go1.19.7 (released 2023-03-07) includes a security fix to the
crypto/elliptic package, as well as bug fixes to the linker, the runtime,
and the crypto/x509 and syscall packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without threads raised since bump to
version 22.11 in commit 6f848c068f:
In file included from /home/buildroot/autobuild/instance-3/output-1/build/rtl_433-22.11/src/data_tag.c:17:
/home/buildroot/autobuild/instance-3/output-1/build/rtl_433-22.11/include/mongoose.h:407:10: fatal error: pthread.h: No such file or directory
407 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9f1677fc5a4568be0b9c121060c5d821ac2ae21b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ace needs FileHandle module:
Can't locate FileHandle.pm in @INC (you may need to install the FileHandle module) (@INC contains: /home/buildroot/autobuild/instance-0/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /home/buildroot/autobuild/instance-0/output-1/build/ace-7.0.6/MPC/prj_install.pl line 17.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance-0/output-1/build/ace-7.0.6/MPC/prj_install.pl line 17.
Fixes:
- http://autobuild.buildroot.org/results/9dee7c09fd7b41d276df0285a0f3dcae1a71f041
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
rdma-core unconditionally uses pthread_spin_lock since its addition in
commit ea47e177f0 resulting in the
following build failure:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/sh4-buildroot-linux-uclibc/12.2.0/../../../../sh4-buildroot-linux-uclibc/bin/ld: CMakeFiles/hfi1verbs-rdmav34.dir/verbs.c.o: in function `post_recv':
verbs.c:(.text+0xc4): undefined reference to `pthread_spin_lock'
Fixes:
- http://autobuild.buildroot.org/results/a943e03b79c4cc328b7712046ecff09706045f81
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libbpf >1.0.0 defines libbpf_bpf_link_type_str(enum bpf_link_type) in
src/libbpf.h, which is included by host-pahole.
bpf_link_type is defined in linux/bpf.h, therefore the comment stating
that pahole doesn't need bpf.h is no longer valid.
The original reason to remove bpf.h has been solved with the previous
commit: the linux build will prefer the internal bpf.h over the one in
HOST_DIR (or in /usr/include). So we can safely keep bpf.h.
Fixes:
- http://autobuild.buildroot.net/results/d126a4b6eca786402dc362c86f8df3addec3d217/
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
A package might install headers that are incompatible with the kernel's
header. One example is the most recent version of pahole (1.24).
HOST_CC includes -I$(HOST_DIR)/include which comes before any include
logic the kernel might have thus forcing the kernel to prefer headers in
HOST_DIR.
The logic to substituting -I with -isystem is taken from
boot/uboot/uboot.mk.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Reviewed-by: Francis Laniel <flaniel@linux.microsoft.com>
Tested-by: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is the version needed for gtkmm3.
Note that 2.28 is indeed the latest version before 2.36. They skipped
versions 2.30, 2.32 and 2.34.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
- fix gettext version mismatch in case of BR2_SYSTEM_ENABLE_NLS and
BR2_PACKAGE_PROVIDES_HOST_GETTEXT="host-gettext-gnu" by setting
SPEECHD_GETTEXTIZE
Fixes:
- http://autobuild.buildroot.net/results/283333290c5adb48d0c6e592b3261992537f92d3
Making all in po
*** error: gettext infrastructure mismatch: using a Makefile.in.in from gettext version 0.19 but the autoconf macros are from gettext version 0.20
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The seccomp and apparmor build tags have been removed in 23.0.0. Don't
use those buildtags anymore.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Header-only option raises the following build failure with gerbera since
commit cc3a4a7b1d:
/home/thomas/autobuild/instance-2/output-1/host/lib/gcc/nios2-buildroot-linux-gnu/10.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: CMakeFiles/gerbera.dir/src/main.cc.o: in function `ConfigGenerator::~ConfigGenerator()':
/home/thomas/autobuild/instance-2/output-1/build/gerbera-1.10.0/src/config/config_generator.h:33: undefined reference to `pugi::xml_document::~xml_document()'
This build failure can't be fixed by adding a
!BR2_PACKAGE_PUGIXML_HEADER_ONLY dependency as it will create the
following recursive dependency:
package/gerbera/Config.in:1:error: recursive dependency detected!
package/gerbera/Config.in:1: symbol BR2_PACKAGE_GERBERA depends on BR2_PACKAGE_PUGIXML_HEADER_ONLY
package/pugixml/Config.in:42: symbol BR2_PACKAGE_PUGIXML_HEADER_ONLY depends on BR2_PACKAGE_PUGIXML
package/pugixml/Config.in:1: symbol BR2_PACKAGE_PUGIXML is selected by BR2_PACKAGE_GERBERA
Moreover, commit 48b2e50eb8 stated that
"Compact and header-only modes are not strictly needed for our use case,
but we did the work anyway and may be useful for someone else."
So dropping header-only seems to be the right approach
Fixes:
- http://autobuild.buildroot.org/results/800537a1ef5f48d24c20aad7a9c96c56dfdc77f5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
proftpd doesn't build statically because it does not use pkg-config to
retrieve its dependencies since its addition in commit
5d173ec412:
/tmp/instance-13/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: /tmp/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/lib/libidn2.a(libunistring_la-striconveh.o): in function `iconv_carefully_1':
buildroot/build/libidn2-2.3.4/unistring/striconveh.c:233: undefined reference to `libiconv'
[...]
/tmp/instance-5/output-1/host/lib/gcc/arceb-buildroot-linux-uclibc/10.2.0/../../../../arceb-buildroot-linux-uclibc/bin/ld: /tmp/instance-5/output-1/host/arceb-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(bio_lib.o): in function `BIO_free':
bio_lib.c:(.text+0x3f2): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/09f3f37b63dc68d31b18816b818df86fa3be095c
- http://autobuild.buildroot.org/results/2aba5297206e44dc086c3138ace70e85739196f3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the target-finalize-hook for bash was added in commit
311c9eebc4 in order to write bash into
/etc/shells, it was done at the same time as for package/mksh and it was
incorrectly copied and MKSH still appeared in the name of the hook.
The hook is now correctly named BASH_ADD_BASH_TO_SHELLS
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit c6b9cd9a11 added a symlink to qemu-system
as a post install hook. However, it does not check if qemu-system is actually
enabled with BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE.
Add the check to make sure we only create the symlink if that is enabled.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following openssl static build failure with -latomic raised
since bump to version 8.1.0 in commit
7e608885a2:
/home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-8/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_cert.o): in function `ssl_cert_free':
ssl_cert.c:(.text+0x53c): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/f606bb15bf4f88ba29ef0795413e13acc9cd0976
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since the addition of the package
in commit 2a636d1521:
sed -i 's,[^ *]power_prep.*;,\tpower_prep="/home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/power_prep/power_prep";,' /home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/
sed: couldn't edit /home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/: not a regular file
Fixes:
- http://autobuild.buildroot.org/results/b4b26f6b02fd1991f46eba5db240e5050b96d333
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
At the moment module is build but not installed to target/. To fix this
let's bump package to 2023-02-18 version on master branch to fix module
installation.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
pcm-tools needs NPTL since its addition in commit
60eb2cec80:
cpucounters.cpp: In constructor 'pcm::TemporalThreadAffinity::TemporalThreadAffinity(pcm::uint32, bool)':
cpucounters.cpp:252:9: error: 'pthread_getaffinity_np' was not declared in this scope; did you mean 'sched_getaffinity'?
252 | pthread_getaffinity_np(pthread_self(), set_size, old_affinity);
| ^~~~~~~~~~~~~~~~~~~~~~
| sched_getaffinity
Fixes:
- http://autobuild.buildroot.org/results/8bbf9c36af332bbf5e7c1abcbb594a0b231ef97e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a
heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted
TIFF image.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A flaw was found in all released versions of m2crypto, where they are
vulnerable to Bleichenbacher timing attacks in the RSA decryption API
via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest
threat from this vulnerability is to confidentiality.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without NPTL raised since the addition
of the package in commit 1e64fa2956:
/tmp/instance-7/output-1/build/gdal-3.5.2/port/cpl_multiproc.cpp: In function 'CPLSpinLock* CPLCreateSpinLock()':
/tmp/instance-7/output-1/build/gdal-3.5.2/port/cpl_multiproc.cpp:2265:9: error: 'pthread_spin_init' was not declared in this scope; did you mean 'pthread_cond_init'?
2265 | pthread_spin_init(&(psSpin->spin), PTHREAD_PROCESS_PRIVATE) == 0 )
| ^~~~~~~~~~~~~~~~~
| pthread_cond_init
Fixes:
- http://autobuild.buildroot.org/results/aa2a88990a07e551c40efb0c2180768add600c4f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
uccp420wlan is not maintained anymore (no commit since 2017) and fails
to build with any "recent" kernel (e.g. >= 4.7 which includes
https://github.com/torvalds/linux/commit/57fbcce37be7c1d2622b56587c10ade00e96afa3
or
https://github.com/torvalds/linux/commit/8552a434b6a05cc38006733afe6a239ad4d600a2):
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/tx.c: In function ‘uccp420wlan_tx_free_buff_req’:
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/tx.c:1142:49: error: ‘IEEE80211_BAND_2GHZ’ undeclared (first use in this function); did you mean ‘IEEE80211_CHAN_2GHZ’?
1142 | if (ets_band == IEEE80211_BAND_2GHZ)
| ^~~~~~~~~~~~~~~~~~~
| IEEE80211_CHAN_2GHZ
[...]
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/core.c:428:29: error: implicit declaration of function ‘ieee80211_csa_is_complete’; did you mean ‘ieee80211_scan_completed’? [-Werror=implicit-function-declaration]
428 | if (ieee80211_csa_is_complete(uvif->vif))
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| ieee80211_scan_completed
Fixes:
- http://autobuild.buildroot.org/results/7cd7151e390b8f7a0df3e647fe4cd5d6319a830b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following libressl build failure which is probably raised since
the addition of the package in commit
65d891efc2:
../src/server/listener.cc: In member function 'void Pistache::Tcp::Listener::setupSSLAuth(const std::string&, const std::string&, int (*)(int, void*))':
../src/server/listener.cc:582:29: error: 'SSL_verify_cb' was not declared in this scope; did you mean 'RSA_verify'?
582 | (SSL_verify_cb)cb
| ^~~~~~~~~~~~~
| RSA_verify
Fixes:
- http://autobuild.buildroot.org/results/066fc078980e5216f38411eee455088e15fa1101
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump to version 0.10.2 in
commit 58cc3977e8:
In file included from /home/thomas/autobuild/instance-3/output-1/per-package/lirc-tools/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/include/python3.11/Python.h:38,
from lirc/_client.c:1:
/home/thomas/autobuild/instance-3/output-1/per-package/lirc-tools/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/include/python3.11/pyport.h:601:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
601 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/85359d3f678b49e46821a1c10da5f14edfb5e6d0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with sigrok-cli and python > 3.10:
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mips64-buildroot-linux-gnu/11.3.0/../../../../mips64-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/bin/../mips64-buildroot-linux-gnu/sysroot/usr/lib/libsigrokdecode.so: undefined reference to `PyTuple_SetItem'
Fixes:
- http://autobuild.buildroot.org/results/435ad19597a1e216a7974bc9ccaf17064d1eccea
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Arm and aarch64 packages don't contain examples anymore so drop the
config option to install them to prevent build failure when selected:
>>> imx-gpu-g2d 6.4.3.p4.4-arm Installing to target
mkdir -p /home/sszy/br-test-pkg/bootlin-armv7-glibc/target/usr/share/examples/
cp -a /home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/gpu-demos/opt/* /home/sszy/br-test-pkg/bootlin-armv7-glibc/target/usr/share/examples/
cp: cannot stat '/home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/gpu-demos/opt/*': No such file or directory
make: *** [package/pkg-generic.mk:384: /home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/.stamp_target_installed] Error 1
Fixes: b84557b588 ("package/freescale-imx/imx-gpu-g2d: bump version to 6.4.3.p4.4")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
host-pkgconf is mandatory to find lz4 and zstd resulting in the
following build failure since commit
9cd2e6e090:
configure: error: in `/home/autobuild/autobuild/instance-5/output-1/build/postgresql-15.2':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
Alternatively, you may set the environment variables LZ4_CFLAGS
and LZ4_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
Fixes:
- http://autobuild.buildroot.org/results/8744277ebe9910635ef8fe290c8ba4eee420b538
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CPE ID is wrong since the addition of the package in commit
27b8d0ba8c, the correct CPE ID is
cpe:2.3:a:ntpsec:ntpsec:1.2.2:*:*:*:*:*:*:*, not
cpe:2.3:a:ntpsec:ntpsec:1.2:2:*:*:*:*:*:*
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl >= 3.5.0 raised since bump
to version 3.5.2 in commit 8b216927db:
tls.c:113:17: error: static declaration of 'OPENSSL_cleanup' follows non-static declaration
113 | static void OPENSSL_cleanup(void)
| ^~~~~~~~~~~~~~~
In file included from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/bio.h:69,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/evp.h:67,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/hmac.h:67,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/ssl.h:150,
from ../../../include/zbxcomms.h:65,
from tls.c:20:
/home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/crypto.h:565:6: note: previous declaration of 'OPENSSL_cleanup' with type 'void(void)'
565 | void OPENSSL_cleanup(void);
| ^~~~~~~~~~~~~~~
In file included from tls.c:20:
tls.c: In function 'zbx_log_ciphersuites':
../../../include/zbxcomms.h:222:75: error: invalid use of incomplete typedef 'SSL_CTX' {aka 'struct ssl_ctx_st'}
222 | # define SSL_CTX_get_ciphers(ciphers) ((ciphers)->cipher_list)
| ^~
tls.c:1415:31: note: in expansion of macro 'SSL_CTX_get_ciphers'
1415 | cipher_list = SSL_CTX_get_ciphers(ciphers);
| ^~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/acdfcb17b39d438ccf5e4621707a10f60577d233
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SAE, unlike OWE or DPP, does not explicitly enable support for sha384
hash functions. Possible WPA3 build issue is masked, since all three
SAE/OWE/DPP are included. However, there exist other configurations
that enable only SAE. For instance, one such build configuration is
wpa_supplicant AP mode with mesh support.
This change adds upstream patch that includes sha384 and sha256 hash
functions to builds with SAE support.
Fixes: http://autobuild.buildroot.net/results/f349130985870f4a781cca56c3f551108f81aa3e/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix typo added by commit 917a961d9c
resulting in the following build failure:
-- Checking for module 'uuid'
-- Package 'uuid', required by 'virtual:world', not found
CMake Error at /tmp/instance-5/output-1/per-package/optee-client/host/share/cmake-3.22/Modules/FindPkgConfig.cmake:603 (message):
A required package was not found
Call Stack (most recent call first):
/tmp/instance-5/output-1/per-package/optee-client/host/share/cmake-3.22/Modules/FindPkgConfig.cmake:825 (_pkg_check_modules_internal)
CMakeLists.txt:43 (pkg_check_modules)
Fixes:
- http://autobuild.buildroot.org/results/e1c6b5c9e841a003037045b2ff7afd9836e7c640
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following uclibc build failure raised since bump to version
3.19.0 in commit 917a961d9c:
/tmp/instance-5/output-1/build/optee-client-3.19.0/libteeacl/src/group.c: In function 'teeacl_user_is_member_of':
/tmp/instance-5/output-1/build/optee-client-3.19.0/libteeacl/src/group.c:75:12: error: implicit declaration of function 'reallocarray' [-Werror=implicit-function-declaration]
75 | groups = reallocarray(groups, grouplistsize, sizeof(gid_t));
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/03eba71ab9b87676f2606ecf2a9b5a151fc396bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with sparc raised since bump to version
1.9.11p2 in commit 9b7f8da96b and
https://github.com/sudo-project/sudo/commit/9fbbca7b7a4cc60a8aa27d73de54278004a704c0:
hecking for X509_STORE_CTX_get0_cert
configure:21215: /home/thomas/autobuild/instance-3/output-1/host/bin/sparc-buildroot-linux-uclibc-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -static -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DZLIB_CONST -static conftest.c -L/home/thomas/autobuild/instance-3/output-1/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib -lssl -lz -pthread -latomic -lcrypto >&5
/home/thomas/autobuild/instance-3/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/thomas/autobuild/instance-3/output-1/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(x509cset.o): in function `X509_CRL_up_ref':
x509cset.c:(.text+0x108): undefined reference to `__atomic_fetch_add_4'
[...]
In file included from ./hostcheck.c:38:
../../include/sudo_compat.h:342:41: error: conflicting types for 'ASN1_STRING_data'
342 | # define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
| ^~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/8be59dd94e4916f9457cb435104e36e62a28373b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure when OPENSBI_PLAT is empty raised since
commit 9b5b7165de:
/usr/bin/install -m 0644 -D /nvmedata/autobuild/instance-4/output-1/build/opensbi-0.9/build/platform//firmware/fw_jump.bin /nvmedata/autobuild/instance-4/output-1/images/fw_jump.bin
/usr/bin/install: cannot stat '/nvmedata/autobuild/instance-4/output-1/build/opensbi-0.9/build/platform//firmware/fw_jump.bin': No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/8033327f090e4a3d84a7fce1f62b14fdf89dbd89
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 35266e84043f880d7591e52b71a8c5b8d0e4717d, libcamera-apps
does enable LIBAV by default which depends on libdrm and ffpmeg.
Fixes:
- http://autobuild.buildroot.net/results/548f2a3b353ce4693fb60d7fb1e06e02af22991c/
/home/buildroot/autobuild/run/instance-1/output-1/build/libcamera-apps-1.1.1/encoder/libav_encoder.cpp:13:10: fatal error: libdrm/drm_fourcc.h: No such file or directory
13 | #include <libdrm/drm_fourcc.h>
| ^~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl raised since bump to
version 2.10.0 in commit 03bab7117d:
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c: In function 'crypto_cert_get_signature_alg':
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c:980:8: error: 'NID_sha3_224' undeclared (first use in this function)
case NID_sha3_224:
^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/e96848576ac292799636abe7485c37aa54196a2c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With change 6b7d47be3b23 ("multipath-tools: Makefiles: simplify code for
include dirs") the Makefile variable 'LINUX_HEADERS_INCDIR' has been replaced
with 'kernel_incdir'.
fpin_handlers.c:355:32: note: each undeclared identifier is reported only once for each function it appears in
fpin_handlers.c:360:37: error: ‘ELS_DTAG_LNK_INTEGRITY’ undeclared (first use in this function)
360 | if (dtag == ELS_DTAG_LNK_INTEGRITY) {
| ^~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [../Makefile.inc:116: fpin_handlers.o] Error 1
Fixes:
http://autobuild.buildroot.net/results/e0f56ef924c13d6b1535fdc350ad8ecc06ea0a58
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit dedbc69022 was incomplete resuling
in the following build failure since the addition of the package in
commit 6a0f7c39bc:
-- Check for working CXX compiler: /usr/bin/c++ - broken
CMake Error at /home/autobuild/autobuild/instance-15/output-1/per-package/fluent-bit/host/share/cmake-3.22/Modules/CMakeTestCXXCompiler.cmake:62 (message):
The C++ compiler
"/usr/bin/c++"
is not able to compile a simple test program.
It fails with the following output:
Change Dir: /home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp
Run Build Command(s):/home/autobuild/make/make -f Makefile cmTC_bfb29/fast && make[1]: Entering directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
/home/autobuild/make/make -f CMakeFiles/cmTC_bfb29.dir/build.make CMakeFiles/cmTC_bfb29.dir/build
make[2]: Entering directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
Building CXX object CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o
/usr/bin/c++ --sysroot=/home/autobuild/autobuild/instance-15/output-1/per-package/fluent-bit/host/xtensa-buildroot-linux-uclibc/sysroot -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -mlongcalls -mauto-litpools -O2 -g0 -fcommon -U_FILE_OFFSET_BITS -g -fPIE -o CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o -c /home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp/testCXXCompiler.cxx
c++: error: unrecognized command-line option '-mlongcalls'
c++: error: unrecognized command-line option '-mauto-litpools'
make[2]: *** [CMakeFiles/cmTC_bfb29.dir/build.make:78: CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o] Error 1
make[2]: Leaving directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
make[1]: *** [Makefile:127: cmTC_bfb29/fast] Error 2
make[1]: Leaving directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
CMake will not be able to correctly generate this project.
Call Stack (most recent call first):
lib/msgpack-c/CMakeLists.txt:2 (project)
While at it, add missing comment about C++ dependency for wasm
Fixes:
- http://autobuild.buildroot.org/results/4b0f90d79d6dbbf976acf1da839260b0ee94ddda
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9fc652a373 was incomplete as
mbedtls can be pulled in libcurl through libssh2 resulting in the
following build failure:
/home/autobuild/autobuild/instance-4/output-1/host/lib/gcc/powerpc64le-buildroot-linux-musl/11.3.0/../../../../powerpc64le-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-4/output-1/host/powerpc64le-buildroot-linux-musl/sysroot/usr/lib//libmbedcrypto.a(md5.c.o): in function `mbedtls_md5_init':
md5.c:(.text+0x0): multiple definition of `mbedtls_md5_init'; ../../src/.libs/libmodsecurity.a(libmbedtls_la-md5.o):md5.c:(.text+0x0): first defined here
Fixes:
- http://autobuild.buildroot.org/results/4c235e46188f23d1a48297f4e5942cec7b25959a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PostgreSQL has optional compression support (LZ4 and Zstandard).
So enable it if libraries are available.
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building network-manager in cross-compile environment pkg-config returns
the wrong path to the mobile-broadband-provider-info database.
By adding the option 'mobile_broadband_provider_info_database' to set the
correct path to the datafile this can be solved.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
tmux uses custom --enable-static option to drive whether a static link
should be attempted, which is not what the standard libtool directive
is about and that we pass in our autotools-package infra.
This results in the following build failure with systemd or utf8proc
raised since commits 1f618aa388 and
e279599d25:
checking for utf8proc.h... yes
checking for library containing utf8proc_charwidth... no
configure: error: "utf8proc not found"
In file included from tmux.h:34,
from alerts.c:23:
compat.h:379:18: error: conflicting types for 'forkpty'; have 'pid_t(int *, char *, struct termios *, struct winsize *)' {aka 'int(int *, char *, struct termios *, struct winsize *)'}
379 | pid_t forkpty(int *, char *, struct termios *, struct winsize *);
| ^~~~~~~
Link to (closed) upstream issue:
https://github.com/tmux/tmux/issues/3290
Fixes:
- http://autobuild.buildroot.org/results/6e8523d8d514bf6d8fc3377d05e5edbe7fc2d5bb
- http://autobuild.buildroot.org/results/cba06f3bb6d9be25e91f56c390a70ddf9904832e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since bump of nginx to version
1.22.1 in commit 722b84eafa:
/home/buildroot/autobuild/run/instance-2/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_process_basic_rule_buffer':
/home/buildroot/autobuild/run/instance-2/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:205:61: error: invalid use of incomplete typedef 'ngx_regex_t' {aka 'struct pcre2_real_code_8'}
205 | (tmp_idx < len && (match = pcre_exec(rl->br->rx->regex->code,
| ^~
Fixes:
- http://autobuild.buildroot.org/results/7fff888bd36710e2d2f5bb39a38597e8c04305ce
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Building with libjpeg will raise the following build failure on some
architectures since the addition of the package in commit
e648d399d8:
/tmp/instance-14/output-1/build/libjxl-0.7.0/lib/extras/enc/jpg.cc: In function 'jxl::Status jxl::extras::{anonymous}::EncodeWithLibJpeg(const jxl::extras::PackedImage&, const JxlBasicInfo&, const std::vector<unsigned char>&, std::vector<unsigned char>, size_t, const string&, std::vector<unsigned char>*)':
/tmp/instance-14/output-1/build/libjxl-0.7.0/lib/extras/enc/jpg.cc:126:34: error: invalid conversion from 'long unsigned int*' to 'size_t*' {aka 'unsigned int*'} [-fpermissive]
126 | jpeg_mem_dest(&cinfo, &buffer, &size);
| ^~~~~
| |
| long unsigned int*
Upstream advocates to use jpeg-turbo:
https://github.com/libjxl/libjxl/issues/1802
Fixes:
- http://autobuild.buildroot.org/results/9a2a7c6072876f2562609bf98f32a1ce93631a75
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replace patch added by commit 9525bc7e64
as current patch is not correct, build failures are still raised by
uclibc-ng with libiconv on fwup/gvfs/...:
configure: error: Requires libarchive. Libarchive must be built with zlib support.
[...]
Run-time dependency libarchive found: NO (tried cmake)
../output-1/build/gvfs-1.48.1/meson.build:405:2: ERROR: Dependency lookup for libarchive with method 'pkgconfig' failed: Could not generate cargs for libarchive:
Package iconv was not found in the pkg-config search path.
Perhaps you should add the directory containing `iconv.pc'
to the PKG_CONFIG_PATH environment variable
Package 'iconv', required by 'libarchive', not found
Fixes:
- http://autobuild.buildroot.org/results/05a5496495e51da2c9caf7570695cc95e1745e30
- http://autobuild.buildroot.org/results/98dc4b415115cca65b53e4cd986144ef85bf17ad
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
rockchip-mali pre-built libraries needs C++ since the addition of the
package in commit 97c74a73e5:
readelf -a output/build/rockchip-mali-721653b5b3b525a4f80d15aa7e2f9df7b7e60427/lib/aarch64-linux-gnu/libmali-bifrost-g31-rxp0-gbm.so|grep NEEDED
0x0000000000000001 (NEEDED) Shared library: [libpthread.so.0]
0x0000000000000001 (NEEDED) Shared library: [libdl.so.2]
0x0000000000000001 (NEEDED) Shared library: [librt.so.1]
0x0000000000000001 (NEEDED) Shared library: [libdrm.so.2]
0x0000000000000001 (NEEDED) Shared library: [libm.so.6]
0x0000000000000001 (NEEDED) Shared library: [libstdc++.so.6]
0x0000000000000001 (NEEDED) Shared library: [libgcc_s.so.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
While at it, add a comment when dependencies are not met
Fixes:
- No autobuilder failures (yet), found when debugging an issue with
rockchip-mali and glslsandbox-player
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
wayland-protocols is an optional dependency which is enabled by default
resulting in the following wayland build failure since the addition of
the package in commit f201ca9d0d:
checking for wayland_client... yes
checking for wayland_egl... yes
configure: Wayland EGL support enabled
checking for wayland_protocols... no
configure: error: Package requirements (wayland-protocols >= 1.12) were not met:
Package 'wayland-protocols', required by 'virtual:world', not found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables wayland_protocols_CFLAGS
and wayland_protocols_LIBS to avoid the need to call pkg-config.
Fixes:
- http://autobuild.buildroot.org/results/865af860f9e52fe5311bb0c6a246ff871ae5a989
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-23931: cryptography is a package designed to expose
cryptographic primitives and recipes to Python developers. In affected
versions `Cipher.update_into` would accept Python objects which
implement the buffer protocol, but provide only immutable buffers. This
would allow immutable objects (such as `bytes`) to be mutated, thus
violating fundamental rules of Python and resulting in corrupted output.
This now correctly raises an exception. This issue has been present
since `update_into` was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6rhttps://cryptography.io/en/latest/changelog/#v39-0-1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In GNU Less before 609, crafted data can result in "less -R" not
filtering ANSI escape sequences sent to the terminal.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Shyam's email address at Savoir Faire Linux is bouncing, so drop they
from the DEVELOPERS file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gnupg2 uses the libgpg-error library. The libgpg-error library has a
long plan to be renamed to "gpgrt" (see [1]). For the transition, it
provides two configuration scripts "gpg-error-config" (the old,
original one, kept for compatibility) and "gpgrt-config" (which is
meant to be the replacement). When both are detected, "gpgrt-config"
should be preferred.
gnupg2 configure script searches for "gpg-error-config" in the path
provided to --with-libgpg-error-prefix=PFX (more specifically, in
"PFX/bin").
The logic to find "gpgrt-config" is different: it is searched in
paths "$prefix/bin:$PATH". See [2]. On Buildroot, autotools target
packages are configured with "--prefix=/usr", which makes the
configure script to search in the host "/usr/bin".
In some host environment providing such a "/usr/bin/gpgrt-config"
script of an older version, host compilation flags are incorrectly
added for the target, which leads to compilation failures.
The issue can be reproduced in a Buildroot Docker image from [3] in
which the libgpg-error-dev package is added. When tested, the
libgpg-error-dev package was at version 1.38.
In that configuration, gnupg2 configure will output the message:
checking for gpgrt-config... /usr/bin/gpgrt-config
and the compilation fails with a message:
aarch64-buildroot-linux-gnu-gcc: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include'
Note: it was observed that in some other configurations in which the
host /usr/bin/gpgrt-config was from libgpg-error version 1.46, the
host script was redirecting correctly in the buildroot sysroot.
Since gnupg2 searches for "gpgrt-config" with a
"AC_PATH_PROG(GPGRT_CONFIG, ...)" macro, this patch fixes this
issue by simply forcing the script path in the GPGRT_CONFIG
environment variable.
See also [4] which discussed the "gpgrt-config" search logic.
Fixes:
- http://autobuild.buildroot.net/results/423c3ce7317c181e9f2e4a49b76ee9d26167375c/
(and many others)
[1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=README;h=e0b9f16445a96942af0839bcdb9a0b0f8cf31380;hb=885a287a57cf060b4c5b441822c09d23b8dee2bd#l29
[2] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=m4/gpg-error.m4;h=a975e53d07d1b743f51d8aa1767cd8e0d71b4071;hb=c0556edb80518720b0d884251685fe008c8f0429#l68
[3] https://git.buildroot.org/buildroot/tree/support/docker/Dockerfile?id=b6085c00d0feece6f3ba635e7847ea653bc5fac3
[4] https://dev.gnupg.org/T5365
Reported-by: Bagas Sanjaya <bagasdotme@gmail.com>
Tested-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new option enables the XWayland support, so X11 application can be
running on a wlroots based compositor. Also, do not enable the XWayland
support if the X11 backend is active, as it is unrelated to it.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If the XWayland support is enabled then build the corresponding XServer.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
XServer to run X clients under wayland
This XServer is required to run the X clients under Wayland compositor,
for example weston or wlroots based compositors.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with libexecinfo raised since commit
d649bcd380:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/mips-buildroot-linux-musl/10.4.0/../../../../mips-buildroot-linux-musl/bin/ld: ../lib/monkey/library/libmonkey.a(mk_utils.c.o): in function `mk_utils_stacktrace':
mk_utils.c:(.text+0x1578): undefined reference to `backtrace'
Fixes:
- http://autobuild.buildroot.org/results/63a6ba9104dfddbd7f6a7debadc0c6ef6e3a21f5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add libexecinfo optional dependency as upstream rejected the patch to
add --with-execinfo=no
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
dmalloc directly calls into $(LD) to generate a shared library our of
the static one.
To detect what command it should run, ./configure tries various
incantations of ld with various command line options until one does not
fail. One of those is (basically):
$(LD) --whole-archive -o contest.o.t contest.a
This makes ./configure conclude what the command to link a shared
library in the Makefile should be, and thus stores that in a variable:
shlinkargs='$(LD) --whole-archive -o $@'
... which is then AC_SUBST()ed into Makefile.in with a rule like:
$(SHLIB): $(LIBRARY)
@shlinkargs@ $(LIRARY)
which once substiuted, gives:
$(SHLIB): $(LIBRARY)
$(LD) --whole-archive -o $@ $(LIRARY)
However, when SSP is enabled, the __stack_chk_fail_local and co symbols
are provided by additional libraries or object files, and that is the
responsibility of gcc to pass those when linking. But as dmalloc
directly calls ld, it misses those.
Changing dmalloc to use $(CC) is not trivial, however.
First, we can't pass LD=$(TARGET_CC), otherwise the whole package
explodes [0]: indeed --whole-archive is unknown to gcc, so it must be
passed as -Wl,--whole archive instead. So we'd need to add a new test
that uses $(CC), like so:
$(CC) -Wl,--whole-archive -o contest.o.t contest.a
However, in that case, gcc does pass additional libs/objs (like, for
eample, the SSP ones) to the linker. But then those are also included
in the whole-archive section. This causes the linker to add all the
symbols form those libs/objs, even those not needed for SSP; on some
archs, like PPC, that may require floating point symbols (__muldiv3 et
al.) which are in another library, and thus the linker can't find them.
The proper solution wouild be to add -Wl,--no-whole-archive, but that
would have to be added _after_ the library we want to link, i.e.e we
should be able to evntually run:
$(CC) -Wl,--whole-archive -o $@ $(LIRARY) -Wl,--no-whole-archive
That would require that we introduce a new variable that is added
_after_ the $(LIBRARY), e.g. @shlinkargs_post@ or so...
This is a bigger endeavour than we want to pursue...
Since dmalloc is a debugging utility, it is not supposed to go into
production builds, and during debugging, it would not be surprising that
it needs to poke around arrays to debug them.
So, we go the easier route: disable SSP altogether.
[0] with lots of nice colors, but that's not the point, is it?
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Our dmalloc packaging is very old and carries historical baggage and
idiosyncracies that we have long stopped doing in the rest ofthe code
base.
Drop our post-patch hooks that seds the configure and Makefile.in files,
and add patches (that could be upstreamed one day).
We provide the results in the environment, like would be done with
actual autoconf cache variables (ac_cv_*).
Note: those are the result of cleaning up for further patches that did
not manifest because it was too complex to add proper SSP support to
dmalloc (instead, we're going to forcibly disable it in the following
commit).
Note-2: those patches have not been submitted upstream, as it's mostly
dead: even though there's been some commit activities recently-ish, there
has been no review or comments or the many PR pending for many years
now.
Note-3: we patch both configure and configure.ac, rather than
autoreconf, for two reasons: 1. the both are in the upstream git tree,
so submitting these patches would require patching both, and 2. dmalloc
does not autoreconf nicely out of the box, and it was deemed too much
hassle to fix that in addition.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- stm32mp1: support for STM32 TAMP_BKP21R bootcount register
- tab formatting
- gitignore: added autoscan files
- updated documentation
- i2c_eeprom: bootcount does not use two uint16s
- am33xx: declare registers as 'volatile'
- src/am33xx: do not close fd, it seems to prevent reliably writing register
- configure.ac: update version, homepage
- Added EEPROM read/write for non-TI AM335x platforms
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, flannel uses an ad-hoc github URL and a version-only tarball
name, even though we already had the github helper (introduced in 2013)
when flannel was introduced (in 2016).
Switch to the github helper, which allows us to get a properly named
tarball.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Geoff Levand <geoff@infradead.org>
Acked-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the examples given for launching an out-of-tree build are executed
as-is, this will result in the error message
Please configure Buildroot first (e.g. "make menuconfig")
Even if "make menuconfig" was run before, it's still not going to work
because the out-of-tree build doesn't use the in-tree .config.
Therefore, the example really should start with some config option.
Since "make menuconfig" is used in most other examples of creating a
config, use that here as well. Extend both examples with "menuconfig".
Reported-by: AndreiCherniaev <dungeonlords789@yandex.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
By default go tries to include version control (VCS) information in
binaries. Since Buildroot separates version control from the build
process it is sensible to disable this behavior.
This avoids build errors when building with a git repository higher
up in the tree owned by root. In this case the go build system
calls `git status --porcelain` which returns with an error:
fatal: detected dubious ownership in repository at '/build'
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since the commit [1], the utils/genrandconfig script improved the
configuration randomization used by autobuilders. Since then it can
generate a configuration that is not suitable for an external toolchain
such the "Codescape IMG GNU Linux Toolchain".
Indeed this toolchain can be selected for mips32r5 or mips64r5 while only
mips32r2 or mips64r2 are really supported. The toolchain issue will be
fixed in a followup change.
We want to catch such issue in check_unusable_toolchain function otherwise
it is detected late during the sysroot import into staging and trigger
a weird error message:
ln: failed to create symbolic link 'output/host/mips64el-buildroot-linux-gnu/sysroot//nvmedata/autobuild/instance-25/buildroot/libc.a': No such file or directory
ln: failed to create symbolic link 'output/host/mips64el-buildroot-linux-gnu/sysroot/usr//nvmedata/autobuild/instance-25/buildroot/libc.a': No such file or directory
This is similar test than for the main sysroot check but this time we have
to use the toolchain cflags to check the architecture sysroot.
If the architecture sysroot doesn't exist, the toolchain will reply with
"libc.a".
Either the toolchain is really broken or we used a wrong target
architecture variant. In the later case, the toolchain infrastructure will
print a meaningful error message.
Note: We also may get a similar issue using the toolchain-external-custom package
if a toolchain is used with a wrong target architecture variant.
Fixes:
http://autobuild.buildroot.org/results/701/701e8a5f713f7bdd1f32a4c549cdaac580e2522a/
[1] aeee90ec10
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
I do constantly get mails that fluent-bit fails to build for s390x.
So added this to ensure that the s390x architecture is checked as well
if I manually do:
$ ./utils/test-pkg -p fluent-bit -a
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- require threads and dynamic library support
- require sync_4 support
- provide fts.h through musl-fts
static_assert is not available if no C++ toolchain or no glibc
is used, so add two patches to fix this
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.19.6 (released 2023-02-14) includes security fixes to the crypto/tls,
mime/multipart, net/http, and path/filepath packages, as well as bug fixes to
the go command, the linker, the runtime, and the crypto/x509, net/http, and time
packages. See the Go 1.19.6 milestone on the Go issue tracker for details.
CVE-2022-41725: net/http, mime/multipart: denial of service from excessive resource consumption
CVE-2022-41724: crypto/tls: large handshake records may cause panics
CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding
https://go.dev/doc/devel/release#go1.19.minor
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is stable bugfix release of libmdbx,
in memory of Sergey Kapitsa (Russian physicist and demographer) on his 95th birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot,
at least this release fixes build for sh4 arch.
Release notes for v0.11.14
--------------------------
Fixes:
- backport: Refined the `__cold`/`__hot` macros to avoid the
`error: inlining failed in call to ‘always_inline FOO(...)’: target specific option mismatch`
issue during build using GCC >10.x for SH4 arch.
Actually this is GCC' SH4-backend bug which triggered by the `__attribute__((__optimize__("Os")))`
used in conjunction with the `__attribute__((__cold__))`.
- backport: Fixed `SIGSEGV` or an erroneous call to `free()` in case where
errors occur when reopening by `mdbx_env_open()` of a previously used
environment.
- backport: Fixed `cursor_put_nochecklen()` internals for case when dupsort'ed named subDb
contains a single key with multiple values (aka duplicates), which are replaced
with a single value by put-operation with the `MDBX_UPSERT+MDBX_ALLDUPS` flags.
In this case, the database becomes completely empty, without any pages.
However exactly this condition was not considered and thus wasn't handled correctly.
See [issue#8](https://gitflic.ru/project/erthink/libmdbx/issue/8) for more information.
- backport: Fixed extra assertion inside `override_meta()`, which could
lead to false-positive failing of the assertion in a debug builds during
DB recovery and/or auto-rollback.
Minors:
- backport: Fixed typos.
- backport: Refined `const` and `noexcept` for few C++ API methods.
- backport: Resolve false-posirive `used uninitialized` warning from GCC >10.x
while build for SH4 arch.
- backport: Fixed insignificant typo of `||` inside `#if` byte-order condition.
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the license hash because of a change in copyright year:
- Copyright (C) 1997-2022 Sam Lantinga <slouken@libsdl.org>
+ Copyright (C) 1997-2023 Sam Lantinga <slouken@libsdl.org>
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 6.0.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.9.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a link to RVspace Documentation Center, which did not exist
when readme.txt was first submitted. It provides datasheet, quick
start, schematics, and so on.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A COPYING file has been added to rtl8723ds as of the most recent commit.
Update the version of the package and add the license file hash.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by Yann in [1], Kconfig warns about an unmet dependency.
The issue can be reproduced on master branch at commit 451672e,
with the command:
KCONFIG_SEED=0x1D15B9D4 make randconfig
The patch adds the missing dependency.
Fixes:
WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON_AUTOBAHN
Depends on [n]: BR2_PACKAGE_PYTHON3 [=y] && BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS [=n]
Selected by [y]:
- BR2_PACKAGE_PYTHON_MAGIC_WORMHOLE_MAILBOX_SERVER [=y] && BR2_PACKAGE_PYTHON3 [=y]
[1] https://lists.buildroot.org/pipermail/buildroot/2023-February/661898.html
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
zabbix uses custom --enable-{static,shared} options, instead of standard
libtool directives resulting in the following build failure with openssl
or libcurl:
configure:13132: /home/autobuild/autobuild/instance-6/output-1/host/bin/or1k-buildroot-linux-gnu-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -I/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/include -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -rdynamic -static -L/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib conftest.c -lssl -lcrypto -lm >&5
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(dso_dlfcn.o): in function `dlfcn_globallookup':
dso_dlfcn.c:(.text+0x2c): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_addr.o): in function `BIO_lookup_ex':
b_addr.c:(.text+0x1128): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_sock.o): in function `BIO_gethostbyname':
b_sock.c:(.text+0x90): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /tmp/cceWHjDi.o: in function `main':
conftest.c:(.text.startup+0x8): undefined reference to `SSL_connect'
[...]
configure: error: OpenSSL library libssl or libcrypto not found
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without C++ raised since the addition ot
the package in commit 93ce3c1be0:
CMake Error at CMakeLists.txt:1 (PROJECT):
No CMAKE_CXX_COMPILER could be found.
Tell CMake where to find the compiler by setting either the environment
variable "CXX" or the CMake cache entry CMAKE_CXX_COMPILER to the full path
to the compiler, or to the compiler name if it is in the PATH.
Fixes:
- http://autobuild.buildroot.org/results/a7f2176d40f156c319754ef5d3b7fd0decfe754f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop unrecognized variables:
CMake Warning:
Manually-specified variables were not used by the project:
BUILD_DOC
BUILD_DOCS
BUILD_EXAMPLE
BUILD_EXAMPLES
BUILD_TEST
BUILD_TESTING
BUILD_TESTS
CMAKE_CXX_COMPILER_FORCED
DISABLE_STATIC
ENABLE_SHARED
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
wchar is mandatory since switch to an active fork in commit
456a739831:
In file included from /home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/Result.h:12,
from /home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/GTIN.cpp:9:
/home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/Content.h:40:14: error: 'wstring' in namespace 'std' does not name a type
40 | std::wstring render(bool withECI) const;
| ^~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/4f97f1b291a99218f4706fce8b2934bd845755e1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Entries for "gnupg2" and "test_python_hkdf.py" were not at the right
position.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit 04154a6517 (support/download/cargo-post-process: cargo
output for vendor config), we switched away from our hand-crafted
cargo.toml mangling, to use cargo itself to update that file.
In doing so, we enabled the shell pipefail option, so that we could
catch cargo failures, while redirecting its output through tee to the
cargo.toml.
However, pipefail is overzealous, and will hit us even for pipes we do
not want to globally fail, like the one that actually checks whether an
archive is already vendored or not:
if tar tf "${output}" | grep -q "^[^/]*/VENDOR" ; then
...
with pipefail, the above may always fail:
- if the tarball is already vendored, grep will exit on the first
match because of -q (it only needs a single match to decide that its
return code will be zero), so the | will get closed, and tar may
get -EPIPE before it had a chance to finish listing the archive, and
thus would terminate in error;
- if the tarball is not vendored, grep will exit in error.
It turns out that the tee was only added so that we could see the
messages emitted by cargo, and still fill the cargo.tom with the output
of cargo.
But that's a bit overkill: the cargo messages are going to stderr, and
the blurb to add to cargo.toml to stdout, so we just need to redirect
stdout.
Yes, we do not see what cargo added to cargo.toml, but that is not so
interesting.
Still, cargo ends its messages with a suggestion for the user to modify
cargo.toml, with:
To use vendored sources, add this to your .cargo/config.toml for this project:
But since we've already redirected that to cargo.toml, there is nothing
for the user to edit, so the above can get confusing. Emit a little
blurb that states that everything is under control.
And then we can drop pipefail.
Note: the go-post-process initially had pipefail too, but it was dropped
in bfd1a31d0e (support/download/go-post-process: drop -o pipefail) as
it was causing spurious breakage when extracting the archive before
vendoring, so it is only reasonable that we also remove it from the
cargo-post-process.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Simon Richter <simon.richter@ptwdosimetry.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/12a/12a63ae177fe3ed0c9a1ef2fa01870f334f36b0f/
Currently, when the post-process helper fails while downloading from
upstream, there is no fallback to the backup mirror.
In case the post-process helper fails, we must consider that to be a
download failure, so we must bail out as if the download backend itself
did fail, but we fail to do so.
Duplicate the logic we have for the download helper: if the post-process
helper fails, remove the downloaded stuff, and continue on to the next
URI, which will ultimately hit the backup mirror (if one has been
configured).
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/820/820e98b1c126469b1f180f078d102ded43b9c40e/
scripts/Makefile.am of mosh-1.4.0 needs the perl diagnostics module on the host:
make[3]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/mosh-1.4.0/scripts'
perl -Mdiagnostics -c ./mosh.pl
Can't locate diagnostics.pm in @INC (you may need to install the diagnostics module) (@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5).
BEGIN failed--compilation aborted.
So add a check for it in dependencies.sh similar to the other perl modules.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are three ways to run chronyd:
- start as root, and continue running as root;
- start as root, then setuid() to a non-root user via either a command
line option or a configuration directive;
- start as root, and setuid() to a build-time specified non-root user.
Currently, the first situation is used by Buildroot, which does not
follow security best practices of dropping elevated privileges for
daemon at runtime when that is possible.
We switch to the third situation, where a compile-time default non-root
user is then used at runtime to drop privileges, with libcap used to
keep the capabilities required to call the appropriate syscalls to
adjust the system time (typically, CAP_SYS_TIME to call adjtimex() or
clock_settime() et al.).
This means that libcap is now a mandatory dependency.
To be noted: users who previously had configured their systems to run
chronyd as non root, would have done so with either the command-line
option (`-u`), or the configuration directive (`user`). Those take
precedence over the compile-time default, so this should not break their
systems (presumably, they also run as the `chrony` user). They would
also have taken care to run chronyc as the appropriate user to
manipulate chronyd at runtime via the UNIX socket.
For those who were running chronyd as root, this does not change either:
the functionality is unchanged, and they were running chronyc as root,
which should still be capable of manipulating chronyd via its UNIX
socket.
Take that opportunity to brine chrony's Config.in to current coding
style: enclose sub-option in an if-endif block.
Signed-off-by: James Kent <james.kent@orchestrated-technology.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The size of xipImage has grown by 84KB but there are still 278KB left
before running out of 2MB of flash memory.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Further fix on top on 9d1b223b91 (package/pkg-waf: add missing $).
Repeat after me: all variables in an inner-package macro must be
expanded, except for: parameters, pkgdir, and pkgname.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit adds two new test cases:
- TestNodeJSBasic which builds a target configuration with just
NodeJS enabled, and which runs a very simple NodeJS script on the
target.
- TestNodeJSModule, which builds a target configuration with NodeJS
enabled + the installation of one extra module, which means npm on
the host (from host-nodejs) is used, and which runs a very simple
NodeJS script on the target that uses this extra module.
Having both tests separately allows to validate that both nodejs-only
and nodejs+host-nodejs configurations behave correctly, at least in
minimal scenarios.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default, NodeJS searches global modules in /usr/lib/node, but NPM
installs them in /usr/lib/node_modules/. Therefore by default, if one
installs modules with BR2_PACKAGE_NODEJS_MODULES_ADDITIONAL, they are
not accessible by NodeJS, unless by passing a
NODE_PATH=/usr/lib/node_modules/ variable. Since this is not obvious,
and it's nicer when things work out of the box, we simply patch NodeJS
to look for modules at the right place.
See
https://stackoverflow.com/questions/15636367/nodejs-require-a-global-module-package
for some discussions on this topic.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
During the last U-boot version bump it's not been noted that the TPL
was not prepended to SPL anymore preventing the board to boot, so
let's copy TPL to the image folder, prepend it to u-boot-spl-dtb.bin
and place it at offset 32KB, where RK3288 bootrom expects to find
it. Let's also place u-boot-dtb separated from SPL at offset 8M, where
the SPL expects it to find it.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Elixir was a dependency of rabbitmq-server which got dropped in
89815bad0a. It is a host package with no other
users, hence it is no longer required. Additionally, newer versions require
Erlang 23+.
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When generating legal info with a configuration enabling a package which uses
flit as setup type, we get a warning about python-flit-core license:
WARNING: python-flit-core-3.8.0: cannot save license (HOST_PYTHON_FLIT_CORE_LICENSE_FILES not defined)
Add missing variable to point to python-flit-core license file
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Peter: add sha256sum to .hash file]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Wpewebkit needs cmake >= 3.20 when building with the make backend since
wpewebkit 3.8.0.
Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.
https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Webkitgtk needs cmake >= 3.20 when building with the make backend since
webkitgtk 3.8.0.
Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.
https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Waf requires that the version of the waf script matches the version of
waflib, so drop any bundled waf/waflib if _NEEDS_EXTERNAL_WAF is used, as
otherwise waf errors out with errors like:
Waf script '2.0.24' and library '1.9.3' do not match
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
[Peter: Run as a post-patch hook as suggested by Yann]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explicitly set installed_tests to disabled.
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Instead of undefining endiannes CFLAGS let's change the approach.
Let's disable the CONFIG_PLATFORM_I386_PC that is set to y by default
involving the endianness to be set to little. This way we can set the
CFLAGS according to architecture with some default define like:
-DCONFIG_IOCTL_CFG80211
-DRTW_USE_CFG80211_STA_EVENT
-Wno-error
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog (for details see [1] and [2]):
Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
*) Fixed X.400 address type confusion in X.509 GeneralName.
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
vulnerability may allow an attacker who can provide a certificate chain and
CRL (neither of which need have a valid signature) to pass arbitrary
pointers to a memcmp call, creating a possible read primitive, subject to
some constraints. Refer to the advisory for more information. Thanks to
David Benjamin for discovering this issue. (CVE-2023-0286)
This issue has been fixed by changing the public header file definition of
GENERAL_NAME so that x400Address reflects the implementation. It was not
possible for any existing application to successfully use the existing
definition; however, if any application references the x400Address field
(e.g. in dead code), note that the type of this field has changed. There is
no ABI change.
[Hugo Landau]
*) Fixed Use-after-free following BIO_new_NDEF.
The public API function BIO_new_NDEF is a helper function used for
streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
be called directly by end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1
filter BIO onto the front of it to form a BIO chain, and then returns
the new head of the BIO chain to the caller. Under certain conditions,
for example if a CMS recipient public key is invalid, the new filter BIO
is freed and the function returns a NULL result indicating a failure.
However, in this case, the BIO chain is not properly cleaned up and the
BIO passed by the caller still retains internal pointers to the previously
freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
then a use-after-free will occur. This will most likely result in a crash.
(CVE-2023-0215)
[Viktor Dukhovni, Matt Caswell]
*) Fixed Double free after calling PEM_read_bio_ex.
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
data. If the function succeeds then the "name_out", "header" and "data"
arguments are populated with pointers to buffers containing the relevant
decoded data. The caller is responsible for freeing those buffers. It is
possible to construct a PEM file that results in 0 bytes of payload data.
In this case PEM_read_bio_ex() will return a failure code but will populate
the header argument with a pointer to a buffer that has already been freed.
If the caller also frees this buffer then a double free will occur. This
will most likely lead to a crash.
The functions PEM_read_bio() and PEM_read() are simple wrappers around
PEM_read_bio_ex() and therefore these functions are also directly affected.
These functions are also called indirectly by a number of other OpenSSL
functions including PEM_X509_INFO_read_bio_ex() and
SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
internal uses of these functions are not vulnerable because the caller does
not free the header argument if PEM_read_bio_ex() returns a failure code.
(CVE-2022-4450)
[Kurt Roeckx, Matt Caswell]
*) Fixed Timing Oracle in RSA Decryption.
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA padding
modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
(CVE-2022-4304)
[Dmitry Belyavsky, Hubert Kario]
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
[1] https://www.openssl.org/news/cl111.txt
[2] https://www.openssl.org/news/vulnerabilities.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit bed21bb9b added a patch to change configure.ac but failed to
update configure which caused build failures due to the timestamp
difference between configure and configure.ac and the makefile attempting
to run aclocal.
XZ_AUTORECONF = YES creates a circular dependency where the host autotools
need host-xz which also gets patched. Because of this, we need to patch
xz's configure script manually and NOT patch configure.ac so its timestamp
stays older than Makefile.in.
While we're doing this, correct the language in the commit body of the
patch, remove a stray whitespace, and fix the offset for configure.ac
Fixes: bed21bb9b ("package/xz: fix microblaze compiles")
Fixes: http://autobuild.buildroot.net/results/958/9586f21e447ef9923606b1385ff333138406b685/
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[Peter: Only patch configure]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All the errors in existing scripts in utils/ have been fixed, so nothing
needs to be added to .checkpackageignore.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/test-pkg line 8:
if [ ! -z "${TEMP_CONF}" ]; then
^-- SC2236: Use -n instead of ! -z.
In utils/test-pkg line 75:
TEMP_CONF=$(mktemp /tmp/test-${pkg}-config.XXXXXX)
^----^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
TEMP_CONF=$(mktemp /tmp/test-"${pkg}"-config.XXXXXX)
In utils/test-pkg line 76:
echo "${pkg_br_name}=y" > ${TEMP_CONF}
^----------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
echo "${pkg_br_name}=y" > "${TEMP_CONF}"
In utils/test-pkg line 86:
if [ ${random} -gt 0 ]; then
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${random}" -gt 0 ]; then
In utils/test-pkg line 90:
if [ ${number} -gt 0 ]; then
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${number}" -gt 0 ]; then
In utils/test-pkg line 109:
toolchains=($(sed -r -e 's/,.*//; /internal/d; /^#/d; /^$/d;' "${toolchains_csv}" \
^-- SC2207: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
In utils/test-pkg line 110:
|if [ ${random} -gt 0 ]; then \
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
|if [ "${random}" -gt 0 ]; then \
In utils/test-pkg line 111:
sort -R |head -n ${random}
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
sort -R |head -n "${random}"
In utils/test-pkg line 121:
if [ ${nb_tc} -eq 0 ]; then
^------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${nb_tc}" -eq 0 ]; then
In utils/test-pkg line 134:
printf "%40s [%*d/%d]: " "${toolchain}" ${#nb_tc} ${nb} ${nb_tc}
^---^ SC2086: Double quote to prevent globbing and word splitting.
^------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
printf "%40s [%*d/%d]: " "${toolchain}" ${#nb_tc} "${nb}" "${nb_tc}"
In utils/test-pkg line 146:
${nb} ${nb_skip} ${nb_fail} ${nb_legal} ${nb_show}
^---^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
^---------^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
"${nb}" "${nb_skip}" "${nb_fail}" "${nb_legal}" "${nb_show}"
In utils/test-pkg line 160:
CONFIG_= support/kconfig/merge_config.sh -O "${dir}" \
^-- SC1007: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
In utils/test-pkg line 181:
if [ ${prepare_only} -eq 1 ]; then
^-------------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${prepare_only}" -eq 1 ]; then
For more information:
https://www.shellcheck.net/wiki/SC1007 -- Remove space after = if trying to...
https://www.shellcheck.net/wiki/SC2207 -- Prefer mapfile or read -a to spli...
https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
The suggestions from shellcheck can be applied.
This script already uses bash so we can rely on mapfile.
The warning about CONFIG_= assignment misinterpreted the intention: we
don't want to assign to CONFIG_, we want to clear it from the
environment. Spell this as CONFIG_="".
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/docker-run line 10:
--user $(id -u):$(id -g) \
^------^ SC2046: Quote this to prevent word splitting.
^------^ SC2046: Quote this to prevent word splitting.
The suggestions from shellcheck can be applied.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/config line 54:
ARG="`echo $ARG | tr a-z- A-Z_`"
^------------------------^ SC2006: Use $(...) notation instead of legacy backticked `...`.
^--^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
ARG="$(echo "$ARG" | tr a-z- A-Z_)"
In utils/config line 87:
local tmpfile="$infile.swp"
^-----^ SC2034: tmpfile appears unused. Verify use (or export if used externally).
In utils/config line 182:
if [ $? != 0 ] ; then
^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
For more information:
https://www.shellcheck.net/wiki/SC2034 -- tmpfile appears unused. Verify us...
https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
https://www.shellcheck.net/wiki/SC2006 -- Use $(...) notation instead of le...
The suggestions from shellcheck can be applied.
The unused variable tmpfile in fact occurs in several functions, all of
them can be removed.
For the check exit code, the condition is swapped to avoid negative
logic.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/brmake line 6:
local found ret start d h m mf
^---^ SC2034: found appears unused. Verify use (or export if used externally).
In utils/brmake line 16:
> >( while read line; do
^--^ SC2162: read without -r will mangle backslashes.
For both, the suggestions from shellcheck can be applied.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
i3-compatible Wayland compositor
This Wayland compositor can be used as a kiosk compositor like cage, but
with the advantage of better configuration of multiple monitor and
windows. For example, move a window by title to the output X or set the
resolution of Y to Z.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
[Peter: Fix white space, add gdk-pixbuf to _DEPENDENCIES]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Even though it works, overriding --prefix at installation time is a
bit weird. In order to be more consistent with what is done with other
build systems, use DESTDIR instead at installation time.
Note that $(DESTDIR) comes in addition to the
-DCMAKE_INSTALL_PREFIX=/usr that is passed at configure time, so with
this commit, the files continue to be installed in $(STAGING_DIR)/usr
and $(TARGET_DIR)/usr as they should be.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even though it works, overriding --prefix at installation time is a
bit weird. In order to be more consistent with what is done with other
build systems, use DESTDIR instead at installation time.
Note that $(DESTDIR) comes in addition to the
-DCMAKE_INSTALL_PREFIX=/usr that is passed at configure time, so with
this commit, the files continue to be installed in $(STAGING_DIR)/usr
and $(TARGET_DIR)/usr as they should be.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently only SysV init scripts are checked using shellcheck and a few
other rules (e.g. variable naming, file naming).
Extend the check using shellcheck to all shell scripts in the tree.
This is actually limited to the list of directories that check-package
knows that can check, but that list can be expanded later.
In order to apply the check to all shell scripts, use python3-magic to
determine the file type. Unfortunately, there are two different python
modules called "magic". Support both by detecting which one is installed
and defining get_filetype accordingly.
Keep testing first for name pattern, and only in the case there is no
match, check the file type. This ensures, for instance, that SysV
init scripts follow specific rules.
Apply these checks for shell scripts:
- shellcheck;
- trailing space;
- consecutive empty lines;
- empty last line on file;
- newline at end of file.
Update the list of ignored warnings.
Do not add unit tests since no function was added, they were just
reused.
But expand the runtime test for check-package using as fixture a file
that generates a shellcheck warning.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: support both variants of the "magic" module]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 4a6f9d2516 removed
package/urandom-scripts/S20urandom but didn't remove it from
.checkpackageignore. Do so now.
The commit actually renamed it to S20seedrng, but it also fixed the
Variables errors so it no longer needs to be ignored.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop patches which are no longer required.
Verified license remains Apache-2.0 after hash change.
Rework config options for 1.4.0.
Add new host-pkgconf and stb build dependency.
Drop optional libiconv dependency which is no longer used.
Add optional python module support.
Add optional qt5 support.
Add optional opencv4 support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This will be needed for upcoming pipewire compress offload support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
security fix:
A malicious certificate revocation list or timestamp response token
would allow an attacker to read arbitrary memory.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The time between version 2.17.0 being tagged and the release of its
tarball version containing autoconf scripts was three weeks now.
With the switch to meson we can directly use the github-generated
tarball while not needing to run autoreconf.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building with BR2_REPRODUCIBLE the toolchain wrapper passes
-fdebug-prefix-map for all packages that are built. But this doesn't
affect the target libraries (like libgcc) built by GCC's build system.
GCC 4.3 added a configure option to set the debug prefix map for these
libraries, which is used here to avoid encoding potentially
non-reproducible build paths into the debug data.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The go vendoring fails on CentOS 7 (which uses git 1.8.3.1) with errors
related to shallow clones:
make docker-compose-source
..
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
github.com/docker/compose/v2/pkg/mocks imports
github.com/theupdateframework/notary/client imports
github.com/docker/go/canonical/json: github.com/docker/go@v1.5.1-1.0.20160303222718-d30aec9fd63c: invalid pseudo-version: git fetch --unshallow -f origin in /home/jacmet/source/buildroot-mirror/output/host/share/go-path/pkg/mod/cache/vcs/48fbd2dfabec81f4c93170677bfc89087d4bec07a2d08f6ca5ce3d17962677ee: exit status 128:
fatal: git fetch-pack: expected shallow list
make[1]: *** [/home/jacmet/source/buildroot-mirror/output/build/docker-compose-2.15.1/.stamp_downloaded] Error 1
It works with git 2.0.0 (released May 2014, included in Debian 8), so check
for >= 2.0.0 with logic similar to the GNU patch version check.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The vendoring done for cargo / go packages (may) need git, so ensure we
check for it in dependencies, similar to how it is done for packages
directly using git.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When gitlab prepares a job to run, it checks out the repository with a
non-root user, and spawns a container that runs as root, with some UID
mapping that makes the files be owned by root in the container. However,
our pipelines run as a nont-root user.
Commit bde165f7ad (.gitlab-ci.yml: update Docker image to use) updated
the docker image that is used to run in our pipelines.
That new image includes a git version that is stricter about the
ownership of the git tree it is acting in: git aborts in error when the
user running it does not own the repository.
We use `git ls-tree` quite a lot in our check-{flake8,package,symbols}
rules, so they all fail (in various ways).
To fix this, we either need to fix the ownership or tell git to ignore
the situation.
It is most probably impossible to change the ownership of the files: we
run as non-root,and the files belong to root (in the container). So
we're stuck.
The alternative, is to do as git suggest, and tell it to ignore the
situation. In a local setup, this would be very insecure, but in the
pipelines, this is in a throw-away container, where a single user exists
and is running, so we don't care much (if at all).
Add a global before_script that registers the git config to ignore
ownership issues in the buildroot repository; see [0] for the definition
of the CI_PROJECT_DIR variable. Note: unlike what is said in there, and
in [1], the value actually seen in CI_PROJECT_DIR is already prefixed
with CI_BUILDS_DIR (the documentation is unclear about that point).
[0] https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
[1] https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When gitlab prepares a job to run, it checks out the repository with a
non-root user, and spawns a container that runs as root, with some UID
mapping that makes the files be owned by root in the
container. However, our pipelines run as a nont-root user.
Commit bde165f7ad (.gitlab-ci.yml: update Docker image to use) updated
the docker image that is used to run in our pipelines.
That new image includes a git version that is stricter about the
ownership of the git tree it is acting in: git aborts in error when the
user running it does not own the repository.
We use `git ls-tree` quite a lot in our check-{flake8,package,symbols}
rules, so they all fail (in various ways).
To fix this, we either need to fix the ownership or tell git to ignore
the situation. In either case, we'll need to run a scriptlet before all
our jobs.
Gitlab-ci allows to provide a global before_script, that is inherited by
all jobs. However, some of our jobs already declare a before_script, and
that would shadow the global before_script.
There is no technical reason to do our before_script separately from
the actual script, so we move the code from the before_scripts to the
corresponding scripts.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To quote the README:
> Kernel versions below 4.15 have significant gaps in functionality and
> are not recommended for use with this version of systemd. Taint flag
> 'old-kernel' will be set. Systemd will most likely still function, but
> upstream support and testing are limited.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Set -Ddefault-dnssec=allow-downgrade if openssl is available as both
openssl and gcrypt are now supported for dnssec. Move this out of the
gcrypt condition into a joint openssl/gcrypt condition. So the
dependency and the openssl/gcrypt config is set in the individual
openssl and gcrypt conditions, while the default-dnssec option is set in
a joint openssl or gcrypt condition.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Following files changed *license* from CC0-1.0 to MIT-0:
- src/systemctl/systemd-sysv-install.SKELETON
- config files
- examples under /network
The file LICENSES/MIT-0.txt has been added for this reason,
hashes added, corrected for LICENSES/README.md.
Kernel version 3.15 is now the bare minimum, but only
version 4.15 and higher are fully supported and tested:
- bump kernel header dependencies
- correct kconfig description
- improvements to make the kconfig description better reflect
the information from the README
Set new options to their default, remove -Defi-cc option.
Set -Ddbus=false to ensure dbus dependency is runtime only.
Set -Ddbus-interfaces-dir=no as interface XML file generation is
not supported when cross compiling.
Set -Ddefault-user-shell=/bin/sh to the always available shell.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
wolfssl contains some assembly code and its configure.ac script
enables the assembly code depending on the CPU architecture. However,
the detection logic is not sufficient and leads to using the assembly
code in situation where it should not.
Here are two examples:
- As soon as the architecture is mips64/mips64el, it uses assembly
code, but that assembly code is not mips64r6 compatible.
- As soon as the architecture is RISC-V, it uses assembly code, but
that assembly code uses multiplication instructions, without paying
attention that the "M" extension may not be available in the RISC-V
CPU instruction set.
In order to avoid this, we introduce a
BR2_PACKAGE_WOLFSSL_ASM_SUPPORTS hidden boolean to decide when to
enable/disable assembly code. We set an initial value with the
supported CPU architectures, with the exclusion of the problematic
cases described above.
It is pretty likely that this variable will need tuning progressively,
as it is difficult to determine which CPU variants exactly are
supported by the assembly code in wolfssl.
Fixes:
- MIPS64 case: http://autobuild.buildroot.net/results/43e/43ee1a457cbeb986d958c9a70cac0676377661c0/
- RISC-V case: http://autobuild.buildroot.net/results/f05/f056ebe7749a69994afba39a9d4967e2774c45ea/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default on ARM32, wolfssl uses assembly instructions that are not
supported on Thumb (original Thumb, not Thumb 2), causing a build
failure:
/tmp/ccgn33X7.s:299: Error: selected processor does not support `umlal r4,r5,r10,ip' in Thumb mode
/tmp/ccgn33X7.s:386: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'
/tmp/ccgn33X7.s:387: Error: unshifted register required -- `adc r3,r3,#0'
/tmp/ccgn33X7.s:395: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'
Fix that by passing --with-arm-target=thumb, which tells wolfssl to
use a different set of assembly routines.
Fixes:
http://autobuild.buildroot.net/results/907/907a5967439c3157c426023b0be1e613092d7bfe/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
wolfSSL has ARMv8-A assembly implementations of some functions for
both A64 and A32 ISAs. However, some of the A32 versions use r11,
which is usually not allowed:
wolfcrypt/src/port/arm/armv8-aes.c: In function 'wc_AesCbcEncrypt':
wolfcrypt/src/port/arm/armv8-aes.c:3303:5: error: fp cannot be used in 'asm' here
3303 | }
| ^
That can be fixed by adding the compiler flag -fomit-frame-pointer,
but then there is another failure:
/tmp/ccV19DQV.s: Assembler messages:
/tmp/ccV19DQV.s:248: Error: first transfer register must be even -- `ldrd r11,r10,[r14,#4*14]'
make[3]: *** [Makefile:5858: wolfcrypt/src/port/arm/src_libwolfssl_la-armv8-chacha.lo] Error 1
This is definitely not a valid instruction in A32, which suggests that
this code isn't being tested at all upstream. So disable it here.
Fixes:
http://autobuild.buildroot.net/results/502/502a2b217845eb290c1961d4740b032462f8ae53/
Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The gcc plugin test was not using the -q option to grep causing it to print
the line to stdout, so fix that.
While we're at it, adjust the locale check to use grep -q instead of
redirecting to /dev/null for consistency with the other checks.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We have a new Docker image, updated with the new requirements from
bcd15aa08a ("support/docker: add
python3-magic"), but also with an updated Debian Bullseye
installation. Let's use it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
snapshot.debian.org is notoriously slow, and quite often leads to
timeouts when downloading packages. To give us a better chance of
succeeding, let's retry 3 times before failing.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The DODEBUG=y option of uClibc causes uClibc to be built with -O0 and
-DDEBUG, which has a significant runtime performance
impact. Currently, DODEBUG=y is passed when BR2_ENABLE_DEBUG=y, but
BR2_ENABLE_DEBUG is only about enabling debugging symbols, not about
runtime debugging additions. The more recently added
BR2_ENABLE_RUNTIME_DEBUG option is precisely designed for that, so we
changed the logic to pass DODEBUG=y when BR2_ENABLE_RUNTIME_DEBUG=y,
and not BR2_ENABLE_DEBUG=y.
This allows to build uClibc with debugging symbols when
BR2_ENABLE_DEBUG=y, without disabling optimizations and adding more
debugging features that have a runtime performance impact.
Signed-off-by: Ben Wolsieffer <Ben.Wolsieffer@hefring.com>
[Thomas: extracted from
https://patchwork.ozlabs.org/project/buildroot/patch/20220803200629.3172370-1-Ben.Wolsieffer@hefring.com/
and split into its own independent patch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On host without jq installed, test-pkg's output is as following:
$ ./utils/test-pkg -p mmc-utils
bootlin-armv5-uclibc [1/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
bootlin-armv7-glibc [2/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
bootlin-armv7m-uclibc [3/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
...
Since test-pkg handles this case we can hide this error message and have
proper output:
$ ./utils/test-pkg -p mmc-utils
bootlin-armv5-uclibc [1/6]: OK
bootlin-armv7-glibc [2/6]: OK
bootlin-armv7m-uclibc [3/6]: OK
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python3 currently does not build if util-linux-uuid option is not
enabled, failing with the following error messages:
"""
/usr/lib64/ccache/gcc -fPIC -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -O2 -I/home/qschulz/work/upstream/buildroot/output/host/include -std=c11 -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wstrict-prototypes -Werror=implicit-function-declaration -fvisibility=hidden -I./Include/internal -I./Include -I. -I/home/qschulz/work/upstream/buildroot/output/host/include -I/usr/local/include -I/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Include -I/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1 -c /home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c -o build/temp.linux-x86_64-3.11/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.o
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c: In function ‘py_uuid_generate_time_safe’:
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:27:12: error: storage size of ‘uui ’ isn’t known
27 | uuid_t uuid;
| ^~~~
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:31:11: error: implicit declaration of function ‘uuid_generate_time_safe’; did you mean ‘py_uuid_generate_time_safe’? [-Werror=implicit-function-declaration]
31 | res = uuid_generate_time_safe(uuid);
| ^~~~~~~~~~~~~~~~~~~~~~~
| py_uuid_generate_time_safe
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:27:12: warning: unused variable ‘uuid’ [-Wunused-variable]
27 | uuid_t uuid;
| ^~~~
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:47:1: warning: control reaches end of non-void function [-Wreturn-type]
47 | }
| ^
cc1: some warnings being treated as errors
The necessary bits to build these optional modules were not found:
_dbm _gdbm _tkinter
nis readline
To find the necessary bits, look in setup.py in detect_modules() for the module's name.
The following modules found by detect_modules() in setup.py have not
been built, they are *disabled* by configure:
_ctypes_test _sqlite3 _testbuffer
_testcapi _testimportmultiple _testinternalcapi
_testmultiphase _xxtestfuzz
Failed to build these modules:
_uuid
"""
Therefore, let's disable building the _uuid extension the same way it's
done for the target package since commit 0b68713aae ("python3: use
pure python UUID backend").
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Required by micromamba.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
[Thomas:
- rework shared/static lib handling
- don't pass ENABLE_CONDA=ON based on BR2_PACKAGE_MICROMAMBA=y as
it's weird that a dependency does something different depending on
which of its reverse dependencies is enabled]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The RNG can't actually be seeded from a shell script, due to the
reliance on ioctls. For this reason, Busybox 1.36.0 contains SeedRNG, a
tiny program meant to be called at startup and shutdown (and at
arbitrary other points in between if desired). Note that initially,
the way seedrng was included in busybox broke things quite severely, but
now it's been reverted to a reasonably acceptable version.
This is a significant improvement over the current init script, which
doesn't credit entropy and whose hashing in shell scripts is sort of
fragile.
Because seedrng is part of busybox, urandom-scripts now depends on
BR2_PACKAGE_BUSYBOX. This can be removed again if later we add a
standalone seedrng package.
Add a decent explanation to the init script about the need for a
persistent directory to make this actually work.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
[Arnout:
- Remove busybox patch, it's now part of busybox 1.36.0.
- Depend on busybox.
- Fix shellcheck errors.
- Use DAEMON and SEEDRNG_ARGS.
- Don't bother with "seed_dir" and "skip_credit" variables.
- Rename to S20seedrng.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with kernel >= 6.1
In file included from ./include/linux/string.h:20,
from ./include/linux/bitmap.h:11,
from ./include/linux/cpumask.h:12,
from ./include/linux/mm_types_task.h:14,
from ./include/linux/mm_types.h:5,
from ./include/linux/buildid.h:5,
from ./include/linux/module.h:14,
from /home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:24:
./arch/powerpc/include/asm/string.h:27:22: note: expected ‘void *’ but argument is of type ‘const unsigned char *’
27 | extern void * memcpy(void *,const void *,__kernel_size_t);
| ^~~~~~
/home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:661:9: error: too many arguments to function ‘netif_napi_add’
661 | netif_napi_add(netdev, &wc->napi, &wctc4xxp_poll, 64);
| ^~~~~~~~~~~~~~
In file included from ./include/net/inet_sock.h:19,
from ./include/linux/udp.h:16,
from /home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:38:
./include/linux/netdevice.h:2562:1: note: declared here
2562 | netif_napi_add(struct net_device *dev, struct napi_struct *napi,
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/d7ce103a886329c68c04ebe05571be8f95a873ce
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove upstream patch 0003-awk-fix-use-after-free-CVE-2022-30065.patch
and update _IGNORE_CVES accordingly.
The two other CVE fixes are still not applied upstream. Renumber the
patches and update the comment in the .mk file.
Refresh busybox.config. All configs are set to the new defaults, except
for CONFIG_UDHCPC_DEFAULT_SCRIPT: for this one, reuse the script we also
use for DHCPv4. This is matches the behaviour previous to the bump,
where we had a single script handling both.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Transit Relay server for Magic-Wormhole.
This repository implements the Magic-Wormhole "Transit Relay",
a server that helps clients establish bulk-data transit connections
even when both are behind NAT boxes. Each side makes a TCP connection
to this server and presents a handshake. Two connections with
identical handshakes are glued together, allowing them to pretend they
have a direct connection.
https://github.com/magic-wormhole/magic-wormhole-transit-relay
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Securely transfer data between computers.
This package provides a library and a command-line tool named
"wormhole", which makes it possible to get arbitrary-sized files
and directories (or short pieces of text) from one computer to
another. The two endpoints are identified by using identical
"wormhole codes": in general, the sending machine generates and
displays the code, which must then be typed into the receiving
machine.
https://github.com/magic-wormhole/magic-wormhole
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SPAKE2 password-authenticated key exchange (in pure python).
This library implements the SPAKE2 password-authenticated key
exchange ("PAKE") algorithm. This allows two parties, who share a
weak password, to safely derive a strong shared secret (and
therefore build an encrypted+authenticated channel).
https://github.com/warner/python-spake2
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 4cdd99190e (support/dependencies/dependencies.sh: require open perl
package for libxcrypt) added a check for the "open" perl module for
libxcrypt, but it does not work as "open" cannot be directly used with
"require" as an argument is needed:
perl -e "require open"
Not enough arguments for open at -e line 1, at EOF
Execution of -e aborted due to compilation errors.
So special case the check to instead check with "use open ':std'".
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Python idna package switched to pyproject.toml in commit:
https://github.com/kjd/idna/commit/2a00e518efe55d2eeb62cd3f88ace7db41338603
which is included in idna v3.4.
When using the old setuptools infra, the package is incorrectly
installed as v0.0, which is then incorrectly detected by other
packages when using setuptools pkg_resources.
The issue can be reproduced with the command:
python3 <<EOF
__requires__ = ["idna >= 2.5"]
import pkg_resources
EOF
which will fail with output:
pkg_resources.ContextualVersionConflict: (idna 0.0.0 (/usr/lib/python3.11/site-packages), Requirement.parse('idna>=2.5'), {'hyperlink'})
pkg_resources.DistributionNotFound: The 'idna>=2.5' distribution was not found and is required by hyperlink
This commit changes _SETUP_TYPE to "flit" to fix this issue.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit modifies the toolchain-wrapper to make sure that the
CCACHE_COMPILERCHECK and CCACHE_BASEDIR are only set if ccache support
is enabled. Indeed, when BR2_USE_CCACHE is not set (or to a value
different than 1), we don't call the compiler with ccache, so there is
no reason to set those ccache environment variables, and they could
potentially conflict with a separate usage of ccache, outside of
Buildroot, for example when using the Buildroot SDK.
In particular, the value of CCACHE_BASEDIR doesn't not make any sense
when the Buildroot toolchain is not used during the Buildroot build,
as it points to the output directory $(BASE_DIR).
We pay attention to also not show those variables as being set in the
BR2_DEBUG_WRAPPER dump.
To help a little bit with this, a ccache_enabled boolean is introduced
to indicate when ccache is being used.
There is still quite a bit of #ifdef-ery involved, but it's not easy
to find a simpler way to organize the code.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-By: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Like docker-engine and docker-cli, balena-engine uses a non-standard
vendor/ directory structure, so we use the same fixes as we introduced
for docker-engine ((see commit: package/docker-engine: bump version to
v23.0.0):
- remove the problematic vendor/modules.txt
- create a go.mod
Also remove the vendor/archive/ sub-tree (fixes a build error) because
Go no longer allows having duplicate packages in GOPATH and GOROOT.
vendor/archive/tar cannot be in vendor/ because it exists in the
standard library. Since we remove the full vendor/archive/, that is
also fixed.
https://github.com/balena-os/balena-engine/releases/tag/v20.10.26
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate versal-firmware package from nealfrager github to Xilinx github.
The images are identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fixed android super.img loop download 52byte after some block
- Use login header as in curl
- Skip sleep in usb_add
- Add empty line after input password
- linux prompt ask user name and password for http(s) download
- fix linux build failure
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
copy_toolchain_lib_root was not handling the case of "readlink"
returning nothing, which will happen if the symlink it is trying to
resolve does not point to a valid file on the build host. This
shouldn't happen, but it can.
The end result of this situation would be an endless loop of error
messages that would only end if aborted manually.
[...]
cp: missing destination file operand after
'/local/users/mmayer/buildroot/output/arm64/target//'
Try 'cp --help' for more information.
readlink: missing operand
Try 'readlink --help' for more information.
basename: missing operand
Try 'basename --help' for more information.
dirname: missing operand
Try 'dirname --help' for more information.
^C
make[1]: *** [package/pkg-generic.mk:384:
Instead of looping endlessly without explanation, let's abort and
inform the user that something seems amiss with their setup.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Like docker-engine, docker-cli uses a non-standard vendor/ directory
structure, so we use the same fixes as we introduced for docker-engine
(see commit: package/docker-engine: bump version to v23.0.0):
- remove the problematic vendor/modules.txt
- create a go.mod
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- use post-extract hook
- simplify commit message to refer to docker-engine
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This update requires a few workaround for the non-standard vendor/
structure in the docker-engine repository.
First, as the vendor/ directory exists, our go-post-process script does
not do the vendoring, and exits early, which is exactly what we need.
Second, docker-engine does not use the "new" go.mod mechanism, so it
does not ship any go.mod file, so our go-post-proces, exiting early,
does not check that the go.mod file exists, and thus does not fail,
which is again exactly what we need.
Third, docker-engine has an invalid vendor/modules.txt file that we need
to remove or go would fail to build. Since our go-post-process exits
early, there is no vendoring, and thus it does not break at download,
which once more is exactly what we need.
However, the missing go.mod and the problematic vendor/modules.txt cause
go to fail at build time, which this time is not really, even really not,
what we want...
So, we fix it up in two ways.
First, the easy part: we just remove the problematic vendor/modules.txt
file.
Second, we create a go.mod to tell the Go compiler the root import path
prefix for the module and the language version. Note that the language
version in go.mod is not required to be equal the version of the Go
compiler.
Reference: https://github.com/moby/moby/issues/44618#issuecomment-1343565705
Note that as of v23.0.0 docker-engine expects containerd to be started
by systemd if --containerd= flag is set in dockerd.service, whereas in
previous versions containerd was started by the docker daemon as a
sub-process.
There is no sysv unit for containerd, but this is OK: in the Docker sysv
init file S60dockerd, we do not set the --containerd flag. The docker
daemon will start containerd as a sub-process automatically due to the
absence of this flag.
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- run fixups in post-extract hook
- rework commit log for (hopefully) better explanations
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes:
http://autobuild.buildroot.net/results/16c/16cba783be11cc5024f9c56bb0a7abb0acf13ef8/
The configure script of libxcrypt needs the open perl module on the host:
Can't locate open.pm in @INC (you may need to install the open module) (@INC
contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./build-aux/scripts/expand-selected-hashes line 20.
So add a check for it in dependencies.sh similar to how it is done for mpv.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting from version 2021.10 only distro booting is supported, as
reported by commit ff8f277e9121 ("ti: am335x_evm: Switch to DISTRO_BOOT only").
The patch allows to update U-Boot to versions later than 2021.10.
Tested on beaglebone black.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes http://autobuild.buildroot.net/results/166/1667b4ebd8e16e7d8b47bc3ca128a76daf27b4d9/
The configure script of host-libxml-parser-perl needs the English perl
module on the host:
ERROR from evaluation of
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/Expat/Makefile.PL:
Can't locate English.pm in @INC (you may need to install the English module)
(@INC contains:
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/inc
/home/buildroot/autobuild/instance-1/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5 .) at ./Makefile.PL line 3.
So add a check for it in dependencies.sh similar to the existing check for
ExtUtils::MakeMaker.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Running tests with top-level parallel builds can speed up running some
tests, expecially those that have a lot of packages like the systemd
init tests.
Trigger TLPB when the configuration enables per-package directories.
We're using the jlevel argument, which normally is used for BR2_JLEVEL
as the value for calling make -j<N> at the top-level. In fact,
BR2_JLEVEL is "unused" when using TLPB, because the top-level make
acts as the job server that distributes tokens to sub-makes (except
for the few build systems like waf or scons that don't support this),
so it's really the top-level make -j<N> that determines the level of
parallelism, and BR2_JLEVEL doesn't really have an effect.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: extend explanation a bit]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Start counting the line numbers in 1 instead of 0, in case an error
must be printed.
Both the error about a developer entry with no file entry and the error
about a file entry with no developer entry actually belong to the
non-empty line previous the one being analysed, so in these cases print
the line number from the line before.
Also count empty and comment lines, so a developer fixing the file can
jump to the correct line (or the nearest one).
At same time standardize the messages, printing the line number
also in the case of a warning for a file that is not in the tree
anymore.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently 4 types of parsing errors/warnings can be found:
- entry for a file that is not in the tree anymore (warning)
- developer entry with no file entry (error)
- file entry with no developer (error)
- entry that is not a developer, a file or a comment (hard error)
Currently only the last one ends the script with -v with error code.
Make all 3 error types into hard errors and bail out at the first error
found, because the rest of the state machine is not designed to handle
malformed input.
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dracut modules can only be looked for in HOST_DIR/lib/dracut/modules.d/
as dracut does not offer the possibility to look elsewhere.
Installing files in HOST_DIR/ can do done either from a host-package, or
via a post-built script; there is no overlay like there is for target/.
This is a bit cumbersome.
Additional modules are most probably developped in a relatively tight
loop with the configuration files, so it makes sense to expose both
close together.
Add an option to the fs/cpio filesystem, so users can point to a list
of modules to install.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/5d1/5d10f4f545dccf126e3f5b5efce777a393c5e7bc/http://autobuild.buildroot.net/results/7c2/7c2df31c6eb34b68e460e092d8c262bdc6c8f25a/
The configure script of (host-)libopenssl needs the FindBin perl module on the host:
Can't locate FindBin.pm in @INC (you may need to install the FindBin module)
(@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./Configure line 15. BEGIN failed--compilation aborted
at ./Configure line 15.
As this is needed for both libopenssl and host-libopenssl (which does not
have a corresponding config symbol in the .config), we have to require it
unconditionally.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is the result of running
support/scripts/gen-bootlin-toolchains now that 2022.08 toolchains
have been made available.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It will be needed by check-package to run checks according to the file
type (the same determined by the command 'file').
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
... just like check-flake8 already does.
When a new check_function is added to check-package, often there are
files in the tree that would generate warnings.
An example is the Sob check_function for patch files:
| $ ./utils/check-package --i Sob $(git ls-files) >/dev/null
| 369301 lines processed
| 46 warnings generated
Currently these warnings are listed when calling check-package directly,
and also at the output of pkg-stats, but the check_function does not run
on 'make check-package' (that is used to catch regressions on GitLab CI
'check-package' job) until all warnings in the tree are fixed.
This (theoretically) allows new .patch files be added without SoB,
without the GitLab CI catching it.
Since now check-package has an ignore file to list all warnings in the
tree, that will eventually be fixed, there is no need to filter the
files passed to check-package.
So test all files in the tree when 'make check-package' is called.
It brings following advantages;
- any new check_function added to check-package takes place immediately
for new files;
- adding new check_functions is less traumatic to the developer doing
this, since he/she does not need anymore to fix all warnings in the
tree before the new check_function takes effect;
- prevent regressions, e.g. ANY new .patch file must have SoB;
- as a side-effect, print a single statistics line as output of
'make ckeck-package'.
But just enabling the check would generate many warnings when
'make check-package' is called, so update the ignore file by using:
$ ./utils/docker-run make .checkpackageignore
Notice: in order to ensure reproducible results, one should run 'make
check-package' and 'make .checkpackageignore' inside the docker image,
otherwise a variation in shellcheck version (installed in the host) can
produce different results.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When a developer fixes an ignored warning from check-package, he/she
needs to update .checkpackageignore
By running './utils/docker-run make check-package' the developer
receives a warning about this.
Make that change easier to make, by adding a helper target on Makefile.
Add an option --failed-only to check-package that generates output in
the format:
<filename> <check_function> [<check_function> ...]
This is the very same format used by check-package ignore file.
Add the phony target .checkpackageignore
So one can update the ignore file using:
$ ./utils/docker-run make .checkpackageignore
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Extend test_check_package to also check the ignore list functionality.
Check:
- the entries in the ignore list use relative path;
- an entry in the ignore list actually ignores the warning;
- an outdated entry in the ignore list generates a warning by its own,
preventing the ignoring list to grow indefinitely.
For this to work, add 3 test fixtures, listing entries for an
pre-existing file in the br2-external used in the test.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When a new check_function is added to check-package, often there are
files in the tree that would generate warnings.
An example is the Sob check_function for patch files:
| $ ./utils/check-package --i Sob $(git ls-files) >/dev/null
| 369301 lines processed
| 46 warnings generated
Currently these warnings are listed when calling check-package directly,
and also at the output of pkg-stats, but the check_function does not run
on 'make check-package' (that is used to catch regressions on GitLab CI
'check-package' job) until all warnings in the tree are fixed.
This (theoretically) allows new .patch files be added without SoB,
without the GitLab CI catching it.
So add a way to check-package itself ignore current warnings, while
still catching new files that do not follow that new check_function.
Add a file named .checkpackageignore to the buildroot topdir.
It contains the list of check_functions that are expected to fail for
each given intree file tested by check-package.
Each entries is in the format:
<filename> <check_function> [<check_function> ...]
These are 2 examples of possible entries:
package/initscripts/init.d/rcK ConsecutiveEmptyLines EmptyLastLine Shellcheck
utils/test-pkg Shellcheck
Keeping such a list allows us to have fine-grained control over which
warning to ignore.
In order to avoid this list to grow indefinitely, containing entries for
files that are already fixed, make each entry an 'expected to fail'
instead of just an 'ignore', and generate a warning if a check_function
that was expect to fail for a given files does not generate that
warning.
Unfortunately one case that do not generate warning is an entry for a
file that is deleted in a later commit.
By default, all checks are applied. The --ignore-list option allows to
specify a file that contains the list of warnings that should be
ignored.
The paths in the ignore file must be relative to the location of the
ignore file itself, which means:
- in the main Buildroot tree, the paths in the ignore file are
relative to the root of the main Buildroot tree
- in a BR2_EXTERNAL tree, if the ignore file is at the root of the
BR2_EXTERNAL, the paths it contains must be relative to that root
of the BR2_EXTERNAL
This is one more step towards standardizing the use of just 'make
check-package' before submitting patches to the list.
Cc: Sen Hastings <sen@phobosdpl.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This script checks for inconsistencies on symbols declared in Config.in
and used in .mk files.
Currently it checks only symbols following the pattern BR2_\w+ .
The script first gets the list of all files in the repository (using git
ls-files like 'make check-flake8' already do).
Then it parses all relevant files, searching for symbol definitions and
usages, and add entries into a database.
At the end, the database is searched for inconsistencies:
- symbol that is part of "choice" and is referenced with "select";
- legacy symbol being referenced in packages;
- legacy symbol being redefined in packages;
- symbol referenced but not defined;
- symbol defined but not referenced;
- legacy symbol that has a Note stating it is referenced by a package
(for legacy handling) but is referenced in the package without a
comment "# legacy";
- legacy symbol that has a Note stating it is referenced by a package
but it is not actually referenced.
There is also a debug parameter --search that dumps any filename or
symbol entries from the database that matches a regexp.
Sample usages:
$ utils/check-symbols
$ utils/docker-run utils/check-symbols
$ utils/check-symbols --search 'GETTEXT\b|\/openssl'
At same time the script is created:
- add unit tests for it, they can be run using:
utils/docker-run python3 -m pytest -v utils/checksymbolslib/
- add two more GitLab CI jobs: check-symbols (to check current tree
using the script) and check-check-symbols (to check the script against
its unit tests)
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Peter: print warnings to stderr, rename change_current_dir() to
change_to_top_dir()]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_LIBCURL_OPENSSL is part of a "choice" option so it cannot be
selected. What seems to be really be needed is HTTPS support in curl, so
use the blind LIBCURL_FORCE_TLS option instead (openssl is already
selected).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 424f53ac07 (package/freescale-imx/imx-gpu-viv: drop X11 output)
dropped BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_X11 which xdriver_xf86-video-imx-viv
depends on, so the package is no longer selectable.
So drop the package and add a legacy symbol for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since genrandconfig no longer appears to support python2 we can
migrate the subprocess calls to use asyncio variants.
This has the advantage of allowing for runners like autobuild-run to
integrate directly into genrandconfig by calling the asyncio
gen_config using importlib instead of having to run genrandconfig as
a subprocess.
Using asyncio is advantageous here as it eliminates the requirement
for the runner to deal with blocking subprocess calls(by having to
use threading for example).
Also cleanup some unused functions/python2 compatibility shims.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 1100ead7b3 (package/x11r7/xdriver_xf86-input-keyboard: remove
package) added a legacy symbol for BR2_PACKAGE_XDRIVER_XF86_INPUT_KEYBOARD,
but forgot to select BR2_LEGACY. Fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "6a7a652b14 package/sunxi-mali-utgard: rename from
sunxi-mali-mainline" tried to add legacy handling but the new symbols
are part of a choice, and Kconfig does not enforce the select of a
option from a choice.
Update the legacy entry for 2022.02, following the example described in
the beginning of the file.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "a610bf9967 package/openjdk{-bin}: bump version to 17.0.1+12"
tried to add legacy handling but the new symbols are part of a choice,
and Kconfig does not enforce the select of a option from a choice.
Update the legacy entry for 2021.11, following the example described in
the beginning of the file.
Cc: Tudor Holton <buildroot@tudorholton.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "c38b5566fe package/ti-sgx-{km, um, demos}: bump to latest TI
version", added in release 2020.02, removed some options that were
previously renamed in release 2018.05.
Update the legacy entry for 2018.05 and add the corresponding legacy
entries for 2020.02.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "297613f1c7 package/lua: remove 5.2.x version" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.
Update the legacy entry for 2019.02, following the example described in
the beginning of the file.
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "50332a530b gcc: rename option for ARC gcc" tried to add legacy
handling but the new symbol is part of a choice, and Kconfig does not
enforce the select of a option from a choice.
Update the legacy entry for 2016.11, following the example described in
the beginning of the file.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "b1063a0136 package/openpowerlink: bump to v2.2.2" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.
Update the legacy entry for 2016.02, following the example described in
the beginning of the file.
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package host-linux-headers does not exist and there were never
references to this symbol in the tree, do drop it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "bf3626002f system cfg: remove mkpasswd MD5 format option", from
release 2019.02, moved the symbol to legacy handling, but the symbol is
still referenced.
Remove the reference to it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "070b183d0c boot/xloader: remove package", from release 2018.11,
removed the package, but the symbol is still referenced.
Remove the reference to it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "9a8ec9195c toolchain/toolchain-buildroot: migrate to virtual
package infrastructure" made the packages toolchain and
toolchain-buildroot to use the virtual package infra even they being
generic packages.
This works because on package/pkg-virtual.mk when a package do not
define neither _PROVIDES_ or _HAS_ symbols, only _IS_VIRTUAL is set to
YES and _VERSION and _SOURCE are set to empty before relaying the call
to inner-generic-package.
Add a comment explaining why the virtual package infra is used in these
cases.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are two legitimate cases to prefer ifdef over ifeq in package
recipes: command-line overrides are allowed for busybox and uclibc
configs.
Except for that, all package in tree already use ifeq, so warn the
developer adding/changing a package to use ifeq instead of ifdef, in
order to keep consistence across packages.
file.mk:2: use ifeq ($(SYMBOL),y) instead of ifdef SYMBOL
file.mk:5: use ifneq ($(SYMBOL),y) instead of ifndef SYMBOL
The difference between ifeq and ifdef is that ifdef doesn't expand
recursively.
Add comments to busybox and uclibc packages to avoid a warning in such
special cases.
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The same comment already exists for UCLIBC_CONFIG_FILE.
Both variables can be override from command-line, as described in the
manual, at section 'Environment variables'.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit upstream 986b7ffd01aedcd4f2aa16e78e4cad9313b6d7b2
"Add Cmake options for pugiconfig.hpp" added feature toogles to release
v1.12, including PUGIXML_NO_XPATH and PUGIXML_COMPACT.
Commit upstream 5f49f2c6575cc2b7d343f8d41581fe92d69d7b52
"Mark advanced options and removed redundant ones" removed CMake
specific support for PUGIXML_HEADER_ONLY and PUGIXML_HAS_LONG_LONG, but
they can still be provided using PUGIXML_BUILD_DEFINES, starting from
release v1.12.
So use the explicit build options PUGIXML_NO_XPATH and PUGIXML_COMPACT,
but keep using PUGIXML_BUILD_DEFINES to set PUGIXML_HEADER_ONLY and
PUGIXML_HAS_LONG_LONG.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit upstream 1c5a0bb32583fd294022e68e66b541bf6ff71a67
"✨ Update CMake to modern approach" removed all feature
toogles, so starting from release v1.11 any flag passed in BUILD_DEFINES
was completely ignored during the build.
Version 1.11.4 was in use in buildroot since February 2021.
Commit upstream 0f1e75a902ef1751dd63a67fe223b5e8daf4c7f1
"Re-introduced the custom build defines" added PUGIXML_BUILD_DEFINES to
release v1.12, but BUILD_DEFINES is still completely ignored during the
build.
Version 1.12.1 is in use in buildroot since March 2022.
So switch the config options to use PUGIXML_BUILD_DEFINES instead of
BUILD_DEFINES.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The ifdef construct intended to avoid passing -DBUILD_DEFINES="" was
never needed, because even upstream version v1.9 used in 2019 when the
configuration options were added, can handle an empty string for
BUILD_DEFINES.
In fact an empty string is the default for v1.9 if it is not passed
during configure.
Also, the host variant already sets BUILD_DEFINES unconditionally.
So remove the unneeded conditional.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using current conditional code, added in 2014:
ifndef ($(BR2_ENABLE_LOCALE),y)
LIVE555_CFLAGS += -DLOCALE_NOT_USED
endif
the define LOCALE_NOT_USED is always passed on CFLAGS, because there is
no symbol with following names defined:
"(y,y)" -> not defined when BR2_ENABLE_LOCALE=y
"(,y)" -> not defined when BR2_ENABLE_LOCALE is not set
So fix the typo, switching ifndef to ifneq.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The conditional code using ifdef was added in 2018 and works as
expected.
But there is no reason to use ifdef instead of ifeq.
For consistence, switch to use ifeq like almost all packages already do.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Erico Nunes <nunes.erico@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following the example of test-pkg config described in commit
"12c7a05da1 utils/test-pkg: add gitlab-ci support" to test a defconfig
fragment that contains a disabled option is currently possible, but
it do requires one to change the git config core.commentChart so the
lines starting with "#" are not discarded by git when creating/editing
the commit message.
For instance, without the indentation the 3rd line below would be
excluded from the commit message when the editor is closed:
test-pkg config:
SOME_OPTION=y
# OTHER_OPTION is not set
SOME_VARIABLE="some value"
Requiring to change git configs is not very nice.
So make the developer's life easier by changing the sed expression to
remove indentation with spaces from a defconfig fragment found on a
commit message.
For instance these lines become valid and generate a defconfig fragment
without the indentation of one space to be tested in GitLab CI:
test-pkg config:
SOME_OPTION=y
# OTHER_OPTION is not set
SOME_VARIABLE="some value"
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e6195c5304 (Makefile: fix use of many br2-external trees) fixed
a slowdown with many br2-external trees. In doing so, it changed the
type of the %_defconfig rule: the stem is no longer present in the
prerequisites, so it changes from a pattern rule to an implicit pattern
rule [0].
It is not unusual to name the build directory after the defconfig that
is being built, so we may end up with a build directory named
meh_defconfig. Before e6195c5304, the pattern rule would not match
[1], but now it does, which causes somewhat-cryptic build failures:
Makefile:1015: *** "Can't find /some/path/meh_defconfig". Stop.
The issue is that we have this set of rules and assignments (elided and
reordered for legibility):
all: world
world: target-post-image
target-post-image: staging-finalize
staging-finalize: $(STAGING_DIR_SYMLINK)
$(STAGING_DIR_SYMLINK): | $(BASE_DIR)
BASE_DIR := $(CANONICAL_O)
CANONICAL_O := $(shell mkdir -p $(O) >/dev/null 2>&1)$(realpath $(O))
So, there is a rule that (eventually) has a dependency on $(O), but we
have no rule that provides it explicitly, so the %_defconfig rule kicks
in, with the stem as "/some/path/meh". When the loop searches all the
".../configs/" directories for a file named ".../configs/%_defconfig",
it actually looks for a file named ".../configs//some/path/meh_defconfig"
and that indeed never matches anything.
The solution is to provide an actual rule for $(BASE_DIR), so that the
implicit rule does not kick in.
[0] Terminology and behaviour in make is hard, so the terms we used here
may be wrong or incorrectly used, and/or the explanations for the
behaviour be wrong or incomplete... Still, the reasoning stands, and
the root cause is the removal of the stem in the RHS of the rule
(adding one back does fix the issue).
[1] not sure how the prerequisite was solved before e6195c5304,
though...
Fixes: e6195c5304
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Nevo Hed <nhed+buildroot@starry.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- The netopeer server forks to background by default, no need for '-b'
- The path to the daemon is /usr/sbin, not /usr/bin
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Similarly to U-Boot, this patch adds the ability to copy in and build
out-of-source device tree sources during an OPTEE-OS build. To build
the external device tree source file, the OP-TEE OS configuration must
refer to it with the CFG_EMBED_DTB_SOURCE_FILE option and no platform
flavor needs to be specified.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Make the host variant of crudini package. This can be useful in
post-{build,image} scripts.
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: select python3, don't depend on it]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Make the host variant of python-iniparse as host-crudini dependency.
Note: usually, we would not have needed to add a Config.in.host,
because it is jsut a library, but since there is an Config.in.host
for python-six, we need to select it, so we need an host entry.
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- add the note
- reorder alphabetically
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removing the "[Buildroot]" and the "Re:" from messages title to have a
cleaner look on the "news" boxes.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This adjusts the code added in commit
c90bd74ebb ("boot/barebox: pass required
environment variables for reproducible build") to explicitly set the
timezone when calculating KBUILD_BUILD_TIMESTAMP, like is already done
in linux/linux.mk.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit c90bd74ebb ("boot/barebox: pass
required environment variables for reproducible build") caused the
build to generate a spurious error message due to the $(shell
... date -d @$(SOURCE_DATE_EPOCH)) command being executed even when
BR2_REPRODUCIBLE was disabled.
This is due to the fact that variable references must be done using $$
within macros. This commit fixes that for the two variables that we
are referencing in the code added in commit
c90bd74ebb.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Warn the developer in the case the same config is declared more than
once in the same Config.in file.
But take into account the conditional code that lets the config be
visible and warn only when it is declared more than once in the same
conditions.
For instance, do not warn for:
if BR2_PACKAGE_BUSYBOX
config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
endif
if !BR2_PACKAGE_BUSYBOX # kconfig doesn't support else
config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
endif
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently using this minimal .config:
BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF=y
triggers:
*** Legacy options removed in 2018.05 ***
[ ] libmediaart none backend option renamed (NEW)
[*] libmediaart gdk-pixbuf backend option renamed
[*] libmediaart qt backend option renamed
Commit "8553b39887 libmediaart: rename options to have proper prefix",
part of the 2018.05 release had a copy&paste error.
As stated in the beginning of the file:
The oldest symbols will be removed again after about two years.
But while we carry these legacy symbols, let's fix the typo.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
deamon -> daemon
At same time, in Config.in.legacy fix other typos in the same help text:
spae -> space
monolitic -> monolithic
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
seperate is a common misspelling of separate
Fix all the typos in the tree that are not related to patch files.
CHANGES
seperate -> separate, in the list of changes
Config.in.legacy
seperate -> separate, in option name and help texts
package/leafnode2/leafnode2.mk
seperate -> separate, in a comment
system/Config.in
seperated -> separated, in a help text
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
README.txt states only these changes:
- Static analysis fixes
- Missing init, which causes skipping of conditions in a Dell system
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The yajl repository has both a branch and a tag names 2.1.0. Because of
this, when we use the usual github URL [1], github doesn't return a
tarball but rather an ASCII string:
the given path has multiple possibilities: #<Git::Ref:0x00007f193bebe4d8>, #<Git::Ref:0x00007f193bebd858>
This obviously (and fortunately) leads to a hash check failure.
To make sure we get the tag and not the branch, we should use a URL that
explicitly asks for refs/tags/2.1.0 [2]. We can't change VERSION to
include refs/tags, because that also affects the _SOURCE default, the
contents of the tarball, the CPE ID and the release-monitoring access.
Therefore, add the refs/tags/ prefix to the github helper call.
[1] https://github.com/lloyd/yajl/archive/2.1.0/yajl-2.1.0.tar.gz
[1] https://github.com/lloyd/yajl/archive/refs/tags/2.1.0/yajl-2.1.0.tar.gz
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fix the following build failure with gcc 4.8 raised since bump to
version 7.8 in commit f9e51e1150:
/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c: In function 'mg_iotest':
/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c:4484:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (struct mg_connection *c = mgr->conns; c != NULL; c = c->next) {
^
Fixes:
- http://autobuild.buildroot.org/results/c538c6d8e87e4e24097c9878ee15083802276505
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Feed source is moved to a local atom file available on the web server to
remove further problems with unreliable feed sources.
Moving the feed required a bit of refactor of the load_activity function
so it won't download two times te same url.
This change requires a cron job like this enabled on the website:
* * * * * wget -O new.atom https://lore.kernel.org/buildroot/new.atom
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Barebox makes use of the same variables as the linux kernel does for
handling reproducible build -- KBUILD_BUILD_HOST,
KBUILD_BUILD_TIMESTAMP, KBUILD_BUILD_USER. This patch sets the proper
variables based on linux/linux.mk, and passes them to the make
invocation when building, to ensure a reproducible build is possible
when BR2_REPRODUCIBLE is enabled.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set MOREFLAGS instead of overriding CFLAGS to avoid the following build
failure raised since commit 94b66fb49c:
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/x86_64-buildroot-linux-uclibc/11.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /tmp/ccabb8cF.o: relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
Fixes:
- http://autobuild.buildroot.org/results/953133575d8c13266f1450fa545e70e4a518508d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2023-23456: A heap-based buffer overflow issue was discovered in
UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to
cause a denial of service (abort) via a crafted file.
Fix CVE-2023-23457: A Segmentation fault was found in UPX in
PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a
crafted input file allows invalid memory address access that could lead
to a denial of service.
https://github.com/upx/upx/blob/v4.0.2/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A null pointer dereference issue was discovered in functions op_get_data
and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows
attackers to cause denial of service or other unspecified impacts.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas reported that m68k fails to build when enabling BR2_PACKAGE_GDB.
It fails when building gdb for the target with the following error:
elf2flt: ERROR: text=0x3c826 overlaps data=0x256e0 ?
It turns out that the gdb binary has another problematic input section
(.gcc_except_table), which causes elf2flt to try to append to the .text
output section, after it has already moved on with appending sections
to the .data output section.
elf2flt cannot append to a previous output section once it has moved on
to another output section.
Update the existing elf2flt patch to also add an exception for
.gcc_except_table.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we introduced support for the paranoid check of unsafe libraries
and headers path with commit 4ac8f78d37 (Add option for paranoid
unsafe path checking) back in 2014, we made it optional, as we expected
that would break quite a few packages.
Now, almost 8 years later, we only have three packages that explicitly
reference the option (dillo, gnuradio, and libtalloc), either in a patch
or in their .mk.
The option has been enabled by default since 2016, with 61c8854cef
(toolchain: enable paranoid unsafe path check by default), and that has
not triggered many build failures in a while.
The minimal defconfig used by test-pkg has also had it enabled as of
b6c98b3549 (minimal.config: add BR2_COMPILER_PARANOID_UNSAFE_PATH=y)
in 2017.
It is time to make that globally unconditional now.
There is still a remnant, in our binutils patches. As our toolchain may
get used outside of Buildroot, people may got the expectation that path
poisoning is only a warning, so we keep the current behaviour.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Romain Naour <romain.naour@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Open Fabrics Performance Tests.
This is a collection of tests written over uverbs intended
for use as a performance micro-benchmark. The tests may be
used for HW or SW tuning as well as for functional testing.
https://github.com/linux-rdma/perftest
Tested-by: Shamraiz Ashraf <shamraizashraf092@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr
- move all arch-related dependencies to _ARCH_SUPPORTS
- include musl condition in comment and its dependnecies
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is the userspace components for the Linux Kernel's
drivers/infiniband subsystem.
https://github.com/linux-rdma/rdma-core
Tested-by: Shamraiz Ashraf <shamraizashraf092@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- select iproute2 as it provides the 'rdma' utility
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If using BR2_LINUX_KERNEL_CUSTOM_DTS_PATH to copy .dts files from
buildroot into the linux tree, these .dts files are copied to
arch/arm64/boot. Unfortunately, the post-image.sh script expects to find
them in arch/arm64/boot/xilinx.
This patch does not require the xilinx/ prefix to be present when
symlinking the device-tree to system.dtb where u-boot expects to find
it.
It is effectively applying the below patch for zynqmp to versal as well:
https://patchwork.ozlabs.org/project/buildroot/patch/20230201195956.1758827-1-gsmecher@threespeedlogic.com/
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If using BR2_LINUX_KERNEL_CUSTOM_DTS_PATH to copy .dts files from
buildroot into the linux tree, these .dts files are copied to
arch/arm64/boot. Unfortunately, the post-image.sh script expects to find
them in arch/arm64/boot/xilinx.
This patch does not require the xilinx/ prefix to be present when
symlinking the device-tree to system.dtb where u-boot expects to find
it.
Signed-off-by: Graeme Smecher <gsmecher@threespeedlogic.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Linux 6.1.9 installs more modules and this makes rootfs size to increase
and the default 60M size is not enough. So let's expand rootfs size to
120M.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The x11 feature needs libx11 and libxrandr support.
Select and depend on these when x11 is enabled.
Fixes:
gst1-vaapi-1.22.0/meson.build:96:0: ERROR: Dependency "xrandr" not found, tried pkgconfig and cmake
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switch to github helper due to lack of upstream-provided tarball.
Needed for upcoming bump of freeswitch to version 1.10.9.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a patch fixing an incorrect gstreamer-validate-1.0 dependency
name.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove xingmux config option which has been moved to the
gst1-plugins-good package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The videoconvert and videoscale plugins have been combined into
the new videoconvertscale plugin.
Rework config options using videoconvert/videoscale to use the new
videoconvertscale option.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The -e switch makes the script terminate on error from
start-stop-daemon, rendering unreachable the code that checks the exit
status.
There is no need in the -e switch in the first place either, as the
script takes care of errors handling.
Signed-off-by: Sergey Organov <sorganov@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
/home/thomas/br-test-pkg/bootlin-nios2-glibc/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/10.3.0/../../../../nios2-buildroot-linux-gnu/bin/ld: /tmp/fluent-bit.6F9rEA.ltrans28.ltrans.o: undefined reference to symbol '__atomic_compare_exchange_8@@LIBATOMIC_1.0'
/home/thomas/br-test-pkg/bootlin-nios2-glibc/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/10.3.0/../../../../nios2-buildroot-linux-gnu/bin/ld: /home/thomas/br-test-pkg/bootlin-nios2-glibc/host/nios2-buildroot-linux-gnu/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a defconfig to build a 32b ARMv7-A U-Boot based firmware implementing
the subset of UEFI defined by EBBR[1], as well as a Linux OS disk image
booting with UEFI, to run on Qemu.
The generated firmware binary can also be used to install or run another OS
supporting the EBBR specification.
[1]: https://github.com/ARM-software/ebbr
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds support for the BeagleBone Green Wireless to the
existing beaglebone_defconfig, by making sure the relevant Device Tree
is built and installed.
Signed-off-by: Ramon Crichlow <rcrichlow9000@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A host dependency to xxd is required if the U-Boot board
configuration has CONFIG_USE_DEFAULT_ENV_FILE enabled. So
introduce a new BR U-Boot config option BR2_TARGET_UBOOT_NEEDS_XXD
to solve this problem. xxd is provided by host-vim.
Signed-off-by: Jerry Kooyman <jerry.kooyman@entrust.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The upcoming tensorflow-lite package requires flatbuffers to be
built with position independent code.
Fixes:
/home/buildroot/buildroot/output/per-package/tensorflow-lite/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: /home/buildroot/buildroot/output/per-package/tensorflow-lite/host/aarch64-buildroot-linux-gnu/sysroot/usr/lib/libflatbuffers.a(util.cpp.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `_ZN11flatbuffers11CharToUpperEc' which may bind externally can not be used when making a shared object; recompile with -fPIC
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the location where the hashes are retrieved from.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: hashes location changed]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A new kvm-unit-tests version has recently been tagged, so let's
update to that version now.
This new version now features a --disable-werror parameter for
the configure script, so we can drop the patch for disabling
this manually now.
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes build error not yet found by autobuilders
-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
Unknown CPU: riscv32
using this defconfig:
BR2_riscv=y
BR2_RISCV_32=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes build error not yet found by autobuilders
-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
Unknown CPU: or1k
with this defconfig:
BR2_or1k=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_OPENRISC_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable neon support when not available.
Fixes build error not yet found by autobuilders
/tmp/cc8LvPwi.s: Assembler messages:
/tmp/cc8LvPwi.s:28: Error: selected processor does not support `vldmia r1,{ q4-q7 }' in ARM mode
/tmp/cc8LvPwi.s:29: Error: selected processor does not support `vldmia r0,{ q8-q11 }' in ARM mode
/tmp/cc8LvPwi.s:30: Error: selected processor does not support `vmul.f32 q0,q8,d8[0]' in ARM mode
/tmp/cc8LvPwi.s:31: Error: selected processor does not support `vmul.f32 q1,q8,d10[0]' in ARM mode
/tmp/cc8LvPwi.s:32: Error: selected processor does not support `vmul.f32 q2,q8,d12[0]' in ARM mode
/tmp/cc8LvPwi.s:33: Error: selected processor does not support `vmul.f32 q3,q8,d14[0]' in ARM mode
/tmp/cc8LvPwi.s:34: Error: selected processor does not support `vmla.f32 q0,q9,d8[1]' in ARM mode
/tmp/cc8LvPwi.s:35: Error: selected processor does not support `vmla.f32 q1,q9,d10[1]' in ARM mode
/tmp/cc8LvPwi.s:36: Error: selected processor does not support `vmla.f32 q2,q9,d12[1]' in ARM mode
/tmp/cc8LvPwi.s:37: Error: selected processor does not support `vmla.f32 q3,q9,d14[1]' in ARM mode
/tmp/cc8LvPwi.s:38: Error: selected processor does not support `vmla.f32 q0,q10,d9[0]' in ARM mode
/tmp/cc8LvPwi.s:39: Error: selected processor does not support `vmla.f32 q1,q10,d11[0]' in ARM mode
/tmp/cc8LvPwi.s:40: Error: selected processor does not support `vmla.f32 q2,q10,d13[0]' in ARM mode
/tmp/cc8LvPwi.s:41: Error: selected processor does not support `vmla.f32 q3,q10,d15[0]' in ARM mode
/tmp/cc8LvPwi.s:42: Error: selected processor does not support `vmla.f32 q0,q11,d9[1]' in ARM mode
/tmp/cc8LvPwi.s:43: Error: selected processor does not support `vmla.f32 q1,q11,d11[1]' in ARM mode
/tmp/cc8LvPwi.s:44: Error: selected processor does not support `vmla.f32 q2,q11,d13[1]' in ARM mode
/tmp/cc8LvPwi.s:45: Error: selected processor does not support `vmla.f32 q3,q11,d15[1]' in ARM mode
/tmp/cc8LvPwi.s:46: Error: selected processor does not support `vstmia r0,{ q0-q3 }' in ARM mode
with this defconfig:
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV5_EABI_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
GDAL autoconf has wrong libgeotiff detection. It uses host's
library if installed instead of buildroot one.
Modern versions of gdal have no autoconf build scripts, just cmake only.
So move to cmake build variant.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15281
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
diff LICENCE:
-Copyright (c) 2021 Calvin Rose and contributors
+Copyright (c) 2023 Calvin Rose and contributors
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
In file included from /tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c:18:
/tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c: In function 'get_dh2048':
/tmp/instance-10/output-1/build/mariadb-10.3.36/include/ssl_compat.h:68:45: error: invalid use of incomplete typedef 'DH' {aka 'struct dh_st'}
68 | #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G))
| ^~
Fixes:
- http://autobuild.buildroot.org/results/524198344aafca58d214537af64c5961c407b0f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fluent Bit is a super fast, lightweight, and highly
scalable logging and metrics processor and forwarder.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
[Peter: add DEVELOPERS entry, drop STATIC_LIBS dependency]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Libcamera recently started to tag releases, so use the version tag instead
of raw commit hash.
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Reviewed-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu106_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu102_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate kv260_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reduce the configs in the kria/uboot.fragment to only what is necessary.
These 4 configs are already included in the xilinx_zynqmp_virt_defconfig, so
it is redundant to include them in the kria/uboot.fragment file. Applying
this patch has zero impact on the u-boot binaries that are built.
This patch has been build and run tested on a kria kv260 starter kit.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2022-47952: lxc-user-nic in lxc through 5.0.1 is installed
setuid root, and may allow local users to infer whether any file
exists, even within a protected directory tree, because "Failed to
open" often indicates that a file does not exist, whereas "does not
refer to a network namespace path" often indicates that a file exists.
NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556
fix design was based on the premise that "we will report back to the
user that the open() failed but the user has no way of knowing why it
failed"; however, in many realistic cases, there are no plausible
reasons for failing except that the file does not exist.
- Drop patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch provides a way to enable utmp support when using systemd,
with it disabled by default, as some security concerns may apply. Still,
there are cases where having utmp is desirable, even though it is rare,
so let's make this configurable.
See commit 32f53bdfb4.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default, the IANA PEN registry used by ipmitool is large (4 MiB+)
and changes at the whim of IANA, meaning reproducible builds may not be
possible by using the default package.
Add a configuration option to specify the source of the registry file.
Remote and local files are supported. If no source is specified, no
registry file will be installed to the target.
Backport upstream patches to allow this to add requisite support:
Make a missing registry file non-fatal
Make downloading/installing the registry optional
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Co-Developed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- use https for the default URL
- use simple assignment for first _CONF_OPTS
- squeeze empty lines, comment closing endif
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default behavior of Lua 5.3/5.4 interperter (and the only way with
Lua 5.1) is the automatic coercion. This default behavior could change
in future version (ie. Lua 5.5).
Disabling automatic coercion increases the performance of the interpreter.
Currently, using automatic coercion is not a good/recommended practice,
but there are no way (expect testing) to say if a Lua module relies on it.
We add two options to drive coercion in either way, and we make those
options default to y, as this was the de-facto situation until now; lua
5.1 forces those options: this will help when/if we have packages that
actually requires them, but has otherwise no requirement on the lua
version.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr:
- don't limit options to lua 5.3||5.4
- force those options for lua 5.1
- extend commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
sftp doesn't build with libressl >= 3.5.0 resulting in the following
build failure since commit 8b216927db:
mac.c: In function 'init_mac':
mac.c:189:3: warning: implicit declaration of function 'HMAC_CTX_init'; did you mean 'HMAC_CTX_new'? [-Wimplicit-function-declaration]
189 | HMAC_CTX_init(hmac_ctx);
| ^~~~~~~~~~~~~
| HMAC_CTX_new
mac.c: In function 'set_mac_key':
mac.c:435:14: error: storage size of 'ctx' isn't known
435 | EVP_MD_CTX ctx;
| ^~~
So force use of openssl for sftpd, as no feedback was received on
https://github.com/proftpd/proftpd/pull/1481
Fixes:
- http://autobuild.buildroot.org/results/a16ccd7cc78eb63de06a6d738fccc6b947da13e7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Set XXH_NO_INLINE_HINTS to marks all internal functions as static,
giving the compiler full control on whether to inline or not. This will
fix the following build failure raised since bump to version 0.8.1 in
commit 5dbdb2535c:
In file included from xxhash.c:43:
In function 'XXH3_accumulate',
inlined from 'XXH3_hashLong_internal_loop' at xxhash.h:4390:9,
inlined from 'XXH3_hashLong_64b_internal' at xxhash.h:4453:5,
inlined from 'XXH3_hashLong_64b_withSecret' at xxhash.h:4473:12,
inlined from 'XXH3_64bits_internal' at xxhash.h:4554:12,
inlined from 'XXH3_64bits_withSecret' at xxhash.h:4570:12:
xxhash.h:4196:1: error: inlining failed in call to 'always_inline' 'XXH3_accumulate_512_scalar': function not considered for inlining
4196 | XXH3_accumulate_512_scalar(void* XXH_RESTRICT acc,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/f2c52238df97cc4c13117d8dc1423235231a094c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Backport the upstream fix for the IANA Private Enterprise Numbers
registry URL so the correct file gets downloaded and installed.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default, mkfs.erofs will sue the current date to set some metadata
in the filesystem it generates, and will also use generate a random UUID
for that filesystem. This is not reproducible.
When BR2_REPRODUCIBLE is selected, set the filesystem timestamps to
$SOURCE_DATE_EPOCH, and the filesystem UUID to the nil uuid (as good
as any other arbitrary one).
Signed-off-by: Casey Reeves <casey@xogium.me>
[yann.morin.1998@free.fr:
- one multi-line assignment, not two
- slightly rephrase the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go mod vendor caches downloaded modules to the Go module cache, which
defaults to $GOPATH/pkg/mod - But can be overridden with the GOMODCACHE
environment variable:
https://go.dev/ref/mod#module-cache
So explicitly set GOMODCACHE= for reproducibility.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The go mod vendor call in support/download/go-post-process accesses the go
cache, so pass GOCACHE= in the environment to ensure our cache directory is
used.
The go cache defaults to ~/.cache/go-build if not set, so this fixes builds
where that location (or GOCACHE if set in the environment) is not writable:
rm -rf ~/.cache/go-build
chmod -w ~/.cache
make docker-compose-source
..
failed to initialize build cache at /home/peko/.cache/go-build: mkdir /home/peko/.cache/go-build: permission denied
make[1]: *** [package/pkg-generic.mk:189: /home/peko/source/buildroot/output/build/docker-compose-2.14.0/.stamp_downloaded] Error 1
We use two different cache directories for target and host builds, but the
download/vendoring should be independent of the architecture, so use the
target variant even for host-only packages for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Apply the patch to fix the following build failure raised since the
addition of the package in commit
72fa60dc10:
uclibc/sysroot/usr/lib/libc.a(getopt.os): in function `__GI_getopt':
getopt.c:(.text+0x598): multiple definition of `getopt'; src/getopt.o:getopt.c:(.text+0x0): first defined here
The patch has been submitted and accepted upstream to address this issue.
Fixes:
- http://autobuild.buildroot.net/results/844c7dd79f69ef2ea8f293bb73a2d4b7533aa97c
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr: do an actual bacport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable des in openssl to fix the following build failure raised
since the addition of the package in commit
72fa60dc10:
src/sscep.c: In function 'get_cipher_alg':
src/sscep.c:119:32: warning: implicit declaration of function 'EVP_des_ede3_cbc'; did you mean 'NID_des_ede3_cbc'? [-Wimplicit-function-declaration]
119 | return EVP_des_ede3_cbc();
| ^~~~~~~~~~~~~~~~
| NID_des_ede3_cbc
Fixes:
- http://autobuild.buildroot.net/results/34bd76e8e5e7df0db31918d610a0dadf531f369d
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since e8df0f7 (package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p4.4)
the archive contains platform specific drivers that need to be copied
and included.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since e8df0f7 (package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p4.4)
the X11 folder is no longer included in the archive.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use install-bin for installation instead of install as we don't
want bash-completion files to be installed.
Set empty host installation prefix so that we install to:
$(HOST_DIR)/sbin/bpftool
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The lpeg.html file declares the licensing terms at its bottom, so it
should work as a license file.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[yann.morin.1998@free.fr: use LPEG_SUBDIR]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Packages making use of OVERRIDE_SRC_DIR or of the local SITE_METHOD,
will trigger a warning when the legal-info target is built, for example:
WARNING: foo: sources not saved (local packages not handled)
But in the situation where the packages has explicitly defined
FOO_REDISTRIBUTE = NO
in its .mk file, it makes no sense since the sources wouldn't be saved
anyway.
This patch swap the conditions on the type of package and on the
REDISTRIBUTE value, so that the warnings get issued only if
REDISTRIBUTE equals YES.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Historically we have been (more-or-less consistently, sometimes forgetting
some files) updating the end year of the copyright statements at the
beginning of a new year.
We're naturally not alone in that. Recently this was discussed in curl, and
it turns out that copyright years are not really required:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
So drop the years and simplify the copyright statements. While we're at it,
also ensure the same syntax (capital C, email address) is used everywhere.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following libcurl build failure raised since bump to version
1.1.1 in commit 01518e5660:
In file included from /home/autobuild/autobuild/instance-11/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/curl/curl.h:3195,
from turnrest.c:21:
turnrest.c: In function 'janus_turnrest_request':
turnrest.c:168:2: error: void value not ignored as it ought to be
168 | curl_easy_setopt(curl, api_http_get ? CURLOPT_HTTPGET : CURLOPT_POST, 1);
| ^
Fixes:
- http://autobuild.buildroot.org/results/11bb0079f5a7d06d3494a61b411f0af2e8c4d342
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 8450b76918 (package/pkg-cargo: move CARGO_HOME into DL_DIR)
allowed for a shared cargo cache of crates. Internally, cargo is
supposed to lock themselves when accessing that cache, and that commit
even had some research in that area, pointing at [0] for complaints
about too-coarse the lock, so it was deemed safe to have a shared cargo
home.
However, in practice, the locking as implemented by cargo, fails to
properly protect the concurrent accesses to the crates cache, with random
failures that manifest themselves like so:
Blocking waiting for file lock on package cache
Blocking waiting for file lock on package cache
Downloading crates ...
error: failed to sync
Caused by:
failed to download packages
Caused by:
failed to download `autocfg v1.1.0`
Caused by:
unable to get packages from source
Caused by:
failed to unpack package `autocfg v1.1.0`
Caused by:
failed to unpack entry at `autocfg-1.1.0/src/tests.rs`
Caused by:
No such file or directory (os error 2) while canonicalizing [...]
with the last few errors sometime being:
Caused by:
failed to parse manifest at `[...]/aho-corasick-0.7.18/Cargo.toml`
Caused by:
can't find library `aho_corasick`, rename file to `src/lib.rs` or specify lib.path
So, as we do not systematically use our own cargo build (we can use a
pre-built one with host-rust-bin), we can't patch cargo (even if we knew
what to do!).
Instead, we implement a lock ourselves, by wrapping the call to "cargo
vendor" with a flock(1) on cargo home.
Note: the download wrapper is already flock-ed, but it is a per-package
lock, so it does not prevent different packages from being downloaded in
parallel; if those packages need cargo vendoring, that will not be
protected by the flock on the dl wrapper. So we really do need a flock
on cargo home.
[0] https://github.com/rust-lang/cargo/issues/6930
Fixes: 8450b76918
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Moritz Bitsch <moritz@h6t.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2022-46176: Cargo did not perform SSH host key verification when
cloning indexes and dependencies via SSH
https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html
Link to Rust 1.66.1 announcement: https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.66.1:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.66.1,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes
(https://github.com/redis/redis/blob/7.0.7/00-RELEASENOTES)
================================================================================
Redis 7.0.7 Released Fri Dec 16 12:00:00 IST 2022
================================================================================
Upgrade urgency: MODERATE, Contains fix for a regression in Geo commands.
================================================================================
Redis 7.0.6 Released Mon Dec 12 12:00:00 IST 2022
================================================================================
Upgrade urgency: MODERATE, Contains fixes for a few non-critical or unlikely bugs,
and some dramatic optimizations to Geo, EVAL, and Sorted sets commands.
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Follow changes to other OrangePi boards, most importantly
orangepi-zero-plus2, which this board support is based on. This includes
switching to extlinux as boot mechanism and dropping custom U-Boot boot
script.
Rootfs image no longer fits into default 60M (mostly due to Linux
modules), so increase it to 120M.
While at it, bump Linux to 6.1.4 and U-Boot to 2023.01.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Updated license hash due to typo/whitespace-only fixes in license file.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Linux DTS name has changed for the zynqmp_kria_kv260 with Xilinx 2022.2.
smk-k26-revA-sck-kv-g-revB has become zynqmp-smk-k26-revA-sck-kv-g-revB.
This DTS corresponds to generating the zynqmp-smk-k26-revA.dtb for the k26 som
and applying the zynqmp-sck-kv-g-revB.dtbo for the kv260 carrier board.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3477506541
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's been a while since I've even used buildroot at all and I don't
really have any spare cycles to spend on maintaining its packages.
Let's face reality and drop me from the DEVELOPERS file.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Thank Smile for sponsoring the Buildroot Developers Meeting of
February 2023 by providing the meeting room
- Thank Armadeus and Logilin for their financial sponsoring in 2022
- Move older sponsors to the "Past sponsors" section
- Remove section about the Buildroot.org domain sponsor, as that
sponsoring ended in 2019.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit de4cf25375 (package/{rust, rust-bin}: bump to version 1.66.0)
forgot, despite the big comment above the version strings, to confirm
that the vendoring was still working.
Previously, we were adding the vendoring equivalence manually, but in
commit 04154a6517 (support/download/cargo-post-process: cargo output
for vendor config), we switched to using the output of "cargo vendor"
(on stdout) to support cases were the vendoring equivalence would be
more complex (e.g. when using crates not hosted on crates.io).
With rust until and including 1.65.0, "cargo vendor" would output (for
crates.io crates) the same output as our manual fixups, except it was
preceded by an empty line. So, to avoid recompting all our hashes, we
added a tweak to strip away the leading empty line in 04154a6517.
But rust 1.66.0 includes [0] which changes the output (on stdout) of
"cargo vendor", where the first empty line is no longer emitted.
This means that our tweak for rust 1.65.0 now strips out an important
part of the cargo vendor output, which renders the archives invalid, and
thus generates different archives, which fail to validate against our
hashes.
Fix this by doing what the comment in the post-process helper states,
and just keep the whole output of "cargo vendor", by just removing the
"tail --lines=+2". Since that comment is no longer meaningful, we drop
it too.
Now, all our 6 cargo-based packages, as well as our 5 python packages
that have rust code, can be vendored again, without changing our hashes,
but most importantly, with valid archives.
Still, we keep the comment above the versions strings, in the hope that
a future bumper will notice and be more careful at validating the
vendoring.
[0] https://github.com/rust-lang/cargo/pull/11273
Fixes:
http://autobuild.buildroot.org/results/bea/beac7674bbc9fd2f8777b5861f65afee9c485753/ (bat)
http://autobuild.buildroot.org/results/d1e/d1ec1ebbde115628a4b8b9099544347242a97c1c/ (dust)
http://autobuild.buildroot.org/results/f96/f968be895be9ca98b314fdd688ef8d3bdf4e5dfb/ (hyerfine)
http://autobuild.buildroot.org/results/a0c/a0cdb6cc9493f5248d98f98b13da854e12adc2be/ (ripgrep)
... and so many others...
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Simon Richter <simon.richter@ptwdosimetry.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we made those three package never use ccache to build, we don't
need to add the dependency to host-ccache for those packages.
So far, this is harmless, but when we eventually bump ccache, those
packages will be actual dependency of host-ccache, so we will then
really want to not have them depend on host-ccache.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: split off into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to disable ccache when building host-pkgconf as the upcoming
ccache update depends on host-pkgconf indirectly due to host-cmake
depending on host-pkgconf which will be required due to host-ccache
migrating from autotools to cmake package infrastructure.
Note: host-pkgconf does not need _AUTORECONF = YES, so it doesnot depend
on any of host-gettext, host-automake, host-autoconf, or host-libtool.
If it ever nees to in the future, then those should also be made to
build without ccache.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: add note]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to disable ccache when building host-zstd as the upcoming
ccache update depends on host-zstd.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: introduce HOST_ZSTD_ENV]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host-hiredis package is needed for the upcoming ccache update.
So, being a dependency of ccache, we can't use ccache, so we must unset
the options set by the cmake infra (this will be true only when we
eventually bump ccache, but hiredis builds very fast even without ccache
so we don't care about ccache even now).
Reorder CONF_OPTS assignments so that comments apply equally to the host
and target variants.
Cc: Dominik Michael Rauh <dmrauh@posteo.de>
Cc: Anders F Björklund <anders.f.bjorklund@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- add Dominik and Anders in Cc to ack they provided inspiration
- use -Ufoo instead of -Dfoo="" (as per Dominik & Anders)
- reorder CONF_OPTS assignments
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun is a drop-in replacement for runc. If crun is enabled, but runc is
not, we already install an impersonation symlink, so we do not need to
force runc if crun is enabled. Still, runc is the default if crun is not
enabled.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Reviewed-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr: split into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun is a drop-in replacement for runc, so we can use the former to
impersonate the latter when it is not enabled.
To do so, we create a runc symlink pointing to crun, when runc is not
enabled.
See: https://github.com/containerd/containerd/discussions/6162
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Reviewed-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr: split into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun unconditionally uses fexecve since its addition in commit
530d6f661e and
https://github.com/containers/crun/commit/ce4dfbb97a8a05bef125030eaa6c46c07a5f9344:
resulting in the following uclibc build failure:
/tmp/instance-11/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: src/libcrun/crun-cloned_binary.o: in function `ensure_cloned_binary':
cloned_binary.c:(.text+0x1006): undefined reference to `fexecve'
In 6e3f7fbc07 (package/runc: add upstream security fix for
CVE-2019-5736), we made runc unavailable for uclibc toolchains, and crun
uses fexecve for that same reason, to fix CVE-2019-5736.
So, also make crun unavailable for uclibc toolchains.
Fixes:
- http://autobuild.buildroot.org/results/e1f4ef2b392c0e7161390ba0f97d6eef3bd12e9c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The top level Makefile in buildroot has a recursive rule which causes
the appearance of a hang as the number of directories in BR2_EXTERNAL
increases. When the number of directories in BR2_EXTERNAL is small, the
recursion occurs, but make detects the recursion and determines the
target does not have to be remade. This allows make to progress.
This is the failing rule:
define percent_defconfig
# Override the BR2_DEFCONFIG from COMMON_CONFIG_ENV with the new defconfig
%_defconfig: $(BUILD_DIR)/buildroot-config/conf $(1)/configs/%_defconfig outputmakefile
@$$(COMMON_CONFIG_ENV) BR2_DEFCONFIG=$(1)/configs/$$@ \
$$< --defconfig=$(1)/configs/$$@ $$(CONFIG_CONFIG_IN)
endef
$(eval $(foreach d,$(call reverse,$(TOPDIR) $(BR2_EXTERNAL_DIRS)),$(call percent_defconfig,$(d))$(sep)))
The rule for %defconfig is created for each directory in BR2_EXTERNAL.
When the rule is matched, the stem is 'defconfig_name'. The second
prerequisite is expanded to $(1)/configs/defconfig_name_defconfig. The
rule, and all of the other rules defined by this macro, are invoked
again, but the stem is now $(1)/configs/defconfig_name_defconfig. The
second prerequisite is now expanded to
$(1)/configs/($1)/configs/defconfig_name_defconfig. This expansion
continues until make detects the infinite recursion.
With up to 5 br2-external trees, the time is very small, so that it is
not noticeable. But starting with 6 br2-external trees, the time is
insanely big (so much so that we did not even let it finish after it ran
for hours); see timings toward the end of the commit log.
We fix that by adding a single %_defconfig rule, which is now rsponsible
to find the actual defconfig file that triggered the rule, by iterating
on the reverse list of br2-external trees and then in main tree.
Of course, now, there is no way for make to warn that there is no such
defconfig, as it is no longer part of the prerequisites of the rule. So,
we delegate to the recipe the responsibility to check for that.
Timing (seconds) of `make pc_x86_64_bios_defconfig` with 1..1000
external trees, with make 4.2.1 (* with make 4.3), on a Core i7-7700HQ:
#trees Before After
1 0.312 0.319
2 0.319 0.323
3 0.325 0.327
4 0.353 0.339
5 0.993 0.349
6 1.26* 0.347
7 9.10* 0.362
8 85.93* 0.360
9 n/a 0.373
10 n/a 0.374
50 n/a 0.738
100 n/a 1.228
500 n/a 7.483
1000 n/a 16.076
How to reproduce:
#!/usr/bin/env bash
N="${1:-1000}"
for i in $(seq 1 1000); do
[ -d "br2-external/${i}/configs" ] && break
mkdir -p br2-external/${i}/configs
touch br2-external/${i}/{Config.in,external.mk}
echo "name: BR_TEST_${i}" >br2-external/${i}/external.desc
touch br2-external/${i}/configs/foo{,_${i}}_defconfig
done
time make \
BR2_EXTERNAL="$(
for i in $(seq 1 ${N}); do
printf '%s\n' "$(pwd)/br2-external/${i}"
done
)" \
foo_1_defconfig
Notes: the timings are very dependent on how much the CPU is otherwise
loaded, but having a multi-core CPU slightly loaded helps maintain a
high frequency on the siblings, and that can reduce the above timings
in half! Best to try on an otherwise-idle system.
Fixes: #14996
Reported-by: David Lawson <david.lawson1@tx.rr.com>
Signed-off-by: Nevo Hed <nhed+buildroot@starry.com>
[yann.morin.1998@free.fr:
- split long foreach
- drastically extend the commit log
- provide reproducer script and redo timings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When we initially introduced the target qemu in 98e1a6b961
(package/qemu: build for the target (i386 or x86_64 only)), we
unconditionally enabled all the system and user emulation without
distinction, so pixman was made a mandatory dependency.
However, soon afterwards, in 68ec49acc7 (package/qemu: add basic
target selection), we added an option to enable/disable the system
emulation, but the dependency on pixman was not moved to that new
option.
Fix that now, and only depend on pixman when system emulation is
enabled.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable webp and zstd on host package to avoid the following build
failure with host-gdk-pixbuf raised since bump to version 4.5.0 in
commit 5b62ea0136:
Run-time dependency libtiff-4 found: NO (tried cmake)
../output-1/build/host-gdk-pixbuf-2.42.10/meson.build:330:2: ERROR: Dependency lookup for libtiff-4 with method 'pkgconfig' failed: Could not generate cargs for libtiff-4:
Package libwebp was not found in the pkg-config search path.
Perhaps you should add the directory containing `libwebp.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libwebp', required by 'libtiff-4', not found
[...]
Run-time dependency libtiff-4 found: NO (tried cmake)
../output-1/build/host-gdk-pixbuf-2.42.10/meson.build:330:2: ERROR: Dependency lookup for libtiff-4 with method 'pkgconfig' failed: Could not generate cargs for libtiff-4:
Package libzstd was not found in the pkg-config search path.
Perhaps you should add the directory containing `libzstd.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libzstd', required by 'libtiff-4', not found
While at it, also disable libdeflate even if no build failures are
raised by autobuilders
Fixes:
- http://autobuild.buildroot.org/results/320083dfec4d126043b036cbaec7c7b85069a50a
- http://autobuild.buildroot.org/results/8ff1cfa254920749a43e235c4084b8524d0edf6f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "abc110e362 package/gobject-introspection: bump to version
1.68.0" renamed the define that makes sure g-ir-tool-template uses the
host python, but forgot to update its call on pre-configure hooks.
Update it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a regression in XTestSwapFakeInput() introduced in the fix for
CVE-2022-46340 in 21.1.5.
Removed patches included in upstream release.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mention regression fix]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "b06110621d checkpolicy: allow compiling for target" contains a
typo that prevents installing to staging. It also forgot to enable
CHECKPOLICY_INSTALL_STAGING.
But the package does not install headers or libraries, only ELF and
manual files.
So instead of fixing the install to staging, drop the bogus
CHECKPOLICY_STAGING_CMDS.
Cc: Clayton Shotwell <clayton.shotwell@collins.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "0340b45da0 wpa_supplicant: bump to version 1.0" from 2012
converted the package to use the generic infra, but added a bogus
WPA_SUPPLICANT_LDFLAGS end left a dangling WPA_SUPPLICANT_MAKE_ENV.
Drop the symbols that are not used since 2012.
Cc: Matt Weber <matthew.weber@collins.com>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
"6c63e4de4a boot/swupdate: don't specify .config to munge" dropped all
usages of this define but the define itself was left dangling.
Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "ead2afda13 package/rhash: bump version to 1.4.0" dropped the
only usage of this define but the define itself was left dangling.
Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "cb328f77f8 policycoreutils: new package" added a define that is
never called: POLICYCOREUTILS_INSTALL_TARGET_LINUX_PAM_CONFS.
The build system from the package already install these files to target.
So just drop the bogus define.
Cc: Clayton Shotwell <clayton.shotwell@collins.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "4f3f291a3b lrzsz: convert to autotools infrastructure" converted
the package to use autotools infra but added a define that is never
called.
Drop the bogus define.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "f0d37e275a package/libtalloc: new package" added these symbols
but they are not used in the package and also not recognized by the waf
package infra.
So drop the ignored symbols.
Cc: David GOUARIN <dgouarin@gmail.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "7687a396e8 package/gobject-introspection: new package" added the
package using the meson infra for both target and host variants.
Meson infra does not support <pkg>_AUTORECONF.
So drop the bogus symbol.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 2015, commit "3fe434bf35 glib-networking: specify GIO_MODULE_DIR for
target" correctly used <pkg>_INSTALL_TARGET_OPTS with an autotools
package.
But later on, in 2018, commit "928a72c49f package/glib-networking: bump
version to 2.56.1" changed the package to use the meson infra, that does
not support <pkg>_INSTALL_TARGET_OPTS.
So this symbol is bogus since 2018. Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "a15e35c4eb falcosecurity-libs: add new package" uses the infras
kernel-module and generic-package. Neither of them support
<pkg>_SUPPORTS_IN_SOURCE_BUILD, only the CMake infra does.
So drop the bogus symbol.
Cc: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "98538bb0a2 exfat: bump to version 1.2.1" changed the package
infra from generic to autotools, but dropped all usages of EXFAT_CFLAGS.
This config is ignored by autotools package infra.
So drop the dangling symbol.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2022-46908: SQLite through 3.40.0, when relying on --safe for execution
of an untrusted CLI script, does not properly implement the
azProhibitedFunctions protection mechanism, and instead allows UDF functions
such as WRITEFILE.
Release notes: https://sqlite.org/releaselog/3_40_1.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "0189bcb47c boot/ti-k3-r5-loader: new package" added an unused
define.
The define value is calculated from an inexistent option
BR2_TARGET_TI_K3_R5_LOADER_BOARD, so drop the line.
Cc: Anand Gadiyar <gadiyar@ti.com>
Cc: Xuanhao Shi <X15000177@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit c5b5b5ccab.
Commit "c5b5b5ccab package/zip: install to staging" contains a typo that
prevents installing to staging.
ZIP_INSTALLING_STAGING_CMDS -> ZIP_INSTALL_STAGING_CMDS
But the package does not install headers or libraries, only ELF and
manual files.
So instead of fixing the install to staging, revert the bogus commit.
Cc: Jan Pedersen <jp@jp-embedded.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit ffc4afe084.
Commit from 2012 "ffc4afe084 pptp-linux: fix build with high BR2_JLEVEL
settings" added <pkg>_MAKE to a generic package, but the generic infra
does not take this symbol into account.
The build issue was fixed in 2013 with commit "a5b8081b89 pptp-linux:
fix parallel build" by adding a patch file.
So drop the bogus PPTP_LINUX_MAKE.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "170777f342 package/qt5/qt5virtualkeyboard: convert to qmake
infrastructure" changed most but not all <pkg>_QMAKEFLAGS to
<pkg>_CONF_OPTS.
As a consequence, BR2_PACKAGE_QT5VIRTUALKEYBOARD_LANGUAGE_LAYOUTS is
ignored and all layouts are compiled in.
Some layouts have different licenses (e.g. pinying), so the license
information for a build that is configured to not include such layouts
is wrong.
Change the remaining _QMAKEFLAGS entry, fixing the config for which
language layouts are compiled and installed.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "8229196d41 package/ima-evm-utils: new package" added
IMA_EVM_UTILS_INSTALL_STAGING_CMDS without enabling
IMA_EVM_UTILS_INSTALL_STAGING, so currently the package is not installed
to staging.
Enable installing to staging.
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
"0ce9b533e3 libmng: new package" introduced a typo that makes the
optional dependency to lcms2 ineffective.
Fix the typo LIBMNG_DEPDENDENCIES -> LIBMNG_DEPENDENCIES.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to a new major release which brings in improvements and a few
new features. Release notes:
https://wpewebkit.org/release/wpewebkit-2.38.0.html
This release also includes security fixes for CVE-2022-32886,
CVE-2022-32891, and CVE-2022-32912. Accompanying security advisory:
https://wpewebkit.org/security/WSA-2022-0009.html
Both building documentation and support for gobject-introspection have
been added in this release. Version 2.38.0 also introduces a new WebRTC
implementation based on GstWebRTC. Options for them are explicitly left
disabled to keep the configuration as it was, and may be enabled in
follow-up patches. Lastly, the SILENCE_CROSS_COMPILATION_NOTICES option
removed because it no longer exists.
The patch that fixes the build on 32-bit ARM targets is also updated
for the 2.38 release series.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version is the first stable release with support for gamepad
input events and configuring target frame rates. These will be used
by a follow-up update of the wpewebkit package. Release notes:
https://wpewebkit.org/release/libwpe-1.14.0.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to https download for firewall compatibility and security.
The https URL is also the one advertised on the package download page:
https://gnupg.org/download/index.html
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ncurses does not release dot-versions, but the fixes are released as a
set of cumulative patches against the latest version.
So far, we carry the list of the patches against 6.3, and this is a
tedious task to maintain that list (especially as we have a hash for
each of them).
Thomas E. Dickey (the ncurses maintainer, so we can trust him) hosts the
ncurses snapshots on Github, with patches already applied.
So, we switch to using that. This avoids needing to list all incremental
patches, and will make future bumping easier.
Signed-off-by: Dennis Van Hoorick <dennis.vanhoorick@barco.com>
[yann.morin.1998@free.fr:
- don't use 'v' in filename
- rework the version string for when there's no snapshot
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- select host-cython in Config.in
- introduce obj_path in test sample
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 44be514b21 (package/qemu: refactor target emulator selection)
mistakenly forced to always build at least user or system emulation but
it should be possible to choose only the tools (e.g. for a guest VM
image).
Still, we don't want to configure qemu with neither system nor user
emulation, nor the tools enabled; at least one lust be enabled.
So, change the selection to force the tools to be enabled if neither the
system nor the user emulations are enabled.
Reinstate the the machine selection guard behind a dependency on whether
at lesat system or user emulation is enabled.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- ensure at least one of system, user, or tools
- guard the machine selection
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
z3 package was initially added with a depends on !BR2_nios2. This was
detected by testing with "./utils/test-pkg -a -p z3". It turned out that
few other architectures are also not supported. The actual z3
requirement is to have a libc that provides <fenv.h> AND also provides
all the four macros: FE_DOWNWARD, FE_TONEAREST, FE_TOWARDZERO,
FE_UPWARD.
Quoting glibc manual, or "man fenv":
https://www.gnu.org/software/libc/manual/html_node/Rounding.html
"fenv.h defines constants which you can use to refer to the various
rounding modes. Each one will be defined if and only if the FPU
supports the corresponding rounding mode."
This patch introduces _ARCH_SUPPORTS to limit only to the architectures
with a FPU that has those rounding modes.
Fixes:
- http://autobuild.buildroot.net/results/2809dd1ae2f3ada8ee7b3f3e388341c7cfb633fb
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates only the ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates only the ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
mfgtools was removed from the github codeauroraforum organization.
It is now redirecting to NXPmicro. This patch updates the link to
directly point to the correct place.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
imx-m4fwloader was removed from the github codeauroraforum
organization. It is now redirecting to NXPmicro. This patch
updates the link to directly point to the correct place.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
The commit also:
- removes the comment in Config.in that the package does not have
an upstream,
- adds the new github.com url as the package url
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
imx-kobs was removed from the github codeauroraforum organization.
It is now redirecting to NXPmicro. This patch updates the link to
directly point to the correct place.
The commit also replaces the Config.in comment saying the package does
not have an upstream by the github.com project page.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Note 3: this commit also adds the github as project homepage in
Config.in.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same. The version fsl-sdk-v2.0 is an old tag from 2016. It was not
migrated to github. This commit use instead the commit id
corresponding to this tag.
See:
https://source.codeaurora.org/external/qoriq/qoriq-yocto-sdk/fmlib/commit/?h=fsl-sdk-v2.0&id=43fa98fdbf0c697167e415c3f060896d5b482791
The commit id exists on github:
https://github.com/nxp-qoriq/fmlib/commit/43fa98fdbf0c697167e415c3f060896d5b482791
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
This commit also:
- changes the _SITE_METHOD from "git" to the default "wget",
- updates an old and broken freescale.com app note link,
- adds the github project page as project url.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same. The version "fsl-sdk-v2.0" is an old tag from 2015. It was not
migrated to github. This commit use instead the commit id
corresponding to this tag.
See:
https://source.codeaurora.org/external/qoriq/qoriq-yocto-sdk/fmc/commit/?h=fsl-sdk-v2.0&id=a079d2c844edd85dff85a317a63198e7988bcd09
The commit id exists on github:
https://github.com/nxp-qoriq/fmc/commit/a079d2c844edd85dff85a317a63198e7988bcd09
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the link is not broken in the sense of a 404 http error, the
pointed resource is not found.
This commit updates the old freescale link to the correct nxp.com
location.
Note: the link now requires a free registration to be accessed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the links are not broken in the sense of a 404 http error, the
pointed resources are not found.
This commit updates the old freescale links to the correct nxp.com
locations.
Note: the link to the SABRE for Automotive Infotainment Quick Start
Guide now requires a free registration to be accessed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the link is not broken in the sense of a 404 http error, the
pointed resource is not found.
This commit updates the old Freescale link to the correct nxp.com
location.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current mechanism to select emulation targets works this way:
- BR2_PACKAGE_QEMU_SYSTEM selects the "system" (softmmu) targets. It
selects FDT and creates a dependency on the "dtc" package but this is
not always necessary. Only 14 system targets, out of 31, actually
require FDT.
- BR2_PACKAGE_QEMU_LINUX_USER selects the "linux-user" targets. It does
not select FDT, which is not required by linux-user emulators.
- Alternatively, we fill BR2_PACKAGE_QEMU_CUSTOM_TARGETS with a list of
emulators (e.g. "x86_64-softmmu x86_64-linux-user"). Then we pass
"--enable-system --enable-linux-user --target-list="..." to the
configure script, so QEMU builds its list of default targets, from
which it checks if the specified subset is valid.
Since CUSTOM_TARGETS does not select FDT, we can get build errors like
this:
../meson.build:2778:2: ERROR: Problem encountered: fdt not available but required by targets x86_64-softmmu
We could select FDT when CUSTOM_TARGETS is set, but this would force an
unnecessary dependency on dtc, as BR2_PACKAGE_QEMU_SYSTEM does.
In order to fix these problems, refactor the package configuration:
- Keep BR2_PACKAGE_QEMU_SYSTEM and BR2_PACKAGE_QEMU_LINUX_USER, which by
default build all corresponding target emulators.
- Add a BR2_PACKAGE_QEMU_CHOOSE_TARGETS config, to permit choosing the
desired emulators.
- Add configs for each supported target. They select FDT, when needed.
- Move QEMU to a separate menu, since the number of configuration itens
became too large.
- Select BR2_LEGACY if BR2_PACKAGE_QEMU_CUSTOM_TARGETS is set, because
this situation requires user intervention to reconfigure the package.
- Reorganize the make file accordingly. Selecting CHOOSE_TARGETS without
choosing at least one emulator is considered an error.
Notes about the list of enabled targets:
- when the user enables both system and user emulation, we provide no
way to be able to build all system bt only parts of user (or the other
way around), because the qemu build system does not allow that: when a
list of target is passed, it applies to both system and user
emulation;
- as a consequence and in the same spirit, we also do not sanity-check
that at least one system, resp. user, target is enabled when system,
resp. user, emulation is enabled; we only require that one target is
enabled, so that the list is not empty.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- always build at least user or system
- add help text to BR2_PACKAGE_QEMU_CHOOSE_TARGETS
- simplify prompt for BR2_PACKAGE_QEMU_CHOOSE_TARGETS
- simplify list of targets with unique QEMU_TARGET_LIST_y
- extend the commit log with "Notes about the list of enabled targets"
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate from distutils to flit package infrastructure.
Add a patch fixing incorrect flit requires/build-backend in
pyproject.toml.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libmodplug release has not been updated for over 5 years.
The git version contains many bug fixes, including for OOB
accesses, unaligned reads and writes, etc.
This git repository is the official home of libmodplug (by the original
author), however a new release does not seem likely anytime soon:
there are multiple open issues in the repository asking the author to
tag a release, all without a response.
Update buildroot to the current version of libmodplug from the official
git repository. The build system changed from autotools to cmake since
the last version.
We add a _CPE_ID_VERSION variable pointing to the latest stable
version, so that we don't get notified about all older CVEs that we
are not affected by.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 0.10 line offers minor improvements and bug fixes.
The previous security bump from 0.9.1 to 0.9.2 fixed CVE-2022-46149,
which was also present in 0.10.2, but is fixed within 0.10.3.
Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mutt 2.2.9 was released on November 12, 2022. This is a bug-fix release,
fixing a build issue with recent GPGME releases.
Mutt 2.2.8 was released on November 5, 2022. This is a bug-fix release,
fixing a possible crash when using GPGME to view an application/pgp key
block. It also makes some changes to resizing and window size logic, and
enables batch-mode IMAP Fcc'ing.
https://gitlab.com/muttmua/mutt/-/blob/mutt-2-2-9-rel/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised with python >= 3.11 by
backporting a patch and adding libbsd dependency as suggested by
upstream in https://github.com/ofalk/libdnet/issues/74:
./dnet.c: In function '__Pyx_AddTraceback':
./dnet.c:456:62: error: invalid use of incomplete typedef 'PyFrameObject' {aka 'struct _frame'}
456 | #define __Pyx_PyFrame_SetLineNumber(frame, lineno) (frame)->f_lineno = (lineno)
| ^~
./dnet.c:25190:5: note: in expansion of macro '__Pyx_PyFrame_SetLineNumber'
25190 | __Pyx_PyFrame_SetLineNumber(py_frame, py_line);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/78dff4b514fb7c510f5a745ee6cbbc049ceb2794
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switch package type to meson as the primary supported build system
from now on is meson and the autotools support as deprecated. The
package tarball is no longer supported, thus the MODEM_MANAGER_SOURCE
is changed to the gitlab archive URL.
All previously supported options are converted to the meson
configuraiton options and support for new ones is added. The new
options are: bash_completion, polkit, systemd, qrtr.
The dbus build dependency is needed since the meson build system uses
dbus pkg-config to determine install locations. The 'udevdir' has to
be specified also in case dbus is not installed. Modem-manager will
use its own built-in udev rule parser to determine modem specific
values.
For building with libqmi support version 1.32.2 is required and for
libmbim version 1.28.2 is required.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The make targets in bearssl are missing the $(OBJDIR) target which
causes build failures when using make with shuffle mode.
Add a patch which adds the missing $(OBJDIR) targets.
Fixes:
Assembler messages:
Fatal error: can't create build/obj/x509_minimal_full.o: No such file or directory
make[2]: *** [mk/Rules.mk:1190: build/obj/x509_minimal_full.o] Error 1 shuffle=reverse
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Hostapd has 802.11ax support, however it is currently disabled by
default, so let's enable it as it adds only 2 KB to the overall size
of the hostapd package.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes log:
https://wiki.qemu.org/ChangeLog/7.2
Add host-slirp dependency to provide the network backend 'user' that
was included in previous Qemu release by a submodule in Qemu sources [1].
This network backend is currently used by several defconfig that would
fail to boot with:
"-net user: network backend 'user' is not compiled into this binary"
board/mender/x86_64/readme.txt
board/pc/readme.txt
board/pc/readme.txt
board/qemu/arm-versatile/readme.txt
board/qemu/arm-vexpress/readme.txt
board/qemu/mips32r2-malta/readme.txt
board/qemu/mips32r2el-malta/readme.txt
board/qemu/mips32r6el-malta/readme.txt
board/qemu/ppc-bamboo/readme.txt
board/qemu/ppc-e500mc/readme.txt
board/qemu/ppc-g3beige/readme.txt
board/qemu/ppc-mac99/readme.txt
board/qemu/ppc-mpc8544ds/readme.txt
board/qemu/ppc64-e5500/readme.txt
board/qemu/s390x/readme.txt
board/qemu/sh4-r2d/readme.txt
board/qemu/sh4eb-r2d/readme.txt
board/qemu/sparc-ss10/readme.txt
board/qemu/sparc64-sun4u/readme.txt
board/qemu/x86/readme.txt
board/qemu/x86_64/readme.txt
Update the slirp configure option following the slirp submodule removal
[2].
Runtime tested in gitlab:
https://gitlab.com/kubu93/buildroot/-/pipelines/725509959
Add a backport from upstream, to fix sh4 stability [3].
[1] https://wiki.qemu.org/ChangeLog/7.2#Removal_of_the_.22slirp.22_submodule_.28affects_.22-netdev_user.22.29
[2] https://gitlab.com/qemu-project/qemu/-/commit/5890258aeeba303704ec1adca415e46067800777
[3] https://gitlab.com/kubu93/buildroot/-/jobs/3490258272
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: backport fix rather than revert faulty commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Split the list of dependencies to ease further addition.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: move first item also on its own line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The S-lang shell is currently installed by default but most packages are
typically interested in the shared libraries only. Add a configuration
option to disable the slsh program and its supporting files.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static openssl build failure raised since commit
7967755fbf:
/home/autobuild/autobuild/instance-13/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-13/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_cert.o): in function `ssl_cert_free':
ssl_cert.c:(.text+0x384): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/417c86963ffe038aa052ea3cf19fd52c3e9b7396
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.66.0 annoucement: https://blog.rust-lang.org/2022/12/15/Rust-1.66.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.66.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.66.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when asserting that a command succeeded, we just capture the
return code of the command. If that is not zero, the assertion fails,
but the error message is not very splicit:
AssertionError: 1 != 0
Replace the error message with an explicit message that dumps the failed
command, the error code, and the resulting output.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch to fix build error.
Removed sha1 hash.
Add configure option to disable searching for qt6 as of now due to
incomplete implementation of qt6 modules, like gui, in buildroot.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When BR2_powerpc_e500mc=y, fmlib package compilation fails with output:
make[2]: *** No rule to make target 'libfm-e500mc.a'. Stop.
The fmlib package "make help" command shows:
The available make libfm-<arch>.a targets are:
libfm-ppce500mc.a (P2, P3, P4)
...
The package Config.in incorrectly sets BR2_PACKAGE_FMLIB_ARCHTYPE
to "e500mc", which is then passed as the package make target.
The correct value should be "ppce500mc".
The commit fixes this build issue.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with arm soft float raised since bump to
version 1.15 in commit c31087182f and
https://github.com/ebiggers/libdeflate/commit/84c76f6f2cf5e5ac4deca0b1c25faebb42469f58:
In file included from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:256,
from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabi/11.3.0/include/arm_neon.h:31:2: error: #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
31 | #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
| ^~~~~
In file included from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h: In function 'clmul_u32':
/home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:262:9: error: unknown type name 'uint64x2_t'; did you mean 'uint16x2_t'?
262 | uint64x2_t res = vreinterpretq_u64_p128(
| ^~~~~~~~~~
| uint16x2_t
Fixes:
- http://autobuild.buildroot.org/results/1445dcbf676893133f311a92ac21b29237fb75df
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following aarch64 build failure raised since the addition of the
package in commit 4231e7b10b:
In file included from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:256,
from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h: In function 'clmul_u32':
/home/autobuild/autobuild/instance-22/output-1/host/lib/gcc/aarch64-buildroot-linux-gnu/10.4.0/include/arm_neon.h:26723:1: error: inlining failed in call to 'always_inline' 'vmull_p64': target specific option mismatch
26723 | vmull_p64 (poly64_t __a, poly64_t __b)
| ^~~~~~~~~
In file included from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:262:19: note: called from here
262 | uint64x2_t res = vreinterpretq_u64_p128(
| ^~~~~~~~~~~~~~~~~~~~~~~
263 | compat_vmull_p64((poly64_t)a, (poly64_t)b));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9aee8dafea614db77209818b913a571534466506
- http://autobuild.buildroot.org/results/951d5a1a2959a0cc65ca7e52967ec07bc1cc00f1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 255acdc143 (package/qemu: needs gcc >= 8) added a comment that
explains that host-qemu would not be available for gcc < 4.8.
However, it interspersed that comment between the main symbol and the
conditional block with the sub-options. This breaks the indentation of
the sub-options in menuconfig, where they appear at the same level as
the main symbol, rather than indented below it.
Fix that by moving the comment before the main symbol.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following static build failure raised since bump to version 1.15
in commit c31087182f:
[ 79%] Linking C shared library libdeflate.so
/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/12.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/12.2.0/crtbeginT.o: relocation R_ARC_32_ME against `__TMC_END__' can not be used when making a shared object; recompile with -fPIC
Fixes:
- http://autobuild.buildroot.org/results/25489e5c6f0da642136e099ab35b091624f53a2b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 8cbfbe487a (package/skeleton-systemd: systemd-ify mounting /var
tmpfs with ro rootfs) removed the fstab handling of /var, and left the
macro deal solely about keeping / read-only.
However, the code about how the var factory is handled was left above
the macro, which is now misleading and confusing.
Move the comment closer to the actual rootfs-pre-cmd hook which actually
deals with handling the var factory.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 86d32208b6 (support/testing/tests/init/test_systemd.py: use
downloaded kernel) stopped building a custom kernel for the systemd
tests, but forgot to drop the associated kernel config fragment.
That fragment is now not used in any test case, so we can drop it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, when one does not enable remounting the rootfs read-write,
i.e. keep it read-only, for example because the filesystem is actually
read-only by design, like squashfs, then two things happen:
- we create a factory from the content of /var at build time, register
tmpfiles entries for it, and mount a tmpfs on /var at runtime, so
that systemd-tmpfiles does populate /var from the factory; this is
only done when the rootfs is not remounted r/w;
- we trigger systemd-tmpfiles at build time, which uses the tmpfiles
db, of which our /var entries, to pre-populate the filesystem; this
is always done, whether the rootfs is remounted r/w or not.
Note that Buildroot mounts a tmpfs on /var, and leaves to the integrator
to care for providing an actual filesystem, as there are too many
variants and is very specific to each use-case.
These two mechanisms are conflicting, semantically, but also
technically: the files from the factory will be duplicated, but that
may help in some situations when the actual /var filesystem is not
mountable.
In some cases, it might be preferable to have none, either, or both
mechanisms enabled; it highly depends on the ultimate integration scheme
chosen for a device.
For example, some people will be very happy with a /var that is actually
on a tmpfs and that it gets reseeded form scratch at every boot, while
others may want to ensure that their system continue to work even when
they can't mount something that makes /var writable.
YMMV, as they used to say back in the day...
So, we introduce two new options, in the system sub-menu, each to drive
each mechanism. We default those options to y, to keep the previous
behaviour by default, except the var factory is only available when the
rootfs is not remounted r/w, as it were so far.
We still hint in the help text that there might be some conflict between
the two mechanisms, but since it has been that way for some time, it
does not look too broken for most people.
Since that introduces more options related to systemd being chosen as an
init system, we gather those two options and the existing one inside a
if-endif block, rather than adding more 'depends on' on each options.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0d9b84b7a8 (package/systemd: invoke systemd-tmpfilesd on final
image) forcefully introduced a call to systemd-tmpfiles as a per-rootfs
hook, on the premise that would help with read-only rootfs.
However, that did not account for the then-pre-existing handling of /var
as a factory when the user opted not to remount / read-write (by not
setting BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW).
This means that, for users who want to use a factory for /var, the
generated filesystem contains the factory files twice: once as stored in
the factory, and once as populated by systemd-tmpfilesd.
In the hope to reconcile the two solutions, we move the handling of
calling systemd-tmpfilesd to the skeleton-init-systemd package, where we
already handle the /var factory. Having the two in the same package will
make it easier, in the future, to provide the user with a choice whether
to use one of the other.
Note that it is very important to keep the order of the hooks as they
are.
Indeed, skeleton-init-systemd sorts before systemd, so its hooks were
registered before systemd's hooks; now that we move the CREATE_TMPFILES
hook, we must ensure it is called after the PRE_ROOTFS_VAR one, so that
the behaviour of acting on the var factory remains.
As a final note: we chose the move this way, rather than move the var
factory into the systemd package, because it is more related to the
system integration on the Buildroot side, rather than the integration
of the systemd package in Buildroot.
Similarly, the other four rootfs hooks, SYSTEMD_LOCALE_PURGE_CATALOGS,
SYSTEMD_UPDATE_CATALOGS, SYSTEMD_RM_CATALOG_UPDATE_SERVICE, and
specially SYSTEMD_PRESET_ALL, should also be moved out of the systemd
package, because they too are more related to the Buildroot system,
rather than to the systemd package itself; but the frontier is very
porous in either way, for such a package as special as systemd.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
Acked-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To mount our /var tmpfs when the rootfs is mounted read-only (really,
not remounted read-write), we use an entry in fstab.
However, /etc could also be a tmpfs (for full state-less systems, or
easy factory-reset, see [0]). It also prevents easily ordering other
systemd units until after /var is mounted (not impossible, but less
easy).
So, we register /var as a systemd mount unit, so that we can also have
the /var factory populated and functional even when /etc is empty. The
var.mount unit is heavily modelled after systemd's own tmp.mount one, so
we carry the same license for that file (in case that may apply).
This has two side effects:
- as hinted previously, it simplifies writing other systemd units to
order them after /var is mounted
- user can easily replace it with their own, which mounts an actual
filesystem
[0] http://0pointer.de/blog/projects/stateless.html
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split original patch in two
- this one only handles converting /var mounting into a systemd unit
- adapt commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr (as suggested by Norbert):
- fix Before= dependencies
- drop [Install] section
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When the rootfs is not remounted read-write (thus assuming a read-only
rootfs like squashfs), we create a tmpfiles.d factory for /var.
However, we register those in /etc/tmpfiles.d/, but /etc could also be
a tmpfs (for full state-less systems, or easy factory-reset, see [0]).
So, we move our var factory to /usr/lib/tmpfiles.d/, which is also the
location where systemd itself places its own tmpfiles, and where we
already put all our other tmpfiles (see audit, avahi, cryptsetup, dhcp,
lighttpd, nfs-utils, quagga, samba4, swupdate) and our handling of
systemd's catalog files too. We also rename the file to a better name,
so that it is obvious it is generated by us (systemd already installs a
var.conf of its own, so we want to avoid name clashing).
Last little detail: there is no need or reason to create .../tmpfiles.d/
at install time; it is only needed in the rootfs-pre-cmd hook, so we
only create it just before we need it.
[0] http://0pointer.de/blog/projects/stateless.html
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split original patch in two
- this one only moves out of /etc and into /usr/lib
- adapt commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- rename to 00-buildroot-var.conf as suggested by Norbert
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The http site automatically redirects to the https variant, so let's
just use that as the default.
The mirror list URL http://search.cpan.org/mirror seems outdated
(re-directed to https://metacpan.org/mirrors aka 'Not Found - The
resource you requested could not be found.').
The closest matching URLs we found were:
https://www.cpan.org/SITES.htmlhttp://mirrors.cpan.org/map.htmlhttp://mirrors.cpan.org/
That last one has all the list, so we use that; the second is a world
map, so we also include it.
Sadly, neither of the mirrors list (table or map) are served as https;
they are only available as http...
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- add a little blurb to explain http->https redirect
- update the mirror list URL, and...
- extend commit message with original explanations from Peter, and..
- notice that they are not served via https...
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As the comment in package/perl/perl.mk instructs, bumping the perl
version must be propagated to utils/scancpan as well.
However, commit 7c1ef8129f (package/perl: bump to version 5.34.0)
forgot to do so.
Fixes: 7c1ef8129f
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The only other language supported is CL (Common Lisp) which buildroot
does not package yet. This saves 52KB in the final root filesystem.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
[yann.morin.1998@free.fr: reformat for one-option per-line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's disable the CONFIG_PLATFORM_I386_PC that is set to y by default
involving the endianness to be set to little. This way we can set the
CFLAGS according to architecture with some default define like:
-DCONFIG_IOCTL_CFG80211
-DRTW_USE_CFG80211_STA_EVENT
-Wno-error
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to the upstream release notes of version 2.0.0:
https://lists.x.org/archives/xorg-announce/2022-July/003180.html
"This keyboard driver is primarily used with BSD, GNU Hurd, illumos, &
Solaris systems. Linux systems should instead use either xf86-input-
libinput or xf86-input-evdev.
While versions 1.9.0 and earlier had rudimentary support for Linux as
well, that has been removed in this release."
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: Reword help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to the latest version of the gcnano-binaries blobs, which are
compatible with the last v5.15-stm32mp-r2 kernel from the
STMicroelectronics BSP.
The management of libraries links have now changed. We moved on from
a version with several links present but few of them missing to no links
at all. Now, all the links are made by the build system. The loop
mechanism to make them are imported from the ST Yocto layer.
The packageconfig have also changed, no need to update prefix and version
value anymore.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a defconfig for the Starfive VisionFive2 board, a board built around the
Starfive JH7110 RISC-V 64bit SoC.
This board comes with functional lowlevel and U-Boot bootloaders in SPI
flash. The defconfig reuses these and only builds a (5.15 based) kernel and
rootfs.
The factory shipped U-Boot is hard coded to look at MMC partition 3.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[Peter: add to DEVELOPERS]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package install the required firmware for enabling the
Bluetooth device embedded in the RTL8723DS chip.
The driver is included in Linux main tree and can be enabled
with the BT_HCIUART_RTL symbol.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Tested-by: Indrek Kruusa <indrek.kruusa@gmail.com>
[Peter: use install -D]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Notable changes in this new version include support for the Apple
Aarch64 ABI, and compare-and-swap atomic instructions.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[Peter: drop _AUTORECONF]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The git package in Buildroot is quite lagging behind (v2.31.4, released
on July 12, 2022 while the baseline v2.31.0 was released on March 15,
2021). Bump the package to v2.39.0 (released December 12, 2022).
While at it, also replace patch fixing uclibc no threads build with two
patches cherry-picked from upstream next branch, which fixes the same
issue by fixing the handling of flockfile(), funlockfile(), and
getc_unlocked() declarations. These patches missed the release but
planned for next maintenance release (v2.39.1).
The reason for replacing the patch is when original fix patch was
upstreamed [1], Jeff King noted that the build failure root cause
was flockfile() is defined regardless of whether uclibc is configured with
threads support or not [2].
Release notes for v2.39.0 is available on release announcement on Git
mailing list at [3].
[1]: https://lore.kernel.org/git/20221125092339.29433-1-bagasdotme@gmail.com/
[2]: https://lore.kernel.org/git/Y4RAr04vS%2FTOM5uh@coredump.intra.peff.net/
[3]: https://lore.kernel.org/git/xmqqlencspnl.fsf@gitster.g/
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) could recover an RSA private key after observing the victim
performing a single private-key operation if the window size used for
the exponentiation was 3 or smaller.
Drop patch (already in version:
https://github.com/Mbed-TLS/mbedtls/commit/9d9d45c6b2aeaedfdfdadfec3d05d168db685968)
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
remove merged patch
diff LICENSE.md
- Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
- Copyright (c) 2008-2018, Dave Benson and the protobuf-c authors.
+ Copyright (c) 2008-2022, Dave Benson and the protobuf-c authors.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When creating a filesystem, mkfs.ext will chose the inode size depending
on the size of the filesystem. Small filesystem get 128-bytes inodes,
while bigger filesystems use 256-byte inodes (inode must be a power of 2
larger or equal to 128, and smaller or equal to the blocksize).
However, 128-byte inodes can't store timestamps past the dreaded
2038-01-19 03:14:07Z deadline, while inodes larger than or equal to 256
do not have the issue.
It turns out that the tipping point to decide whether a filesystem is
small or big, is about around the size of the filesystems we generate
for our runtime tests. This causes the kernel to emit warning like:
ext2 filesystem being remounted at / supports timestamps until 2038 (0x7fffffff)
We add a new option to our ext2 filesystem, so that user can specify the
size of the inode. That new option defaults to 256 to be resilient to
the Y2K38 problem.
Note: it was already possible for users to explicitly pass the -I
option, through BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS. We could have
chosen to extend the existing value with a -I 256, but that is not
satisfactory. Indeed, we do want to ensure that the default is now
Y2K38-OK, even for existing configurations that did not have explicit
setting.
We also pass that new option before the user-specified arbitrary ones,
so that BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS still wins (in case -I was
set there).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Peter: tweak help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2020-35492:
A flaw was found in cairo's image-compositor.c in all versions prior to
1.17.4. This flaw allows an attacker who can provide a crafted input
file to cairo's image-compositor (for example, by convincing a user to
open a file in an application using cairo, or if an application uses
cairo on untrusted input) to cause a stack buffer overflow ->
out-of-bounds WRITE. The highest impact from this vulnerability is to
confidentiality, integrity, as well as system availability.
Important note: this is not the exact upstream patch. Indeed, the
upstream patch[1] contains a png file which appears as a binary diff
inside the patch. The `patch` tool which is used by Buildroot to apply
patches does not handle that kind of diff. Since it is just a test, it
shouldn't impact the quality of the CVE fix and all changes related to
the test are removed from the patch.
[1] https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2019-6462:
An issue was discovered in cairo 1.16.0. There is an infinite loop in
the function _arc_error_normalized in the file cairo-arc.c, related to
_arc_max_angle_for_tolerance_normalized.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on Linux 6.1-rc3. We don't have an option for 6.1 yes, so
mark it as 6.0 headers.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The D1 support is now upstream, so we can use the upstream 1.1 release
instead of a custom version.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on U-Boot 2022.10 and has gained SPL support, so use that
instead of sun20-d1-spl. With this we can also drop the u-boot patch and
patch directory.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://github.com/ebiggers/libdeflate/blob/master/NEWS.md
Switch to cmake.
Added CFLAGS to fix uClibc build:
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:10:
error: 'const struct stat' has no member named 'st_atim'; did you mean 'st_atime'?
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:26:
error: 'const struct stat' has no member named 'st_mtim'; did you mean 'st_mtime'?
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 22.10.0, used since Buildroot commit
12c430f880, python-automat no longer
needs host-python-m2r, so let's drop this dependency.
This is needed as host-python-m2r is about to be removed from
Buildroot, due to incompatibility with its dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As tomli is no longer required for bootstrapping our pep517 toolchain
we no longer need to use flit-bootstrap for the host package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Bernd:
- switched to actively maintained fork
- package/Config.in: moved to "Hardware handling" (Peter)
- added toolchain dependencies (Thomas)
- added license hash
- fixed build errors related to iconv and execinfo (Peter)
- removed hook HDDTEMP_REMOVE_MAN (Thomas)
- install hddtemp.db to target
- added build/install _CMDS due to
https://github.com/vitlav/hddtemp/issues/5]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- use GETTEXTIZE=YES, drop host-gettext from _DEPENDENCIES
- drop custom build and install commands now that we gettextize
- explicitly specify the DB path, introduce HDDTEMP_DB_PATH
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch fixes a problem in the vck190 boot.bin generation as it should be
using the u-boot.dtb as the u-boot device tree and not the Linux system.dtb.
While both dtbs are basically the same, it is better not to mix this up.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
5bbc20154e ("configs/zynqmp_kria_kv260_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 5bbc20154e ("configs/zynqmp_kria_kv260_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
3c997c457a ("configs/zynqmp_zcu106_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 3c997c457a ("configs/zynqmp_zcu106_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch moves the board/zynqmp/kria/kv260/uboot.fragment file
to the board/zynqmp/kria directory. The reason is that this file
is the same for any kria starter kit and is not specific to the kv260.
By moving the file, it can be logically re-used with the kr260 when
support for this starter kit is added to buildroot.
KR260 Starter Kit:
https://www.xilinx.com/products/som/kria/kr260-robotics-starter-kit.html
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit d590003e31 (package/pcsc-lite: needs gcc >= 4.9) propagated
that new dependency to a bunch of packages that select pcsc-lite.
Then commit 8aaa7ecbce (package/opensc: new package) introduced
opensc, which selects pcsc-lite. However, the package was submitted
before the dependency to gcc 4.8+ was added to pcsc-lite, and that was
missed during the review.
Add it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When applying 917a961d9c (package/optee-client: bump to version
3.19.0), a last-minute change was made in Config.in to change the
dependency to util-linux instead of util-linux-libs, but the
counterpart to that change in the .mk was omitted.
Fix that now.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit eb2f2886b2 ("package/swupdate:
add staging install") has introduced some commands indented with
spaces, which check-package doesn't like.
Fix that by using tabs instead, and while we're at it, wrap the line
that is a bit too long.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SWupdate provides API for external programs, so some headers and
libraries must be install to staging.
This patch installs headers and libs to STAGING_DIR, to prevent a
header name collision a subdirectory /usr/include/swupdate creates.
Signed-off-by: Andrey Grafin <conquistador@yandex-team.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2022-46149: Cap'n Proto is a data interchange format and remote
procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1,
0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust
implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to
out-of-bounds read due to logic error handling list-of-list. This issue
may lead someone to remotely segfault a peer by sending it a malicious
message, if the victim performs certain actions on a list-of-pointer
type. Exfiltration of memory is possible if the victim performs
additional certain actions on a list-of-pointer type. To be vulnerable,
an application must perform a specific sequence of actions, described in
the GitHub Security Advisory. The bug is present in inlined code,
therefore the fix will require rebuilding dependent applications. Cap'n
Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and
0.10.3.
https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hxhttps://dwrensha.github.io/capnproto-rust/2022/11/30/out_of_bounds_memory_access_bug.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-3550: A vulnerability classified as critical was found in X.org
Server. Affected by this vulnerability is the function _GetCountedString
of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is
recommended to apply a patch to fix this issue. The associated identifier
of this vulnerability is VDB-211051.
- CVE-2022-3551: A vulnerability, which was classified as problematic, has
been found in X.org Server. Affected by this issue is the function
ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to
memory leak. It is recommended to apply a patch to fix this issue. The
identifier of this vulnerability is VDB-211052.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 5.19.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop no longer required pyaes runtime dependency.
Add new bitstring, cryptography and reedsolo runtime dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop setuptools runtime dependency.
Update description as python 2 is no longer supported.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop spurious setuptools runtime dependency.
Add new msgpack runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
https://github.com/troglobit/smcroute/releases/tag/2.5.6
Most important news from the ChangeLog:
- Batch mode supoprt for smcroutectl
- Fix strange behavior when joining/leaving the same group
- Minor spelling checks of documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Joachim Wiberg <troglobit@gmail.com>
[yann.morin.1998@free.fr: added news by Joachim]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: squash the two bumps together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With gnuradio 3.10 boost/filesystem was replaced by std::filesystem.
This feature was introduced with gcc 8 (requirering -lstdc++fs (with
gcc 9 explicit -lstdc++fs is no more explicitely required)).
With gcc < 8 build fails with error:
In file included from /home/br-user/work/instance-0/output-1/host/aarch64_be-buildroot-linux-gnu/sysroot/usr/include/boost/dll/runtime_symbol_info.hpp:11:0,
from /home/br-user/work/instance-0/output-1/build/gnuradio-3.10.4.0/buildroot-build/gnuradio-runtime/lib/constants.cc:16:
/home/br-user/work/instance-0/output-1/host/aarch64_be-buildroot-linux-gnu/sysroot/usr/include/boost/dll/config.hpp:42:10: fatal error: filesystem: No such file or directory
#include <filesystem>
^~~~~~~~~~~~
compilation terminated.
Add a dependency to gcc >= 8.
BR2_TOOLCHAIN_HAS_GCC_BUG_64735 only affects gcc <7, so we drop it.
Adding this restriction on gcc >= 8 also covers the dependency for volk,
which requires gcc >= 7, which was not propagated to gnuradio so far.
Tested with bootlin toolchain 2020.02-2 (gcc 8.3.0)
Fixes:
- http://autobuild.buildroot.net/results/6a82605c58f9ef9eb6c14603777dd8523dd00aa5/
- http://autobuild.buildroot.net/results/c7c4ae76954e388ab639b39fd521d90acfe4edc9/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The permissions are now in sync with meson_post_install.py,
and debian.
Most importantly, polkit-agent-helper-1 is now setuid root,
but also the rules.d directories rather than their parents
are owned by polkitd.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bumps OP-TEE client package version to OP-TEE release 3.19.0.
This package introduces a mandatory dependency on util-linux and
pk-config packages that were made optional in commit [1], following
3.19.0 release tag. The dependency is related to new library teeacl
for access control list based login identification. This change picks
that commit and defines the dependency only when TEEACL library is
to be embedded. The patch will be removed once we dump to the next
OP-TEE release tag, as state by new BR2 boolean config switch
BR2_PACKAGE_OPTEE_CLIENT_TEEACL.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr:
- actually backport upstream commit
- don't default y for BR2_PACKAGE_OPTEE_CLIENT_TEEACL
- select util-linux instead of depending on it
- don't select util-linux-libs, there's no circular deps
- squash both conditions together in .mk
- fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use pkg-config to retrieve libusb dependencies such as -latomic and
avoid the following static build failure raised since bump of libusb to
version 1.0.25 in commit aad609936f:
/nvmedata/autobuild/instance-29/output-1/per-package/libftdi1/host/bin/../lib/gcc/sparc-buildroot-linux-uclibc/10.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /nvmedata/autobuild/instance-29/output-1/per-package/libftdi1/host/sparc-buildroot-linux-uclibc/sysroot/lib/libusb-1.0.a(core.o): in function `libusb_unref_device':
/nvmedata/autobuild/instance-29/output-1/build/libusb-1.0.25/libusb/core.c:1186: undefined reference to `__atomic_fetch_add_4'
Fixes:
- http://autobuild.buildroot.org/results/1ca7cd85ae60ad4797a6d8a83b2fb51d7eab96d9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libuwsc needs BR2_PACKAGE_WOLFSSL_ALL (which enables openssl compat
layer) to avoid the following wolfssl build failure raised since the
addition of the package in commit
120c04775d:
/home/br-user/work/instance-1/output-1/build/libuwsc-3.3.5/src/ssl.c:62:5: error: unknown type name 'SSL_CTX'
62 | SSL_CTX *ctx;
| ^~~~~~~
Note that we do not select _ALL when wolfssl is enabled, because wolfssl
is neither the only nor the preferred choice, so the condition would
have to be a bit more complex:
select BR2_PACKAGE_WOLFSSL_ALL if BR2_PACKAGE_WOLFSSL \
&& !BR2_STATIC_LIBS && !BR2_PACKAGE_OPENSSL
It is not overly complicated, but it is no longer trivial or obvious,
and would easily break if the ordering of preferences were to change in
the .mk fie in the future.
Fixes:
- http://autobuild.buildroot.org/results/6c2a6ed6fca1f92aab299f6ed9cd900b20e8d512
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: explain why we don't select _ALL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-32292: In ConnMan through 1.41, remote attackers able to
send HTTP requests to the gweb component are able to exploit a
heap-based buffer overflow in received_data to execute code.
Fix CVE-2022-32293: In ConnMan through 1.41, a man-in-the-middle attack
against a WISPR HTTP query could be used to trigger a use-after-free in
WISPR handling, leading to crashes or code execution.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit 3ddca0ccb9.
With the merge of next, we are now using mupdf 1.20.3, so this fix is no
longer needed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 93d8b71371 (package/sdl2_ttf: bump version to 2.20.1) dropped the
hash for COPYING.txt and added a hash for LICENSE.txt but forgot to adjust
SDL2_TTF_LICENSE_FILES, breaking legal-info:
>>> sdl2_ttf 2.20.1 Collecting legal info
ERROR: No hash found for COPYING.txt
cp: cannot stat '/path/to/output/build/sdl2_ttf-2.20.1/COPYING.txt': No such file or directory
make[1]: *** [package/sdl2_ttf/sdl2_ttf.mk:38: sdl2_ttf-legal-info] Error 1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 343974b995 forgot to change the
licensing information which has been updated with
https://code.qt.io/cgit/qt/qtserialport.git/commit/?id=bb05a26d52c834cc7f3c549f3e5d66f76baf42a2
resulting in the following build failure:
ERROR: LICENSE.GPL2 has wrong sha256 hash:
ERROR: expected: 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643
ERROR: got :
Fixes:
- No autobuilder failures yet
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: one-item per line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently package secific go env is used only during package build step.
Go vendering is done during the download step and it's sometimes required
to specify package secific go env also for this step.
For example, when importing custom go modules who are hosted on a private
host, it’s required to set GOPRIVATE to avoid public sum checking.
Of all the environment variables driving the behaviour of the go command
[0], there is none that obviously have an impact on the behaviour of
go-mod, unless they are explicitly listed as such [1], so it seems
pretty safe to include the generic environment variables for the
download step.
[0] https://pkg.go.dev/cmd/go#hdr-Environment_variables
[1] https://go.dev/ref/mod#environment-variables
Signed-off-by: Patrick Gerber <pge@ik.me>
[yann.morin.1998@free.fr: add [0] and [1] and corresponding blurb]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 235636409f (package/mender-artifact: do not download modules
during the build process) introduced the use of GOFLAGS="-mod=vendor",
in 2020-08-13, before we had the go download post-process...
... which was introduced with ommit 24ac316ff5 (package/pkg-golang.mk:
implement Go vendoring support), in 2022-01-08, which added $(2)_DL_ENV
which contains $(HOST_GO_COMMON_ENV).
HOST_GO_COMMON_ENV, set in go/go.mk@23,i already contains
GOFLAGS="-mod=vendor".
Signed-off-by: Patrick Gerber <pge@ik.me>
[yann.morin.1998@free.fr: extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Marvell Armada Devicetree files have been moved out of edk2-platforms
by commit 4b53da6b12a8 ("Marvell/Armada7k8k: Remove device tree sources
from edk2-platforms") and they are now in edk2-non-osi.
Therefore update the MACCHIATObin recipe to depend on the new edk2-non-osi
package and rework a bit the packages path to support that.
Also, drop the backported patch as it is not necessary anymore.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a package to install the additional edk2 platforms files, not
compatible with the normal licensing requirements and held in the
edk2-non-osi repository.
Only the Marvell Armada files are copied at this point, to support building
edk2 for the MACCHIATObin platform.
The referenced commit corresponds to version edk2-stable202208 of edk2,
based on the timestamps.
This package is heavily inspired from package/edk2-platforms.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an
integer overflow and resultant buffer overflow that allows attackers to
execute arbitrary code or eliminate expected cryptographic properties.
This occurs in the sponge function interface.
Python 3.11 and later switched to using tiny_sha3 in GH-32060, so they
should not be affected.
https://github.com/python/cpython/issues/98517
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
elf2flt 2021.08 has changed endianness swapping logic for relocated
entries in the text segment. This broke little-endian xtensa FLAT images
which now fail to start with the following message:
binfmt_flat: reloc outside program 0x24c80100 (0 - 0x6e430/0x56a20)
Fix it by restoring old endianness swapping logic for relocated entries
in the text segment when building for xtensa.
Reported-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When BR2_SHARED_STATIC_LIBS is enabled, both --enable-static and
--enable-shared are passed to configure. memcached configure.ac only
looks for --enable-static to make the build static. But when linking
against openssl pkg-config only returns dynamic linking dependencies,
resulting in the following build failure:
/home/thomas/autobuild/instance-1/output-1/host/bin/aarch64_be-buildroot-linux-gnu-gcc -std=gnu99 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -D_FORTIFY_SOURCE=2 -pthread -Wall -pedantic -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -static -o timedrun timedrun.o -levent -L/home/thomas/autobuild/instance-1/output-1/host/bin/../aarch64_be-buildroot-linux-gnu/sysroot/usr/lib -lssl -lcrypto -ldl
/home/thomas/autobuild/instance-1/output-1/host/lib/gcc/aarch64_be-buildroot-linux-gnu/11.3.0/../../../../aarch64_be-buildroot-linux-gnu/bin/ld: memcached-memcached.o: in function `conn_new':
memcached.c:(.text+0x1668): undefined reference to `SSL_set_info_callback'
BR2_SHARED_STATIC_LIBS only makes sense for libraries, not executable
binaries. Pass --disable-static unless BR2_STATIC_LIBS is enabled for
static only build.
Fixes:
- http://autobuild.buildroot.org/results/363c84eaa69350e02bec0b35b88d4bdf4dad804c
- http://autobuild.buildroot.org/results/0bde41bb700100d8df5ebdb1b64dfdc76c7af475
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump the edk2-platforms commit to the one corresponding to version
edk2-stable202208 of edk2, based on the timestamps.
Note: the Marvell Armada Devicetree files have been moved out of
edk2-platforms by commit 4b53da6b12a8 ("Marvell/Armada7k8k: Remove device
tree sources from edk2-platforms") and they are now in edk2-non-osi.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2022-3620: A vulnerability was found in Exim and classified as
problematic. This issue affects the function dmarc_dns_lookup of the file
dmarc.c of the component DMARC Handler. The manipulation leads to use after
free. The attack may be initiated remotely. The name of the patch is
12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a
patch to fix this issue. The associated identifier of this vulnerability is
VDB-211919.
This vulnerability is in the DMARC handling, which is only used if
libopendmarc is available AND SUPPORT_DMARC is set to yes, neither of which
is true for Buildroot, so ignore the CVE.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2022-3559: A vulnerability was found in Exim and classified as
problematic. This issue affects some unknown processing of the component
Regex Handler. The manipulation leads to use after free. The name of the
patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to
apply a patch to fix this issue. The identifier VDB-211073 was assigned to
this vulnerability.
The upstream patch does not apply to 4.96, so use the backported patches
from Debian. Amazingly, the patch needs 3 additional patches to unbreak
builds without "WITH_CONTENT_SCAN" (default in Buildroot), so add those as
well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In libarchive 3.6.1, the software does not check for an error after
calling calloc function that can return with a NULL pointer if the
function fails, which leads to a resultant NULL pointer dereference.
NOTE: the discoverer cites this CWE-476 remark but third parties dispute
the code-execution impact: "In rare circumstances, when NULL is
equivalent to the 0x0 memory address and privileged code can access it,
then writing or reading memory is possible, which may lead to code
execution."
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
* CVE-2022-39253:
When relying on the `--local` clone optimization, Git dereferences
symbolic links in the source repository before creating hardlinks
(or copies) of the dereferenced link in the destination repository.
This can lead to surprising behavior where arbitrary files are
present in a repository's `$GIT_DIR` when cloning from a malicious
repository.
Git will no longer dereference symbolic links via the `--local`
clone mechanism, and will instead refuse to clone repositories that
have symbolic links present in the `$GIT_DIR/objects` directory.
Additionally, the value of `protocol.file.allow` is changed to be
"user" by default.
* CVE-2022-39260:
An overly-long command string given to `git shell` can result in
overflow in `split_cmdline()`, leading to arbitrary heap writes and
remote code execution when `git shell` is exposed and the directory
`$HOME/git-shell-commands` exists.
`git shell` is taught to refuse interactive commands that are
longer than 4MiB in size. `split_cmdline()` is hardened to reject
inputs larger than 2GiB.
https://github.com/git/git/blob/v2.31.5/Documentation/RelNotes/2.31.5.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-3705: A vulnerability was found in vim and classified as
problematic. Affected by this issue is the function qf_update_buffer of
the file quickfix.c of the component autocmd Handler. The manipulation
leads to use after free. The attack may be launched remotely. Upgrading
to version 9.0.0805 is able to address this issue. The name of the patch
is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to
upgrade the affected component. The identifier of this vulnerability is
VDB-212324.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 83b4337354 (package/netsnmp: security bump to version 5.9.3)
dropped the patches, but forgot to remove the autoreconf. Do so now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is stable bugfix release of libmdbx, in Family Glory and
in memory of Boris Yuriev (the inventor of Helicopter and
Swashplate in 1911) on his 133rd birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
Release notes for v0.11.13
--------------------------
Fixes:
- Fixed builds with older libc versions after using `fcntl64()` (backport).
- Fixed builds with older `stdatomic.h` versions,
where the `ATOMIC_*_LOCK_FREE` macros mistakenly redefined using functions (backport).
- Added workaround for `mremap()` defect to avoid assertion failure (backport).
- Workaround for `encryptfs` bug(s) in the `copy_file_range` implementation (backport).
- Fixed unexpected `MDBX_BUSY` from `mdbx_env_set_option()`, `mdbx_env_set_syncbytes()`
and `mdbx_env_set_syncperiod()` (backport).
- CMake requirements lowered to version 3.0.2 (backport).
- Added admonition of insecure for RISC-V (backport).
Minors:
- Minor clarification output of `--help` for `mdbx_test` (backport).
- Added admonition of insecure for RISC-V (backport).
- Stochastic scripts and CMake files synchronized with the `devel` branch.
- Use `--dont-check-ram-size` for small-tests make-targets (backport).
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without this additional comment only the comment
kodi needs an OpenGL EGL backend with OpenGL or GLES support
is displayed which is not enough to guide users.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before
2.3.20. When two passdb configuration entries exist with the same driver
and args settings, incorrect username_filter and mechanism settings can be
applied to passdb definitions. These incorrectly applied settings can lead
to an unintended security configuration and can permit privilege escalation
in certain configurations. The documentation does not advise against the
use of passdb definitions that have the same driver and args settings. One
such configuration would be where an administrator wishes to use the same
PAM configuration or passwd file for both normal and master users but use
the username_filter setting to restrict which of the users is able to be a
master user.
https://dovecot.org/pipermail/dovecot-news/2022-July/000477.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This firmware is loaded by U-Boot, so when U-Boot is loading the Linux
kernel from the root filesystem, it is very likely that it will also
want to load this firmware from the root filesystem.
Therefore, this patch makes sure that that Cadence DP firmware is
installed alongside the kernel image in /boot in the root filesystem
when the kernel is installed
there (BR2_LINUX_KERNEL_INSTALL_TARGET=y).
We keep installing the firmware in $(BINARIES_DIR) in any case.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds support for Xilinx Versal VCK190 evaluation board.
VCK190 features can be found here:
https://www.xilinx.com/products/boards-and-kits/vck190.html
The VCK190 is based on the Xilinx Versal family:
https://www.xilinx.com/products/silicon-devices/acap/versal.html
The VC1902 included with the VCK190 evaluation board has Xilinx
AI Engine acclerators designed for accelerating machine learning
applications. Also included is an upgrade from prior Zynq and
ZynqMP families to ARM Cortex-A72 cores.
While the Linux kernel for Versal is quite similar to ZynqMP,
the boot process has significantly changed.
Triple-redundant MicroBlaze cores are used to boot and setup
Versal devices. For this reason, current buildroot support
will download pre-built firmware images and use Xilinx bootgen
to generate the boot.bin for the vck190.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds support for downloading versal microblaze firmware binaries.
These are necessary for booting Xilinx versal devices.
The location of these binaries is temporary, and will soon be added to the
Xilinx firmware repository. The temporary location is using the same free
distribution license as the Xilinx firmware repository.
Once these files are available on the Xilinx repository, this package will
be updated to the new location.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-24805 A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access.
- CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can
cause a NULL pointer dereference.
- CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in
master agent and subagent simultaneously
- CVE-2022-24807 A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory
access.
- CVE-2022-24808 A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference
- CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable
can cause a NULL pointer dereference.
Drop openssl linking patches as they are merged upstream / upstream changed
to use pkg-config for openssl since:
https://github.com/net-snmp/net-snmp/commit/8c3a094fbe9ebe38ed762488082d52c6d4e04ddb
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 5370ec7451 was supposed to remove
the roc_pc_rk3399 defconfig. It actually removed everything related to
this defconfig, but not the defconfig itself.
The build failure this commit was supposed to fix is therefore still
happening. We fix it up by finally removing the defconfig.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3372859807
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package builds to fail with Linux > 5.15 and abperiasamy's
rtl8812AU_8821AU_linux repository is not maintained since 2 years and
there is now a fork where all pending patches have been upstreamed, so
let's switch to lwfinger's rtl8812au repository that is well
maintained with Linux up to version 5.18 supported. While switching
let's drop all local patches. Also add me as maintainer for this
package in DEVELOPERS file.
Fixes:
http://autobuild.buildroot.net/results/a3db3a6540b67a1f1fe31d61fe1d6824d43f59f0/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Christian Stewart<christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps following packages to the newer version:
- OpenSBI v1.1
- U-boot v2022.10
- Linux 6.0
Linux kernel is hosted on AndesTech Github which includes ethernet,
SD card, DMAC, RTC, WDT drivers support. OpenSBI is based on v1.1
with andes platfrom fdt driver.
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Same version as NXP release 5.15.52_2.1.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v39
- No official changelog but the main addition is the support of skipped
h.264 frames
- Add patch to fix kernel version test from the package
- Yocto doesn't need that workaround as it installs the kernel headers
- This is needed for NXP 5.15+ kernels (using DMABUF)
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
DROPBEAR_DSS is now disabled by default. Enable only when
BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO is enabled.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
CVE-2022-42898: In MIT krb5 releases 1.8 and later, an authenticated
attacker may be able to cause a KDC or kadmind process to crash by reading
beyond the bounds of allocated memory, creating a denial of service. A
privileged attacker may similarly be able to cause a Kerberos or GSS
application service to crash. On 32-bit platforms, an attacker can also
cause insufficient memory to be allocated for the result, potentially
leading to remote code execution in a KDC, kadmind, or GSS or Kerberos
application server process. An attacker with the privileges of a
cross-realm KDC may be able to extract secrets from a KDC process's memory
by having them copied into the PAC of a new ticket.
Bugfix tarballs are located in the same directory as the base version, so
introduce LIBKRB5_VERSION_MAJOR.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 3dbc86f098 (openssl: bump version, enable mdc2+camellia+tlsext)
form 2010-06-03, forced the build of mdc2. Commit a83d41867c
(package/libopenssl: add option to enable some features) added an option
to explicitly disable mdc2, but forgot to amend the existing enabling
option.
It appears that, like most (all?) openssl config options, mdc2 ends up
enabled unless explicitly disabled.
Additionally, mdc2 depends on DES, so without DES, mdc2 gets disabled.
So, drop the explicit enabling option, and make mdc2 select DES.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: "GAUTRON, Erwan" <erwan.gautron@bertin.fr>
Cc: "Weber, Matthew L Collins" <Matthew.Weber@collins.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit a83d41867c (package/libopenssl: add option to enable some
features) added an option to enable rc5. However, since commit
1fff941219 (Fixup non-x86 openssl build), dated 2002-12-30, rc5
has always been forcibly disabled in Buildroot.
Given that it was unconditionally disabled all this time, and no
one complained, it means there is virtually no-one using rc5, so we
can just drop the option.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: "GAUTRON, Erwan" <erwan.gautron@bertin.fr>
Cc: "Weber, Matthew L Collins" <Matthew.Weber@collins.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
If the swupdate configuration contains CONFIG_UBOOT=y it uses
libubootenv to access the U-Boot environment.
We don't have Buildroot config options for all the different optional
dependencies of swupdate, instead we rely on the user to select the
appropriate packages and simply add the dependency in the .mk file. Do
this for libubootenv as well. swupdate doesn't have anything like
HAVE_LIBUBOOTENV, it just assumes libubootenv is available.
Fixes:
bootloader/uboot.c:23:10: fatal error: libuboot.h: No such file or directory
23 | #include <libuboot.h>
Note that libubootenv is normally built before swupdate (alphabetical
ordering), so the error only occrus with BR2_PER_PACKAGE_DIRECTORIES or
when building swupdate directly.
Note that the autobuilders don't have this error, because they only
build swupdate with a default configuration that doesn't have U-Boot
support.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
If BR2_PER_PACKAGE_DIRECTORIES is enabled and Buildroot is using
HOST_MAKE for a Kconfig package. The $(1)_KCONFIG_RULES does not work
correctly, and kconfig-package-regen-dot-config will always run the
'oldconfig' target.
This is because $(1)_KCONFIG_RULES expands before the first recipe line
of .stamp_dotconfig. $(1)_KCONFIG_RULES attempts to call $(HOST_MAKE),
which requires that the per-package/<pkg>/host directory has been setup.
But that directory is not setup until a later recipe line. This results
in $(1)_KCONFIG_RULES silently failing, and so always configuring with
'oldconfig'.
Fix the issue by calling the command as part of the recipe, so
$(HOST_MAKE) will be ready in time. As the comment on $(1)_KCONFIG_RULES
describes, we should not use backticks. Use an intermediary file to
store the output of the command, so that backticks are not needed.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This release fixes the following Security Vulnerabilities:
- CVE-2022-42898 PAC parse integer overflows
- CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and
arcfour
- CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of
array
- CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
- CVE-2021-3671 A null pointer de-reference when handling missing sname
in TGS-REQ
- CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
Note that CVE-2022-44640 is a severe vulnerability, possibly a 10.0
on the Common Vulnerability Scoring System (CVSS) v3, as we believe
it should be possible to get an RCE on a KDC, which means that
credentials can be compromised that can be used to impersonate
anyone in a realm or forest of realms.
Heimdal's ASN.1 compiler generates code that allows specially
crafted DER encodings of CHOICEs to invoke the wrong free function
on the decoded structure upon decode error. This is known to impact
the Heimdal KDC, leading to an invalid free() of an address partly
or wholly under the control of the attacker, in turn leading to a
potential remote code execution (RCE) vulnerability.
This error affects the DER codec for all extensible CHOICE types
used in Heimdal, though not all cases will be exploitable. We have
not completed a thorough analysis of all the Heimdal components
affected, thus the Kerberos client, the X.509 library, and other
parts, may be affected as well.
This bug has been in Heimdal's ASN.1 compiler since 2005, but it may
only affect Heimdal 1.6 and up. It was first reported by Douglas
Bagnall, though it had been found independently by the Heimdal
maintainers via fuzzing a few weeks earlier.
While no zero-day exploit is known, such an exploit will likely be
available soon after public disclosure.
- CVE-2019-14870: Validate client attributes in protocol-transition
- CVE-2019-14870: Apply forwardable policy in protocol-transition
- CVE-2019-14870: Always lookup impersonate client in DB
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds an option that allows to install the u-boot.elf file
produced when CONFIG_REMAKE_ELF=y in the U-Boot configuration.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- i.MX Hantro V4L2 Daemon. Provides the vsidaemon, which is needed for
V4L2 nodes to work.
- To match NXP 5.15.52-2.1.0 release.
Signed-off-by: Chris Dimich <chris.dimich@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Highligts include support for MbedTLS and a serious memory leak fix to
the GnuTLS backend.
Changes:
- Add support for MbedTLS
- Add support for per-provider interface to bind to
- Use HTTP-only for api.ipify.org, default (fallback) checkip service
Fixes:
- serious memory leak in GnuTLS backend
- ca-trust-file has no effect for GnuTLS
- handle easyDNS "no update required" as OK status
- use configured server:port, don't force port 443 for HTTPS
(From https://github.com/troglobit/inadyn/releases/tag/v2.10.0)
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The edk2 project is licensed under the BSD-2-Clause license with a patent
grant, as per commit 304bff7223a8 ("edk2: Change License.txt from 2-Clause
BSD to BSD+Patent").
There is a BSD-2-Clause-Patent SPDX license identifier[1] for this case,
therefore refine the edk2 package to use this more specific identifier.
[1]: https://spdx.org/licenses/BSD-2-Clause-Patent.html
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The edk2-platforms project is licensed under the BSD-2-Clause license with
a patent grant, as per commit ae604e4ffe8f ("edk2-platforms: Change
License.txt from 2-Clause BSD to BSD+Patent").
There is a BSD-2-Clause-Patent SPDX license identifier[1] for this case,
therefore refine the edk2-platforms package to use this more specific
identifier.
[1]: https://spdx.org/licenses/BSD-2-Clause-Patent.html
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issue:
CVE-2022-45061: An issue was discovered in Python before 3.11.1. An
unnecessary quadratic algorithm exists in one path when processing some
inputs to the IDNA (RFC 3490) decoder, such that a crafted, unreasonably
long name being presented to the decoder could lead to a CPU denial of
service. Hostnames are often supplied by remote servers that could be
controlled by a malicious actor; in such a scenario, they could trigger
excessive CPU consumption on the client attempting to make use of an
attacker-supplied supposed hostname. For example, the attack payload could
be placed in the Location header of an HTTP response with status code 302.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d07e6b70 (boot/uboot/uboot.mk: add pmufw.elf support) broke
configurations where the UBOOT_ZYNQMP_PMUFW was blank. Previously it
would set the U-Boot CONFIG_PMUFW_INIT_FILE to the blank string, but now
it will set it to ".bin" which causes U-Boot to fail to build.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Brings a number of fixes: https://dev.gnupg.org/T6106
Add patch 0001 to fix undefined reference to `ks_ldap_free_state'
backported from commit 7011286ce6e1fb56c2989fdafbd11b931c489faa
Signed-off-by: Michael Fischer <mf@go-sys.de>
[Peter: add changelog info]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If a custom os_prefix directory is specified then the Raspberry Pi
firmware probes for the README file in overlays directory. If
this is not found then firmware will use the top-level overlays
directory which can be confusing if os_prefix is used in conjunction
with other filters to implement alternate boot behaviour.
In Raspberry Pi OS the README file is always included to ensure
that the relevant documentation is in sync with the overlays. Rather
that including the entire file let's just include an empty file so
that overlays directory is consistent with the Raspberry Pi OS
APT package.
From
https://www.raspberrypi.com/documentation/computers/config_txt.html#overlay_prefix
Unless ${os_prefix}${overlay_prefix}README exists, overlays are shared
with the main OS (i.e. os_prefix is ignored).
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enable aarch64 support for rpi-userland to provide
vcmailbox and vcgencmd in 64bit builds. The are useful
for programming OTP and system debug.
The ARM64=ON parameter restricts the make targets
to only include those supported on 64-bit i.e. it
excludes the legacy Broadcom EGL drivers.
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SSCEP is a client-only implementation of the SCEP (Cisco System's Simple
Certificate Enrollment Protocol).
The goal of SCEP is to support the secure issuance of certificates to
network devices in a scalable manner, using existing technology whenever
possible. The protocol supports the following operations:
* CA and RA public key distribution
* Certificate enrollment
* Certificate and CRL query
Certificate and CRL access can be achieved by using the LDAP protocol,
or by using the query messages defined in SCEP.
CC: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Copy default $DAEMON_ARGS from systemd service to sysv init script.
Make GITLAB_RUNNER_USER home directory the same as default
--work-directory (-d) flag.
Run sysv daemon process using root user (remove -c option)
This is needed to correctly access config files as specified.
System access can still be limited with gitlab-runner `--user` flag.
Use same $DAEMON_ARGS variable name so it can be overwritten in
/etc/default/gitlab-runner environment file in both cases.
Signed-off-by: Marek Metelski <marek.metelski@grinn-global.com>
Reviewed-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- Fix use of $DAEMON, found by check-package
- Expects DAEMON to be name of daemon controlled by script, this
causes ripple efects in rest of script
- Recommend `chmod a-x`, .mk file installs with `-m 0755`
- Fix shellcheck warnings:
- Use "$VAR" in case of spaces in filenames
- recommend not using $? in if stmt, should use `if start-stop ...`
- mismatch in indentation in case-esac
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In 5b3b2d80f4 we dropped dbus as a build
dependency, however we still need it when building with systemd so
that the service directory is available via pkg-config.
In addition we can drop --with-dbus-datadir by unconditionally
requiring dbus as the datadir will then be fetched from pkg-config.
Fixes:
checking D-Bus bus services directory... configure: error: D-Bus bus services directory is required
http://autobuild.buildroot.net/results/4a48676460e6ce588897598f0022ec840b4b4b8d/
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The edk2 package can be configured for platform Arm Sgi575 but this
does not build correctly:
Usage: build.exe [options] [all|fds|genc|genmake|clean|cleanall|cleanlib|modules|libraries|run]
build.exe: error: option -a: invalid choice: '-b' (choose from 'IA32', 'X64', 'EBC', 'ARM', 'AARCH64', 'RISCV64')
make[1]: *** [package/pkg-generic.mk:293: /home/thomas/buildroot/buildroot/output/build/edk2-edk2-stable202102/.stamp_built] Error 2
make: *** [Makefile:84: _all] Error 2
Add the necessary definitions to fix the build.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
I am not really maintaining these packages, I don't follow closely
enough nor use them to take the time to make the necessary changes.
Giulio has been much more reactive than me to fix issues and he is
already listed for them anyway.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
[yann.morin.1998@free.fr: fix spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
igh-ethercat comes with a small number of patched Linux kernel network
drivers, which aim at replacing the ones available in upstream Linux
kernel. All those drivers are provided only for specific kernel
releases. For example:
r8169-2.6.24-ethercat.c
r8169-2.6.24-orig.c
r8169-2.6.27-ethercat.c
r8169-2.6.27-orig.c
r8169-2.6.28-ethercat.c
r8169-2.6.28-orig.c
r8169-2.6.29-ethercat.c
r8169-2.6.29-orig.c
r8169-2.6.31-ethercat.c
r8169-2.6.31-orig.c
r8169-2.6.32-ethercat.c
r8169-2.6.32-orig.c
r8169-2.6.33-ethercat.c
r8169-2.6.33-orig.c
r8169-2.6.35-ethercat.c
r8169-2.6.35-orig.c
r8169-2.6.36-ethercat.c
r8169-2.6.36-orig.c
r8169-2.6.37-ethercat.c
r8169-2.6.37-orig.c
r8169-3.10-ethercat.c
r8169-3.10-orig.c
r8169-3.12-ethercat.c
r8169-3.12-orig.c
r8169-3.14-ethercat.c
r8169-3.14-orig.c
r8169-3.16-ethercat.c
r8169-3.16-orig.c
r8169-3.2-ethercat.c
r8169-3.2-orig.c
r8169-3.4-ethercat.c
r8169-3.4-orig.c
r8169-3.6-ethercat.c
r8169-3.6-orig.c
r8169-3.8-ethercat.c
r8169-3.8-orig.c
r8169-4.4-ethercat.c
r8169-4.4-orig.c
Obviously, this doesn't play well with the random configuration
testing done by utils/genrandconfig. This commit avoids this issue by
making sure we never build any of those drivers as part of the
genrandconfig generated configurations.
Fixes:
http://autobuild.buildroot.net/results/07b7475d780c067d99ee5618a5fd2bb024a5b4e7/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current version 1.5.2 dates back from 2013, so it is extremely
old. The latest master branch of igh-ethercat contains numerous fixes,
including fixes to ensure that it builds with recent Linux kernel
releases. Backporting the individual patches fixing those issues on a
9 year old release would be too much effort, so we propose to simply
bump the version to the latest available in the Git master branch.
Fixes:
http://autobuild.buildroot.net/results/4dc9b71c805a8156bcf8f398edd3a30f2b6ac6da/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes#6421
Backport from: da9ba3a2a1536017e4ce1ee0f4276578d1ce6e29
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: make it an actual backport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following runtime failure raised since bump of popt to version
1.19 in commit 895bfba93f:
Problem opening for reading! Error is 2.
The specified file does not exist!
Fixes:
- No autobuilder failure
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reported-by: Florian Fainelli <f.fainelli@gmail.com>
Tested-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
- CVE-2022-3821: An off-by-one Error issue was discovered in Systemd in
format_timespan() function of time-util.c. An attacker could supply
specific values for time and accuracy that leads to buffer overrun in
format_timespan(), leading to a Denial of Service.
https://github.com/systemd/systemd/issues/23928
Drop now upstream 0001-missing-syscall-define-MOVE_MOUNT_T_EMPTY_PATH-if-mi.patch
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Z3, also known as the Z3 Theorem Prover, is a cross-platform
satisfiability modulo theories (SMT) solver.
https://github.com/Z3Prover/z3
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- python bindings 'depends on' python, not 'select' it
- fix check-package in test_z3.py
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-39377: sysstat is a set of system performance tools for the
Linux operating system. On 32 bit systems, in versions 9.1.16 and newer
but prior to 12.7.1, allocate_structures contains a size_t overflow in
sa_common.c. The allocate_structures function insufficiently checks
bounds before arithmetic multiplication, allowing for an overflow in the
size allocated for the buffer representing system activities. This issue
may lead to Remote Code Execution (RCE).
Despite what is written above in the CVE announcement, and as written in
the Changelog, the fix is also included in version 12.6.1 (12.7.1 is a
development version):
https://github.com/sysstat/sysstat/commit/c1e631eddc50c04e4dcea169ba396bee2bd6b0ab
As a consequence, 12.6.1 is still reported as being affected. Until the
NVD is updated appropriately, we mark the CVE as ignored with a comment
that explains why.
Note: that commit is not reachable from any branch in the sysstat
repository, and Github warns about that, but the commit does belong to
the upstream repository and is reachable from the 12.6.1 tag (it looks
like sysstat only pushes tags-with-history for fix releases).
https://github.com/sysstat/sysstat/security/advisories/GHSA-q8r6-g56f-9w7xhttps://github.com/sysstat/sysstat/blob/v12.6.1/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- ignore the CVE, explain why
- explain why github warns about the fix commit
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This adds a separate opencv4_contrib package to manage
downloading/unpacking that repository. These extra modules
are useful for a lot of applications, but not necessary
for minimal installs, so they are all given dedicated Kconfig
options
It's important to note that the opencv4-contrib package
downloads extra source that is compiled as a part of
the opencv4 package. This is why it is a dependency
of opencv4, and not the other way around
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit e37c110 ("package/gnuradio: bump version to 3.10.4.0")
included two numbered patches. Those are generating
"make check-package" warnings.
Fixes:
make check-package
package/gnuradio/0001-blocks-Including-missing-vector-in-blockinterleaver.patch:4: generate your patches with 'git format-patch -N'
package/gnuradio/0002-blocks-blockinterleaving.h-add-missing-cstddef-heade.patch:4: generate your patches with 'git format-patch -N'
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
DNS rebinding in --inspect via invalid octal IP address (Medium) (CVE-2022-43548)
The Node.js rebinding protector for --inspect still allows invalid IP
address, specifically, the octal format. An example of an octal IP address
is 1.09.0.0, the 09 octet is invalid because 9 is not a number in the base 8
number system. Browsers such as Firefox (tested on latest version m105)
will still attempt to resolve this invalid octal address via DNS. When
combined with an active --inspect session, such as when using VSCode, an
attacker can perform DNS rebinding and execute arbitrary code
Update license hash for an update of base64 (MIT license) and a change in
copyright year:
https://github.com/nodejs/node/commit/8ea9a71b15a953cd0936f7e6aae84c62873a77b5https://github.com/nodejs/node/commit/9f14dc1a8f43a9f3755c673009378b798cbdd73b
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A severe bug has been found in Libksba , the library used by GnuPG for parsing
the ASN.1 structures as used by S/MIME. The bug affects all versions of Libksba
before 1.6.2 and may be used for remote code execution.
Fix CVE-2022-3515
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Rename configure options to avoid the following build failure raised
since bump to version 3.2.5 in commit
ae2807821d:
./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)':
./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target
89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; }
| ^~~~~~~~~~~~~~~~~~~~~
./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default
480 | }
| ^
If you can't fix the issue, re-run ./configure with --disable-roll-simd.
Fixes:
- http://autobuild.buildroot.org/results/069da8e585da2e51bfd4f475cc12b9a134954b08
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a header only library which is required by the latest version
of zxing-cpp.
Include paths and pc file are based off of debian libstb package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Current python-automat version 20.2.0 no longer work with Python 3.11
updated in commit 738500c296.
Running package runtime test with command:
support/testing/run-tests \
-d dl \
-o output_folder \
tests.package.test_python_automat.TestPythonPy3Automat
Fails with output:
Traceback (most recent call last):
File "/root/sample_python_automat.py", line 27, in <module>
led.turn_on()
^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/automat/_methodical.py", line 232, in __get__
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 43, in decorator
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 35, in copyfunction
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 23, in copycode
TypeError: code() argument 13 must be str, not int
This commit fixes this issue by updating the package to the latest
version.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- remove all no more required patches
- backport 2 patches to fix failures induces by missing headers
- add dependency to SPDLOG
- add pybind dependency where python is set
Note:
- Since gnuradio 3.10 swig was replaced by pybind. Now python libraries,
bindings and python wrappers are produces using pybind: this
why python-pybind is a buildtime dependency. As mentionned in [1], this one
is a stagging only package: headers must be into staging directory, so it
can't be host and at the same time since this package provides only headers
and .cmake files nothing has to be installed into the target directory. A
select is required because it's not an host package and
GNURADIO_DEPENDENCIES is updated with python-pybind to have pybind present
before gnuradio's build.
- host-python-numpy is now required since some cpp bindings uses numpy's
functions directly. python-numpy (target package) is left required because
python blocks and wrappers needs this library at runtime.
[1] http://lists.busybox.net/pipermail/buildroot/2022-October/653030.html
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libsndfile is only needed by the sbctester utility and the library can
be built without this dependency.
Add a config option to cover not just sbctester but the command-line
utilities as well. While the utilities may be useful for debugging,
normal usage will only need libsbc and these applications can be
omitted.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The build of lttng-modules will fail if the kernel does not have
CONFIG_TRACEPOINTS enabled. However, CONFIG_TRACEPOINTS is a
prompt-less option, and the most generic option that does enable
CONFIG_TRACEPOINTS is CONFIG_FTRACE.
In addition, CONFIG_FTRACE will also enable CONFIG_STACKTRACE, which
is needed on CPU architectures that don't provide the STACKWALK
mechanism in the kernel, as is the case on ARM 32-bit for example.
Therefore, let's enable CONFIG_FTRACE when building lttng-modules.
Cc: Clément Léger <clement.leger@bootlin.com>
Reported-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libvncclient v0.9.13 was discovered to contain a memory leak via the
function rfbClientCleanup().
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is stable bugfix release of libmdbx, in Family Glory and
in memory of Boris Yuriev (the inventor of Helicopter and
Swashplate in 1911) on his 133rd birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
Release notes for v0.11.13
--------------------------
Fixes:
- Fixed builds with older libc versions after using `fcntl64()` (backport).
- Fixed builds with older `stdatomic.h` versions,
where the `ATOMIC_*_LOCK_FREE` macros mistakenly redefined using functions (backport).
- Added workaround for `mremap()` defect to avoid assertion failure (backport).
- Workaround for `encryptfs` bug(s) in the `copy_file_range` implementation (backport).
- Fixed unexpected `MDBX_BUSY` from `mdbx_env_set_option()`, `mdbx_env_set_syncbytes()`
and `mdbx_env_set_syncperiod()` (backport).
- CMake requirements lowered to version 3.0.2 (backport).
- Added admonition of insecure for RISC-V (backport).
Minors:
- Minor clarification output of `--help` for `mdbx_test` (backport).
- Added admonition of insecure for RISC-V (backport).
- Stochastic scripts and CMake files synchronized with the `devel` branch.
- Use `--dont-check-ram-size` for small-tests make-targets (backport).
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Support mounting in /media instead of /run/media for compatibility
with the Filesystem Hierarchy Standard (FHS). This is also required
for backward compatibility with udisks1.
Signed-off-by: Wolfgang Grandegger <wg@grandegger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove inaccurate comment that claims twisted and treq version/site
variables are shared. They are not shared and the packages aren't
always updated at the same time.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When BR2_XTENSA_CUSTOM=y is used with the internal toolchain, an
overlay file is mandatory, which genrandconfig can't provide. So we
simply disallow such configurations.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 4cbf733691 ("arch/xtensa: custom
configuration requires an overlay") added a check in
arch/arch.mk.xtensa to bail out if a custom Xtensa core is selected
but not overlay file is provided. While this is indeed a perfectly
valid check to make when building an internal toolchain, with an
external toolchain it's entirely possible to build with no overlay
file: the toolchain already exists, and there's no overlay to be
applied in the context of the Buildroot build.
And indeed commit 4cbf733691 broke some
of the runtime test cases that use a custom Xtensa core configuration,
with no overlay, to test the toolchains.bootlin.com Xtensa external
toolchain. By relaxing the check to only apply to internal toolchain
configurations, we fix those test cases.
It is to be noted that this still allows a configuration where gdb gets
built for a custom core, but with no overlay, so basically that means
the fsf variant, which can lead to build or run failures that
4cbf733691 attempted to fix to begin with. This still covers the
most common cases.
Finally, it also means being able to build a kernel with no overlay, but
this is offset by the fact that the kernel may be already patched with
an overlay (as it is possible to specify a custom kernel), which is most
probably what people using a custom core would have.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261966https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261963
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: extend commit log with last two paragraphs]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
dracut is not really ready to be installed with a non-/ prefix, and it
has a lot of hard-coded assumptions that it is going to run on the host
for which it is goign to generate an initramfs; for example, it
hard-codes calls to /lib/dracut/some-file in some of its modules. It
also uses the host system layout to decide whether it needs a
merged-usr or not.
Furthermore, dracut populates the temporary directory which content will
be used to generate the cpio, with a bunch of files, even before calling
any of the dracut modules.
The name for that temporary directory is not predictable (looks like the
output of 'mktemp -d dracut.XXXXXX', with names like dracut.1Vfn9F seen
while debugging).
As a consequence, we can't prepare the temporary directory with the
proper symlinks beforehand.
So, we provide a very-early module of our own, that will (hopefully) run
before any other module, to fixup the messed-up layout prepared by
dracut. This module moves the content of /lib, /bin, and /sbin, out and
into their counterparts in /usr, and creates the usual symlinks.
When we do not require a merged-usr, then we have nothing to do, so the
module checks for /lib being a symlink, as the hint that we want a
merged-usr or not.
Note: currently, we've seen nothing that dracut installed in /bin or
/sbin, but for trying to be future-proof, we also handle them; this
causes a spurious warning:
mv: cannot stat '..../build/buildroot-fs/cpio/tmp/dracut.YQnzNP/initramfs/bin/*': No such file or directory
Since there are already quite a bunch of similar failures in the
official modules bundled in dracut, an extra such issue or two should
not be too scary...
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261241https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261239https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261236
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
systemd does not build with -Ofast (at least with gcc-12), leading to
build errors like:
../src/shared/condition.c: In function ‘condition_dump_list’:
../src/shared/condition.c:1227:33: error: ‘%s’ directive argument is null [-Werror=format-overflow=]
1227 | "%s\t%s: %s%s%s %s\n",
| ^~
cc1: some warnings being treated as errors
It is not really clear what the reason is, but it smells like a compiler
error.
Indeed, the failing format is passed to an fprintf, and the parameter
corresponding to the failing %s directive is a call to a function
which prototype is defined but the implementation only comes later in
the same compilation unit, but is the result of macro expansion, which
yields a function definition like:
const char foo_to_string(foo_type i) {
if (i < 0 || i >= (foo_type) ELEMENTSOF(foo_table))
return NULL;
return foo_table[i]
}
(where ELEMENTSOF(x) is a macros arounf sizeof(x) to determine the
number of elements in the array foo_table).
However, in the failing case, foo_table is a static const array indexed
with constants from an enum, and foo_to_string() is only ever called
with variables that are only ever set to one of those enum values.
Since -Ofast is also explicitly documented as breaking otehrwise
conformant programs, we're not going to debug further the reason for the
build failure.
Instead, just revert to the best alternate optimisation level. We chose
-O3, as -Ofast is based on -O3 with breaking optimisation flags.
With -O3, the build succeeds.
Fixes:
http://autobuild.buildroot.org/results/3ffaa9b3ecacc6ac326be78196af1ad613f195ed/ (sparc64)
http://autobuild.buildroot.org/results/3f6ae2e503dd1539e4240f344865da4881879204/ (arm)
http://autobuild.buildroot.org/results/68c17056490d441c7f862349e9c7e471b4570162/ (ppc64)
...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Sen Hastings <sen@phobosdpl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
matchbox-startup-monitor is an ageing package, and uses an old
configure.ac with archaic constructs. This had generated a configure
script that incorrectly tries to look for and validate a C++ compiler:
checking for powerpc64le-buildroot-linux-gnu-g++... no
checking whether we are using the GNU C++ compiler... no
checking whether no accepts -g... no
checking dependency style of no... none
checking how to run the C++ preprocessor... /lib/cpp
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
Calling autoreconf fixes the issue, as the generated configure no longer
tries to look for a C++ compiler at all anymore. Running autoreconf does
not add any new dependency, as they are already in the dependency chain
via other packages.
Fixes:
http://autobuild.buildroot.org/results/223/223f43dd76ee907c5f25c4fee94a0f5d75614dd5/
See also similar changes:
9993a36f5e package/pamtester: fix build without C++
c05cc5de86 package/madplay: needs autoreconf
eae18d01ab libmad: needs autoreconf
43274dd3e0 package/libid3tag: needs autoreconf
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ATF version 2.2 and older does not disable SSP when
ENABLE_STACK_PROTECTOR is not set. This is because the compiler enables
SSP by default, and ATF does not pass -fno-stack-protector to the
compiler. Upstream commit 7af195e29a42 ("Disable stack protection
explicitly") fixed the issue for v2.3 and newer.
Add -fno-stack-protector in CFLAGS when
BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP is not set to fix older ATF
versions.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3301821171
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
sudo's configure script looks up on the host to determine the path where
to install its systemd tmpfiles. That is incorrect in cross-compilation.
We can explicitly tell sudo where to install its tmpfiles, which we do
when systemd is enabled (in Buildroot, systemd-tmpfiles is always
enabled when systemd is), or we can tell it not to install tmpfiles at
all, which we do otherwise.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: reword and extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
sudo's configure script looks up on the host to determine the path to
the timezone data location. That fails in cross-compilation.
This is used to sanitise the TZ envirnment variable at runtime, and is
not used at buildtime (except to be stored as a string in the program).
We can tell sudo where the tz data will be, which we do when the tzdata
package is enabled, and we can tell it not to use it at all (to not pass
TZ down to sudo-ed executions) othwerwise.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: rewrite and extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 223516b51e (configs/kontron_bl_imx8mm: U-Boot needs util-linux)
added the needed dependency against host-util-linux, but missed an
earlier comment about u-boot still failing [0]
The U-Boot makefile for the host tools does not handle the
compiler/linker options properly. There are some patches [1][2] that fixes
that issue already applied in the newer U-Boot version 2022.10. So we have to
bump U-Boot to fix an autobuilder failure.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/3267233833
[0] https://lore.kernel.org/buildroot/CAEyMn7Y3UgT-8dYY5rbnzcPfbGmqRVXG=joWx1fSSCC=WiFzbg@mail.gmail.com/
[1] U-Boot: a638bd349ea43825 (kbuild: add KBUILD_HOSTLDFLAGS to cmd_host-csingle)
[2] U-Boot: 31a7688cbe0ed5ed (tools: mkeficapsule: use pkg-config to get -luuid and -lgnutls)
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- update commit log with reference to [0]
- slightly tweak commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since bump to version 0.9.4 in
commit 5cae1a0d67:
In file included from iw_if.h:26:0,
from conf.c:19:
/home/buildroot/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/linux/if.h:71:2: error: redeclaration of enumerator 'IFF_UP'
IFF_UP = 1<<0, /* sysfs */
^
/home/buildroot/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/net/if.h:44:5: note: previous definition of 'IFF_UP' was here
IFF_UP = 0x1, /* Interface is up. */
^
Fixes:
- http://autobuild.buildroot.org/results/cbdf3e0cf0bee8f1b076581768c24155afc320d9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following systemd build failure raised since bump to version
5.0.1 in commit db19998035:
../src/lxc/cgroups/cgfsng.c: In function 'unpriv_systemd_create_scope':
../src/lxc/cgroups/cgfsng.c:1234:104: error: incompatible type for argument 10 of 'sd_bus_call_method_asyncv'
r = sd_bus_call_method_asyncv(bus, NULL, DESTINATION, PATH, INTERFACE, "Subscribe", NULL, NULL, NULL, NULL);
^~~~
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/3282261449
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
socat's configure script does not take the zlib dependency into
account when linking with libssl, and therefore fails at detecting
libssl in BR2_STATIC_LIBS=y configurations.
Since there is no easy way to add the zlib dependency, just disable
openssl support for static builds.
This is not fixing a build failure: libssl was not detected in
BR2_STATIC_LIBS=y configurations, so what this commit does is make it
explicit.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit
4e7dfe20bb ("configs/friendlyarm_nanopi_m4:
remove defconfig") forgot to fully reflect the removal of the
defconfig in the DEVELOPERS file, causing a get-developers warning:
WARNING: 'board/friendlyarm/nanopi-m4' doesn't match any file
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the zed to Xilinx release 2022.2.
Xilinx 2022.2 includes:
- U-Boot 2022.01 bug fixes
- Linux bump to Linux 5.15.36 with bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the microzed to Xilinx release 2022.2.
Xilinx 2022.2 includes:
- U-Boot 2022.01 bug fixes
- Linux bump to Linux 5.15.36 with bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit ea38acd17d ("package/boost:
backport development branch changes to fix MIPS64 build failure")
introduced a patch formatting issue detected by check-package. This
commit fixes this issue.
Fixes:
package/boost/0001-Improve-modfunc-performance.patch:4: generate your patches with 'git format-patch -N'
https://gitlab.com/buildroot.org/buildroot/-/jobs/3287511158
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch migrates the u-boot device tree definition
from uboot.fragment files to use BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS
instead for the zynqmp_kria_kv260_defconfig.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch migrates the u-boot device tree definition
from uboot.fragment files to use BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS
instead for the zynq_zc706, zynq_zed and zynq_microzed defconfigs.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Compilation of Perl-related packages fails if `PERL_MM_OPT` is defined.
We previously issued an error in this case.
Instead, simply `unexport` the variable.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Pass TARGET_LDFLAGS (which contains -static) to fix the following static
build failures with gpio, iio and pci:
LINK lsgpio
/home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/arm-buildroot-linux-musleabi/10.4.0/../../../../arm-buildroot-linux-musleabi/bin/ld: /home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/arm-buildroot-linux-musleabi/10.4.0/libgcc.a(_dvmd_lnx.o): in function `__aeabi_ldiv0':
/home/autobuild/autobuild/instance-8/output-1/build/host-gcc-final-10.4.0/build/arm-buildroot-linux-musleabi/libgcc/../../../libgcc/config/arm/lib1funcs.S:1499: undefined reference to `raise'
[...]
LINK iio_event_monitor
/home/thomas/autobuild/instance-2/output-1/host/lib/gcc/microblazeel-buildroot-linux-musl/11.3.0/../../../../microblazeel-buildroot-linux-musl/bin/ld: /home/thomas/autobuild/instance-2/output-1/host/lib/gcc/microblazeel-buildroot-linux-musl/11.3.0/libgcc.a(unwind-dw2.o): in function `size_of_encoded_value':
/home/thomas/autobuild/instance-2/output-1/build/host-gcc-final-11.3.0/build/microblazeel-buildroot-linux-musl/libgcc/../../../libgcc/unwind-pe.h:88: undefined reference to `abort'
Fixes:
- http://autobuild.buildroot.org/results/f202eb843ef331939f5f12325bdbf2d0d664a7ce
- http://autobuild.buildroot.org/results/504ec8be1ebd15c5da09f8b90bb723a58d4c58c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static build failure with popt and iconv raised since
bump to version 1.0.9 in commit 69015ce94a
and
https://sourceforge.net/p/gptfdisk/code/ci/122b58ad82f1a144226d262c87241ee035ed1aff
(which added an unified Makefile):
/home/autobuild/autobuild/instance-0/output-1/host/bin/mips64el-buildroot-linux-uclibc-g++ crc32.o support.o guid.o gptpart.o mbrpart.o basicmbr.o mbr.o gpt.o bsd.o parttypes.o attributes.o diskio.o diskio-unix.o sgdisk.o gptcl.o -static -liconv -lpopt -o sgdisk
/home/autobuild/autobuild/instance-0/output-1/host/lib/gcc/mips64el-buildroot-linux-uclibc/11.3.0/../../../../mips64el-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-0/output-1/host/mips64el-buildroot-linux-uclibc/sysroot/usr/lib64/../lib64/libpopt.a(poptint.o): in function `strdup_locale_from_utf8':
poptint.c:(.text+0x113c): undefined reference to `libiconv_open'
As can be seen above, this build failure is raised because -liconv is
added before -lpopt so use pkgconfig and SGDISK_LDLIBS
The addition of -liconv in LDLIBS could probably be removed in a
follow-up patch for next branch
Fixes:
- http://autobuild.buildroot.org/results/c9f2c9e737c2dd1cd4c1a08a5e8a48165179282d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CARGO_HOME is where Cargo stores its downloaded artefacts. See
https://doc.rust-lang.org/cargo/reference/environment-variables.html:
CARGO_HOME — Cargo maintains a local cache of the registry index and
of git checkouts of crates. By default these are stored under
$HOME/.cargo (%USERPROFILE%\.cargo on Windows), but this variable
overrides the location of this directory. Once a crate is cached it
is not removed by the clean command. For more details refer to the
guide.
We currently make it point to $(HOST_DIR)/share/cargo, but this has a
number of drawbacks:
(1) It is not shared between Buildroot builds. Each Buildroot build
will re-download the crates index, and the crates themselves,
unless of course the final vendored tarball is already there.
(2) With BR2_PER_PACKAGE_DIRECTORIES=y, it is even worse: CARGO_HOME
is not even shared between packages, as $(HOST_DIR)/share/cargo
is per package. So each package in the build that needs vendoring
of Cargo crates will download the crates index and the crates in
its own CARGO_HOME location.
To solve this, this commit moves CARGO_HOME into $(DL_DIR), so that it
is shared between builds and packages.
Even though not the best/most authoritative source,
https://github.com/rust-lang/cargo/issues/6930 indicates that there is
a lock when accessing CARGO_HOME, because a user even complains that
this lock has even become more coarse-grained than it used to be
(which for us is fine, it just means that two Cargo fetch operations
from two different packages will be serialized, not a big deal).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Moritz Bitsch <moritz@h6t.eu>
[yann.morin.1998@free.fr: rename directory: s/\.cargo/br-cargo-home/]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of replicating $(HOST_DIR)/share/cargo in several place,
define BR_CARGO_HOME. This will help when we'll want to change this
location.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A Floating point exception (division-by-zero) flaw was found in Mupdf
for zero width pages in muraster.c. It is fixed in Mupdf-1.20.0-rc1
upstream.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without NEON probably raised since bump
to version 1.9.9-b1 in commit 1f7b12a0b4
and
https://github.com/zlib-ng/zlib-ng/commit/ec02ecf104e1d3f1836a908a359f20aa93494df5:
In file included from /home/autobuild/autobuild/instance-4/output-1/build/zlib-ng-2.0.6/arch/arm/adler32_neon.c:11:
/home/autobuild/autobuild/instance-4/output-1/host/lib/gcc/arm-buildroot-linux-uclibcgnueabi/10.3.0/include/arm_neon.h:31:2: error: #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
31 | #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/8260762632cde9eb5bc2154084680b5bec034aa6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop upstream patch.
Update README hash for changes not related to licensing.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
socat's configure script does not take the zlib dependency into
account when linking with libssl, and therefore fails at detecting
libssl in BR2_STATIC_LIBS=y configurations.
Since there is no easy way to add the zlib dependency, just disable
openssl support for static builds.
This is not fixing a build failure: libssl was not detected in
BR2_STATIC_LIBS=y configurations, so what this commit does is make it
explicit.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
socal configure uses AC_TRY_RUN to detect printf features. This does
not work for cross compilation.
All C libraries we use support C99 snprintf. Only glibc and uClibc
support the deprecated Z modifier.
These issues were noticed by an inspection of configure.ac.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable documentation to avoid the following build failure without
makeinfo raised at least since bump to version 1.6.10 in commit
f0faa3b71c (and probably since the
addition of the package in commit
663f39c88c):
/home/buildroot/autobuild/instance-0/output-1/build/freeipmi-1.6.10/config/missing: line 81: makeinfo: command not found
WARNING: 'makeinfo' is missing on your system.
You should only need it if you modified a '.texi' file, or
any other file indirectly affecting the aspect of the manual.
You might want to install the Texinfo package:
<https://www.gnu.org/software/texinfo/>
The spurious makeinfo call might also be the consequence of
using a buggy 'make' (AIX, DU, IRIX), in which case you might
want to install GNU make:
<https://www.gnu.org/software/make/>
Makefile:442: recipe for target 'freeipmi-faq.info' failed
Fixes:
- http://autobuild.buildroot.org/results/ac6ff1c746a354f885fc1674d10e7bff9e536134
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.65.0 annoucement: https://blog.rust-lang.org/2022/11/03/Rust-1.65.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.65.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.65.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add new async timeout runtime dependency.
Verified license is still LGPL-2.1+ after hash changed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The main guile option depends on
BR2_PACKAGE_LIBATOMIC_OPS_ARCH_SUPPORTS, but this was not accounted
for in the Config.in comment.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following powerpc build failures on:
- musl raised because fpu_control.h is not available:
In file included from fp.c:8:
fp-gnuppc.c:21:10: fatal error: fpu_control.h: No such file or directory
21 | #include <fpu_control.h>
| ^~~~~~~~~~~~~~~
- glibc raised because _FPU_RC_NEAREST is undefined if _SOFT_FLOAT is
set:
In file included from fp.c:8:
fp-gnuppc.c: In function 'gsl_ieee_set_mode':
fp-gnuppc.c:53:15: error: '_FPU_RC_NEAREST' undeclared (first use in this function)
53 | mode |= _FPU_RC_NEAREST ;
| ^~~~~~~~~~~~~~~
These build failures are raised since the addition of the package in
commit 9d9f7feba4
Fixes:
- http://autobuild.buildroot.org/results/d73e116c81bf16d2e55fced215d6bd3b382fef10
- http://autobuild.buildroot.org/results/48403946bb4cda9013e51db59c1b2ffdcf4e2854
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix for possible buffer zeroization overrun introduced at the end of
v5.5.2 release cycle in GitHub pull request 5743 (#5743) and fixed in
pull request 5757 (#5757). In the case where a specific memory
allocation failed or a hardware fault happened there was the potential
for an overrun of 0’s when masking the buffer used for (D)TLS 1.2 and
lower operations. (D)TLS 1.3 only and crypto only users are not affected
by the issue. This is not related in any way to recent issues reported
in OpenSSL.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.3-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 0b4a993012 ("package/swupdate:
specify SWU_VER during build") forgot a backslash.
Fixes the following check-package warning:
package/swupdate/swupdate.mk:213: unexpected indent with tabs
and obviously makes the code correct.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
add host-python3 dependency to avoid the following build failure raised
since the addition of the package in commit
e43da7bb32:
(cd /home/autobuild/autobuild/instance-19/output-1/build/botan-2.19.2; PATH="/home/autobuild/autobuild/instance-19/output-1/host/bin:/home/autobuild/autobuild/instance-19/output-1/host/sbin:/home/autobuild/make:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ./configure.py --cpu="m68k" --disable-cc-tests --os=linux --cc=gcc --cc-bin="/home/autobuild/autobuild/instance-19/output-1/host/bin/m68k-linux-g++" --prefix=/usr --without-documentation --extra-libs=atomic --disable-shared-library --enable-static-library --no-autoload --without-stack-protector --without-os-feature=getauxval --with-boost --with-sqlite --with-zlib --disable-altivec --disable-neon)
/usr/bin/env: 'python': No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/91eb6d03ee899bc1034efc5ac7d1fe78961d37ca
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The swupdate build process uses SWU_VER as part of the build commandline
for compiling objects to define the value for use in globals.h (see also
Makefile.flags).
This value is also used to communicate capabilities to lua handlers
(see upstream 0f38ff186e76c55c8d00ccb53739a29bcca91445).
When swupdate gets built, SWU_VER defaults to using `git describe` to
determine the version. This, unfortunately, picks up the version of the
Buildroot checkout and not the actual version of swupdate.
Now, specify SWU_VER as part of the make options to override the
calculated value so the proper version is reported.
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes:
- New command line options to ssdp-scan
- Update copyright years (affects LICENSE file hash)
Fixes:
- Workaround for OpenVPN /32 default server setup
- Time-of-check vs time-of-use issue with caching of UUID,
found by Coverity Scan, fixed by Raul Porancea
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Quoting https://github.com/foo86/dcadec
"This program is deprecated!
This decoder has been fully integrated into FFmpeg master branch and
further development will continue there. Using FFmpeg for DTS decoding
is now recommended."
lbdcadec has had no commit oin the past 7+ years now.
Fixes:
http://autobuild.buildroot.net/results/1e63586c91a2670ecac2940f6e9840e6801c32f3/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: amend commit log with age of last activity]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The openssl configure script disables the afalg engine when it detects
cross-compilation, but the detection missfires because it is based on
the CROSS_COMPILE environment variable, which we do not set (as we pass
fully qualified CC et al.).
So, the afalg engine is built, but it is built for the host, not the
target, so it does not make sense to build and install it. Besides, it
leaks build host info.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
[yann.morin.1998@free.fr: extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a
plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result
in a heap-based buffer over-read. This can be triggered by arbitrary
local users with access to Sudo by entering a password of seven
characters or fewer. The impact could vary depending on the compiler and
processor architecture.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit aaba432e2c (package/gawk: drop incorrect patch) was sent on the
list before e6942ad11f (package/gawk: fix double free during kernel
build) was applied. But when aaba432e2c was eventually applied, the
remaining patch was not renumbered.
Fix that now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We know the system will have a modern-enough C library that implements
the required snprintf() functionality. Since the configure stage can't
detect the system's capabilities (because it is cross-compiling), let's
hard-code the decision.
As a result, rsync won't be linking in its own copy of snprintf().
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 8cd06967b9 (gawk: bump version and migrate to autotargets)
added a patch that purportedly reduced the installation size by not
installing the versioned program (gawk-X.Y).
However, the versioned program is a hard-link to the unversioned one,
so, save for a directory entry, it does not take extra space in the
final image.
Drop that patch.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back when support/testing/tests/package/test_gdb was introduced, there
was a significant difference in how gdb < 10 and gdb >= 10 were
handled in gdb.mk, which explained why we were testing both gdb 9.x
and gdb 11.x.
However, support for gdb 9.x has now been dropped, and we only support
gdb >= 10.x, so testing gdb 9.x and 11.x separately no longer make
much sense. In addition:
- other GDB tests in the same file already test the default version,
which is now 11.x, meaning we in fact have duplicated tests between
the ones testing the default version and the ones testing 11.x
specifically
- GDB 9.x has been removed, which means all the tests testing GDB 9.x
are failing, with a Config.in.legacy build error.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828456 (TestGdbHostOnly9x)
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828454 (TestGdbHostGdbserver9x)
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828451 (TestGdbHostGdbTarget9x)
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The CPIO filesystem generated by the test_python_crossbar test is too
large, and doesn't fit as an initramfs in the 256MB of RAM available
in the versatilepb machine. This causes a "Initramfs unpacking failed:
write error" when booting, and many files being missing from the root
filesystem, ultimately causing the test to fail.
It would make sense to switch all test cases to use ext2 + a
hard-drive, but for now, let's fix the few test cases that are causing
problems.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828587
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-41974: Authorization bypass
- CVE-2022-41973: Symlink attack
For more details, see the writeup:
https://www.qualys.com/2022/10/24/leeloo-multipath/leeloo-multipath.txt
Update README.md hash after license-unrelated changes:
git shortlog 0.9.0..0.9.3 -- README.md
Konstantin Kharlamov (1):
README.md: mention libreadline and libedit optional deps
Xose Vazquez Perez (4):
multipath-tools: update devel repo info in README.md
multipath-tools: add ALUA info to README.md
multipath-tools: add basic info on how to use multipath-tools with NVMe devices
multipath-tools: add more info for NetApp RDAC arrays
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libunistring raised since the
addition of the package in commit
ffb85a4a16:
/home/autobuild/autobuild/instance-2/output-1/per-package/libidn2/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: warning: libunistring.so.2, needed by ../lib/.libs/libidn2.so, not found (try using -rpath or -rpath-link)
/home/autobuild/autobuild/instance-2/output-1/per-package/libidn2/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: ../lib/.libs/libidn2.so: undefined reference to `u8_strconv_to_encoding'
[...]
aarch64-buildroot-linux-gnu-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
Fixes:
- http://autobuild.buildroot.org/results/30ac50512cd4b4cb3ecc97514a72d1f316a1b33a
- http://autobuild.buildroot.org/results/c225ff4ef007b9a3ca56e6b601687aaa33699675
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The HELLO_ examples fail to run because the librevision.so
library build by the userland package is not included
in the image.
Include this library if BR2_PACKAGE_RPI_USERLAND_HELLO
is selected.
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump to version 2.0.16 in
commit e9bc980d93:
/nvmedata/autobuild/instance-7/output-1/per-package/numactl/host/bin/../lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: ./.libs/libnuma.a(libnuma.o): in function `numa_police_memory':
libnuma.c:(.text+0xe28): undefined reference to `__atomic_fetch_and_1'
Fixes:
- http://autobuild.buildroot.org/results/a92c1c60518d3fe08f3f808f9cc812031e85a4e9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
License file moved per changelog:
the license file is packaged as LICENSE
License hash changed due to formatting changes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replace cffi based backend with pyo3 setuptools-rust based backend.
Propagate rust reverse dependency comment.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch migrates the u-boot device tree definition
from uboot.fragment files to use BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS
instead for the zynqmp_zcu102 and zynqmp_zcu106 defconfigs.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In a private e-mail, Emile said "Hi Thomas. Please remove me from the
DEVELOPERS file. I am no longer interested in the packages under my
name."
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add BR2_TARGET_UBOOT_NEEDS_GNUTLS=y and BR2_TARGET_UBOOT_NEEDS_UTIL_LINUX=y
since this are dependencies for building mkeficapsule u-boot tool.
Change the offset of the rootfs to left enough space for the U-Boot that
has increased.
Cc: Michael Walle <michael@walle.cc>
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We pass all our dracut configuration files via a config dir, but dracut
insists with having one config file. Because we do not want to have to
chose which file we pass (which would then have to be excluded from the
config dir), we just used an arbitrary empty file, and /dev/null seemed
to be a good candidate.
However, some build environments do not have a complete /dev, and may be
missing entries otherwise taken for granted, like /dev/null. This is
especially the case in constrained environments like containers.
Switch away from using /dev/null, and do create an actual empty file
that we can use as the dracut config file.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3249828364
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Docker compose up outputs terminal control characters intended for
interactive output viewing.
Wget similarly can use the -q option to produce quieter logs.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
diff LICENCE:
-Copyright (C) 2013-2020 Gary V. Vaughan
+Copyright (C) 2013-2022 Gary V. Vaughan
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switch to an active fork:
"The original stress went unmaintained; the source of the last version,
1.0.4, was imported from Debian. After, patches from Debian and other
changes were applied to create the 1.0.5 release. The details of each
release are registered in the ChangeLog file. Now, stress is maintained
by volunteers under Resurrecting Open Source Projects."
https://github.com/resurrecting-open-source-projects/stress/blob/1.0.5/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit e6942ad11f (package/gawk: fix double free during kernel build)
backported an upstream patch, with hunks in autotools files, Makefile.am
and Makefile.in.
Such changes ususally require an explicitly autoreconf, but in this
case, Makefile.in is modified after Makefile,am, and a simple local test
did not trigger a silent autoreconf, so the patch was applied as-is.
That was a bit too optimitstic, though, and the build fails in some
situations.
Since the hunks in the autotools files are about tests, just drop those
hunks as we are not interested in running the tests.
Also drop the hunks about the changelogs while at it.
Fixes:
http://autobuild.buildroot.org/results/068/0686697cb52d22c42ae2249db3442c008082fe72/http://autobuild.buildroot.org/results/754/75463639cb9cbc32108f059bd6044810a078db06/
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add docopt.cpp library that can be used to create intuitive command
line interfaces with very little code by describing the valid calls
using the (POSIX.1-2017) command line utility argument syntax.
Signed-off-by: Eero Aaltonen <eero.aaltonen@vaisala.com>
Reviewed-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Tested-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Hostapd/wpa_s uses 'crc32' name for IEEE802.11 CRC-32 routine. This name
is too generic. Buildroot autobuilder detected configurations that failed
to build due to the naming conflict with zlib-ng.
Add wpa_supplicant part of the upstream patch that renames 'crc32'
function to a less generic 'ieee80211_crc32' name.
Fixes: http://autobuild.buildroot.net/results/ac19975f0bf77f4a8ca574c374092ba81cd5a332/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Hostapd uses 'crc32' name for IEEE802.11 CRC-32 routine. This name is
too generic. Buildroot autobuilder detected configurations that failed
to build due to the naming conflict with zlib-ng.
Add hostapd part of the upstream patch that renames 'crc32' function
to a less generic 'ieee80211_crc32' name.
Fixes: http://autobuild.buildroot.net/results/9901df820d3afa4cde78e8ad6d62cb8ce7e69fdb/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the cmdline.txt file is installed in $(BINARIES_DIR) by the
rpi-firmware package. Overriding files in there can not be done with an
overlay (which only applies to $(TARGET_DIR)), and thus requires using
either a post-build or post-image script, which is not always very
practical when a custom file must be used.
Like was done in 689b9ac439 (package/rpi-firmware: rework boot/config
file handling) for config.txt, add an option to allow users to specify
the path to a custom cmdline.txt.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Jetson AGX Orin python script to flash requires host python-pyyaml.
Add a Config.in.host option for the host python-pyyaml package.
BR2_PACKAGE_HOST_PYTHON_PYYAML
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a defconfig to build an AArch64 U-Boot based firmware implementing the
subset of UEFI defined by EBBR[1], as well as a Linux OS disk image booting
with UEFI, to run on Qemu.
The generated firmware binary can also be used to install or run another OS
supporting the EBBR specification.
We do not have Linux 5.19 headers at the moment therefore we rely on 5.17
in the defconfig.
[1]: https://github.com/ARM-software/ebbr
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch cherry-picked from upstream to fix the build with GCC 12.
Upstream commit is d1ca3f53c96dc8a4048b17dc16147a8fac782d4a.
I don't know if it fixes any autobuilder errors, I noticed the bug when
building locally.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The main option has a BR2_USE_MMU dependency, so the Config.in comment
should have it as well.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the output of `cargo vendor` to generate the vendor configuration.
Fixes the need to patch the generated configuration if there are
non-crates.io dependencies.
Note:
`cargo vendor` currently prints a newline before it prints the
needed configuration.
This is fixed in +nightly, will end up in +stable soon and must
be considered when updating cargo.
See: https://github.com/rust-lang/cargo/pull/11273
Until then it is needed to remove this first line to make sure
that the contents of .cargo/config will be the same as they were
generated with the earlier version of the script. Thus, the
hashes of the packages that use this script remain the same.
Signed-off-by: Simon Richter <simon.richter@ptwdosimetry.com>
[yann.morin.1998@free.fr: add comment in rust-bin.mk and rust.mk]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Backport an upstream patch to fix a crash during kernel build.
Details: https://bugs.gentoo.org/868567
Fixes:
GEN /home/buildroot/buildroot/output/build/linux-6.0.6/tools/objtool/arch/x86/lib/inat-tables.c
free(): double free detected in tcache 2
Aborted
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Summary of changes:
- skalibs dependency bumped to 2.12.0.0.
- execline dependency bumped to 2.9.0.0.
- s6 dependency bumped to 2.11.1.0.
- s6-rc-compile now reads service dependency information from the
dependencies.d directory and bundle information from the contents.d
directory, instead of the dependencies and contents flat files.
The old format is still supported, but deprecated.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- skalibs dependency bumped to 2.12.0.0
- s6-dns dependency bumped to 2.3.5.4
- skalibs dependency bumped to 2.11.1.0
- execline optional dependency bumped to 2.8.2.0
- s6 dependency bumped to 2.11.0.1
- The obsolete minidentd program has been removed.
- LibreSSL optional dependency bumped to 3.3.4
- LibreTLS optional dependency bumped to 3.3.4
- Client certificates are now properly supported in s6-tlsd-io.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- skalibs dependency bumped to 2.12.0.0.
- s6-fillurandompool has been replaced with the new rngseed program.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- execline optional dependency bumped to 2.9.0.1.
- skalibs dependency bumped to 2.12.0.0.
- nsss optional dependency bumped to 0.2.0.1.
- s6-svwait now supports the -r and -R options, to wait for service restarts.
- The s6/lock.h, s6/supervise.h and s6/fdholder.h headers replace their
previous versions that had an extra s6 prefix.
- New binaries: s6-svlink, s6-svunlink, and s6-socklog.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- skalibs dependency bumped to 2.12.0.0.
- New options to wait: -o to wait for one of the listed processes,
and -a to get the default behaviour.
- wait now exits 99 on timeout.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- skalibs dependency bumped to 2.12.0.1.
- execline optional dependency bumped to 2.9.0.1.
- New -O nlgroups option to mdevd, rebroadcasting uevents to the netlink
after handling them.
- The * and & action directives are now triggered by all action types.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
New:
- New djbunix functions: waitn_posix(), waitn_reap_posix()
- New unix-transactional.h function: opendir_at.
- New skalibs/posixplz.h function: munmap_void().
- random functions now have an early version, to use when randomness is
required before the generator can be seeded (i.e. in programs running in
the very early boot).
- envdir_internal() now has a SKALIBS_ENVDIR_NOCLAMP option allowing
reading of unlimited-size variables.
- fd_close() now chooses to adapt to Linux's close() behaviour (closing
the fd on EINTR) over the HP-UX one (not closing it). Destructors like
close() being allowed to fail has always been a mistake in the
specification and a programming nightmare, making it impossible to
behave correctly on all systems, but apparently standardization efforts
are on the way and the Linux behaviour seems to be the chosen one.
Removed:
- libbiguint removed.
- Obsolete skalibs/environ.h and skalibs/getpeereid.h headers removed.
- rc4 and md5 functions removed.
- iobuffer removed. fd_cat() and fd_catn() changed signatures.
- All signal functions entirely reworked; cruft removed.
- The unsafe cdb_successor() API has been removed.
- random_init() and random_finish() removed, as well as random_char().
Renamed APIs and type:
- random_string() renamed to random_buf().
- All *_t types renamed without the _t suffix, to preserve POSIX namespace.
- subgetopt() renamed to lgetopt().
- skalibs/cdb_make.h renamed to skalibs/cdbmake.h;
cdbmake functions now return 1 on success and 0 on failure.
- skalibs/cdb.h redesigned to remove reader state from the cdb structure.
License hash updated due to copyright year change.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a patch for CVE-2022-31676 (local privilege escalation
vulnerability).
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since 6f5f6bc dbus is selected when iwd is selected.
It is only a runtime dependency, so drop the build
dependency.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix memory leak cause by getaddrinfo
- Fix crash when last block actual size < m_output_size
- Add -dm to disable small memory for debug purpose
- Fix a dead lock when reset stream
- Stop http download when error happen
- Add error check for all request_data
- Fix linux build warning
- Add gzip stream support
- Rework buffer management to support small memory version
- Fix support of empty environment variables in Windows OS
- Fix crash when environment variable is last word in script
- Fix update libusb path
- Update libusb submodule
- Drop vs2017 support.
- Use $(DefaultPlatformToolset)
- Try remove PlatformToolset and set WindowsTargetPlatformVersion to 10.0
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The musl Makefile installs the dynamic loader as a symlink to libc.so
with the following rule:
$(DESTDIR)$(LDSO_PATHNAME): $(DESTDIR)$(libdir)/libc.so
$(INSTALL) -D -l $(libdir)/libc.so $@ || true
While it works, the drawback is that ld-musl-<arch>.so ends up being a
symlink to /lib/libc.so. While it works on the target, it means we
have a broken symlink in $(STAGING_DIR) and $(TARGET_DIR) as
/lib/libc.so doesn't make sense on the build machine. This generally
doesn't cause any problem *except* when we tell Qemu to use
$(STAGING_DIR) as the library directory when running target programs
through the Qemu user emulation mode. This is for example node inside
the NodeJS build. Due to this broken symlink, Qemu can't find libc.so
that is pointed to be the dynamic loader symlink causing this build
error:
qemu-arm: Could not open '/lib/ld-musl-armhf.so.1': No such file or directory
Since this is not really a bug in the musl build system, we address
this issue by overriding the symlink to be a relative path. The
dynamic loader is always installed in /lib, and libc.so is also always
installed in /lib because we pass libdir=/lib when configuring
musl. So we can simply have a ld-musl* -> libc.so symbolic link. We
use ld-musl* as a wildcard so that we don't need to have extra logic
to determine the exact name of the dynamic loader symlink, and simply
override the one that exists.
Fixes:
http://autobuild.buildroot.net/results/9ff23f2e3c97e9af410617de3e7376f9d45a7d63/https://bugs.busybox.net/show_bug.cgi?id=15061
Note that, for external toolchain, we already have a generic fixup that
makes symlinks relative [0]. So in the external toolchain, even if the
symlink is broken, it gets fixed when we import the toolchain into
STAGING_DIR.
[0] https://lore.kernel.org/buildroot/20221026205312.3f729eb8@windsurf/
Cc: hello.skyclo@gmail.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- add summary of Thomas' explanations for external toolchains
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Support for the AVX512FP16 instructions was added in binutils
2.38. See the binutils 2.38 releases notes [0] that state:
X86:
[...]
* Add support for Intel AVX512_FP16 instructions.
[0] https://sourceware.org/pipermail/binutils/2022-February/119721.html
It turns out that when building GCC 12.x, some of these AVX512FP16
instructions are now used, and therefore when binutils < 2.38 is used,
the build fails as the assembler does not recognize those
instructions:
/tmp/ccChzL2g.s: Assembler messages:
/tmp/ccChzL2g.s:20: Error: no such instruction: `vmovw 24(%esp),%xmm2'
/tmp/ccChzL2g.s:21: Error: no such instruction: `vmovw 28(%esp),%xmm3'
/tmp/ccChzL2g.s:22: Error: no such instruction: `vmovw 32(%esp),%xmm4'
/tmp/ccChzL2g.s:23: Error: no such instruction: `vmovw 36(%esp),%xmm5'
/tmp/ccChzL2g.s:30: Error: no such instruction: `vcvtsh2ss %xmm2,%xmm6,%xmm6'
/tmp/ccChzL2g.s:36: Error: no such instruction: `vcvtsh2ss %xmm3,%xmm6,%xmm6'
/tmp/ccChzL2g.s:42: Error: no such instruction: `vcvtsh2ss %xmm4,%xmm7,%xmm7'
/tmp/ccChzL2g.s:48: Error: no such instruction: `vcvtsh2ss %xmm5,%xmm1,%xmm1'
/tmp/ccChzL2g.s:80: Error: no such instruction: `vcvtss2sh (%esp),%xmm1,%xmm1'
/tmp/ccChzL2g.s:96: Error: no such instruction: `vcvtss2sh (%esp),%xmm0,%xmm0'
/tmp/ccChzL2g.s💯 Error: no such instruction: `vucomish %xmm1,%xmm1'
/tmp/ccChzL2g.s:103: Error: no such instruction: `vucomish %xmm0,%xmm0'
/tmp/ccChzL2g.s:122: Error: no such instruction: `vucomish %xmm2,%xmm2'
The same issue does not occur with GCC 11.x, but nothing prevents
other packages than GCC to use those instructions, so the problem
really lies on the binutils side missing the support for those
instructions.
Also, in Buildroot, we do not distinguish AVX512 in general from
AVX512FP16 specifically, so our only option is to make binutils 2.37
unavailable for AVX512 systems even if some of them perhaps don't
support AVX512FP16 anyway. This seems like a reasonable trade-off, as
binutils 2.38 is anyway already the default in Buildroot, and
AVX512-capable systems are fairly recent, and therefore using a recent
binutils version should not be a problem on these platforms.
Fixes:
http://autobuild.buildroot.net/results/eb6e28c934654e6d714973415a2fb452f9580279/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
tinycompress is a library for compress audio offload in alsa.
It also contains the "cplay" and "crecord" programs.
tinycompress is part of the ALSA project.
https://www.alsa-project.org/
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The license in file README.QUICK remains unchanged, but for the
copyright years, some C++ instructions changes, iand a few small
typos/fixes.
Signed-off-by: Pedro Aguilar <paguilar@paguilar.org>
[yann.morin.1998@free.fr: mention copyright years change]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Force cmake packages to use the "Unix Makefiles" generator
in case CMAKE_GENERATOR is set in the host environment. This
patch further isolates the buildroot build environment from
the host.
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switch to now supported system double-conversion library.
Disable built in strip so that stripping is handled by buildroot.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with kernel >= 5.18 raised since bump to
version 3.2.0 in commit 6cbfed0dbf:
/home/autobuild/autobuild/instance-0/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wct4xxp/base.c: In function ‘t4_allocate_buffers’:
/home/autobuild/autobuild/instance-0/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wct4xxp/base.c:3864:17: error: implicit declaration of function ‘pci_alloc_consistent’ [-Werror=implicit-function-declaration]
3864 | alloc = pci_alloc_consistent(wc->dev, numbufs * T4_BASE_SIZE(wc) * 2,
| ^~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/ddacd807dddeb1649e957264ac57bba27d9bb463
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since glibc 2.33 (upstream commit
7a55dd3fb6d2c307a002a16776be84310b9c8989), headers >= 5.4.0 are needed
to build glibc for RISC-V 32-bit. Indeed
sysdeps/unix/sysv/linux/riscv/configure.ac contains:
if test $libc_cv_riscv_int_abi = ilp32; then
arch_minimum_kernel=5.4.0
fi
In order to take into account this dependency, we add the appropriate
logic in package/glibc/Config.in and
toolchain/toolchain-buildroot/Config.in.
This change means that if headers < 5.4.0 are selected, then no C
library at all will be available for RISC-V 32-bit, as glibc is the
only C library supporting RISC-V 32-bit currently. However, thanks to
the recent addition of BR2_TOOLCHAIN_BUILDROOT_NONE, the
choice...endchoice for the C library selection will not be empty,
allowing the user to see the Config.in comment explaining why glibc
can't be selected.
Therefore, technically this commit does prevent from creating a
configuration with RISC-V 32-bit and headers < 5.4.0, but it will have
BR2_TOOLCHAIN_BUILDROOT_NONE=y, which is catched by
package/Makefile.in, which aborts the build early on pointing out that
the configuration is invalid.
Fixes:
http://autobuild.buildroot.net/results/5ca49b2732f68eccb5276e7112f7f496dcc514ee/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In the internal toolchain backend, we have a choice..endchoice block
to allow the user to select the C library, between glibc, uClibc and
musl.
However, there are situations were no C library at all is
supported. In this case, the choice does not appear, and does not
allow to see the Config.in comments that are within the
choice..endchoice block and that may explain why no C library is
available.
For example, on RISC-V 32-bit, the only C library supported is glibc,
and the minimum kernel header version required by glibc on this
architecture is 5.4.0. In a future commit, we are going to add this
dependency on glibc (to fix build issues on configurations that have
headers < 5.4.0). But since glibc is the only supported C library on
RISC-V 32-bit, it means that the choice..endchoice for the C library
contains no entry, preventing from seeing the Config.in comment.
To address this issue, this commit adds a "dummy"
BR2_TOOLCHAIN_BUILDROOT_NONE option that shows up in the
choice..endchoice only when no C library is available. Thanks to this,
the choice..endchoice is never empty, and the Config.in comments can
be seen.
If the user keeps BR2_TOOLCHAIN_BUILDROOT_NONE selected, then the
build will anyway abort early because package/Makefile.in has a check
to verify that a C library is selected, and aborts the build if not.
Some could say that the problem should be resolved by instead
preventing the selection of headers < 5.4.0 on RISC-V 32-bit, but that
is difficult to do as the user can choose a custom header version, or
simply specific that (s)he wants to use the headers of the kernel
being built. In those situations, it's difficult to prevent selecting
headers < 5.4.0.
Prevent random configurations from triggering a build failure in our
autobuilders, by excluding that symbol from accepted configuration.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: update genrandconfig]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The build of NodeJS fails on mipsel due to an issue in the V8 code:
../../deps/v8/src/compiler/backend/mips/code-generator-mips.cc:4106:48: error: call of overloaded 'Operand(int64_t)' is ambiguous
4106 | Operand(static_cast<int64_t>(0)));
There is apparently a lack of maintenance of the MIPS port of V8, as
is discussed in the Github issue at
https://github.com/nodejs/node/issues/26179.
Until this get improved/fixed, our best option is to drop support for
MIPS in our NodeJS package.
Fixes:
http://autobuild.buildroot.net/results/0e6ee80c77bcb77afe18410e8d9da93b738cb0a4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For a very long time, host-sentry-cli has been failing to build with:
error[E0512]: cannot transmute between types of different sizes, or dependently-sized types
--> /home/buildroot/autobuild/instance-2/output-1/build/host-sentry-cli-1.59.0/VENDOR/socket2/src/sockaddr.rs:176:9
|
176 | mem::transmute::<SocketAddrV4, sockaddr_in>(v4);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: source type: `SocketAddrV4` (48 bits)
= note: target type: `sockaddr_in` (128 bits)
For more information about this error, try `rustc --explain E0512`.
error: could not compile `socket2` due to previous error
This socket2 create issue has apparently been fixed by upstream commit
https://github.com/rust-lang/socket2/commit/fd1565af4a82e765754d5baa3ff6e61a2627cabc,
as it removes/reworks the problematic code. This commit has been part
of socket2 since the 0.3.3 version, but sentry-cli 1.59.0 uses socket2
in version 0.3.2.
The next version of sentry-cli that has moved to a more recent
version of socket2 is 1.61.0, however this one also fails to build
with:
Compiling sentry-cli v1.61.0 (/home/buildroot/buildroot/output/build/host-sentry-cli-1.61.0)
warning: fields `schemes` and `name` are never read
--> src/utils/xcode.rs:41:5
|
39 | pub struct XcodeProjectInfo {
| ---------------- fields in this struct
40 | targets: Vec<String>,
41 | schemes: Vec<String>,
| ^^^^^^^
42 | configurations: Vec<String>,
43 | name: String,
| ^^^^
|
= note: `#[warn(dead_code)]` on by default
= note: `XcodeProjectInfo` has a derived impl for the trait `Debug`, but this is intentionally ignored during dead code analysis
warning: `sentry-cli` (bin "sentry-cli") generated 1 warning
Finished release [optimized] target(s) in 55.05s
Installing /home/buildroot/buildroot/output/host/bin/sentry-cli
Installed package `sentry-cli v1.61.0 (/home/buildroot/buildroot/output/build/host-sentry-cli-1.61.0)` (executable `sentry-cli`)
So we just gave up, and went for building the very lastest sentry-cli
version, 2.8.0, which apparently builds fine, at least in the
configurations that used to previously fail.
Yes, such a huge version bump is probably not ideal as a "minimal fix"
to backport on our stable branches, but that's probably the best we
can do without investing too much effort into this package that is
otherwise poorly maintained in Buildroot, as nobody stepped up to
address the issue even though it has been failing for months.
Fixes:
http://autobuild.buildroot.net/results/883b83a5ee44206e0d67a30787bf5d60765ac1e4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static build failure raised since bump to version
1.9.4 in commit 1f54af8c4f:
compiling dynamic library 1.9.4
/home/giuliobenetti/autobuild/run/instance-0/output-1/host/opt/ext-toolchain/m68k-buildroot-uclinux-uclibc/bin/ld.real: /home/giuliobenetti/autobuild/run/instance-0/output-1/host/m68k-buildroot-uclinux-uclibc/sysroot/usr/lib/crt1.o: in function `_start':
(.text+0x1c): undefined reference to `main'
Fixes:
- http://autobuild.buildroot.org/results/9187852fb7a869bf5595275d47929632659a4407
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add Kconfig options to allow enabling asymmetric cipher support
(--enable-lib-asym) and key protocol primitives support
(--enable-lib-kpp) in library.
Signed-off-by: Tan En De <ende.tan@linux.starfivetech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In the case that the WOLFSSL_CALLBACKS macro is set when building
wolfSSL, there is a potential heap over read of 5 bytes when handling
TLS 1.3 client connections. This heap over read is limited to wolfSSL
builds explicitly setting the macro WOLFSSL_CALLBACKS, the feature does
not get turned on by any other build options. The macro
WOLFSSL_CALLBACKS is intended for debug use only, but if having it
enabled in production, users are recommended to disable
WOLFSSL_CALLBACKS. Users enabling WOLFSSL_CALLBACKS are recommended to
update their version of wolfSSL. CVE 2022-42905
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate to setuptools infrastructure.
Add new host-python-packaging dependency.
Refresh zmq version override patch.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SSP support requires support in ATF platform code. Not all platforms
implement plat_get_stack_protector_canary() hook. The result is build
failure:
(.text.asm.update_stack_protector_canary+0x4): undefined reference to `plat_get_stack_protector_canary'
Commit cf176128ec ("boot/arm-trusted-firmware: add SSP option")
originally introduces this issue. But then commit ccac9a5bbb
("boot/arm-trusted-firmware: don't force ENABLE_STACK_PROTECTOR") hid
the problem by effectively disabling SSP for all platforms. So only
after commit 09acc7cbc9 ("boot/arm-trusted-firmware: fix SSP
support") the issue showed up.
Make SSP an opt-in for platform that actually provide the
plat_get_stack_protector_canary() hook.
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Dick Olsson <hi@senzilla.io>
Tested-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
add leap-seconds.list to installed files so it can be used by other packages
specifically, ntpd's ntp.conf can now include:
leapfile /usr/share/zoneinfo/leap-seconds.list
Signed-off-by: David Johnson <dave-git@centerclick.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 7.85.0 fixes CVE-2022-35252: When curl retrieves and parses
cookies from an HTTP(S) server, it accepts cookies using control codes
(byte values below 32). When cookies that contain such control codes are
later sent back to an HTTP(S) server, it might make the server return a
400 response. Effectively allowing a "sister site" to deny service to
siblings.
Drop upstream patches and autoreconf.
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We want to show the headers >= 5.1 Config.in comment when the
BR2_LINUX_KERNEL is satisfied, not when it isn't.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mdio-tools are kernel module and accompanying tools for low-level
debugging of devices attached on MDIO bus like PHY-s, switches etc.
Userspace tools provide C22 or C45 reads and writes, benchmarking
and even dedicated Marvell Link Street tools via the included
kernel module.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0
and older releases. This issue may allow an attacker to cause a denial
of service or have other unspecified impact via control over malloc.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set ac_cv_prog_A2X to disable build of documentation and avoid the
following build failure without a working a2x raised since at least bump
to version 1.1.1 in commit ad21d84a58:
a2x -v -f manpage doc/man/usbguard.1.adoc -D ./$(dirname doc/man/usbguard.1.roff)
a2x -v -f manpage doc/man/usbguard-dbus.8.adoc -D ./$(dirname doc/man/usbguard-dbus.8.roff)
/nvmedata/autobuild/instance-5/output-1/host/bin/python3: Error while finding module specification for 'asciidoc.a2x' (ModuleNotFoundError: No module named 'asciidoc')
Fixes:
- http://autobuild.buildroot.org/results/e41950f3cd4bd83d9b067af498757cb9d2f207ef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libbpf build system currently uses the output of "uname -m" to
determine if the library should be installed in "lib" or
"lib64". However, uname -m returns the architecture of the build
machine, which often has nothing to do with the target CPU
architecture.
A patch has been submitted and accepted upstream to address this
issue, by using the $(CC) -dumpmachine output instead. This ensures
libbpf is installed in either "lib" or "lib64" depending on the
bitness of the target CPU architecture.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since Buildroot commit 3145adfb69 ("package/libbpf: needs headers >=
4.13"), libbpf depends on Linux headers >= 4.13. This requirement
renders the explicit list of supported architectures, previously added
in f693354c30 overly restrictive, as the syscall number for bpf(2)
has been defined since Linux 3.18.
Commit f693354c30 ("package/libbpf: add
BR2_PACKAGE_LIBBPF_ARCH_SUPPORTS") was introduced to fix a build issue
where a toolchain using very old kernel headers (3.13) failed to build
libbpf for ARM, but these architecture dependencies are no longer
needed due to the bump on the kernel headers version requirement.
Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit backports the patch "fixinc: don't "fix" machine names in
__has_include(...)" from upstream GCC, which is needed to resolve a
header conflict between glibc headers and kernel headers, which has
appeared since we bumped glibc to version 2.36 in commit
80c8c15c85.
The problem comes from the "fixinc" logic used by gcc to fixup some
headers files, generated inside an include-fixed/ folder. This logic
ended up replacing "linux/mount.h" by "__linux__/mount.h" in
__has_include() invocation, like this:
#ifdef __has_include
# if __has_include ("__linux__/mount.h")
# include "linux/mount.h"
# endif
#endif
in
build/host-gcc-final-11.3.0/build/gcc/include-fixed/sys/mount.h. With
this fix in place, this "include-fixed" header is no longer generated,
avoiding the problem.
This issue was visible in two different ways in glibc configurations:
- As a build failure during the gcc build itself, for architectures
that support libsanitizer, as libsanitizer includes mount.h, and
would therefore encounter the header conflict.
- As a build failure during another user-space package (such as
sysvinit for example), on architectures when libsanitizer isn't
used, and therefore for which the gcc build was successful, but the
header conflict shows up when building some "random" user-space
package.
The problem is already fixed in GCC 12.2.0, so no patch is
required. The problem did not exist back in GCC 8.4.0, so this version
does not need patching. Consequently, the patch is only needed for GCC
10.4.0, GCC 11.3.0 and the special ARC 2020.09-release version.
Fixes:
(gcc build issue, on architecture that supports libsanitizer)
http://autobuild.buildroot.net/results/90fe4c3b8b72a2c28555674383de9bbd9e8ae09a/
(sysvinit build issue, on architecture that does not support libsanitizer)
http://autobuild.buildroot.net/results/d7bf5795b7621a92be32f18794e3e67944fb96db/
(crun)
http://autobuild.buildroot.net/results/e3e8da4f797dced48aedf8c636db983d36849850/
(libarchive)
http://autobuild.buildroot.net/results/9fcbf0c036a97b2e9a4fcc6e173bcfa09e1b3dac/
Thanks a lot to Peter Seiderer for pointing the relevant GCC commit.
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=15021
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fix CVE-2022-38784: Poppler prior to and including 22.08.0 contains an
integer overflow in the JBIG2 decoder
(JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a
specially crafted PDF file or JBIG2 image could lead to a crash or the
execution of arbitrary code. This is similar to the vulnerability
described by CVE-2022-38171 in Xpdf.
- Drop patch (already in version)
https://gitlab.freedesktop.org/poppler/poppler/-/blob/poppler-22.10.0/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a patch from upstream pull request to fix build with python 3.11.
Fixes:
python/enum.c: In function ‘enumitem_new’:
python/enum.c:55:25: error: lvalue required as left operand of assignment
55 | Py_SIZE(&self->val) = Py_SIZE(longval);
| ^
python/enum.c: In function ‘zbarEnumItem_New’:
python/enum.c:146:25: error: lvalue required as left operand of assignment
146 | Py_SIZE(&self->val) = Py_SIZE(longval);
| ^
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add host-python-cython so that cython will generate python 3.11
compatible sources instead of using the python 3.11 incompatible
pre-built sources.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The configure file is a shell script which searches for a predefined
python binary and then calls configure.py with that.
As we already call configure with the desired python binary we should
call configure.py directly so that the expected python binary is used
and so that the shell wrapper doesn't throw spurious interpreter
validation errors.
This also avoid spurious errors due to the configure shell wrapper
missing supported python versions, for example this fixes:
Node.js configure: Found Python 3.11.0...
Please use python3.10 or python3.9 or python3.8 or python3.7 or python3.6.
/usr/bin/python3.10 ./configure
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.org/results/3a8/3a8b66027cde3cdd9d02745381526d52bb626a78/
Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:
../bisonflex/bif.yy.cpp: In member function 'virtual int BIF::FlexScanner::yylex()':
../bisonflex/bif.yy.cpp:1608:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream<char>'} and 'std::istream*' {aka 'std::basic_istream<char>*'})
Fix it by using normal local #include statements by:
sed -i 's/<FlexLexer.h>/"FlexLexer.h"/g' *
Patch submitted upstream: https://github.com/Xilinx/bootgen/pull/20
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2.1.8 (as of August 5th, 2022)
------------------------------
- Add support for --bounceback to perform a repsonsiveness test (see man
page for other options)
- add support for working loads with --bounceback
- Fix to wait_tick with Mac OS X
- Various python pyflows commits
- add support for client side tcp-write-time histograms and mean/min/max
- add support for human readable dscp or -T values (see man page)
- udp_accept no longer accepts packets from a previous run as a new
connection, this can occur with long network delays
- multiple isoch bug fixes for both UDP and TCP
- isoch server provides mean/min/max/stdev for both frames and packets
- UDP max MTU discovery, requires configure.ac will support
--enable-discover-defaultlen prior to compile
- Drop first patch (already in version)
- Drop second patch (not needed since
https://sourceforge.net/p/iperf2/code/ci/de5cb9954617309eecb8ae7d24b14e6b1e0c11eb)
https://sourceforge.net/projects/iperf2/files/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Version 5.0.1 - 8/2/2022
- On very low speed transfers (<10Kbps) sessions would time out due to
a very large interpacket transmission interval. Fixed by putting a
lower limit on the advertised GRTT of of the interpacket transmission
interval.
- Sending of ABORT messages on early shutdown would sometimes fail due
to OpenSSL cleanup functions running before application cleanup.
Changed the ordering of atexit() handlers to ensure OpenSSL cleanup
happens last.
- Fixed missing timestamp update when clients read CONG_CTRL messages
- Fix to GRTT handling on server to ensure it doesn't fall below minumim.
- Fixed bypassed checking of existing files on client for backup
- Various logging fixes
https://sourceforge.net/projects/uftp-multicast/files/Changes.txt/download
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch adds Xilinx bootgen as a host package to buildroot.
bootgen is a required utility for generating a boot.bin for
Xilinx versal products.
In addition, for developers who wish to use secure boot with
Xilinx SoC products such as zynq and zynqmp, bootgen has a
more complete offering in secure boot features than the u-boot
mkimage utility.
https://github.com/Xilinx/bootgen
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Startig with glibc 2.34, the gconv modules description has been split in
two:
- a common definition in the old location, /usr/lib/gconv/gconv-modules
- specific definitions in a subdirectory, /usr/lib/gconv/gconv-modules.d/
This is done so as to simplify the handling of glibc gconv modules, and
eventually to segregate those outside of glibc, and so that third-parties
may also provide their own gconv converters and their definitions.
And starting with that same glibc version, most of the gconv modules
definitions are moved to an extra configuration file in that
sub-directory.
It is thus no longer possible to use special code pages, like cp850,
which are very useful to access FAT-formatted devices.
Add support for this new gconv layout, while keeping support for older
glibc versions. Note that the modules themselves are not moved or
renamed, just the definition files have changed.
Instead of passing the one old gonv modules definitions file on stdin,
we pass the base directory to that file, and move into the script the
responsibility to find all the gconv definition files.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When only a subset of the glibc gconv modules are installed, we need to
generate a trimmed-down list of available modules. We currently use gawk
for that.
However, we are not using any GNU extension in that awk script, and it
happens to work as expected when using mawk (which has no GNU
extension).
Commit 11c1076db9 (toolchain: add option to copy the gconv libraries)
did not explain why it used gawk explicitly, and given the age for that
commit, we doubt we'd be able to have the involved participants recall
anything from that period...
Besides, gawk is not a requirement for Buildroot.
Switch over to using plain awk.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To generate the glibc locale data, we call into a recursive Makefile,
so as to generate locales in parallel. This is done as part of a
target-finalize hook.
However, that hook is registered after all packages have been parsed,
and as such, it maye be registered after hooks defined in packages.
Furthermore, the expansion of target-finalize hooks is done in a recipe,
so it is not easy to understand whether this generates a "simple" rule
or not.
As a consequence, despite the use of $(MAKE), make may not notice that
the command is a recursive call, and will decide to close the jobserver
file-descriptors, yielding warnings like:
make[2]: warning: jobserver unavailable: using -j1. Add '+' to
parent make rule.
This causes the lcoale data to not be generated in parallel, which is
initially all the fuss about using a sub-makefile...
So, do as suggested, and prepend the hook with a '+', so that it is
explicit to make that it should not close its jobserver fds.
Fixes: 6fbdf51596 (Makefile: Parallelize glibc locale generation)
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We use gpsd's upstream systemd service unit files, which define a
dependency on chronyd.service. And indeed, upstream chrony does
provide an example service unit file chronyd.service.
However, in Buildroot, we are not using chrony's upstream unit, we are
providing our own, much simplified as compared to upstream. We install
that unit file as chrony.service. Notice that subtle difference in the
name: upstream's is chronyd, with a trailing 'd', while ours just
chrony, without the trailing 'd'.
As a consequence, in a Buildroot-built system, gpsd does not wait for
after chrony is started, which causes all kind of mayhem when gpsd
actually needs to talk to chrony.
We have multiple options:
1. use chrony's upstream unit file;
2 rename the chrony service file as installed by Buildroot, to match
what chrony would actually do;
3. tweak gpsd's unit file to refer to chrony.service, not
chronyd.service;
4. leverage systemd's flexibility in how units are defined, and provide
a drop-in to complement gpsd's unit to also wait for chrony.service.
For 1. it is totally unknown why we do have our unit file to begin with,
rather than use upstream's. Since upstream's is much more complex than
ours, using it might have unforetold consequences.
Going with 2. seems the easiest at first sight, but then it would break
systems where users provide their own drop-ins for chrony, as they would
no longer match.
3. is relatively easy, but running sed is not entirely nice. Besides, it
semantically should be a post-install hook, rather than a systemd-init
command, but again that makes things a bit more ugly. Also, some people
may have their own gpsd.service in an overlay or whatever, which would
break our fixup.
Solution 4. is pretty straightforward, although it is not ideal either.
To be noted: some distributions, like Ubuntu 20.04 at least, do install
the chrony unit file as chrony.service, like Buildroot does. However,
there does not appear to be any fixup in gpsd for this discrepancy, as
their gpsd install still refers to chronyd.service. So that does not
help us decide what to do.
So, eventually, we decided to go with solution 4, which has the least
impact on the system, and keeps the status-quo for all other use-cases.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since gpsd-3.22, the systemd service files no longer contain hard-coded
paths to /usr/local/, but use @SBINDIR@ which is replaced appropriately
at build time, and contains the correct path.
Drop the legacy fixup now.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2022-40674: bundled libexpat was upgraded from 2.4.7 to 2.4.9 which
fixes a heap use-after-free vulnerability in function doContent
- gh-97616: a fix for a possible buffer overflow in list *= int
- gh-97612: a fix for possible shell injection in the example script
get-remote-certificate.py(this issue originally had a CVE assigned to it,
which its author withdrew)
- gh-96577: a fix for a potential buffer overrun in msilib
License hash changed due to links in license text being changed from
http to https:
https://github.com/python/cpython/commit/96f8d3619d839266491b722b943de65892bb0e81
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bump from 9.0p1 to 9.1p1 in commit
bb571dc3e8 forgot to update the hash of
the license file. The license file change (detailed below) does not
change the license terms of OpenSSH:
--- output/build/openssh-9.0p1/LICENCE 2022-04-06 02:47:48.000000000 +0200
+++ output/build/openssh-9.1p1/LICENCE 2022-10-03 16:51:42.000000000 +0200
@@ -231,6 +231,7 @@
Eric P. Allman
The Regents of the University of California
Constantin S. Svintsoff
+ Kungliga Tekniska Högskolan
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Fixes:
http://autobuild.buildroot.net/results/697cdcea128c3716c9ae81be6c97937ebd80a5da/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This release of Docker Engine comes with some bug-fixes, and an updated version
of Docker Compose.
Builder
Fix an issue that could result in a panic during docker builder prune or
docker system prune moby/moby#44122.
Daemon
Fix a bug where using docker volume prune would remove volumes that were
still in use if the daemon was running with "live restore" and was restarted
moby/moby#44238.
Packaging
Update Docker Compose to v2.11.2.
https://github.com/moby/moby/releases/tag/v20.10.19
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release of Docker Engine comes with some bug-fixes, and an updated version
of Docker Compose.
Builder
Fix an issue that could result in a panic during docker builder prune or
docker system prune moby/moby#44122.
Daemon
Fix a bug where using docker volume prune would remove volumes that were
still in use if the daemon was running with "live restore" and was restarted
moby/moby#44238.
Packaging
Update Docker Compose to v2.11.2.
https://github.com/moby/moby/releases/tag/v20.10.19
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-41550: GNU oSIP v5.3.0 was discovered to contain an integer
overflow via the component osip_body_parse_header.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://github.com/signalwire/freeswitch/releases/tag/v1.10.8
Removed two patches which are included in upstream release,
renumbered remaining patch.
Removed libs/apr-util/LICENSE due to upstream removal of bundled
apr-util package.
Added fix to disable pcap detection, otherwise /usr/bin/pcap-config
can be picked-up which breaks building freeswitch.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Armada target does not provide platform level support for SSP.
Fixes link failure:
(.text.asm.update_stack_protector_canary+0x4): undefined reference to `plat_get_stack_protector_canary'
This error does not show up on CI jobs because SSP was effectively always
disabled until the previous commit.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit ccac9a5bbb ("boot/arm-trusted-firmware: don't force
ENABLE_STACK_PROTECTOR") fixed a build failure but also effectively
disabled SSP entirely for ATF. This is because ENABLE_STACK_PROTECTOR is
set to 0 unconditionally in make_helpers/defaults.mk, overwriting any
environment set value. So we must pass ENABLE_STACK_PROTECTOR in
MAKE_OPTS for it to be effective. But to avoid said build failure we
can't pass ENABLE_STACK_PROTECTOR=0.
Only pass ENABLE_STACK_PROTECTOR when
BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP is enabled. Drop SSP_LEVEL value for
the !BR2_TARGET_ARM_TRUSTED_FIRMWARE_SSP case which is now unused.
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2022-26291: lrzip v0.641 was discovered to contain a multiple
concurrency use-after-free between the functions zpaq_decompress_buf()
and clear_rulist(). This vulnerability allows attackers to cause a
Denial of Service (DoS) via a crafted Irz file.
- Use official tarball and so drop autoreconf
https://github.com/ckolivas/lrzip/blob/v0.651/WHATS-NEW
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add new version. Remove patch that has been applied upstream. Update
hash for COPYING as it's text has changed to clarify some details but
the license remains LGP-2.0+L/GPL-2.0+.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Denial of service fixes:
Evgeny Vereshchagin discovered several ways in which an authenticated
local attacker could cause a crash (denial of service) in
dbus-daemon --system or a custom DBusServer. In uncommon configurations
these could potentially be carried out by an authenticated remote
attacker.
• An invalid array of fixed-length elements where the length of the
array is not a multiple of the length of the element would cause an
assertion failure in debug builds or an out-of-bounds read in
production builds. This was a regression in version 1.3.0.
(dbus#413, CVE-2022-42011; Simon McVittie)
• A syntactically invalid type signature with incorrectly nested
parentheses and curly brackets would cause an assertion failure in
debug builds. Similar messages could potentially result in a crash or
incorrect message processing in a production build, although we are
not aware of a practical example. (dbus#418, CVE-2022-42010;
Simon McVittie)
• A message in non-native endianness with out-of-band Unix file
descriptors would cause a use-after-free and possible memory
corruption in production builds, or an assertion failure in debug
builds. This was a regression in version 1.3.0. (dbus#417,
CVE-2022-42012; Simon McVittie)
https://gitlab.freedesktop.org/dbus/dbus/-/blob/dbus-1.12.24/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit ff0d534051 (package/iwd: bump version to 1.19), we are no
longer patching configure.ac, so autoreconfigure isn't needed anymore.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
[yann.morin.1998@free.fr: reword with reference to ff0d534051]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Provide a config option that allows the user to enable mmc's "dangerous
commands" if so desired. mmc-utils considers turning on permanent write
protection on a device a "dangerous command" and doesn't offer it by
default.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
[yann.morin.1998@free.fr:
- use if-endif block
- move closer to main option for proper indentation
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a bug fix release. The changes are:
- extmod/machine_i2c: only use WRITE1 option if transfer supports it
This fixes the machine.SoftI2C.readfrom_mem() method on esp32, so it
writes the address to read from.
Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix memory leak in EdDSA verify processing. (CVE-2022-38178)
- Fix memory leak in ECDSA verify processing. (CVE-2022-38177)
- Fix serve-stale crash that could happen when
stale-answer-client-timeout was set to 0 and there was a stale CNAME
in the cache for an incoming query. (CVE-2022-3080)
- Prevent excessive resource use while processing large delegations.
(CVE-2022-2795)
https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_16_33/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is stable bugfix release of libmdbx. So it is reasonable to backport
this patch to all applicable releases/branches of Buildroot.
Release notes for v0.11.12
--------------------------
Fixes:
- Fixed static assertion failure on platforms where the `off_t` type is wider
than corresponding fields of `struct flock` used for file locking (backport).
Now _libmdbx_ will use `fcntl64(F_GETLK64/F_SETLK64/F_SETLKW64)` if available.
- Fixed assertion check inside `page_retire_ex()` (backport).
Minors:
- Fixed `-Wint-to-pointer-cast` warnings while casting to `mdbx_tid_t` (backport).
- Removed needless `LockFileEx()` inside `mdbx_env_copy()` (backport).
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This release contains fixes for three minor memory safety problems.
None are believed to be exploitable, but we report most memory safety
problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing.
Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in
signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
https://www.openssh.com/txt/release-9.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a defconfig for the Starfive VisionFive board, a board built around the
Starfive JH7100 RISC-V 64bit SoC (same as Beaglev).
This board comes with functional lowlevel and U-Boot bootloaders in SPI
flash. The defconfig reuses these and only builds a (6.0 based) kernel and
rootfs.
The factory shipped U-Boot is hard coded to look at MMC partition 3 and
misses some variables, so we provide a uEnv.txt to fix that up, based on
what is done in provided Fedora image.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace disable -Werror patch with new cmake option:
-DASSIMP_WARNINGS_AS_ERRORS=OFF
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
mosquitto can be configured to use password files. Those have a very
trivial layout, with one "username:password" tuple per line, not unlike
Apache's htpasswd file format, but unlike htpasswd files, the password
can be either in clear (boo!), or encrypted (by calling into openssl's
libcrypto).
Encryption of passwords is done with an ad-hoc tool, mosquitto_passwd,
again very like Apache's htpasswd, but the encrypted form is different
(of course). This encryption is handled by mosquitto_passwd, which can
create, update, or delete users, all while storing their encrypted
password, or it can also convert a password file with clear-text
passwords into a password file with encrypted passwords, e.g. it turns
each "foo:bar" entry to their corresponding encrypted form, like
"foo:$7$101$yLPgk5fn46d....==".
It can be very interesting to maintain a clear-text DB of
users:passwords in configuration management [0], and only convert it to
encrypted passwords when embedded on the target.
Add a host variant for mosquitto, which only installs mosquitto_passwd.
[0] ensuring safety, confidentiality, and integrity of that DB is left
as an exercise to the user, and is clearly out of scope for Buildroot,
like storing the root password in the .config is.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Titouan Christophe <titouanchristophe@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop backported patches and rebase the ones that are still relevant.
From version 37 to 38, there is a new build system in place, which is
still custom Makefiles.
This introduces a host-efivar package to account for the 'makeguids'
tool. Previously it was not too cumbersome to work around building that
tool for the host, but with the new build system it is increasingly
coupled with the target build that the least hacky way to work around it
is with a host package and a Makefile patch.
Signed-off-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mender-grubenv no longer uses the mender_grubenv* directories, instead opting
to put the mender_grubenv directories in a grub-mender-grubenv top-level
directory. While there is a legacy install mode which keeps the two separate
directories, it is better to move forward and rip the bandaid off before it
becomes too painful to update in the future if the legacy option is removed
entirely.
- Update the license file sha256 sum due to a year change.
- mender-grubenv no longer installs grub.cfg, so mender_grub.cfg must be copied
manually to grub.cfg.
- BOOT_DIR replaces ENV_DIR in the Makefile.
- The sleep grub2 module is now a requirement.
- /etc/mender_grubenv.config file must be present on the system for the
grub-mender-grubenv-{print,set} scripts to work properly.
In addition to the above changes, update the mender example board file to work
with the updated mender-grubenv version.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated vendor/github.com/mendersoftware/mender-artifact/LICENSE hash due to a
year change.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Updated to the new PCRE2 dependency
* Removed unneeded patches (file m4/stack-direction.m4 is not there)
* Removed autoreconf step because unnecessary after not patching m4
anymore
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop the qsimd_p.h fix, this has been fixed upstream since 6.3.2/6.4.0
Signed-off-by: Jesse Van Gavere <jesseevg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 5.17.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[yann.morin.1998@free.fr: split out to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since 2.5.1, volk has been undergoing a relicensing from GPL-3.0+ to the
LGPL-3.0+, which is still not completely done 5by some large margin), so
it is still covered by the GPL-3.0+, but has parts already covered by
the LGPL-3.0+.
We so far only listed GPL-3.0+, but we also had the license file for the
LGPL-3.0+.
Add LGPL-3.0+ to the list of licenses; the COPYING file is the text of
the GPL-3.0+, so we already had it listed (note: the package has a
COPYING-GPL, but i's a symlink to COPYING).
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[yann.morin.1998@free.fr:
- split out to its own patch
- explain why we don't add COPYING-GPL
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since volk 2.5.1, C++17 is required, and no Boost component is used
anymore.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
[yann.morin.1998@free.fr: split out to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.
This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Mostly internal refactoring and some minor enhancements /fixes in features
cdio_paranoia, ffmpeg (support version 5.1), pipewire, replay gain.
Improve iconv detection.
Fix bogus volume levels with multiple partitions.
For partition support, version 0.23.9 or later is recommended.
Full change log:
https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.23.9/NEWS
Tested on:
i386 (build, run)
x86_64 (build)
aarch64 (build, run)
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We can't use BR2_PACKAGE_LIBOPENSSL to force selecting libopenssl, as
it is part of a choice. Instead, we have a symbol explicitly to force
libopenssl: BR2_PACKAGE_OPENSSL_FORCE_LIBOPENSSL.
Use that.
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The FWTS application and its associated kernel modules do build on arm;
enable it.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Erico Nunes <nunes.erico@gmail.com>
[yann.morin.1998@free.fr: introduce _ARCH_SUPPORTS, sort alphabetically]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Nicolas Tran is apparently no longer at Smile:
The response from the remote server was:
450 4.1.1 <nicolas.tran@smile.fr>: Recipient address rejected: User unknown in virtual mailbox table
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
His e-mail server is no longer responsive. Every single day, we get:
<joerg.krause@embedded.rocks>: connect to embedded.rocks[99.83.154.118]:25:
Connection timed out
when sending the daily autobuilder report.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop have_mfpu_neon which has been added by commit
b07de37540 but is not recognized:
CMake Warning:
Manually-specified variables were not used by the project:
BUILD_DOC
BUILD_DOCS
BUILD_EXAMPLE
BUILD_EXAMPLES
BUILD_TEST
BUILD_TESTING
BUILD_TESTS
CMAKE_INSTALL_RUNSTATEDIR
have_mfpu_neon
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.64.0 annoucement: https://blog.rust-lang.org/2022/09/22/Rust-1.64.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.64.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.64.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The features of the Cortex A7 CPU on the Aspeed AST2600 A3 SoC are :
half thumb fastmult vfp edsp vfpv3 vfpv3d16 tls vfpv4 idiva idivt lpae evtstrm
the vfpv3d16 feature bit is common to both vfpv3 and vfpv4.
Drop BR2_ARM_FPU_VFPV4 which activates the use of vpfd32 (and breaks
user space). Set BR2_ARM_FPU_VFPV4D16 instead.
Signed-off-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From the release notes:
(https://github.com/redis/redis/blob/7.0.5/00-RELEASENOTES)
================================================================================
Redis 7.0.5 Released Wed Sep 21 20:00:00 IST 2022
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-35951) Executing a XAUTOCLAIM command on a stream key in a specific
state, with a specially crafted COUNT argument, may cause an integer overflow,
a subsequent heap overflow, and potentially lead to remote code execution.
The problem affects Redis versions 7.0.0 or newer
[reported by Xion (SeungHyun Lee) of KAIST GoN].
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is currently the latest version in the v16.x branch.
Patch 0001-add-qemu-wrapper-support.patch needs some minor adaptations
to resolve conflicts with other unrelated upstream changes. The other
patches are simply refreshed.
The license file is updates due to:
- Reformatting changes
- Addition of the mention of some files being under GPLv3, but it's
only the autoconf machinery: aclocal.m4 and config.guess, so it's
not relevant to add in our LICENSE variable.
- Addition of the mention of another file being under the MIT
license (install-sh), and MIT is already listed, and this file is
anyway only part of the autoconf machinery.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 1facb09b94 ("package/nodejs:
build host-nodejs only if we're installing modules with NPM") forgot
to account for the dependency on Qemu. Now that nodejs no longer
depends on host-nodejs, but needs host-qemu, we need to make sure that
nodejs selects the relevant BR2_PACKAGE_HOST_QEMU options.
So this patch:
- Drops the dependency of BR2_PACKAGE_NODEJS_ARCH_SUPPORTS on
BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET, which was incorrect: we
don't care about running Qemu on the target. We care about
host-qemu supporting the emulation of the target architecture,
which is what BR2_PACKAGE_HOST_QEMU_ARCH_SUPPORTS is for.
- Adds the dependency to the relevant BR2_PACKAGE_HOST_QEMU options
to BR2_PACKAGE_NODEJS, so that host-qemu is built with the
appropriate features needed to build the target nodejs.
- Removes the qemu related dependencies from host-nodejs, which does
not need Qemu at all.
Without this change the build of nodejs without npm enabled is broken
as the host-qemu that gets built does not have all the features that
are needed. There are no autobuild failures at this point, however.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following sparc build failure raised since bump to version 0.24
in commit 9b5caa2ab4 and
https://github.com/analogdevicesinc/libiio/commit/2d3cae005f364742b3a9e7234d15b2fd2cbac664:
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c: In function 'serial_configure':
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B2500000' undeclared (first use in this function); did you mean 'B1500000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:127:9: note: in expansion of macro 'CASE_BPS'
127 | CASE_BPS(2500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: note: each undeclared identifier is reported only once for each function it appears in
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:127:9: note: in expansion of macro 'CASE_BPS'
127 | CASE_BPS(2500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B3000000' undeclared (first use in this function); did you mean 'B1000000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:128:9: note: in expansion of macro 'CASE_BPS'
128 | CASE_BPS(3000000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B3500000' undeclared (first use in this function); did you mean 'B1500000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:129:9: note: in expansion of macro 'CASE_BPS'
129 | CASE_BPS(3500000, &tty_attrs);
| ^~~~~~~~
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:99:58: error: 'B4000000' undeclared (first use in this function); did you mean 'B1000000'?
99 | #define CASE_BPS(bps, attr) case bps: (attr)->c_cflag |= B##bps; break
| ^
/home/buildroot/autobuild/instance-0/output-1/build/libiio-0.24/iiod/serial.c:130:9: note: in expansion of macro 'CASE_BPS'
130 | CASE_BPS(4000000, &tty_attrs);
| ^~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/8a9902f6eddaab812ebce3506ed6de686f647e02
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 1e2fe860f3 (configs/qemu_ppc64*: downgrade binutils to 2.36.1).
Since then, we've dropped support for binutios 2.36, and hte default is
2.38.x, which has the required changes to fix:
https://github.com/linuxppc/issues/issues/388
Pin the qemu-ppc64 defconfig to explicitly use binutils 2.38.x
Signed-off-by: Cédric Le Goater <clg@kaod.org>
[yann.morin.1998@free.fr:
- explictily force binutils 2.38
- reword commit log to explain why
- reword commit log: it's not really a revert
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This architecture variant is broken in GCC, causing build failures:
../../../libgcc/config/arm/unwind-arm.c:467:1: error: unrecognizable insn:
467 | }
| ^
(insn 2 4 3 2 (set (reg/v/f:SI 118 [ p ])
(reg:SI 0 r0 [ p ])) "../../../libgcc/config/arm/unwind-arm.c":456:1 -1
(nil))
during RTL pass: vregs
../../../libgcc/config/arm/unwind-arm.c:467:1: internal compiler error: in extract_insn, at recog.c:2770
Reported to the GCC developers, the feedback was "iwmmxt support is
definitely bitrotten and most likely should be removed from GCC.".
See:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106972#c1
So this commit simply drops support for iwmmxt, which anyway is
probably barely used nowadays: it's for old Marvell PXA cores that
implemented a special SIMD instruction set. The BR2_xscale option can
be used instead, it's just that it won't use this SIMD instruction
set.
Fixes:
http://autobuild.buildroot.net/results/8e4c4512902c34d8ec0c6f8dfff92b7a198e4b4a/
and the numerous other build failures at:
http://autobuild.buildroot.net/?reason=host-gcc-initial%&subarch=iwmmxt
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building host-nodejs is no longer needed to build the target nodejs,
unless npm is needed during the build, which happens when
BR2_PACKAGE_NODEJS_MODULES_ADDITIONAL is used.
We need to make that host-python3 is built with bz2 and ssl
support. Until now, it was done by the BR2_PACKAGE_HOST_NODEJS option,
but now that the target nodejs no longer depends on host-nodejs, we
are no longer guaranteed to have a host-python3 with bz2/ssl. To make
sure it is the case, we select the relevant options from
BR2_PACKAGE_NODEJS.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The target nodejs package is building those tools, and running them
under Qemu, so it is not necessary for the host variant to install
them.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since upstream commit 79da2534737bd090b7000beed68d225618606e53,
present since NodeJS 16.0.0, another call to the torque tool is done
in tools/v8_gypfiles/v8.gyp, but our patch to wrap calls to such tools
under Qemu forgot this addition. Due to this, the build of NodeJS is
broken since the bump to v16 in Buildroot commit
07408779cc ("package/nodejs: bump to
16.15.0"). This issue is not visible in the autobuilders as it was
hidden by a previous build issue, itself fixed by "package/nodejs: fix
'Duplicate v8 target errors when cross-compiling' error".
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tinyproxy commit 84f203f and earlier does not process HTTP request lines
in the process_request() function and is using uninitialized buffers.
This vulnerability allows attackers to access sensitive information at
system runtime.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libgbm isn't output/target specific, only one version is included
in gpu-core/usr/lib/libgbm.so.
Similarly only gbm.pc is included and not gbm_x11.pc.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This uses a newer firmware implementation that is much faster at
booting. It is supported as of Qemu 7.0.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A native implementation of TLS (and various other cryptographic tools)
in JavaScript.
Signed-off-by: Johan Oudinet <johan.oudinet@gmail.com>
[Thomas: switch to pre-compiled JS files instead of depending on
host-nodejs]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, with a configuration with an internal toolchain, and no other
package is selected [0], especially when one wants to generate an SDK or
a pre-built, pre-installed toolchain, running 'make' will only build
glibc (and its dependencies), and not the full toolchain, as one would
have expected, so there would be no host-final-gcc.
The reason is that 'toolchain' is a virtual package, so it is excluded
from PACKAGES, the list of packages enabled in the configuration. so it
is not a dependency of target-finalize, and so nothing pulls it in the
build.
The reason for excluding virtual packages from that list is not obvious.
When virtual packages were introduced in 7439824412 (packages: add
infrastructure for virtual packages), there was no BR2_PACKAGE_FOO
symbol for virtual packages (but there was BR2_PACKAGE_HAS_FOO), so
there was no telling that the virtual package was enabled, like we had
for the other kinds of packages (normal, bootloader, toolchain, or linux
kernel).
That caused issues, so in f674c428c2 (core/pkg-virtual: do not check
they are neabled [sic]), and then 3e1b33a534 (pkg-generic: improve
incorrectly used package detection), we explicitly excluded the virtual
packages from causing a build failure when something depended on them,
as we could not yet now whether a virtual package was actually enabled
or not.
Then, in 842ba7ecef (pkg-generic: fix rdepends and phony targets of
virtual packages), we eventually associated a virtual package to is
BR2_PACKAGE_HAS_FOO, which allows treating virtual packages like the
other kinds of packages. There, we explicitly kept virtual packages out
of the list, though (the reasoning was that virtual packages install
nothing in host/ or target/, so they do not directly contribute to the
final content, so we do not need to rsync them, so this was an
optimisation).
However, virtual packages are in fact actual generic packages, and it is
possible for virtual packages to actually provide content for the final
image. Even though we do not have any virtual package that has actual
_INSTALL_CMDS, we still have udev that provides a user for example;
virtual packages in br2-external trees may also very well provide
install commands (e.g. to install files common to their various
implementations).
So, there is currently no technical reason to exclude virtual packages
from PACKAGES, the list of packages enabled in the configuration.
Drop the excluding condition, and always add enabled package, whatever
their kind, to the list of enabled packages.
[0] defconfig to reproduce the issue:
BR2_INIT_NONE=y
BR2_SYSTEM_BIN_SH_NONE=y
# BR2_PACKAGE_BUSYBOX is not set
# BR2_PACKAGE_IFUPDOWN_SCRIPTS is not set
# BR2_TARGET_ROOTFS_TAR is not set
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Our current heirloom-mailx package is affected by CVE-2014-7844. It
has been fixed by a Debian patch
0014-globname-Invoke-wordexp-with-WRDE_NOCMD.patch, but it does rely
on other Debian patches as well.
Instead of bringing those patches locally, we just update the package
to use version 12.5-5 from Debian, including its patches.
The local patch
0001-Patched-out-SSL2-support-since-it-is-no-longer-suppo.patch is
removed as it is part of the Debian patches.
The remaining patch 0002-fix-libressl-support.patch is renumbered.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changes:
Disable quiet nan test on windows by @floitsch in #174
Test on all platforms. by @floitsch in #175
Fix warnings on Windows by @floitsch in #176
Run ctests first. by @floitsch in #177
Give shared-lib option and test install by @floitsch in #179
Install Windows debbuger (pdb) files. by @floitsch in #178
Add a cast to silence a signedness conversion warning. by @pkasting in #182
Issue #184 : Fixed all -Wzero-as-null-pointer-constant warnings by @seanm in #185
See https://github.com/google/double-conversion/releases/tag/v3.2.1
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Changes from 3.0.14 to 3.0.15:
8b018e67212957de176292f95718df48f49a418b Bump revision to VERSION = 3.0.15
803b49c40bb0b720b90d9c31d372911f1b946aa7 */*.S: add non-executable GNU stack marking on ELF-linux
2ed6486834634130fe7bc9b8803b0113767fc7c1 lib/Makefile: add .o file dependency on libsubdirs targets
6b28563584edd08ab9c94a746a8061434c165837 Handle __mips64
The patch
0002-inc-efi-.h-also-support-__mips64-to-recognize-mips64.patch is
dropped as it is equivalent to upstream commit
6b28563584edd08ab9c94a746a8061434c165837 ("Handle __mips64")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the listed versions to match current status since commit
b4d9b51508 ("configs/solidrun_macchiatobin: bump BSP components").
All components are now from upstream so no need to state that for each
one.
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Any .pyc files generated by the pycompile script during target
finalization are currently counted in the "Unknown" package,
because packages-file-list.txt only contains the source .py file.
If a .py file is added to filesdict, add the corresponding .pyc
file as well.
Signed-off-by: Michael Klein <m.klein@mvz-labor-lb.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It was fixed for musl during conversion to the new API in 0f519d0da
(released in 20220527).
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This issue was reported by Firas Khalil Khana on a Github pull request
at https://github.com/buildroot/buildroot/pull/113/.
There is no --disable-static in m4. Research in the dark corners of
the Git history has shown that it was apparently added by Peter
Korsgaard back in 2009, in commit
3467cf7305 ("m4: cleanup"). At this
time, the version of m4 used was 1.4.9, but even looking at the
tarball of this old release shows that the ./configure did not support
--disable-static.
So let's drop this option.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit bf446513e7 (ncurses: fix hanging installation due to old
version of tic) introduced the build of the host tic, to be used by the
target ncurses. That commit purportedly built a static tic, but that is
(at least now) wrong: there is nothing that makes the build of tic
static.
Initially, host-ncurses was configured with --without-shared, but that
only drives whether to generate shared libs or not, it does not drive
whether to do a shared or static link of executables.
And in any case, in af23d762e5 (ncurses: enable shared library build
on the host) we explicitly stopped requesting the build of a static
library, to instead require the build of a shared library.
So, we never had a statically linked tic ever.
Furthermore, we override the _BUKLLD_CMDS, but we do not provide any
_INSTALL_CMDS. As a consequence, the full ncurses is installed, not just
tic. And since we override the _BUILD_CMDS, the libraries are not built,
so they get built during the install step.
And we do indeed need the libraries (host-gettext needs them), and not
just tic.
So, just drop our custom _BUILD_CMDS and just build the whole package
with the default settings. We keep the explicit use of --with-shared,
as this is not the standard flag (--enable-shared) and it is not obvious
what the default is.
The set of files installed before and after this change is exactly the
same, and tic still is an "ELF 64-bit LSB shared object" with a RUNPATH
that still correctly points to $(HOST_DIR)/lib
To be noted: there is no regressin in build time either, since we were
already building everything anyway.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
QEMU is supported on both 32-bit and 64-bit RISC-V hosts, so let's
enable support for it in buildroot.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default package rtl8812au-aircrack-ng uses CONFIG_PLATFORM_I386_PC that
define -DCONFIG_LITTLE_ENDIAN and this can't be overridden since the
USER_EXTRA_CFLAGS are assigned to EXTRA_CFLAGS in the beginning of Makefile
while -DCONFIG_LITTLE_ENDIAN is assigned later.
Instead of using the default CONFIG_PLATFORM_I386_PC let's set it to 'n'
and let's use the same defines it uses:
-DCONFIG_IOCTL_CFG80211
-DRTW_USE_CFG80211_STA_EVENT
This way -DCONFIG_BIG_ENDIAN can be define without the conflict of being
defined with with the default -DCONFIG_LITTLE_ENDIAN.
Let's also add Linux config FIXUPS to build the module correctly.
Fixes:
http://autobuild.buildroot.net/results/2e4ee705d0e2b728f102aac4e6729f11ef22be36/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This release fixes a few very critical issues that happpen when using a glib2 newer or equal
than 2.73.2 (after the pcre1->pcre2 update)
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
No review/patches from my side the last few months, so drop my
DEVELOPERS entry.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even though Qt6 support using a bundled sqlite, in Buildroot, we
always prefer to use non-bundled libraries when possible.
Signed-off-by: Jesse Van Gavere <jesseevg@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to a new major release which brings in improvements and a few
new features. Release notes:
https://webkitgtk.org/2022/09/16/webkitgtk2.38.0-released.html
This release also includes security fixes for CVE-2022-32886,
CVE-2022-32891, and CVE-2022-32912. Accompanying security advisory:
https://webkitgtk.org/security/WSA-2022-0009.html
The CMake option to build the documentation has been renamed from
ENABLE_GTK_DOC to ENABLE_DOCUMENTATION, therefore update the build
recipe accordingly. Option USE_LIBNOTIFY is no longer available, as
WebKit now uses the notification portal D-Bus API directly without
relying on libnotify. Lastly, version 2.38.0 introduces a new WebRTC
implementation based on GstWebRTC which is left disabled for now to
keep the existing status quo (WebRTC not available), and adding an
option to enable it can be done in a follow-up patch.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The patches have been used by Alpine for 5 months now and they were
posted on the Busybox mailing list mid-July with no review or comment.
According to Ariadne Conill[1] - though NVD CVSS 3.x Base Score seems to
disagree - this has a low security impact so we could probably just wait
for upstream to merge the patches or implement it the way they want.
Considering those patches have been public for 5 months and upstream
hasn't acted until now, let's take the patches from the mailing list
anyway as there's no indication the CVEs will be fixed upstream soon.
[1] https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NetworkManager supports compiling against either NSS or GnuTLS and in
fact upstream defaults to NSS if both are available and no choice is
specified. Providing a choice can shrink images slightly if some other
package is already pulling in NSS but GnuTLS is not otherwise required.
Since a crypto provider is required and to maintain backwards
compatibility, select GnuTLS when NSS is not selected.
In keeping with the upstream default, choose NSS when both libraries are
available.
Signed-off-by: John Keeping <john@metanate.com>
[Peter: rework to the meson equivalent]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer
over-read.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
These tools are required for debug scenarios where the debug
happens in-target.
Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
[Arnout: install to target in case this option is selected]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
udhcpc default script can handle staticroutes but it is missing from the
default ifupdown options.
Signed-off-by: Remi Jouannet <remi.jouannet@outscale.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As explained in bug #14796, there are situations where the seccomp based
sandboxing in openssh can get confused, leading to connection issues.
As explained by Thomas in the bug report:
glibc does not care about the kernel headers when deciding whether to
try the clock_gettime64() syscall or not: it always use it, and if that
fails at runtime, it falls back to clock_gettime(). This is how glibc
ends up using clock_gettime64() even if your kernel does not support it.
On the other hand, the OpenSSL seccomp code relies on kernel headers to
decide whether the clock_gettime64() syscall should be in the allowed
list of syscalls or not.
So when you are in a situation where glibc is recent, but your kernel is
older, you get into precisely the problem you have: glibc tries to use
clock_gettime64, but OpenSSH seccomp configuration prevents that, which
does not allow glibc to gracefully fallback to clock_gettime (as seccomp
is configured to kill the process on filter violations).
As a workaround, add a _OPENSSH_SANDBOX option (defaulting to y) to
decide if sandboxing should be used or not.
--with-sandbox expects the type of sandboxing to use, and if not
specified, will use the first one available in a list: pledge, systrace,
darwin, seccomp, capsicum, rlimit. On Linux, only seccomp and rlimit are
available, and rlimit probably does not bring much security-wise, so in
all practical matters, on Linux, sandboxing uses seccomp or there is no
sandboxing, so let's just disable sandboxing when we do not want to use
seccomp, and let configure detect seccomp when we request sandboxing.
Fixes (works around) #14796
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: add § about sandboxing types]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit b936a95d02 (package/openssh: bump to version 9.0p1) dropped the
patch touching m4/openssh.m4, but forgot to remove autoreconf. Fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libopenssl needs atomic or the build will fail (e.g. on sparcv8 without
libatomic):
${LDCMD:-/nvmedata/autobuild/instance-7/output-1/host/bin/sparc-buildroot-linux-uclibc-gcc} -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O0 -g2 -g2 -L. \
-o apps/openssl apps/asn1pars.o apps/ca.o apps/ciphers.o apps/cms.o apps/crl.o apps/crl2p7.o apps/dgst.o apps/dhparam.o apps/dsa.o apps/dsaparam.o apps/ec.o apps/ecparam.o apps/enc.o apps/engine.o apps/errstr.o apps/gendsa.o apps/genpkey.o apps/genrsa.o apps/nseq.o apps/ocsp.o apps/openssl.o apps/passwd.o apps/pkcs12.o apps/pkcs7.o apps/pkcs8.o apps/pkey.o apps/pkeyparam.o apps/pkeyutl.o apps/prime.o apps/rand.o apps/rehash.o apps/req.o apps/rsa.o apps/rsautl.o apps/s_client.o apps/s_server.o apps/s_time.o apps/sess_id.o apps/smime.o apps/speed.o apps/spkac.o apps/srp.o apps/storeutl.o apps/ts.o apps/verify.o apps/version.o apps/x509.o \
apps/libapps.a -lssl -lcrypto -ldl
/nvmedata/autobuild/instance-7/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: ./libssl.so: undefined reference to `__atomic_fetch_sub_4'
It should be noted that openssl3 has added OPENSSL_DEV_NO_ATOMICS but
"this is intended for internal development only, to check the
refcounting is properly coded. It should never become a configuration
option, hence the name of the macro.":
https://github.com/openssl/openssl/commit/503d4745a115b82db01c1fb22baaddb153d27cdb
Atomics are not available in Buildroot if:
- architecture is 32 bit and something other than ARM or xtensa, and
- GCC < 4.8 or no threads or FLAT.
The nothreads case can theoretically happen in many different
situations, but in practice nobody disables threads. So the only
interesting case is the FLAT case. Since ARM and RISC-V 64 both have
atomics intrinsics, that leaves just m68k NOMMU as FLAT. So this is
truly a corner case.
The proper solution would be to patch GCC to also provide libatomic in
those cases.
- For nothreads, atomics are in fact not needed, so libatomic can simply
be implemented as stubs.
- For FLAT, it's probably just a matter of having a match to uclinux in
libatomic/configure.tgt.
Again, though, this happens only in such niche cases that it's not worth
working on it.
Fixes:
- http://autobuild.buildroot.org/results/bce526d538f43a541fdfbc0c9b4a7cecebbbc539
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libexpat before 2.4.9 (which is still not released) has a use-after-free
in the doContent function in xmlparse.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The conditions in the target CPU choice mostly use negative logic, i.e.
"depends on !<something>". This makes it more difficult to understand
exactly on which ARCH variants the CPU _is_ supported. Therefore, change
all of the conditions to positive logic.
Since there is no little-endian variant of the 32-bit PowerPC, the
conditions are:
!BR2_ARCH_IS_64 <==> BR2_powerpc
!BR2_powerpc64le <==> BR2_powerpc || BR2_powerpc64
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Not needed + breaks compilation on some platforms.
The compilation error was seen on 2.42.8, but also relevant
for 2.42.9 to not compile the test suite.
The option was added in 2.42.9:
https://github.com/GNOME/gdk-pixbuf/commit/801eef111df624f4377baed9a90c94b6a2d4340c
```
[179/246] Generating tests/resources.c with a custom command
FAILED: tests/resources.c
/buildroot/output/host/bin/python3 /buildroot/output/build/host-gdk-pixbuf-2.42.8/build-aux/gen-resources.py --glib-compile-resources=/buildroot/output/host/bin/glib-compile-resources --pixdata=/buildroot/output/build/host-gdk-pixbuf-2.42.8/build/gdk-pixbuf/gdk-pixbuf-pixdata --loaders=/buildroot/output/build/host-gdk-pixbuf-2.42.8/build/gdk-pixbuf/loaders.cache --sourcedir=/buildroot/output/build/host-gdk-pixbuf-2.42.8/tests --source ../tests/resources.gresource.xml tests/resources.c
failed to load "/buildroot/output/build/host-gdk-pixbuf-2.42.8/tests/icc-profile.png": Couldn?t recognize the image file format for file ?/buildroot/output/build/host-gdk-pixbuf-2.42.8/tests/icc-profile.png?
../tests/resources.gresource.xml: Child process exited with code 1.
```
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2022-29187: Git is a distributed revision control system. Git
prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3,
2.31.4, and 2.30.5, is vulnerable to privilege escalation in all
platforms. An unsuspecting user could still be affected by the issue
reported in CVE-2022-24765, for example when navigating as root into a
shared tmp directory that is owned by them, but where an attacker could
create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4,
2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The
simplest way to avoid being affected by the exploit described in the
example is to avoid running git as root (or an Administrator in
Windows), and if needed to reduce its use to a minimum. While a generic
workaround is not possible, a system could be hardened from the exploit
described in the example by removing any such repository if it exists
already and creating one as root to block any future attacks.
https://github.com/git/git/blob/v2.31.4/Documentation/RelNotes/2.31.4.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Power9 CPU was released by IBM in 2016. It is a 64-bit CPU
implementing ISA v3.0. It runs in big and little endian modes, and
supports VSX and AltiVec.
Power9 is supported as of GCC 6.1 and Binutils 2.26.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: remove 64-bit constraint]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
With "arch/powerpc: Enable powerpc64le only on CPUs that support it"
we can use this symbol to indicate the CPU is supported by glibc.
This also aligns the conditions with the kernel headers dependencies.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Invalid configurations lead to build failures, such as trying to enable
ppc64le for the ppc970:
http://autobuild.buildroot.net/results/fda886768fce25ccd9b52b635ff5b13da7ba2d0c/
In order to run a ppc64le userspace a kernel that runs in this mode is
required. The only CPU supported in buildroot that can boot a ppc64le
kernel is Power8, so mark all of the other 64-bit capable CPUs as not
supporting ppc64le. For Power7, the situation is not so clear, but there
are anyway no commercially available CPUs for that architecture so it
doesn't matter much either way. Let's be safe and disable LE on that one
as well.
This drops the comment about libc, which is true but doesn't tell the
whole story.
Note that we use positive logic for the new conditions, while the rest
of the file uses negative logic. We'll fix that for the rest of the file
in a follow-up patch.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Reviewed-by: Cédric Le Goater <clg@kaod.org>
[Arnout: don't remove 32-bit support for POWER5+]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Currently, we use post-patch hooks to apply our configuration settings.
This works, but this is semantically wrong; post-patch hooks are there
to amend the source code to actually fix it (i.e. because it can't be
done with a patch for example).
Configuring the package, on the other hand, belong to the configure
step, and if we need to tweak the source code for configuration
purposes, this should be done in pre-configure hooks.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit changes qt6base.mk to order conditional blocks
alphabetically based on the BR2_PACKAGE_* option they test.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 5c89b00a20 (package/gdb: remove support for 9.2) forgot to
select the legacy symbol when gdb 9.2 was previously enabled.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As specified in the manual (18.5 The SNNfoo start script),
the name of the script should reflect the name of the daemon,
which in this case in polkitd.
Also remove the redundant/broken reload case.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Polkit has two directories that are used to store rules.
Add the second directory to the existing tests, to ensure
that both work in the future.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The logic implemented in e745c0b to stop makedevs from recursively running
chmod() on dangling symlinks excluded everything that isn't a symlink.
Other file types or directories are skipped/ignored.
Logic has been updated to exit the function if mode shouldn't be changed
or if path is a dangling symlink.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license file has moved from COPYING.txt from LICENSE.txt, but the
license conditions remain the same.
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Check that dependencies that are DT_NEEDED by a program are
automatically copied by dracut. We use cramfs, the package,
as it is small and just depends on libz.
Test more than one dracut config file.
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
[Arnout: remove test for features that haven't been merged yet]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It is not unusual that projects can target multiple boards, and in
such cases, a lot is shared between boards and only the low-level
stuff differ.
Allow users to specify more than one dracut config file to cover
tose cases.
dracut does not accept more than one config file with the -c option,
but it can load more than one from a directory with --confdir. So,
we copy all the config files to a temporary directory and se that as
--confdir. However, we can't drop passing -c, or dracut would read
the system-wide /etc/dracut.conf (not sure if ${prefix} is even used),
which we do not want. So, we use an empty file as -c; /dev/null comes
in handy as an empty file.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since we do not pivot_root/switch_root from the cpio, whatever we get
in the rootfs was exactly what we got by listing the cpio archive.
Drop the test for the presence of pv, it's redundant.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Add support for new bluez5-codec-opus codec feature.
Disable new unsupported flatpak feature.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adjust CFLAGS to be able to compile on uclibc-ng < 1.0.42.
Remove patch from this release, backport 3 patches fixing build from
upstream.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the TARGET env variable is set icu may try to use it.
To prevent this from causing issues clear it from the icu env.
Fixes:
>>> host-icu 70-1 Building
PATH="/home/buildroot/buildroot/output/per-package/host-icu/host/bin:/home/buildroot/buildroot/output/per-package/host-icu/host/sbin:/home/buildroot/bin:/home/buildroot/.local/bin:/home/buildroot/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin"
PKG_CONFIG="/home/buildroot/buildroot/output/per-package/host-icu/host/bin/pkg-config"
PKG_CONFIG_SYSROOT_DIR="/" PKG_CONFIG_ALLOW_SYSTEM_CFLAGS=1
PKG_CONFIG_ALLOW_SYSTEM_LIBS=1
PKG_CONFIG_LIBDIR="/home/buildroot/buildroot/output/per-package/host-icu/host/lib/pkgconfig:/home/buildroot/buildroot/output/per-package/host-icu/host/share/pkgconfig"
/usr/bin/make -j33 -C
/home/buildroot/buildroot/output/build/host-icu-70-1/source
cd ./config; \
/usr/bin/make -f pkgdataMakefile
rm -rf config/icu-config
rebuilding config/icucross.mk
rebuilding config/icucross.inc
/bin/bash ./mkinstalldirs lib
/bin/bash ./mkinstalldirs bin
/usr/bin/install -c ./config/icu-config-top config/icu-config
rm -rf pkgdata.inc
chmod u+w config/icu-config
mkdir lib
mkdir bin
LC_ALL=C /usr/bin/sed -f ./config/make2sh.sed < ./config/Makefile.inc
| grep -v '#M#' | uniq >> config/icu-config
config/icu-uc.pc updated.
config/icu-i18n.pc updated.
/usr/bin/make[2]: Making `all' in `stubdata'
LC_ALL=C /usr/bin/sed -f ./config/make2sh.sed < ./config/mh-linux |
grep -v '#M#' | uniq >> config/icu-config
cat ./config/icu-config-bottom >> config/icu-config
(deps) stubdata.cpp
chmod u-w config/icu-config
Note: rebuild with "/usr/bin/make VERBOSE=1 " to show all compiler parameters.
make[3]: *** No rule to make target 'bpf', needed by 'all-local'. Stop.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libedit CLI implementation is supported since commit 9420423900a2
("cli: add libedit support"), nftables v0.9.8. There's an important fix
for Buildroot in v1.0.2, commit 3847fccf0045 ("cli: remove #include
<editline/history.h>").
Also in nftables v1.0.1, libedit/editline cli implementation is made the
default implementation so let's favor libedit implementation over
readline and linenoise if its package is enabled in Buildroot.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bumps nftables to its 1.0.5 version. This will allow us to enable
the libedit cli implementation in a later commit thanks to a fix in
version 1.0.2, commit 3847fccf0045 ("cli: remove #include
<editline/history.h>").
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
linenoise CLI implementation is supported since commit 023c2d3301a0
("cli: add linenoise CLI implementation."), nftables v0.9.3, so let's
add support for it in its Buildroot package.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The last (and only) release was made 7 years ago and there are 23 newer
commits since then.
This bumps linenoise to the latest commit in the git repo,
97d2850af13c ("Use unsigned int instead of uint like rest of code base.")
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
* Fixed: If USE_LISTEN_ADDRESS_FOR_SENDING_TRAPS was not defined, traps
to IPv6 destinations could not be sent.
* Fixed: Compilation without _SNMPv3 in some example agents
* Added: Added new function Snmpx::get_session_fds_ipv6()
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- Fixed: Winsock has to be included before windows header.
- Fixed: Added SnmpTarget::version_to_string() function
- Fixed: Fixed compiler warning on MSYS2 g++
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Due to a bug in the CodeSourcery ARM toolchain packaging, this
toolchain currently appears as available even for noMMU
configurations, which is obviously wrong. Due to this, the
bootlin-armv7m-uclibc.config fragment ends up using the CodeSourcery
ARM toolchain, which is obviously wrong for an ARM noMMU
configuration, causing a build failure when matching the toolchain
capabilities with the configuration.
Even though we will separately fix the CodeSourcery ARM toolchain
packaging, it makes sense to ensure that the
bootlin-armv7m-uclibc.config fragment explicitly selects the Bootlin
toolchain.
Reported-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is the fourth patch release in the 1.1.z series of runc, primarily fixing a
regression introduced in 1.1.3 related to device rules, as well as other bugs.
- Fix mounting via wrong proc fd. When the user and mount namespaces are used,
and the bind mount is followed by the cgroup mount in the spec, the cgroup was
mounted using the bind mount's mount fd.
- Switch kill() in libcontainer/nsenter to sane_kill().
- Fix "permission denied" error from runc run on noexec fs.
- Fix failed exec after systemctl daemon-reload. Due to a regression in v1.1.3,
the DeviceAllow=char-pts rwm rule was no longer added and was causing an error
open /dev/pts/0: operation not permitted: unknown when systemd was reloaded.
https://github.com/opencontainers/runc/releases/tag/v1.1.4
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In 3.24, the NTRIP and NMEA0183 drivers are now always enabled, so the
configure options ntrip and nmea0183 have been removed (upstream commits
f8cf4c922 and 838220fee respectively).
As a consequence, drop the options in menuconfig. We do not need to add
legacy support for those options. Indeed, users who had those enabled
will still get the feature, and those who did not will get them, in both
cases without loss of feature.
Finally, we need to fix a runtime issue that makes the kernel segfault
(yeah, that much), because upstream has been yoda-ifying their code, and
they actually borked a comparison. The issue has been fixed upstream,
but that is in a patch tha cobbles up many changes and brings new stuff,
so we just fix the issue with an unupstreamable patch (which we can drop
when we bump when upstream tags a newer release and we update).
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The oldstyle option has been removed a while ago now:
2015-02-22 a5a123b4f3b0 Feature removal - delete last remnants of
old pre-JSON protocol from libgps.
Drop it from Buildroot now.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit c099842544 ("package/libmdbx:
bump version to 0.11.8") forgot to drop the hash for the previous
0.11.7 version, let's do so now.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 2.0.15, and upstream commit 71a90177d7b2 (Systemd: Add
mosquitto group ownership), mosquitto uses its own group rather than
the generic nobody group.
This means that mosquitto can now no longer start on a systemd-based
system.
Change our mosquitto user definition to specify a mosquitto group.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Titouan Christophe <titouanchristophe@gmail.com>
Cc: Francois Perrad <fperrad@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the switch to meson in 58c5846631 (package/network-manager:
migrate autotools build system to meson), the detection of pppd is
broken for cross-compilation:
Has header "pppd/pppd.h" : YES
Program pppd /sbin/pppd /usr/sbin/pppd found: NO
../../../O/br-2022.08/vtc/build/network-manager-1.36.4/meson.build:570:4: ERROR: Assert failed: pppd required but not found, please provide a valid pppd path or use -Dppp=false to disable it
Indeed, meson will simply look for existing files on the host, and that
can't work in cross-compilation.
Fix that by telling meson the results it can't find by itself.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
COPYING was a link to Copyright, this link is now removed
with 2.10.0, fix CVE-2022-2309
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the move to 5.19-rc1, the ethernet interface is now supported.
Configure it using DHCP at startup.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Opensbi is now based on 1.1, U-Boot on 2022.07-rc3 and Linux on 5.19-rc1.
We don't yet support 5.19 kernel headers, so use 5.17 instead.
The incompatibility between opensbi and u-boot is now fixed, so drop
0001-arch-riscv-dts-sun20i-d1.dtsi-adjust-plic-compatible.patch.
The updated device tree in the kernel tree no longer specifies a memory
node (and the board exists in 512M/1G/2G variants, so instead use the
(otherwise identical) device tree provided by u-boot, where the memory
node is fixed up based on the detected memory size.
On riscv, the linux kernel unconditionally wants to build its bundled
dtc, so it needs flex and bison, even if it is not going to build any
DTB. We can get flex and bison either via the system ones, or we get
them as they are in LINUX_KCONFIG_DEPENDENCIES. However, relying on this
is a bit fragile, so we keep asking the kernel to build a DTB, so that
we do ensure that our host-{flex,bison} are built and in the dependency
chain of the kernel (for PPD).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr:
- extend on why we keep building a DTB from the kernel
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
OpenLayers changed its release format again, only two weeks after the
previous change. The good news is, though, that they now ship a
single release archive that includes the compiled JavaScript code
together with the source code. Furthermore, they ship both code with
a single license, which file is part of the archive.
Hence, we still do not need to rely on host-nodejs for this package,
at least not for this version.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
lots of fixes but most importantly:
- don't allow unknown operational/admin states (CVE-2022-29799, CVE-2022-29800)
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Following the switch to Glibc as the default libc in Buildroot [1],
all defconfigs expecting uClibc with wchar (or any other uClibc
specific option) should now select BR2_TOOLCHAIN_BUILDROOT_UCLIBC too.
Even if all defconfigs has been tested with uClibc, maintainers
prefer to not enforce a C library and use the default of Buildroot,
which is now glibc.
This commit remove uClibc specific options BR2_TOOLCHAIN_BUILDROOT_WCHAR,
BR2_PTHREAD_DEBUG (required by gdb) and BR2_TOOLCHAIN_BUILDROOT_USE_SSP.
Since glibc always has argp built-in, also remove the standalone one
from affected toolchains...
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/2911738579
[1] 4057e36ca9
[2] http://lists.busybox.net/pipermail/buildroot/2022-August/649998.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: also drop argp-standalone]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Docker Compose v2 is no longer a standalone component, but is now a
plugin loaded by docker-cli.
As such, it should not be installed in /usr/bin, but in the directory
where docker-cli loads its plugins from.
Additionally, we consequently make docker-compose depend on docker-cli;
indeed, it does not really make sense to present a plugin unless the
component it attaches to is already enabled [0].
License hash changed due to strictly copying the license text template,
without customisation to the year and copyright owner.
[0] the original submission by Christian would use a select, to keep
existing config, but that's not sensible, as we already have some
packages that are plugins and that use depends-on, like nginx plugins.
For consistency and as it semantically makes sense, we use a depends-on
here too.
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- don't select docker-cli, but depends-on it; explain it in commit log
- explain why we override the install commands
- explain change in license file hash
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- drop a patch (already in version)
- update Copyright.txt (changed from 1995-2021 to 1995-2022)
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The COPYRIGHT file hash has changed due to:
- Copyright (c) 1991, 1999, 2002, 2005-2018,2019 John E. Davis
+ Copyright (c) 1991, 1999, 2002, 2005-2021, 2022 John E. Davis
Signed-off-by: Sven Oliver Moll <svolli@svolli.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a new option to have MbedTLS builds that support DTLS-SRTP.
We can only enable the support, it's disabled by default.
Signed-off-by: Dmitry Ilyin <dima@doty.ru>
[yann.morin.1998@free.fr:
- rename variable
- fix variable name in .mk
- drop unnecessary ref to AWS library
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The rule is one-item per line in multi-line assignments, starting with
the first item on its own line too?
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes flake8 errors:
support/scripts/pkg-stats:1013:133: E501 line too long (164 > 132 characters)
support/scripts/pkg-stats:1018:36: F541 f-string is missing placeholders
support/scripts/pkg-stats:1110:199: E261 at least two spaces before inline comment
For the first and the last one, we chose to split the long lines rather
than adding noqa: 501. Indeed, the long lines make it very unreadable,
and there are relatively natural places where the line can be broken.
Also split a line just below the second one in a similar way.
The f-string on 1018 doesn't need to be an f-string.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is done either by switching to single quoted f-strings, triple
double quoted f-strings when needed, or simply single-quoted strings.
The renderer HTML is exactly identical before/after this commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-By: Sen Hastings <sen@phobosdpl.com>
Acked-By: Sen Hastings <sen@phobosdpl.com>
Within single-quoted f-strings, and within triple double quoted
strings, escaping all the double quotes is completely useless and
makes the code more difficult to read. Get rid of all this useless
escaping.
The renderer HTML is exactly identical before/after this commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-By: Sen Hastings <sen@phobosdpl.com>
Acked-By: Sen Hastings <sen@phobosdpl.com>
The contents of the license file have changed. It adds the following
details:
- The code examples are distributed under CC0, but we do not install
them.
- The files in the node_modules and external directories is provided
under its own license, but we do not install those files.
Hence, the license remains just MIT.
Signed-off-by: Jesse Van Gavere <jesseevg@gmail.com>
[Thomas: add details on license file change.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that we have a python-libevdev package, let's allow the
installation of the libinput Python tools, using a new
BR2_PACKAGE_LIBINPUT_PYTHON_TOOLS option.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
python-libevdev is needed for libinput replay command:
$ libinput replay recording.yml
Error: No module named 'libevdev'
One or more python modules are missing. Please install those modules and re-run this tool.
Indeed only libinput-replay tool is a python script
(like libinput-analyze-recording, libinput-measure-fuzz...)
python-libevdev itself requires a kernel built with
CONFIG_INPUT_UINPUT option enabled, enable this option if a kernel is
built by Buildroot.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for selecting a specific version of the DDR firmware
version. For example Variscite's imx8mp-var-dart SOM requires the
"_202006" version of the lpddr4_pmu_train_* binaries.
Signed-off-by: Bram Vlerick <bram.vlerick@openpixelsystems.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds the option BR2_TARGET_ARM_TRUSTED_FIRMWARE_RCW that
allows TF-A to encapsulate a pre-loaded RCW (Reset Configuration Word)
file into BL2.
Upcoming NXP QorIQ family board needs this option.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for the Gamepad API in webkitgtk, depending on
libmanette, which is used for implementing access to game
controllers.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libmanette is a library which provides a higher level interface to
enumerate and make use of game controllers (gamepads, joysticks).
WebKitGTK can use libmanette to expose controllers to web content,
which will be enabled on a follow-up patch.
Minimal kernel headers 4.16 for input_event_sec and input_event_usec
in struct input_event.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Arnout: add kernel headers dependency suggested by Romain]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
We need to add dbus as a build dependency since the meson build system
uses dbus pkg-config to determine install locations.
The meson build also requires mobile-broadband-info in order to get
the database pkg-config variable.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
New version numbering scheme, similar to GLib and Flatpak
version 2.0.24 is now 2.24.0
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The KMS/DRM video driver of SDL2 can currently only be enabled when
mesa3d is the OpenGL provider, as the option has a dependency on
BR2_PACKAGE_MESA3D_GBM. Now that we have a libgbm virtual package and
BR2_PACKAGE_HAS_LIBGBM, we can do better.
However, this has uncovered a number of additional related issues that
are resolved at the same time. Here are some details:
* the 'depends on BR2_PACKAGE_LIBDRM' is changed to a select, as we
normally do for library dependencies. Due to this, we inherit a
BR2_TOOLCHAIN_HAS_THREADS dependency.
* the 'depends on BR2_PACKAGE_MESA3D_GBM' is changed to 'depends on
BR2_PACKAGE_HAS_LIBGBM', and the 'mesa3d' dependency is changed to
'libgbm'.
* the KMS/DRM video driver in SDL2 needs EGL (hence the additional
'depends on BR2_PACKAGE_HAS_LIBEGL' and the libegbl dependency is
added in the .mk file). But in turn, EGL support is only checked
when either OpenGL or OpenGLES support is enabled in SDL2, which is
why we add logic to select the appropriate options.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- fix dependency on comment (invert the symbol dependencies)
- split comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In addition to --enable-video-opengles, SDL2 configure script also
looks at --enable-video-opengles1 and --enable-video-opengles2. Since
all OpenGL ES providers in Buildroot provide at least up to OpenGL ES
2, enable both options when BR2_PACKAGE_SDL2_OPENGLES=y.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: split long lines]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add many more explicit --disable-<foo>, as we have for example seen
video-vivante being autodetected when not needed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to use the git download mechanism, as the package depends on a
submodule (an old version of cxxopt), and this is not included in the
archive autogenerated by Github.
Signed-off-by: Théo Lebrun <theo.lebrun@bootlin.com>
[yann.morin.1998@free.fr:
- bump to 0.0.4
- reword commit log ad help text
- other eye-candy reformatting
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The network-manager package builds the nmcli utility when the readline
package is enabled. However, this is not necessarily obvious to the
user. Therefore, this commit adds an explicit option to enable the nmcli
tool, which automatically selects readline.
Signed-off-by: Michael Fischer <mf@go-sys.de>
[yann.morin.1998@free.fr: rewrap commit log and help text]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To avoid populating the cross-file with non existing compilers,
we tie them to /bin/false.
As explained by @eliebrokeit on the meson IRC channel:
If you don't have one [a compiler] defined, cross builds won't try
to autodetect one, IIRC...
... however setting it to /bin/false will result in it detecting
that that doesn't work
I guess the safest bet is to deliberately poison it with /bin/false
So there we go.
Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
[yann.morin.1998@free.fr: expand with IRC snippet]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit add a new package version, while keeping the previous one.
This was suggested in:
https://lists.buildroot.org/pipermail/buildroot/2022-August/649398.html
This is because linux-backports increased its minimal requirements on
kernel version. Since Buildroot want to support a wide range of kernel
versions, this package now supports several backport versions, one for
each kernel version era (backports v5.10.110 for kernels down to version
3.10, backports v5.15.58 for kernels down to version 4.4).
For detailed release commit log, see:
https://git.kernel.org/pub/scm/linux/kernel/git/backports/backports.git/log/?h=v5.15.58-1
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: split long lines]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Docker network driver "overlay", "macvlan" and "ipvlan" are not used
by default. Don't force enable them in the kernel.
The main aim here is to get rid of the dummy0 network interface which
is generated by the dummy driver by default.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It includes a simple test for the full cpio image, and a test of the
dracut image. To validate that the dracut image is a subset of the full
image, 'pv' is added to the image, and the test verifies that pv is not
part of the image. Note that the real rootfs is not mounted at the
moment, so pv is never available in the running image.
Systemd and other init systems are currently untested.
Signed-off-by: Thierry Bultel <thierry.bultel@linatsea.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds an option to invoke the dracut host tool, providing
a configuration file, instead of having a full cpio archive
of the whole target directory.
A default configuration file is provided. It assumes busybox init.
ideally, a different default should be used in case of systemd init, but
that's left for future work.
Signed-off-by: Thierry Bultel <thierry.bultel@linatsea.fr>
[arnout@mind.be: many changes]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[yann.morin.1998@free.fr: some additional fixups]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Dracut is the tool used by desktop distributions to build initrds.
In the embedded world, it can be very useful, too, for instance when
wanting to create an initramfs for a system recovery mode.
Whereas it is definitively possible to achieve this with buildroot, the
process is to have a dedicated buildroot configuration for that, and
perform a full build. Instead of doing that, dracut can pick the needed
binaries/shared libraries, configuration files, or kernel modules from
the 'target' directory.
The advantage is to save build time, and also to have a consistency
between the packages versions taken for the recovery and the production
filesystem.
The principle of dracut is based on the so-called 'dracut modules'. The
modules determine what will be included in the initramfs. For example,
one of dracut's modules checks the kernel modules that are included and
also includes the corresponding firmware blobs.
On the host, they are on host/lib/dracut/modules.d
Each directory as a prefix number for the order of execution, and
at least a "module-setup.sh" script.
Dracut sources all of them, and typically calls the "check()" function,
which is the placeholder for required binaries (that are aimed to be
polulated in the initrd), then the "depends()" function, that lists
other modules to depend on, and the "install()" function, that makes
the actual work.
Dracut was initially thought to work with systems using systemd,
but it can also work without it. Do to so, every "systemd-xxx"
module must be disabled in the dracut configuration file. For
convenience, the 05busybox-init module is provided, to support
busybox init system. Note that this module should *not* be enabled when
using systemd init. It is therefore only installed if busybox init is
selected.
Musl and uClibc make assumptions about the existence of some symlinks
that are not discoverable with readelf. Therefore, another module
05libc-links is provided that creates those links. The module is
installed regardless of which libc is used - the script itself discovers
if the links need to be installed based on which libc is found.
Signed-off-by: Thierry Bultel <thierry.bultel@linatsea.fr>
[arnout@mind.be: many changes]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: some additional fixups]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is perhaps the most controversial change for Buildroot that can
be written in a two-liner.
Historically, we have used uClibc as our default C library, as
Buildroot was created initially as a test-bed for uClibc, and also
because uClibc made a lot of sense for embedded Linux systems, due to
its smaller size and fine-grained configurability.
Since then, the landscape of embedded Linux systems has changed. Even
though Buildroot happily supports really low-end devices, the vast
majority of Buildroot users are quite certainly running the resulting
system on a reasonably powerful platform, with significant amount of
RAM and storage. In this context, the benefits of uClibc are no longer
that much relevant, and glibc causes less "troubles". Therefore, this
patch proposes to use glibc as our default C library when using the
internal toolchain backend instead of uClibc.
Of course, we will keep the support for uClibc, which remains an
important C library choice, for space-constrained systems, or simply
for architectures that are not supported by glibc.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Freescale extract helper was introduced before Freescale was part
of NXP. Nowadays, we also have NXP packages, and they do use the same
archiving format.
Rename the helper under the now more generic NXP name, so that it is
more logical to also use it for NXP packages. We do not retain the old
Freescale-based name, because we should no longer add Freescale-named
packages; they would most probably be introduced under the NXP name.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr:
- provide the rationale in the commit log
- keep referring to Freescale in comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This helper was introduced before Freescale was part of NXP. Nowadays,
we have NXP packages, and they do use the same archiving format.
Move the Freescale-specific extract helper to a common location, so
that it can be used by other packages in the future.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr: provide the rationale in the commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Go 1.19 is a major release with changes to the implementation of the toolchain,
runtime, and libraries.
Dropped patch 0002-cmd-dist-use-gohostarch... as it was merged upstream.
https://go.dev/doc/go1.19
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This option was needed to build versions of GDB < 10.x. As we just
dropped support for GDB 9.x, this logic can now be removed.
The special case to configure just gdbserver was only valid for gdb<10,
but was guarded by !GDB_TOPLEVEL (which was equivalent to gdb<10).
GDB_TOPLEVEL is now always true, so we can't hit that special case
anymore.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: add little blurb about gdbserver]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that GDB 12.x has been added, and GDB 9.x removed, we can make GDB
11.x the default version.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The handling of the GMP dependency needs a bit of change. Until now,
the GMP dependency was needed when building full GDB (host or target)
in version 11.x or 12.x, so we were explicitly checking whether those
versions were enabled.
Now that only GDB 10.x and the ARC-specific version of GDB are the
only remaining ones not needing GMP, we invert the logic: only those
two versions do not trigger the addition of the GMP dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: split off to its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update hash for license file to account for an update in the (C) years.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
[yann.morin.1998@free.fr: update the license hash]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 7ff21f8d4b (package/binutils: handle gprofng as an optional
feature) introduced the typo. Although it was noticed, the commit was
not amended before being pushed...
Fix that now...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It includes an option to build a command line program that can be used
to replace git in simple cases.
The upcoming sha256 repository support made them steal the sha256 code
from RFC6234, hence the license change.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libgit2 is currently a library without any reverse dependencies so the
missing atomic symbols do not cause build failures yet.
libgit2 uses the atomics intrinsics on gcc >= 4.7 and the sync
intrinsics on previous gcc versions. Since gcc 4.9 is the new
minimum, ignore the sync intrinsics requirements.
The next version of libgit2 will also build a binary, which will
expose the problem.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new releases mostly contain bug fixes. The build system has been
prepared to use AppArmor library, but since actual support is still
missing it is not worth yet to enable build infrastructure in
Buildroot.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
binutils 2.39 added support for gprofng, a new profiler (see
https://www.phoronix.com/news/GNU-Profiler-gprofng).
This new profiler is enabled by default, but it requires bison on the
host.
In order to handle this, this commit:
- Adds a new option BR2_BINUTILS_GPROFNG, which allows to
enable/disable gprofng in host-binutils
- Unconditionnally disables gprofng for the target binutils, based on
the idea that in a Buildroot context the analysis of profiling data
is generally done on the host system. This can of course always be
revisited later by adding a new option to the target binutils
package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.