Compare commits

..

157 Commits

Author SHA1 Message Date
Peter Korsgaard 667adccb92 Update for 2020.05.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-25 09:32:14 +02:00
Fabrice Fontaine d456394633 package/squid: security bump to version 4.12
- Fix CVE-2020-15049: Cache Poisoning Issue in HTTP Request processing
- Fix CVE-2020-14058: Denial of Service issue in TLS handshake
- Fix CVE-2020-14059: Denial of Service when using SMP cache

This version also fix a build failure with systemd

Fixes:
 - http://autobuild.buildroot.org/results/4f586c497577d6c96289e821430fa2c2f61eda2a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b5eef337ae)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-25 09:28:55 +02:00
Fabrice Fontaine f0b1dcaaad package/squid: add optional systemd dependency
systemd is an optional dependency (enabled by default) since version
4.11 and
https://github.com/squid-cache/squid/commit/6fa8c66435d55a2e713db0222cdca3a9dccf5bbe

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a70bcb531c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-25 09:28:50 +02:00
Fabrice Fontaine e883c1a14c package/x11vnc: fix build with 64 bits time_t
Fixes:
 - http://autobuild.buildroot.org/results/75e45b566c85d19c5ed00529d036b4808413b1ca

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8ec0b8f86a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-24 16:42:20 +02:00
Urja Rannikko d684818226 package/cdrkit: fix build with GCC 10
This patch adds a missing extern on the outfile
variable in genisoimage.h.

Signed-off-by: Urja Rannikko <urjaman@gmail.com>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7d50d04729)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-24 13:40:33 +02:00
Fabrice Fontaine d546b005d3 package/gssdp: bump to version 1.2.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7a2f73e993)
[Peter: needed by gupnp-1.2.3]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 18:52:22 +02:00
Alejandro González a0fe9a594e package/cryptodev-linux: bump to version f2927e3
This version mainly fixes build issues with more
recent kernels.

98b163a cryptlib.c: fix build on kernel v5.5+
7e72f67 enabled the support for TLS1.1 - AES128-SHA1 - AES256-SHA1
9e76506 Fix build for Linux 5.8-rc1

Signed-off-by: Alejandro González <alejandro.gonzalez.correo@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 74217ada85)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 14:26:29 +02:00
Fabrice Fontaine 2c148039bf package/freerdp: security bump to version 2.2.0
Fix CVE-2020-15103 - Integer overflow due to missing input sanitation in
rdpegfx channel

https://github.com/FreeRDP/FreeRDP/releases/tag/2.2.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6f0305a95d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 14:25:58 +02:00
Bernd Kuhls eab5685b12 package/python3: security bump version to 3.8.5
Fixes CVE-2020-15801 & CVE-2019-20907.

Changelog:
https://docs.python.org/release/3.8.5/whatsnew/changelog.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3c81f492aa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 14:23:36 +02:00
Adam Duskett 87b8b6f54e package/python3: security bump to version 3.8.4
Fixes the following security issues:

- bpo-41162: Audit hooks are now cleared later during finalization to avoid
  missing events.

- bpo-29778: Ensure python3.dll is loaded from correct locations when Python
  is embedded (CVE-2020-15523).

- bpo-41004: The __hash__() methods of ipaddress.IPv4Interface and
  ipaddress.IPv6Interface incorrectly generated constant hash values of 32
  and 128 respectively.  This resulted in always causing hash collisions.
  The fix uses hash() to generate hash values for the tuple of (address,
  mask length, network address).

- bpo-39073: Disallow CR or LF in email.headerregistry.Address arguments to
  guard against header injection attacks.

For more details, see the changelog:
https://docs.python.org/release/3.8.4/whatsnew/changelog.html#security

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d6ff343d67)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 14:13:47 +02:00
Peter Seiderer e39c1d13c1 package/libevdev: bump version to 1.9.1
For details see [1].

- drop 0001-meson.build-use-local-include-path-for-tools.patch
  (upstream [2])
- drop 0003-meson.build-enable-static-library-build.patch
  (upstream [3])

[1] https://lists.freedesktop.org/archives/input-tools/2020-July/001541.html
[2] https://gitlab.freedesktop.org/libevdev/libevdev/-/commit/fe8238a71ae3ad8a776ee35a88fc292f1f006ec7
[3] https://gitlab.freedesktop.org/libevdev/libevdev/-/commit/a9d324f82bd5e822ea57224000fea43cb64aa214

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6641c8a927)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 14:07:12 +02:00
Alejandro González fd0217b411 package/exim: fix build with ccache
When using ccache to build the exim package, the HOSTCC value contains
spaces, that are incorrectly interpreted by exim's Makefilei, which uses
the first word of ${CC} to test compiler options. This breaks the build
with "unrecognized option" ccache errors.

Fix that by wrapping the HOSTCC variable in double quotes, as it is done
for other variables that follow.

Signed-off-by: Alejandro González <alejandro.gonzalez.correo@gmail.com>
[yann.morin.1998@free.fr: slight rewording of commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a9486e337a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:46:52 +02:00
Fabrice Fontaine b85b1e03c5 package/jq: needs threads
threads is a strong requirement since
https://github.com/stedolan/jq/commit/cf4b48c7ba30cb30e116b523cff036ea481459f6

Fixes:
 - http://autobuild.buildroot.org/results/b871cc175655c2d6aa5f184d891b994a0ebd9902

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 826587fa48)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:42:11 +02:00
Bernd Kuhls 08ed28c312 package/nano: bump version to 4.9.3
Release notes: https://www.nano-editor.org/news.php

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1f04083836)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:40:39 +02:00
Fabrice Fontaine bb434a28b8 Config.in: update BR2_OPTIMIZE_FAST prompt and help text
Update label as suggested by Stéphane Veyret, as -Ofast is potentially
dangerous, and may break packages.

Fixes:

 - https://bugs.buildroot.org/show_bug.cgi?id=13046

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3e186cee00)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:38:46 +02:00
Sergio Prado f62754d36e package/a10disp: add license file
Also separate the fields in the hash file by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7ebfb17eaf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:37:23 +02:00
Antoine Tenart eeec1ba619 package/e2fsprogs: explicitly do not install udev and systemd files for host variant
Explicitly do not install udev rules and systemd units when installing
the host version of e2fsprogs, as we do not need those files when
calling host tools provided by e2fsprogs from Buildroot.

This fixes a weird issue I encountered: host-e2fsprogs was built and
installed without any issue when building an image from scratch. But
any attempt to rebuild host-e2fsprogs alone was failing during the
installation steps as it tried to install files to the host system.

This is because e2fsprogs' build system (autotools) is using the
prefix given at configuration time when installing its binaries,
configuration files, man pages, etc... but not when installing its
systemd units and udev rules.

The issue did not arise when building it from scratch, as
host-e2fsprogs do not have a dependency on host-udev/systemd, so its
configure script did not automatically enable udev/systemd
installation steps at first.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ea6ddd3671)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 13:35:18 +02:00
Bernd Kuhls b40ac18f41 package/clamav: security bump version to 0.102.4
Release notes:
https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html

Fixes CVE-2020-3481, CVE-2020-3327 & CVE-2020-3350.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a5beb29820)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:12:06 +02:00
Danomi Manchego 455910df02 Makefile: use order-only dependency so symlinks are made only once
The rule to create the staging symlink has it depend on BASE_DIR, and
the symlink is created in BASE_DIR, which means that when the symlink
is created, BASE_DIR is updated, and thus made more recent than the
symlink itself.

As a consequence, every time one runs 'make', the symlink will be older
than BASE_DIR, and so will be re-created.

Ditto for the host symlink when the user has elected to have an
out-of-tree host dir.

Fix that by changing to using an order-only dependency.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7d38e58d4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:10:02 +02:00
Christian Stewart 90d8c2459b package/go: bump version to 1.13.14
go1.13.14 (released 2020/07/16) includes fixes to the compiler, vet, and
the database/sql, net/http, and reflect packages.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 593254c6f9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:07:54 +02:00
Christian Stewart 52fd86bd24 package/go: bump version to 1.13.13
go1.13.13 (released 2020/07/14) includes security fixes to the
crypto/x509 and net/http packages.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e31919878d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:07:44 +02:00
Fabrice Fontaine 101f058ace package/network-manager: disable introspection
Build will fail if gobject-introspection is built before network-manager
but python-gobject is not:

configure: error: "--enable-introspection aims to build the settings documentation. This requires GObject introspection for python (pygobject)

To avoid this build failure and because we don't need documentation,
just disable introspection

Fixes:
 - http://autobuild.buildroot.org/results/d3b1bc2fa7559e66465033c455176761d6e184d1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit adfb36c07d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:06:13 +02:00
Fabrice Fontaine ef91a41f60 package/zstd: fix build without st_mtime
Fixes:
 - http://autobuild.buildroot.org/results/be902c5d110f37bce622a2215191f155b7d3e7e0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 267ce1718e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:01:40 +02:00
Fabrice Fontaine 12211165c6 package/zstd: bump to version 1.4.5
- Get official tarball and its hash
- Update indentation in hash file (two spaces)

This is a fairly important release which includes performance
improvements and new major CLI features. It also fixes a few corner
cases, making it a recommended upgrade.

https://github.com/facebook/zstd/releases/tag/v1.4.5
https://github.com/facebook/zstd/releases/tag/v1.4.4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 510b339818)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 11:01:32 +02:00
Fabrice Fontaine 72801d46ad package/mongodb: security bump to version 4.2.8
Fix the following security issues:
- SERVER-45514 [FLE] Reject document validators with encryption-related
  keywords if the validationAction is “warn”
- SERVER-48039 Unrecognized option: net.ssl.clusterCertificateSelector
  in MongoDB v4.2
- SERVER-45803 mongodecrypt needs a ServiceContext
- SERVER-46834 Use monotonic time in UserCacheInvalidator
- SERVER-47113 LDAP connection pool acquisition state should own host
  list

https://docs.mongodb.com/manual/release-notes/4.2

Also:
- Update indentation in hash file (two spaces)
- Tweak version to be "compliant" with https://release-monitoring.org
- Use official tarball

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit af45533523)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:25:06 +02:00
Fabrice Fontaine 92a0b69cb8 package/open2300: use mysql_config to retrieve cflags and libs
oracle-mysql won't built its own bundled zlib since commit
6fed83a030 so don't unconditionally link
with zlib instead use mysql_config to retrieve cflags and libs as
suggested by Thomas Petazzoni in review of first iteration

Fixes:
 - No autobuilder failures yet

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit efffb3ea45)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:18:09 +02:00
Fabrice Fontaine 22fe2e6847 package/libvncserver: disable gtk example
gtkvncviewer has been added since version 0.9.13 and
https://github.com/LibVNC/libvncserver/commit/2650cfc17bb7718e42bfff8510c15f011eda1b1f,
disable it as it is only an example

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c89f62cec6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:15:44 +02:00
Fabrice Fontaine d4d6637977 package/libvncserver: security bump to version 0.9.13
- Drop all patches (already in version)
- Fix CVE-2018-21247: An issue was discovered in LibVNCServer before
  0.9.13. There is an information leak (of uninitialized memory contents)
  in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
- Fix CVE-2019-20839: libvncclient/sockets.c in LibVNCServer before
  0.9.13 has a buffer overflow via a long socket filename.
- Fix CVE-2019-20840: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/ws_decode.c can lead to a crash because of
  unaligned accesses in hybiReadAndDecode.
- Fix CVE-2020-14396: An issue was discovered in LibVNCServer before
  0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
- Fix CVE-2020-14397: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- Fix CVE-2020-14398: An issue was discovered in LibVNCServer before
  0.9.13. An improperly closed TCP connection causes an infinite loop in
  libvncclient/sockets.c.
- Fix CVE-2020-14399: An issue was discovered in LibVNCServer before
  0.9.13. Byte-aligned data is accessed through uint32_t pointers in
  libvncclient/rfbproto.c.
- Fix CVE-2020-14400: An issue was discovered in LibVNCServer before
  0.9.13. Byte-aligned data is accessed through uint16_t pointers in
  libvncserver/translate.c.
- Fix CVE-2020-14401: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- Fix CVE-2020-14402: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/corre.c allows out-of-bounds access via
  encodings.
- Fix CVE-2020-14403: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/hextile.c allows out-of-bounds access via
  encodings.
- Fix CVE-2020-14404: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
- Fix CVE-2020-14405: An issue was discovered in LibVNCServer before
  0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e1b60ef181)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:15:41 +02:00
Fabrice Fontaine 555cd20f33 package/ngircd: security bump to version 26
- Fix CVE-2020-14148: The Server-Server protocol implementation in
  ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated
  by the IRC_NJOIN() function.
- Fix a static build failure with openssl thanks to
  https://github.com/ngircd/ngircd/commit/ad86a41eeed9f85d74bb50a25fa0bf4515aaf3af
- Update indentation in hash file (two spaces)

Fixes:
 - http://autobuild.buildroot.org/results/078a7afc432786316a1d2ea03f96444ff741b942

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 53f92e65ed)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:13:38 +02:00
Stefan Sørensen b129195c51 package/bind: security bump to version 9.11.20
Fixes the following security issue:
 * CVE-2020-8619: It was possible to trigger an INSIST failure when a
   zone with an interior wildcard label was queried in a certain
   pattern.

Release notes:
https://ftp.isc.org/isc/bind9/cur/9.11/RELEASE-NOTES-bind-9.11.20.txt

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cc7740825a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:13:12 +02:00
Peter Seiderer 47da3f925b board/raspberrypi: fix rpi4/rpi4-64 genimage config files
Since commit 'package/rpi-firmware: fix startup file names' ([1]) the
start and fixup file names are normalized to start.elf/fixup.dat,
adjust the rpi4 genimage config files accordingly.

Fixes:

  ERROR: file(rpi-firmware/fixup4.dat): stat(.../images/rpi-firmware/fixup4.dat) failed: No such file or directory
  ERROR: vfat(boot.vfat): could not setup rpi-firmware/fixup4.dat

[1] https://git.buildroot.net/buildroot/commit/?id=1bdc0334ff6273761b2e7fda730cdcc7e1f46862

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 59c3426c51)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:06:20 +02:00
Matt Weber a6af42abe2 package/python-urllib3: security bump to 1.25.9
Fixes CVE-2020-7212 (1.25.2 - 1.25.7)
The _encode_invalid_chars function does not remove duplicate percent
encodings in the _percent_encodings array, which combined with the
normalization step could take O(N^2) time to compute for a URL of
length N. This results in a marginally higher CPU consumption
compared to the potential linear time achieved by deduplicating
the _percent_encodings array.

CC: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fc57db8401)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:03:18 +02:00
Fabrice Fontaine c2d88df8ef package/lxc: disable examples
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 27f1995d93)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:01:18 +02:00
Fabrice Fontaine 5e449f88e7 package/oracle-mysql: don't use bundled zlib
As spotted by Thomas Petazzoni during review of
https://patchwork.ozlabs.org/project/buildroot/patch/20200713215943.2240412-1-fontaine.fabrice@gmail.com,
oracle-mysql uses its bundled version of zlib if it is not found on the
system

So explictly disable zlib if needed and add a patch fixing build
failures without it

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6fed83a030)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 08:59:28 +02:00
Fabrice Fontaine d5f5c4fdf0 package/oracle-mysql: renumber patch
Renumber patch added by commit 94bad4fbf5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1e23e2ab45)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 08:59:21 +02:00
Fabrice Fontaine f1490232fe package/gstreamer1/gst1-plugins-ugly: fix static build with libdvdcss
The double quotes from GST1_PLUGINS_UGLY_LDFLAGS += "-ldvdcss"
raise the following build failure:

sed -e 's%@TARGET_CROSS@%/home/buildroot/autobuild/run/instance-2/output-1/host/bin/arm-linux-%g' -e 's%@TARGET_ARCH@%arm%g' -e 's%@TARGET_CPU@%arm926ej-s%g' -e 's%@TARGET_ENDIAN@%little%g' -e 's%@TARGET_CFLAGS@%"-D_LARGEFILE_SOURCE", "-D_LARGEFILE64_SOURCE", "-D_FILE_OFFSET_BITS=64", "-Os", "-g2", "-static"%g' -e 's%@TARGET_LDFLAGS@%"-static", ""-ldvdcss""%g' -e 's%@TARGET_CXXFLAGS@%"-D_LARGEFILE_SOURCE", "-D_LARGEFILE64_SOURCE", "-D_FILE_OFFSET_BITS=64", "-Os", "-g2", "-static", "-static"%g' -e 's%@HOST_DIR@%/home/buildroot/autobuild/run/instance-2/output-1/host%g' -e 's%@STAGING_DIR@%/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot%g' -e 's%@STATIC@%true%g' -e "/^\[binaries\]$/s:$::" -e "/^\[properties\]$/s:$::" package/meson/cross-compilation.conf.in > /home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2//build/cross-compilation.conf
PATH="/home/buildroot/autobuild/run/instance-2/output-1/host/bin:/home/buildroot/autobuild/run/instance-2/output-1/host/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games"  PYTHONNOUSERSITE=y /home/buildroot/autobuild/run/instance-2/output-1/host/bin/meson --prefix=/usr --libdir=lib --default-library=static --buildtype=debug --cross-file=/home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2//build/cross-compilation.conf -Dbuild.pkg_config_path=/home/buildroot/autobuild/run/instance-2/output-1/host/lib/pkgconfig -Dexamples=disabled -Dtests=disabled -Da52dec=disabled -Damrnb=disabled -Damrwbdec=disabled -Dcdio=disabled -Dsidplay=disabled -Dorc=disabled -Dasfdemux=enabled -Ddvdlpcmdec=disabled -Ddvdsub=disabled -Dxingmux=disabled -Drealmedia=disabled -Ddvdread=enabled -Dmpeg2dec=disabled -Dx264=disabled /home/buildroot/autobuild/run/instance-2/output-1/build/gst1-plugins-ugly-1.16.2/ /home/buildroot/autobuild/run/instance-2/output-1/build/gs
 t1-plugins-ugly-1.16.2//build

ERROR: Malformed value in cross file variable c_link_args.

However since the switch to messon, this workaround is not needed so
drop it

Fixes:
 - http://autobuild.buildroot.org/results/56a830625cf6e6b0d63b6e7e2761496abc146152

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 03b5c4f91d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 08:55:32 +02:00
Bernd Kuhls 6277f489a2 package/putty: security bump version to 0.74
Reformatted hashes, added md5 hash provided by upstream.

Release notes:
https://lists.tartarus.org/pipermail/putty-announce/2020/000030.html

Fixes CVE-2020-14002:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002

Updated license hash due to upstream commits adding copyright holders
and bumping the copyright year:
https://git.tartarus.org/?p=simon/putty.git;a=history;f=LICENCE;h=3e1d146289644749b3578f610c74715fa1c6bf0d;hb=HEAD

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c591d6c186)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 23:13:13 +02:00
Fabrice Fontaine 914f8322d1 package/exiv2: drop unrecognized variable
EXIV2_ENABLE_LIBXMP has been dropped since version 0.27 and
https://github.com/Exiv2/exiv2/commit/2784b1f7f7ddcc66211e6cf492de1588aa6093d9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e5310ad13e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 23:12:38 +02:00
Fabrice Fontaine 2db7209867 package/exiv2: really disable samples
EXIV2_ENABLE_BUILD_SAMPLES has been renamed into EXIV2_BUILD_SAMPLES
since version 0.27 and
https://github.com/Exiv2/exiv2/commit/60d436c96960fa314e2d12d017440253ce280d51

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9188421331)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 23:11:37 +02:00
Aaron Sierra 1494a5c77c package/x11r7/xfont_font-*: make outputs reproducible
Prior to gzip 1.10, the compression pipeline used with PCF fonts was
not reproducible due to the implicit -N/--name injecting a timestamp:

  $ cat /path/to/file | gzip > /path/to/file.gz

This updates Portable Compiled Format font packages to have a host-gzip
dependency, so gzip version 1.10 or newer will reliably be used.

This change does not affect encodings, which use a seemingly
synonymous compression pipeline, but that happens to be reproducible
with gzip versions at least as old as version 1.3.13:

  $ gzip < /path/to/file > /path/to/file.gz

Reported-by: Jordan Speicher <jspeicher@xes-inc.com>
Signed-off-by: Aaron Sierra <asierra@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 10082b2e43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 23:04:58 +02:00
Danomi Manchego 9704c56af1 Makefile: add /etc/bash_completion.d to non-bash purge
Currently, we delete /usr/share/bash-completion when bash is not enabled.
We need to delete /etc/bash_completion.d too. For example, the jo package
installs files there:

/etc/bash_completion.d/jo.bash

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 18072ecc24)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 22:51:17 +02:00
Danomi Manchego 3803449f32 Makefile: delete debug libs when debug is not enabled
Some toolchains, like the Linaro gcc7 toolchains, now install libstdc++ debug
library symbols to /lib/debug, which can be as large as the library itself.
This commit removes the extra debug content if debugging is not enabled.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 04e9a1ec8c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 22:50:07 +02:00
Fabrice Fontaine 8ce81e3854 package/mbedtls: security bump to version 2.16.7
- Fix a side channel vulnerability in modular exponentiation that could
  reveal an RSA private key used in a secure enclave.
- Fix side channel in mbedtls_ecp_check_pub_priv() and
  mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
  private key that didn't include the uncompressed public key), as well
  as mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with
  a NULL f_rng argument. An attacker with access to precise enough
  timing and memory access information (typically an untrusted operating
  system attacking a secure enclave) could fully recover the ECC private
  key.
- Fix issue in Lucky 13 counter-measure that could make it ineffective
  when hardware accelerators were used (using one of the
  MBEDTLS_SHAxxx_ALT macros). This would cause the original Lucky 13
  attack to be possible in those configurations, allowing an active
  network attacker to recover plaintext after repeated timing
  measurements under some conditions.

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07

Switch to github to get latest release

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7f79bb5cfd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 22:48:08 +02:00
Fabrice Fontaine a08b294443 package/wireshark: security bump to version 3.2.5
Fix CVE-2020-15466: It may be possible to make Wireshark consume
excessive CPU resources by injecting a malformed packet onto the wire or
by convincing someone to read a malformed packet trace file.

https://www.wireshark.org/security/wnpa-sec-2020-09.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 17ebc1366c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 22:23:28 +02:00
Fabrice Fontaine bd627e861f package/freerdp: security bump to version 2.1.2
- Fix CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of
  bounds read in TrioParse. Logging might bypass string length checks
  due to an integer overflow.
- Fix CVE-2020-4031: In FreeRDP before version 2.1.2, there is a
  use-after-free in gdi_SelectObject. All FreeRDP clients using
  compatibility mode with /relax-order-checks are affected.
- Fix CVE-2020-4032: In FreeRDP before version 2.1.2, there is an
  integer casting vulnerability in update_recv_secondary_order. All
  clients with +glyph-cache /relax-order-checks are affected.
- Fix CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of
  bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions
  with color depth < 32 are affected.
- Fix CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound
  reads occurs resulting in accessing a memory location that is outside
  of the boundaries of the static array
  PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global
  OOB read in update_read_cache_bitmap_v3_order. As a workaround, one
  can disable bitmap cache with -bitmap-cache (default).
- Fix CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds
  read occurs resulting in accessing a memory location that is outside
  of the boundaries of the static array
  PRIMARY_DRAWING_ORDER_FIELD_BYTES.
- Fix CVE-2020-11098: In FreeRDP before version 2.1.2, there is an
  out-of-bound read in glyph_cache_put. This affects all FreeRDP clients
  with `+glyph-cache` option enabled.
- Fix CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out
  of bounds read in license_read_new_or_upgrade_license_packet. A
  manipulated license packet can lead to out of bound reads to an
  internal buffer.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7f54bfc169)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 22:12:28 +02:00
Fabrice Fontaine fe1232e533 package/gupnp: disable documentation
gupnp always builds man page since version 1.2.3 and
https://gitlab.gnome.org/GNOME/gupnp/-/commit/23f54c2a1e8718e836224d68dafded091604a677

This will raise the following build failure on some of our autobuilders:

FAILED: doc/gupnp-binding-tool-1.2.1
/usr/bin/xsltproc --nonet --xinclude --path /home/naourr/work/instance-0/output-1/build/gupnp-1.2.3/doc:/home/naourr/work/instance-0/output-1/build/gupnp-1.2.3/build/doc --stringparam man.output.quietly 1 --stringparam funcsynopsis.style ansi --stringparam man.th.extra1.suppress 1 --stringparam man.authors.section.enabled 1 --stringparam man.copyright.section.enabled 1 -o doc/gupnp-binding-tool-1.2.1 http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl ../doc/gupnp-binding-tool.xml
I/O error : Attempt to load network entity http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl
warning: failed to load external entity "http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl"
cannot parse http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl

This issue has been reported upstream, until we got more feedback, just
revert the commit

Fixes:
 - http://autobuild.buildroot.org/results/7bf388e81dff3875e396a228b2d48d345377b0da

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ba9139334d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:56:17 +02:00
Fabrice Fontaine 6b57d10b5e package/gupnp: security bump to version 1.2.3
It includes the following commits:
https://github.com/GNOME/gupnp/commit/66a73e96f5a733a149803a985686a4e4e196f90b
https://github.com/GNOME/gupnp/commit/f943904e2d7f21601337b90058faf74b49c02796
which mitigate CVE-2020-12695

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4420af7c3b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:56:08 +02:00
Yegor Yefremov ee4e8cf679 package/ntp: security bump to version 4.2.8p15
Fixes the following security issue:

- MEDIUM: Sec 3661: Memory leak with CMAC keys

  Systems that use a CMAC algorithm in ntp.keys will not release a bit of
  memory on each packet that uses a CMAC key, eventually causing ntpd to run
  out of memory and fail.  The CMAC cleanup from https://bugs.ntp.org/3447,
  part of ntp-4.2.8p11 and ntp-4.3.97, introduced a bug whereby the CMAC
  data structure was no longer completely removed.

https://support.ntp.org/bin/view/Main/SecurityNotice#June_2020_ntp_4_2_8p15_NTP_Relea

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d6d4557b7a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:53:27 +02:00
Bernd Kuhls da943f07ec package/samba4: bump version to 4.11.10
Changelog:
https://www.samba.org/samba/history/samba-4.11.10.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4e813db533)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:47:13 +02:00
Bernd Kuhls 679e7f2013 package/samba4: bump version to 4.11.9
Release notes: https://www.samba.org/samba/history/samba-4.11.9.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab86c3fa11)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:47:07 +02:00
Thomas Petazzoni 5ef5d51a2b support/scripts/pkg-stats: fix flake8 warning
This fixes the following flake8 warning:

support/scripts/pkg-stats:1005:9: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 204d03ae43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:38:07 +02:00
Gregory CLEMENT b0ea01846a support/script/pkg-stats: handle exception when version comparison fails
With python 3, when a package has a version number x-y-z instead of
x.y.z, then the version returned by LooseVersion can't be compared
which raises a TypeError exception:

Traceback (most recent call last):
  File "./support/scripts/pkg-stats", line 1062, in <module>
    __main__()
  File "./support/scripts/pkg-stats", line 1051, in __main__
    check_package_cves(args.nvd_path, {p.name: p for p in packages})
  File "./support/scripts/pkg-stats", line 613, in check_package_cves
    if pkg_name in packages and cve.affects(packages[pkg_name]):
  File "./support/scripts/pkg-stats", line 386, in affects
    return pkg_version <= cve_affected_version
  File "/usr/lib64/python3.8/distutils/version.py", line 58, in __le__
    c = self._cmp(other)
  File "/usr/lib64/python3.8/distutils/version.py", line 337, in _cmp
    if self.version < other.version:
TypeError: '<' not supported between instances of 'str' and 'int'

This patch handles this exception by adding a new return value when
the comparison can't be done. The code is adjusted to take of this
change. For now, a return value of CVE_UNKNOWN is handled the same way
as a CVE_DOESNT_AFFECT return value, but this can be improved later
on.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7d2779ecbb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:14:19 +02:00
Fabrice Fontaine 7dc0e94b0c package/jq: fix license
Commit c94794175f forgot to update hash of
COPYING

ICU license has been added for decNumber library since
https://github.com/stedolan/jq/commit/b6be13d5de6dd7d8aad5fd871eb6b0b30fc7d7f6

Fixes:
 - http://autobuild.buildroot.org/results/569aa7ba86a022d3c32a65fb8b58f558aba7ae4c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 16d0f5bff8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:04:51 +02:00
Lyle Franklin 6302d13742 package/jq: bump version to a17dd32
Bump jq package to latest to fix seg fault errors reported at
https://github.com/stedolan/jq/issues/2003

Signed-off-by: Lyle Franklin <lylejfranklin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c94794175f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 08:04:46 +02:00
Adrian Perez de Castro cc0ae9e71a package/webkitgtk: security bump to version 2.28.3
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://webkitgtk.org/2020/07/09/webkitgtk2.28.3-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fa1185412e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 07:59:25 +02:00
Adrian Perez de Castro fa3fa779b2 package/wpewebkit: security bump to version 2.28.3
This is a minor release which provides fixes for CVE-2020-9800,
CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806,
CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, and CVE-2020-13753.

Updating from 2.28.2 also brings in the usual batch of fixes, including
important improvements to threading in the media player. Full release
notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.28.3.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0006.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit aa2c6cfd31)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 07:59:20 +02:00
Bernd Kuhls e3ff844f34 package/php: bump version to 7.4.8
Quoting https://www.php.net/
"For windows users running an official build, this release contains a
 patched version of libcurl addressing CVE-2020-8159.

For all other consumers of PHP, this is a bug fix release."

Changelog: https://www.php.net/ChangeLog-7.php#7.4.8

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a6a500bb99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-21 07:57:22 +02:00
Sam Voss 50e8194e4a package/sqlite: security bump to version 3.32.3
Fixes the following CVEs:

- CVE-2019-19923 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service condition because of a NULL
pointer dereferencing while handling `SELECT DISTINCT`statements.

- CVE-2019-19924 (Fixed in 3.31.0)

The SQLite mishandles certain SQL commands due to improper error
handling by ` sqlite3WindowRewrite() ` function.

- CVE-2020-13435 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of query rewriting. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-13632 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper pointer
management in the FTS3 virtual table module. An attacker could exploit
this vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13434 (Fixed in 3.32.1)

SQLite is vulnerable to denial-of-service (DoS) due to improper handling
of floating-point operations. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-13871 (Fixed in 3.32.3)

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c
because the parse tree rewrite for window functions is too late.

- CVE-2020-13630 (Fixed in 3.32.0)

SQLite is vulnerable to denial-of-service (DoS) due to a use after free
issue in the FTS3 virtual table module. An attacker could exploit this
vulnerability by supplying a system with maliciously crafted input.

- CVE-2020-15358 (Fixed in 3.32.3)

SQLite is vulnerable to a heap-based buffer overflow flaw in part of an
optimization feature. An attacker able to issue specially crafted
queries could cause the application to crash, resulting in a
denial-of-service (DoS).

- CVE-2020-9327 (Fixed in 3.32.0)

SQLite is vulnerable to a Null pointer dereference flaw. A remote
attacker able to issue specially crafted SQL statements may be able to
cause a segmentation fault and application crash, resulting in a
denial-of-service (DoS).

- CVE-2019-19645 (Fixed in 3.31.0)

It was discovered that SQLite contains an denial-of-service (DoS)
vulnerability. An attacker could exploit this to trigger an infinite
recursion resulting in excessive resource consumption leading to a DoS
condition.

- CVE-2019-19926 (Fixed in 3.31.0)

The SQLite allows denial-of-service attack due to improper input
validation of user-supplied input.

- CVE-2020-11655 (Fixed in 3.32.0)

SQLite contains a memory corruption vulnerability. Successfully
exploiting this issue may allow attackers to cause a denial-of-service
(DoS). This allows an attacker to cause SQLite to crash by issuing a
crafted SQL query to the database.

- CVE-2019-19925 (Fixed in 3.31.0)

The INSERT statement fails when the zip file path is `NULL`.

- CVE-2019-19242 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying a maliciously crafted query to
cause an application crash.

- CVE-2019-19244 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service. An attacker could exploit
this vulnerability by providing a crafted SELECT statement to the SQL
server, resulting in an application crash.

- CVE-2020-13631 (Fixed in 3.32.0)

SQLite is vulnerable to data manipulation due to improper management of
virtual tables. An attacker could exploit this vulnerability by
supplying a system with maliciously crafted input.

- CVE-2020-11656 (Fixed in 3.32.0)

SQLite contains a Use-After-Free vulnerability. Successfully exploiting
this issue may allow attackers to cause a denial-of-service (DoS). This
allows an attacker to cause SQLite to crash by issuing a crafted SQL
query to the database.

- CVE-2019-19880 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of memory resources. A remote attacker could cause a victim's instance
of the application to crash by submitting crafted request that will lead
to the application parsing problematic integer values.

- CVE-2019-20218 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to improper
exception handling which could lead to unwinding of the `WITH` stack
following parsing errors. An attacker could exploit this vulnerability
by supplying a system with maliciously crafted input.

- CVE-2019-19603 (Fixed in 3.31.0)

It was discovered that SQLite contains a denial-of-service (DoS)
vulnerability. An authenticated attacker could exploit this
vulnerability by creating tables with the same name as shadow table
names.

- CVE-2019-19959 (Fixed in 3.31.0)

SQLite is vulnerable to denial-of-service (DoS) due to the mismanagement
of system memory resources. A remote attacker could cause a victim's
instance of the application to crash by causing it to process a SQL
statement that references a maliciously crafted file name.

- CVE-2019-19646 (Fixed in 3.31.0)

SQLite is vulnerable to a denial-of-service (DoS). An attacker could
exploit this vulnerability by supplying malicious SQL in order to crash
the application.

- CVE-2019-19317 (Fixed in 3.31.0)

SQLite contains a denial-of-service (DoS) vulnerability due to incorrect
logic in name lookups. An attacker could exploit this to cause a
application crash.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
CC: Peter Korsgard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a231f01e4b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 22:51:14 +02:00
Bernd Kuhls 25652106cf package/libcec: downgrade to version 4.0.5
According to
https://github.com/Pulse-Eight/libcec/releases/tag/libcec-5.0.0
version 5.0.0 is "not compatible with Kodi 18.x. Please use libCEC
4.0.5 instead."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7b77a0687e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 22:50:30 +02:00
Sergio Prado a9200a3795 package/dvb-apps: add hash file
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit aaf689903c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 21:57:07 +02:00
James Hilliard 28a48f9693 package/libcamera: fix install staging typo
This won't enable install to staging unless capitalized.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b6141b2aa1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 18:45:16 +02:00
James Hilliard 6b135c9785 package/python-greenlet: enable build for x86_64
Commit 30f1decec2 (package/python-greenlet: enable only on supported
architectures) forgot to allow x86_64.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: split off the x86_64 support to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6a3893e441)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 18:42:50 +02:00
James Hilliard d58f4a202b package/python-greenlet: really enable for i386
Commit 30f1decec2 (package/python-greenlet: enable only on supported
architectures) mis-typed the architecture name fox 286-32: BR2_x86
doesn't exist in buildroot; it is BR2_i386.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - just do the s/x86/i386/ fix for easy backport
  - x86_64 split off to its own patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b29eadf903)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 18:41:21 +02:00
Giulio Benetti 774db93d94 package/sunxi-mali-mainline-driver: bump version
For 5.6 and 5.7 support.

git shortlog --invert-grep --grep=Travis --no-merges ec654ee9caeb0c4348caacd0cf5eb2730d1d70e2..
Jonathan Liu (2):
      mali: Fix build for 5.6
      mali: Fix build for 5.7

Maxime Ripard (3):
      Create travis.yml
      actions: Add feedparser to the host
      travis: Try to fix the push code

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 23e3cffa75)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 18:38:39 +02:00
Mylène Josserand 2e52823f04 DEVELOPERS: Update Mylene's email
Signed-off-by: Mylène Josserand <mylene.josserand@collabora.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5b3994abeb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 18:37:52 +02:00
Bernd Kuhls a88f627d49 package/libmicrohttpd: security bump version to 0.9.71
Removed patch which was applied upstream, reformatted hashes.

Release notes:
https://lists.gnu.org/archive/html/libmicrohttpd/2020-06/msg00013.html

"This release fixes a potential buffer overflow and is thus considered a
security release. Please upgrade as soon as possible."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7a9a554cfc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 09:15:45 +02:00
Peter Korsgaard f4757c7235 package/libhttpserver: backport an upstream patch to fix compatibility with libmicrohttpd 0.9.71
Upstream patch:
https://github.com/etr/libhttpserver/commit/51b343c6b05dd13cbde0db04984fbf392e9f6df6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 09:15:33 +02:00
Bernd Kuhls 8fcf2f3fbe package/upmpdcli: fix build with libmicrohttpd 0.9.71
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 17b80efd6b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:27:14 +02:00
Bernd Kuhls 526b06c769 package/kodi: fix build with libmicrohttpd 0.9.71
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 468118ff81)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:22:53 +02:00
Bernd Kuhls cbd0d803ad package/systemd: fix build with libmicrohttpd 0.9.71
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c3a50eeae2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:22:12 +02:00
Pierre-Jean Texier 133572f483 package/qt5: fix check-package warnings
Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/622129163

Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fde51ad168)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:18:26 +02:00
Nicolas Dufresne 4a5b9dc6f1 package/gstreamer1/gst1-plugins-good: Enable GUDEV for V4L2 if available
Video4Linux2 plugins can udev for device probing and monitor.
This greatly improves load time and monitoring performance.

It also enables hotplug monitoring for cameras.

gstreamer is libglib2-based; libgudev is libnglib2-based. So they both
have the same basic dependencies as liblib2 has, and thus propagating
the dependencies of libgudev is not necessary (but might be confusing in
the future, even though such a change is highly unlikely...)

Signed-off-by: Nicolas Dufresne <nicolas.dufresne@collabora.com>
Signed-off-by: Ezequiel Garcia <ezequiel@collabora.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f50086e59f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:16:14 +02:00
Andreas Naumann a2c9c59d5d core/pkg-infra: Add per-package support in qmake infra
Qmake configured packages will, by default, use the absolute HostPrefix/Sysroot
pathes set during configuration/building of qt5base for their install
destinations.
For the per-package host/staging infrastructure, this causes non-qt5base
packages to litter the qt5base folders. In addition, buildroots target-install
step subsequently fails because the respective files are missing from the
per-package sysroot of the package itself.

Fortunately, qmake's built-in pathes can be overridden by placing a custom
qt.conf next to the qmake binary. This is already used to facilitate SDK
relocation. So for per-package path manipulation we can reuse that method, but
need to change the host/sysroot values according to each per-package
path.

Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr: drop useless 'rm -f' of generated file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 60e3a09693)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-20 08:11:15 +02:00
Julien Olivain 36fb7b3475 package/poco: add BR2_PACKAGE_POCO_ARCH_SUPPORTS
Commit 0737f48c5f (package/poco: disable build for riscv) did not
propagate the new dependency on BR2_riscv to the comment.

Introduce BR2_PACKAGE_POCO_ARCH_SUPPORTS to solve this issue.

Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr:
  - reword the commit log
  - use separate 'depend on !arch'
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4f733a4de7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:39:46 +02:00
Adam Duskett 7dc1e6da50 package/libressl: bump version to 3.1.3
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7c8910e095)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:36:21 +02:00
Adam Duskett 1df1b90150 package/libresslL: bump version to 3.1.2
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e976958563)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:36:15 +02:00
Yurii Monakov f5027f8371 fs/cpio: generate reproducible archives
The output of 'find' depends on the directory entries, and is not
ordered. As a consequence, the cpio archive is not reproducible.

Fix that by sorting the output of find. Use the 'C' locale to enforce
reproducibility that does not depend on the locale.

The command line is now pretty long, so we wrap it.

Signed-off-by: Yurii Monakov <monakov.y@gmail.com>
[yann.morin.1998@free.fr:
  - use LC_ALL=C when sorting
  - wrap long line
  - reword commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4728fdd4c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:33:21 +02:00
John Keeping 9c0a81a21b toolchain/toolchain-wrapper: let recent GCC handle SOURCE_DATE_EPOCH
When using precompiled headers, changing any macros defined on the
command line will invalidate the precompiled header.  With
toolchain-wrapper adding __DATE__ and __TIME__, any commits to Buildroot
will invalidate incremental builds regardless of whether the precompiled
header actually uses those values (affecting _OVERRIDE_SRCDIR).

GCC-7 and later support SOURCE_DATE_EPOCH and use it to define __DATE__
and __TIME__ internally, avoiding any impact on precompiled headers.

Disable the custom handling in toolchain-wrapper if GCC is version 7 or
newer.

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 408bc354a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:32:17 +02:00
Stéphane Veyret 72bf704f03 package/rpi-firmware: fix startup file names
When booting, a Raspberry Pi will load the appropriate start files,
depending on the provided configuration. For example, if the config.txt
file contains ’gpu_mem=16’ the board will automatically load the
cut-down startup files (start_cd.elf and fixup_cd.dat on non-Rpi4).

Unfortunately, even when the appropriate version is selected in the
configuration menu, if the rpi-firmware makefile takes the good files,
it renames them to non-qualified, i.e. start.elf and fixup.dat. But as
these are not the files searched by the Raspberry Pi, the board will not
start.

This patch will set the names of the files to load as constant in the
config.txt file. This guarantees that the rpi firmware blobs do not take
any other corner-case decision based on any other as-yet unknown
conditions.

This eases the maintenance, as only the names of the source files
matter; the destination filenames are constants, and so are the
filenames in config.txt.

Fixes: #13026

Signed-off-by: Stéphane Veyret <sveyret@gmail.com>
[yann.morin.1998@free.fr:
  - very minor fix in commit title
  - drop the non-conditional macro and move its content into
    RPI_FIRMWARE_INSTALL_IMAGES_CMDS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 1bdc0334ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:29:46 +02:00
Frank Hunleth 7e2b980d29 package/libconfuse: bump version to 3.3
This fixes a possible loop-forever bug.

Release notes:
https://github.com/martinh/libconfuse/releases/tag/v3.3

Signed-off-by: Frank Hunleth <fhunleth@troodon-software.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2747d96714)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:25:33 +02:00
Maxim Cournoyer b3554820a5 packages/pkg-download.mk: fix file locking over NFS
BSD style locks such as implemented by flock are translated to POSIX
advisory file locks (implemented by the fcntl system call on Linux).  It
is not possible to lock a directory using POSIX advisory file locks.
Hence, the lock strategy used by Buildroot doesn't work when used over
NFS.

Using flock on a simple file works correctly though, so use a '.lock'
file inside the download directory instead. If the lockfile does not
exist, flock will create it (in a race-free fashion).

Tested using NFS v4.2 and Linux 5.4.43.

Signed-off-by: Maxim Cournoyer <maxim.cournoyer@savoirfairelinux.com>
[yann.morin.1998@free.fr:
  - slightly expand commit log about creation of the lockfile
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2e9d6565fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:22:17 +02:00
Romain Naour a842d033ac package/sdl2: remove sdl2-config.cmake
We are using autotools build system for sdl2, so the sdl2-config.cmake
include path are not resolved like for sdl2-config script [1].
Remove sdl2-config.cmake file and avoid unsafe include path if this
file is used by a cmake based package.

This trigger an issue with ogre 1.12.6 package that replaced
FindSDL2.cmake by sdl2-config.cmake [2].

Thanks to Pavel Rojtberg for the help [3].

[1] https://bugzilla.libsdl.org/show_bug.cgi?id=4597
[2] https://github.com/OGRECave/ogre/commit/6de6f9b4081a07c911932441700c54b72ec1ee1f
[3] https://github.com/OGRECave/ogre/issues/1568

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d59261836a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:19:11 +02:00
Nicolas Robin 5fd337ec22 package/sdl2: enable 3DNOW only if it's supported by the target
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fe29913fa9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:19:11 +02:00
Nicolas Robin de31821609 arch/x86: adds BR2_X86_CPU_HAS_3DNOW flag
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f6cd56b9ce)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:19:11 +02:00
Nicolas Robin 2f822c2d0c package/sdl2: enable SSE only if it's supported by the target
Signed-off-by: Nicolas Robin <nrosfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a14a962983)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 18:06:56 +02:00
Adrian Perez de Castro 1987e22185 package/wpebackend-fdo: bump to version 1.6.1
This update brings in a few build fixes only. In particular the
one for EGL implementations which use oddball definitions of the
EGLNativeDisplayType type might be needed for some configurations.

Full release notes:

  https://wpewebkit.org/release/wpebackend-fdo-1.6.1.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbada0c2ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:51:51 +02:00
Baruch Siach 210e28d522 package/libcurl: fix no-proxy build with bearssl and nss
Add two patches fixing build against BearSSL and NSS TLS implementations
when BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled.

Fixes:
http://autobuild.buildroot.net/results/4d37d9163bfece536974f15f16b2ebfc5fabc539/
http://autobuild.buildroot.net/results/387e8baa13d0f07ed4dfd5b6ee3b933d4843c0e8/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 645ecd0dcc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:49:38 +02:00
Baruch Siach 5a51bde68e package/libcurl: bump to version 7.71.1
This release fixes build with BR2_PACKAGE_LIBCURL_PROXY_SUPPORT disabled
and mbedtls enabled.

Add reference to upstream tarball signature.

Fixes:
http://autobuild.buildroot.net/results/f32b6ab927560839cacaa1b9e6b64ced92b9ffe3/
http://autobuild.buildroot.net/results/566f0db496f6d1feefd9d3e6b6955a2539670735/
http://autobuild.buildroot.net/results/19de1111318aea863118c9b0b44dc282f011918f/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8360886fb2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:49:31 +02:00
Baruch Siach 49f08cfbc2 package/libcurl: security bump to version 7.71.0
CVE-2020-8177: curl overwrite local file with -J.

CVE-2020-8169: Partial password leak over DNS on HTTP redirect.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8370769d4a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:49:26 +02:00
Matt Weber 7af9c08d36 package/libcurl: bump to 7.70.0
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 88aebf5fcb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:49:18 +02:00
Peter Korsgaard 5d11493f0e package/wireguard-linux-compat: bump version to 1.0.20200623
Includes a number of bugfixes and updates to build against newer stable
kernels.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5a7d6bab6c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:17:16 +02:00
Peter Korsgaard b0240dce90 package/wireguard-linux-compat: bump version to 1.0.20200506
Synchronizes with upstream 5.7-rc5.  For details, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2020-May/005408.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3564bc1659)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:17:09 +02:00
Bartosz Bilas a8dd8f03d1 package/irrlicht: add patch to fix libraries linking
This patch fix the irrlicht makefile which contains the paths
that point to the host system libraries that are not used and
are not available in Buildroot what's unsafe for cross-compilation.
In addition it fixes linking to the X11 libraries and the following errors:

/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XSetSelectionOwner'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glXGetProcAddress'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glXMakeCurrent'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XF86VidModeSetViewPort'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XF86VidModeSwitchToMode'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glClearDepth'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XGetVisualInfo'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `XGrabKeyboard'
/home/bartekk/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-gnueabihf/9.2.0/../../../../arm-buildroot-linux-gnueabihf/bin/ld: /home/bartekk/buildroot/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/lib/libIrrlicht.so: undefined reference to `glMatrixMode'

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 98c57af89d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:14:08 +02:00
Romain Naour 6c756f6e7c package/gdb: fix gdb python support with python 3.8
CPython 3.8 has added a new Syntax Warning that print
a waring at runtime while unsing gdb python support.

$ gdb -ex "python import os"
/usr/share/gdb/python/gdb/command/prompt.py:48: SyntaxWarning: "is not" with a literal. Did you mean "!="?
  if self.value is not '':
/usr/share/gdb/python/gdb/command/prompt.py:60: SyntaxWarning: "is not" with a literal. Did you mean "!="?
  if self.value is not '':

Backport an upstream patch for this:
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=b6484282f85bf7f11451b2441599c241d302ad9d

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7a0fa5b19b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:11:33 +02:00
Yann E. MORIN 98524be8d2 package/libxmlrpc: fix check-package warnings
Assignment in conditional blocks must use append-assignment.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 92d73f31b2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:03:03 +02:00
Fabrice Fontaine 7487a5de94 package/libxmlrpc: add openssl optional dependency
Without this patch, openssl_abyss is enabled if openssl is built before
libxmlrpc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 32844dfd99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:03:00 +02:00
Stefan Sørensen 9cfcd36ee9 package/gnutls: fix build with uClibc
Since v3.6.14 gnutls wants to use the 'e' flag with fopen to set the
O_CLOEXEC flags. Since this is a glibc extension, it will trigger a
gnulib override of fopen on non-glibc systems, but that override
breaks the uClibc stdio.h header.

Fixes:
http://autobuild.buildroot.org/results/02f/02f2b524add307c8f7cc1af1ed0783bb1baf029a

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 838f67c27f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:00:40 +02:00
Stefan Sørensen 1f1db89b57 package/gnutls: security bump to 3.6.14
Fixes the following security issue:

 * CVE-2020-13777: It was found that GnuTLS 3.6.4 introduced a
   regression in the TLS protocol implementation. This caused the TLS
   server to not securely construct a session ticket encryption key
   considering the application supplied secret, allowing a MitM
   attacker to bypass authentication in TLS 1.3 and recover previous
   conversations in TLS 1.2

Release announcement:
 https://lists.gnupg.org/pipermail/gnutls-help/2020-June/004648.html

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 16ea3ee784)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 17:00:32 +02:00
Peter Korsgaard 9dece05e7e package/python-validators: fix license
The LICENSE file is MIT, not BSD.  The confusion comes from the license info
in setup.py, which stated BSD until (post-0.14.2):

https://github.com/kvesteri/validators/commit/669129a3d3eb106e1b2d82bd9911faebb3287db6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d682a3aeb9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 16:59:23 +02:00
Peter Korsgaard 2e6e8f7184 package/intel-microcode: security bump to version 20200616
Contains mitigations for the Special Register Buffer Data Sampling
(CVE-2020-0543), Vector Register Sampling (CVE-2020-0548) and L1D
Eviction Sampling (CVE-2020-0549) hardware vulnerabilities.

For more details, see the advisories:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00320.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00329.html

Adjust the license hash for a change of copyright year:
-Copyright (c) 2018-2019 Intel Corporation.
+Copyright (c) 2018-2020 Intel Corporation.

And adjust the .hash file to use two spaces.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 05c1049e10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 16:58:14 +02:00
Bernd Kuhls 86105b23c7 package/mediastreamer: fix comment
Fix inversed logic, comment should be shown for static-only toolchains.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0ca6b41f8a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 16:55:26 +02:00
Fabrice Fontaine 73b0f8b2dd package/mtools: select BR2_TOOLCHAIN_GLIBC_GCONV_LIBS_COPY
Fixes:
 - https://bugs.buildroot.org/show_bug.cgi?id=12986

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ac4a61e0ea)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-16 16:53:35 +02:00
Peter Seiderer d502e572ca package/rtl8821au: add two patches fixing compile/runtime for kernels >= 5.3
Add two patches from upstream merge request ([1] to fix compile
and runtime failures in case of linux kernel >= 5.3.

[1] https://github.com/abperiasamy/rtl8812AU_8821AU_linux/pull/316

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit de61548933)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:28:52 +02:00
Fabrice Fontaine b191a73127 package/gerbera: fix static build with libmatroska
Fixes:
 - http://autobuild.buildroot.org/results/ee365f792feb0fe69ed765fda625afabc91ec769

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b15e60d26b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:25:00 +02:00
Thomas De Schampheleire b86a753bb0 package/libopenssl: fix target architecture for MIPS64n32
Commit 1ebb35ee5f changed the libopenssl
target architecture to 'linux-generic64' for 64-bit archs based on
BR2_ARCH_IS_64. However, MIPS64n32 has BR2_ARCH_IS_64 set, but is a 32-bit
ABI. On such board, libopenssl needs to be configured with linux-generic32
to function properly.

One symptom of this problem is that ssh-keygen hangs on key generation,
waiting for more random bits. See [1] for the discussion with openssl
upstream.

Thanks to Ronny Meeus for investigating the issue and kudos to the openssl
community for their responsive and helpful interaction!

Reported-by: Ronny Meeus <ronny.meeus@nokia.com>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>

[1] https://mta.openssl.org/pipermail/openssl-users/2020-June/012565.html

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 42718e13d2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:23:16 +02:00
Fabrice Fontaine 142f3f6a80 package/mutt: fix CVE-2020-14093
Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack
via a PREAUTH response.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6756a3504c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 23:20:40 +02:00
Adam Duskett ece2007306 package/python3: security bump to version 3.8.3
Fixes the following security issues:

- bpo-40121: Fixes audit events raised on creating a new socket

- bpo-38576: Disallow control characters in hostnames in http.client,
  addressing CVE-2019-18348.  Such potentially malicious header injection
  URLs now cause a InvalidURL to be raised.

- bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the
  urllib.request module uses an inefficient regular expression which can be
  exploited by an attacker to cause a denial of service.  Fix the regex to
  prevent the catastrophic backtracking.  Vulnerability reported by Ben
  Caller and Matt Schwager.

For more details, see the changelog:
https://docs.python.org/release/3.8.3/whatsnew/changelog.html#security

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5ff01eb31f)
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 22:57:02 +02:00
Fabrice Fontaine c6c4e713a8 package/minizip: fix static build of demos with openssl
Fixes:
 - http://autobuild.buildroot.org/results/2f11b237a3577df55bc1ee139ed4d51f3ee4e08d
 - http://autobuild.buildroot.org/results/b54b625751a45d3b449fffcdfaa06fb9209b4652

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9d17d72b97)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 22:52:04 +02:00
Fabrice Fontaine 108edcc12a package/granite: bump to version 5.4.0
granite fails to build since bump to vala 0.46.6 in commit
2723ff3333:

make[3]: Leaving directory '/tmp/instance-0/output-1/build/granite-0.4.1'
[  1%] Generating style-classes.c;Application.c;Drawing/Color.c;Drawing/BufferSurface.c;Drawing/Utilities.c;GtkPatch/AboutDialog.c;Services/Settings.c;Services/Logger.c;Services/Paths.c;Services/System.c;Services/Contractor.c;Services/ContractorProxy.c;Services/IconFactory.c;Services/SimpleCommand.c;Widgets/AlertView.c;Widgets/Avatar.c;Widgets/Utils.c;Widgets/WrapLabel.c;Widgets/AboutDialog.c;Widgets/ModeButton.c;Widgets/DatePicker.c;Widgets/Entries.c;Widgets/TimePicker.c;Widgets/CollapsiblePaned.c;Widgets/StaticNotebook.c;Widgets/DynamicNotebook.c;Widgets/CompositedWindow.c;Widgets/AppMenu.c;Widgets/Welcome.c;Widgets/WelcomeButton.c;Widgets/Toast.c;Widgets/ToolButtonWithMenu.c;Widgets/PopOver.c;Widgets/ContractorView.c;Widgets/ContractorMenu.c;Widgets/DecoratedWindow.c;Widgets/LightWindow.c;Widgets/StatusBar.c;Widgets/SidebarPaned.c;Widgets/StorageBar.c;Widgets/SourceList.c;Widgets/CellRendererExpander.c;Widgets/CellRendererBadge.c;Widgets/ThinPaned.c;Widgets/OverlayBar.c;gr
 anite.vapi;granite.h
make[3]: Entering directory '/tmp/instance-0/output-1/build/granite-0.4.1'
/tmp/instance-0/output-1/build/granite-0.4.1/lib/Application.vala:145.9-145.26: error: Creation method of abstract class cannot be public.
        public Application () {
        ^^^^^^^^^^^^^^^^^^

So bump granite to latest version to include the following commit (that
does not apply cleanly on current version):
https://github.com/elementary/granite/commit/fd26013c84afdeb6300ae2f4a574856753fc2b58

Moreover:
- Switch site to github to get latest release
- Switch to meson-package
- Add gobject-introspection optional dependency

Fixes:
 - http://autobuild.buildroot.org/results/3e2cc89b9bd42824731d0c7b39dd5b5c98e527ee

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2e8a777373)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 22:50:37 +02:00
Adam Duskett 37b4bffac5 package/open-plc-utils: install packages to /usr/bin
By default, open-plc-utils installs all of the compiled binaries to
/usr/local/bin which is not in the default path provided by Buildroot.

Passing BIN="$(TARGET_DIR)/usr/bin" to make install forces open-plc-utils to
install the compiled binaries to /usr/bin.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 35bbcde75c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 22:47:45 +02:00
Titouan Christophe 27a437ef0c package/paho-mqtt-c: bump to version 1.3.4
This is a crucial bugfix release that fixes a backward incompatible ABI
change introduced in 1.3.2.

Also drop patches that are now applied upstream.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 57053f29b7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:56:07 +02:00
Adam Duskett 3b6ec56c24 package/openjdk-bin: install to host/usr/lib/jvm
Buildroot currently installs openjdk-bin to $(HOST_DIR)/ instead of the more
traditional (for java installations) $(HOST_DIR)/usr/lib/jvm.

As described in https://bugs.busybox.net/show_bug.cgi?id=13001

"Openjdk-bin provides it's own libfreetype.so and places it into
$(HOST_DIR)/lib/. This library causes build failures with the
host-xapp_mkfontscale package due to the overwritten libfreetype.so.

mkfontscale.o: In function `doDirectory':
mkfontscale.c:(.text+0x1a80): undefined reference to `FT_Get_BDF_Property'
collect2: error: ld returned 1 exit status

Reproducing the error is done by repeating the following steps.
make host-freetype
make host-openjdk-bin
make host-xapp_mkfontscale"

There are two options for fixing this problem:

 1) add host-freetype and host-lksctp-tools as dependencies to host-openjdk-bin
    and then remove the provided libfreetype.so and libsctp.so libraries
    in a post_extract_hook.

 2) change the installation directory from $(HOST_DIR)/ to
    $(HOST_DIR)/usr/lib/jvm just like the target OpenJDK package and
    copy the entire source directories contents to the above location.

The second option provides the following advantages:
  - the directory structure is consistent with how we handle the target OpenJDK.

  - the HOST_OPENJDK_BIN_INSTALL_CMDS step is simplified.

  - packages such as Maven require directories of which we are currently not
    copying. These missing directories cause programs such as Maven to crash
    when running with an error such as
    "Can't read cryptographic policy directory: unlimited."

  - does not miss any other libraries that solution 1 would not cope with
    (e.g. libzip.so from host-libzip, or libnet.so from not-yet existing
    host-libnet, or libsctp.so from not-yet existing host-lksctp-tools)

Because the second option is both simple, easier to implement, is low-impact,
and fixes the problems described above wholly, it is the best to implement.

To implement the above changes, we must also modify the following files in the
same patch to match the host's new directory paths:

 - openjdk.mk
 - openjdk-jni-test.mk
 - openjdk-hello-world.mk

To avoid having to change all those packages in the future, expose two
new variables, HOST_OPENJDK_BIN_ROOT_DIR which contains the path where
the openjdk-bin was installed in, and JAVAC, which contains the path to
the javac compiler (modeled after the way the autoconf et al. variables
are set and exposed).

Tested with:
./support/testing/run-tests -o out -d dl tests.package.test_openjdk.TestOpenJdk

Fixes: https://bugs.busybox.net/show_bug.cgi?id=13001

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - introduce HOST_OPENJDK_BIN_ROOT_DIR and JAVAC
  - expand and tweak the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e9a02417f3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:53:50 +02:00
Yann E. MORIN 131fdd39bb support/download: fix git wrapper with submodules on older git versions
Older versions of git store the absolute path of the submodules'
repository as stored in the super-project, e.g.:

    $ cat some-submodule/.git
    gitdir: /path/to/super-project/.git/modules/some-submodule

Obviously, this is not very reproducible.

More recent versions of git, however, store relative paths, which
de-facto makes it reproducible.

Fix older versions by replacing the absolute paths with relative ones.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8fe9894f65)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:50:24 +02:00
Norbert Lange 4a552b6447 package/systemd: fixup RPATH for more systemd host binaries
All systemd binaries depend on libsystemd-shared and need their RPATH
fixed. Use a glob to catch them all.

We can't use $(wildcard ...) because this is expanded before any file
may exist (it's in the same rule that install those file, and the
expansion in Makefile is done once at the beginning of the recipe).

We need to test each file:
 1. to ignore files that were not build (e.g. because the host is
    missing some dependencies (in which case we don't care; we're only
    interested in systemctl, and that one is already built)
 2. to ensure the glob was expanded (in case no file would match
    systemd-*)

Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
  - don't use 'set -e', use the more traditional '|| exit 1'
  - don't cd into HOST_DIR/bin, but use $(addprefix ...)
  - use positive logic in the test
  - expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 9f1a9ee932)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:47:45 +02:00
Joseph Kogut 7955f169da package/libnss: fix build with old PPC ABI
Fixes:
http://autobuild.buildroot.net/results/bdbd33c7a764931b2066dd8b527dde2f5dc298b4
http://autobuild.buildroot.net/results/61bf50f73bb79e85c22e663f5fc22f4b9ccc0d3b
http://autobuild.buildroot.net/results/4437942a528ab8f782d3b97595e76bb690d3a409

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f30fc89447)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:44:33 +02:00
Fabrice Fontaine 6d94d9f62e package/tinydtls: fix build on big endian
Fixes:
 - http://autobuild.buildroot.org/results/e8704e02fdede7b63e22da552292977b23380b32

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4852bb14c9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:43:22 +02:00
Fabrice Fontaine 6987a72b5c package/tinydtls: security bump to version 0.9-rc1
- Switch site to github
- License is now EPL-1.0 or EDL-1.0 as specified in the new LICENSE file
- Update indentation of hash file (two spaces)
- Drop first patch (already in version) and second patch (not needed since
  https://github.com/eclipse/tinydtls/commit/f1ff324a4d1cc14dc6e1c3a88ea16f0242e106de)
- Fix CVE-2017-7243 as specified in
  https://github.com/eclipse/tinydtls/issues/12 as well as other
  security issues:
  https://github.com/eclipse/tinydtls/commit/68a1cdaff9e329e13ea59529f1eb61b05632c297
  https://github.com/eclipse/tinydtls/commit/494a40dfbb174930ca616e560532d52549736b42
  https://github.com/eclipse/tinydtls/commit/2d9f0a82377277af1be8d559d18e30477d63e8ec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1d14a3349d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:43:16 +02:00
Fabrice Fontaine 0b7218b764 package/tcpreplay: security bump to version 4.3.3
- Fix CVE-2020-12740: tcprewrite in Tcpreplay through 4.3.2 has a
  heap-based buffer over-read during a get_c operation. The issue is
  being triggered in the function get_ipv6_next() at common/get.c.
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 25168d220a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:40:30 +02:00
Bernd Kuhls 0173155a59 package/vlc: security bump version to 3.0.11
Fixes CVE-2020-13428: https://www.videolan.org/security/sb-vlc3011.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2d9200f992)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:39:16 +02:00
Yi Zheng 2d770d6276 package/pkg-python.mk: fixup typo, PYTHON#_PATH --> PHYON3_PATH
Signed-off-by: Brock.Zheng <goodmenzy@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 54b57cf271)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:33:38 +02:00
Adam Duskett d10659b936 package/pkg-python: use a shell expansion for sysconfigdata_name
Currently, GNU Make expands the Python SYSCONFIGDATA_NAME variable;
however, when building with per-package directories, this variable is
not set because the evaluation of this variable occurs before buildroot
creates the per-package directories of a given package.

This can be easily demonstrated with that trivial Makefile:

    $ cat Makefile
    BLA = $(wildcard bla)
    all:
        @echo 'BLA=$(BLA)'
        @touch bla
        @echo 'BLA=$(BLA)'

    $ make
    BLA=
    BLA=

    $ make
    BLA=bla
    BLA=bla

I.e. the variables are evaluated at the beginning of a recipe, not for
each line of the recipe.

There are two solutions to fix this problem:

  - add a step between "patch" and "configure," which would evaluate all
    of the variables after creating the per-package directories;

  - evaluate SYSCONFIGDATA_NAME via a shell expansion instead of
    Makefile, to postpone the effective ex[ansion to until after the
    file has been created.

Even though the first option is semantically the best solution, this is
also very intrusive, especially since python3 is so far the only case
where we would need it. The second option however is more expedient, adn
so this is what we're doing here.

We introduce PKG_PYTHON_SYSCONFIGDATA_PATH to avoid duplication and to
make the following line easier to read.

Then PKG_PYTHON_SYSCONFIGDATA_NAME is actually defined as a back-tick
shell expansion (although back-ticks have their drawbacks, using $(...)
in Makefile is not trivial either):

  - we test that the file does exist, to cover the python2 and python3
    cases: with python2, the file does not exist, so we want to expand
    to an empty string; 'basename' only works on the filename, and does
    not check the file actually exists;

  - if the file exist, we get its basename without the .py extension,
    and this makes our expansion;

  - the "|| true" is added to ensure the old behavior of returning an
    empty string if the file does not exist still works, when the
    expansion is attempted in a shell where 'set -e' is in effect (the
    test would fail with python2, but this is not an error).

Fixes: https://bugs.busybox.net/show_bug.cgi?id=12941
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr: slight rewording in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2158c87206)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:33:13 +02:00
Asaf Kahlon 3027ac168e pkg-python.mk: use PYTHON3_PATH instead of duplicating its value
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 38960fbe6e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:33:05 +02:00
Baruch Siach d6a4f75180 package/readline: update homepage link
The old link is dead since 2017.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 60b1cb9d47)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:30:32 +02:00
Yann E. MORIN d98e32f571 core/br2-external: report better error messages
The error is misleading: it reports that no name was provided,
when in fact the external.desc file is missing.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>p
Reviewed-by: Romain Naour <romain.naour@gmail.com>
(cherry picked from commit c62e78a85b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:27:32 +02:00
Yann E. MORIN 88e7c73133 core/br2-external: fix reporting errors
When a br2-external tree has an issue, e.g. a missing file, or does not
have a name, or the name uses invalid chars, we report that condition by
setting the variable BR2_EXTERNAL_ERROR.

That variable is defined in the script support/scripts/br2-external,
which outputs it on stdout, and checked by the Makefile.

Before d027cd75d0, stdout was explicitly redirected to the generated
.mk file, with   exec >"${ofile}"   as the Makefile and Kconfig
fragments were generated each with their own call to the script, and
the validation phase would emit the BR2_EXTERNAL_ERROR variable in the
Makefile fragment.

But with d027cd75d0, both the Makefile and Kconfig fragments were now
generated with a single call to the script, and as such the semantics of
the scripts changed, and only each of the actual generators, do_mk and
do_kconfig, had their out put redirected. Which left do_validate with
the default stdout. Which would emit BR2_EXTERNAL_ERROR on stdout.

In turn, the stdout of the script would be interpreted by as part of the
Makefile. But this does not end up very well when a br2-external tree
indeed has an error:

  - missing a external.desc file:

    Makefile:184: *** multiple target patterns.  Stop.

  - empty external.desc file:

    Config.in:22: can't open file "output/.br2-external.in.paths"

So we must redirect the output of the validation step to the
Makefile fragment, so that the error message is correctly caught by the
top-level Makefile.

Note that we don't need to append in do_mk, and we can do an overwrite
redirection: if we go so far as to call do_mk, it means there was no
error, and thus the fragment is empty.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
(cherry picked from commit 0ac7dcb73e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-15 21:27:04 +02:00
Fabrice Fontaine fa0687fe79 package/dbus: security bump to version 1.12.18
- Fix CVE-2020-12049: An issue was discovered in dbus >= 1.3.0 before
  1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file
  descriptors when a message exceeds the per-message file descriptor
  limit. A local attacker with access to the D-Bus system bus or another
  system service's private AF_UNIX socket could use this to make the
  system service reach its file descriptor limit, denying service to
  subsequent D-Bus clients.
- Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7cee9d2659)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 09:06:31 +02:00
Norbert Lange d192701479 toolchain: adjust version check to allow for single numbers
A gcc compiler, which was configured with
--with-gcc-major-version-only, will only return a single
number. (debian does this for example).

A simple modification allows the check to work with both
single numbers (eg. '9') and full versions (eg. '9.2.1').

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5303e72a80)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 09:04:56 +02:00
Bernd Kuhls f88fd28f35 package/php: bump version to 7.4.7
Changelog: https://www.php.net/ChangeLog-7.php#7.4.7

Contrary to the release notification on the mailinglist
https://news-web.php.net/php.announce/287
which declares this release as "security bug fix release" no CVE IDs
could be found on the bugtracker entries mentioned in the Changelog.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 759ed10395)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 09:02:37 +02:00
Romain Naour 82f0530cf0 package/meson: fix shared build issue due to --static flag always passed to pkg-config
Since cf75d7da98 we have a build failures when
building libgbm.so when valgrind package is selected because --static is always
passed to pkg-config even for shared build.

Even if -Dvalgrind=false on meson command line to build mesa, the valgrind
libraries come from pkg-config libdrm...

output/host/bin/pkg-config libdrm --libs --static
-L[...]/sysroot/usr/lib -ldrm -lm -L[...]/sysroot/usr/lib/valgrind
-lcoregrind-arm64-linux -lvex-arm64-linux -lgcc

... and break the build.

See initial discussions:
http://lists.busybox.net/pipermail/buildroot/2020-June/284543.html

This is due to a wrong condition test added by the patch
0004-mesonbuild-dependencies-base.py-add-pkg_config_stati.patch.

Indeed, pkg_config_static is a string, not a boolean; it is set to
either 'true' or 'aflse' by our meson package infra. Since the returned
object is a string, do not pass a boolean, but pas None (we only want to
test against the 'true' string, so we don't care what we get back when
it is not set, which never happens in Buildroot).

Before this patch, the issue can be reproduced using the following defconfig:
    BR2_aarch64=y
    BR2_TOOLCHAIN_EXTERNAL=y
    BR2_PACKAGE_VALGRIND=y
    BR2_PACKAGE_MESA3D=y
    BR2_PACKAGE_MESA3D_DRI_DRIVER_SWRAST=y

Fixes:
http://autobuild.buildroot.net/results/1b5/1b58d73ecbbe1af2c3e140563d696cf32d1c4a5a/build-end.log

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: slightly reword the commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6ae1932e71)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 08:50:40 +02:00
Peter Seiderer fafecb8071 package/iwd: needs dbus (runtime)
Fixes (on startup):

  $ usr/libexec/iwd
  Wireless daemon version 1.7
  Failed to initialize D-Bus

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
  - move MMU dependency first
  - split long line in comment dependencies
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6f5f6bcd89)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 08:36:53 +02:00
Romain Naour 1e9741e597 package/mesa3d: disable --as-needed linker flag for Codesourcery ARM 2014.05 toolchain
Meson build system enable by default -Wl,--as-needed [1][2] in the linker command line
and due to this the libmesa_dri_drivers.so build fail with the Codesourcery ARM and
Aarch64 2014.05 toolchain:

/home/buildroot/autobuild/run/instance-1/output-1/host/bin/arm-none-linux-gnueabi-g++
  -o src/mesa/drivers/dri/libmesa_dri_drivers.so
  -Wl,--as-needed -Wl,--no-undefined -Wl,-O1 -shared -fPIC -Wl,--start-group
  -Wl,-soname,libmesa_dri_drivers.so -Wl,--whole-archive
  src/mesa/drivers/dri/radeon/libr100.a src/mesa/drivers/dri/nouveau/libnouveau_vieux.a
  -Wl,--no-whole-archive
  src/mesa/drivers/dri/common/libmegadriver_stub.a
  src/mesa/drivers/dri/common/libdricommon.a
  src/mapi/shared-glapi/libglapi.so.0.0.0
  src/mesa/libmesa_classic.a src/mesa/libmesa_common.a
  src/compiler/glsl/libglsl.a src/compiler/glsl/glcpp/libglcpp.a
  src/util/libmesa_util.a src/util/format/libmesa_format.a
  src/compiler/nir/libnir.a src/compiler/libcompiler.a
  src/util/libxmlconfig.a
  [...]

src/mesa/drivers/dri/common/libmegadriver_stub.a(megadriver_stub.c.o): In function `megadriver_stub_init':
megadriver_stub.c:(.text.startup+0x20): undefined reference to `dladdr'
megadriver_stub.c:(.text.startup+0xbc): undefined reference to `dlsym'
collect2: error: ld returned 1 exit status

This problem seems to be specific to this toolchain release (ARM and aarch64)
CodeSourcery 2014.05: gcc 4.8.3-prerelease; binutils 2.24.51.20140217; glibc 2.18

The following prebuilt toolchain has been tested and doesn't trigger this issue:
Linaro 4.9-4.9-2014.11: gcc 4.9.3; binutils 2.24.0; glibc 2.19
CodeSourcery 2014.11: gcc 4.9.1; binutils 2.24.51.20140217; glibc 2.20

Older toolchains doesn't have a recent enough glibc or linux-headers version
to breaking the build with mesa3d 20.1.0 or libdrm 2.4.102.

In order to build mesa3d with the CodeSourcery 2014.05 using --as-needed would be
reorder the static librairies:

 diff --git a/src/mesa/drivers/dri/meson.build b/src/mesa/drivers/dri/meson.build
 index b09ca16e38a..9ac6731c522 100644
 --- a/src/mesa/drivers/dri/meson.build
 +++ b/src/mesa/drivers/dri/meson.build
 @@ -59,7 +59,7 @@ if _dri_drivers != []
      [],
      link_whole : _dri_drivers,
      link_with : [
 -      libmegadriver_stub, libdricommon, libglapi,
 +      libdricommon, libmegadriver_stub, libglapi,
        libmesa_classic,
      ],

Instead, we can disable --as-needed from the meson build system using
"-Db_asneeded=false" only for this toolchain.

[1] https://mesonbuild.com/Builtin-options.html
[2] https://wiki.gentoo.org/wiki/Project:Quality_Assurance/As-needed

Fixes:
http://autobuild.buildroot.net/results/eec39a4fbfbfaa58980fab36f2fd902a16eecf0f/build-end.log

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d3f576d2f3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-13 08:26:48 +02:00
Heiko Thiery 66f6e1451f package/brltty: fix input_event related compile failure
Add a patch to fix input_event time related compile failure. The problem
is reported and fixed upstream.

Fixes:
http://autobuild.buildroot.net/results/7c5278c0ff2b2d8f88803e256803b31a75904efe/build-end.log

./system_linux.c: In function 'writeInputEvent':
./system_linux.c:962:23: error: 'struct input_event' has no member named 'time'; did you mean 'type'?
   gettimeofday(&event.time, NULL);
                       ^~~~
                       type

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 69e8b09c4f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:43:38 +02:00
Martin Bark 6aa30f5ca4 package/nghttp2: security bump version to 1.41.0
Fix CVE-2020-11080 Denial of service: Overly large SETTINGS frames

Signed-off-by: Martin Bark <martin@barkynet.com>
[yann.morin.1998@free.fr: two spaces in hash files]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e500367ea4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:32:32 +02:00
Martin Bark f4806f6964 package/nodejs: security bump to 12.18.0
This is a security release.

Vulnerabilities fixed:

CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

See https://nodejs.org/en/blog/release/v12.18.0/

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 06decad41b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:32:28 +02:00
James Hilliard cb22b4cb3d package/nodejs: bump to version 12.16.3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b90ab938b8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:32:22 +02:00
Yegor Yefremov f56c652def package/nodejs: install to staging
Install header files and libraries into the staging area. Some
packages like mraa (if enabled for Node.js) search for node.h
and v8.h. Hence, Node.js development file must be installed to
the staging area.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f6e6e648ce)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:22:48 +02:00
Bernd Kuhls 453be3363c package/znc: security bump version to 1.8.1
Changelog: https://wiki.znc.in/ChangeLog/1.8.1

Fixes CVE-2020-13775.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3a924b350d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:17:49 +02:00
Joris Offouga ceb2af7571 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6, 7}.x series
Signed-off-by: Joris Offouga <offougajoris@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8db0c3472b)
[Peter: drop 5.7.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 23:11:53 +02:00
Christian Stewart 7499162ab8 package/docker-cli: bump to version 19.03.11
For details, see the release notes:
https://docs.docker.com/engine/release-notes/

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ca0a781904)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 22:39:22 +02:00
Christian Stewart f82dba70e1 package/docker-engine: security bump to version 19.03.11
Fixes the following security issues:

- CVE-2020-13401: Disable IPv6 Router Advertisements to prevent address
  spoofing
  An attacker in a container, with the CAP_NET_RAW capability, can craft
  IPv6 router advertisements, and consequently spoof external IPv6 hosts,
  obtain sensitive information, or cause a denial of service.

In addition, 19.03.9..11 fixes a number of issues. For details, see:

https://docs.docker.com/engine/release-notes/

Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact, extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b73b3835f4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 22:39:19 +02:00
Christian Stewart c7123a4956 package/go: bump version to 1.13.12
go1.13.9 (released 2020/03/19) includes fixes to the go command, tools, the
runtime, the toolchain, and the crypto/cypher package.

go1.13.10 (released 2020/04/08) includes fixes to the go command, the runtime,
and the os/exec and time packages.

go1.13.11 (released 2020/05/14) includes fixes to the compiler.

go1.13.12 (released 2020/06/01) includes fixes to the runtime, and the go/types
and math/big packages.

Release notes: https://golang.org/doc/go1.13

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7cbb3dd94e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 22:37:57 +02:00
Felix Vollmer 58bd7a5ef9 package/asterisk: security bump version to 16.10.0
Fixed the following security issues (16.7.0):

- ASTERISK-28580: Bypass SYSTEM write permission in manager action allows
  system commands execution

- ASTERISK-28589: chan_sip: Depending on configuration an INVITE can alter
  Addr of a peer

In addition, 16.8..16.10 contains a large number of bugfixes.

Release Notes:
https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current-summary.html

Signed-off-by: Felix Vollmer <FelixVollmer@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0152c0553a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 22:29:46 +02:00
Norbert Lange ac0c841739 package/dbus: fix group and mode for the launcher
The D-Bus installation process installs dbus-daemon-launch-helper as
follows:

  chown root:$(DBUS_USER) $(DESTDIR)$(libexecdir)/dbus-daemon-launch-helper$(EXEEXT); \
  chmod 4750 $(DESTDIR)$(libexecdir)/dbus-daemon-launch-helper$(EXEEXT); \

And when the installation does not take place as root (like is the
case in the context of Buildroot), it prints:

  echo "Not installing $(DESTDIR)$(libexecdir)/dbus-daemon-launch-helper binary setuid!"; \
  echo "You'll need to manually set permissions to root:$(DBUS_USER) and permissions 4750"; \

So let's adjust the installation logic of dbus-daemon-launch-helper to
match these requirements.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7ac245a0cb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-12 22:21:39 +02:00
Norbert Lange 3e5351212c package/openssh: add optional dependency on audit
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f10a7e0fb8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-06 09:17:35 +02:00
Norbert Lange 7a3c50ebf4 package/libxml2: remove helper script from target
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 89a0b73aed)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-06 09:16:30 +02:00
Danomi Manchego 91904424ee package/syslog-ng: drop unused systemd file
Commit 54ea03ccd7 ("package/syslog-ng:
implement systemd enablement using DefaultInstance") replaced the lines
installing the syslog-ng@default file with printf lines creating a file
in a syslog-ng@.service.d/ directory on-the-fly.  Since then, nothing
uses the syslog-ng@default file, so let's delete it.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 2a473a9f05)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-06 00:13:12 +02:00
Norbert Lange c52a7a09bb package/iproute2: add optional dependencies on libselinux and libcap
The configure script will automatically detect used pkg-config if
libcap or libselinux are available.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1b9f6fd039)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-06 00:09:01 +02:00
Fabrice Fontaine a75c75c569 docs/manual/adding-packages-generic.txt: fix typo
LIBTOO_SOURCE -> LIBFOO_SOURCE

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 31e6e05f72)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 23:16:17 +02:00
Fabrice Fontaine 27e6597ccc package/pango: add gobject-introspection support
This will fix the following build failure when enabling introspection on
libgtk2:

Couldn't find include 'Pango-1.0.gir' (search path: '['/home/fabrice/buildroot/output/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '../gdk', '/home/fabrice/buildroot/output/host/share', '/usr/share/gnome/gir-1.0', '/usr/local/share/gir-1.0', '/usr/share/gir-1.0', '/home/fabrice/buildroot/output/host/share/gir-1.0', '/usr/share/gir-1.0']')

Fixes:
 - http://autobuild.buildroot.org/results//86c6f55e0bd1a0fe3b70c9e97193aaad94d72a7f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit abefa5a54a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 23:15:47 +02:00
Fabrice Fontaine e25347e642 package/gdk-pixbuf: add gobject-introspection support
This will fix the following build failure when enabling introspection on
libgtk2:

Couldn't find include 'GdkPixbuf-2.0.gir' (search path: '['/tmp/instance-0/output-1/host/bin/../mipsel-buildroot-linux-gnu/sysroot/usr/bin/../share/gir-1.0', '../gdk', '/tmp/instance-0/output-1/host/share', 'gir-1.0', '/tmp/instance-0/output-1/host/share/gir-1.0', '/usr/share/gir-1.0']')

Fixes:
 - http://autobuild.buildroot.org/results//86c6f55e0bd1a0fe3b70c9e97193aaad94d72a7f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0712297a12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 23:15:10 +02:00
Fabrice Fontaine 34559273e6 package/upx: security bump to version 3.96
- Switch site to github to get latest release
- Fix CVE-2019-20805: p_lx_elf.cpp in UPX before 3.96 has an integer
  overflow during unpacking via crafted values in a PT_DYNAMIC segment.
- Fix CERT-FI Case 829767 UPX command line tools segfaults.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0f57837f6a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 23:01:50 +02:00
Fabrice Fontaine a059cf04f2 package/upx: use HOST_CONFIGURE_OPTS
Use HOST_CONFIGURE_OPTS to pass CPPFLAGS and LDFLAGS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1e0c0055d7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 23:01:47 +02:00
Peter Korsgaard d605a9ab64 package/redis: bump version to 5.0.9
Fixes a critical issue related to streams. From the release notes:

================================================================================
Redis 5.0.9     Released Thu Apr 17 12:41:00 CET 2020
================================================================================

Upgrade urgency:CRITICAL if you use Streams with AOF ore replicas.
                Otherwise the upgrade urgency is LOW.

This release has a speed improvement and a critical fix:

    * FIX: XREADGROUP when fetching data in a blocking way, would not
           emit the XCLAIM in the AOF file and to replicas. This means
           that the last ID is not updated, and that restarting the server
           will have the effect of reprocessing some entries.
    * NEW: Clients blocked on the same key are now unblocked on
           O(1) time. Backported from Redis 6.

Commits:

    1fc8ef81a Fix XCLAIM propagation in AOF/replicas for blocking XREADGROUP.
    a5e24eabc Speedup: unblock clients on keys in O(1).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-05 22:48:57 +02:00
Fabrice Fontaine 5961c89356 package/libhttpserver: disable examples
examples are enabled by default since version 0.17.5 and
https://github.com/etr/libhttpserver/commit/012d014a7c52ef91a35c521d5d4f83ee11de5068

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Stephan Hoffmann <sho@relinux.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5e8fe3704a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-21 23:27:51 +02:00
Fabrice Fontaine 9b37e53e47 boot/grub2: Fix GRUB i386-pc build with Ubuntu gcc
Backport a patch from upstream to fix the build on certain versions of
gsc, notably:

    Ubuntu 19.10 with gcc (Ubuntu 8.3.0-26ubuntu1~19.10) 8.3.0
    Ubuntu 19.10 with gcc (Ubuntu 9.2.1-9ubuntu2) 9.2.1 20191008

The upstream patch is simply a change in the gentpl.py script, which is
used to generate parts of the automake machinery, so if we just backport
the upstream patch, we need to call the script to regenerate those files.

However, the modified script is a python script, so we would need to add
a dependency on host-python (2 or 3), which is not so nice.

Furthermore, calling the script is not enough: it needs a specific set
of optionss for each file it is to generate. That set of options is not
static; it is constructed in the convoluted autogen.sh. Calling
autogen.sh is usally not so good an idea in the Buildroot context, and
indeed this fails becasue it calls to autoreconf, but without our
carefuly crafted options and environment variables.

There was a little light in the tunnel, in that autogen.sh can be told
not to run autoreconf, by setting the environemnt variable
FROM_BOOTSTRAP to an non-=empty string, but this is fraught with various
other side-effects, as in that cause, autogen.sh expects to be valled by
an upper sciopt, bootstrap, which is not provided in the tarball
distribution...

So, between all those issues, autogen, bootstrap, and a host-python (2
or 3) dependency, we choose another route: path the script *and* the one
generated file affected by the change. Since that patched file is a .am
file, we also patch the corresponding .in file

However, we're faced with another issue: the other generated file is
now older than the script, so the automake machinery will now want to
re-run autoconf et al during the build step, which is still not a good
idea for us. So we touch the other generated file so it is mopre recent
than the script.

This is still not sufficient, because the patched file also has a
dependency on the generated file, so we need to touch as well.

Fixes:
 - https://bugs.buildroot.org/show_bug.cgi?id=12946

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - keep the hunk about patching gentpl.py
  - make it a git-formatted patch
  - add the touch
  - drastically expand the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7e64a050fb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-21 23:20:55 +02:00
Romain Naour 85c1b08129 Revert "package/prosody: use correct bit32 package"
This reverts commit fa84c176c2 that
replace luabitop by lua_bit32 package when lua 5.1 is used.

Since this change the prosody test in gitlab is fail due to
missing lua-bitops [1]:

Starting prosody:
**************************
Prosody was unable to find lua-bitops
This package can be obtained in the following ways:

    Source:           http://bitop.luajit.org/
    Debian/Ubuntu:    sudo apt-get install lua-bitop
    luarocks:         luarocks install luabitop

WebSocket support will not be available
More help can be found on our website, at https://prosody.im/doc/depends
**************************

The upstream documentation [2] is misleading (or not uptodate)
about lua-bit32 dependency.

Since bitop is builtin since lua5.2, we probably need to select
luabitop package only when lua 5.1 is used as lua interpreter.

Tested with run-tests:
./support/testing/run-tests tests.package.test_prosody.TestProsodyLua51

[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/576271975
[2] https://prosody.im/doc/depends#bitop

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cf810e4099)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-06 23:34:30 +02:00
Baruch Siach 03c9de81d4 package/strace: bump to version 5.7
Drop upstream patch.

Fixes:
http://autobuild.buildroot.net/results/ca298d6543c07efbf77f2adeb4832bbac00ae73f/
http://autobuild.buildroot.net/results/f26a4f2bb5a9b25739e55be5e5ded2b83a0937ac/
http://autobuild.buildroot.net/results/53d6dac4047742ae2acd682a0dd97d986ba611bb/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9ed07fb805)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-06-06 23:29:02 +02:00
1746 changed files with 20050 additions and 34139 deletions
+525 -17
View File
@@ -1,23 +1,531 @@
# Configuration for Gitlab-CI.
# Builds appear on https://gitlab.com/buildroot.org/buildroot/pipelines
# The .gitlab-ci.yml file is generated from .gitlab-ci.yml.in.
# It needs to be regenerated every time a defconfig is added, using
# "make .gitlab-ci.yml".
image: buildroot/base:20200814.2228
image: buildroot/base:20191027.2027
stages:
- generate-gitlab-ci
- build
.check_base:
except:
- /^.*-.*_defconfig$/
- /^.*-tests\..*$/
generate-gitlab-ci-yml:
stage: generate-gitlab-ci
script: ./support/scripts/generate-gitlab-ci-yml support/misc/gitlab-ci.yml.in > generated-gitlab-ci.yml
artifacts:
paths:
- generated-gitlab-ci.yml
check-DEVELOPERS:
extends: .check_base
# get-developers should print just "No action specified"; if it prints
# anything else, it's a parse error.
# The initial ! is removed by YAML so we need to quote it.
script:
- "! utils/get-developers | grep -v 'No action specified'"
buildroot-pipeline:
stage: build
trigger:
include:
- artifact: generated-gitlab-ci.yml
job: generate-gitlab-ci-yml
strategy: depend
check-flake8:
extends: .check_base
before_script:
# Help flake8 to find the Python files without .py extension.
- find * -type f -name '*.py' > files.txt
- find * -type f -print0 | xargs -0 file | grep 'Python script' | cut -d':' -f1 >> files.txt
- sort -u files.txt | tee files.processed
script:
- python -m flake8 --statistics --count --max-line-length=132 $(cat files.processed)
after_script:
- wc -l files.processed
check-gitlab-ci.yml:
extends: .check_base
script:
- mv .gitlab-ci.yml .gitlab-ci.yml.orig
- make .gitlab-ci.yml
- diff -u .gitlab-ci.yml.orig .gitlab-ci.yml
check-package:
extends: .check_base
script:
- make check-package
.defconfig_base:
script:
- echo "Configure Buildroot for ${DEFCONFIG_NAME}"
- make ${DEFCONFIG_NAME}
- echo 'Build buildroot'
- |
make > >(tee build.log |grep '>>>') 2>&1 || {
echo 'Failed build last output'
tail -200 build.log
exit 1
}
- |
./support/scripts/boot-qemu-image.py "${DEFCONFIG_NAME}" > >(tee runtime-test.log) 2>&1 || {
echo 'Failed runtime test last output'
tail -200 runtime-test.log
exit 1
}
artifacts:
when: always
expire_in: 2 weeks
paths:
- .config
- build.log
- output/images/
- output/build/build-time.log
- output/build/packages-file-list.txt
- output/build/*/.config
- runtime-test.log
.defconfig:
extends: .defconfig_base
# Running the defconfigs for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-defconfigs$/
before_script:
- DEFCONFIG_NAME=${CI_JOB_NAME}
one-defconfig:
extends: .defconfig_base
only:
- /^.*-.*_defconfig$/
before_script:
- DEFCONFIG_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
.runtime_test_base:
# Keep build directories so the rootfs can be an artifact of the job. The
# runner will clean up those files for us.
# Multiply every emulator timeout by 10 to avoid sporadic failures in
# elastic runners.
script:
- echo "Starting runtime test ${TEST_CASE_NAME}"
- ./support/testing/run-tests -o test-output/ -d test-dl/ -k --timeout-multiplier 10 ${TEST_CASE_NAME}
artifacts:
when: always
expire_in: 2 weeks
paths:
- test-output/*.log
- test-output/*/.config
- test-output/*/images/*
.runtime_test:
extends: .runtime_test_base
# Running the runtime tests for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-runtime-tests$/
before_script:
- TEST_CASE_NAME=${CI_JOB_NAME}
one-runtime_test:
extends: .runtime_test_base
only:
- /^.*-tests\..*$/
before_script:
- TEST_CASE_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
aarch64_efi_defconfig: { extends: .defconfig }
acmesystems_aria_g25_128mb_defconfig: { extends: .defconfig }
acmesystems_aria_g25_256mb_defconfig: { extends: .defconfig }
acmesystems_arietta_g25_128mb_defconfig: { extends: .defconfig }
acmesystems_arietta_g25_256mb_defconfig: { extends: .defconfig }
amarula_a64_relic_defconfig: { extends: .defconfig }
amarula_vyasa_rk3288_defconfig: { extends: .defconfig }
andes_ae3xx_defconfig: { extends: .defconfig }
arcturus_ucls1012a_defconfig: { extends: .defconfig }
arcturus_ucp1020_defconfig: { extends: .defconfig }
arm_foundationv8_defconfig: { extends: .defconfig }
arm_juno_defconfig: { extends: .defconfig }
armadeus_apf27_defconfig: { extends: .defconfig }
armadeus_apf28_defconfig: { extends: .defconfig }
armadeus_apf51_defconfig: { extends: .defconfig }
asus_tinker_rk3288_defconfig: { extends: .defconfig }
at91sam9260eknf_defconfig: { extends: .defconfig }
at91sam9g20dfc_defconfig: { extends: .defconfig }
at91sam9g45m10ek_defconfig: { extends: .defconfig }
at91sam9rlek_defconfig: { extends: .defconfig }
at91sam9x5ek_defconfig: { extends: .defconfig }
at91sam9x5ek_dev_defconfig: { extends: .defconfig }
at91sam9x5ek_mmc_defconfig: { extends: .defconfig }
at91sam9x5ek_mmc_dev_defconfig: { extends: .defconfig }
atmel_sama5d27_som1_ek_mmc_dev_defconfig: { extends: .defconfig }
atmel_sama5d2_xplained_mmc_defconfig: { extends: .defconfig }
atmel_sama5d2_xplained_mmc_dev_defconfig: { extends: .defconfig }
atmel_sama5d3_xplained_defconfig: { extends: .defconfig }
atmel_sama5d3_xplained_dev_defconfig: { extends: .defconfig }
atmel_sama5d3_xplained_mmc_defconfig: { extends: .defconfig }
atmel_sama5d3_xplained_mmc_dev_defconfig: { extends: .defconfig }
atmel_sama5d3xek_defconfig: { extends: .defconfig }
atmel_sama5d4_xplained_defconfig: { extends: .defconfig }
atmel_sama5d4_xplained_dev_defconfig: { extends: .defconfig }
atmel_sama5d4_xplained_mmc_defconfig: { extends: .defconfig }
atmel_sama5d4_xplained_mmc_dev_defconfig: { extends: .defconfig }
bananapi_m1_defconfig: { extends: .defconfig }
bananapi_m2_plus_defconfig: { extends: .defconfig }
bananapi_m2_ultra_defconfig: { extends: .defconfig }
bananapi_m64_defconfig: { extends: .defconfig }
bananapro_defconfig: { extends: .defconfig }
beagleboardx15_defconfig: { extends: .defconfig }
beaglebone_defconfig: { extends: .defconfig }
beaglebone_qt5_defconfig: { extends: .defconfig }
beagleboneai_defconfig: { extends: .defconfig }
beelink_gs1_defconfig: { extends: .defconfig }
chromebook_snow_defconfig: { extends: .defconfig }
ci20_defconfig: { extends: .defconfig }
csky_gx6605s_defconfig: { extends: .defconfig }
cubieboard2_defconfig: { extends: .defconfig }
engicam_imx6qdl_icore_defconfig: { extends: .defconfig }
engicam_imx6qdl_icore_qt5_defconfig: { extends: .defconfig }
engicam_imx6qdl_icore_rqs_defconfig: { extends: .defconfig }
engicam_imx6ul_geam_defconfig: { extends: .defconfig }
engicam_imx6ul_isiot_defconfig: { extends: .defconfig }
freescale_imx28evk_defconfig: { extends: .defconfig }
freescale_imx6dlsabreauto_defconfig: { extends: .defconfig }
freescale_imx6dlsabresd_defconfig: { extends: .defconfig }
freescale_imx6qsabreauto_defconfig: { extends: .defconfig }
freescale_imx6qsabresd_defconfig: { extends: .defconfig }
freescale_imx6sxsabresd_defconfig: { extends: .defconfig }
freescale_imx6ullevk_defconfig: { extends: .defconfig }
freescale_imx7dsabresd_defconfig: { extends: .defconfig }
freescale_imx8mmevk_defconfig: { extends: .defconfig }
freescale_imx8mqevk_defconfig: { extends: .defconfig }
freescale_imx8qmmek_defconfig: { extends: .defconfig }
freescale_imx8qxpmek_defconfig: { extends: .defconfig }
freescale_p1025twr_defconfig: { extends: .defconfig }
freescale_t1040d4rdb_defconfig: { extends: .defconfig }
freescale_t2080_qds_rdb_defconfig: { extends: .defconfig }
friendlyarm_nanopi_a64_defconfig: { extends: .defconfig }
friendlyarm_nanopi_neo2_defconfig: { extends: .defconfig }
friendlyarm_nanopi_neo_plus2_defconfig: { extends: .defconfig }
galileo_defconfig: { extends: .defconfig }
grinn_chiliboard_defconfig: { extends: .defconfig }
grinn_liteboard_defconfig: { extends: .defconfig }
hifive_unleashed_defconfig: { extends: .defconfig }
imx23evk_defconfig: { extends: .defconfig }
imx6-sabreauto_defconfig: { extends: .defconfig }
imx6-sabresd_defconfig: { extends: .defconfig }
imx6-sabresd_qt5_defconfig: { extends: .defconfig }
imx6slevk_defconfig: { extends: .defconfig }
imx6sx-sdb_defconfig: { extends: .defconfig }
imx6ulevk_defconfig: { extends: .defconfig }
imx6ulpico_defconfig: { extends: .defconfig }
imx7d-sdb_defconfig: { extends: .defconfig }
imx7dpico_defconfig: { extends: .defconfig }
imx8mmpico_defconfig: { extends: .defconfig }
imx8mpico_defconfig: { extends: .defconfig }
lafrite_defconfig: { extends: .defconfig }
lego_ev3_defconfig: { extends: .defconfig }
licheepi_zero_defconfig: { extends: .defconfig }
linksprite_pcduino_defconfig: { extends: .defconfig }
minnowboard_max-graphical_defconfig: { extends: .defconfig }
minnowboard_max_defconfig: { extends: .defconfig }
mx25pdk_defconfig: { extends: .defconfig }
mx51evk_defconfig: { extends: .defconfig }
mx53loco_defconfig: { extends: .defconfig }
mx6cubox_defconfig: { extends: .defconfig }
mx6sx_udoo_neo_defconfig: { extends: .defconfig }
mx6udoo_defconfig: { extends: .defconfig }
nanopi_m1_defconfig: { extends: .defconfig }
nanopi_m1_plus_defconfig: { extends: .defconfig }
nanopi_neo4_defconfig: { extends: .defconfig }
nanopi_neo_defconfig: { extends: .defconfig }
nanopi_r1_defconfig: { extends: .defconfig }
nexbox_a95x_defconfig: { extends: .defconfig }
nitrogen6sx_defconfig: { extends: .defconfig }
nitrogen6x_defconfig: { extends: .defconfig }
nitrogen7_defconfig: { extends: .defconfig }
nitrogen8m_defconfig: { extends: .defconfig }
nitrogen8mm_defconfig: { extends: .defconfig }
nitrogen8mn_defconfig: { extends: .defconfig }
odroidxu4_defconfig: { extends: .defconfig }
olimex_a10_olinuxino_lime_defconfig: { extends: .defconfig }
olimex_a13_olinuxino_defconfig: { extends: .defconfig }
olimex_a20_olinuxino_lime2_defconfig: { extends: .defconfig }
olimex_a20_olinuxino_lime_defconfig: { extends: .defconfig }
olimex_a20_olinuxino_micro_defconfig: { extends: .defconfig }
olimex_a33_olinuxino_defconfig: { extends: .defconfig }
olimex_a64_olinuxino_defconfig: { extends: .defconfig }
olimex_imx233_olinuxino_defconfig: { extends: .defconfig }
olpc_xo175_defconfig: { extends: .defconfig }
olpc_xo1_defconfig: { extends: .defconfig }
openblocks_a6_defconfig: { extends: .defconfig }
orangepi_lite2_defconfig: { extends: .defconfig }
orangepi_lite_defconfig: { extends: .defconfig }
orangepi_one_defconfig: { extends: .defconfig }
orangepi_one_plus_defconfig: { extends: .defconfig }
orangepi_pc2_defconfig: { extends: .defconfig }
orangepi_pc_defconfig: { extends: .defconfig }
orangepi_pc_plus_defconfig: { extends: .defconfig }
orangepi_plus_defconfig: { extends: .defconfig }
orangepi_prime_defconfig: { extends: .defconfig }
orangepi_r1_defconfig: { extends: .defconfig }
orangepi_win_defconfig: { extends: .defconfig }
orangepi_zero_defconfig: { extends: .defconfig }
orangepi_zero_plus2_defconfig: { extends: .defconfig }
pandaboard_defconfig: { extends: .defconfig }
pc_x86_64_bios_defconfig: { extends: .defconfig }
pc_x86_64_efi_defconfig: { extends: .defconfig }
pine64_defconfig: { extends: .defconfig }
pine64_sopine_defconfig: { extends: .defconfig }
qemu_aarch64_virt_defconfig: { extends: .defconfig }
qemu_arm_versatile_defconfig: { extends: .defconfig }
qemu_arm_versatile_nommu_defconfig: { extends: .defconfig }
qemu_arm_vexpress_defconfig: { extends: .defconfig }
qemu_arm_vexpress_tz_defconfig: { extends: .defconfig }
qemu_csky610_virt_defconfig: { extends: .defconfig }
qemu_csky807_virt_defconfig: { extends: .defconfig }
qemu_csky810_virt_defconfig: { extends: .defconfig }
qemu_csky860_virt_defconfig: { extends: .defconfig }
qemu_m68k_mcf5208_defconfig: { extends: .defconfig }
qemu_m68k_q800_defconfig: { extends: .defconfig }
qemu_microblazebe_mmu_defconfig: { extends: .defconfig }
qemu_microblazeel_mmu_defconfig: { extends: .defconfig }
qemu_mips32r2_malta_defconfig: { extends: .defconfig }
qemu_mips32r2el_malta_defconfig: { extends: .defconfig }
qemu_mips32r6_malta_defconfig: { extends: .defconfig }
qemu_mips32r6el_malta_defconfig: { extends: .defconfig }
qemu_mips64_malta_defconfig: { extends: .defconfig }
qemu_mips64el_malta_defconfig: { extends: .defconfig }
qemu_mips64r6_malta_defconfig: { extends: .defconfig }
qemu_mips64r6el_malta_defconfig: { extends: .defconfig }
qemu_nios2_10m50_defconfig: { extends: .defconfig }
qemu_or1k_defconfig: { extends: .defconfig }
qemu_ppc64_e5500_defconfig: { extends: .defconfig }
qemu_ppc64_pseries_defconfig: { extends: .defconfig }
qemu_ppc64le_pseries_defconfig: { extends: .defconfig }
qemu_ppc_g3beige_defconfig: { extends: .defconfig }
qemu_ppc_mac99_defconfig: { extends: .defconfig }
qemu_ppc_mpc8544ds_defconfig: { extends: .defconfig }
qemu_ppc_virtex_ml507_defconfig: { extends: .defconfig }
qemu_riscv32_virt_defconfig: { extends: .defconfig }
qemu_riscv64_virt_defconfig: { extends: .defconfig }
qemu_sh4_r2d_defconfig: { extends: .defconfig }
qemu_sh4eb_r2d_defconfig: { extends: .defconfig }
qemu_sparc64_sun4u_defconfig: { extends: .defconfig }
qemu_sparc_ss10_defconfig: { extends: .defconfig }
qemu_x86_64_defconfig: { extends: .defconfig }
qemu_x86_defconfig: { extends: .defconfig }
qemu_xtensa_lx60_defconfig: { extends: .defconfig }
qemu_xtensa_lx60_nommu_defconfig: { extends: .defconfig }
raspberrypi0_defconfig: { extends: .defconfig }
raspberrypi0w_defconfig: { extends: .defconfig }
raspberrypi2_defconfig: { extends: .defconfig }
raspberrypi3_64_defconfig: { extends: .defconfig }
raspberrypi3_defconfig: { extends: .defconfig }
raspberrypi3_qt5we_defconfig: { extends: .defconfig }
raspberrypi4_64_defconfig: { extends: .defconfig }
raspberrypi4_defconfig: { extends: .defconfig }
raspberrypi_defconfig: { extends: .defconfig }
riotboard_defconfig: { extends: .defconfig }
roc_pc_rk3399_defconfig: { extends: .defconfig }
rock64_defconfig: { extends: .defconfig }
roseapplepi_defconfig: { extends: .defconfig }
s6lx9_microboard_defconfig: { extends: .defconfig }
sheevaplug_defconfig: { extends: .defconfig }
snps_aarch64_vdk_defconfig: { extends: .defconfig }
snps_arc700_axs101_defconfig: { extends: .defconfig }
snps_archs38_axs103_defconfig: { extends: .defconfig }
snps_archs38_haps_defconfig: { extends: .defconfig }
snps_archs38_hsdk_defconfig: { extends: .defconfig }
snps_archs38_vdk_defconfig: { extends: .defconfig }
socrates_cyclone5_defconfig: { extends: .defconfig }
solidrun_clearfog_defconfig: { extends: .defconfig }
solidrun_clearfog_gt_8k_defconfig: { extends: .defconfig }
solidrun_macchiatobin_defconfig: { extends: .defconfig }
stm32f429_disco_defconfig: { extends: .defconfig }
stm32f469_disco_defconfig: { extends: .defconfig }
stm32mp157a_dk1_defconfig: { extends: .defconfig }
stm32mp157c_dk2_defconfig: { extends: .defconfig }
toradex_apalis_imx6_defconfig: { extends: .defconfig }
ts4900_defconfig: { extends: .defconfig }
ts5500_defconfig: { extends: .defconfig }
ts7680_defconfig: { extends: .defconfig }
wandboard_defconfig: { extends: .defconfig }
warp7_defconfig: { extends: .defconfig }
warpboard_defconfig: { extends: .defconfig }
zynq_microzed_defconfig: { extends: .defconfig }
zynq_qmtech_defconfig: { extends: .defconfig }
zynq_zc706_defconfig: { extends: .defconfig }
zynq_zed_defconfig: { extends: .defconfig }
zynqmp_zcu106_defconfig: { extends: .defconfig }
tests.boot.test_atf.TestATFAllwinner: { extends: .runtime_test }
tests.boot.test_atf.TestATFMarvell: { extends: .runtime_test }
tests.boot.test_atf.TestATFVexpress: { extends: .runtime_test }
tests.boot.test_syslinux.TestSysLinuxX86EFI: { extends: .runtime_test }
tests.boot.test_syslinux.TestSysLinuxX86LegacyBios: { extends: .runtime_test }
tests.boot.test_syslinux.TestSysLinuxX86_64EFI: { extends: .runtime_test }
tests.boot.test_syslinux.TestSysLinuxX86_64LegacyBios: { extends: .runtime_test }
tests.core.test_file_capabilities.TestFileCapabilities: { extends: .runtime_test }
tests.core.test_hardening.TestFortifyConserv: { extends: .runtime_test }
tests.core.test_hardening.TestFortifyNone: { extends: .runtime_test }
tests.core.test_hardening.TestRelro: { extends: .runtime_test }
tests.core.test_hardening.TestRelroPartial: { extends: .runtime_test }
tests.core.test_hardening.TestSspNone: { extends: .runtime_test }
tests.core.test_hardening.TestSspStrong: { extends: .runtime_test }
tests.core.test_post_scripts.TestPostScripts: { extends: .runtime_test }
tests.core.test_root_password.TestRootPassword: { extends: .runtime_test }
tests.core.test_rootfs_overlay.TestRootfsOverlay: { extends: .runtime_test }
tests.core.test_timezone.TestGlibcAllTimezone: { extends: .runtime_test }
tests.core.test_timezone.TestGlibcNonDefaultLimitedTimezone: { extends: .runtime_test }
tests.core.test_timezone.TestNoTimezone: { extends: .runtime_test }
tests.download.test_git.TestGitHash: { extends: .runtime_test }
tests.download.test_git.TestGitRefs: { extends: .runtime_test }
tests.fs.test_ext.TestExt2: { extends: .runtime_test }
tests.fs.test_ext.TestExt2r1: { extends: .runtime_test }
tests.fs.test_ext.TestExt3: { extends: .runtime_test }
tests.fs.test_ext.TestExt4: { extends: .runtime_test }
tests.fs.test_f2fs.TestF2FS: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660Grub2External: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660Grub2ExternalCompress: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660Grub2Internal: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660SyslinuxExternal: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660SyslinuxExternalCompress: { extends: .runtime_test }
tests.fs.test_iso9660.TestIso9660SyslinuxInternal: { extends: .runtime_test }
tests.fs.test_jffs2.TestJffs2: { extends: .runtime_test }
tests.fs.test_squashfs.TestSquashfs: { extends: .runtime_test }
tests.fs.test_ubi.TestUbi: { extends: .runtime_test }
tests.fs.test_yaffs2.TestYaffs2: { extends: .runtime_test }
tests.init.test_busybox.TestInitSystemBusyboxRo: { extends: .runtime_test }
tests.init.test_busybox.TestInitSystemBusyboxRoNet: { extends: .runtime_test }
tests.init.test_busybox.TestInitSystemBusyboxRw: { extends: .runtime_test }
tests.init.test_busybox.TestInitSystemBusyboxRwNet: { extends: .runtime_test }
tests.init.test_none.TestInitSystemNone: { extends: .runtime_test }
tests.init.test_openrc.TestInitSystemOpenrcRoFull: { extends: .runtime_test }
tests.init.test_openrc.TestInitSystemOpenrcRwFull: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRoFull: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRoIfupdown: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRoNetworkd: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRwFull: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRwIfupdown: { extends: .runtime_test }
tests.init.test_systemd.TestInitSystemSystemdRwNetworkd: { extends: .runtime_test }
tests.package.test_atop.TestAtop: { extends: .runtime_test }
tests.package.test_crudini.TestCrudiniPy2: { extends: .runtime_test }
tests.package.test_crudini.TestCrudiniPy3: { extends: .runtime_test }
tests.package.test_docker_compose.TestDockerCompose: { extends: .runtime_test }
tests.package.test_dropbear.TestDropbear: { extends: .runtime_test }
tests.package.test_glxinfo.TestGlxinfo: { extends: .runtime_test }
tests.package.test_gst1_python.TestGst1Python: { extends: .runtime_test }
tests.package.test_ipython.TestIPythonPy3: { extends: .runtime_test }
tests.package.test_libftdi1.TestPythonPy2Libftdi1: { extends: .runtime_test }
tests.package.test_libftdi1.TestPythonPy3Libftdi1: { extends: .runtime_test }
tests.package.test_lpeg.TestLuaLPeg: { extends: .runtime_test }
tests.package.test_lpeg.TestLuajitLPeg: { extends: .runtime_test }
tests.package.test_lsqlite3.TestLuaLsqlite3: { extends: .runtime_test }
tests.package.test_lsqlite3.TestLuajitLsqlite3: { extends: .runtime_test }
tests.package.test_lua.TestLua: { extends: .runtime_test }
tests.package.test_lua.TestLuajit: { extends: .runtime_test }
tests.package.test_lua_cqueues.TestLuaLuaCqueues: { extends: .runtime_test }
tests.package.test_lua_cqueues.TestLuajitLuaCqueues: { extends: .runtime_test }
tests.package.test_lua_curl.TestLuaLuacURL: { extends: .runtime_test }
tests.package.test_lua_curl.TestLuajitLuacURL: { extends: .runtime_test }
tests.package.test_lua_gd.TestLuaLuaGD: { extends: .runtime_test }
tests.package.test_lua_gd.TestLuajitLuaGD: { extends: .runtime_test }
tests.package.test_lua_http.TestLuaHttp: { extends: .runtime_test }
tests.package.test_lua_http.TestLuajitHttp: { extends: .runtime_test }
tests.package.test_lua_lyaml.TestLuaLuaLyaml: { extends: .runtime_test }
tests.package.test_lua_lyaml.TestLuajitLuaLyaml: { extends: .runtime_test }
tests.package.test_lua_sdl2.TestLuaLuaSDL2: { extends: .runtime_test }
tests.package.test_lua_sdl2.TestLuajitLuaSDL2: { extends: .runtime_test }
tests.package.test_lua_utf8.TestLuaUtf8: { extends: .runtime_test }
tests.package.test_lua_utf8.TestLuajitUtf8: { extends: .runtime_test }
tests.package.test_luaexpat.TestLuaLuaExpat: { extends: .runtime_test }
tests.package.test_luaexpat.TestLuajitLuaExpat: { extends: .runtime_test }
tests.package.test_luafilesystem.TestLuaLuaFileSystem: { extends: .runtime_test }
tests.package.test_luafilesystem.TestLuajitLuaFileSystem: { extends: .runtime_test }
tests.package.test_luaossl.TestLuaLuaossl: { extends: .runtime_test }
tests.package.test_luaossl.TestLuajitLuaossl: { extends: .runtime_test }
tests.package.test_luaposix.TestLuaLuaPosix: { extends: .runtime_test }
tests.package.test_luaposix.TestLuajitLuaPosix: { extends: .runtime_test }
tests.package.test_luasec.TestLuaLuaSec: { extends: .runtime_test }
tests.package.test_luasec.TestLuajitLuaSec: { extends: .runtime_test }
tests.package.test_luasocket.TestLuaLuaSocket: { extends: .runtime_test }
tests.package.test_luasocket.TestLuajitLuaSocket: { extends: .runtime_test }
tests.package.test_luasyslog.TestLuaLuasyslog: { extends: .runtime_test }
tests.package.test_luasyslog.TestLuajitLuasyslog: { extends: .runtime_test }
tests.package.test_luvi.TestLuvi: { extends: .runtime_test }
tests.package.test_lxc.TestLxc: { extends: .runtime_test }
tests.package.test_lzlib.TestLuaLzlib: { extends: .runtime_test }
tests.package.test_netdata.TestNetdata: { extends: .runtime_test }
tests.package.test_openjdk.TestOpenJdk: { extends: .runtime_test }
tests.package.test_opkg.TestOpkg: { extends: .runtime_test }
tests.package.test_perl.TestPerl: { extends: .runtime_test }
tests.package.test_perl_class_load.TestPerlClassLoad: { extends: .runtime_test }
tests.package.test_perl_dbd_mysql.TestPerlDBDmysql: { extends: .runtime_test }
tests.package.test_perl_encode_detect.TestPerlEncodeDetect: { extends: .runtime_test }
tests.package.test_perl_gdgraph.TestPerlGDGraph: { extends: .runtime_test }
tests.package.test_perl_html_parser.TestPerlHTMLParser: { extends: .runtime_test }
tests.package.test_perl_io_socket_multicast.TestPerlIOSocketMulticast: { extends: .runtime_test }
tests.package.test_perl_io_socket_ssl.TestPerlIOSocketSSL: { extends: .runtime_test }
tests.package.test_perl_libwww_perl.TestPerllibwwwperl: { extends: .runtime_test }
tests.package.test_perl_lwp_protocol_https.TestPerlLWPProtocolhttps: { extends: .runtime_test }
tests.package.test_perl_mail_dkim.TestPerlMailDKIM: { extends: .runtime_test }
tests.package.test_perl_x10.TestPerlX10: { extends: .runtime_test }
tests.package.test_perl_xml_libxml.TestPerlXMLLibXML: { extends: .runtime_test }
tests.package.test_prosody.TestProsodyLua51: { extends: .runtime_test }
tests.package.test_prosody.TestProsodyLuajit: { extends: .runtime_test }
tests.package.test_python.TestPython2: { extends: .runtime_test }
tests.package.test_python.TestPython3: { extends: .runtime_test }
tests.package.test_python_argh.TestPythonPy2Argh: { extends: .runtime_test }
tests.package.test_python_argh.TestPythonPy3Argh: { extends: .runtime_test }
tests.package.test_python_attrs.TestPythonPy2Attrs: { extends: .runtime_test }
tests.package.test_python_attrs.TestPythonPy3Attrs: { extends: .runtime_test }
tests.package.test_python_autobahn.TestPythonPy3Autobahn: { extends: .runtime_test }
tests.package.test_python_automat.TestPythonPy2Automat: { extends: .runtime_test }
tests.package.test_python_automat.TestPythonPy3Automat: { extends: .runtime_test }
tests.package.test_python_avro.TestPythonAvro: { extends: .runtime_test }
tests.package.test_python_bitstring.TestPythonPy2Bitstring: { extends: .runtime_test }
tests.package.test_python_bitstring.TestPythonPy3Bitstring: { extends: .runtime_test }
tests.package.test_python_can.TestPythonPy2Can: { extends: .runtime_test }
tests.package.test_python_can.TestPythonPy3Can: { extends: .runtime_test }
tests.package.test_python_cbor.TestPythonPy2Cbor: { extends: .runtime_test }
tests.package.test_python_cbor.TestPythonPy3Cbor: { extends: .runtime_test }
tests.package.test_python_click.TestPythonPy2Click: { extends: .runtime_test }
tests.package.test_python_click.TestPythonPy3Click: { extends: .runtime_test }
tests.package.test_python_constantly.TestPythonPy2Constantly: { extends: .runtime_test }
tests.package.test_python_constantly.TestPythonPy3Constantly: { extends: .runtime_test }
tests.package.test_python_crossbar.TestPythonPy3Crossbar: { extends: .runtime_test }
tests.package.test_python_cryptography.TestPythonPy2Cryptography: { extends: .runtime_test }
tests.package.test_python_cryptography.TestPythonPy3Cryptography: { extends: .runtime_test }
tests.package.test_python_django.TestPythonPy3Django: { extends: .runtime_test }
tests.package.test_python_gitdb2.TestPythonPy2Gitdb2: { extends: .runtime_test }
tests.package.test_python_gitdb2.TestPythonPy3Gitdb2: { extends: .runtime_test }
tests.package.test_python_gobject.TestPythonPy3Gobject: { extends: .runtime_test }
tests.package.test_python_incremental.TestPythonPy2Incremental: { extends: .runtime_test }
tests.package.test_python_incremental.TestPythonPy3Incremental: { extends: .runtime_test }
tests.package.test_python_passlib.TestPythonPy2Passlib: { extends: .runtime_test }
tests.package.test_python_passlib.TestPythonPy3Passlib: { extends: .runtime_test }
tests.package.test_python_pexpect.TestPythonPy2Pexpect: { extends: .runtime_test }
tests.package.test_python_pexpect.TestPythonPy3Pexpect: { extends: .runtime_test }
tests.package.test_python_pynacl.TestPythonPy2Pynacl: { extends: .runtime_test }
tests.package.test_python_pynacl.TestPythonPy3Pynacl: { extends: .runtime_test }
tests.package.test_python_pyyaml.TestPythonPy2Pyyaml: { extends: .runtime_test }
tests.package.test_python_pyyaml.TestPythonPy3Pyyaml: { extends: .runtime_test }
tests.package.test_python_service_identity.TestPythonPy2ServiceIdentity: { extends: .runtime_test }
tests.package.test_python_service_identity.TestPythonPy3ServiceIdentity: { extends: .runtime_test }
tests.package.test_python_smmap2.TestPythonPy2Smmap2: { extends: .runtime_test }
tests.package.test_python_smmap2.TestPythonPy3Smmap2: { extends: .runtime_test }
tests.package.test_python_subprocess32.TestPythonPy2Subprocess32: { extends: .runtime_test }
tests.package.test_python_treq.TestPythonPy2Treq: { extends: .runtime_test }
tests.package.test_python_treq.TestPythonPy3Treq: { extends: .runtime_test }
tests.package.test_python_twisted.TestPythonPy2Twisted: { extends: .runtime_test }
tests.package.test_python_twisted.TestPythonPy3Twisted: { extends: .runtime_test }
tests.package.test_python_txaio.TestPythonPy3Txaio: { extends: .runtime_test }
tests.package.test_python_txtorcon.TestPythonPy2Txtorcon: { extends: .runtime_test }
tests.package.test_python_txtorcon.TestPythonPy3Txtorcon: { extends: .runtime_test }
tests.package.test_python_ubjson.TestPythonPy2Ubjson: { extends: .runtime_test }
tests.package.test_python_ubjson.TestPythonPy3Ubjson: { extends: .runtime_test }
tests.package.test_rings.TestLuaRings: { extends: .runtime_test }
tests.package.test_rings.TestLuajitRings: { extends: .runtime_test }
tests.package.test_rust.TestRust: { extends: .runtime_test }
tests.package.test_rust.TestRustBin: { extends: .runtime_test }
tests.package.test_syslog_ng.TestSyslogNg: { extends: .runtime_test }
tests.package.test_tmux.TestTmux: { extends: .runtime_test }
tests.package.test_turbolua.TestLuajitTurbolua: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainBuildrootMusl: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainBuildrootuClibc: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainCCache: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainCtngMusl: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainLinaroArm: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainSourceryArmv4: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainSourceryArmv5: { extends: .runtime_test }
tests.toolchain.test_external.TestExternalToolchainSourceryArmv7: { extends: .runtime_test }
tests.utils.test_check_package.TestCheckPackage: { extends: .runtime_test }
@@ -1,13 +1,15 @@
# Configuration for Gitlab-CI.
# Builds appear on https://gitlab.com/buildroot.org/buildroot/pipelines
# The .gitlab-ci.yml file is generated from .gitlab-ci.yml.in.
# It needs to be regenerated every time a defconfig is added, using
# "make .gitlab-ci.yml".
image: buildroot/base:20200814.2228
image: buildroot/base:20191027.2027
.check_base:
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/ || $CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
when: never
- when: always
except:
- /^.*-.*_defconfig$/
- /^.*-tests\..*$/
check-DEVELOPERS:
extends: .check_base
@@ -25,33 +27,26 @@ check-flake8:
- find * -type f -print0 | xargs -0 file | grep 'Python script' | cut -d':' -f1 >> files.txt
- sort -u files.txt | tee files.processed
script:
- python3 -m flake8 --statistics --count --max-line-length=132 $(cat files.processed)
- python -m flake8 --statistics --count --max-line-length=132 $(cat files.processed)
after_script:
- wc -l files.processed
check-gitlab-ci.yml:
extends: .check_base
script:
- mv .gitlab-ci.yml .gitlab-ci.yml.orig
- make .gitlab-ci.yml
- diff -u .gitlab-ci.yml.orig .gitlab-ci.yml
check-package:
extends: .check_base
script:
- make check-package
.defconfig_check:
script:
- echo "Configure Buildroot for ${DEFCONFIG_NAME}"
- make ${DEFCONFIG_NAME}
- support/scripts/check-dotconfig.py .config configs/${DEFCONFIG_NAME}
artifacts:
when: on_failure
expire_in: 2 weeks
paths:
- .config
before_script:
- DEFCONFIG_NAME=$(echo ${CI_JOB_NAME} | sed -e 's,_check$,,g')
.defconfig_base:
script:
- echo "Configure Buildroot for ${DEFCONFIG_NAME}"
- make ${DEFCONFIG_NAME}
- ./support/scripts/check-dotconfig.py .config ./configs/${DEFCONFIG_NAME}
- echo 'Build buildroot'
- |
make > >(tee build.log |grep '>>>') 2>&1 || {
@@ -81,21 +76,17 @@ check-package:
extends: .defconfig_base
# Running the defconfigs for every push is too much, so limit to
# explicit triggers through the API.
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-defconfigs$/'
only:
- triggers
- tags
- /-defconfigs$/
before_script:
- DEFCONFIG_NAME=${CI_JOB_NAME}
one-defconfig:
extends: .defconfig_base
rules:
# For the branch or tag name named *-*_defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/'
only:
- /^.*-.*_defconfig$/
before_script:
- DEFCONFIG_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
@@ -119,19 +110,16 @@ one-defconfig:
extends: .runtime_test_base
# Running the runtime tests for every push is too much, so limit to
# explicit triggers through the API.
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-runtime-tests, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-runtime-tests$/'
only:
- triggers
- tags
- /-runtime-tests$/
before_script:
- TEST_CASE_NAME=${CI_JOB_NAME}
one-runtime_test:
extends: .runtime_test_base
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
only:
- /^.*-tests\..*$/
before_script:
- TEST_CASE_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
-282
View File
@@ -1,167 +1,3 @@
2020.08, released September 1st, 2020
Various fixes.
Updated/fixed packages: am33x-cm3, avahi, bluez-tools,
busybox, chocolate-doom, collectd, dhcp, docker-cli, domoticz,
gobject-introspection, graphite2, haproxy, ibm-sw-tpm2,
imagemagick, libeXosip2, libressl, lxc, mbedtls, menu-cache,
mongodb, mosquitto, nvidia-driver, paho-mqtt-c, pixz,
postgresql, python-django, rtty, squid, stress-ng, systemd,
trousers, uclibc, wireshark, wolfssl, zbar
2020.08-rc3, released August 28th, 2020
Fixes all over the tree.
Infrastructure: Ensure RPATH entries that may be needed for
dlopen() are not dropped by patchelf.
Toolchain: Drop old GCC 6 based external Sourcery AMD64
toolchain.
Updated/fixed packages: assimp, davfs2, dillo, glibc,
gnuradio, hostapd, ibm-sw-tpm2, ipmitool, json-c, libroxml,
linux, mender, netopeer2, openal, openjpeg, python-matplotlib,
ripgrep, shadowsocks-libev, trousers, xlib_libX11,
xserver_xorg-server
Issues resolved (http://bugs.uclibc.org):
#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
2020.08-rc2, released August 24th, 2020
Fixes all over the tree, including a number of fixes for
compilation with GCC-10.
Toolchain: Disallow building uClibc-ng for RISC-V 64-bit,
because of issues with a missing __riscv_flush_icache()
implementation.
Defconfigs: CI20: Use mainline Linux and U-boot. Update
Microchip sama5d27_wlsom1_ek_mmc_dev to use bluez5-utils
instead of (the removed) legacy bluez-utils
Updated/fixed packages: 18xx-ti-utils, aircrack-ng, apache,
atest, bandwidthd, bellagio, bind, bird, bluez-alsa, boost,
c-periphery, capnproto, chrony, collectd, cpio, cvs,
dieharder, domoticz, dovecot, dovecot-pigeonhole, drbd-utils,
dump1090, efl, elixir, f2fs-tools, feh, fluidsynth, fping,
gdbm, gdk-pixbuf, ghostscript, gst1-plugins-bad,
gstreamer1-editing-services, htop, ibm-sw-tpm2, ifplugd,
iftop, igd2-for-linux, ima-evm-utils, iprutils, iputils,
keepalived, kmsxx, libabseil-cpp, libcamera, libcurl,
libfuse3, libnss, librtlsdr, libubox, libunwind, live555,
lttng-tools, luabitop, mender-artifact, minizip,
mjpg-streamer, mpd, mpv, mtd, ncftp, open-lldp, openal,
opencv, opencv3, openfpgaloader, optee-os, owfs, php,
pistache, prosody, pulseview, python-decorator,
python-gunicorn, python-rpi-gpio, python-spidev,
python3-decorator, python3-mako, python3-pyselftools, qt5,
qt5webengine, rauc, redis, ripgrep, rtl8188eu, rtl8821au,
setools, smstools3, supertux, tftpd, tpm2-abrmd,
wpa_supplicant, xen, xlib_libX11, xserver_xorg-server
New packages: python3-cython, python3-pycryptodomex
Issues resolved (http://bugs.uclibc.org):
#12876: nodejs fails to build when host-icu has been built before
#13111: python-gunicorn: missing dependency on python-setuptools
#13121: wpa_supplicant fails to build without libopenssl enabled
#13146: raspberrypi3_defconfig: "Inappropriate ioctl for device"..
#13156: package live555 new license
#13166: python-rpi-gpio: does not work against aarch64, unint..
2020.08-rc1, released August 6th, 2020
Toolchain:
- GCC 10.x added, GCC 9.x is the default
- binutils 2.34 added, binutils 2.33 is the default, binutils
2.31 removed
- glibc updated to 2.31
- ARC toolchain components updated to 2020.03-release.
- Enable uClibc-ng usage for RISC-V 64-bit
Infrastructure:
- qmake-package was fixed to be compatible with
BR2_PER_PACKAGE_DIRECTORIES
- complete rewrite of the Gitlab CI Yaml configuration file,
now generated directly by the Gitlab CI pipeline itselfs
Misc:
- cargo and cargo-bin packages removed, as cargo is now part
of Rust itself
Filesystem: ubinize configuration files can now use
BINARIES_DIR to refer to the $(O)/images directory.
New packages: bitwise, earlyoom, fuse-overlayfs, gloox,
kodi-pvr-octonet, kodi-pvr-zattoo, libabseil-cpp, libcutl,
libnids, libnpupnp, libodb, libodb-boost, libodb-mysql,
libodb-pgsql, mbpfan, netopeer2, odb, parprouted,
python-colorzero, python-gpiozero, python-pybind, python-yatl,
python3-decorator, qt5quicktimeline, resiprocate, ttyd,
unclutter-xfixes, urandom-scripts,
New defconfigs: bananapi_m2_zero, freescale_imx8mnevk,
globalscale_espressobin, imx6ullevk,
microchip_sama5d27_wlsom1_ek, rock_pi_4, rock_pi_n10
Removed packages: cargo, cargo-bin,
kodi-peripheral-steamcontroller
Issues resolved (http://bugs.uclibc.org):
#12941: Python GObject fails to build when using BR2_PER_PACKAGE_DIRECTORIES
#12946: Grub: Decompressor is too big.
#12986: Mtools: Error converting to codepage 850
#13001: openjdk-bin replaces libfreetype.so from host-freetype
#13011: Incorrect selection of gcc version
#13021: Minor code error when building granite-0.4.1
#13026: rpi-firmware: must not rename start files
#13046: Optimize for fast -Ofast is not compliant
#13081: host-e2fsprogs attempts to create udev rules.d on build host if not exists
#13101: BR audit2allow support
2020.05.2, released August 29th, 2020
Important / security related fixes.
Infrastructure: Ensure RPATH entries that may be needed for
dlopen() are not dropped by patchelf.
BR_VERSION_FULL/setlocalversion (used by make print-version
and /etc/os-release): Properly handle local git tags
Updated/fixed packages: apache, assimp, at91bootstrap3, bind,
boost, busybox, capnproto, cegui, chrony, collectd, cpio,
cryptsetup, cups, cvs, dbus, docker-engine, domoticz, dovecot,
dovecot-pigeonhole, dropbear, efl, elixir, f2fs-tools, ffmpeg,
gd, gdk-pixbuf, ghostscript, glibc, gnuradio, grub2,
gst1-plugins-bad, gstreamer1-editing-services, hostapd,
ibm-sw-tpm2, iputils, jasper, json-c, libcurl, libressl,
libwebsockets, linux, live555, mesa3d, mongodb, mosquitto,
mpv, nodejs, opencv, opencv3, openfpgaloader, openjpeg,
patchelf, perl, php, postgresql, prosody, python-django,
python-gunicorn, python-matplotlib, ripgrep, rtl8188eu,
rtl8821au, ruby, shadowsocks-libev, squid, systemd,
tpm2-abrmd, tpm2-tools, trousers, uboot, webkitgtk, wireshark,
wolfssl, wpa_supplicant, wpewebkit, xen, xlib_libX11,
xserver_xorg-server
Issues resolved (http://bugs.uclibc.org):
#12876: nodejs fails to build when host-icu has been built before
#13111: python-gunicorn: missing dependency on python-setuptools
#13121: wpa_supplicant fails to build without libopenssl enabled
#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
#13156: package live555 new license
2020.05.1, released July 25th, 2020
Important / security related fixes.
@@ -393,124 +229,6 @@
#12796: Update OpenSSL to Version 1.1.1g to patch CVE-2020-1967
#12811: bootstrap stuck and no login prompt
2020.02.5, released August 29th, 2020
Important / security related fixes.
Infrastructure: Ensure RPATH entries that may be needed for
dlopen() are not dropped by patchelf.
BR_VERSION_FULL/setlocalversion (used by make print-version
and /etc/os-release): Properly handle local git tags
Updated/fixed packages: apache, at91bootstrap3, bind, boost,
busybox, capnproto, chrony, collectd, cpio, cryptsetup, cups,
cvs, dbus, docker-engine, domoticz, dovecot,
dovecot-pigeonhole, dropbear, efl, elixir, f2fs-tools, ffmpeg,
gd, gdk-pixbuf, ghostscript, glibc, grub2, gst1-plugins-bad,
hostapd, iputils, jasper, json-c, libcurl, libwebsockets,
linux, live555, mesa3d, mosquitto, mpv, nodejs, opencv,
opencv3, openjpeg, patchelf, perl, php, postgresql,
python-django, python-gunicorn, python-matplotlib, ripgrep,
rtl8188eu, rtl8821au, ruby, shadowsocks-libev, squid,
tpm2-abrmd, tpm2-tools, trousers, uacme, webkitgtk, wireshark,
wolfssl, wpa_supplicant, wpewebkit, xen, xlib_libX11,
xserver_xorg-server
Issues resolved (http://bugs.uclibc.org):
#12876: nodejs fails to build when host-icu has been built before
#13111: python-gunicorn: missing dependency on python-setuptools
#13121: wpa_supplicant fails to build without libopenssl enabled
#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
#13156: package live555 new license
2020.02.4, released July 26th, 2020
Important / security related fixes.
Toolchain:
- Make external toolchain version check also work for
toolchains configured with --with-gcc-major-version-only
- Do not handle SOURCE_DATE_EPOCH in toolchain wrapper if the
compiler supports it, fixing an issue with precompiled
headers
- Ensure debug libs from external toolchains are not installed
into target if debugging is disabled
Download:
- Correct reproducibility issue in handling of git submodules
for older git versions.
- Fix file locking over NFS
fs: Ensure cpio archive element order is reproducible
Br2-external: Fix error reporting for invalid br2-external trees
Per-package:
- Fix an issue with python3 sysconfig data not getting
correctly expanded
- Fix per-package building for packages using the qmake
infrastructure
Updated/fixed packages: a10disp, asterisk, bind, cdrkit,
checkpolicy, clamav, dbus, docker-cli, docker-engine,
dvb-apps, e2fsprogs, exim, exiv2, freerdp, gnutls, go, grub2,
gssdp, gst1-plugins-good, gst1-plugins-ugly, gupnp,
intel-microcode, iproute2, irrlicht, iwd, jq, kodi, libcamera,
libconfuse, libcurl, libglib2, libhttpserver, libmicrohttpd,
libopenssl, libvncserver, libxml2, libxmlrpc, lxc, mbedtls,
mesa3d, meson, mongodb, mtools, mutt, nghttp2, ngircd, nodejs,
ntp, open-plc-utils, open2300, openjdk-bin, openssh,
oracle-mysql, paho-mqtt-c, pcre, php, poco, prosody, putty,
python-twisted, python-urllib3, python-validators, python3,
qt5xmlpatterns, redis, rpi-firmware, rtl8821au, samba4, sdl2,
sqlite, squid, syslog-ng, systemd, tcpreplay, tinydtls,
upmpdcli, upx, vlc, webkitgtk, wireguard-linux-compat,
wireshark, wpebackend-fdo, wpewebkit, zstd
Issues resolved (http://bugs.uclibc.org):
#12941: Python GObject fails to build when using BR2_PER_PACKAGE_..
#12946: Grub: Decompressor is too big.
#12986: Mtools: Error converting to codepage 850
#13001: openjdk-bin replaces libfreetype.so from host-freetype
#13011: Incorrect selection of gcc version
#13026: rpi-firmware: must not rename start files
#13031: nodejs: RangeError at new ArrayBuffer()
#13046: Optimize for fast -Ofast is not compliant
2020.02.3, released June 3rd, 2020
Important / security related fixes.
Fix various build issues of host packages on hosts using GCC
10.
Updated/fixed packages: arm-trusted-firmware, audit, bind,
binutils, bison, clamav, crda, dovecot, dtc, efl, elf2flt,
erlang, fakeroot, ffmpeg, fmc, fmlib, freerdp, gcc, git,
glib-networking, gnupg, leveldb, libexif, libssh2,
libusb-compat, linux-headers, lrzip, ltrace, mariadb, mesa3d,
mp4v2, openldap, openocd, perl, php, prosody,
python-pycryptodomex, python-pyqt5, qemu, rpi-firmware, rustc,
speexdsp, sysrepo, systemd, tremor, vboot-utils, wireshark,
xen
Removed packages: python-pycrypto
Issues resolved (http://bugs.uclibc.org):
#12361: Init system (systemd) kills login on Raspberry Pi Zero
#12656: bison fails to relocate with relocate-sdk.sh
#12671: leveldb won't detect that snappy is present (static..
#12691: host-rust build fails
#12831: RPI-firmware package: DTB-overlay dependency
2020.02.2, released May 12th, 2020
Important / security related fixes.
-5
View File
@@ -80,11 +80,6 @@ config BR2_HOSTARCH_NEEDS_IA32_COMPILER
config BR2_NEEDS_HOST_UTF8_LOCALE
bool
# Hidden boolean selected by packages that need the host to have
# support for building gcc plugins
config BR2_NEEDS_HOST_GCC_PLUGIN_SUPPORT
bool
source "arch/Config.in"
menu "Build options"
+1134 -41
View File
File diff suppressed because it is too large Load Diff
+5 -60
View File
@@ -43,11 +43,7 @@ F: package/gstreamer1/gst1-vaapi/
F: package/imx-usb-loader/
F: package/janus-gateway/
F: package/json-for-modern-cpp/
F: package/libabseil-cpp/
F: package/libcpprestsdk/
F: package/libcutl/
F: package/libodb/
F: package/libodb-pgsql/
F: package/libressl/
F: package/libselinux/
F: package/libsemanage/
@@ -56,7 +52,6 @@ F: package/libtextstyle/
F: package/libwebsockets/
F: package/mender-grubenv/
F: package/nginx-naxsi/
F: package/odb/
F: package/openjdk/
F: package/openjdk-bin/
F: package/php/
@@ -204,26 +199,19 @@ F: package/rauc/
N: Angelo Compagnucci <angelo.compagnucci@gmail.com>
F: package/apparmor/
F: package/corkscrew/
F: package/cups/
F: package/cups-filters/
F: package/fail2ban/
F: package/grep/
F: package/i2c-tools/
F: package/jq/
F: package/libapparmor/
F: package/libb64/
F: package/mender/
F: package/mender-artifact/
F: package/mono/
F: package/mono-gtksharp3/
F: package/monolite/
F: package/openjpeg/
F: package/python-can/
F: package/python-pillow/
F: package/python-pydal/
F: package/python-spidev/
F: package/python-web2py/
F: package/sam-ba/
F: package/sshguard/
F: package/sunwait/
F: package/sysdig/
@@ -306,7 +294,6 @@ F: board/stmicroelectronics/stm32mp157a-dk1/
F: configs/stm32mp157a_dk1_defconfig
F: package/python-esptool/
F: package/python-pyaes/
F: package/ttyd/
F: package/qt5/qt5scxml/
F: package/qt5/qt5webview/
@@ -551,9 +538,7 @@ F: package/docker-cli/
F: package/docker-containerd/
F: package/docker-engine/
F: package/docker-proxy/
F: package/fuse-overlayfs/
F: package/go/
F: package/mbpfan/
F: package/mosh/
F: package/pkg-golang.mk
F: package/rtl8821au/
@@ -713,6 +698,8 @@ F: package/gstreamer1/gst1-plugins-bayer2rgb-neon/
N: Eric Le Bihan <eric.le.bihan.dev@free.fr>
F: docs/manual/adding-packages-meson.txt
F: package/adwaita-icon-theme/
F: package/cargo-bin/
F: package/cargo/
F: package/darkhttpd/
F: package/eudev/
F: package/execline/
@@ -799,7 +786,6 @@ F: configs/imx6-sabre*
F: configs/imx6slevk_defconfig
F: configs/imx6sx-sdb_defconfig
F: configs/imx6ulevk_defconfig
F: configs/imx6ullevk_defconfig
F: configs/imx6ulpico_defconfig
F: configs/imx7d-sdb_defconfig
F: configs/imx7dpico_defconfig
@@ -868,7 +854,6 @@ F: package/libmatroska/
F: package/libmpdclient/
F: package/libnetfilter_conntrack/
F: package/libnetfilter_queue/
F: package/libnpupnp/
F: package/liboping/
F: package/libpfm4/
F: package/libraw/
@@ -895,7 +880,6 @@ F: package/pcmanfm/
F: package/python-backcall/
F: package/python-jedi/
F: package/python-parso/
F: package/python-yatl/
F: package/rocksdb/
F: package/rygel/
F: package/safeclib/
@@ -1066,10 +1050,8 @@ F: package/c-icap-modules/
F: package/sdl2/
N: Guillaume William Brs <guillaume.bressaix@gmail.com>
F: package/libnids/
F: package/liquid-dsp/
F: package/pixiewps/
F: package/python-pybind/
F: package/reaver/
N: Guo Ren <ren_guo@c-sky.com>
@@ -1087,7 +1069,6 @@ N: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
F: package/gnuradio/
F: package/gqrx/
F: package/gr-osmosdr/
F: package/librtlsdr/
F: package/libusbgx/
F: package/matio/
F: package/python-cheetah/
@@ -1096,11 +1077,8 @@ F: package/python-remi/
F: package/python-sip/
N: Heiko Thiery <heiko.thiery@gmail.com>
F: package/ipmitool/
F: package/libnetconf2/
F: package/libyang/
F: package/linuxptp/
F: package/netopeer2/
F: package/sysrepo/
N: Henrique Camargo <henrique@henriquecamargo.com>
@@ -1280,10 +1258,6 @@ F: package/libuhttpd/
F: package/libuwsc/
F: package/rtty/
N: Joachim Nilsson <troglobit@gmail.com>
F: configs/globalscale_espressobin_defconfig
F: board/globalscale/espressobin/
N: Joao Pinto <jpinto@synopsys.com>
F: board/synopsys/vdk/
F: configs/snps_aarch64_vdk_defconfig
@@ -1381,7 +1355,6 @@ N: Joseph Kogut <joseph.kogut@gmail.com>
F: package/at-spi2-atk/
F: package/at-spi2-core/
F: package/clang/
F: package/earlyoom/
F: package/gconf/
F: package/libnss/
F: package/lld/
@@ -1392,7 +1365,6 @@ F: package/python-schedule/
F: package/python-sentry-sdk/
F: package/python-websockets/
F: package/python-xlib/
F: package/unclutter-xfixes/
N: Joshua Henderson <joshua.henderson@microchip.com>
F: package/qt5/qt5wayland/
@@ -1451,10 +1423,6 @@ F: package/easy-rsa/
N: Justin Maggard <jmaggard@netgear.com>
F: package/dtach/
N: Kamel Bouhara <kamel.bouhara@gmail.com>
F: package/libodb-boost/
F: package/libodb-mysql/
N: Karoly Kasza <kaszak@gmail.com>
F: package/irqbalance/
F: package/openvmtools/
@@ -1556,7 +1524,6 @@ N: Ludovic Desroches <ludovic.desroches@microchip.com>
F: board/atmel/
F: configs/at91*
F: configs/atmel_*
F: configs/microchip_*
F: package/fb-test-app/
F: package/python-json-schema-validator/
F: package/python-keyring/
@@ -1815,6 +1782,9 @@ F: package/systemd-bootchart/
F: package/tinyalsa/
F: package/tinyxml/
N: Maxime Ripard <maxime.ripard@bootlin.com>
F: package/kmsxx/
N: Michael Durrant <mdurrant@arcturusnetworks.com>
F: board/arcturus/
F: configs/arcturus_ucp1020_defconfig
@@ -1947,9 +1917,6 @@ F: package/openjpeg/
N: Olivier Singla <olivier.singla@gmail.com>
F: package/shellinabox/
N: Owen Walpole <owen@walpole.dev>
F: package/parprouted/
N: Parnell Springmeyer <parnell@digitalmentat.com>
F: package/scrypt/
@@ -2055,8 +2022,6 @@ F: package/iwd/
F: package/libevdev/
F: package/log4cplus/
F: package/postgresql/
F: package/python-colorzero/
F: package/python-gpiozero/
F: package/qt5/
F: package/quotatool/
F: package/racehound/
@@ -2158,9 +2123,6 @@ N: Refik Tuzakli <tuzakli.refik@gmail.com>
F: package/freescale-imx/
F: package/paho-mqtt-cpp/
N: Ramon Fried <rfried.dev@gmail.com>
F: package/bitwise/
N: Raphaël Mélotte <raphael.melotte@essensium.com>
F: package/jbig2dec/
@@ -2246,7 +2208,6 @@ F: package/waffle/
F: package/xenomai/
F: package/zziplib/
F: support/testing/tests/package/test_glxinfo.py
F: support/testing/tests/package/test_openssh.py
F: toolchain/
N: Roman Gorbenkov <roman.gorbenkov@ens2m.org>
@@ -2258,7 +2219,6 @@ F: package/miraclecast/
F: package/python-pysnmp/
F: package/python-pysnmp-mibs/
F: package/python-tornado/
F: package/resiprocate/
F: package/websocketpp/
N: Ryan Coe <bluemrp9@gmail.com>
@@ -2335,7 +2295,6 @@ N: Sergio Prado <sergio.prado@e-labworks.com>
F: board/toradex/apalis-imx6/
F: configs/toradex_apalis_imx6_defconfig
F: package/aoetools/
F: package/azure-iot-sdk-c/
F: package/curlpp/
F: package/daq/
F: package/libgdiplus/
@@ -2405,10 +2364,6 @@ F: package/gtest/
F: package/libhttpserver/
F: package/mtdev/
N: Stephane Viau <stephane.viau@oss.nxp.com>
F: board/freescale/imx8mnevk/
F: configs/freescale_imx8mnevk_defconfig
N: Steve Calfee <stevecalfee@gmail.com>
F: package/python-pymysql/
F: package/python-pyratemp/
@@ -2432,11 +2387,7 @@ F: package/powertop/
N: Suniel Mahesh <sunil@amarulasolutions.com>
F: board/firefly/
F: board/radxa/rockpi-4
F: board/radxa/rockpi-n10
F: configs/roc_pc_rk3399_defconfig
F: configs/rock_pi_4_defconfig
F: configs/rock_pi_n10_defconfig
F: package/arm-gnu-a-toolchain/
N: Sven Haardiek <sven.haardiek@iotec-gmbh.de>
@@ -2570,7 +2521,6 @@ F: package/python-avro/
F: package/redis/
F: package/waf/
F: support/testing/tests/package/test_crudini.py
F: support/testing/tests/package/test_redis.py
N: Trent Piepho <tpiepho@impinj.com>
F: package/libp11/
@@ -2604,8 +2554,6 @@ F: package/nss-myhostname/
F: package/utp_com/
N: Vincent Stehlé <vincent.stehle@laposte.net>
F: board/bananapi/bananapi-m2-zero/
F: configs/bananapi_m2_zero_defconfig
F: package/i7z/
F: package/msr-tools/
F: package/pixz/
@@ -2647,9 +2595,6 @@ F: package/python-pyusb/
N: Wojciech Niziński <niziak@spox.org>
F: package/fwup/
N: Yair Ben Avraham <yairba@protonmail.com>
F: package/gloox/
N: Yann E. MORIN <yann.morin.1998@free.fr>
F: board/friendlyarm/nanopi-neo/
F: configs/nanopi_neo_defconfig
+21 -22
View File
@@ -92,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2020.08
export BR2_VERSION := 2020.05.1
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1598992000
BR2_VERSION_EPOCH = 1595662000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -113,13 +113,7 @@ DATE := $(shell date +%Y%m%d)
# Compute the full local version string so packages can use it as-is
# Need to export it, so it can be got from environment in children (eg. mconf)
BR2_LOCALVERSION := $(shell $(TOPDIR)/support/scripts/setlocalversion)
ifeq ($(BR2_LOCALVERSION),)
export BR2_VERSION_FULL := $(BR2_VERSION)
else
export BR2_VERSION_FULL := $(BR2_LOCALVERSION)
endif
export BR2_VERSION_FULL := $(BR2_VERSION)$(shell $(TOPDIR)/support/scripts/setlocalversion)
# List of targets and target patterns for which .config doesn't need to be read in
noconfig_targets := menuconfig nconfig gconfig xconfig config oldconfig randconfig \
@@ -701,7 +695,8 @@ LOCALE_NOPURGE = $(call qstrip,$(BR2_ENABLE_LOCALE_WHITELIST))
# in the whitelist file. If it doesn't, kill it.
# Finally, specifically for X11, regenerate locale.dir from the whitelist.
define PURGE_LOCALES
printf '%s\n' $(LOCALE_NOPURGE) locale-archive > $(LOCALE_WHITELIST)
rm -f $(LOCALE_WHITELIST)
for i in $(LOCALE_NOPURGE) locale-archive; do echo $$i >> $(LOCALE_WHITELIST); done
for dir in $(addprefix $(TARGET_DIR),/usr/share/locale /usr/share/X11/locale /usr/lib/locale); \
do \
@@ -799,9 +794,9 @@ endif
# counterparts are appropriately setup as symlinks ones to the others.
ifeq ($(BR2_ROOTFS_MERGED_USR),y)
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Sanity check in overlay $(d)")$(sep) \
$(Q)not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
$(call MESSAGE,"Sanity check in overlay $(d)"); \
not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
test -n "$$not_merged_dirs" && { \
echo "ERROR: The overlay in $(d) is not" \
"using a merged /usr for the following directories:" \
@@ -811,20 +806,20 @@ ifeq ($(BR2_ROOTFS_MERGED_USR),y)
endif # merged /usr
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Copying overlay $(d)")$(sep) \
$(Q)$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
$(call MESSAGE,"Copying overlay $(d)"); \
$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
$(Q)$(if $(TARGET_DIR_FILES_LISTS), \
$(if $(TARGET_DIR_FILES_LISTS), \
cat $(TARGET_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list.txt
$(Q)$(if $(HOST_DIR_FILES_LISTS), \
$(if $(HOST_DIR_FILES_LISTS), \
cat $(HOST_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-host.txt
$(Q)$(if $(STAGING_DIR_FILES_LISTS), \
$(if $(STAGING_DIR_FILES_LISTS), \
cat $(STAGING_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-staging.txt
$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
@$(call MESSAGE,"Executing post-build script $(s)")$(sep) \
$(Q)$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
@$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
$(call MESSAGE,"Executing post-build script $(s)"); \
$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
touch $(TARGET_DIR)/usr
@@ -1212,6 +1207,10 @@ check-package:
find $(TOPDIR) -type f \( -name '*.mk' -o -name '*.hash' -o -name 'Config.*' \) \
-exec ./utils/check-package {} +
.PHONY: .gitlab-ci.yml
.gitlab-ci.yml: .gitlab-ci.yml.in
./support/scripts/generate-gitlab-ci-yml $< > $@
include docs/manual/manual.mk
-include $(foreach dir,$(BR2_EXTERNAL_DIRS),$(sort $(wildcard $(dir)/docs/*/*.mk)))
-4
View File
@@ -308,10 +308,6 @@ config BR2_ARCH_NEEDS_GCC_AT_LEAST_9
bool
select BR2_ARCH_NEEDS_GCC_AT_LEAST_8
config BR2_ARCH_NEEDS_GCC_AT_LEAST_10
bool
select BR2_ARCH_NEEDS_GCC_AT_LEAST_9
# The following string values are defined by the individual
# Config.in.$ARCH files
config BR2_ARCH
@@ -1,5 +0,0 @@
#!/bin/sh
mkdir -p ${TARGET_DIR}/lib/firmware
cp -f ${BUILD_DIR}/linux-custom/firmware/ppfe/* ${TARGET_DIR}/lib/firmware/
cp -f ${BUILD_DIR}/linux-custom/br2-ucls1012a.its ${BINARIES_DIR}/
+14 -16
View File
@@ -1,6 +1,6 @@
This document explains how to set up a basic Buildroot system on
various Atmel/Microchip boards. Additional details can also be found
on the Linux4SAM website: http://www.linux4sam.org
This document explains how to set up a basic Buildroot system on various
Atmel boards. Additional details can also be found on the Linux4SAM website:
http://www.at91.com/linux4sam/bin/view/Linux4SAM/
This guide covers the following configurations:
- at91sam9g45m10ek_defconfig
@@ -19,8 +19,6 @@ This guide covers the following configurations:
- atmel_sama5d4_xplained_mmc_dev_defconfig
- atmel_sama5d2_xplained_mmc_defconfig
- atmel_sama5d2_xplained_mmc_dev_defconfig
- microchip_sama5d27_wlsom1_ek_mmc_defconfig
- microchip_sama5d27_wlsom1_ek_mmc_dev_defconfig
These configurations will use AT91Bootstrap, u-boot and a linux kernel from
the git trees maintained by Atmel.
@@ -31,23 +29,23 @@ tests the features of the SoC:
- FFMPEG to record video from the ISI/ISC
- I2C, SPI, CAN, etc. tools
- modetest for LCD screens, HDMI
- Wilc1000/Wilc3000 firmware for the Atmel Wireless sdio module
- Wilc1000 firmware for the Atmel Wireless sdio module
- SSH for convenience
- GDB/GDB server for debug
Configuring and building Buildroot
==================================
For the Xplained/Evaluation Kit boards, the Buildroot configuration is
provided to boot from an SD card. Those configurations are labeled as
'mmc'. In this case, after building Buildroot, follow the instructions
in the "Preparing the SD card" section.
For the other configurations listed above, the Buildroot configuration
For most configurations listed above, the Buildroot configuration
assumes the system will be flashed on NAND. In this case, after
building Buildroot, follow the instructions in the "Flashing the NAND
using SAM-BA" section below.
For the Xplained boards, an alternative Buildroot configuration is
provided to boot from an SD card. Those configurations are labeled as
'mmc'. In this case, after building Buildroot, follow the instructions
in the "Preparing the SD card" section.
To configure and build Buildroot, run:
make <board>_defconfig
@@ -146,10 +144,10 @@ lost. To copy the image on the SD card:
dd if=output/images/sdcard.img of=/dev/mmcblk0
Insert your SD card in your Xplained/Evaluation Kit board, and
enjoy. The default U-Boot environment will load properly the kernel
and Device Tree blob from the first partition of the SD card, so
everything works automatically.
Insert your SD card in your Xplained board, and enjoy. The default
U-Boot environment will load properly the kernel and Device Tree blob
from the first partition of the SD card, so everything works
automatically.
By default a 16MB FAT partition is created. It contains at91bootstrap,
u-boot, the kernel image and all dtb variants for your board. The dtb
@@ -1,31 +0,0 @@
# Image for SD card boot on Microchip SAMA5D27 WLSOM1 EK
#
image boot.vfat {
vfat {
files = {
"zImage",
"at91-sama5d27_wlsom1_ek.dtb",
"boot.bin",
"u-boot.bin"
}
}
size = 16M
}
image sdcard.img {
hdimage {
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 1M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
size = 512M
}
}
-7
View File
@@ -1,7 +0,0 @@
setenv bootargs console=ttyS0,115200 earlyprintk root=/dev/mmcblk0p2 rootwait
mmc dev 0
fatload mmc 0 $kernel_addr_r zImage
fatload mmc 0 $fdt_addr_r sun8i-h2-plus-bananapi-m2-zero.dtb
bootz $kernel_addr_r - $fdt_addr_r
@@ -1,33 +0,0 @@
image boot.vfat {
vfat {
files = {
"zImage",
"sun8i-h2-plus-bananapi-m2-zero.dtb",
"boot.scr"
}
}
size = 64M
}
image sdcard.img {
hdimage {
}
partition u-boot {
in-partition-table = "no"
image = "u-boot-sunxi-with-spl.bin"
offset = 8192
size = 1040384 # 1MB - 8192
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
}
}
@@ -1,34 +0,0 @@
Intro
=====
This default configuration will allow you to start experimenting with the
Buildroot environment for the Bananapi M2 Zero. With the current configuration
it will bring-up the board, and allow access through the serial console.
Bananapi M2 Zero link:
http://www.banana-pi.org/m2z.html
This configuration uses U-Boot mainline and kernel mainline.
How to build
============
$ make bananapi_m2_zero_defconfig
$ make
Note: you will need access to the internet to download the required
sources.
How to write the SD card
========================
Once the build process is finished you will have an image called "sdcard.img"
in the output/images/ directory.
Copy the bootable "sdcard.img" onto an SD card with "dd":
$ sudo dd if=output/images/sdcard.img of=/dev/sdX
$ sync
Insert the micro SDcard in your Bananapi M2 Zero and power it up. The console
is on the Debug UART on the CON3 header, with serial settings 115200 8N1.
@@ -9,21 +9,21 @@ main ()
fi
if grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8M=y$" ${BR2_CONFIG}; then
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/ddr_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/lpddr4_pmu_train_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
BL31=${BINARIES_DIR}/bl31.bin BL33=${BINARIES_DIR}/u-boot-nodtb.bin ATF_LOAD_ADDR=0x00910000 ${HOST_DIR}/bin/mkimage_fit_atf.sh ${UBOOT_DTB} > ${BINARIES_DIR}/u-boot.its
${HOST_DIR}/bin/mkimage -E -p 0x3000 -f ${BINARIES_DIR}/u-boot.its ${BINARIES_DIR}/u-boot.itb
rm -f ${BINARIES_DIR}/u-boot.its
${HOST_DIR}/bin/mkimage_imx8 -fit -signed_hdmi ${BINARIES_DIR}/signed_hdmi_imx8m.bin -loader ${BINARIES_DIR}/u-boot-spl-ddr.bin 0x7E1000 -second_loader ${BINARIES_DIR}/u-boot.itb 0x40200000 0x60000 -out ${BINARIES_DIR}/imx8-boot-sd.bin
elif grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8MM=y$" ${BR2_CONFIG}; then
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/ddr_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/lpddr4_pmu_train_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
BL31=${BINARIES_DIR}/bl31.bin BL33=${BINARIES_DIR}/u-boot-nodtb.bin ATF_LOAD_ADDR=0x00920000 ${HOST_DIR}/bin/mkimage_fit_atf.sh ${UBOOT_DTB} > ${BINARIES_DIR}/u-boot.its
${HOST_DIR}/bin/mkimage -E -p 0x3000 -f ${BINARIES_DIR}/u-boot.its ${BINARIES_DIR}/u-boot.itb
rm -f ${BINARIES_DIR}/u-boot.its
${HOST_DIR}/bin/mkimage_imx8 -fit -loader ${BINARIES_DIR}/u-boot-spl-ddr.bin 0x7E1000 -second_loader ${BINARIES_DIR}/u-boot.itb 0x40200000 0x60000 -out ${BINARIES_DIR}/imx8-boot-sd.bin
elif grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8MN=y$" ${BR2_CONFIG}; then
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/ddr_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
cat ${BINARIES_DIR}/u-boot-spl.bin ${BINARIES_DIR}/lpddr4_pmu_train_fw.bin > ${BINARIES_DIR}/u-boot-spl-ddr.bin
BL31=${BINARIES_DIR}/bl31.bin BL33=${BINARIES_DIR}/u-boot-nodtb.bin ATF_LOAD_ADDR=0x00960000 ${HOST_DIR}/bin/mkimage_fit_atf.sh ${UBOOT_DTB} > ${BINARIES_DIR}/u-boot.its
${HOST_DIR}/bin/mkimage -E -p 0x3000 -f ${BINARIES_DIR}/u-boot.its ${BINARIES_DIR}/u-boot.itb
rm -f ${BINARIES_DIR}/u-boot.its
-2
View File
@@ -38,8 +38,6 @@ genimage_type()
echo "genimage.cfg.template_imx8"
elif grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8MM=y$" ${BR2_CONFIG}; then
echo "genimage.cfg.template_imx8"
elif grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8MN=y$" ${BR2_CONFIG}; then
echo "genimage.cfg.template_imx8"
elif grep -Eq "^BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8X=y$" ${BR2_CONFIG}; then
echo "genimage.cfg.template_imx8"
elif grep -Eq "^BR2_LINUX_KERNEL_INSTALL_TARGET=y$" ${BR2_CONFIG}; then
@@ -1,4 +1,4 @@
From e9a88fddc149fc52cdc5a8997f9fd3a29416c643 Mon Sep 17 00:00:00 2001
From e9b507b695331ef6fa941b471be0a7f284ec6980 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vincent=20Stehl=C3=A9?= <vincent.stehle@freescale.com>
Date: Tue, 12 Aug 2014 10:17:31 +0200
Subject: [PATCH] mx6qsabre_common: boot Linux to /init in mfgtools mode
@@ -20,10 +20,10 @@ Signed-off-by: Julien Olivain <julien.olivain@oss.nxp.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/configs/imx_env.h b/include/configs/imx_env.h
index c03748d93f..aa1a8bf488 100644
index 234af33e55..7e31d208dc 100644
--- a/include/configs/imx_env.h
+++ b/include/configs/imx_env.h
@@ -29,7 +29,7 @@
@@ -20,7 +20,7 @@
#define CONFIG_MFG_ENV_SETTINGS_DEFAULT \
"mfgtool_args=setenv bootargs console=${console},${baudrate} " \
@@ -33,5 +33,5 @@ index c03748d93f..aa1a8bf488 100644
"\0" \
"kboot="MFG_BOOT_CMD"\0"\
--
2.26.2
2.25.1
-10
View File
@@ -9,18 +9,8 @@ Build
First, configure Buildroot for your i.MX6ULL EVK board:
In order to to do so there are two supported options:
make freescale_imx6ullevk_defconfig
if you plan to use NXP provided U-Boot and kernel.
or
make imx6ullevk_defconfig
if you plan to use mainline U-Boot and mainline kernel.
Build all components:
make
-73
View File
@@ -1,73 +0,0 @@
***************************
Freescale i.MX8MN EVK board
***************************
This file documents the Buildroot support for the i.MX8M Nano EVK board.
Build
=====
First, configure Buildroot for the i.MX8MN EVK board:
make freescale_imx8mnevk_defconfig
Build all components:
make
You will find in output/images/ the following files:
- bl31.bin
- boot.vfat
- ddr4_201810_fw.bin
- ddr_fw.bin
- fsl-imx8mn-ddr4-evk.dtb
- Image
- imx8-boot-sd.bin
- rootfs.ext2
- rootfs.ext4
- rootfs.tar
- sdcard.img
- u-boot.bin
- u-boot.imx
- u-boot.itb
- u-boot-nodtb.bin
- u-boot-spl.bin
- u-boot-spl-ddr.bin
Create a bootable SD card
=========================
To determine the device associated to the SD card have a look in the
/proc/partitions file:
cat /proc/partitions
Buildroot prepares a bootable "sdcard.img" image in the output/images/
directory, ready to be dumped on a SD card. Launch the following
command as root:
dd if=output/images/sdcard.img of=/dev/<your-sd-device>
*** WARNING! This will destroy all the card content. Use with care! ***
For details about the medium image layout, see the definition in
board/freescale/common/imx/genimage.cfg.template_imx8.
Boot the i.MX8MN EVK board
==========================
To boot your newly created system (refer to the i.MX8MNano EVK Quick Start Guide
[1] for guidance):
- insert the SD card in the SD slot of the board;
- Configure the switches as follows (X = "don't care"):
SW1101: 1100XXXXXX [D1-D10]
SW1102: XXXXXXXXXX [D1-D10]
- put a micro USB cable into the Debug USB Port and connect using a terminal
emulator at 115200 bps, 8n1;
- power on the board.
Enjoy!
References
==========
[1] https://www.nxp.com/design/development-boards/i-mx-evaluation-and-development-boards/evaluation-kit-for-the-i-mx-8m-nano-applications-processor:8MNANOD4-EVK
@@ -1,11 +0,0 @@
# Minimal image, no U-boot since v3/v5 cannot boot from sdcard, see
# readme.txt for details on configuring the on-board u-boot.
image sdcard.img {
hdimage {
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
}
}
@@ -1,14 +0,0 @@
#
# The Espressobin has a switchcore with full support in the kernel.
# This fragment enables DSA and its drivers, inclding VLAN aware bridge
# support to allow users to easily set up a LAN switch + WAN interface.
#
CONFIG_NET_DSA=m
CONFIG_VLAN_8021Q=y
CONFIG_BRIDGE=m
CONFIG_BRIDGE_IGMP_SNOOPING=y
CONFIG_BRIDGE_VLAN_FILTERING=y
CONFIG_NET_DSA_MV88E6XXX=m
CONFIG_NET_DSA_MV88E6XXX_PTP=y
-90
View File
@@ -1,90 +0,0 @@
Marvell ESPRESSObin
===================
This default configuration allows you to quickly get up and running with
the Marvell ESPRESSObin board by Globalscale Technologies Inc.
The ESPRESSObin is based on the Marvell Armada 88F3720 SoC, coupled with
a Marvell 88E6341 switch core "Topaz", with three exposed gigabit ports.
_________________________
|# U W L L U #|
|# S A A A S #|
|# B N N N B #|
|# 0 1 #|
|# Mini #|
|# -PCI #|
|# #|
|# 5 #|
|#__V___usb_PWR_SATA__SW_#|
Fig 1: Overview of board
Notice difference in Ethernet port layout compared to the Globalscale
docs. They order the ports; LAN2, LAN1, WAN (left to right in figure
above). For more information, see http://espressobin.net
Building
--------
$ make globalscale_espressobin_defconfig
$ make
This generates the kernel image, the devicetree binary, the rootfs as a
tar.gz, and a filesystem image containing everything.
All build artifacts are located in `output/images/`
Booting
-------
To boot, you need a UART connection, using the on-board micro USB port
set to 115200 8N1.
By default, the ESPRESSObin comes with a pre-flashed U-Boot set up to
load the kernel, device-tree and rootfs from SPI NOR flash. The board
jumpers can be changed to boot from different sources, see the quick
start guide for each board revision for details:
- ftp://downloads.globalscaletechnologies.com/Downloads/Espressobin/ESPRESSObin%20V5/
- ftp://downloads.globalscaletechnologies.com/Downloads/Espressobin/ESPRESSObin%20V7/
Note: the v5, and earlier, cannot boot from sdcard, so you have to set
up the factory U-Boot to boot into Buildroot:
1. Flash rootfs image to sdcard drive, your `of=` device may differ:
$ sudo dd if=output/images/sdcard.img of=/dev/mmcblk0 bs=1M
$ sync
2. Boot board from SPI NOR, interrupt boot by pressing any key ...
3. Check with `printenv` that the default setup is OK, otherwise ensure
the following are set, and define `bootcmd` for automatic boot:
> setenv kernel_addr 0x5000000
> setenv fdt_addr 0x1800000
> setenv fdt_name boot/armada-3720-espressobin.dtb
> setenv console console=ttyMV0,115200 earlycon=ar3700_uart,0xd0012000
> setenv bootcmd 'mmc dev 0; ext4load mmc 0:1 $kernel_addr $image_name;ext4load mmc 0:1 $fdt_addr $fdt_name;setenv bootargs $console root=/dev/mmcblk0p1 rw rootwait; booti $kernel_addr - $fdt_addr'
4. Call the boot command, or `reset` the board to start:
> run bootcmd
Networking
----------
To enable Ethernet networking, load the `mv88e6xxx` kernel module, and
bring up each respective interface needed:
# modprobe mv88e6xxx
# ifconfig wan up
A more advanced scenario is setting up switching between the ports using
the Linux bridge. The kernel switchdev layer, and DSA driver, ensure
switch functions are "offloaded" to the HW switch, i.e., all traffic
between LAN ports never reach the CPU. For this you need the iproute2
suite of tools.
+3 -8
View File
@@ -19,9 +19,6 @@ CONFIG_SCSI=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_DEV_SR=y
CONFIG_CHR_DEV_SG=y
CONFIG_MTD=y
CONFIG_MTD_BLOCK=y
CONFIG_GPIO_SYSFS=y
CONFIG_NETDEVICES=y
CONFIG_LIBERTAS=m
CONFIG_INPUT_MOUSEDEV=y
@@ -30,9 +27,9 @@ CONFIG_INPUT_MOUSEDEV_SCREEN_X=1200
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=900
CONFIG_INPUT_EVDEV=y
CONFIG_INPUT_TABLET=y
CONFIG_SERIO_OLPC_APSP=y
CONFIG_SERIAL_8250=y
CONFIG_SERIAL_8250_CONSOLE=y
CONFIG_POWER_SUPPLY=y
CONFIG_BATTERY_OLPC=y
CONFIG_REGULATOR_FIXED_VOLTAGE=y
CONFIG_MEDIA_SUPPORT=y
@@ -47,7 +44,6 @@ CONFIG_DRM_PANEL_SIMPLE=m
CONFIG_FRAMEBUFFER_CONSOLE=y
CONFIG_FB_SIMPLE=y
CONFIG_LCD_CLASS_DEVICE=y
CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_SOUND=y
CONFIG_SND=y
CONFIG_USB=y
@@ -55,17 +51,16 @@ CONFIG_USB_EHCI_HCD=y
CONFIG_USB_STORAGE=y
CONFIG_MMC=y
CONFIG_MMC_SDHCI=y
CONFIG_NEW_LEDS=y
CONFIG_MMC_SDHCI_PCI=y
CONFIG_MMC_SDHCI_PLTFM=y
CONFIG_LEDS_CLASS=y
CONFIG_LEDS_GPIO=y
CONFIG_LEDS_TRIGGERS=y
CONFIG_LEDS_TRIGGER_HEARTBEAT=y
CONFIG_LEDS_TRIGGER_DEFAULT_ON=y
CONFIG_RTC_CLASS=y
CONFIG_EXT4_FS=y
CONFIG_MSDOS_FS=y
CONFIG_VFAT_FS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
CONFIG_FONTS=y
CONFIG_FONT_TER16x32=y
+4 -5
View File
@@ -5,11 +5,10 @@
" /aliases" find-device " last" get-property
abort" No last alias"
" /pci/sd@c" 2over substring? if " root=/dev/mmcblk0p1 " to boot-file then
" /sd/sdhci@d4280000" 2over substring? if " root=/dev/mmcblk1p1 " to boot-file then
" /pci/usb@" 2over substring? if " root=/dev/sda1 " to boot-file then
" /usb@" 2over substring? if " root=/dev/sda1 " to boot-file then
" /pci/nandflash@c" 2over substring? if " root=/dev/mtdblock0 rootfstype=jffs2 " to boot-file then
" /pci/sd@c" 2over substring? if " root=/dev/mmcblk0p1 " to boot-file then
" /sd/sdhci@d4280000" 2over substring? if " root=/dev/mmcblk1p1 " to boot-file then
" /pci/usb@" 2over substring? if " root=/dev/sda1 " to boot-file then
" /usb@" 2over substring? if " root=/dev/sda1 " to boot-file then
2drop
root-device " compatible" get-property dend if 0 0 then ( compatible$ )
+14 -34
View File
@@ -9,13 +9,10 @@ Supported models
* OLPC XO-1
The original NS Geode based OLPC laptop, uses the x86 architecture.
Can be booted either from an internal MTD device formatted with JFFS2
or from a FAT or EXT4 partition on a SD card or a USB flash stick.
* OLPC XO-7.5
The ARM-based laptop. Needs a recent enough firmware to provide a good
enough flattened device tree to the kernel. Can be from a FAT or EXT4
partition on a internal eMMC, a SD card or a USB flash stick.
enough flattened device tree to the kernel.
Configure and build
===================
@@ -31,6 +28,18 @@ Then:
$ make menuconfig # Customize the build configuration
$ make # Build
Create the bootable media
=========================
When the build is finished, the resulting image file will be called
"sdcard.img". It can be written directly to a SD-card or and USB flash stick.
Please double check that you're using the right device (e.g. with "lsblk"
command). Doing the following will DESTROY ALL DATA that's currently on the
media.
# cat output/images/sdcard.img >/dev/<device>
Preparing the machine
=====================
@@ -62,37 +71,8 @@ to update the firmware:
ok flash ext:\q4e00ja.rom \ Flash the "q4e00ja.rom" from the SD card
ok flash u:\q4e00ja.rom \ Flash the "q4e00ja.rom" from USB stick
Create the bootable SD card or USB flash stick
==============================================
When the build is finished, an image file called "sdcard.img" will be created.
It is suitable for writing directly to a SD card, USB flash stick or (on a
XO-1.75) the internal eMMC flash.
Before writing the image, please double check that you're using the right
device (e.g. with "lsblk" command). Doing the following will DESTROY ALL DATA
that's currently on the media.
# cat output/images/sdcard.img >/dev/<device>
Flashing the JFFS2 image (XO-1 only)
====================================
Unlike XO-1.75, the internal NAND flash on XO-1 is accessed without a
FTL and needs a flash-friendly filesystem. A build configured for XO-1
creates a file named "root.jffs2" that can be written to it.
One way to write it is from the Open Firmware prompt. First, partition
and format a USB flash disk with a FAT file system and place the
"root.jffs2" file onto it. Then power on the machine, enter the
Open Firmware port by pressing the ESC key and run the following:
ok patch noop ?open-crcs copy-nand \ Disable CRC check
ok copy-nand u:\root.jffs2
Booting the machine
===================
Once your machine is unlocked, it will automatically boot from your media
wherever it will detect it attached to the USB bus or the SD card slot,
otherwise it will proceed booting from the internal flash.
wherever it will detect it attached to the USB bus or the SD card slot.
+4 -3
View File
@@ -12,16 +12,14 @@ CONFIG_ARM_APPENDED_DTB=y
CONFIG_ARM_ATAG_DTB_COMPAT=y
CONFIG_VFP=y
CONFIG_NEON=y
CONFIG_SENSORS_LIS3_SPI=y
CONFIG_SERIO_OLPC_APSP=y
CONFIG_REGULATOR_88PG86X=m
CONFIG_VIDEO_MMP_CAMERA=y
CONFIG_DRM_ARMADA=y
CONFIG_DRM_DISPLAY_CONNECTOR=m
CONFIG_DRM_SIMPLE_BRIDGE=m
CONFIG_DRM_ETNAVIV=m
CONFIG_BACKLIGHT_CLASS_DEVICE=y
CONFIG_USB_EHCI_MV=y
CONFIG_MMC_SDHCI_PLTFM=y
CONFIG_MMC_SDHCI_PXAV3=y
CONFIG_OLPC_XO175=y
CONFIG_OLPC_XO175_EC=y
@@ -33,6 +31,9 @@ CONFIG_LIBERTAS_THINFIRM=m
CONFIG_MWIFIEX=m
CONFIG_MWIFIEX_SDIO=m
CONFIG_MTD_SPI_NOR=m
CONFIG_MTD=y
CONFIG_MTD_BLOCK=y
CONFIG_MTD_SPI_NOR=m
CONFIG_I2C_PXA=y
CONFIG_SERIAL_OF_PLATFORM=y
CONFIG_SPI=y
+7 -6
View File
@@ -4,27 +4,30 @@ CONFIG_MGEODE_LX=y
CONFIG_X86_MSR=y
CONFIG_HZ_100=y
CONFIG_KEXEC=y
CONFIG_PHYSICAL_START=0x400000
CONFIG_CMDLINE_BOOL=y
CONFIG_ACPI=y
# CONFIG_ACPI is not set
CONFIG_CPU_IDLE=y
CONFIG_CPU_IDLE_GOV_LADDER=y
CONFIG_OLPC=y
CONFIG_OLPC_XO1_PM=y
CONFIG_OLPC_XO1_RTC=y
CONFIG_OLPC_XO1_SCI=y
# CONFIG_FIRMWARE_MEMMAP is not set
# CONFIG_VIRTUALIZATION is not set
CONFIG_ARCH_MMAP_RND_BITS=16
CONFIG_REFCOUNT_FULL=y
CONFIG_SPARSEMEM_MANUAL=y
CONFIG_CMA=y
CONFIG_MTD_CMDLINE_PARTS=y
CONFIG_MTD_REDBOOT_PARTS=y
CONFIG_MTD_REDBOOT_DIRECTORY_BLOCK=0
CONFIG_MTD_ONENAND=y
CONFIG_MTD_ONENAND_GENERIC=y
CONFIG_MTD_RAW_NAND=y
CONFIG_MTD_NAND_CAFE=y
CONFIG_MTD_UBI=y
CONFIG_CS5535_MFGPT=y
CONFIG_CS5535_CLOCK_EVENT_SRC=y
CONFIG_SENSORS_LIS3_SPI=y
CONFIG_MOUSE_PS2_OLPC=y
CONFIG_SERIAL_8250_NR_UARTS=1
CONFIG_SERIAL_8250_RUNTIME_UARTS=1
@@ -39,6 +42,7 @@ CONFIG_NVRAM=y
CONFIG_SCx200_ACB=y
CONFIG_PINCTRL=y
CONFIG_PINCTRL_SINGLE=y
CONFIG_GPIO_SYSFS=y
CONFIG_GPIO_CS5535=y
CONFIG_THERMAL=y
CONFIG_WATCHDOG=y
@@ -59,15 +63,12 @@ CONFIG_SND_AC97_POWER_SAVE=y
CONFIG_SND_CS5535AUDIO=y
CONFIG_USB_EHCI_ROOT_HUB_TT=y
CONFIG_USB_OHCI_HCD=y
CONFIG_MMC_SDHCI_PCI=y
CONFIG_STAGING=y
CONFIG_FB_OLPC_DCON=y
CONFIG_XO1_RFKILL=y
CONFIG_RESET_CONTROLLER=y
CONFIG_GENERIC_PHY=y
CONFIG_PROC_KCORE=y
CONFIG_HUGETLBFS=y
CONFIG_JFFS2_FS=y
CONFIG_JFFS2_FS_WBUF_VERIFY=y
CONFIG_JFFS2_SUMMARY=y
CONFIG_JFFS2_FS_XATTR=y
+4 -16
View File
@@ -5,15 +5,13 @@ CONFIG_HIGH_RES_TIMERS=y
CONFIG_TASKSTATS=y
CONFIG_SCHED_AUTOGROUP=y
CONFIG_PROFILING=y
CONFIG_ARCH_VEXPRESS=y
CONFIG_COMPAT=y
CONFIG_FW_CFG_SYSFS=y
CONFIG_FW_CFG_SYSFS_CMDLINE=y
CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
CONFIG_BLK_DEV_BSGLIB=y
CONFIG_BINFMT_MISC=y
CONFIG_ARCH_VEXPRESS=y
CONFIG_TRANSPARENT_HUGEPAGE=y
CONFIG_BINFMT_MISC=y
CONFIG_COMPAT=y
CONFIG_NET=y
CONFIG_PACKET=y
CONFIG_PACKET_DIAG=y
@@ -25,8 +23,6 @@ CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_BRIDGE=m
CONFIG_NET_SCHED=y
CONFIG_VSOCKETS=y
CONFIG_PCI=y
CONFIG_PCI_HOST_GENERIC=y
CONFIG_DEVTMPFS=y
CONFIG_DEVTMPFS_MOUNT=y
CONFIG_VIRTIO_BLK=y
@@ -42,25 +38,17 @@ CONFIG_DUMMY=y
CONFIG_MACVLAN=y
CONFIG_VIRTIO_NET=y
CONFIG_NLMON=y
CONFIG_VT_HW_CONSOLE_BINDING=y
CONFIG_SERIAL_AMBA_PL011=y
CONFIG_SERIAL_AMBA_PL011_CONSOLE=y
CONFIG_VIRTIO_CONSOLE=y
CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_VIRTIO=y
CONFIG_TCG_TPM=y
CONFIG_TCG_TIS=y
CONFIG_DRM=y
CONFIG_DRM_VIRTIO_GPU=y
CONFIG_RTC_CLASS=y
CONFIG_RTC_DRV_PL031=y
CONFIG_VIRTIO_PCI=y
CONFIG_VIRTIO_MMIO=y
CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y
CONFIG_MAILBOX=y
CONFIG_PL320_MBOX=y
CONFIG_ARM_SMMU_V3=y
CONFIG_EXT4_FS=y
CONFIG_FUSE_FS=y
CONFIG_VIRTIO_FS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
@@ -1,149 +0,0 @@
From bb04c220d82598066eeadf49defaec1157d4d206 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 25 Jul 2020 11:46:01 +0200
Subject: [PATCH] mips: Do not include hi and lo in clobber list for R6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register lo cannot be clobbered in asm for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative clobber list for r6 targets that won't include
those registers."
Since kernel 5.4 and mips support for generic vDSO [2], the kernel fail to build
for mips r6 cpus with gcc 10 for the same reason as glibc.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=24640f233b466051ad3a5d2786d2951e43026c9d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/mips/include/asm/vdso/gettimeofday.h | 45 +++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/arch/mips/include/asm/vdso/gettimeofday.h b/arch/mips/include/asm/vdso/gettimeofday.h
index 0ae9b4cbc153..ea600e0ebfe7 100644
--- a/arch/mips/include/asm/vdso/gettimeofday.h
+++ b/arch/mips/include/asm/vdso/gettimeofday.h
@@ -36,12 +36,21 @@ static __always_inline long gettimeofday_fallback(
register long nr asm("v0") = __NR_gettimeofday;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (tv), "r" (tz), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (tv), "r" (tz), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -60,12 +69,21 @@ static __always_inline long clock_gettime_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -84,12 +102,21 @@ static __always_inline int clock_getres_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -108,12 +135,21 @@ static __always_inline long clock_gettime32_fallback(
register long nr asm("v0") = __NR_clock_gettime;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -128,12 +164,21 @@ static __always_inline int clock_getres32_fallback(
register long nr asm("v0") = __NR_clock_getres;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
--
2.25.4
@@ -1,149 +0,0 @@
From bb04c220d82598066eeadf49defaec1157d4d206 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 25 Jul 2020 11:46:01 +0200
Subject: [PATCH] mips: Do not include hi and lo in clobber list for R6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register lo cannot be clobbered in asm for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative clobber list for r6 targets that won't include
those registers."
Since kernel 5.4 and mips support for generic vDSO [2], the kernel fail to build
for mips r6 cpus with gcc 10 for the same reason as glibc.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=24640f233b466051ad3a5d2786d2951e43026c9d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/mips/include/asm/vdso/gettimeofday.h | 45 +++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/arch/mips/include/asm/vdso/gettimeofday.h b/arch/mips/include/asm/vdso/gettimeofday.h
index 0ae9b4cbc153..ea600e0ebfe7 100644
--- a/arch/mips/include/asm/vdso/gettimeofday.h
+++ b/arch/mips/include/asm/vdso/gettimeofday.h
@@ -36,12 +36,21 @@ static __always_inline long gettimeofday_fallback(
register long nr asm("v0") = __NR_gettimeofday;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (tv), "r" (tz), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (tv), "r" (tz), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -60,12 +69,21 @@ static __always_inline long clock_gettime_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -84,12 +102,21 @@ static __always_inline int clock_getres_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -108,12 +135,21 @@ static __always_inline long clock_gettime32_fallback(
register long nr asm("v0") = __NR_clock_gettime;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -128,12 +164,21 @@ static __always_inline int clock_getres32_fallback(
register long nr asm("v0") = __NR_clock_getres;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
--
2.25.4
@@ -1,149 +0,0 @@
From cfb381d8f4b64f3752c95b4bdd787be63ef84fb2 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 25 Jul 2020 11:46:01 +0200
Subject: [PATCH] mips: Do not include hi and lo in clobber list for R6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register lo cannot be clobbered in asm for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative clobber list for r6 targets that won't include
those registers."
Since kernel 5.4 and mips support for generic vDSO [2], the kernel fail to build
for mips r6 cpus with gcc 10 for the same reason as glibc.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=24640f233b466051ad3a5d2786d2951e43026c9d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/mips/include/asm/vdso/gettimeofday.h | 45 +++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/arch/mips/include/asm/vdso/gettimeofday.h b/arch/mips/include/asm/vdso/gettimeofday.h
index 0ae9b4cbc153..ea600e0ebfe7 100644
--- a/arch/mips/include/asm/vdso/gettimeofday.h
+++ b/arch/mips/include/asm/vdso/gettimeofday.h
@@ -36,12 +36,21 @@ static __always_inline long gettimeofday_fallback(
register long nr asm("v0") = __NR_gettimeofday;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (tv), "r" (tz), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (tv), "r" (tz), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -60,12 +69,21 @@ static __always_inline long clock_gettime_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -84,12 +102,21 @@ static __always_inline int clock_getres_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -108,12 +135,21 @@ static __always_inline long clock_gettime32_fallback(
register long nr asm("v0") = __NR_clock_gettime;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -128,12 +164,21 @@ static __always_inline int clock_getres32_fallback(
register long nr asm("v0") = __NR_clock_getres;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
--
2.25.4
@@ -1,149 +0,0 @@
From cfb381d8f4b64f3752c95b4bdd787be63ef84fb2 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 25 Jul 2020 11:46:01 +0200
Subject: [PATCH] mips: Do not include hi and lo in clobber list for R6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
From [1]
"GCC 10 (PR 91233) won't silently allow registers that are not architecturally
available to be present in the clobber list anymore, resulting in build failure
for mips*r6 targets in form of:
...
.../sysdep.h:146:2: error: the register lo cannot be clobbered in asm for the current target
146 | __asm__ volatile ( \
| ^~~~~~~
This is because base R6 ISA doesn't define hi and lo registers w/o DSP extension.
This patch provides the alternative clobber list for r6 targets that won't include
those registers."
Since kernel 5.4 and mips support for generic vDSO [2], the kernel fail to build
for mips r6 cpus with gcc 10 for the same reason as glibc.
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=020b2a97bb15f807c0482f0faee2184ed05bcad8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=24640f233b466051ad3a5d2786d2951e43026c9d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/mips/include/asm/vdso/gettimeofday.h | 45 +++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/arch/mips/include/asm/vdso/gettimeofday.h b/arch/mips/include/asm/vdso/gettimeofday.h
index 0ae9b4cbc153..ea600e0ebfe7 100644
--- a/arch/mips/include/asm/vdso/gettimeofday.h
+++ b/arch/mips/include/asm/vdso/gettimeofday.h
@@ -36,12 +36,21 @@ static __always_inline long gettimeofday_fallback(
register long nr asm("v0") = __NR_gettimeofday;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (tv), "r" (tz), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (tv), "r" (tz), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -60,12 +69,21 @@ static __always_inline long clock_gettime_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -84,12 +102,21 @@ static __always_inline int clock_getres_fallback(
#endif
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -108,12 +135,21 @@ static __always_inline long clock_gettime32_fallback(
register long nr asm("v0") = __NR_clock_gettime;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
@@ -128,12 +164,21 @@ static __always_inline int clock_getres32_fallback(
register long nr asm("v0") = __NR_clock_getres;
register long error asm("a3");
+#if MIPS_ISA_REV >= 6
+ asm volatile(
+ " syscall\n"
+ : "=r" (ret), "=r" (error)
+ : "r" (clkid), "r" (ts), "r" (nr)
+ : "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
+ "$14", "$15", "$24", "$25", "memory");
+#else
asm volatile(
" syscall\n"
: "=r" (ret), "=r" (error)
: "r" (clkid), "r" (ts), "r" (nr)
: "$1", "$3", "$8", "$9", "$10", "$11", "$12", "$13",
"$14", "$15", "$24", "$25", "hi", "lo", "memory");
+#endif
return error ? -ret : ret;
}
--
2.25.4
@@ -1,32 +0,0 @@
From fe657afd48fc67841d32207ef9eeeb5f099764cd Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 21 Dec 2019 11:52:04 +0100
Subject: [PATCH] arch/sh: vmlinux.scr
Building the kernel using a toolchain built with Binutils 2.33.1 prevent
booting a sh4 system under Qemu.
Apply the patch provided by Alan Modra [2] that fix alignment of rodata.
[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ebd2263ba9a9124d93bbc0ece63d7e0fae89b40e
[2] https://www.sourceware.org/ml/binutils/2019-12/msg00112.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/sh/boot/compressed/vmlinux.scr | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/sh/boot/compressed/vmlinux.scr b/arch/sh/boot/compressed/vmlinux.scr
index 862d74808236..dd292b4b9082 100644
--- a/arch/sh/boot/compressed/vmlinux.scr
+++ b/arch/sh/boot/compressed/vmlinux.scr
@@ -1,6 +1,6 @@
SECTIONS
{
- .rodata..compressed : {
+ .rodata..compressed : ALIGN(8) {
input_len = .;
LONG(input_data_end - input_data) input_data = .;
*(.data)
--
2.24.1
@@ -1,32 +0,0 @@
From 7f92adbba385a4e512abfd6633ac0f9f0cdf91f8 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 21 Dec 2019 11:54:07 +0100
Subject: [PATCH] include/asm-generic: vmlinux.lds.h
Building the kernel using a toolchain built with Binutils 2.33.1 prevent
booting a sh4 system under Qemu.
Apply the patch provided by Alan Modra [2] that fix alignment of rodata.
[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ebd2263ba9a9124d93bbc0ece63d7e0fae89b40e
[2] https://www.sourceware.org/ml/binutils/2019-12/msg00112.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
include/asm-generic/vmlinux.lds.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index d7701d466b60..1aa33597e91e 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -306,6 +306,7 @@
*/
#ifndef RO_AFTER_INIT_DATA
#define RO_AFTER_INIT_DATA \
+ . = ALIGN(8); \
__start_ro_after_init = .; \
*(.data..ro_after_init) \
__end_ro_after_init = .;
--
2.24.1
@@ -1,32 +0,0 @@
From fe657afd48fc67841d32207ef9eeeb5f099764cd Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 21 Dec 2019 11:52:04 +0100
Subject: [PATCH] arch/sh: vmlinux.scr
Building the kernel using a toolchain built with Binutils 2.33.1 prevent
booting a sh4 system under Qemu.
Apply the patch provided by Alan Modra [2] that fix alignment of rodata.
[1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ebd2263ba9a9124d93bbc0ece63d7e0fae89b40e
[2] https://www.sourceware.org/ml/binutils/2019-12/msg00112.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
arch/sh/boot/compressed/vmlinux.scr | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/sh/boot/compressed/vmlinux.scr b/arch/sh/boot/compressed/vmlinux.scr
index 862d74808236..dd292b4b9082 100644
--- a/arch/sh/boot/compressed/vmlinux.scr
+++ b/arch/sh/boot/compressed/vmlinux.scr
@@ -1,6 +1,6 @@
SECTIONS
{
- .rodata..compressed : {
+ .rodata..compressed : ALIGN(8) {
input_len = .;
LONG(input_data_end - input_data) input_data = .;
*(.data)
--
2.24.1
@@ -1,27 +0,0 @@
From 7f92adbba385a4e512abfd6633ac0f9f0cdf91f8 Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sat, 21 Dec 2019 11:54:07 +0100
Subject: [PATCH] include/asm-generic: vmlinux.lds.h
https://www.sourceware.org/ml/binutils/2019-12/msg00112.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
include/asm-generic/vmlinux.lds.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index d7701d466b60..1aa33597e91e 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -306,6 +306,7 @@
*/
#ifndef RO_AFTER_INIT_DATA
#define RO_AFTER_INIT_DATA \
+ . = ALIGN(8); \
__start_ro_after_init = .; \
*(.data..ro_after_init) \
__end_ro_after_init = .;
--
2.24.1
-4
View File
@@ -1,4 +0,0 @@
label RK3399_ROCK_PI_4 linux
kernel /Image
devicetree /rk3399-rock-pi-4.dtb
append earlycon=uart8250,mmio32,0xff1a0000 root=/dev/mmcblk1p4 rw rootwait
-39
View File
@@ -1,39 +0,0 @@
image boot.vfat {
vfat {
files = {
"Image",
"rk3399-rock-pi-4.dtb",
"extlinux"
}
}
size = 112M
}
image sdcard.img {
hdimage {
gpt = true
}
partition loader1 {
image = "idbloader.img"
offset = 32K
}
partition loader2 {
image = "u-boot.itb"
offset = 8M
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 16M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
}
}
-5
View File
@@ -1,5 +0,0 @@
#!/bin/sh
BOARD_DIR="$(dirname $0)"
install -m 0644 -D $BOARD_DIR/extlinux.conf $BINARIES_DIR/extlinux/extlinux.conf
-61
View File
@@ -1,61 +0,0 @@
RADXA ROCK_PI_4
================
https://rockpi.org/rockpi4
ROCK Pi 4 is a Single Board Computer (SBC) from radxa. This guide is valid
for the below models:
- ROCK PI 4 Model A
- ROCK PI 4 Model B
- ROCK PI 4 Model C
Build:
======
$ make rock_pi_4_defconfig
$ make
Files created in output directory
=================================
output/images
├── bl31.elf
├── boot.vfat
├── extlinux
├── idbloader.img
├── Image
├── rk3399-rock-pi-4.dtb
├── rootfs.ext2
├── rootfs.ext4 -> rootfs.ext2
├── rootfs.tar
├── sdcard.img
├── u-boot.bin
└── u-boot.itb
Creating bootable SD card:
==========================
Simply invoke (as root)
sudo dd if=output/images/sdcard.img of=/dev/sdX && sync
Where X is your SD card device.
Booting:
========
Serial console:
---------------
RockPi4 has a 40-pin GPIO header. The pin layout is as follows:
pin 6: gnd
pin 8: tx
pin 10: rx
Baudrate for this board is 1500000.
Login:
------
Enter 'root' as login user, and the prompt is ready.
Wiki link:
https://wiki.amarulasolutions.com/bsp/rockchip/rk3399/rock-pi-4.html
-4
View File
@@ -1,4 +0,0 @@
label RK3399_ROCK_PI_N10 linux
kernel /Image
devicetree /rk3399pro-rock-pi-n10.dtb
append earlycon=uart8250,mmio32,0xff1a0000 root=/dev/mmcblk0p4 rw rootwait
-39
View File
@@ -1,39 +0,0 @@
image boot.vfat {
vfat {
files = {
"Image",
"rk3399pro-rock-pi-n10.dtb",
"extlinux"
}
}
size = 112M
}
image sdcard.img {
hdimage {
gpt = true
}
partition loader1 {
image = "idbloader.img"
offset = 32K
}
partition loader2 {
image = "u-boot.itb"
offset = 8M
}
partition boot {
partition-type = 0xC
bootable = "true"
image = "boot.vfat"
offset = 16M
}
partition rootfs {
partition-type = 0x83
image = "rootfs.ext4"
}
}
-5
View File
@@ -1,5 +0,0 @@
#!/bin/sh
BOARD_DIR="$(dirname $0)"
install -m 0644 -D $BOARD_DIR/extlinux.conf $BINARIES_DIR/extlinux/extlinux.conf
-61
View File
@@ -1,61 +0,0 @@
RADXA ROCKPI-N10
================
https://wiki.radxa.com/RockpiN10
Build:
======
$ make rock_pi_n10_defconfig
$ make
Files created in output directory
=================================
output/images
.
├── bl31.elf
├── boot.vfat
├── extlinux
├── idbloader.img
├── Image
├── rk3399pro-rock-pi-n10.dtb
├── rootfs.ext2
├── rootfs.ext4 -> rootfs.ext2
├── rootfs.tar
├── sdcard.img
├── u-boot.bin
└── u-boot.itb
Creating bootable SD card:
==========================
Simply invoke (as root)
sudo dd if=output/images/sdcard.img of=/dev/sdX && sync
Where X is your SD card device.
Booting:
========
Serial console:
---------------
RockPi-N10 has a 40-pin GPIO header. The pin layout is as follows:
pin 6: gnd
pin 8: tx
pin 10: rx
Baudrate for this board is 1500000.
The boot order on rockpi-n10 is emmc, sd. If emmc contains a valid Image, the board
always boots from emmc. To boot from SD, erase emmc as per the guide:
https://wiki.amarulasolutions.com/bsp/setup/rockchip/rk3399_emmc.html
Login:
------
Enter 'root' as login user, and the prompt is ready.
wiki link:
----------
https://wiki.amarulasolutions.com/bsp/rockchip/rk3399pro/rock-pi-n10.html
-1
View File
@@ -1,3 +1,2 @@
CONFIG_INITRAMFS_SOURCE=""
CONFIG_ARC_UBOOT_SUPPORT=y
CONFIG_USB=y
+2 -2
View File
@@ -15,7 +15,7 @@ choice
Select the specific ATF version you want to use
config BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION
bool "v2.2"
bool "v1.4"
config BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION
bool "Custom version"
@@ -43,7 +43,7 @@ config BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION_VALUE
config BR2_TARGET_ARM_TRUSTED_FIRMWARE_VERSION
string
default "v2.2" if BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION
default "v1.4" if BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION
default "custom" if BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_TARBALL
default BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_REPO_VERSION \
if BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_GIT
@@ -1,3 +1,3 @@
# Locally calculated
sha256 07e3c058ae2d95c7d516a46fc93565b797e912c3271ddbf29df523b1ab1ee911 arm-trusted-firmware-v2.2.tar.gz
sha256 487795b8023df866259fa159bab94706b747fb0d623b7913f1c4955c0ab5f164 license.rst
sha256 6dae02acd85278394bfad6e2683e186e5332a711e4491ac4632ad6480f6e5494 arm-trusted-firmware-v1.4.tar.gz
sha256 487795b8023df866259fa159bab94706b747fb0d623b7913f1c4955c0ab5f164 license.rst
+3 -3
View File
@@ -1,6 +1,6 @@
config BR2_TARGET_AT91BOOTSTRAP3
bool "AT91 Bootstrap 3"
depends on BR2_arm926t || BR2_cortex_a5 || BR2_cortex_a7
depends on BR2_arm926t || BR2_cortex_a5
help
AT91Bootstrap is a first level bootloader for the Atmel AT91
devices. It integrates algorithms for:
@@ -19,7 +19,7 @@ choice
prompt "AT91 Bootstrap 3 version"
config BR2_TARGET_AT91BOOTSTRAP3_LATEST_VERSION
bool "3.9.2"
bool "3.9.0"
config BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_GIT
bool "Custom Git repository"
@@ -51,7 +51,7 @@ endif
config BR2_TARGET_AT91BOOTSTRAP3_VERSION
string
default "v3.9.2" if BR2_TARGET_AT91BOOTSTRAP3_LATEST_VERSION
default "v3.9.0" if BR2_TARGET_AT91BOOTSTRAP3_LATEST_VERSION
default BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_REPO_VERSION \
if BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_GIT
default "custom" if BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_TARBALL
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally calculated
sha256 6cf37df482024f3770fe1880f768a675beda16323a90e702860d9e5478105b3f at91bootstrap3-v3.9.2.tar.gz
sha256 e23e6df23b79ca81e412cb73a1f48bd95df8d46c7d52a1d073c2ed9d4f3a1a71 at91bootstrap3-v3.9.0.tar.gz
sha256 732b2a55b5905031d8ae420136ffb5f8889214865784386bf754cffab8d2bc6e main.c
+2 -2
View File
@@ -12,7 +12,7 @@ choice
Select the specific Barebox version you want to use
config BR2_TARGET_BAREBOX_LATEST_VERSION
bool "2020.07.0"
bool "2020.03.0"
config BR2_TARGET_BAREBOX_CUSTOM_VERSION
bool "Custom version"
@@ -40,7 +40,7 @@ endif
config BR2_TARGET_BAREBOX_VERSION
string
default "2020.07.0" if BR2_TARGET_BAREBOX_LATEST_VERSION
default "2020.03.0" if BR2_TARGET_BAREBOX_LATEST_VERSION
default BR2_TARGET_BAREBOX_CUSTOM_VERSION_VALUE if BR2_TARGET_BAREBOX_CUSTOM_VERSION
default "custom" if BR2_TARGET_BAREBOX_CUSTOM_TARBALL
default BR2_TARGET_BAREBOX_CUSTOM_GIT_VERSION if BR2_TARGET_BAREBOX_CUSTOM_GIT
+3 -3
View File
@@ -1,8 +1,8 @@
# From https://www.barebox.org/download/barebox-2020.07.0.tar.bz2.md5
md5 49f3fba08743d44e84e8d68ed776f05d barebox-2020.07.0.tar.bz2
# From https://www.barebox.org/download/barebox-2020.03.0.tar.bz2.md5
md5 9e93df6dadb898d91d9f3811456a94bd barebox-2020.03.0.tar.bz2
# Locally calculated
sha256 1956620acc39b5c9b035635ff0b1da2c1b72b791612ef55a72e6272a903fbc4c barebox-2020.07.0.tar.bz2
sha256 625b031d1fe99bdd3bf95f79c8ecfcf67101bc2500ec4816e034bf989f16d1c2 barebox-2020.03.0.tar.bz2
# License files, locally computed
sha256 ab1122aa9f9073ad1ec824edcd970b16a6a7881a34a18fd56c080debb2dca5d4 COPYING
@@ -1,73 +0,0 @@
From a7ab0cc98fa89a3d5098c29cbe44bcd24b0a6454 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 15 Apr 2020 15:45:02 -0400
Subject: [PATCH] yylex: Make lexer fatal errors actually be fatal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When presented with a command that can't be tokenized to anything
smaller than YYLMAX characters, the parser calls YY_FATAL_ERROR(errmsg),
expecting that will stop further processing, as such:
#define YY_DO_BEFORE_ACTION \
yyg->yytext_ptr = yy_bp; \
yyleng = (int) (yy_cp - yy_bp); \
yyg->yy_hold_char = *yy_cp; \
*yy_cp = '\0'; \
if ( yyleng >= YYLMAX ) \
YY_FATAL_ERROR( "token too large, exceeds YYLMAX" ); \
yy_flex_strncpy( yytext, yyg->yytext_ptr, yyleng + 1 , yyscanner); \
yyg->yy_c_buf_p = yy_cp;
The code flex generates expects that YY_FATAL_ERROR() will either return
for it or do some form of longjmp(), or handle the error in some way at
least, and so the strncpy() call isn't in an "else" clause, and thus if
YY_FATAL_ERROR() is *not* actually fatal, it does the call with the
questionable limit, and predictable results ensue.
Unfortunately, our implementation of YY_FATAL_ERROR() is:
#define YY_FATAL_ERROR(msg) \
do { \
grub_printf (_("fatal error: %s\n"), _(msg)); \
} while (0)
The same pattern exists in yyless(), and similar problems exist in users
of YY_INPUT(), several places in the main parsing loop,
yy_get_next_buffer(), yy_load_buffer_state(), yyensure_buffer_stack,
yy_scan_buffer(), etc.
All of these callers expect YY_FATAL_ERROR() to actually be fatal, and
the things they do if it returns after calling it are wildly unsafe.
Fixes: CVE-2020-10713
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/script/yylex.l | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/script/yylex.l b/grub-core/script/yylex.l
index 7b44c37b7..b7203c823 100644
--- a/grub-core/script/yylex.l
+++ b/grub-core/script/yylex.l
@@ -37,11 +37,11 @@
/*
* As we don't have access to yyscanner, we cannot do much except to
- * print the fatal error.
+ * print the fatal error and exit.
*/
#define YY_FATAL_ERROR(msg) \
do { \
- grub_printf (_("fatal error: %s\n"), _(msg)); \
+ grub_fatal (_("fatal error: %s\n"), _(msg));\
} while (0)
#define COPY(str, hint) \
--
2.26.2
@@ -1,128 +0,0 @@
From 782a4580a5e347793443aa8e9152db1bf4a0fff8 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 15 Jun 2020 10:58:42 -0400
Subject: [PATCH] safemath: Add some arithmetic primitives that check for
overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This adds a new header, include/grub/safemath.h, that includes easy to
use wrappers for __builtin_{add,sub,mul}_overflow() declared like:
bool OP(a, b, res)
where OP is grub_add, grub_sub or grub_mul. OP() returns true in the
case where the operation would overflow and res is not modified.
Otherwise, false is returned and the operation is executed.
These arithmetic primitives require newer compiler versions. So, bump
these requirements in the INSTALL file too.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
INSTALL | 22 ++--------------------
include/grub/compiler.h | 8 ++++++++
include/grub/safemath.h | 37 +++++++++++++++++++++++++++++++++++++
3 files changed, 47 insertions(+), 20 deletions(-)
create mode 100644 include/grub/safemath.h
diff --git a/INSTALL b/INSTALL
index 8acb40902..dcb9b7d7b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If
you don't have any of them, please obtain and install them before
configuring the GRUB.
-* GCC 4.1.3 or later
- Note: older versions may work but support is limited
-
- Experimental support for clang 3.3 or later (results in much bigger binaries)
+* GCC 5.1.0 or later
+ Experimental support for clang 3.8.0 or later (results in much bigger binaries)
for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64
- Note: clang 3.2 or later works for i386 and x86_64 targets but results in
- much bigger binaries.
- earlier versions not tested
- Note: clang 3.2 or later works for arm
- earlier versions not tested
- Note: clang on arm64 is not supported due to
- https://llvm.org/bugs/show_bug.cgi?id=26030
- Note: clang 3.3 or later works for mips(el)
- earlier versions fail to generate .reginfo and hence gprel relocations
- fail.
- Note: clang 3.2 or later works for powerpc
- earlier versions not tested
- Note: clang 3.5 or later works for sparc64
- earlier versions return "error: unable to interface with target machine"
- Note: clang has no support for ia64 and hence you can't compile GRUB
- for ia64 with clang
* GNU Make
* GNU Bison 2.3 or later
* GNU gettext 0.17 or later
diff --git a/include/grub/compiler.h b/include/grub/compiler.h
index c9e1d7a73..8f3be3ae7 100644
--- a/include/grub/compiler.h
+++ b/include/grub/compiler.h
@@ -48,4 +48,12 @@
# define WARN_UNUSED_RESULT
#endif
+#if defined(__clang__) && defined(__clang_major__) && defined(__clang_minor__)
+# define CLANG_PREREQ(maj,min) \
+ ((__clang_major__ > (maj)) || \
+ (__clang_major__ == (maj) && __clang_minor__ >= (min)))
+#else
+# define CLANG_PREREQ(maj,min) 0
+#endif
+
#endif /* ! GRUB_COMPILER_HEADER */
diff --git a/include/grub/safemath.h b/include/grub/safemath.h
new file mode 100644
index 000000000..c17b89bba
--- /dev/null
+++ b/include/grub/safemath.h
@@ -0,0 +1,37 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2020 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * Arithmetic operations that protect against overflow.
+ */
+
+#ifndef GRUB_SAFEMATH_H
+#define GRUB_SAFEMATH_H 1
+
+#include <grub/compiler.h>
+
+/* These appear in gcc 5.1 and clang 3.8. */
+#if GNUC_PREREQ(5, 1) || CLANG_PREREQ(3, 8)
+
+#define grub_add(a, b, res) __builtin_add_overflow(a, b, res)
+#define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res)
+#define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res)
+
+#else
+#error gcc 5.1 or newer or clang 3.8 or newer is required
+#endif
+
+#endif /* GRUB_SAFEMATH_H */
--
2.26.2
@@ -1,246 +0,0 @@
From 5775eb40862b67468ced816e6d7560dbe22a3670 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 15 Jun 2020 12:15:29 -0400
Subject: [PATCH] calloc: Make sure we always have an overflow-checking
calloc() available
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This tries to make sure that everywhere in this source tree, we always have
an appropriate version of calloc() (i.e. grub_calloc(), xcalloc(), etc.)
available, and that they all safely check for overflow and return NULL when
it would occur.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/emu/misc.c | 12 +++++++++
grub-core/kern/emu/mm.c | 10 ++++++++
grub-core/kern/mm.c | 40 ++++++++++++++++++++++++++++++
grub-core/lib/libgcrypt_wrap/mem.c | 11 ++++++--
grub-core/lib/posix_wrap/stdlib.h | 8 +++++-
include/grub/emu/misc.h | 1 +
include/grub/mm.h | 6 +++++
7 files changed, 85 insertions(+), 3 deletions(-)
diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
index 65db79baa..dfd8a8ec4 100644
--- a/grub-core/kern/emu/misc.c
+++ b/grub-core/kern/emu/misc.c
@@ -85,6 +85,18 @@ grub_util_error (const char *fmt, ...)
exit (1);
}
+void *
+xcalloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *p;
+
+ p = calloc (nmemb, size);
+ if (!p)
+ grub_util_error ("%s", _("out of memory"));
+
+ return p;
+}
+
void *
xmalloc (grub_size_t size)
{
diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
index f262e95e3..145b01d37 100644
--- a/grub-core/kern/emu/mm.c
+++ b/grub-core/kern/emu/mm.c
@@ -25,6 +25,16 @@
#include <string.h>
#include <grub/i18n.h>
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *ret;
+ ret = calloc (nmemb, size);
+ if (!ret)
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+ return ret;
+}
+
void *
grub_malloc (grub_size_t size)
{
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index ee88ff611..f2822a836 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -67,8 +67,10 @@
#include <grub/dl.h>
#include <grub/i18n.h>
#include <grub/mm_private.h>
+#include <grub/safemath.h>
#ifdef MM_DEBUG
+# undef grub_calloc
# undef grub_malloc
# undef grub_zalloc
# undef grub_realloc
@@ -375,6 +377,30 @@ grub_memalign (grub_size_t align, grub_size_t size)
return 0;
}
+/*
+ * Allocate NMEMB instances of SIZE bytes and return the pointer, or error on
+ * integer overflow.
+ */
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *ret;
+ grub_size_t sz = 0;
+
+ if (grub_mul (nmemb, size, &sz))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ return NULL;
+ }
+
+ ret = grub_memalign (0, sz);
+ if (!ret)
+ return NULL;
+
+ grub_memset (ret, 0, sz);
+ return ret;
+}
+
/* Allocate SIZE bytes and return the pointer. */
void *
grub_malloc (grub_size_t size)
@@ -561,6 +587,20 @@ grub_mm_dump (unsigned lineno)
grub_printf ("\n");
}
+void *
+grub_debug_calloc (const char *file, int line, grub_size_t nmemb, grub_size_t size)
+{
+ void *ptr;
+
+ if (grub_mm_debug)
+ grub_printf ("%s:%d: calloc (0x%" PRIxGRUB_SIZE ", 0x%" PRIxGRUB_SIZE ") = ",
+ file, line, size);
+ ptr = grub_calloc (nmemb, size);
+ if (grub_mm_debug)
+ grub_printf ("%p\n", ptr);
+ return ptr;
+}
+
void *
grub_debug_malloc (const char *file, int line, grub_size_t size)
{
diff --git a/grub-core/lib/libgcrypt_wrap/mem.c b/grub-core/lib/libgcrypt_wrap/mem.c
index beeb661a3..74c6eafe5 100644
--- a/grub-core/lib/libgcrypt_wrap/mem.c
+++ b/grub-core/lib/libgcrypt_wrap/mem.c
@@ -4,6 +4,7 @@
#include <grub/crypto.h>
#include <grub/dl.h>
#include <grub/env.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -36,7 +37,10 @@ void *
gcry_xcalloc (size_t n, size_t m)
{
void *ret;
- ret = grub_zalloc (n * m);
+ size_t sz;
+ if (grub_mul (n, m, &sz))
+ grub_fatal ("gcry_xcalloc would overflow");
+ ret = grub_zalloc (sz);
if (!ret)
grub_fatal ("gcry_xcalloc failed");
return ret;
@@ -56,7 +60,10 @@ void *
gcry_xcalloc_secure (size_t n, size_t m)
{
void *ret;
- ret = grub_zalloc (n * m);
+ size_t sz;
+ if (grub_mul (n, m, &sz))
+ grub_fatal ("gcry_xcalloc would overflow");
+ ret = grub_zalloc (sz);
if (!ret)
grub_fatal ("gcry_xcalloc failed");
return ret;
diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h
index 3b46f47ff..7a8d385e9 100644
--- a/grub-core/lib/posix_wrap/stdlib.h
+++ b/grub-core/lib/posix_wrap/stdlib.h
@@ -21,6 +21,7 @@
#include <grub/mm.h>
#include <grub/misc.h>
+#include <grub/safemath.h>
static inline void
free (void *ptr)
@@ -37,7 +38,12 @@ malloc (grub_size_t size)
static inline void *
calloc (grub_size_t size, grub_size_t nelem)
{
- return grub_zalloc (size * nelem);
+ grub_size_t sz;
+
+ if (grub_mul (size, nelem, &sz))
+ return NULL;
+
+ return grub_zalloc (sz);
}
static inline void *
diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h
index ce464cfd0..ff9c48a64 100644
--- a/include/grub/emu/misc.h
+++ b/include/grub/emu/misc.h
@@ -47,6 +47,7 @@ grub_util_device_is_mapped (const char *dev);
#define GRUB_HOST_PRIuLONG_LONG "llu"
#define GRUB_HOST_PRIxLONG_LONG "llx"
+void * EXPORT_FUNC(xcalloc) (grub_size_t nmemb, grub_size_t size) WARN_UNUSED_RESULT;
void * EXPORT_FUNC(xmalloc) (grub_size_t size) WARN_UNUSED_RESULT;
void * EXPORT_FUNC(xrealloc) (void *ptr, grub_size_t size) WARN_UNUSED_RESULT;
char * EXPORT_FUNC(xstrdup) (const char *str) WARN_UNUSED_RESULT;
diff --git a/include/grub/mm.h b/include/grub/mm.h
index 28e2e53eb..9c38dd3ca 100644
--- a/include/grub/mm.h
+++ b/include/grub/mm.h
@@ -29,6 +29,7 @@
#endif
void grub_mm_init_region (void *addr, grub_size_t size);
+void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size);
void *EXPORT_FUNC(grub_malloc) (grub_size_t size);
void *EXPORT_FUNC(grub_zalloc) (grub_size_t size);
void EXPORT_FUNC(grub_free) (void *ptr);
@@ -48,6 +49,9 @@ extern int EXPORT_VAR(grub_mm_debug);
void grub_mm_dump_free (void);
void grub_mm_dump (unsigned lineno);
+#define grub_calloc(nmemb, size) \
+ grub_debug_calloc (GRUB_FILE, __LINE__, nmemb, size)
+
#define grub_malloc(size) \
grub_debug_malloc (GRUB_FILE, __LINE__, size)
@@ -63,6 +67,8 @@ void grub_mm_dump (unsigned lineno);
#define grub_free(ptr) \
grub_debug_free (GRUB_FILE, __LINE__, ptr)
+void *EXPORT_FUNC(grub_debug_calloc) (const char *file, int line,
+ grub_size_t nmemb, grub_size_t size);
void *EXPORT_FUNC(grub_debug_malloc) (const char *file, int line,
grub_size_t size);
void *EXPORT_FUNC(grub_debug_zalloc) (const char *file, int line,
--
2.26.2
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
@@ -1,72 +0,0 @@
From e0dd17a3ce79c6622dc78c96e1f2ef1b20e2bf7b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sat, 4 Jul 2020 12:25:09 -0400
Subject: [PATCH] iso9660: Don't leak memory on realloc() failures
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/iso9660.c | 24 ++++++++++++++++++++----
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c
index 7ba5b300b..5ec4433b8 100644
--- a/grub-core/fs/iso9660.c
+++ b/grub-core/fs/iso9660.c
@@ -533,14 +533,20 @@ add_part (struct iterate_dir_ctx *ctx,
{
int size = ctx->symlink ? grub_strlen (ctx->symlink) : 0;
grub_size_t sz;
+ char *new;
if (grub_add (size, len2, &sz) ||
grub_add (sz, 1, &sz))
return;
- ctx->symlink = grub_realloc (ctx->symlink, sz);
- if (! ctx->symlink)
- return;
+ new = grub_realloc (ctx->symlink, sz);
+ if (!new)
+ {
+ grub_free (ctx->symlink);
+ ctx->symlink = NULL;
+ return;
+ }
+ ctx->symlink = new;
grub_memcpy (ctx->symlink + size, part, len2);
ctx->symlink[size + len2] = 0;
@@ -634,7 +640,12 @@ susp_iterate_dir (struct grub_iso9660_susp_entry *entry,
is the length. Both are part of the `Component
Record'. */
if (ctx->symlink && !ctx->was_continue)
- add_part (ctx, "/", 1);
+ {
+ add_part (ctx, "/", 1);
+ if (grub_errno)
+ return grub_errno;
+ }
+
add_part (ctx, (char *) &entry->data[pos + 2],
entry->data[pos + 1]);
ctx->was_continue = (entry->data[pos] & 1);
@@ -653,6 +664,11 @@ susp_iterate_dir (struct grub_iso9660_susp_entry *entry,
add_part (ctx, "/", 1);
break;
}
+
+ /* Check if grub_realloc() failed in add_part(). */
+ if (grub_errno)
+ return grub_errno;
+
/* In pos + 1 the length of the `Component Record' is
stored. */
pos += entry->data[pos + 1] + 2;
--
2.26.2
@@ -1,41 +0,0 @@
From 73bc7a964c9496d5b0f00dbd69959dacf5adcebe Mon Sep 17 00:00:00 2001
From: Daniel Kiper <daniel.kiper@oracle.com>
Date: Tue, 7 Jul 2020 15:36:26 +0200
Subject: [PATCH] font: Do not load more than one NAME section
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The GRUB font file can have one NAME section only. Though if somebody
crafts a broken font file with many NAME sections and loads it then the
GRUB leaks memory. So, prevent against that by loading first NAME
section and failing in controlled way on following one.
Reported-by: Chris Coulson <chris.coulson@canonical.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/font/font.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/grub-core/font/font.c b/grub-core/font/font.c
index 5edb477ac..d09bb38d8 100644
--- a/grub-core/font/font.c
+++ b/grub-core/font/font.c
@@ -532,6 +532,12 @@ grub_font_load (const char *filename)
if (grub_memcmp (section.name, FONT_FORMAT_SECTION_NAMES_FONT_NAME,
sizeof (FONT_FORMAT_SECTION_NAMES_FONT_NAME) - 1) == 0)
{
+ if (font->name != NULL)
+ {
+ grub_error (GRUB_ERR_BAD_FONT, "invalid font file: too many NAME sections");
+ goto fail;
+ }
+
font->name = read_section_as_string (&section);
if (!font->name)
goto fail;
--
2.26.2
@@ -1,39 +0,0 @@
From 9ff609f0e7798bc5fb04f791131c98e7693bdd9b Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 20:41:56 +0000
Subject: [PATCH] gfxmenu: Fix double free in load_image()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
self->bitmap should be zeroed after free. Otherwise, there is a chance
to double free (USE_AFTER_FREE) it later in rescale_image().
Fixes: CID 292472
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/gfxmenu/gui_image.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/grub-core/gfxmenu/gui_image.c b/grub-core/gfxmenu/gui_image.c
index 29784ed2d..6b2e976f1 100644
--- a/grub-core/gfxmenu/gui_image.c
+++ b/grub-core/gfxmenu/gui_image.c
@@ -195,7 +195,10 @@ load_image (grub_gui_image_t self, const char *path)
return grub_errno;
if (self->bitmap && (self->bitmap != self->raw_bitmap))
- grub_video_bitmap_destroy (self->bitmap);
+ {
+ grub_video_bitmap_destroy (self->bitmap);
+ self->bitmap = 0;
+ }
if (self->raw_bitmap)
grub_video_bitmap_destroy (self->raw_bitmap);
--
2.26.2
@@ -1,58 +0,0 @@
From dc9777dc17697b196c415c53187a55861d41fd2a Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 21:30:43 +0000
Subject: [PATCH] xnu: Fix double free in grub_xnu_devprop_add_property()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
grub_xnu_devprop_add_property() should not free utf8 and utf16 as it get
allocated and freed in the caller.
Minor improvement: do prop fields initialization after memory allocations.
Fixes: CID 292442, CID 292457, CID 292460, CID 292466
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/i386/xnu.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
index b7d176b5d..e9e119259 100644
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@@ -262,20 +262,19 @@ grub_xnu_devprop_add_property (struct grub_xnu_devprop_device_descriptor *dev,
if (!prop)
return grub_errno;
- prop->name = utf8;
- prop->name16 = utf16;
- prop->name16len = utf16len;
-
- prop->length = datalen;
- prop->data = grub_malloc (prop->length);
+ prop->data = grub_malloc (datalen);
if (!prop->data)
{
- grub_free (prop->name);
- grub_free (prop->name16);
grub_free (prop);
return grub_errno;
}
- grub_memcpy (prop->data, data, prop->length);
+ grub_memcpy (prop->data, data, datalen);
+
+ prop->name = utf8;
+ prop->name16 = utf16;
+ prop->name16len = utf16len;
+ prop->length = datalen;
+
grub_list_push (GRUB_AS_LIST_P (&dev->properties),
GRUB_AS_LIST (prop));
return GRUB_ERR_NONE;
--
2.26.2
@@ -1,55 +0,0 @@
From 78829f0c230680e386fff9f420bb1631bc20f761 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Thu, 9 Jul 2020 03:05:23 +0000
Subject: [PATCH] lzma: Make sure we don't dereference past array
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The two dimensional array p->posSlotEncoder[4][64] is being dereferenced
using the GetLenToPosState() macro which checks if len is less than 5,
and if so subtracts 2 from it. If len = 0, that is 0 - 2 = 4294967294.
Obviously we don't want to dereference that far out so we check if the
position found is greater or equal kNumLenToPosStates (4) and bail out.
N.B.: Upstream LZMA 18.05 and later has this function completely rewritten
without any history.
Fixes: CID 51526
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/LzmaEnc.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/grub-core/lib/LzmaEnc.c b/grub-core/lib/LzmaEnc.c
index f2ec04a8c..753e56a95 100644
--- a/grub-core/lib/LzmaEnc.c
+++ b/grub-core/lib/LzmaEnc.c
@@ -1877,13 +1877,19 @@ static SRes LzmaEnc_CodeOneBlock(CLzmaEnc *p, Bool useLimits, UInt32 maxPackSize
}
else
{
- UInt32 posSlot;
+ UInt32 posSlot, lenToPosState;
RangeEnc_EncodeBit(&p->rc, &p->isRep[p->state], 0);
p->state = kMatchNextStates[p->state];
LenEnc_Encode2(&p->lenEnc, &p->rc, len - LZMA_MATCH_LEN_MIN, posState, !p->fastMode, p->ProbPrices);
pos -= LZMA_NUM_REPS;
GetPosSlot(pos, posSlot);
- RcTree_Encode(&p->rc, p->posSlotEncoder[GetLenToPosState(len)], kNumPosSlotBits, posSlot);
+ lenToPosState = GetLenToPosState(len);
+ if (lenToPosState >= kNumLenToPosStates)
+ {
+ p->result = SZ_ERROR_DATA;
+ return CheckErrors(p);
+ }
+ RcTree_Encode(&p->rc, p->posSlotEncoder[lenToPosState], kNumPosSlotBits, posSlot);
if (posSlot >= kStartPosModelIndex)
{
--
2.26.2
@@ -1,69 +0,0 @@
From 8d3b6f9da468f666e3a7976657f2ab5c52762a21 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 7 Jul 2020 15:12:25 -0400
Subject: [PATCH] term: Fix overflow on user inputs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This requires a very weird input from the serial interface but can cause
an overflow in input_buf (keys) overwriting the next variable (npending)
with the user choice:
(pahole output)
struct grub_terminfo_input_state {
int input_buf[6]; /* 0 24 */
int npending; /* 24 4 */ <- CORRUPT
...snip...
The magic string requires causing this is "ESC,O,],0,1,2,q" and we overflow
npending with "q" (aka increase npending to 161). The simplest fix is to
just to disallow overwrites input_buf, which exactly what this patch does.
Fixes: CID 292449
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/term/terminfo.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c
index d317efa36..5fa94c0c3 100644
--- a/grub-core/term/terminfo.c
+++ b/grub-core/term/terminfo.c
@@ -398,7 +398,7 @@ grub_terminfo_getwh (struct grub_term_output *term)
}
static void
-grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len,
+grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len, int max_len,
int (*readkey) (struct grub_term_input *term))
{
int c;
@@ -414,6 +414,9 @@ grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len,
if (c == -1) \
return; \
\
+ if (*len >= max_len) \
+ return; \
+ \
keys[*len] = c; \
(*len)++; \
}
@@ -602,8 +605,8 @@ grub_terminfo_getkey (struct grub_term_input *termi)
return ret;
}
- grub_terminfo_readkey (termi, data->input_buf,
- &data->npending, data->readkey);
+ grub_terminfo_readkey (termi, data->input_buf, &data->npending,
+ GRUB_TERMINFO_READKEY_MAX_LEN, data->readkey);
#if defined(__powerpc__) && defined(GRUB_MACHINE_IEEE1275)
if (data->npending == 1 && data->input_buf[0] == GRUB_TERM_ESC
--
2.26.2
-59
View File
@@ -1,59 +0,0 @@
From 748b691761d31bfff7e9d0d210caa606294c2b52 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 7 Jul 2020 22:02:31 -0400
Subject: [PATCH] udf: Fix memory leak
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes: CID 73796
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/udf.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c
index 21ac7f446..2ac5c1d00 100644
--- a/grub-core/fs/udf.c
+++ b/grub-core/fs/udf.c
@@ -965,8 +965,10 @@ grub_udf_iterate_dir (grub_fshelp_node_t dir,
return 0;
if (grub_udf_read_icb (dir->data, &dirent.icb, child))
- return 0;
-
+ {
+ grub_free (child);
+ return 0;
+ }
if (dirent.characteristics & GRUB_UDF_FID_CHAR_PARENT)
{
/* This is the parent directory. */
@@ -988,11 +990,18 @@ grub_udf_iterate_dir (grub_fshelp_node_t dir,
dirent.file_ident_length,
(char *) raw))
!= dirent.file_ident_length)
- return 0;
+ {
+ grub_free (child);
+ return 0;
+ }
filename = read_string (raw, dirent.file_ident_length, 0);
if (!filename)
- grub_print_error ();
+ {
+ /* As the hook won't get called. */
+ grub_free (child);
+ grub_print_error ();
+ }
if (filename && hook (filename, type, child, hook_data))
{
--
2.26.2
@@ -1,38 +0,0 @@
From 49bf3faa106498e151306fc780c63194a14751e3 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 26 Jun 2020 10:51:43 -0400
Subject: [PATCH] multiboot2: Fix memory leak if
grub_create_loader_cmdline() fails
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes: CID 292468
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/multiboot_mbi2.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
index 53da78615..0efc66062 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -1070,7 +1070,11 @@ grub_multiboot2_add_module (grub_addr_t start, grub_size_t size,
err = grub_create_loader_cmdline (argc, argv, newmod->cmdline,
newmod->cmdline_size, GRUB_VERIFY_MODULE_CMDLINE);
if (err)
- return err;
+ {
+ grub_free (newmod->cmdline);
+ grub_free (newmod);
+ return err;
+ }
if (modules_last)
modules_last->next = newmod;
--
2.26.2
@@ -1,283 +0,0 @@
From b6c4a1b204740fe52b32e7f530831a59f4038e20 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Thu, 9 Jul 2020 08:10:40 +0000
Subject: [PATCH] tftp: Do not use priority queue
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
There is not need to reassemble the order of blocks. Per RFC 1350,
server must wait for the ACK, before sending next block. Data packets
can be served immediately without putting them to priority queue.
Logic to handle incoming packet is this:
- if packet block id equal to expected block id, then
process the packet,
- if packet block id is less than expected - this is retransmit
of old packet, then ACK it and drop the packet,
- if packet block id is more than expected - that shouldn't
happen, just drop the packet.
It makes the tftp receive path code simpler, smaller and faster.
As a benefit, this change fixes CID# 73624 and CID# 96690, caused
by following while loop:
while (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) == 0)
where tftph pointer is not moving from one iteration to another, causing
to serve same packet again. Luckily, double serving didn't happen due to
data->block++ during the first iteration.
Fixes: CID 73624, CID 96690
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/net/tftp.c | 168 ++++++++++++++-----------------------------
1 file changed, 53 insertions(+), 115 deletions(-)
diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
index 7d90bf66e..b4297bc8d 100644
--- a/grub-core/net/tftp.c
+++ b/grub-core/net/tftp.c
@@ -25,7 +25,6 @@
#include <grub/mm.h>
#include <grub/dl.h>
#include <grub/file.h>
-#include <grub/priority_queue.h>
#include <grub/i18n.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -106,31 +105,8 @@ typedef struct tftp_data
int have_oack;
struct grub_error_saved save_err;
grub_net_udp_socket_t sock;
- grub_priority_queue_t pq;
} *tftp_data_t;
-static int
-cmp_block (grub_uint16_t a, grub_uint16_t b)
-{
- grub_int16_t i = (grub_int16_t) (a - b);
- if (i > 0)
- return +1;
- if (i < 0)
- return -1;
- return 0;
-}
-
-static int
-cmp (const void *a__, const void *b__)
-{
- struct grub_net_buff *a_ = *(struct grub_net_buff **) a__;
- struct grub_net_buff *b_ = *(struct grub_net_buff **) b__;
- struct tftphdr *a = (struct tftphdr *) a_->data;
- struct tftphdr *b = (struct tftphdr *) b_->data;
- /* We want the first elements to be on top. */
- return -cmp_block (grub_be_to_cpu16 (a->u.data.block), grub_be_to_cpu16 (b->u.data.block));
-}
-
static grub_err_t
ack (tftp_data_t data, grub_uint64_t block)
{
@@ -207,73 +183,60 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
return GRUB_ERR_NONE;
}
- err = grub_priority_queue_push (data->pq, &nb);
- if (err)
- return err;
-
- {
- struct grub_net_buff **nb_top_p, *nb_top;
- while (1)
- {
- nb_top_p = grub_priority_queue_top (data->pq);
- if (!nb_top_p)
- return GRUB_ERR_NONE;
- nb_top = *nb_top_p;
- tftph = (struct tftphdr *) nb_top->data;
- if (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) >= 0)
- break;
- ack (data, grub_be_to_cpu16 (tftph->u.data.block));
- grub_netbuff_free (nb_top);
- grub_priority_queue_pop (data->pq);
- }
- while (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) == 0)
- {
- unsigned size;
-
- grub_priority_queue_pop (data->pq);
-
- if (file->device->net->packs.count < 50)
+ /* Ack old/retransmitted block. */
+ if (grub_be_to_cpu16 (tftph->u.data.block) < data->block + 1)
+ ack (data, grub_be_to_cpu16 (tftph->u.data.block));
+ /* Ignore unexpected block. */
+ else if (grub_be_to_cpu16 (tftph->u.data.block) > data->block + 1)
+ grub_dprintf ("tftp", "TFTP unexpected block # %d\n", tftph->u.data.block);
+ else
+ {
+ unsigned size;
+
+ if (file->device->net->packs.count < 50)
+ {
err = ack (data, data->block + 1);
- else
- {
- file->device->net->stall = 1;
- err = 0;
- }
- if (err)
- return err;
-
- err = grub_netbuff_pull (nb_top, sizeof (tftph->opcode) +
- sizeof (tftph->u.data.block));
- if (err)
- return err;
- size = nb_top->tail - nb_top->data;
-
- data->block++;
- if (size < data->block_size)
- {
- if (data->ack_sent < data->block)
- ack (data, data->block);
- file->device->net->eof = 1;
- file->device->net->stall = 1;
- grub_net_udp_close (data->sock);
- data->sock = NULL;
- }
- /* Prevent garbage in broken cards. Is it still necessary
- given that IP implementation has been fixed?
- */
- if (size > data->block_size)
- {
- err = grub_netbuff_unput (nb_top, size - data->block_size);
- if (err)
- return err;
- }
- /* If there is data, puts packet in socket list. */
- if ((nb_top->tail - nb_top->data) > 0)
- grub_net_put_packet (&file->device->net->packs, nb_top);
- else
- grub_netbuff_free (nb_top);
- }
- }
+ if (err)
+ return err;
+ }
+ else
+ file->device->net->stall = 1;
+
+ err = grub_netbuff_pull (nb, sizeof (tftph->opcode) +
+ sizeof (tftph->u.data.block));
+ if (err)
+ return err;
+ size = nb->tail - nb->data;
+
+ data->block++;
+ if (size < data->block_size)
+ {
+ if (data->ack_sent < data->block)
+ ack (data, data->block);
+ file->device->net->eof = 1;
+ file->device->net->stall = 1;
+ grub_net_udp_close (data->sock);
+ data->sock = NULL;
+ }
+ /*
+ * Prevent garbage in broken cards. Is it still necessary
+ * given that IP implementation has been fixed?
+ */
+ if (size > data->block_size)
+ {
+ err = grub_netbuff_unput (nb, size - data->block_size);
+ if (err)
+ return err;
+ }
+ /* If there is data, puts packet in socket list. */
+ if ((nb->tail - nb->data) > 0)
+ {
+ grub_net_put_packet (&file->device->net->packs, nb);
+ /* Do not free nb. */
+ return GRUB_ERR_NONE;
+ }
+ }
+ grub_netbuff_free (nb);
return GRUB_ERR_NONE;
case TFTP_ERROR:
data->have_oack = 1;
@@ -287,19 +250,6 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
}
}
-static void
-destroy_pq (tftp_data_t data)
-{
- struct grub_net_buff **nb_p;
- while ((nb_p = grub_priority_queue_top (data->pq)))
- {
- grub_netbuff_free (*nb_p);
- grub_priority_queue_pop (data->pq);
- }
-
- grub_priority_queue_destroy (data->pq);
-}
-
static grub_err_t
tftp_open (struct grub_file *file, const char *filename)
{
@@ -372,17 +322,9 @@ tftp_open (struct grub_file *file, const char *filename)
file->not_easily_seekable = 1;
file->data = data;
- data->pq = grub_priority_queue_new (sizeof (struct grub_net_buff *), cmp);
- if (!data->pq)
- {
- grub_free (data);
- return grub_errno;
- }
-
err = grub_net_resolve_address (file->device->net->server, &addr);
if (err)
{
- destroy_pq (data);
grub_free (data);
return err;
}
@@ -392,7 +334,6 @@ tftp_open (struct grub_file *file, const char *filename)
file);
if (!data->sock)
{
- destroy_pq (data);
grub_free (data);
return grub_errno;
}
@@ -406,7 +347,6 @@ tftp_open (struct grub_file *file, const char *filename)
if (err)
{
grub_net_udp_close (data->sock);
- destroy_pq (data);
grub_free (data);
return err;
}
@@ -423,7 +363,6 @@ tftp_open (struct grub_file *file, const char *filename)
if (grub_errno)
{
grub_net_udp_close (data->sock);
- destroy_pq (data);
grub_free (data);
return grub_errno;
}
@@ -466,7 +405,6 @@ tftp_close (struct grub_file *file)
grub_print_error ();
grub_net_udp_close (data->sock);
}
- destroy_pq (data);
grub_free (data);
return GRUB_ERR_NONE;
}
--
2.26.2
@@ -1,153 +0,0 @@
From 1c7b619c84f229c1602c1958bcd054b6d9937562 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 15 Jul 2020 06:42:37 +0000
Subject: [PATCH] relocator: Protect grub_relocator_alloc_chunk_addr()
input args against integer underflow/overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Use arithmetic macros from safemath.h to accomplish it. In this commit,
I didn't want to be too paranoid to check every possible math equation
for overflow/underflow. Only obvious places (with non zero chance of
overflow/underflow) were refactored.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/i386/linux.c | 9 +++++++--
grub-core/loader/i386/pc/linux.c | 9 +++++++--
grub-core/loader/i386/xen.c | 12 ++++++++++--
grub-core/loader/xnu.c | 11 +++++++----
4 files changed, 31 insertions(+), 10 deletions(-)
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index d0501e229..02a73463a 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -36,6 +36,7 @@
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
#include <grub/machine/kernel.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -547,9 +548,13 @@ grub_linux_boot (void)
{
grub_relocator_chunk_t ch;
+ grub_size_t sz;
+
+ if (grub_add (ctx.real_size, efi_mmap_size, &sz))
+ return GRUB_ERR_OUT_OF_RANGE;
+
err = grub_relocator_alloc_chunk_addr (relocator, &ch,
- ctx.real_mode_target,
- (ctx.real_size + efi_mmap_size));
+ ctx.real_mode_target, sz);
if (err)
return err;
real_mode_mem = get_virtual_current_address (ch);
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 47ea2945e..31f09922b 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -35,6 +35,7 @@
#include <grub/i386/floppy.h>
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -218,8 +219,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
setup_sects = GRUB_LINUX_DEFAULT_SETUP_SECTS;
real_size = setup_sects << GRUB_DISK_SECTOR_BITS;
- grub_linux16_prot_size = grub_file_size (file)
- - real_size - GRUB_DISK_SECTOR_SIZE;
+ if (grub_sub (grub_file_size (file), real_size, &grub_linux16_prot_size) ||
+ grub_sub (grub_linux16_prot_size, GRUB_DISK_SECTOR_SIZE, &grub_linux16_prot_size))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ goto fail;
+ }
if (! grub_linux_is_bzimage
&& GRUB_LINUX_ZIMAGE_ADDR + grub_linux16_prot_size
diff --git a/grub-core/loader/i386/xen.c b/grub-core/loader/i386/xen.c
index 8f662c8ac..cd24874ca 100644
--- a/grub-core/loader/i386/xen.c
+++ b/grub-core/loader/i386/xen.c
@@ -41,6 +41,7 @@
#include <grub/linux.h>
#include <grub/i386/memory.h>
#include <grub/verify.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -636,6 +637,7 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
grub_relocator_chunk_t ch;
grub_addr_t kern_start;
grub_addr_t kern_end;
+ grub_size_t sz;
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
@@ -703,8 +705,14 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
xen_state.max_addr = ALIGN_UP (kern_end, PAGE_SIZE);
- err = grub_relocator_alloc_chunk_addr (xen_state.relocator, &ch, kern_start,
- kern_end - kern_start);
+
+ if (grub_sub (kern_end, kern_start, &sz))
+ {
+ err = GRUB_ERR_OUT_OF_RANGE;
+ goto fail;
+ }
+
+ err = grub_relocator_alloc_chunk_addr (xen_state.relocator, &ch, kern_start, sz);
if (err)
goto fail;
kern_chunk_src = get_virtual_current_address (ch);
diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c
index 77d7060e1..9ae4ceb35 100644
--- a/grub-core/loader/xnu.c
+++ b/grub-core/loader/xnu.c
@@ -34,6 +34,7 @@
#include <grub/env.h>
#include <grub/i18n.h>
#include <grub/verify.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -59,15 +60,17 @@ grub_xnu_heap_malloc (int size, void **src, grub_addr_t *target)
{
grub_err_t err;
grub_relocator_chunk_t ch;
+ grub_addr_t tgt;
+
+ if (grub_add (grub_xnu_heap_target_start, grub_xnu_heap_size, &tgt))
+ return GRUB_ERR_OUT_OF_RANGE;
- err = grub_relocator_alloc_chunk_addr (grub_xnu_relocator, &ch,
- grub_xnu_heap_target_start
- + grub_xnu_heap_size, size);
+ err = grub_relocator_alloc_chunk_addr (grub_xnu_relocator, &ch, tgt, size);
if (err)
return err;
*src = get_virtual_current_address (ch);
- *target = grub_xnu_heap_target_start + grub_xnu_heap_size;
+ *target = tgt;
grub_xnu_heap_size += size;
grub_dprintf ("xnu", "val=%p\n", *src);
return GRUB_ERR_NONE;
--
2.26.2
@@ -1,341 +0,0 @@
From 0cfbbca3ccd84d36ffb1bcd6644ada7c73b19fc0 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 01:44:38 +0000
Subject: [PATCH] relocator: Protect grub_relocator_alloc_chunk_align()
max_addr against integer underflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This commit introduces integer underflow mitigation in max_addr calculation
in grub_relocator_alloc_chunk_align() invocation.
It consists of 2 fixes:
1. Introduced grub_relocator_alloc_chunk_align_safe() wrapper function to perform
sanity check for min/max and size values, and to make safe invocation of
grub_relocator_alloc_chunk_align() with validated max_addr value. Replace all
invocations such as grub_relocator_alloc_chunk_align(..., min_addr, max_addr - size, size, ...)
by grub_relocator_alloc_chunk_align_safe(..., min_addr, max_addr, size, ...).
2. Introduced UP_TO_TOP32(s) macro for the cases where max_addr is 32-bit top
address (0xffffffff - size + 1) or similar.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/i386/relocator.c | 28 ++++++++++----------------
grub-core/lib/mips/relocator.c | 6 ++----
grub-core/lib/powerpc/relocator.c | 6 ++----
grub-core/lib/x86_64/efi/relocator.c | 7 +++----
grub-core/loader/i386/linux.c | 5 ++---
grub-core/loader/i386/multiboot_mbi.c | 7 +++----
grub-core/loader/i386/pc/linux.c | 6 ++----
grub-core/loader/mips/linux.c | 9 +++------
grub-core/loader/multiboot.c | 2 +-
grub-core/loader/multiboot_elfxx.c | 10 ++++-----
grub-core/loader/multiboot_mbi2.c | 10 ++++-----
grub-core/loader/xnu_resume.c | 2 +-
include/grub/relocator.h | 29 +++++++++++++++++++++++++++
13 files changed, 69 insertions(+), 58 deletions(-)
diff --git a/grub-core/lib/i386/relocator.c b/grub-core/lib/i386/relocator.c
index 71dd4f0ab..34cbe834f 100644
--- a/grub-core/lib/i386/relocator.c
+++ b/grub-core/lib/i386/relocator.c
@@ -83,11 +83,10 @@ grub_relocator32_boot (struct grub_relocator *rel,
/* Specific memory range due to Global Descriptor Table for use by payload
that we will store in returned chunk. The address range and preference
are based on "THE LINUX/x86 BOOT PROTOCOL" specification. */
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0x1000,
- 0x9a000 - RELOCATOR_SIZEOF (32),
- RELOCATOR_SIZEOF (32), 16,
- GRUB_RELOCATOR_PREFERENCE_LOW,
- avoid_efi_bootservices);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0x1000, 0x9a000,
+ RELOCATOR_SIZEOF (32), 16,
+ GRUB_RELOCATOR_PREFERENCE_LOW,
+ avoid_efi_bootservices);
if (err)
return err;
@@ -125,13 +124,10 @@ grub_relocator16_boot (struct grub_relocator *rel,
grub_relocator_chunk_t ch;
/* Put it higher than the byte it checks for A20 check. */
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0x8010,
- 0xa0000 - RELOCATOR_SIZEOF (16)
- - GRUB_RELOCATOR16_STACK_SIZE,
- RELOCATOR_SIZEOF (16)
- + GRUB_RELOCATOR16_STACK_SIZE, 16,
- GRUB_RELOCATOR_PREFERENCE_NONE,
- 0);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0x8010, 0xa0000,
+ RELOCATOR_SIZEOF (16) +
+ GRUB_RELOCATOR16_STACK_SIZE, 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
@@ -183,11 +179,9 @@ grub_relocator64_boot (struct grub_relocator *rel,
void *relst;
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (rel, &ch, min_addr,
- max_addr - RELOCATOR_SIZEOF (64),
- RELOCATOR_SIZEOF (64), 16,
- GRUB_RELOCATOR_PREFERENCE_NONE,
- 0);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, min_addr, max_addr,
+ RELOCATOR_SIZEOF (64), 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/mips/relocator.c b/grub-core/lib/mips/relocator.c
index 9d5f49cb9..743b213e6 100644
--- a/grub-core/lib/mips/relocator.c
+++ b/grub-core/lib/mips/relocator.c
@@ -120,10 +120,8 @@ grub_relocator32_boot (struct grub_relocator *rel,
unsigned i;
grub_addr_t vtarget;
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- (0xffffffff - stateset_size)
- + 1, stateset_size,
- sizeof (grub_uint32_t),
+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0, UP_TO_TOP32 (stateset_size),
+ stateset_size, sizeof (grub_uint32_t),
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/powerpc/relocator.c b/grub-core/lib/powerpc/relocator.c
index bdf2b111b..8ffb8b686 100644
--- a/grub-core/lib/powerpc/relocator.c
+++ b/grub-core/lib/powerpc/relocator.c
@@ -115,10 +115,8 @@ grub_relocator32_boot (struct grub_relocator *rel,
unsigned i;
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- (0xffffffff - stateset_size)
- + 1, stateset_size,
- sizeof (grub_uint32_t),
+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0, UP_TO_TOP32 (stateset_size),
+ stateset_size, sizeof (grub_uint32_t),
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/x86_64/efi/relocator.c b/grub-core/lib/x86_64/efi/relocator.c
index 3caef7a40..7d200a125 100644
--- a/grub-core/lib/x86_64/efi/relocator.c
+++ b/grub-core/lib/x86_64/efi/relocator.c
@@ -50,10 +50,9 @@ grub_relocator64_efi_boot (struct grub_relocator *rel,
* 64-bit relocator code may live above 4 GiB quite well.
* However, I do not want ask for problems. Just in case.
*/
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- 0x100000000 - RELOCATOR_SIZEOF (64_efi),
- RELOCATOR_SIZEOF (64_efi), 16,
- GRUB_RELOCATOR_PREFERENCE_NONE, 1);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0, 0x100000000,
+ RELOCATOR_SIZEOF (64_efi), 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
return err;
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 02a73463a..efbb99307 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -181,9 +181,8 @@ allocate_pages (grub_size_t prot_size, grub_size_t *align,
for (; err && *align + 1 > min_align; (*align)--)
{
grub_errno = GRUB_ERR_NONE;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- 0x1000000,
- 0xffffffff & ~prot_size,
+ err = grub_relocator_alloc_chunk_align (relocator, &ch, 0x1000000,
+ UP_TO_TOP32 (prot_size),
prot_size, 1 << *align,
GRUB_RELOCATOR_PREFERENCE_LOW,
1);
diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c
index ad3cc292f..a67d9d0a8 100644
--- a/grub-core/loader/i386/multiboot_mbi.c
+++ b/grub-core/loader/i386/multiboot_mbi.c
@@ -466,10 +466,9 @@ grub_multiboot_make_mbi (grub_uint32_t *target)
bufsize = grub_multiboot_get_mbi_size ();
- err = grub_relocator_alloc_chunk_align (grub_multiboot_relocator, &ch,
- 0x10000, 0xa0000 - bufsize,
- bufsize, 4,
- GRUB_RELOCATOR_PREFERENCE_NONE, 0);
+ err = grub_relocator_alloc_chunk_align_safe (grub_multiboot_relocator, &ch,
+ 0x10000, 0xa0000, bufsize, 4,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
ptrorig = get_virtual_current_address (ch);
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 31f09922b..5fed5ffdf 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -453,10 +453,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- addr_min, addr_max - size,
- size, 0x1000,
- GRUB_RELOCATOR_PREFERENCE_HIGH, 0);
+ err = grub_relocator_alloc_chunk_align_safe (relocator, &ch, addr_min, addr_max, size,
+ 0x1000, GRUB_RELOCATOR_PREFERENCE_HIGH, 0);
if (err)
return err;
initrd_chunk = get_virtual_current_address (ch);
diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
index 7b723bf18..e4ed95921 100644
--- a/grub-core/loader/mips/linux.c
+++ b/grub-core/loader/mips/linux.c
@@ -442,12 +442,9 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- (target_addr & 0x1fffffff)
- + linux_size + 0x10000,
- (0x10000000 - size),
- size, 0x10000,
- GRUB_RELOCATOR_PREFERENCE_NONE, 0);
+ err = grub_relocator_alloc_chunk_align_safe (relocator, &ch, (target_addr & 0x1fffffff) +
+ linux_size + 0x10000, 0x10000000, size,
+ 0x10000, GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
goto fail;
diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c
index 4a98d7082..facb13f3d 100644
--- a/grub-core/loader/multiboot.c
+++ b/grub-core/loader/multiboot.c
@@ -403,7 +403,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch,
- lowest_addr, (0xffffffff - size) + 1,
+ lowest_addr, UP_TO_TOP32 (size),
size, MULTIBOOT_MOD_ALIGN,
GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c
index cc6853692..f2318e0d1 100644
--- a/grub-core/loader/multiboot_elfxx.c
+++ b/grub-core/loader/multiboot_elfxx.c
@@ -109,10 +109,10 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
if (load_size > mld->max_addr || mld->min_addr > mld->max_addr - load_size)
return grub_error (GRUB_ERR_BAD_OS, "invalid min/max address and/or load size");
- err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch,
- mld->min_addr, mld->max_addr - load_size,
- load_size, mld->align ? mld->align : 1,
- mld->preference, mld->avoid_efi_boot_services);
+ err = grub_relocator_alloc_chunk_align_safe (GRUB_MULTIBOOT (relocator), &ch,
+ mld->min_addr, mld->max_addr,
+ load_size, mld->align ? mld->align : 1,
+ mld->preference, mld->avoid_efi_boot_services);
if (err)
{
@@ -256,7 +256,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
continue;
err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch, 0,
- (0xffffffff - sh->sh_size) + 1,
+ UP_TO_TOP32 (sh->sh_size),
sh->sh_size, sh->sh_addralign,
GRUB_RELOCATOR_PREFERENCE_NONE,
mld->avoid_efi_boot_services);
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
index 0efc66062..03967839c 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -295,10 +295,10 @@ grub_multiboot2_load (grub_file_t file, const char *filename)
return grub_error (GRUB_ERR_BAD_OS, "invalid min/max address and/or load size");
}
- err = grub_relocator_alloc_chunk_align (grub_multiboot2_relocator, &ch,
- mld.min_addr, mld.max_addr - code_size,
- code_size, mld.align ? mld.align : 1,
- mld.preference, keep_bs);
+ err = grub_relocator_alloc_chunk_align_safe (grub_multiboot2_relocator, &ch,
+ mld.min_addr, mld.max_addr,
+ code_size, mld.align ? mld.align : 1,
+ mld.preference, keep_bs);
}
else
err = grub_relocator_alloc_chunk_addr (grub_multiboot2_relocator,
@@ -708,7 +708,7 @@ grub_multiboot2_make_mbi (grub_uint32_t *target)
COMPILE_TIME_ASSERT (MULTIBOOT_TAG_ALIGN % sizeof (grub_properly_aligned_t) == 0);
err = grub_relocator_alloc_chunk_align (grub_multiboot2_relocator, &ch,
- 0, 0xffffffff - bufsize,
+ 0, UP_TO_TOP32 (bufsize),
bufsize, MULTIBOOT_TAG_ALIGN,
GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
diff --git a/grub-core/loader/xnu_resume.c b/grub-core/loader/xnu_resume.c
index 8089804d4..d648ef0cd 100644
--- a/grub-core/loader/xnu_resume.c
+++ b/grub-core/loader/xnu_resume.c
@@ -129,7 +129,7 @@ grub_xnu_resume (char *imagename)
{
grub_relocator_chunk_t ch;
err = grub_relocator_alloc_chunk_align (grub_xnu_relocator, &ch, 0,
- (0xffffffff - hibhead.image_size) + 1,
+ UP_TO_TOP32 (hibhead.image_size),
hibhead.image_size,
GRUB_XNU_PAGESIZE,
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
diff --git a/include/grub/relocator.h b/include/grub/relocator.h
index 24d8672d2..1b3bdd92a 100644
--- a/include/grub/relocator.h
+++ b/include/grub/relocator.h
@@ -49,6 +49,35 @@ grub_relocator_alloc_chunk_align (struct grub_relocator *rel,
int preference,
int avoid_efi_boot_services);
+/*
+ * Wrapper for grub_relocator_alloc_chunk_align() with purpose of
+ * protecting against integer underflow.
+ *
+ * Compare to its callee, max_addr has different meaning here.
+ * It covers entire chunk and not just start address of the chunk.
+ */
+static inline grub_err_t
+grub_relocator_alloc_chunk_align_safe (struct grub_relocator *rel,
+ grub_relocator_chunk_t *out,
+ grub_phys_addr_t min_addr,
+ grub_phys_addr_t max_addr,
+ grub_size_t size, grub_size_t align,
+ int preference,
+ int avoid_efi_boot_services)
+{
+ /* Sanity check and ensure following equation (max_addr - size) is safe. */
+ if (max_addr < size || (max_addr - size) < min_addr)
+ return GRUB_ERR_OUT_OF_RANGE;
+
+ return grub_relocator_alloc_chunk_align (rel, out, min_addr,
+ max_addr - size,
+ size, align, preference,
+ avoid_efi_boot_services);
+}
+
+/* Top 32-bit address minus s bytes and plus 1 byte. */
+#define UP_TO_TOP32(s) ((~(s) & 0xffffffff) + 1)
+
#define GRUB_RELOCATOR_PREFERENCE_NONE 0
#define GRUB_RELOCATOR_PREFERENCE_LOW 1
#define GRUB_RELOCATOR_PREFERENCE_HIGH 2
--
2.26.2
@@ -1,37 +0,0 @@
From 73aa0776457066ee6ebc93486c3cf0e6b755d1b8 Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Fri, 10 Jul 2020 11:21:14 +0100
Subject: [PATCH] script: Remove unused fields from grub_script_function
struct
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
include/grub/script_sh.h | 5 -----
1 file changed, 5 deletions(-)
diff --git a/include/grub/script_sh.h b/include/grub/script_sh.h
index 360c2be1f..b382bcf09 100644
--- a/include/grub/script_sh.h
+++ b/include/grub/script_sh.h
@@ -359,13 +359,8 @@ struct grub_script_function
/* The script function. */
struct grub_script *func;
- /* The flags. */
- unsigned flags;
-
/* The next element. */
struct grub_script_function *next;
-
- int references;
};
typedef struct grub_script_function *grub_script_function_t;
--
2.26.2
@@ -1,113 +0,0 @@
From 26349fcf80982b4d0120b73b2836e88bcf16853c Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Fri, 10 Jul 2020 14:41:45 +0100
Subject: [PATCH] script: Avoid a use-after-free when redefining a
function during execution
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Defining a new function with the same name as a previously defined
function causes the grub_script and associated resources for the
previous function to be freed. If the previous function is currently
executing when a function with the same name is defined, this results
in use-after-frees when processing subsequent commands in the original
function.
Instead, reject a new function definition if it has the same name as
a previously defined function, and that function is currently being
executed. Although a behavioural change, this should be backwards
compatible with existing configurations because they can't be
dependent on the current behaviour without being broken.
Fixes: CVE-2020-15706
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/script/execute.c | 2 ++
grub-core/script/function.c | 16 +++++++++++++---
grub-core/script/parser.y | 3 ++-
include/grub/script_sh.h | 2 ++
4 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
index c8d6806fe..7e028e135 100644
--- a/grub-core/script/execute.c
+++ b/grub-core/script/execute.c
@@ -838,7 +838,9 @@ grub_script_function_call (grub_script_function_t func, int argc, char **args)
old_scope = scope;
scope = &new_scope;
+ func->executing++;
ret = grub_script_execute (func->func);
+ func->executing--;
function_return = 0;
active_loops = loops;
diff --git a/grub-core/script/function.c b/grub-core/script/function.c
index d36655e51..3aad04bf9 100644
--- a/grub-core/script/function.c
+++ b/grub-core/script/function.c
@@ -34,6 +34,7 @@ grub_script_function_create (struct grub_script_arg *functionname_arg,
func = (grub_script_function_t) grub_malloc (sizeof (*func));
if (! func)
return 0;
+ func->executing = 0;
func->name = grub_strdup (functionname_arg->str);
if (! func->name)
@@ -60,10 +61,19 @@ grub_script_function_create (struct grub_script_arg *functionname_arg,
grub_script_function_t q;
q = *p;
- grub_script_free (q->func);
- q->func = cmd;
grub_free (func);
- func = q;
+ if (q->executing > 0)
+ {
+ grub_error (GRUB_ERR_BAD_ARGUMENT,
+ N_("attempt to redefine a function being executed"));
+ func = NULL;
+ }
+ else
+ {
+ grub_script_free (q->func);
+ q->func = cmd;
+ func = q;
+ }
}
else
{
diff --git a/grub-core/script/parser.y b/grub-core/script/parser.y
index 4f0ab8319..f80b86b6f 100644
--- a/grub-core/script/parser.y
+++ b/grub-core/script/parser.y
@@ -289,7 +289,8 @@ function: "function" "name"
grub_script_mem_free (state->func_mem);
else {
script->children = state->scripts;
- grub_script_function_create ($2, script);
+ if (!grub_script_function_create ($2, script))
+ grub_script_free (script);
}
state->scripts = $<scripts>3;
diff --git a/include/grub/script_sh.h b/include/grub/script_sh.h
index b382bcf09..6c48e0751 100644
--- a/include/grub/script_sh.h
+++ b/include/grub/script_sh.h
@@ -361,6 +361,8 @@ struct grub_script_function
/* The next element. */
struct grub_script_function *next;
+
+ unsigned executing;
};
typedef struct grub_script_function *grub_script_function_t;
--
2.26.2
@@ -1,49 +0,0 @@
From 06aa91f79f902752cb7e5d22ac0ea8e13bffd056 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Fri, 17 Jul 2020 05:17:26 +0000
Subject: [PATCH] relocator: Fix grub_relocator_alloc_chunk_align() top
memory allocation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Current implementation of grub_relocator_alloc_chunk_align()
does not allow allocation of the top byte.
Assuming input args are:
max_addr = 0xfffff000;
size = 0x1000;
And this is valid. But following overflow protection will
unnecessarily move max_addr one byte down (to 0xffffefff):
if (max_addr > ~size)
max_addr = ~size;
~size + 1 will fix the situation. In addition, check size
for non zero to do not zero max_addr.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/relocator.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c
index 5847aac36..f2c1944c2 100644
--- a/grub-core/lib/relocator.c
+++ b/grub-core/lib/relocator.c
@@ -1386,8 +1386,8 @@ grub_relocator_alloc_chunk_align (struct grub_relocator *rel,
};
grub_addr_t min_addr2 = 0, max_addr2;
- if (max_addr > ~size)
- max_addr = ~size;
+ if (size && (max_addr > ~size))
+ max_addr = ~size + 1;
#ifdef GRUB_MACHINE_PCBIOS
if (min_addr < 0x1000)
--
2.26.2
@@ -1,61 +0,0 @@
From feec993673d8e13fcf22fe2389ac29222b6daebd Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 14:43:31 -0400
Subject: [PATCH] hfsplus: Fix two more overflows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Both node->size and node->namelen come from the supplied filesystem,
which may be user-supplied. We can't trust them for the math unless we
know they don't overflow. Making sure they go through grub_add() or
grub_calloc() first will give us that.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/hfsplus.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c
index dae43becc..9c4e4c88c 100644
--- a/grub-core/fs/hfsplus.c
+++ b/grub-core/fs/hfsplus.c
@@ -31,6 +31,7 @@
#include <grub/hfs.h>
#include <grub/charset.h>
#include <grub/hfsplus.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -475,8 +476,12 @@ grub_hfsplus_read_symlink (grub_fshelp_node_t node)
{
char *symlink;
grub_ssize_t numread;
+ grub_size_t sz = node->size;
- symlink = grub_malloc (node->size + 1);
+ if (grub_add (sz, 1, &sz))
+ return NULL;
+
+ symlink = grub_malloc (sz);
if (!symlink)
return 0;
@@ -715,8 +720,8 @@ list_nodes (void *record, void *hook_arg)
if (type == GRUB_FSHELP_UNKNOWN)
return 0;
- filename = grub_malloc (grub_be_to_cpu16 (catkey->namelen)
- * GRUB_MAX_UTF8_PER_UTF16 + 1);
+ filename = grub_calloc (grub_be_to_cpu16 (catkey->namelen),
+ GRUB_MAX_UTF8_PER_UTF16 + 1);
if (! filename)
return 0;
--
2.26.2
@@ -1,116 +0,0 @@
From a1845e90fc19fb5e904091bad8a378f458798e4a Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 15:48:20 -0400
Subject: [PATCH] lvm: Fix two more potential data-dependent alloc
overflows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It appears to be possible to make a (possibly invalid) lvm PV with
a metadata size field that overflows our type when adding it to the
address we've allocated. Even if it doesn't, it may be possible to do so
with the math using the outcome of that as an operand. Check them both.
Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/disk/lvm.c | 48 ++++++++++++++++++++++++++++++++++++--------
1 file changed, 40 insertions(+), 8 deletions(-)
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
index d1df640b3..139fafd47 100644
--- a/grub-core/disk/lvm.c
+++ b/grub-core/disk/lvm.c
@@ -25,6 +25,7 @@
#include <grub/lvm.h>
#include <grub/partition.h>
#include <grub/i18n.h>
+#include <grub/safemath.h>
#ifdef GRUB_UTIL
#include <grub/emu/misc.h>
@@ -102,10 +103,11 @@ grub_lvm_detect (grub_disk_t disk,
{
grub_err_t err;
grub_uint64_t mda_offset, mda_size;
+ grub_size_t ptr;
char buf[GRUB_LVM_LABEL_SIZE];
char vg_id[GRUB_LVM_ID_STRLEN+1];
char pv_id[GRUB_LVM_ID_STRLEN+1];
- char *metadatabuf, *p, *q, *vgname;
+ char *metadatabuf, *p, *q, *mda_end, *vgname;
struct grub_lvm_label_header *lh = (struct grub_lvm_label_header *) buf;
struct grub_lvm_pv_header *pvh;
struct grub_lvm_disk_locn *dlocn;
@@ -205,19 +207,31 @@ grub_lvm_detect (grub_disk_t disk,
grub_le_to_cpu64 (rlocn->size) -
grub_le_to_cpu64 (mdah->size));
}
- p = q = metadatabuf + grub_le_to_cpu64 (rlocn->offset);
- while (*q != ' ' && q < metadatabuf + mda_size)
- q++;
-
- if (q == metadatabuf + mda_size)
+ if (grub_add ((grub_size_t)metadatabuf,
+ (grub_size_t)grub_le_to_cpu64 (rlocn->offset),
+ &ptr))
{
+ error_parsing_metadata:
#ifdef GRUB_UTIL
grub_util_info ("error parsing metadata");
#endif
goto fail2;
}
+ p = q = (char *)ptr;
+
+ if (grub_add ((grub_size_t)metadatabuf, (grub_size_t)mda_size, &ptr))
+ goto error_parsing_metadata;
+
+ mda_end = (char *)ptr;
+
+ while (*q != ' ' && q < mda_end)
+ q++;
+
+ if (q == mda_end)
+ goto error_parsing_metadata;
+
vgname_len = q - p;
vgname = grub_malloc (vgname_len + 1);
if (!vgname)
@@ -367,8 +381,26 @@ grub_lvm_detect (grub_disk_t disk,
{
const char *iptr;
char *optr;
- lv->fullname = grub_malloc (sizeof ("lvm/") - 1 + 2 * vgname_len
- + 1 + 2 * s + 1);
+
+ /*
+ * This is kind of hard to read with our safe (but rather
+ * baroque) math primatives, but it boils down to:
+ *
+ * sz0 = vgname_len * 2 + 1 +
+ * s * 2 + 1 +
+ * sizeof ("lvm/") - 1;
+ */
+ grub_size_t sz0 = vgname_len, sz1 = s;
+
+ if (grub_mul (sz0, 2, &sz0) ||
+ grub_add (sz0, 1, &sz0) ||
+ grub_mul (sz1, 2, &sz1) ||
+ grub_add (sz1, 1, &sz1) ||
+ grub_add (sz0, sz1, &sz0) ||
+ grub_add (sz0, sizeof ("lvm/") - 1, &sz0))
+ goto lvs_fail;
+
+ lv->fullname = grub_malloc (sz0);
if (!lv->fullname)
goto lvs_fail;
--
2.26.2
@@ -1,38 +0,0 @@
From 320e86747a32e4d46d24ee4b64493741c161da50 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 16:08:08 -0400
Subject: [PATCH] emu: Make grub_free(NULL) safe
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The grub_free() implementation in grub-core/kern/mm.c safely handles
NULL pointers, and code at many places depends on this. We don't know
that the same is true on all host OSes, so we need to handle the same
behavior in grub-emu's implementation.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/emu/mm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
index 145b01d37..4d1046a21 100644
--- a/grub-core/kern/emu/mm.c
+++ b/grub-core/kern/emu/mm.c
@@ -60,7 +60,8 @@ grub_zalloc (grub_size_t size)
void
grub_free (void *ptr)
{
- free (ptr);
+ if (ptr)
+ free (ptr);
}
void *
--
2.26.2
@@ -1,239 +0,0 @@
From c330aa099a38bc5c4d3066954fe35767cc06adb1 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 16:53:27 -0400
Subject: [PATCH] efi: Fix some malformed device path arithmetic errors
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Several places we take the length of a device path and subtract 4 from
it, without ever checking that it's >= 4. There are also cases where
this kind of malformation will result in unpredictable iteration,
including treating the length from one dp node as the type in the next
node. These are all errors, no matter where the data comes from.
This patch adds a checking macro, GRUB_EFI_DEVICE_PATH_VALID(), which
can be used in several places, and makes GRUB_EFI_NEXT_DEVICE_PATH()
return NULL and GRUB_EFI_END_ENTIRE_DEVICE_PATH() evaluate as true when
the length is too small. Additionally, it makes several places in the
code check for and return errors in these cases.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/efi/efi.c | 64 +++++++++++++++++++++++++-----
grub-core/loader/efi/chainloader.c | 13 +++++-
grub-core/loader/i386/xnu.c | 9 +++--
include/grub/efi/api.h | 14 ++++---
4 files changed, 79 insertions(+), 21 deletions(-)
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index dc31caa21..c97969a65 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -332,7 +332,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
dp = dp0;
- while (1)
+ while (dp)
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -342,9 +342,15 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
if (type == GRUB_EFI_MEDIA_DEVICE_PATH_TYPE
&& subtype == GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE)
{
- grub_efi_uint16_t len;
- len = ((GRUB_EFI_DEVICE_PATH_LENGTH (dp) - 4)
- / sizeof (grub_efi_char16_t));
+ grub_efi_uint16_t len = GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+ len = (len - 4) / sizeof (grub_efi_char16_t);
filesize += GRUB_MAX_UTF8_PER_UTF16 * len + 2;
}
@@ -360,7 +366,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
if (!name)
return NULL;
- while (1)
+ while (dp)
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -376,8 +382,15 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
*p++ = '/';
- len = ((GRUB_EFI_DEVICE_PATH_LENGTH (dp) - 4)
- / sizeof (grub_efi_char16_t));
+ len = GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ len = (len - 4) / sizeof (grub_efi_char16_t);
fp = (grub_efi_file_path_device_path_t *) dp;
/* According to EFI spec Path Name is NULL terminated */
while (len > 0 && fp->path_name[len - 1] == 0)
@@ -452,7 +465,26 @@ grub_efi_duplicate_device_path (const grub_efi_device_path_t *dp)
;
p = GRUB_EFI_NEXT_DEVICE_PATH (p))
{
- total_size += GRUB_EFI_DEVICE_PATH_LENGTH (p);
+ grub_size_t len = GRUB_EFI_DEVICE_PATH_LENGTH (p);
+
+ /*
+ * In the event that we find a node that's completely garbage, for
+ * example if we get to 0x7f 0x01 0x02 0x00 ... (EndInstance with a size
+ * of 2), GRUB_EFI_END_ENTIRE_DEVICE_PATH() will be true and
+ * GRUB_EFI_NEXT_DEVICE_PATH() will return NULL, so we won't continue,
+ * and neither should our consumers, but there won't be any error raised
+ * even though the device path is junk.
+ *
+ * This keeps us from passing junk down back to our caller.
+ */
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ total_size += len;
if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (p))
break;
}
@@ -497,7 +529,7 @@ dump_vendor_path (const char *type, grub_efi_vendor_device_path_t *vendor)
void
grub_efi_print_device_path (grub_efi_device_path_t *dp)
{
- while (1)
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp))
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -909,7 +941,10 @@ grub_efi_compare_device_paths (const grub_efi_device_path_t *dp1,
/* Return non-zero. */
return 1;
- while (1)
+ if (dp1 == dp2)
+ return 0;
+
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp1) && GRUB_EFI_DEVICE_PATH_VALID (dp2))
{
grub_efi_uint8_t type1, type2;
grub_efi_uint8_t subtype1, subtype2;
@@ -945,5 +980,14 @@ grub_efi_compare_device_paths (const grub_efi_device_path_t *dp1,
dp2 = (grub_efi_device_path_t *) ((char *) dp2 + len2);
}
+ /*
+ * There's no "right" answer here, but we probably don't want to call a valid
+ * dp and an invalid dp equal, so pick one way or the other.
+ */
+ if (GRUB_EFI_DEVICE_PATH_VALID (dp1) && !GRUB_EFI_DEVICE_PATH_VALID (dp2))
+ return 1;
+ else if (!GRUB_EFI_DEVICE_PATH_VALID (dp1) && GRUB_EFI_DEVICE_PATH_VALID (dp2))
+ return -1;
+
return 0;
}
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index daf8c6b54..a8d7b9155 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -156,9 +156,18 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
size = 0;
d = dp;
- while (1)
+ while (d)
{
- size += GRUB_EFI_DEVICE_PATH_LENGTH (d);
+ grub_size_t len = GRUB_EFI_DEVICE_PATH_LENGTH (d);
+
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ size += len;
if ((GRUB_EFI_END_ENTIRE_DEVICE_PATH (d)))
break;
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
index e9e119259..a70093607 100644
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@@ -515,14 +515,15 @@ grub_cmd_devprop_load (grub_command_t cmd __attribute__ ((unused)),
devhead = buf;
buf = devhead + 1;
- dpstart = buf;
+ dp = dpstart = buf;
- do
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp) && buf < bufend)
{
- dp = buf;
buf = (char *) buf + GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+ if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp))
+ break;
+ dp = buf;
}
- while (!GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp) && buf < bufend);
dev = grub_xnu_devprop_add_device (dpstart, (char *) buf
- (char *) dpstart);
diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h
index addcbfa8f..cf1355a8c 100644
--- a/include/grub/efi/api.h
+++ b/include/grub/efi/api.h
@@ -625,6 +625,7 @@ typedef struct grub_efi_device_path grub_efi_device_path_protocol_t;
#define GRUB_EFI_DEVICE_PATH_TYPE(dp) ((dp)->type & 0x7f)
#define GRUB_EFI_DEVICE_PATH_SUBTYPE(dp) ((dp)->subtype)
#define GRUB_EFI_DEVICE_PATH_LENGTH(dp) ((dp)->length)
+#define GRUB_EFI_DEVICE_PATH_VALID(dp) ((dp) != NULL && GRUB_EFI_DEVICE_PATH_LENGTH (dp) >= 4)
/* The End of Device Path nodes. */
#define GRUB_EFI_END_DEVICE_PATH_TYPE (0xff & 0x7f)
@@ -633,13 +634,16 @@ typedef struct grub_efi_device_path grub_efi_device_path_protocol_t;
#define GRUB_EFI_END_THIS_DEVICE_PATH_SUBTYPE 0x01
#define GRUB_EFI_END_ENTIRE_DEVICE_PATH(dp) \
- (GRUB_EFI_DEVICE_PATH_TYPE (dp) == GRUB_EFI_END_DEVICE_PATH_TYPE \
- && (GRUB_EFI_DEVICE_PATH_SUBTYPE (dp) \
- == GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE))
+ (!GRUB_EFI_DEVICE_PATH_VALID (dp) || \
+ (GRUB_EFI_DEVICE_PATH_TYPE (dp) == GRUB_EFI_END_DEVICE_PATH_TYPE \
+ && (GRUB_EFI_DEVICE_PATH_SUBTYPE (dp) \
+ == GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE)))
#define GRUB_EFI_NEXT_DEVICE_PATH(dp) \
- ((grub_efi_device_path_t *) ((char *) (dp) \
- + GRUB_EFI_DEVICE_PATH_LENGTH (dp)))
+ (GRUB_EFI_DEVICE_PATH_VALID (dp) \
+ ? ((grub_efi_device_path_t *) \
+ ((char *) (dp) + GRUB_EFI_DEVICE_PATH_LENGTH (dp))) \
+ : NULL)
/* Hardware Device Path. */
#define GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE 1
--
2.26.2
@@ -1,78 +0,0 @@
From fb55bc37dd510911df4eaf649da939f5fafdc7ce Mon Sep 17 00:00:00 2001
From: Daniel Kiper <daniel.kiper@oracle.com>
Date: Wed, 29 Jul 2020 13:38:31 +0200
Subject: [PATCH] efi/chainloader: Propagate errors from copy_file_path()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Without any error propagated to the caller, make_file_path()
would then try to advance the invalid device path node with
GRUB_EFI_NEXT_DEVICE_PATH(), which would fail, returning a NULL
pointer that would subsequently be dereferenced. Hence, propagate
errors from copy_file_path().
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/efi/chainloader.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index a8d7b9155..7b31c3fb9 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -106,7 +106,7 @@ grub_chainloader_boot (void)
return grub_errno;
}
-static void
+static grub_err_t
copy_file_path (grub_efi_file_path_device_path_t *fp,
const char *str, grub_efi_uint16_t len)
{
@@ -118,7 +118,7 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
path_name = grub_calloc (len, GRUB_MAX_UTF16_PER_UTF8 * sizeof (*path_name));
if (!path_name)
- return;
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "failed to allocate path buffer");
size = grub_utf8_to_utf16 (path_name, len * GRUB_MAX_UTF16_PER_UTF8,
(const grub_uint8_t *) str, len, 0);
@@ -131,6 +131,7 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
fp->path_name[size++] = '\0';
fp->header.length = size * sizeof (grub_efi_char16_t) + sizeof (*fp);
grub_free (path_name);
+ return GRUB_ERR_NONE;
}
static grub_efi_device_path_t *
@@ -189,13 +190,19 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
d = (grub_efi_device_path_t *) ((char *) file_path
+ ((char *) d - (char *) dp));
grub_efi_print_device_path (d);
- copy_file_path ((grub_efi_file_path_device_path_t *) d,
- dir_start, dir_end - dir_start);
+ if (copy_file_path ((grub_efi_file_path_device_path_t *) d,
+ dir_start, dir_end - dir_start) != GRUB_ERR_NONE)
+ {
+ fail:
+ grub_free (file_path);
+ return 0;
+ }
/* Fill the file path for the file. */
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
- copy_file_path ((grub_efi_file_path_device_path_t *) d,
- dir_end + 1, grub_strlen (dir_end + 1));
+ if (copy_file_path ((grub_efi_file_path_device_path_t *) d,
+ dir_end + 1, grub_strlen (dir_end + 1)) != GRUB_ERR_NONE)
+ goto fail;
/* Fill the end of device path nodes. */
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
--
2.26.2
@@ -1,183 +0,0 @@
From 8a6d6299efcffd14c1130942195e6c0d9b50cacd Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Mon, 20 Jul 2020 23:03:05 +0000
Subject: [PATCH] efi: Fix use-after-free in halt/reboot path
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
commit 92bfc33db984 ("efi: Free malloc regions on exit")
introduced memory freeing in grub_efi_fini(), which is
used not only by exit path but by halt/reboot one as well.
As result of memory freeing, code and data regions used by
modules, such as halt, reboot, acpi (used by halt) also got
freed. After return to module code, CPU executes, filled
by UEFI firmware (tested with edk2), 0xAFAFAFAF pattern as
a code. Which leads to #UD exception later.
grub> halt
!!!! X64 Exception Type - 06(#UD - Invalid Opcode) CPU Apic ID - 00000000 !!!!
RIP - 0000000003F4EC28, CS - 0000000000000038, RFLAGS - 0000000000200246
RAX - 0000000000000000, RCX - 00000000061DA188, RDX - 0A74C0854DC35D41
RBX - 0000000003E10E08, RSP - 0000000007F0F860, RBP - 0000000000000000
RSI - 00000000064DB768, RDI - 000000000832C5C3
R8 - 0000000000000002, R9 - 0000000000000000, R10 - 00000000061E2E52
R11 - 0000000000000020, R12 - 0000000003EE5C1F, R13 - 00000000061E0FF4
R14 - 0000000003E10D80, R15 - 00000000061E2F60
DS - 0000000000000030, ES - 0000000000000030, FS - 0000000000000030
GS - 0000000000000030, SS - 0000000000000030
CR0 - 0000000080010033, CR2 - 0000000000000000, CR3 - 0000000007C01000
CR4 - 0000000000000668, CR8 - 0000000000000000
DR0 - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000
DR3 - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400
GDTR - 00000000079EEA98 0000000000000047, LDTR - 0000000000000000
IDTR - 0000000007598018 0000000000000FFF, TR - 0000000000000000
FXSAVE_STATE - 0000000007F0F4C0
Proposal here is to continue to free allocated memory for
exit boot services path but keep it for halt/reboot path
as it won't be much security concern here.
Introduced GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY
loader flag to be used by efi halt/reboot path.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/arm/efi/init.c | 3 +++
grub-core/kern/arm64/efi/init.c | 3 +++
grub-core/kern/efi/efi.c | 3 ++-
grub-core/kern/efi/init.c | 1 -
grub-core/kern/i386/efi/init.c | 9 +++++++--
grub-core/kern/ia64/efi/init.c | 9 +++++++--
grub-core/kern/riscv/efi/init.c | 3 +++
grub-core/lib/efi/halt.c | 3 ++-
include/grub/loader.h | 1 +
9 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/grub-core/kern/arm/efi/init.c b/grub-core/kern/arm/efi/init.c
index 06df60e2f..40c3b467f 100644
--- a/grub-core/kern/arm/efi/init.c
+++ b/grub-core/kern/arm/efi/init.c
@@ -71,4 +71,7 @@ grub_machine_fini (int flags)
efi_call_1 (b->close_event, tmr_evt);
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/arm64/efi/init.c b/grub-core/kern/arm64/efi/init.c
index 6224999ec..5010caefd 100644
--- a/grub-core/kern/arm64/efi/init.c
+++ b/grub-core/kern/arm64/efi/init.c
@@ -57,4 +57,7 @@ grub_machine_fini (int flags)
return;
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index c97969a65..9cfd88d77 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -157,7 +157,8 @@ grub_efi_get_loaded_image (grub_efi_handle_t image_handle)
void
grub_reboot (void)
{
- grub_machine_fini (GRUB_LOADER_FLAG_NORETURN);
+ grub_machine_fini (GRUB_LOADER_FLAG_NORETURN |
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY);
efi_call_4 (grub_efi_system_table->runtime_services->reset_system,
GRUB_EFI_RESET_COLD, GRUB_EFI_SUCCESS, 0, NULL);
for (;;) ;
diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c
index 3dfdf2d22..2c31847bf 100644
--- a/grub-core/kern/efi/init.c
+++ b/grub-core/kern/efi/init.c
@@ -80,5 +80,4 @@ grub_efi_fini (void)
{
grub_efidisk_fini ();
grub_console_fini ();
- grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/i386/efi/init.c b/grub-core/kern/i386/efi/init.c
index da499aba0..deb2eacd8 100644
--- a/grub-core/kern/i386/efi/init.c
+++ b/grub-core/kern/i386/efi/init.c
@@ -39,6 +39,11 @@ grub_machine_init (void)
void
grub_machine_fini (int flags)
{
- if (flags & GRUB_LOADER_FLAG_NORETURN)
- grub_efi_fini ();
+ if (!(flags & GRUB_LOADER_FLAG_NORETURN))
+ return;
+
+ grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/ia64/efi/init.c b/grub-core/kern/ia64/efi/init.c
index b5ecbd091..f1965571b 100644
--- a/grub-core/kern/ia64/efi/init.c
+++ b/grub-core/kern/ia64/efi/init.c
@@ -70,6 +70,11 @@ grub_machine_init (void)
void
grub_machine_fini (int flags)
{
- if (flags & GRUB_LOADER_FLAG_NORETURN)
- grub_efi_fini ();
+ if (!(flags & GRUB_LOADER_FLAG_NORETURN))
+ return;
+
+ grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/riscv/efi/init.c b/grub-core/kern/riscv/efi/init.c
index 7eb1969d0..38795fe67 100644
--- a/grub-core/kern/riscv/efi/init.c
+++ b/grub-core/kern/riscv/efi/init.c
@@ -73,4 +73,7 @@ grub_machine_fini (int flags)
return;
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/lib/efi/halt.c b/grub-core/lib/efi/halt.c
index 5859f0498..29d413641 100644
--- a/grub-core/lib/efi/halt.c
+++ b/grub-core/lib/efi/halt.c
@@ -28,7 +28,8 @@
void
grub_halt (void)
{
- grub_machine_fini (GRUB_LOADER_FLAG_NORETURN);
+ grub_machine_fini (GRUB_LOADER_FLAG_NORETURN |
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY);
#if !defined(__ia64__) && !defined(__arm__) && !defined(__aarch64__) && \
!defined(__riscv)
grub_acpi_halt ();
diff --git a/include/grub/loader.h b/include/grub/loader.h
index 7f82a499f..b20864282 100644
--- a/include/grub/loader.h
+++ b/include/grub/loader.h
@@ -33,6 +33,7 @@ enum
{
GRUB_LOADER_FLAG_NORETURN = 1,
GRUB_LOADER_FLAG_PXE_NOT_UNLOAD = 2,
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY = 4,
};
void EXPORT_FUNC (grub_loader_set) (grub_err_t (*boot) (void),
--
2.26.2
@@ -1,32 +0,0 @@
From a2a7464e9f10a677d6f91e1c4fa527d084c22e7c Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 24 Jul 2020 13:57:27 -0400
Subject: [PATCH] loader/linux: Avoid overflow on initrd size calculation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/linux.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index 471b214d6..4cd8c20c7 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -151,8 +151,7 @@ grub_initrd_init (int argc, char *argv[],
initrd_ctx->nfiles = 0;
initrd_ctx->components = 0;
- initrd_ctx->components = grub_zalloc (argc
- * sizeof (initrd_ctx->components[0]));
+ initrd_ctx->components = grub_calloc (argc, sizeof (initrd_ctx->components[0]));
if (!initrd_ctx->components)
return grub_errno;
--
2.26.2
@@ -1,173 +0,0 @@
From 0367e7d1b9bac3a78608a672bf6e4ace6a28b964 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sat, 25 Jul 2020 12:15:37 +0100
Subject: [PATCH] linux: Fix integer overflows in initrd size handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
These could be triggered by a crafted filesystem with very large files.
Fixes: CVE-2020-15707
Signed-off-by: Colin Watson <cjwatson@debian.org>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/linux.c | 74 +++++++++++++++++++++++++++++-----------
1 file changed, 54 insertions(+), 20 deletions(-)
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index 4cd8c20c7..3fe390f17 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -4,6 +4,7 @@
#include <grub/misc.h>
#include <grub/file.h>
#include <grub/mm.h>
+#include <grub/safemath.h>
struct newc_head
{
@@ -98,13 +99,13 @@ free_dir (struct dir *root)
grub_free (root);
}
-static grub_size_t
+static grub_err_t
insert_dir (const char *name, struct dir **root,
- grub_uint8_t *ptr)
+ grub_uint8_t *ptr, grub_size_t *size)
{
struct dir *cur, **head = root;
const char *cb, *ce = name;
- grub_size_t size = 0;
+ *size = 0;
while (1)
{
for (cb = ce; *cb == '/'; cb++);
@@ -130,14 +131,22 @@ insert_dir (const char *name, struct dir **root,
ptr = make_header (ptr, name, ce - name,
040777, 0);
}
- size += ALIGN_UP ((ce - (char *) name)
- + sizeof (struct newc_head), 4);
+ if (grub_add (*size,
+ ALIGN_UP ((ce - (char *) name)
+ + sizeof (struct newc_head), 4),
+ size))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ grub_free (n->name);
+ grub_free (n);
+ return grub_errno;
+ }
*head = n;
cur = n;
}
root = &cur->next;
}
- return size;
+ return GRUB_ERR_NONE;
}
grub_err_t
@@ -172,26 +181,33 @@ grub_initrd_init (int argc, char *argv[],
eptr = grub_strchr (ptr, ':');
if (eptr)
{
+ grub_size_t dir_size, name_len;
+
initrd_ctx->components[i].newc_name = grub_strndup (ptr, eptr - ptr);
- if (!initrd_ctx->components[i].newc_name)
+ if (!initrd_ctx->components[i].newc_name ||
+ insert_dir (initrd_ctx->components[i].newc_name, &root, 0,
+ &dir_size))
{
grub_initrd_close (initrd_ctx);
return grub_errno;
}
- initrd_ctx->size
- += ALIGN_UP (sizeof (struct newc_head)
- + grub_strlen (initrd_ctx->components[i].newc_name),
- 4);
- initrd_ctx->size += insert_dir (initrd_ctx->components[i].newc_name,
- &root, 0);
+ name_len = grub_strlen (initrd_ctx->components[i].newc_name);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head) + name_len, 4),
+ &initrd_ctx->size) ||
+ grub_add (initrd_ctx->size, dir_size, &initrd_ctx->size))
+ goto overflow;
newc = 1;
fname = eptr + 1;
}
}
else if (newc)
{
- initrd_ctx->size += ALIGN_UP (sizeof (struct newc_head)
- + sizeof ("TRAILER!!!") - 1, 4);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head)
+ + sizeof ("TRAILER!!!") - 1, 4),
+ &initrd_ctx->size))
+ goto overflow;
free_dir (root);
root = 0;
newc = 0;
@@ -207,19 +223,29 @@ grub_initrd_init (int argc, char *argv[],
initrd_ctx->nfiles++;
initrd_ctx->components[i].size
= grub_file_size (initrd_ctx->components[i].file);
- initrd_ctx->size += initrd_ctx->components[i].size;
+ if (grub_add (initrd_ctx->size, initrd_ctx->components[i].size,
+ &initrd_ctx->size))
+ goto overflow;
}
if (newc)
{
initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4);
- initrd_ctx->size += ALIGN_UP (sizeof (struct newc_head)
- + sizeof ("TRAILER!!!") - 1, 4);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head)
+ + sizeof ("TRAILER!!!") - 1, 4),
+ &initrd_ctx->size))
+ goto overflow;
free_dir (root);
root = 0;
}
return GRUB_ERR_NONE;
+
+ overflow:
+ free_dir (root);
+ grub_initrd_close (initrd_ctx);
+ return grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
}
grub_size_t
@@ -260,8 +286,16 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx,
if (initrd_ctx->components[i].newc_name)
{
- ptr += insert_dir (initrd_ctx->components[i].newc_name,
- &root, ptr);
+ grub_size_t dir_size;
+
+ if (insert_dir (initrd_ctx->components[i].newc_name, &root, ptr,
+ &dir_size))
+ {
+ free_dir (root);
+ grub_initrd_close (initrd_ctx);
+ return grub_errno;
+ }
+ ptr += dir_size;
ptr = make_header (ptr, initrd_ctx->components[i].newc_name,
grub_strlen (initrd_ctx->components[i].newc_name),
0100777,
--
2.26.2
-11
View File
@@ -21,17 +21,6 @@ endef
GRUB2_POST_PATCH_HOOKS += GRUB2_AVOID_AUTORECONF
HOST_GRUB2_POST_PATCH_HOOKS += GRUB2_AVOID_AUTORECONF
# 0002-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch
GRUB2_IGNORE_CVES += CVE-2020-10713
# 0005-calloc-Use-calloc-at-most-places.patch
GRUB2_IGNORE_CVES += CVE-2020-14308
# 0006-malloc-Use-overflow-checking-primitives-where-we-do-.patch
GRUB2_IGNORE_CVES += CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
# 0019-script-Avoid-a-use-after-free-when-redefining-a-func.patch
GRUB2_IGNORE_CVES += CVE-2020-15706
# 0028-linux-Fix-integer-overflows-in-initrd-size-handling.patch
GRUB2_IGNORE_CVES += CVE-2020-15707
ifeq ($(BR2_TARGET_GRUB2_INSTALL_TOOLS),y)
GRUB2_INSTALL_TARGET = YES
else
+2 -2
View File
@@ -1,3 +1,3 @@
# locally computed
sha256 17e048ac765e92e15f7436b604452614cf88dc2bcbbaab18cdc024f3fdd4c575 opensbi-0.8.tar.gz
sha256 82d13fb1bf6bb162629deeea9eb9c117e74548d3b707e478967691fe79a68e21 COPYING.BSD
sha256 46a93afd5465eba094ddba40015e754bf09f9e80e0702c00013d6bdb3ecd0a72 opensbi-0.6.tar.gz
sha256 82d13fb1bf6bb162629deeea9eb9c117e74548d3b707e478967691fe79a68e21 COPYING.BSD
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
OPENSBI_VERSION = 0.8
OPENSBI_VERSION = 0.6
OPENSBI_SITE = $(call github,riscv,opensbi,v$(OPENSBI_VERSION))
OPENSBI_LICENSE = BSD-2-Clause
OPENSBI_LICENSE_FILES = COPYING.BSD
@@ -1,34 +0,0 @@
From 04a8def18caccad27292ba97dc8ea8b3eb3a6afd Mon Sep 17 00:00:00 2001
From: Etienne Carriere <etienne.carriere@linaro.org>
Date: Tue, 26 May 2020 11:10:45 +0200
Subject: [PATCH] scripts/pem_to_pub.py: use Cryptodome module instead of
Crypto
Upgrade scripts/pem_to_pub.py to use module Cryptodome instead of
module Crypto for consistency with the other helper Python scripts
of OP-TEE OS package.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
---
scripts/pem_to_pub_c.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py
index 3a896a393..d3f0e5006 100755
--- a/scripts/pem_to_pub_c.py
+++ b/scripts/pem_to_pub_c.py
@@ -21,8 +21,8 @@ def get_args():
def main():
import array
- from Crypto.PublicKey import RSA
- from Crypto.Util.number import long_to_bytes
+ from Cryptodome.PublicKey import RSA
+ from Cryptodome.Util.number import long_to_bytes
args = get_args()
--
2.17.1
@@ -0,0 +1,64 @@
From 06e71feaeb08349abe56b50c3dfb08a8341cf55f Mon Sep 17 00:00:00 2001
From: Romain Naour <romain.naour@gmail.com>
Date: Sun, 26 Apr 2020 21:55:55 +0200
Subject: [PATCH] scripts/pem_to_pub_c.py/sign.py: use pycryptodomex
These scripts still use pycrypto.
From [1]:
"PyCryptodome is a fork of PyCrypto, which is not maintained any more
(the last release dates back to 2013 [2]). It exposes almost the same
API, but there are a few incompatibilities [3]."
Don't use upstream commit since it also switches from the algorithm
TEE_ALG_RSASSA_PKCS1_V1_5_SHA256 to TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256
when replacing pycrypto to pycryptodomex [4].
[1] https://github.com/OP-TEE/optee_os/commit/90ad2450436fdd9fc0d28a3f92f3fbcfd89a38f0
[2] https://pypi.org/project/pycrypto/#history
[3] https://pycryptodome.readthedocs.io/en/latest/src/vs_pycrypto.html
[4] https://github.com/OP-TEE/optee_os/commit/ababd72d2fd76cb2ded8e202b49db28d6545f6eb
Signed-off-by: Romain Naour <romain.naour@gmail.com>
---
scripts/pem_to_pub_c.py | 4 ++--
scripts/sign.py | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/scripts/pem_to_pub_c.py b/scripts/pem_to_pub_c.py
index 3a896a39..d3f0e500 100755
--- a/scripts/pem_to_pub_c.py
+++ b/scripts/pem_to_pub_c.py
@@ -21,8 +21,8 @@ def get_args():
def main():
import array
- from Crypto.PublicKey import RSA
- from Crypto.Util.number import long_to_bytes
+ from Cryptodome.PublicKey import RSA
+ from Cryptodome.Util.number import long_to_bytes
args = get_args()
diff --git a/scripts/sign.py b/scripts/sign.py
index 2939c591..80ce2e9f 100755
--- a/scripts/sign.py
+++ b/scripts/sign.py
@@ -121,10 +121,10 @@ def get_args(logger):
def main():
- from Crypto.Signature import PKCS1_v1_5
- from Crypto.Hash import SHA256
- from Crypto.PublicKey import RSA
- from Crypto.Util.number import ceil_div
+ from Cryptodome.Signature import PKCS1_v1_5
+ from Cryptodome.Hash import SHA256
+ from Cryptodome.PublicKey import RSA
+ from Cryptodome.Util.number import ceil_div
import base64
import logging
import os
--
2.25.3
@@ -1,32 +0,0 @@
From c5f5e6bf6644a536a0d53bfb9f5c5419150035dd Mon Sep 17 00:00:00 2001
From: Jens Wiklander <jens.wiklander@linaro.org>
Date: Mon, 25 May 2020 12:20:08 +0200
Subject: [PATCH] config.mk: fix CFG_OPTEE_REVISION_MINOR
The current release is 3.9.0, change the revision to match.
Fixes: af141c61fe7a ("Update CHANGELOG for 3.9.0")
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
---
mk/config.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mk/config.mk b/mk/config.mk
index c00a14618..bc49f83d8 100644
--- a/mk/config.mk
+++ b/mk/config.mk
@@ -116,7 +116,7 @@ endif
# with limited depth not including any tag, so there is really no guarantee
# that TEE_IMPL_VERSION contains the major and minor revision numbers.
CFG_OPTEE_REVISION_MAJOR ?= 3
-CFG_OPTEE_REVISION_MINOR ?= 8
+CFG_OPTEE_REVISION_MINOR ?= 9
# Trusted OS implementation manufacturer name
CFG_TEE_MANUFACTURER ?= LINARO
--
2.17.1
@@ -1,249 +0,0 @@
From 49c7d2557d92993a1e09e50c961b9d4f7ab1091b Mon Sep 17 00:00:00 2001
From: Dick Olsson <hi@senzilla.io>
Date: Wed, 22 Jul 2020 08:49:12 +0200
Subject: [PATCH] mk: core: ta: Configurable Python interpreter
Build systems that manage multiple different python interpreters need
explicit control over which version of the interpreter to use.
This patch enables one to override the default interpreter with the path
to a specific one.
Signed-off-by: Dick Olsson <hi@senzilla.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
---
core/arch/arm/arm.mk | 2 ++
core/arch/arm/kernel/link.mk | 22 +++++++++++-----------
core/sub.mk | 10 +++++-----
mk/config.mk | 6 ++++++
mk/lib.mk | 2 +-
ta/arch/arm/link.mk | 2 +-
ta/arch/arm/link_shlib.mk | 2 +-
ta/ta.mk | 2 +-
8 files changed, 28 insertions(+), 20 deletions(-)
diff --git a/core/arch/arm/arm.mk b/core/arch/arm/arm.mk
index 5c9f16ef..878035c5 100644
--- a/core/arch/arm/arm.mk
+++ b/core/arch/arm/arm.mk
@@ -245,6 +245,7 @@ ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE32 ?= $$(CROSS_COMPILE)_nl_
ta-mk-file-export-add-ta_arm32 += CROSS_COMPILE_ta_arm32 ?= $$(CROSS_COMPILE32)_nl_
ta-mk-file-export-add-ta_arm32 += COMPILER ?= gcc_nl_
ta-mk-file-export-add-ta_arm32 += COMPILER_ta_arm32 ?= $$(COMPILER)_nl_
+ta-mk-file-export-add-ta_arm32 += PYTHON3 ?= python3_nl_
endif
ifneq ($(filter ta_arm64,$(ta-targets)),)
@@ -275,6 +276,7 @@ ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE64 ?= $$(CROSS_COMPILE)_nl_
ta-mk-file-export-add-ta_arm64 += CROSS_COMPILE_ta_arm64 ?= $$(CROSS_COMPILE64)_nl_
ta-mk-file-export-add-ta_arm64 += COMPILER ?= gcc_nl_
ta-mk-file-export-add-ta_arm64 += COMPILER_ta_arm64 ?= $$(COMPILER)_nl_
+ta-mk-file-export-add-ta_arm64 += PYTHON3 ?= python3_nl_
endif
# Set cross compiler prefix for each TA target
diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk
index 1b89b895..69375ad6 100644
--- a/core/arch/arm/kernel/link.mk
+++ b/core/arch/arm/kernel/link.mk
@@ -62,13 +62,13 @@ cleanfiles += $(link-out-dir)/text_unpaged.ld.S
$(link-out-dir)/text_unpaged.ld.S: $(link-out-dir)/unpaged.o
@$(cmd-echo-silent) ' GEN $@'
$(q)$(READELFcore) -S -W $< | \
- ./scripts/gen_ld_sects.py .text. > $@
+ $(PYTHON3) ./scripts/gen_ld_sects.py .text. > $@
cleanfiles += $(link-out-dir)/rodata_unpaged.ld.S
$(link-out-dir)/rodata_unpaged.ld.S: $(link-out-dir)/unpaged.o
@$(cmd-echo-silent) ' GEN $@'
$(q)$(READELFcore) -S -W $< | \
- ./scripts/gen_ld_sects.py .rodata. > $@
+ $(PYTHON3) ./scripts/gen_ld_sects.py .rodata. > $@
cleanfiles += $(link-out-dir)/init_entries.txt
@@ -92,12 +92,12 @@ cleanfiles += $(link-out-dir)/text_init.ld.S
$(link-out-dir)/text_init.ld.S: $(link-out-dir)/init.o
@$(cmd-echo-silent) ' GEN $@'
$(q)$(READELFcore) -S -W $< | \
- ./scripts/gen_ld_sects.py .text. > $@
+ $(PYTHON3) ./scripts/gen_ld_sects.py .text. > $@
cleanfiles += $(link-out-dir)/rodata_init.ld.S
$(link-out-dir)/rodata_init.ld.S: $(link-out-dir)/init.o
@$(cmd-echo-silent) ' GEN $@'
- $(q)$(READELFcore) -S -W $< | ./scripts/gen_ld_sects.py .rodata. > $@
+ $(q)$(READELFcore) -S -W $< | $(PYTHON3) ./scripts/gen_ld_sects.py .rodata. > $@
-include $(link-script-dep)
@@ -176,39 +176,39 @@ cleanfiles += $(link-out-dir)/tee-pager.bin
$(link-out-dir)/tee-pager.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
@echo Warning: $@ is deprecated
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_tee_pager_bin $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_pager_bin $@
cleanfiles += $(link-out-dir)/tee-pageable.bin
$(link-out-dir)/tee-pageable.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
@echo Warning: $@ is deprecated
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_tee_pageable_bin $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_pageable_bin $@
all: $(link-out-dir)/tee.bin
cleanfiles += $(link-out-dir)/tee.bin
$(link-out-dir)/tee.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_tee_bin $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_tee_bin $@
all: $(link-out-dir)/tee-header_v2.bin
cleanfiles += $(link-out-dir)/tee-header_v2.bin
$(link-out-dir)/tee-header_v2.bin: $(link-out-dir)/tee.elf \
scripts/gen_tee_bin.py
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_header_v2 $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_header_v2 $@
all: $(link-out-dir)/tee-pager_v2.bin
cleanfiles += $(link-out-dir)/tee-pager_v2.bin
$(link-out-dir)/tee-pager_v2.bin: $(link-out-dir)/tee.elf scripts/gen_tee_bin.py
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_pager_v2 $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_pager_v2 $@
all: $(link-out-dir)/tee-pageable_v2.bin
cleanfiles += $(link-out-dir)/tee-pageable_v2.bin
$(link-out-dir)/tee-pageable_v2.bin: $(link-out-dir)/tee.elf \
scripts/gen_tee_bin.py
@$(cmd-echo-silent) ' GEN $@'
- $(q)scripts/gen_tee_bin.py --input $< --out_pageable_v2 $@
+ $(q)$(PYTHON3) scripts/gen_tee_bin.py --input $< --out_pageable_v2 $@
all: $(link-out-dir)/tee.symb_sizes
cleanfiles += $(link-out-dir)/tee.symb_sizes
@@ -222,5 +222,5 @@ mem_usage: $(link-out-dir)/tee.mem_usage
$(link-out-dir)/tee.mem_usage: $(link-out-dir)/tee.elf
@$(cmd-echo-silent) ' GEN $@'
- $(q)./scripts/mem_usage.py $< > $@
+ $(q)$(PYTHON3) ./scripts/mem_usage.py $< > $@
endif
diff --git a/core/sub.mk b/core/sub.mk
index 03cc6bc7..0959c9a9 100644
--- a/core/sub.mk
+++ b/core/sub.mk
@@ -9,13 +9,13 @@ ifeq ($(CFG_WITH_USER_TA),y)
gensrcs-y += ta_pub_key
produce-ta_pub_key = ta_pub_key.c
depends-ta_pub_key = $(TA_SIGN_KEY) scripts/pem_to_pub_c.py
-recipe-ta_pub_key = scripts/pem_to_pub_c.py --prefix ta_pub_key \
+recipe-ta_pub_key = $(PYTHON3) scripts/pem_to_pub_c.py --prefix ta_pub_key \
--key $(TA_SIGN_KEY) --out $(sub-dir-out)/ta_pub_key.c
gensrcs-y += ldelf
produce-ldelf = ldelf_hex.c
depends-ldelf = scripts/gen_ldelf_hex.py $(out-dir)/ldelf/ldelf.elf
-recipe-ldelf = scripts/gen_ldelf_hex.py --input $(out-dir)/ldelf/ldelf.elf \
+recipe-ldelf = $(PYTHON3) scripts/gen_ldelf_hex.py --input $(out-dir)/ldelf/ldelf.elf \
--output $(sub-dir-out)/ldelf_hex.c
endif
@@ -25,7 +25,7 @@ early-ta-$1-uuid := $(firstword $(subst ., ,$(notdir $1)))
gensrcs-y += early-ta-$1
produce-early-ta-$1 = early_ta_$$(early-ta-$1-uuid).c
depends-early-ta-$1 = $1 scripts/ta_bin_to_c.py
-recipe-early-ta-$1 = scripts/ta_bin_to_c.py --compress --ta $1 \
+recipe-early-ta-$1 = $(PYTHON3) scripts/ta_bin_to_c.py --compress --ta $1 \
--out $(sub-dir-out)/early_ta_$$(early-ta-$1-uuid).c
endef
$(foreach f, $(EARLY_TA_PATHS), $(eval $(call process_early_ta,$(f))))
@@ -40,7 +40,7 @@ core-embed-fdt-c = $(out-dir)/$(arch-dir)/dts/$(CFG_EMBED_DTB_SOURCE_FILE:.dts=.
gensrcs-y += embedded_secure_dtb
produce-embedded_secure_dtb = arch/$(ARCH)/dts/$(CFG_EMBED_DTB_SOURCE_FILE:.dts=.c)
depends-embedded_secure_dtb = $(core-embed-fdt-dtb) scripts/bin_to_c.py
-recipe-embedded_secure_dtb = scripts/bin_to_c.py \
+recipe-embedded_secure_dtb = $(PYTHON3) scripts/bin_to_c.py \
--bin $(core-embed-fdt-dtb) \
--vname embedded_secure_dtb \
--out $(core-embed-fdt-c)
@@ -58,7 +58,7 @@ $(conf-mk-xz-base64): $(conf-mk-file)
gensrcs-y += conf_str
produce-conf_str = conf.mk.xz.base64.c
depends-conf_str = $(conf-mk-xz-base64)
-recipe-conf_str = scripts/bin_to_c.py --text --bin $(conf-mk-xz-base64) \
+recipe-conf_str = $(PYTHON3) scripts/bin_to_c.py --text --bin $(conf-mk-xz-base64) \
--out $(sub-dir-out)/conf.mk.xz.base64.c \
--vname conf_str
endif
diff --git a/mk/config.mk b/mk/config.mk
index 70732c4d..1fe65576 100644
--- a/mk/config.mk
+++ b/mk/config.mk
@@ -32,6 +32,12 @@ endif
# Supported values: undefined, 1, 2 and 3. 3 gives more warnings.
WARNS ?= 3
+# Path to the Python interpreter used by the build system.
+# This variable is set to the default python3 interpreter in the user's
+# path. But build environments that require more explicit control can
+# set the path to a specific interpreter through this variable.
+PYTHON3 ?= python3
+
# Define DEBUG=1 to compile without optimization (forces -O0)
# DEBUG=1
diff --git a/mk/lib.mk b/mk/lib.mk
index 6e890893..3bd422d6 100644
--- a/mk/lib.mk
+++ b/mk/lib.mk
@@ -72,7 +72,7 @@ $(lib-shlibstrippedfile): $(lib-shlibfile)
$(lib-shlibtafile): $(lib-shlibstrippedfile) $(TA_SIGN_KEY)
@$(cmd-echo-silent) ' SIGN $$@'
- $$(q)$$(SIGN) --key $(TA_SIGN_KEY) --uuid $(libuuid) --in $$< --out $$@
+ $$(q)$$(PYTHON3) $$(SIGN) --key $(TA_SIGN_KEY) --uuid $(libuuid) --in $$< --out $$@
$(lib-libuuidln): $(lib-shlibfile)
@$(cmd-echo-silent) ' LN $$@'
diff --git a/ta/arch/arm/link.mk b/ta/arch/arm/link.mk
index db7d0b9a..b95c0cba 100644
--- a/ta/arch/arm/link.mk
+++ b/ta/arch/arm/link.mk
@@ -2,7 +2,7 @@ link-script$(sm) = $(ta-dev-kit-dir$(sm))/src/ta.ld.S
link-script-pp$(sm) = $(link-out-dir$(sm))/ta.lds
link-script-dep$(sm) = $(link-out-dir$(sm))/.ta.ld.d
-SIGN_ENC ?= $(ta-dev-kit-dir$(sm))/scripts/sign_encrypt.py
+SIGN_ENC ?= $(PYTHON3) $(ta-dev-kit-dir$(sm))/scripts/sign_encrypt.py
TA_SIGN_KEY ?= $(ta-dev-kit-dir$(sm))/keys/default_ta.pem
ifeq ($(CFG_ENCRYPT_TA),y)
diff --git a/ta/arch/arm/link_shlib.mk b/ta/arch/arm/link_shlib.mk
index ed81e59a..cc177ef0 100644
--- a/ta/arch/arm/link_shlib.mk
+++ b/ta/arch/arm/link_shlib.mk
@@ -47,5 +47,5 @@ $(link-out-dir)/$(shlibuuid).elf: $(link-out-dir)/$(shlibname).so
$(link-out-dir)/$(shlibuuid).ta: $(link-out-dir)/$(shlibname).stripped.so \
$(TA_SIGN_KEY)
@$(cmd-echo-silent) ' SIGN $@'
- $(q)$(SIGN) --key $(TA_SIGN_KEY) --uuid $(shlibuuid) \
+ $(q)$(PYTHON3) $(SIGN) --key $(TA_SIGN_KEY) --uuid $(shlibuuid) \
--in $< --out $@
diff --git a/ta/ta.mk b/ta/ta.mk
index 918880f4..59ed87f7 100644
--- a/ta/ta.mk
+++ b/ta/ta.mk
@@ -67,7 +67,7 @@ $$(arm32-user-sysregs-out)/$$(arm32-user-sysregs-$(1)-h): \
$(1) scripts/arm32_sysreg.py
@$(cmd-echo-silent) ' GEN $$@'
$(q)mkdir -p $$(dir $$@)
- $(q)scripts/arm32_sysreg.py --guard __$$(arm32-user-sysregs-$(1)-h) \
+ $(q)$(PYTHON3) scripts/arm32_sysreg.py --guard __$$(arm32-user-sysregs-$(1)-h) \
< $$< > $$@
endef #process-arm32-user-sysreg
--
2.20.1
+2 -2
View File
@@ -18,7 +18,7 @@ choice
Select the version of OP-TEE OS you want to use
config BR2_TARGET_OPTEE_OS_LATEST
bool "3.9.0"
bool "3.7.0"
help
Use the latest release tag from the OP-TEE OS official Git
repository.
@@ -50,7 +50,7 @@ endif
config BR2_TARGET_OPTEE_OS_VERSION
string
default "3.9.0" if BR2_TARGET_OPTEE_OS_LATEST
default "3.7.0" if BR2_TARGET_OPTEE_OS_LATEST
default BR2_TARGET_OPTEE_OS_CUSTOM_REPO_VERSION \
if BR2_TARGET_OPTEE_OS_CUSTOM_GIT
+2 -2
View File
@@ -1,4 +1,4 @@
# From https://github.com/OP-TEE/optee_os/archive/3.9.0.tar.gz
sha256 ac6f145ebde715d4d7a1d5277f4e08a06b660e1c0237c926a274d86cd90ef4c5 optee-os-3.9.0.tar.gz
# From https://github.com/OP-TEE/optee_os/archive/3.7.0.tar.gz
sha256 ff378f22b8e7dacf933a2d34eb5c1bdcafe74bdda692e4dbc2969301f6a81d43 optee-os-3.7.0.tar.gz
# Locally computed
sha256 1247ee90858f4037b6cac63cbffddfed435d0d73c631b37d78c1e6e6ab3e5d1a LICENSE
+2 -3
View File
@@ -21,7 +21,7 @@ else
OPTEE_OS_SITE = $(call github,OP-TEE,optee_os,$(OPTEE_OS_VERSION))
endif
OPTEE_OS_DEPENDENCIES = host-openssl host-python3 host-python3-pycryptodomex host-python3-pyelftools
OPTEE_OS_DEPENDENCIES = host-openssl host-python-pycryptodomex host-python-pyelftools
# On 64bit targets, OP-TEE OS can be built in 32bit mode, or
# can be built in 64bit mode and support 32bit and 64bit
@@ -32,8 +32,7 @@ OPTEE_OS_MAKE_OPTS = \
CROSS_COMPILE="$(TARGET_CROSS)" \
CROSS_COMPILE_core="$(TARGET_CROSS)" \
CROSS_COMPILE_ta_arm64="$(TARGET_CROSS)" \
CROSS_COMPILE_ta_arm32="$(TARGET_CROSS)" \
PYTHON3="$(HOST_DIR)/bin/python3"
CROSS_COMPILE_ta_arm32="$(TARGET_CROSS)"
ifeq ($(BR2_aarch64),y)
OPTEE_OS_MAKE_OPTS += \
+6 -24
View File
@@ -41,7 +41,7 @@ choice
Select the specific U-Boot version you want to use
config BR2_TARGET_UBOOT_LATEST_VERSION
bool "2020.07"
bool "2020.04"
config BR2_TARGET_UBOOT_CUSTOM_VERSION
bool "Custom version"
@@ -74,9 +74,13 @@ if BR2_TARGET_UBOOT_CUSTOM_GIT || BR2_TARGET_UBOOT_CUSTOM_HG || BR2_TARGET_UBOOT
config BR2_TARGET_UBOOT_CUSTOM_REPO_URL
string "URL of custom repository"
default BR2_TARGET_UBOOT_CUSTOM_GIT_REPO_URL \
if BR2_TARGET_UBOOT_CUSTOM_GIT_REPO_URL != "" # legacy
config BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION
string "Custom repository version"
default BR2_TARGET_UBOOT_CUSTOM_GIT_VERSION \
if BR2_TARGET_UBOOT_CUSTOM_GIT_VERSION != "" # legacy
help
Revision to use in the typical format used by
Git/Mercurial/Subversion E.G. a sha id, a tag, branch, ..
@@ -85,7 +89,7 @@ endif
config BR2_TARGET_UBOOT_VERSION
string
default "2020.07" if BR2_TARGET_UBOOT_LATEST_VERSION
default "2020.04" if BR2_TARGET_UBOOT_LATEST_VERSION
default BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE \
if BR2_TARGET_UBOOT_CUSTOM_VERSION
default "custom" if BR2_TARGET_UBOOT_CUSTOM_TARBALL
@@ -458,28 +462,6 @@ config BR2_TARGET_UBOOT_ZYNQMP_PMUFW
This feature requires U-Boot >= 2018.07.
config BR2_TARGET_UBOOT_ZYNQMP_PM_CFG
string "PMU configuration location"
depends on BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG
help
Location of a PMU configuration file.
If not empty, Buildroot will convert the PMU configuration
file into a loadable blob and pass it to U-Boot. The blob gets
embedded into the U-Boot SPL and is used to configure the PMU
during board initialization.
Unlike the PMU firmware, the PMU configuration file is unique
to each board configuration. A PMU configuration file can be
generated by building your Xilinx SDK BSP. It can be found in
the BSP source, for example at
./psu_cortexa53_0/libsrc/xilpm_v2_4/src/pm_cfg_obj.c
Leave this option empty if your PMU firmware has a hard-coded
configuration object or you are loading it by any other means.
This feature requires U-Boot >= v2019.10.
config BR2_TARGET_UBOOT_ZYNQMP_PSU_INIT_FILE
string "Custom psu_init_gpl file"
depends on BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally computed:
sha256 c1f5bf9ee6bb6e648edbf19ce2ca9452f614b08a9f886f1a566aa42e8cf05f6a u-boot-2020.07.tar.bz2
sha256 fe732aaf037d9cc3c0909bad8362af366ae964bbdac6913a34081ff4ad565372 u-boot-2020.04.tar.bz2
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 Licenses/gpl-2.0.txt
+3 -21
View File
@@ -16,7 +16,6 @@ UBOOT_INSTALL_IMAGES = YES
# u-boot 2020.01+ needs make 4.0+
UBOOT_DEPENDENCIES = $(BR2_MAKE_HOST_DEPENDENCY)
UBOOT_MAKE = $(BR2_MAKE)
ifeq ($(UBOOT_VERSION),custom)
# Handle custom U-Boot tarballs as specified by the configuration
@@ -34,7 +33,7 @@ UBOOT_SITE = $(call qstrip,$(BR2_TARGET_UBOOT_CUSTOM_REPO_URL))
UBOOT_SITE_METHOD = svn
else
# Handle stable official U-Boot versions
UBOOT_SITE = https://ftp.denx.de/pub/u-boot
UBOOT_SITE = ftp://ftp.denx.de/pub/u-boot
UBOOT_SOURCE = u-boot-$(UBOOT_VERSION).tar.bz2
endif
@@ -258,7 +257,7 @@ UBOOT_POST_PATCH_HOOKS += UBOOT_FIXUP_LIBFDT_INCLUDE
ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_LEGACY),y)
define UBOOT_CONFIGURE_CMDS
$(TARGET_CONFIGURE_OPTS) \
$(UBOOT_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(BR2_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_BOARD_NAME)_config
endef
else ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG),y)
@@ -295,7 +294,7 @@ define UBOOT_BUILD_CMDS
cp -f $(UBOOT_CUSTOM_DTS_PATH) $(@D)/arch/$(UBOOT_ARCH)/dts/
)
$(TARGET_CONFIGURE_OPTS) \
$(UBOOT_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(BR2_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_MAKE_TARGET)
$(if $(BR2_TARGET_UBOOT_FORMAT_SD),
$(@D)/tools/mxsboot sd $(@D)/u-boot.sb $(@D)/u-boot.sd)
@@ -361,22 +360,6 @@ define UBOOT_ZYNQMP_KCONFIG_PMUFW
$(call KCONFIG_SET_OPT,CONFIG_PMUFW_INIT_FILE,"$(UBOOT_ZYNQMP_PMUFW_PATH)")
endef
UBOOT_ZYNQMP_PM_CFG = $(call qstrip,$(BR2_TARGET_UBOOT_ZYNQMP_PM_CFG))
ifneq ($(UBOOT_ZYNQMP_PM_CFG),)
UBOOT_ZYNQMP_PM_CFG_BIN = $(UBOOT_DIR)/pm_cfg_obj.bin
define UBOOT_ZYNQMP_KCONFIG_PM_CFG
$(call KCONFIG_SET_OPT,CONFIG_ZYNQMP_SPL_PM_CFG_OBJ_FILE,"$(UBOOT_ZYNQMP_PM_CFG_BIN)", \
$(@D)/.config)
endef
define UBOOT_ZYNQMP_PM_CFG_CONVERT
$(UBOOT_DIR)/tools/zynqmp_pm_cfg_obj_convert.py \
"$(UBOOT_ZYNQMP_PM_CFG)" \
"$(UBOOT_ZYNQMP_PM_CFG_BIN)"
endef
UBOOT_PRE_BUILD_HOOKS += UBOOT_ZYNQMP_PM_CFG_CONVERT
endif
UBOOT_ZYNQMP_PSU_INIT = $(call qstrip,$(BR2_TARGET_UBOOT_ZYNQMP_PSU_INIT_FILE))
UBOOT_ZYNQMP_PSU_INIT_PATH = $(shell readlink -f $(UBOOT_ZYNQMP_PSU_INIT))
@@ -439,7 +422,6 @@ endif
define UBOOT_KCONFIG_FIXUP_CMDS
$(UBOOT_ZYNQMP_KCONFIG_PMUFW)
$(UBOOT_ZYNQMP_KCONFIG_PM_CFG)
$(UBOOT_ZYNQMP_KCONFIG_PSU_INIT)
endef
+4 -5
View File
@@ -1,21 +1,20 @@
# Architecture
BR2_aarch64=y
# Linux headers same as kernel, a 4.14 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_14=y
# Linux headers same as kernel, a 4.1 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_1=y
# System settings
BR2_TARGET_GENERIC_HOSTNAME="ucls1012a"
BR2_TARGET_GENERIC_ISSUE="Welcome to uCLS1012A-SOM"
BR2_SYSTEM_DHCP="eth0"
BR2_ROOTFS_OVERLAY="board/arcturus/aarch64-ucls1012a/rootfs_overlay"
BR2_ROOTFS_POST_BUILD_SCRIPT="board/arcturus/aarch64-ucls1012a/post-build.sh"
BR2_ROOTFS_POST_IMAGE_SCRIPT="board/arcturus/aarch64-ucls1012a/post-image.sh"
# Kernel
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,ArcturusNetworks,uCLS1012A-kernel,v.20.31)/linux-v.20.31.tar.gz"
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,ArcturusNetworks,uCLS1012A-kernel,v0.2.1935)/linux-v0.2.1935.tar.gz"
BR2_LINUX_KERNEL_DEFCONFIG="ucls1012a"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="arcturus/arc-ucls1012a"
@@ -28,7 +27,7 @@ BR2_TARGET_ROOTFS_CPIO_GZIP=y
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_TARBALL=y
BR2_TARGET_UBOOT_CUSTOM_TARBALL_LOCATION="$(call github,ArcturusNetworks,uCLS1012A-uboot,v.20.31)/uboot-v.20.31.tar.gz"
BR2_TARGET_UBOOT_CUSTOM_TARBALL_LOCATION="$(call github,ArcturusNetworks,uCLS1012A-uboot,v0.2.1935)/uboot-v0.2.1935.tar.gz"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="UCLS1012A_QSPI128"
# Tools
+2 -1
View File
@@ -5,7 +5,8 @@ BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.4.3"
BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG=y
BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(LINUX_DIR)/arch/arm64/configs/defconfig"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="arm/foundation-v8"
BR2_TARGET_ROOTFS_EXT2=y
@@ -3,7 +3,7 @@ BR2_cortex_a5=y
BR2_ARM_ENABLE_NEON=y
BR2_ARM_ENABLE_VFP=y
BR2_ARM_INSTRUCTIONS_THUMB2=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_4=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_19=y
BR2_TOOLCHAIN_BUILDROOT_WCHAR=y
BR2_PTHREAD_DEBUG=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
@@ -12,7 +12,7 @@ BR2_ROOTFS_POST_IMAGE_SCRIPT="support/scripts/genimage.sh"
BR2_ROOTFS_POST_SCRIPT_ARGS="-c board/atmel/sama5d27_som1_ek_mmc/genimage.cfg"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,linux-at91,linux4sam-2020.04)/linux-at91-linux4sam-2020.04.tar.gz"
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,linux-at91,linux4sam_6.2)/linux-linux4sam_6.2.tar.gz"
BR2_LINUX_KERNEL_DEFCONFIG="sama5"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="at91-sama5d27_som1_ek"
@@ -71,12 +71,12 @@ BR2_TARGET_ROOTFS_EXT2_4=y
BR2_TARGET_ROOTFS_EXT2_SIZE="120M"
BR2_TARGET_AT91BOOTSTRAP3=y
BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_TARBALL=y
BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,at91bootstrap,v3.9.2)/at91bootstrap3-v3.9.2.tar.gz"
BR2_TARGET_AT91BOOTSTRAP3_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,at91bootstrap,v3.9.0)/at91bootstrap3-v3.9.0.tar.gz"
BR2_TARGET_AT91BOOTSTRAP3_DEFCONFIG="sama5d27_som1_eksd_uboot"
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_TARBALL=y
BR2_TARGET_UBOOT_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,u-boot-at91,linux4sam-2020.04)/u-boot-at91-linux4sam-2020.04.tar.gz"
BR2_TARGET_UBOOT_CUSTOM_TARBALL_LOCATION="$(call github,linux4sam,u-boot-at91,linux4sam_6.2)/u-boot-at91-linux4sam_6.2.tar.gz"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="sama5d27_som1_ek_mmc"
BR2_TARGET_UBOOT_NEEDS_DTC=y
BR2_PACKAGE_HOST_DOSFSTOOLS=y
-30
View File
@@ -1,30 +0,0 @@
BR2_arm=y
BR2_cortex_a7=y
BR2_ARM_FPU_NEON_VFPV4=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_6=y
BR2_TARGET_GENERIC_ISSUE="Welcome to Buildroot for the Bananapi M2 Zero"
BR2_ROOTFS_POST_IMAGE_SCRIPT="support/scripts/genimage.sh"
BR2_ROOTFS_POST_SCRIPT_ARGS="-c board/bananapi/bananapi-m2-zero/genimage.cfg"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.6.7"
BR2_LINUX_KERNEL_DEFCONFIG="sunxi"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="sun8i-h2-plus-bananapi-m2-zero"
BR2_TARGET_ROOTFS_EXT2=y
BR2_TARGET_ROOTFS_EXT2_4=y
# BR2_TARGET_ROOTFS_TAR is not set
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BOARDNAME="bananapi_m2_zero"
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
BR2_TARGET_UBOOT_NEEDS_DTC=y
BR2_TARGET_UBOOT_NEEDS_PYTHON3=y
BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM=y
BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot-sunxi-with-spl.bin"
BR2_TARGET_UBOOT_BOOT_SCRIPT=y
BR2_TARGET_UBOOT_BOOT_SCRIPT_SOURCE="board/bananapi/bananapi-m2-zero/boot.cmd"
BR2_PACKAGE_HOST_DOSFSTOOLS=y
BR2_PACKAGE_HOST_GENIMAGE=y
BR2_PACKAGE_HOST_MTOOLS=y
+1 -1
View File
@@ -17,7 +17,7 @@ BR2_TARGET_ROOTFS_EXT2_4=y
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2019.07"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="am335x_evm"
BR2_TARGET_UBOOT_NEEDS_DTC=y
# BR2_TARGET_UBOOT_FORMAT_BIN is not set
+1 -1
View File
@@ -34,7 +34,7 @@ BR2_TARGET_ROOTFS_EXT2_SIZE="250M"
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2019.07"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="am335x_evm"
BR2_TARGET_UBOOT_NEEDS_DTC=y
# BR2_TARGET_UBOOT_FORMAT_BIN is not set
+11 -8
View File
@@ -2,8 +2,9 @@
BR2_mipsel=y
BR2_mips_xburst=y
# BR2_MIPS_SOFT_FLOAT is not set
BR2_KERNEL_HEADERS_AS_KERNEL=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_4=y
# Linux headers same as kernel, a 3.18 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_3_18=y
# system
BR2_TARGET_GENERIC_GETTY_PORT="ttyS4"
@@ -14,17 +15,19 @@ BR2_ROOTFS_POST_SCRIPT_ARGS="-c board/ci20/genimage.cfg"
# kernel
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.4.58"
BR2_LINUX_KERNEL_CUSTOM_TARBALL=y
BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION="$(call github,MIPS,CI20_linux,7dff33297116643485ca37141d804eddd793e834)/linux-7dff33297116643485ca37141d804eddd793e834.tar.gz"
BR2_LINUX_KERNEL_DEFCONFIG="ci20"
BR2_LINUX_KERNEL_INSTALL_TARGET=y
# u-boot
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.07"
BR2_TARGET_UBOOT_BOARD_DEFCONFIG="ci20_mmc"
BR2_TARGET_UBOOT_BUILD_SYSTEM_LEGACY=y
BR2_TARGET_UBOOT_BOARDNAME="ci20_mmc"
BR2_TARGET_UBOOT_CUSTOM_GIT=y
BR2_TARGET_UBOOT_CUSTOM_REPO_URL="https://github.com/MIPS/CI20_u-boot"
BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION="dd3c1b95dac7d10b2ca5806f65e5c1050d7dd0fa"
BR2_TARGET_UBOOT_PATCH="board/ci20/patches/uboot"
BR2_TARGET_UBOOT_FORMAT_IMG=y
BR2_TARGET_UBOOT_SPL=y
BR2_TARGET_UBOOT_SPL_NAME="spl/u-boot-spl.bin"
+4 -4
View File
@@ -2,8 +2,8 @@
BR2_arm=y
BR2_arm926t=y
# Linux headers same as kernel, a 5.4 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_4=y
# Linux headers same as kernel, a 5.3 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_3=y
# system
BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
@@ -11,7 +11,7 @@ BR2_TARGET_GENERIC_GETTY_PORT="ttyAMA0"
# kernel
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.4.42"
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="5.3.8"
BR2_LINUX_KERNEL_DEFCONFIG="mxs"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="imx28-evk"
@@ -20,7 +20,7 @@ BR2_LINUX_KERNEL_INTREE_DTS_NAME="imx28-evk"
BR2_TARGET_UBOOT=y
BR2_TARGET_UBOOT_BOARDNAME="mx28evk"
BR2_TARGET_UBOOT_CUSTOM_VERSION=y
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2020.04"
BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2019.10"
BR2_TARGET_UBOOT_FORMAT_SD=y
# Filesystem
+4 -4
View File
@@ -8,8 +8,8 @@ BR2_ARM_FPU_VFPV3=y
# patches
BR2_GLOBAL_PATCH_DIR="board/freescale/imx6sabre/patches"
# Linux headers same as kernel, a 5.4 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_5_4=y
# Linux headers same as kernel, a 4.19 series
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_19=y
# system
BR2_TARGET_GENERIC_GETTY_PORT="ttymxc3"
@@ -18,7 +18,7 @@ BR2_TARGET_GENERIC_GETTY_PORT="ttymxc3"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_GIT=y
BR2_LINUX_KERNEL_CUSTOM_REPO_URL="https://source.codeaurora.org/external/imx/linux-imx.git"
BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION="rel_imx_5.4.24_2.1.0"
BR2_LINUX_KERNEL_CUSTOM_REPO_VERSION="rel_imx_4.19.35_1.1.0"
BR2_LINUX_KERNEL_DEFCONFIG="imx_v7"
BR2_LINUX_KERNEL_DTS_SUPPORT=y
BR2_LINUX_KERNEL_INTREE_DTS_NAME="imx6dl-sabreauto"
@@ -40,5 +40,5 @@ BR2_TARGET_UBOOT_BOARDNAME="mx6dlsabreauto"
BR2_TARGET_UBOOT_FORMAT_IMX=y
BR2_TARGET_UBOOT_CUSTOM_GIT=y
BR2_TARGET_UBOOT_CUSTOM_REPO_URL="https://source.codeaurora.org/external/imx/uboot-imx.git"
BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION="rel_imx_5.4.24_2.1.0"
BR2_TARGET_UBOOT_CUSTOM_REPO_VERSION="rel_imx_4.19.35_1.1.0"
BR2_TARGET_UBOOT_NEEDS_DTC=y

Some files were not shown because too many files have changed in this diff Show More