+ svr_auth_password(valid_user);
+ goto out;
}
}
#endif
@@ -164,10 +162,8 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PASSWORD_LEN &&
strncmp(methodname, AUTH_METHOD_PASSWORD,
AUTH_METHOD_PASSWORD_LEN) == 0) {
- if (valid_user) {
- svr_auth_pam();
- goto out;
- }
+ svr_auth_pam(valid_user);
+ goto out;
}
}
#endif
@@ -177,12 +173,7 @@ void recv_msg_userauth_request() {
if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
strncmp(methodname, AUTH_METHOD_PUBKEY,
AUTH_METHOD_PUBKEY_LEN) == 0) {
- if (valid_user) {
- svr_auth_pubkey();
- } else {
- /* pubkey has no failure delay */
- send_msg_userauth_failure(0, 0);
- }
+ svr_auth_pubkey(valid_user);
goto out;
}
#endif
diff --git a/svr-authpam.c b/svr-authpam.c
index 05e4f3e..d201bc9 100644
--- a/svr-authpam.c
+++ b/svr-authpam.c
@@ -178,13 +178,14 @@ pamConvFunc(int num_msg,
* Keyboard interactive would be a lot nicer, but since PAM is synchronous, it
* gets very messy trying to send the interactive challenges, and read the
* interactive responses, over the network. */
-void svr_auth_pam() {
+void svr_auth_pam(int valid_user) {
struct UserDataS userData = {NULL, NULL};
struct pam_conv pamConv = {
pamConvFunc,
&userData /* submitted to pamvConvFunc as appdata_ptr */
};
+ const char* printable_user = NULL;
pam_handle_t* pamHandlep = NULL;
@@ -204,12 +205,23 @@ void svr_auth_pam() {
password = buf_getstring(ses.payload, &passwordlen);
+ /* We run the PAM conversation regardless of whether the username is valid
+ in case the conversation function has an inherent delay.
+ Use ses.authstate.username rather than ses.authstate.pw_name.
+ After PAM succeeds we then check the valid_user flag too */
+
/* used to pass data to the PAM conversation function - don't bother with
* strdup() etc since these are touched only by our own conversation
* function (above) which takes care of it */
- userData.user = ses.authstate.pw_name;
+ userData.user = ses.authstate.username;
userData.passwd = password;
+ if (ses.authstate.pw_name) {
+ printable_user = ses.authstate.pw_name;
+ } else {
+ printable_user = "<invalid username>";
+ }
+
/* Init pam */
if ((rc = pam_start("sshd", NULL, &pamConv, &pamHandlep)) != PAM_SUCCESS) {
dropbear_log(LOG_WARNING, "pam_start() failed, rc=%d, %s",
@@ -242,7 +254,7 @@ void svr_auth_pam() {
rc, pam_strerror(pamHandlep, rc));
dropbear_log(LOG_WARNING,
"Bad PAM password attempt for '%s' from %s",
- ses.authstate.pw_name,
+ printable_user,
svr_ses.addrstring);
send_msg_userauth_failure(0, 1);
goto cleanup;
@@ -253,12 +265,18 @@ void svr_auth_pam() {
rc, pam_strerror(pamHandlep, rc));
dropbear_log(LOG_WARNING,
"Bad PAM password attempt for '%s' from %s",
- ses.authstate.pw_name,
+ printable_user,
svr_ses.addrstring);
send_msg_userauth_failure(0, 1);
goto cleanup;
}
+ if (!valid_user) {
+ /* PAM auth succeeded but the username isn't allowed in for another reason
+ (checkusername() failed) */
+ send_msg_userauth_failure(0, 1);
+ }
+
/* successful authentication */
dropbear_log(LOG_NOTICE, "PAM password auth succeeded for '%s' from %s",
ses.authstate.pw_name,
diff --git a/svr-authpasswd.c b/svr-authpasswd.c
index bdee2aa..69c7d8a 100644
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@@ -48,22 +48,14 @@ static int constant_time_strcmp(const char* a, const char* b) {
/* Process a password auth request, sending success or failure messages as
* appropriate */
-void svr_auth_password() {
+void svr_auth_password(int valid_user) {
char * passwdcrypt = NULL; /* the crypt from /etc/passwd or /etc/shadow */
char * testcrypt = NULL; /* crypt generated from the user's password sent */
- char * password;
+ char * password = NULL;
unsigned int passwordlen;
-
unsigned int changepw;
- passwdcrypt = ses.authstate.pw_passwd;
-
-#ifdef DEBUG_HACKCRYPT
- /* debugging crypt for non-root testing with shadows */
- passwdcrypt = DEBUG_HACKCRYPT;
-#endif
-
/* check if client wants to change password */
changepw = buf_getbool(ses.payload);
if (changepw) {
@@ -73,12 +65,21 @@ void svr_auth_password() {
}
password = buf_getstring(ses.payload, &passwordlen);
-
- /* the first bytes of passwdcrypt are the salt */
- testcrypt = crypt(password, passwdcrypt);
+ if (valid_user) {
+ /* the first bytes of passwdcrypt are the salt */
+ passwdcrypt = ses.authstate.pw_passwd;
+ testcrypt = crypt(password, passwdcrypt);
+ }
m_burn(password, passwordlen);
m_free(password);
+ /* After we have got the payload contents we can exit if the username
+ is invalid. Invalid users have already been logged. */
+ if (!valid_user) {
+ send_msg_userauth_failure(0, 1);
+ return;
+ }
+
if (testcrypt == NULL) {
/* crypt() with an invalid salt like "!!" */
dropbear_log(LOG_WARNING, "User account '%s' is locked",
diff --git a/svr-authpubkey.c b/svr-authpubkey.c
index aa6087c..ff481c8 100644
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@@ -79,7 +79,7 @@ static int checkfileperm(char * filename);
/* process a pubkey auth request, sending success or failure message as
* appropriate */
-void svr_auth_pubkey() {
+void svr_auth_pubkey(int valid_user) {
unsigned char testkey; /* whether we're just checking if a key is usable */
char* algo = NULL; /* pubkey algo */
@@ -102,6 +102,15 @@ void svr_auth_pubkey() {
keybloblen = buf_getint(ses.payload);
keyblob = buf_getptr(ses.payload, keybloblen);
+ if (!valid_user) {
+ /* Return failure once we have read the contents of the packet
+ required to validate a public key.
+ Avoids blind user enumeration though it isn't possible to prevent
+ testing for user existence if the public key is known */
+ send_msg_userauth_failure(0, 0);
+ goto out;
+ }
+
/* check if the key is valid */
if (checkpubkey(algo, algolen, keyblob, keybloblen) == DROPBEAR_FAILURE) {
send_msg_userauth_failure(0, 0);
--
2.11.0
+1
View File
@@ -1,6 +1,7 @@
config BR2_PACKAGE_DROPBEAR
bool "dropbear"
select BR2_PACKAGE_ZLIB if !BR2_PACKAGE_DROPBEAR_SMALL
select BR2_PACKAGE_LIBTOMCRYPT if !BR2_PACKAGE_DROPBEAR_SMALL
help
A small SSH 2 server designed for small memory environments.
+1 -1
View File
@@ -1,2 +1,2 @@
# From https://matt.ucc.asn.au/dropbear/releases/SHA256SUM.asc
sha256 6cbc1dcb1c9709d226dff669e5604172a18cf5dbf9a201474d5618ae4465098c dropbear-2017.75.tar.bz2
sha256 f2fb9167eca8cf93456a5fc1d4faf709902a3ab70dd44e352f3acbc3ffdaea65 dropbear-2018.76.tar.bz2
+26 -20
View File
@@ -4,7 +4,7 @@
#
################################################################################
DROPBEAR_VERSION = 2017.75
DROPBEAR_VERSION = 2018.76
DROPBEAR_SITE = https://matt.ucc.asn.au/dropbear/releases
DROPBEAR_SOURCE = dropbear-$(DROPBEAR_VERSION).tar.bz2
DROPBEAR_LICENSE = MIT, BSD-2-Clause-like, BSD-2-Clause
@@ -12,6 +12,11 @@ DROPBEAR_LICENSE_FILES = LICENSE
DROPBEAR_TARGET_BINS = dropbearkey dropbearconvert scp
DROPBEAR_PROGRAMS = dropbear $(DROPBEAR_TARGET_BINS)
# Disable hardening flags added by dropbear configure.ac, and let
# Buildroot add them when the relevant options are enabled. This
# prevents dropbear from using SSP support when not available.
DROPBEAR_CONF_OPTS = --disable-harden
ifeq ($(BR2_PACKAGE_DROPBEAR_CLIENT),y)
# Build dbclient, and create a convenience symlink named ssh
DROPBEAR_PROGRAMS += dbclient
@@ -22,33 +27,34 @@ DROPBEAR_MAKE = \
$(MAKE) MULTI=1 SCPPROGRESS=1 \
PROGRAMS="$(DROPBEAR_PROGRAMS)"
ifeq ($(BR2_STATIC_LIBS),y)
DROPBEAR_MAKE += STATIC=1
# With BR2_SHARED_STATIC_LIBS=y the generic infrastructure adds a
# --enable-static flags causing dropbear to be built as a static
# binary. Adding a --disable-static reverts this
ifeq ($(BR2_SHARED_STATIC_LIBS),y)
DROPBEAR_CONF_OPTS += --disable-static
endif
define DROPBEAR_FIX_XAUTH
$(SED) 's,^#define XAUTH_COMMAND.*/xauth,#define XAUTH_COMMAND "/usr/bin/xauth,g' $(@D)/options.h
# Ensure that dropbear doesn't use crypt() when it's not available
define DROPBEAR_SVR_PASSWORD_AUTH
echo '#if !HAVE_CRYPT' >> $(@D)/localoptions.h
echo '#define DROPBEAR_SVR_PASSWORD_AUTH 0' >> $(@D)/localoptions.h
echo '#endif' >> $(@D)/localoptions.h
endef
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_FIX_XAUTH
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_SVR_PASSWORD_AUTH
define DROPBEAR_ENABLE_REVERSE_DNS
$(SED) 's:.*\(#define DO_HOST_LOOKUP\).*:\1:' $(@D)/options.h
endef
define DROPBEAR_BUILD_SMALL
$(SED) 's:.*\(#define NO_FAST_EXPTMOD\).*:\1:' $(@D)/options.h
echo '#define DO_HOST_LOOKUP 1' >> $(@D)/localoptions.h
endef
define DROPBEAR_BUILD_FEATURED
$(SED) 's:^#define DROPBEAR_SMALL_CODE::' $(@D)/options.h
$(SED) 's:.*\(#define DROPBEAR_BLOWFISH\).*:\1:' $(@D)/options.h
$(SED) 's:.*\(#define DROPBEAR_TWOFISH128\).*:\1:' $(@D)/options.h
$(SED) 's:.*\(#define DROPBEAR_TWOFISH256\).*:\1:' $(@D)/options.h
echo '#define DROPBEAR_SMALL_CODE 0' >> $(@D)/localoptions.h
echo '#define DROPBEAR_BLOWFISH 1' >> $(@D)/localoptions.h
echo '#define DROPBEAR_TWOFISH128 1' >> $(@D)/localoptions.h
echo '#define DROPBEAR_TWOFISH256 1' >> $(@D)/localoptions.h
endef
define DROPBEAR_DISABLE_STANDALONE
$(SED) 's:\(#define NON_INETD_MODE\):/*\1 */:' $(@D)/options.h
echo '#define NON_INETD_MODE 0' >> $(@D)/localoptions.h
endef
define DROPBEAR_INSTALL_INIT_SYSTEMD
@@ -73,11 +79,11 @@ DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_ENABLE_REVERSE_DNS
endif
ifeq ($(BR2_PACKAGE_DROPBEAR_SMALL),y)
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_SMALL
DROPBEAR_CONF_OPTS += --disable-zlib
DROPBEAR_CONF_OPTS += --disable-zlib --enable-bundled-libtom
else
DROPBEAR_POST_EXTRACT_HOOKS += DROPBEAR_BUILD_FEATURED
DROPBEAR_DEPENDENCIES += zlib
DROPBEAR_DEPENDENCIES += zlib libtomcrypt
DROPBEAR_CONF_OPTS += --disable-bundled-libtom
endif
ifneq ($(BR2_PACKAGE_DROPBEAR_WTMP),y)
+5
View File
@@ -97,6 +97,11 @@ config BR2_PACKAGE_EFL_LIBSNDFILE
config BR2_PACKAGE_EFL_PULSEAUDIO
bool "Enable pulseaudio support (recommended)"
default y
depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
depends on BR2_USE_WCHAR
depends on BR2_TOOLCHAIN_HAS_THREADS
depends on !BR2_STATIC_LIBS
depends on BR2_USE_MMU
select BR2_PACKAGE_PULSEAUDIO
help
The only audio output method supported by Ecore right now is
+2 -1
View File
@@ -23,7 +23,8 @@ endif
# Generate the .pc file at build time
define EIGEN_BUILD_CMDS
sed -r -e 's,^Version: .*,Version: $(EIGEN_VERSION),' \
-e 's,^Cflags: .*,Cflags: -I$(EIGEN_DEST_DIR),' \
-e 's,^Cflags: .*,Cflags: -I$$\{prefix\}/include/eigen3,' \
-e 's,^prefix.*,prefix=/usr,' \
$(@D)/eigen3.pc.in >$(@D)/eigen3.pc
endef
-13
View File
@@ -1,13 +0,0 @@
apply-patches.sh deletes this file from the source directory.
--- erlang-R15B01.old/lib/tools/emacs/Makefile 2012-04-04
+++ erlang-R15B01/lib/tools/emacs/Makefile 2012-04-04 15:55:16.978957307 +0100
@@ -51,7 +51,7 @@
ELC_FILES = $(EMACS_FILES:%=%.elc)
-TEST_FILES = test.erl.indented test.erl.orig
+TEST_FILES = test.erl.indented
# ----------------------------------------------------
# Targets
+1
View File
@@ -22,6 +22,7 @@ config BR2_PACKAGE_ERLANG
depends on BR2_USE_MMU # fork()
depends on !BR2_STATIC_LIBS
depends on BR2_PACKAGE_ERLANG_ARCH_SUPPORTS
select BR2_PACKAGE_ZLIB
help
Erlang is a programming language used to build massively
scalable soft real-time systems with requirements on high
+3 -2
View File
@@ -1,3 +1,4 @@
# md5 from http://www.erlang.org/download/MD5, sha256 locally computed
md5 2faed2c3519353e6bc2501ed4d8e6ae7 otp_src_20.0.tar.gz
sha256 fe80e1e14a2772901be717694bb30ac4e9a07eee0cc7a28988724cbd21476811 otp_src_20.0.tar.gz
md5 a683c8c0aacfe0305c4bf47b3abfde6a otp_src_20.3.tar.gz
sha256 4e19e6c403d5255531c0b870f19511c8b8e3b080618e4f9efcb44d905935b2a1 otp_src_20.3.tar.gz
sha256 809fa1ed21450f59827d1e9aec720bbc4b687434fa22283c6cb5dd82a47ab9c0 LICENSE.txt
+3 -4
View File
@@ -5,7 +5,7 @@
################################################################################
# See note below when updating Erlang
ERLANG_VERSION = 20.0
ERLANG_VERSION = 20.3
ERLANG_SITE = http://www.erlang.org/download
ERLANG_SOURCE = otp_src_$(ERLANG_VERSION).tar.gz
ERLANG_DEPENDENCIES = host-erlang
@@ -19,7 +19,7 @@ ERLANG_AUTORECONF = YES
# Whenever updating Erlang, this value should be updated as well, to the
# value of EI_VSN in the file lib/erl_interface/vsn.mk
ERLANG_EI_VSN = 3.10
ERLANG_EI_VSN = 3.10.1
# The configure checks for these functions fail incorrectly
ERLANG_CONF_ENV = ac_cv_func_isnan=yes ac_cv_func_isinf=yes
@@ -69,10 +69,9 @@ else
ERLANG_CONF_OPTS += --without-odbc
endif
ifeq ($(BR2_PACKAGE_ZLIB),y)
# Always use Buildroot's zlib
ERLANG_CONF_OPTS += --enable-shared-zlib
ERLANG_DEPENDENCIES += zlib
endif
# Remove source, example, gs and wx files from staging and target.
ERLANG_REMOVE_PACKAGES = gs wx
+1
View File
@@ -35,6 +35,7 @@ config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_ALSA
config BR2_PACKAGE_ESPEAK_AUDIO_BACKEND_PULSEAUDIO
bool "pulseaudio"
depends on BR2_PACKAGE_PULSEAUDIO_HAS_ATOMIC
select BR2_PACKAGE_PULSEAUDIO
endchoice
+1 -1
View File
@@ -1,5 +1,5 @@
# Locally calculated
sha256 2b92e9578ef8b3e49eeab229e69305f5f4cbc1fdaa22e927fc7fca18acccd740 ffmpeg-3.4.2.tar.xz
sha256 386f7601e865df6bddde05bb6927119b5a853f0b92e2e9834f59c125a17d3fc6 ffmpeg-3.4.4.tar.xz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING.GPLv2
sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe COPYING.LGPLv2.1
sha256 73d99bc83313fff665b426d6672b4e0479102bc402fe22314ac9ce94a38aa5ff LICENSE.md
+8 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
FFMPEG_VERSION = 3.4.2
FFMPEG_VERSION = 3.4.4
FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
FFMPEG_SITE = http://ffmpeg.org/releases
FFMPEG_INSTALL_STAGING = YES
@@ -225,6 +225,13 @@ ifeq ($(BR2_PACKAGE_FFMPEG_GPL)$(BR2_PACKAGE_LIBEBUR128),yy)
FFMPEG_DEPENDENCIES += libebur128
endif
ifeq ($(BR2_PACKAGE_LIBDRM),y)
FFMPEG_CONF_OPTS += --enable-libdrm
FFMPEG_DEPENDENCIES += libdrm
else
FFMPEG_CONF_OPTS += --disable-libdrm
endif
ifeq ($(BR2_PACKAGE_LIBOPENH264),y)
FFMPEG_CONF_OPTS += --enable-libopenh264
FFMPEG_DEPENDENCIES += libopenh264
+1
View File
@@ -12,6 +12,7 @@ FILE_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99'
FILE_INSTALL_STAGING = YES
FILE_LICENSE = BSD-2-Clause, BSD-4-Clause (one file), BSD-3-Clause (one file)
FILE_LICENSE_FILES = COPYING src/mygetopt.h src/vasprintf.c
HOST_FILE_CONF_OPTS = --disable-libseccomp
ifeq ($(BR2_PACKAGE_LIBSECCOMP),y)
FILE_CONF_OPTS += --enable-libseccomp
+2
View File
@@ -1,2 +1,4 @@
# Locally computed
sha256 1952db4d534221e6e8454f851dfcc38328b0ed4a3f499ea25a51ca2b5ccc8136 fio-fio-2.20.tar.gz
sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING
sha256 8a240c1ad13d1fe3e58588643d81d0695899be4a669fe6d8fafa76ca6a89db2c MORAL-LICENSE
+2 -2
View File
@@ -6,8 +6,8 @@
FIO_VERSION = fio-2.20
FIO_SITE = git://git.kernel.dk/fio.git
FIO_LICENSE = GPL-2.0 + special obligations
FIO_LICENSE_FILES = COPYING
FIO_LICENSE = GPL-2.0
FIO_LICENSE_FILES = COPYING MORAL-LICENSE
ifeq ($(BR2_PACKAGE_LIBAIO),y)
FIO_DEPENDENCIES += libaio
-18
View File
@@ -17,19 +17,6 @@ FREETYPE_CONFIG_SCRIPTS = freetype-config
HOST_FREETYPE_DEPENDENCIES = host-pkgconf
HOST_FREETYPE_CONF_OPTS = --without-zlib --without-bzip2 --without-png
# Regen required because the tarball ships with an experimental ltmain.sh
# that can't be patched by our infra.
# autogen.sh is because autotools stuff lives in other directories and
# even AUTORECONF with _OPTS doesn't do it properly.
# POST_PATCH is because we still need to patch libtool after the regen.
define FREETYPE_RUN_AUTOGEN
cd $(@D) && PATH=$(BR_PATH) ./autogen.sh
endef
FREETYPE_POST_PATCH_HOOKS += FREETYPE_RUN_AUTOGEN
HOST_FREETYPE_POST_PATCH_HOOKS += FREETYPE_RUN_AUTOGEN
FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
HOST_FREETYPE_DEPENDENCIES += host-automake host-autoconf host-libtool
ifeq ($(BR2_PACKAGE_ZLIB),y)
FREETYPE_DEPENDENCIES += zlib
FREETYPE_CONF_OPTS += --with-zlib
@@ -72,8 +59,3 @@ FREETYPE_POST_INSTALL_STAGING_HOOKS += FREETYPE_FIX_CONFIG_FILE_LIBS
$(eval $(autotools-package))
$(eval $(host-autotools-package))
# freetype-patch and host-freetype-patch use autogen.sh so add
# host-automake as a order-only-prerequisite because it is a phony
# target.
$(FREETYPE_TARGET_PATCH) $(HOST_FREETYPE_TARGET_PATCH): | host-automake
+1 -1
View File
@@ -39,7 +39,7 @@ endif
HOST_GAWK_CONF_OPTS = --without-readline --without-mpfr
define GAWK_CREATE_SYMLINK
ln -sf /usr/bin/gawk $(TARGET_DIR)/usr/bin/awk
ln -sf gawk $(TARGET_DIR)/usr/bin/awk
endef
GAWK_POST_INSTALL_TARGET_HOOKS += GAWK_CREATE_SYMLINK
@@ -0,0 +1,38 @@
From 765527ad3725c5f3e82ab2b8e5031120b409983d Mon Sep 17 00:00:00 2001
From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Fri, 15 Jun 2018 08:51:28 +0000
Subject: [PATCH] Partial backport r256656
2018-06-15 Martin Liska <mliska@suse.cz>
Backport from mainline
2018-01-10 Kelvin Nilsen <kelvin@gcc.gnu.org>
* lex.c (search_line_fast): Remove illegal coercion of an
unaligned pointer value to vector pointer type and replace with
use of __builtin_vec_vsx_ld () built-in function, which operates
on unaligned pointer values.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
Signed-off-by: Joel Stanley <joel@jms.id.au>
---
libcpp/lex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libcpp/lex.c b/libcpp/lex.c
index e5a0397f3099..b789686f1c49 100644
--- a/libcpp/lex.c
+++ b/libcpp/lex.c
@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
{
vc m_nl, m_cr, m_bs, m_qm;
- data = *((const vc *)s);
+ data = __builtin_vec_vsx_ld (0, s);
s += 16;
m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
--
2.17.1
@@ -0,0 +1,39 @@
From 6765eecde2ed8d4be0fc217408b9e9b92a840aff Mon Sep 17 00:00:00 2001
From: Max Filippov <jcmvbkbc@gmail.com>
Date: Tue, 4 Sep 2018 00:39:32 -0700
Subject: [PATCH] gcc: xtensa: fix NAND code in xtensa_expand_atomic
NAND is ~(a1 & a2), but xtensa_expand_atomic does ~a1 & a2.
That fixes libatomic tests atomic-op-{1,2}.
gcc/
2018-09-04 Max Filippov <jcmvbkbc@gmail.com>
* config/xtensa/xtensa.c (xtensa_expand_atomic): Reorder AND and
XOR operations in NAND case.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Backported from: r264087
---
gcc/config/xtensa/xtensa.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gcc/config/xtensa/xtensa.c b/gcc/config/xtensa/xtensa.c
index 7cfe64d42895..080bb4ad765d 100644
--- a/gcc/config/xtensa/xtensa.c
+++ b/gcc/config/xtensa/xtensa.c
@@ -1614,9 +1614,9 @@ xtensa_expand_atomic (enum rtx_code code, rtx target, rtx mem, rtx val,
break;
case MULT: /* NAND */
- tmp = expand_simple_binop (SImode, XOR, old, ac.modemask,
+ tmp = expand_simple_binop (SImode, AND, old, val,
NULL_RTX, 1, OPTAB_DIRECT);
- tmp = expand_simple_binop (SImode, AND, tmp, val,
+ tmp = expand_simple_binop (SImode, XOR, tmp, ac.modemask,
new_rtx, 1, OPTAB_DIRECT);
break;
--
2.11.0
@@ -0,0 +1,40 @@
From aa65a43516da1d48011ef621ed5988289711d99b Mon Sep 17 00:00:00 2001
From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Fri, 29 Jun 2018 09:31:30 +0000
Subject: [PATCH] Partial backport r256656
2018-06-29 Martin Liska <mliska@suse.cz>
Backport from mainline
2018-01-10 Kelvin Nilsen <kelvin@gcc.gnu.org>
* lex.c (search_line_fast): Remove illegal coercion of an
unaligned pointer value to vector pointer type and replace with
use of __builtin_vec_vsx_ld () built-in function, which operates
on unaligned pointer values.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@261621 138bc75d-0d04-0410-961f-82ee72b054a4
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-7-branch@262243 138bc75d-0d04-0410-961f-82ee72b054a4
Signed-off-by: Joel Stanley <joel@jms.id.au>
---
libcpp/lex.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libcpp/lex.c b/libcpp/lex.c
index 097c78002cbb..e0fb9e822c44 100644
--- a/libcpp/lex.c
+++ b/libcpp/lex.c
@@ -568,7 +568,7 @@ search_line_fast (const uchar *s, const uchar *end ATTRIBUTE_UNUSED)
{
vc m_nl, m_cr, m_bs, m_qm;
- data = *((const vc *)s);
+ data = __builtin_vec_vsx_ld (0, s);
s += 16;
m_nl = (vc) __builtin_vec_cmpeq(data, repl_nl);
--
2.17.1

Some files were not shown because too many files have changed in this diff Show More