Do not remove _FILE_OFFSET_BITS=64 from CFLAGS and CPPFLAGS to avoid the
following build failure with BR2_TIME_BITS_64 raised since commit
3c427c6472:
configure:5239: /home/autobuild/autobuild/instance-1/output-1/host/bin/mips-buildroot-linux-gnu-gcc -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_TIME_BITS=64 -Os -g2 -I/home/autobuild/autobuild/instance-1/output-1/host/bin/../mips-buildroot-linux-gnu/sysroot/usr/include/tirpc -fno-builtin -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_TIME_BITS=64 conftest.c >&5
In file included from /home/autobuild/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/features.h:394,
from /home/autobuild/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/bits/libc-header-start.h:33,
from /home/autobuild/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/limits.h:26,
from /home/autobuild/autobuild/instance-1/output-1/host/lib/gcc/mips-buildroot-linux-gnu/13.2.0/include/limits.h:205,
from /home/autobuild/autobuild/instance-1/output-1/host/lib/gcc/mips-buildroot-linux-gnu/13.2.0/include/syslimits.h:7,
from /home/autobuild/autobuild/instance-1/output-1/host/lib/gcc/mips-buildroot-linux-gnu/13.2.0/include/limits.h:34,
from conftest.c:12:
/home/autobuild/autobuild/instance-1/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
[...]
checking for /home/autobuild/autobuild/instance-1/output-1/host/bin/mips-buildroot-linux-gnu-gcc options needed to detect all undeclared functions... cannot detect
configure: error: in `/home/autobuild/autobuild/instance-1/output-1/build/ltp-testsuite-20240129':
configure: error: cannot make /home/autobuild/autobuild/instance-1/output-1/host/bin/mips-buildroot-linux-gnu-gcc report undeclared builtins
Indeed, this LFS workaround was added by commit
ca3524ba70 and is only needed to fix a
build failure with the old codesourcery-arm toolchain from 2014 which
uses glibc < 2.23. as glibc 2.23 was released in February 2016:
https://sourceware.org/glibc/wiki/Release/2.23, drop this workaround as
already done for libselinux in commit
c1fa9bc2f7. A follow-up patch will also
drop codesourcery-arm toolchain.
Fixes:
- http://autobuild.buildroot.org/results/d2e75a79bc42b6a9a2b407fd557aca5c7f207d84
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
poco can't be built statically since commit
073a89196a. However, commit
add7c433d2 enabled static (and shared)
build with BR2_SHARED_STATIC_LIBS resulting in the following build
failure since at least version 1.11.1:
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/mips-buildroot-linux-gnu/11.2.0/../../../../mips-buildroot-linux-gnu/bin/ld: /home/buildroot/autobuild/instance-1/output-1/build/poco-1.11.1/lib/Linux/mips/libPocoXML.a(ParserEngine.o): in function `Poco::XML::ParserEngine::handleStartElement(void*, char const*, char const**)':
ParserEngine.cpp:(.text+0x2f8): undefined reference to `XML_GetSpecifiedAttributeCount'
Fixes: add7c433d2
- http://autobuild.buildroot.org/results/afc434a13d5e7a8affa4abb4058d7bebc81aca29
- http://autobuild.buildroot.org/results/860b70a8c9c4a6a53247ac4bdb4fd0851b28c61a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc 4.8 raised since the addition
of the package in commit 928b7219cd:
../src/hawkbit-client.c:873:17: error: 'for' loop initial declarations are only allowed in C99 mode
for (const gint *code = &resumable_codes[0]; *code; code++)
^
../src/hawkbit-client.c:873:17: note: use option -std=c99 or -std=gnu99 to compile your code
Fixes: 928b7219cd
- http://autobuild.buildroot.org/results/e275d0ec4fe1da418a6163b46666316034b83b19
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Do not remove _FILE_OFFSET_BITS=64 from CFLAGS to avoid the following
build failure with BR2_TIME_BITS_64 raised since commit
3c427c6472:
In file included from /home/thomas/autobuild/instance-1/output-1/host/microblaze-buildroot-linux-gnu/sysroot/usr/include/features.h:394,
from /home/thomas/autobuild/instance-1/output-1/host/microblaze-buildroot-linux-gnu/sysroot/usr/include/bits/libc-header-start.h:33,
from /home/thomas/autobuild/instance-1/output-1/host/microblaze-buildroot-linux-gnu/sysroot/usr/include/stdio.h:27,
from /home/thomas/autobuild/instance-1/output-1/build/fluent-bit-2.1.7/tools/xxd-c/xxd-c.c:27:
/home/thomas/autobuild/instance-1/output-1/host/microblaze-buildroot-linux-gnu/sysroot/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
Indeed, this LFS workaround was present since the addition of the
package in commit 6a0f7c39bc and is
only needed to fix a build failure with the old codesourcery-arm
toolchain from 2014 which uses glibc < 2.23. as glibc 2.23 was released
in February 2016: https://sourceware.org/glibc/wiki/Release/2.23, drop
this workaround as already done for libselinux in commit
c1fa9bc2f7. A follow-up patch will also
drop codesourcery-arm toolchain.
Fixes: 3c427c6472
- http://autobuild.buildroot.org/results/ff5c60cd038550453ce138fe2a9383af2f5d6f2f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While building the rust toolchain, the build system ends up using
cargo (from [...]/output/build/host-rust-bin-1.74.1/cargo/bin/cargo)
to build some tools like rustdoc-tool.
But the host-rust package doesn't use the cargo infractructure (since
it provides cargo binary) and our cargo environment variables [1] are
not set to crosscompile cargo packages in the rust toolchain.
For exemple, we usually set RUSTFLAGS="-C link-arg=-Wl,-rpath,$(HOST_DIR)/lib"
to force cargo using libraries provided by Buildroot in $(HOST_DIR)/lib.
RUSTFLAGS is actually needed to find zlib library (host-zlib) to link
rustdoc-tool when zlib is not installed on the host.
Add $(HOST_PKG_CARGO_ENV) in HOST_RUST_BUILD_CMDS since it already
includes RUSTFLAGS but also CARGO_HOME.
Fixes:
error: could not compile `rustdoc-tool` (bin "rustdoc_tool_binary") due to previous error
[1] https://gitlab.com/buildroot.org/buildroot/-/blob/2024.02-rc1/package/pkg-cargo.mk#L165
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that oracle-mysql is dropped there isn't any need for the mysql virtual
package.
Adjust the other packages to directly use the mariadb symbols.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package has not seen any updates for ~10 years, E.G. latest version
bump was in commit 42c56751fc (mysql: bump to version 5.1.73) and the
version contains multiple known vulnerabilities, so drop the package.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following static build failure raised since the addition of the
package in commit 0a01085abe:
[ 26%] Linking CXX shared library libSPIRV-Tools-shared.so
/home/autobuild/autobuild/instance-11/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/12.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-11/output-1/host/xtensa-buildroot-linux-uclibc/sysroot/usr/lib/libc.a(__uClibc_main.os): in function `__uClibc_init':
__uClibc_main.c:(.text+0x98): undefined reference to `__fini_array_start'
Fixes: 0a01085abe
- http://autobuild.buildroot.org/results/f953d500830e8124c6e85c57887106f9352cb4c2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libressl dropped engine support since version 3.8.1 resulting in the
following build failure since bump of libressl to version 3.8.2 in
commit 21eca49ed5:
/home/autobuild/autobuild/instance-0/output-1/host/lib/gcc/armeb-buildroot-linux-gnueabi/12.3.0/../../../../armeb-buildroot-linux-gnueabi/bin/ld: ../library/librdkafka.a(rdkafka_admin.c.o): in function `rd_kafka_UserScramCredentialUpsertion_new':
/home/autobuild/autobuild/instance-0/output-1/build/fluent-bit-2.2.2/lib/librdkafka-2.3.0/src/rdkafka_admin.c:5909: undefined reference to `RAND_priv_bytes'
/home/autobuild/autobuild/instance-0/output-1/host/lib/gcc/armeb-buildroot-linux-gnueabi/12.3.0/../../../../armeb-buildroot-linux-gnueabi/bin/ld: ../library/librdkafka.a(rdkafka_ssl.c.o): in function `rd_kafka_ssl_set_certs':
/home/autobuild/autobuild/instance-0/output-1/build/fluent-bit-2.2.2/lib/librdkafka-2.3.0/src/rdkafka_ssl.c:1384: undefined reference to `ENGINE_load_ssl_client_cert'
Fixes:
- http://autobuild.buildroot.org/results/dd74eb4e31e0e4d23e7638cff47c6876fda59952
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For release note since version 38, see [1].
This commit introduces changes in package patches:
- 0001: Patch dropped. An similar change is included in this release.
See [2].
- 0002: Patch no longer needed since the package build recipe sets
CFLAGS without -Werror, and the package makefile sets -Werror only
by default. See [3], included since version 38.
- 0003: Rebased on version 39 and renamed to 0001. The patch is also
flagged as "Upstream: Not applicable".
- 0004: Patch dropped. Included in this release. See [4].
This commit also removes all patch entries in ".checkpackageignore"
(since the remaining patch has its "Upstream:" tag).
This version 39 also fixes few build failures. Those can be seen by
running the command "utils/test-pkg -a -p efivar". The first group
of build failures is:
br-arm-basic [28/45]: FAILED
br-i386-pentium4-full [31/45]: FAILED
br-mips64-n64-full [33/45]: FAILED
br-mips64r6-el-hf-glibc [34/45]: FAILED
linaro-aarch64 [38/45]: FAILED
linaro-arm [39/45]: FAILED
Fixes:
/buildroot/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-linux-gnu/7.3.1/../../../../aarch64-linux-gnu/bin/ld: .data not found for insert
collect2: error: ld returned 1 exit status
efivar 38 was using linker scripts, which was not working in all
cases. Those issues are fixed by the upstream commit [5] which
removes the use of this linker script (included in this release).
The "test-pkg -a -p efivar" also caught another kind of build
failures:
br-i386-pentium-mmx-musl [32/45]: FAILED
Fixes:
In file included from efivar.h:18,
from efisec.h:24,
from secdb-dump.c:7:
list.h: In function 'list_sort':
list.h:152:2: warning: implicit declaration of function 'qsort_r'; did you mean 'qsort'? [-Wimplicit-function-declaration]
152 | qsort_r(array, nmemb, sizeof(*array), cmp, state);
| ^~~~~~~
| qsort
Those failures were introduced in commit f24029b561 "package/efivar:
bump to version 38". This is because efivar introduced a usage of the
qsort_r() libc function, in upstream commit [6], first included in
version 38.
Musl libc added the qsort_r() function in upstream commit [7], included in
version v1.2.3 (2022-04-07). So external toolchains including a Musl older
than this version will fail. But given how old this issue is (musql 1.2.3
is included in Buildroot since 2022.05), this issue is ignored.
uClibc-ng external toolchains are also not affected, since it added
the qsort_r() function in commit [8] included since its first version
v1.0.0 (2015-02-02). So there is no need to exclude external uclibc
toolchains.
[1] https://github.com/rhboot/efivar/releases/tag/39
[2] https://github.com/rhboot/efivar/commit/4f3da3dc351d7743d91327e74fcaaa13299eeb39
[3] https://github.com/rhboot/efivar/commit/998f617cec92d526e1fadb745673ceef63fa1483
[4] https://github.com/rhboot/efivar/commit/cece3ffd5be2f8641eb694513f2b73e5eb97ffd3
[5] https://github.com/rhboot/efivar/commit/cfd686de51494d3e34be896a91835657ccab37d4
[6] https://github.com/rhboot/efivar/commit/62afa2aa588fb0a6ff56acdd268b9f3c557028b8
[7] https://git.musl-libc.org/cgit/musl/commit/?id=b76f37fd5625d038141b52184956fb4b7838e9a5
[8] https://gogs.waldemar-brodkorb.de/oss/uclibc-ng/commit/515d54433138596e81267237542bd9168b8cc787
Signed-off-by: Julien Olivain <ju.o@free.fr>
[Peter: drop dependency on !external musl]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Do not remove _FILE_OFFSET_BITS=64 from CFLAGS and CPPFLAGS to avoid the
following build failure with BR2_TIME_BITS_64 raised since commit
3c427c6472:
In file included from /home/autobuild/autobuild/instance-9/output-1/per-package/libselinux/host/mipsel-buildroot-linux-gnu/sysroot/usr/include/features.h:394,
from /home/autobuild/autobuild/instance-9/output-1/per-package/libselinux/host/mipsel-buildroot-linux-gnu/sysroot/usr/include/bits/libc-header-start.h:33,
from /home/autobuild/autobuild/instance-9/output-1/per-package/libselinux/host/mipsel-buildroot-linux-gnu/sysroot/usr/include/stdint.h:26,
from /home/autobuild/autobuild/instance-9/output-1/per-package/libselinux/host/lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/include/stdint.h:9,
from ../include/selinux/avc.h:9,
from avc.c:10:
/home/autobuild/autobuild/instance-9/output-1/per-package/libselinux/host/mipsel-buildroot-linux-gnu/sysroot/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
This LFS workaround for glibc < 2.23 was added in 2016 by commit
ebcca24c95 and is probably not needed
anymore as glibc 2.23 was released in February 2016:
https://sourceware.org/glibc/wiki/Release/2.23
Fixes:
- http://autobuild.buildroot.org/results/d85c81f87adf3a5945fa369bcec233e6def2ed12
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fix the following build failure raised since bump to version 1.35 in
commit d4d483451f:
/home/thomas/autobuild/instance-1/output-1/host/lib/gcc/xtensa-buildroot-linux-uclibc/12.3.0/../../../../xtensa-buildroot-linux-uclibc/bin/ld: buffer.o: in function `bufmap_reset':
buffer.c:(.text+0xe8): undefined reference to `libintl_gettext'
Fixes:
- http://autobuild.buildroot.org/results/99b05d4b495b6337c6a48ea5a551a3a84c6d2e6b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
As expected by Peter in [1], the hardcoded 3 seconds for waiting the
RAID array to rebuild are not enough on slow test host runners. This
test already failed at least once for that reason, in [2].
In order to fix those failures, this commit adds extra logic to allow
several attempts, before failing. The timeout is currently set at 10
attempts, waiting 3 seconds between each attempts. To help even more,
those 3 seconds are also scaled with the timeout_multiplier.
Fixes: [2]
[1] https://lists.buildroot.org/pipermail/buildroot/2024-February/685034.html
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/6137469690
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
As suggested by Thomas Petazzoni in [1], add a comment on
BR2_TOOLCHAIN_HAS_UCONTEXT to specify that this boolean will be set to
true only when a toolchain provides a full featured ucontext
implementation with ucontext_t and {get,make,set}context. As a result,
drop its selection from BR2_TOOLCHAIN_USES_MUSL to fix the following
musl build failure on php:
/home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/m68k-buildroot-linux-musl/12.3.0/../../../../m68k-buildroot-linux-musl/bin/ld: Zend/zend_fibers.o: in function `zend_fiber_init_context':
zend_fibers.c:(.text+0x946): undefined reference to `getcontext'
[1]: https://patchwork.ozlabs.org/project/buildroot/patch/20230516193307.1543455-1-bernd.kuhls@t-online.de/
Fixes:
- http://autobuild.buildroot.org/results/271f9fb8bfa5ba2f74feef81e6b375b54e21cece
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
GNU Octave changed its detection of readline library in [1]. This
commit was first included in version 8.1.0.
GNU Octave was updated to 8.1.0 in Buildroot in commit b36e4b10f3
"package/octave: bump to version 8.1.0".
Since this commit, Octave can fail to find readline automatically in
some specific situations. For example, when host system is Fedora 39
and the host "readline-devel" package is installed (see detailed
explanation below).
Octave is now using a m4 macro from gnulib to detect readline.
See [2].
This macro is calling AC_LIB_LINKFLAGS_BODY([readline]). Note that
this macro will look into $libdir and $includedir by default. See [3].
Buildroot is calling target autotools configure command with
--prefix=/usr and --exec-prefix=/usr arguments. See [4].
Autotools derives libdir='${exec_prefix}/lib' and
includedir='${prefix}/include'.
Finally, gnulib will also search automatically into alternate library
directories (i.e. lib32, lib64). See [5].
All of this will make the configure script searching the readline
library by default (i.e. if the library prefix is not provided) into
the host "/usr/lib", "/usr/lib32" and "/usr/lib64", when configuring
for target.
This issue is not happening on the Buildroot docker reference image,
because the package "libreadline-dev" is not present in this image.
Even if the package "libreadline-dev" is installed on a Debian based
host systems, the issue is still not happening because libraries are
installed in the path "/usr/lib/x86_64-linux-gnu", which is not
searched by gnulib macros.
On host systems which installs libraries into one of the
"/usr/lib{,32,64}" directories, the Octave configuration script will
fail, because it will detect the host library and try to link against
it with target architecture and compilation flags and will fail. Since
the --enable-readline configure option is present, the configuration
script will fail because it cannot find a working readline library.
This can be seen in the octave configuration log, in file:
output/build/octave-8.4.0/config.log
configure:73671: checking for readline
configure:73705: /buildroot/output/host/bin/aarch64-none-linux-gnu-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -D_FORTIFY_SOURCE=1 -pthread -fopenmp -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -lpthread -lm /usr/lib64/libreadline.so >&5
/buildroot/output/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-none-linux-gnu/13.2.1/../../../../aarch64-none-linux-gnu/bin/ld: /usr/lib64/libreadline.so: error adding symbols: file in wrong format
collect2: error: ld returned 1 exit status
This situation can be reproduced on a Fedora 39 x86_64 host system,
with the "readline-devel" package installed. Note: uninstalling the
"readline-devel" will work around the issue.
The issue can be reproduced with a Buildroot configuration such as:
cat > .config <<EOF
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_PACKAGE_OCTAVE=y
BR2_PACKAGE_READLINE=y
EOF
make olddefconfig
make
In order to avoid those host/target readline detection mix-ups, the
readline search prefix need to be explicitly passed during octave
configuration. This commit adds this search prefix to fix this build
issue.
Fixes:
checking for readline... (cached) no
checking for readline/readline.h... (cached) yes
checking for readline/history.h... (cached) yes
configure: WARNING: I need GNU Readline 4.2 or later
configure: error: this is fatal unless you specify --disable-readline
[1] https://github.com/gnu-octave/octave/commit/3645c78658c4c66f2bc346fdbc5c7c77d8d8dd12
[2] https://git.savannah.gnu.org/cgit/gnulib.git/tree/m4/readline.m4?id=2cdc1bafb20b187ad067056e090fcb4396ed9099
[3] https://git.savannah.gnu.org/cgit/gnulib.git/tree/m4/lib-link.m4?id=2cdc1bafb20b187ad067056e090fcb4396ed9099#n190
[4] https://gitlab.com/buildroot.org/buildroot/-/blob/2023.11/package/pkg-autotools.mk#L175
[5] https://git.savannah.gnu.org/cgit/gnulib.git/tree/m4/lib-prefix.m4?id=2cdc1bafb20b187ad067056e090fcb4396ed9099#n276
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since the ARC-special GCC version was bumped from gcc 10.x to gcc 13.x
in commit 045ab73702 ("toolchain: bump
ARC toolchain components to arc-2023.09-release"), the
BR2_GCC_VERSION_ARC option definition is not entirely correct: it
selects BR2_TOOLCHAIN_GCC_AT_LEAST_10, while it should select
BR2_TOOLCHAIN_GCC_AT_LEAST_13. This commit fixes this.
Cc: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 7ea38660e0 confused bigint [1] with
Math::BigInt [2]:
Can't locate bigint.pm in @INC (you may need to install the bigint module) (@INC contains: /home/buildroot/autobuild/instance-1/output-1/build/libopenssl-3.2.1/crypto/chacha/asm/../.. /home/buildroot/autobuild/instance-1/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /home/buildroot/autobuild/instance-1/output-1/build/libopenssl-3.2.1/crypto/chacha/asm/../../perlasm/s390x.pm line 16.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance-1/output-1/build/libopenssl-3.2.1/crypto/chacha/asm/../../perlasm/s390x.pm line 16.
[1] https://perldoc.perl.org/bigint
[2] https://perldoc.perl.org/Math::BigInt
Fixes: 7ea38660e0
- http://autobuild.buildroot.org/results/777d86a1e53dc3d6a16c829348673f1c33245a6c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
strace needs headers >= 5.0 and
https://github.com/torvalds/linux/commit/9966a05c7b80f075f2bc7e48dbb108d3f2927234
to avoid the following build failure on musl and aarch64 due to headers
conflict raised at least since bump to version 6.0 in commit
544806bfd8:
In file included from /home/autobuild/autobuild/instance-7/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include/signal.h:48,
from strace.c:17:
/home/autobuild/autobuild/instance-7/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include/bits/signal.h:18:16: error: redefinition of 'struct sigcontext'
18 | typedef struct sigcontext {
| ^~~~~~~~~~
In file included from /home/autobuild/autobuild/instance-7/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include/asm/ptrace.h:26,
from /home/autobuild/autobuild/instance-7/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include/linux/ptrace.h:107,
from ptrace.h:33,
from strace.c:16:
/home/autobuild/autobuild/instance-7/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include/asm/sigcontext.h:28:8: note: originally defined here
28 | struct sigcontext {
| ^~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/74a480aa76970b36dcd890d9bd7a9df1d49e8e16
- http://autobuild.buildroot.org/results/79ee8ae5fb9712fd874b56e836eca1b997c50cd9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: fix architecture conditional]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
python-setuptools-scm-git-archive is obsolete as
python-setuptools-scm >= 7.0.0 supports Git archives by itself.
Moreover, it raises the following build failure without pip since its
addition in commit 9359325c60:
/nvmedata/autobuild/instance-3/output-1/per-package/host-python-setuptools-scm-git-archive/host/bin/python: No module named pip
Traceback (most recent call last):
File "/nvmedata/autobuild/instance-3/output-1/per-package/host-python-setuptools-scm-git-archive/host/lib/python3.10/site-packages/setuptools/installer.py", line 82, in fetch_build_egg
subprocess.check_call(cmd)
File "/nvmedata/autobuild/instance-3/output-1/per-package/host-python-setuptools-scm-git-archive/host/lib/python3.10/subprocess.py", line 369, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '['/nvmedata/autobuild/instance-3/output-1/per-package/host-python-setuptools-scm-git-archive/host/bin/python', '-m', 'pip', '--disable-pip-version-check', 'wheel', '--no-deps', '-w', '/tmp/tmpaxobatcs', '--quiet', 'typing-extensions']' returned non-zero exit status 1.
Fixes:
- http://autobuild.buildroot.org/results/d05e412170c427e4f210da164c783b3527f15892
- http://autobuild.buildroot.org/results/50f80cfabccbe5c75cd889ce6af2b418e376d4e5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Group _CONF_{ENV,OPTS} together after the autreconf ones.
Keep AUTORECONF=YES close to AUTORECONF_OPTS
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-rust package depends on several host packages to provide tools and
libraries but it doesn't take into account out host libraries in
HOST_DIR while building rustc compiler. Indeed, rustc needs zlib and
fails to link if zlib is not installed on the host.
error: could not compile `rustc_driver` (lib) due to previous error
If zlib is installed on the host, we can notice it with ldd tool (while
it should be linked with the one provided by Buildroot host-zlib):
ldd [...]TestRust/host/bin/rustc
libz.so.1 => /lib64/libz.so.1
Provide HOST_LDFLAGS using llvm.ldflags in config.toml.
(HOST_LDFLAGS provides -L$(HOST_DIR)/lib -Wl,-rpath,$(HOST_DIR)/lib)
With that fixed, rustc_driver link with libz from HOST_DIR but the
host-rust build still fail later due to another issue.
error: could not compile `rustdoc-tool` (bin "rustdoc_tool_binary") due to previous error
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6256881545http://autobuild.buildroot.org/results/a6b/a6b28783f29e6b729824bf42679a62f72ad5bee0
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[yann.morin.1998@free.fr: slight rewording in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Several rust tools are linking against zlib, so add the depedency
explicitly in HOST_RUST_DEPENDENCIES.
For now, host-rust build system is not able to find zlib provided
by Buildroot in HOST_DIR due to at least two issues that will be
fixed in followup commits.
Note that host-zlib is already in the dependency chain, by way of
host-openssl, but since rust needs for itself, we need to add it
as an explicit dependency.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[yann.morin.1998@free.fr: add not about transitive dependency]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 722b84eafa forgot to update
nginx-naxsi resulting in the following build failure:
In file included from ../nginx-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834/naxsi_src/naxsi_runtime.c:7:
../nginx-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834/naxsi_src/naxsi.h:147:3: error: unknown type name 'ngx_regex_compile_t'
147 | ngx_regex_compile_t* target_rx;
| ^~~~~~~~~~~~~~~~~~~
Fixes: 722b84eafa
- http://autobuild.buildroot.org/results/87bbcf946ccbd8e3bf1ca9f39464f4bb198c8d42
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since the addition of the package
in commit ea45b95c0e:
In file included from third_party/boringssl-with-bazel/src/include/openssl/base.h:78,
from third_party/boringssl-with-bazel/src/include/openssl/ssl.h:145,
from ./src/core/tsi/ssl/key_logging/ssl_key_logging.h:23,
from ./src/core/lib/security/security_connector/ssl_utils.h:42,
from ./src/core/lib/security/credentials/tls/grpc_tls_certificate_distributor.h:36,
from ./src/core/ext/xds/certificate_provider_store.h:44,
from src/core/ext/xds/certificate_provider_store.cc:21:
third_party/boringssl-with-bazel/src/include/openssl/target.h:62:2: error: #error "Unknown target CPU"
62 | #error "Unknown target CPU"
| ^~~~~
Fixes: ea45b95c0e
- http://autobuild.buildroot.org/results/36686aca1b45f0bf692a60e67a48424b561930a3
- http://autobuild.buildroot.org/results/4f79c7b1b2fc3306f300ae3ec0aa4439725814c1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A vulnerability was found in obgm libcoap 4.3.4. It has been rated as
critical. Affected by this issue is the function get_split_entry of the
file src/coap_oscore.c of the component Configuration File Handler. The
manipulation leads to stack-based buffer overflow. The attack may be
launched remotely. The exploit has been disclosed to the public and may
be used. It is recommended to apply a patch to fix this issue.
VDB-252206 is the identifier assigned to this vulnerability.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2024-25062: An issue was discovered in libxml2 before 2.11.7 and
2.12.x before 2.12.5. When using the XML Reader interface with DTD
validation and XInclude expansion enabled, processing crafted XML
documents can lead to an xmlValidatePopElement use-after-free.
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.12.5/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Hash of COPYING.NEWLIB is wrong since the addition of the package in
commit 3b95ff658b:
ERROR: COPYING.NEWLIB has wrong sha256 hash:
ERROR: expected: 422aa40293093fb54fc66e692a0d68fd0b24ed5602e5d1d33ad05ba3909057e9
ERROR: got : 9a59b4ee3af067045fe0ea78786201c42d54756fe48cbccf44f3dfc398474717
Fixes: 3b95ff658b
- No autobuilder failures (yet)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without makeinfo raised since the
addition of the package in commit
3b95ff658b:
make[5]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/newlib-bare-metal-4.4.0/microblazeel-xilinx-elf/libgloss'
MAKEINFO ../.././libgloss/doc/porting.info
/home/buildroot/autobuild/instance-2/output-1/build/newlib-bare-metal-4.4.0/missing: line 81: makeinfo: command not found
Fixes: 3b95ff658b
- http://autobuild.buildroot.org/results/23e6641cbce62258310c300f8aed5d6a76973d72
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b7232c51dd added default setting
for bare-metal toolchain arch but unfortunately it used configlines.add
instead of configlines.append resulting in the following build failure:
/bin/sh: line 8: /home/autobuild/autobuild/instance-1/output-1/per-package/host-gcc-bare-metal/host/bin/-ar: No such file or directory
While at it, also append /n for consistency
Fixes: b7232c51dd
- http://autobuild.buildroot.org/results/95ac565653ddb5c14ec71470c32a34ad10b048cb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 22b6945552 (support/scripts/cve.py: switch from NVD to FKIE for
the JSON files) had to change the decompressor from gz to xz, as the new
location is using xz compression.
That commit mentioned that it was spawning an external xz process to do
the decompression, on the pretence that "there is no xz decompressor in
Python stdlib."
Before version 3.1, ijson.items() only accepted a file-like object as
input (that file-like object could yield bytes() or str(), both were
supported). Starting with version 3.1, ijson.items() also accepts that
it be directly passed bytes() or str() directly. subprocess.check_output()
means we are now passing bytes() to ijson.items(), so it fails on ijson
versions before 3.1, with failures such as:
[...]
File "/usr/lib/python3/dist-packages/ijson/backends/python.py", line 25, in Lexer
if type(f.read(0)) == bytetype:
AttributeError: 'bytes' object has no attribute 'read'
Ubuntu 20.04, on which the pkg-stats run to generate the daily report,
only has ijson 2.3. More recent distros have more recent versions of
ijson, like Fedora 39 that has 3.2.3, recent enough to support being fed
bytes(). Commit 22b6945552 was tested on Fedora 39, so did not catch
the issue.
However, the reasoning in 22b6945552 is wrong: there *is* the lzma
module, at least since python 3.3 (that is, aeons ago), which is able to
read xz-compressed files; it also has an API similar to the gzip module,
and can provide a file-like object that exposes the decompressed data.
So, do just that: provide an lzma-wrapped file-like object to ijson, so
that we can eventually recover our daily reports that everything is
broken! :-]
Note that this construct still works on recent versions!
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libheif raises the following build failure with libjpeg since bump to
version 1.17.5 in commit 5714126eda and
https://github.com/strukturag/libheif/commit/ebd13a20b8b7f1964939642b08b662ef7e483f39
/home/buildroot/autobuild/instance-3/output-1/build/libheif-1.17.5/libheif/plugins/encoder_jpeg.cc: In function 'heif_error jpeg_encode_image(void*, const heif_image*, heif_image_input_class)':
/home/buildroot/autobuild/instance-3/output-1/build/libheif-1.17.5/libheif/plugins/encoder_jpeg.cc:366:37: error: invalid conversion from 'long unsigned int*' to 'size_t*' {aka 'unsigned int*'} [-fpermissive]
366 | jpeg_mem_dest(&cinfo, &outbuffer, &outlength);
| ^~~~~~~~~~
| |
| long unsigned int*
Fixes:
- http://autobuild.buildroot.org/results/8ca909564c8dabe28ad08c96ebbc04b25592e727
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit f71d9f49e5 (support/scripts/pkg-stats: fix datetime deprecation
warning) forgot to consider that the datetime.UTC suggested by python
3.12, was only introduced with python 3.11.
However, we are still generating the daily report on a python 3.8
version, which fails at runtime:
AttributeError: module 'datetime' has no attribute 'UTC'
It turns out that datetime.UTC is just an alias for datetime.timezone.utc,
which seems to have existed since before python3...
Use datetime.timezone.utc instead of its alias.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While the old NVD JSON feed provided data files where the CVEs were
sorted by ID, the new feed from FKIE does not have sorted CVEs.
Add a method to sort a list of CVE IDs (i.e. CVE ID strings, not CVE
objects!), and use that when emiting the HTML output.
The JSON output need not be sorted, because it is supposed to be used
for post-processing, and we do not care about the ordering there; a
consumer interested in sorting should sort on their side.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 22b6945552 (support/scripts/cve.py: switch from NVD to FKIE for
the JSON files) missed the fact that the layout of the FKIE data files
are different from the original NVD ones. They are formatted according
to the NVD v2 API.
Most differences are relatively trivial fields renaming, and those are
easily spotted in this patch.
There is however one key difference in the layout of the configurations.
Where the NVD had "configurations" as an object with a "nodes" key, the
FKIE has a "configurations" as a list of objects with a single "nodes"
key; i.e. it is one-level deeper.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Abide by the warning reported with python 3.12:
.../support/scripts/pkg-stats:1289: DeprecationWarning:
datetime.datetime.utcnow() is deprecated and scheduled for removal
in a future version. Use timezone-aware objects to represent
datetimes in UTC: datetime.datetime.now(datetime.UTC).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 2c5a82a29c (package/openssh: select linux-pam if refpolicy
upstream is selected) did not account for the linux-pam dependencies
before selecting it, causing unmet dependencies warnings (unfortunately,
not errors), such as:
$ KCONFIG_SEED=0xCF227CF4 make randconfig
WARNING: unmet direct dependencies detected for BR2_PACKAGE_LINUX_PAM
Depends on [n]: BR2_ENABLE_LOCALE [=n] && BR2_USE_WCHAR [=n] && !BR2_STATIC_LIBS [=n] && BR2_USE_MMU [=y] && BR2_TOOLCHAIN_GCC_AT_LEAST_4_9 [=y]
Selected by [y]:
- BR2_PACKAGE_OPENSSH [=y] && BR2_USE_MMU [=y] && BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION [=y]
2c5a82a29c made the choice of having openssl bear the responsibility
to select linux-pam when the upstream refpolicy version was enabled.
Semantically however, the responsibility really lies within refpolicy
itself, since that's what imposes linux-pam to openssh.
Move the select to refpolicy and drop it from openssh. Then, ensure that
linux-pam is only selected when it is available.
That means that one may get an openssh that is not linked against
linux-pam, when the linux-pam dependencies are not met; refpolicy (by
way of libsepol) also has a more stringent requirement on gcc version
than linux-pam, so most probably the missing dependencies would be
locale, wchar, or a static build. We consider that situation to be a
corner case that we do not want to address.
In the future, we may have more similar situations, whereby refpolicy
would impose other packages be linked with otherwise optional
dependencies. If (when) that were (will be) the case, then the proposed
mechanism would quickly become ugly; we could then re-assess a nicer way
to do that. Until then, this is good ebough.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, when the version string is "too long", it is arbitrarily
truncated.
This works well for commit hashes, because usually the truncation is
long enough to provide a short hash that is still unique in the
upstream VCS.
However, there are non-hash-like versions strings that get truncated
and wihch the discriminant part is toward the end.
Yet, adapting the version cell to the widest versions string (most
probably a git hash) is not very interesting; the table is already very
large.
Make the cell with the version string scrollable: we get to keep the
best of both worlds: a narrow version cell, and a full-length version
string that can be copy-pasted if needed.
Signed-off-by: Sen Hastings <sen@hastings.org>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following static build failure with libpsl raised since bump to
version 8.6.0 in commit 5cee6b6be6:
configure:28830: /home/autobuild/autobuild/instance-6/output-1/host/bin/aarch64_be-buildroot-linux-musl-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O3 -g0 -static -Werror-implicit-function-declaration -Wno-system-headers -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I/home/autobuild/autobuild/instance-6/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/include -static -L/home/autobuild/autobuild/instance-6/output-1/host/bin/../aarch64_be-buildroot-linux-musl/sysroot/usr/lib -L/home/autobuild/autobuild/instance-6/output-1/host/aarch64_be-buildroot-linux-musl/sysroot/usr/lib conftest.c -lpsl -lmbedtls -lmbedx509 -lmbedcrypto -lz -latomic >&5
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/aarch64_be-buildroot-linux-musl/11.4.0/../../../../aarch64_be-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/bin/../aarch64_be-buildroot-linux-musl/sysroot/usr/lib/libpsl.a(psl.c.o): in function `is_public_suffix':
psl.c:(.text+0x2a8): undefined reference to `idn2_lookup_u8'
[...]
checking for library containing psl_builtin... no
configure: error: libpsl was not found
Fixes: 5cee6b6be6
- http://autobuild.buildroot.org/results/1fb15e1a99472c403d0d3b1a688902f32e78d002
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When selecting barebox in menuconfig, BR2_TARGET_BAREBOX_IMAGE_FILE will
be empty by default, which causes Buildroot to install whatever the
barebox-flash-image symlink points at for barebox versions >= v2012.10.0.
This is an outdated fallback, because barebox-flash-image is only valid
when the barebox build produces a single binary. Virtually all new
defconfigs added in the last couple of years are multiconfig
(CONFIG_PBL_IMAGE=y) however, meaning that a single imx_v7_defconfig
or multi_v8_defconfig will produce many images that support different
boards or even platforms.
As there is no single valid target for barebox-flash-image to point at
in this case, this symlink will point at a non-existing
'multi-image-build' to alert the user to this fact.
As replacement for barebox-flash-image, barebox commit 550cf79c216a
("Make list of flash images and fix link all single image cases") first
released with v2015.12.0 creates a barebox-flash-images file with a list
of all images built by barebox.
Have buildroot use that file as a fallback before trying
barebox-flash-image to have a fallback that works for any recent barebox
defconfig as well.
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
tio needs threads since version 2.4 and
https://github.com/tio/tio/commit/93e6efc00153e625e4ceb8a51e01b324247d312a
resulting in the following build failure since bump to version 2.7 in
commit 4b33d7a47d:
In file included from /home/autobuild/autobuild/instance-7/output-1/host/riscv64-buildroot-linux-uclibc/sysroot/usr/include/stdio.h:27,
from ../src/tty.c:23:
/home/autobuild/autobuild/instance-7/output-1/host/riscv64-buildroot-linux-uclibc/sysroot/usr/include/features.h:218:5: warning: #warning requested reentrant code, but thread support was disabled [-Wcpp]
218 | # warning requested reentrant code, but thread support was disabled
| ^~~~~~~
../src/tty.c:43:10: fatal error: pthread.h: No such file or directory
43 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes: 4b33d7a47d
- http://autobuild.buildroot.org/results/9b20ff06a0ad24b7e7f4750ebe64e2077e36164a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 36e635d2d5.
Python 3.12 is still causing too many build failures, so revert for 2024.02.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 687b96db4d.
Python 3.12 is still causing too many build failures, so revert for 2024.02.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Shortly before GCC 10.4.0 was dropped in d37a8f3a2, commit 4ce0dacb6 was
merged and introduced a patch to 10.4.0 that was not accounted for by
the patch that dropped 10.4.0 support.
Fixes: d37a8f3a2 ("package/gcc: remove gcc 10.x")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b9e89b340e (sudo: bump version) introduced the explicit build
of mksigname and mksiglist as host tools, as they were required to run
on the build machine, to generate C code then used to build the target
program.
This is now failing to build since the bump to sudo 1.9.15p5 in commit
c87746afef (package/sudo: security bump to version 1.9.15p5)
(lines manually wrapped and slightly elided for ease of reviewing):
/usr/bin/cpp \
-I/home/ymorin/dev/buildroot/O/master/per-package/sudo/host/include \
-I../../include \
-I../.. \
./sys_signame.h \
| /usr/bin/sed -e '1,/^int sudo_end_of_headers;/d' -e '/^#/d' > mksigname.h
In file included from /usr/include/features.h:394,
from /usr/include/sys/types.h:25,
from ./sys_signame.h:4:
/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
/usr/bin/gcc -I../../include -I../.. -I. -I. \
-D_PATH_SUDO_CONF=\"/etc/sudo.conf\"
-I/home/ymorin/dev/buildroot/O/master/per-package/sudo/host/include \
-DDEFAULT_TEXT_DOMAIN=\"sudo\" \
-O2 \
-I/home/ymorin/dev/buildroot/O/master/per-package/sudo/host/include \
./mksigname.c -o mksigname
In file included from /usr/include/features.h:394,
from /usr/include/bits/libc-header-start.h:33,
from /usr/include/stdlib.h:26,
from ./mksigname.c:27:
/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
make[2]: *** [Makefile:263: mksigname] Error 1
The core of the issue has not been really identified, but it turns out
that neither mksiglist nor mksignames is used during the build. This has
been tested with a minimal sudo with no option, and with a sudo with all
options enabled (linux-pam, zlib, opensldap, and openssl), with the
three types of C libraries (glibc, musl, and uClibc-ng).
Digging in the sudo buildsystem did not reveal an obvious reason when
those would be needed either.
Drop the hook now it seems it is no longer used and is atually breaking
the build.
Fixes: http://autobuild.buildroot.org/results/72f/72ff18fb9b41394a29006f881ee1fbea67a66a09/
Note that there is a second issue in there: the call to the host cpp
fails, but since it is on the LHS of a pipe, the error is lost, as the
RHS of the pipe (the sed call) succeeds; a fix for that will be sent
in a separate patch.
Reported-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Christian Stewart <christian@aperture.us>
Fixes the following security issues:
CVE-2023-40546 mok: fix LogError() invocation
CVE-2023-40547 - avoid incorrectly trusting HTTP headers
CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit system
CVE-2023-40549 Authenticode: verify that the signature header is in bounds.
CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()
CVE-2023-40551: pe-relocate: Fix bounds check for MZ binaries
https://github.com/rhboot/shim/tree/15.8
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update patch to compile correctly with newer versions of GCC, which
has gotten stricter about the placement of the alignas() attribute.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
https://wpewebkit.org/security/WSA-2024-0001.html
- CVE-2024-23222: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been exploited. Description: A type confusion issue was
addressed with improved checks.
- CVE-2024-23206: A maliciously crafted webpage may be able to
fingerprint the user. Description: An access issue was addressed with
improved access restrictions.
- CVE-2024-23213: Processing web content may lead to arbitrary code
execution. Description: The issue was addressed with improved memory
handling.
Add an upstream post-2.42.5 patch to fix an issue with an invalid
backport causing a build issue.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Release notes from https://github.com/libts/tslib/releases :
This release includes libts version 0.10.5 and the following changes:
* new filter module: module crop
* some build and security fixes
* improved release procedure
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of waiting for a hardcoded time of 30s we check periodically every
second if the server is already up. If it isn't up after the full timeout
(which is the same as before) expired the test fails.
We need to redirect all output of the background started task to
/dev/null now as it otherwise confuses the emulator.run() exit code
parsing logic (as it gets out of order messages from the emulator).
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
yann.morin.1998@free.fr: simplify assert test]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Move comment in Config.in to end of file so that
BR2_PACKAGE_GOOGLE_BREAKPAD_TOOLS is properly idented.
Signed-off-by: Nuno Gonçalves <nunog@fr24.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
uClibc lacks process_vm_readv(), and sudo fails to build since commit
c87746afef (package/sudo: security bump to version 1.9.15p5), with
errors such as:
./exec_ptrace.c: In function ‘ptrace_write_vec’:
./exec_ptrace.c:895:9: error: ‘nwritten’ undeclared (first use in this function); did you mean ‘pwrite’?
895 | nwritten = ptrace_write_string(pid, strtab, vec[i]);
| ^~~~~~~~
| pwrite
Backport an upstream commit to fix the issue.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit c05f27c "configs/freescale_imx93evk: new defconfig", when
applied, added few ShellCheck fixups on top of the orginial
submission. During those changes, one extra backslash was added,
making the imx9-bootloader-prepare.sh fail.
This commit fixes the issue by removing this extra backslash.
Fixes:
dd: failed to open '/buildroot/output/images/u-boot-atf-container.img': No such file or directory
make: *** [Makefile:820: target-post-image] Error 1
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Tested-By: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
$ utils/docker-run make check-package
board/freescale/imx93evk/patches/linux-headers/linux-headers.hash:3: empty line at end of file
board/freescale/imx93evk/patches/linux/linux.hash:3: empty line at end of file
402624 lines processed
2 warnings generated
make: *** [Makefile:1248: check-package] Error 1
Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The dependency comment must be shown when the platform has no ELE and
not when the platform has no VPU.
Fixes: 69d127fe29 ("package/freescale-imx/firmware-ele-imx: new package")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fix the following openssl static build raised since commit
80fa5672da:
/home/buildroot/autobuild/instance-0/output-1/host/lib/gcc/aarch64_be-buildroot-linux-uclibc/12.3.0/../../../../aarch64_be-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-0/output-1/host/aarch64_be-buildroot-linux-uclibc/sysroot/lib/../lib64/libcrypto.a(libcrypto-lib-c_zlib.o): in function `zlib_oneshot_expand_block':
c_zlib.c:(.text+0xaec): undefined reference to `uncompress'
Commit b9a062b354 can also be reverted as
pkg-config will also retrieve -latomic to avoid the following build
failure:
/home/autobuild/autobuild/instance-1/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-1/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(threads_pthread.o): in function `CRYPTO_atomic_add':
threads_pthread.c:(.text+0x208): undefined reference to `__atomic_is_lock_free'
RSYNC_POST_CONFIGURE_HOOKS must be added to call reconfigure and avoid
the following build failure after autoreconf:
autoconf -o configure.sh
autoheader && touch config.h.in
configure.sh has CHANGED.
config.h.in is unchanged.
You may need to run:
make reconfigure
Fixes:
- http://autobuild.buildroot.org/results/6c1636f7556e7370a4c9f6d02c63cf3e20dc985c
- http://autobuild.buildroot.org/results/49abbaa1eab94b248bff434b40728065d687e278
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable neon with soft float to fix the following build failure raised
at least since version 2.19.1:
In file included from build/include/botan/internal/simd_32.h:27,
from src/lib/block/aes/aes_vperm/aes_vperm.cpp:15:
/home/thomas/autobuild/instance-1/output-1/host/lib/gcc/arm-buildroot-linux-musleabi/10.4.0/include/arm_neon.h:31:2: error: #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
31 | #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/6b311e97484db2b0f8adbda140320d696713b1e0
- http://autobuild.buildroot.org/results/c309940ea6db0845d8221fb51611d0254222c644
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update U-Boot to version 2024.01 and kernel to 6.6.12.
In kernel 6.6 the arm32 i.MX device trees were placed into the
nxp/imx kernel directory, so adapt accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This package provides firmware blobs for the Edgelock Secure
Enclave (ELE) [1] present on i.MX8ULP and i.MX9 Socs.
This version comes from the 6.1.55-2.2.0 release.
Since i.MX8ULP is not added to Buildroot yet, only support i.MX9.
[1] https://www.nxp.com/products/nxp-product-information/nxp-product-programs/edgelock-secure-enclave:EDGELOCK-SECURE-ENCLAVE
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Arnout:
- Introduce BR2_PACKAGE_FREESCALE_IMX_HAS_ELE instead of specific
dependencies.
- Drop BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX91A1, use
BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX91 instead.
- Don't use SCR.txt as license file (it's just an index file); instead,
use EULA.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This commit adds i.MX91 and i.MX93 support to Buildroot.
https://www.nxp.com/products/processors-and-microcontrollers/arm-processors/i-mx-applications-processors/i-mx-9-processors:IMX9-PROCESSORS
There is no i.MX95 software provided by NXP at the moment that's why
i.MX95 is left behind.
Adapt package firmware-imx for the LPPDR4 firmware binaries. The i.MX91
and i.MX93 only support LPDDR4 and LPDDR4x, but using different binaries
than i.MX8. For simplicity, use a completely separate code path for
i.MX91 and i.MX93, using the symbol
BR2_PACKAGE_FIRMWARE_IMX_NEEDS_DDR_FW_IMX9. There is only one type of
firmware supported, so there's no need for a choice or for selecting the
version (at least for now).
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
[Arnout:
- Remove BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX91A1 option.
- Re-wrap help text.
- Introduce BR2_PACKAGE_FIRMWARE_IMX_NEEDS_DDR_FW_IMX9 instead of
reusing BR2_PACKAGE_FIRMWARE_IMX_NEEDS_DDR_FW.
- Create completely separate instance of
FIRMWARE_IMX_INSTALL_IMAGE_DDR_FW for
BR2_PACKAGE_FIRMWARE_IMX_NEEDS_DDR_FW_IMX9.
- Drop the training binaries choice for IMX9.
- Drop the firmware version option for IMX9.
- Keep options for IMEM and DMEM padding.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Similar to the new fastapi test, instead of waiting for a hard coded
amount of time we can retry every second until the server is available
and abort if after the timeout we still didn't manage to connect.
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following failure in the install step of host-python3:
...
/usr/bin/install -c -m 644 pyconfig.h output/host/include/python3.12/pyconfig.h
[ERROR] _tkinter failed to import: output/build/host-python3-3.12.1/build/lib.linux-x86_64-3.12/_tkinter.cpython-312-x86_64-linux-gnu.so: undefined symbol: Tcl_AddErrorInfo
The following modules are *disabled* in configure script:
_ctypes_test _testbuffer _testcapi
_testclinic _testimportmultiple _testinternalcapi
_testmultiphase _xxtestfuzz xxsubtype
Following modules built successfully but were removed because they could not be imported:
_tkinter
Checked 110 modules (31 built-in, 54 shared, 15 n/a on linux-x86_64, 9 disabled, 0 missing, 1 failed on import)
...
/usr/bin/install -c -m 644 ./Lib/types.py output/host/lib/python3.12
/usr/bin/install: cannot stat 'Modules/_tkinter.cpython-312-x86_64-linux-gnu.so': No such file or directory
/usr/bin/install -c -m 644 ./Lib/typing.py output/host/lib/python3.12
make[3]: *** [Makefile:2068: sharedinstall] Error 1
...
Fixes: 36e635d2d5 ("package/python3: bump version to 3.12.1")
Signed-off-by: Roy Kollen Svendsen <roy.kollen.svendsen@akersolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When the elfutils package was first introduced, it filtered out
LFS-related compiler flags due to issues with the package's
implementation. This package has since evolved over the years to support
LFS (e.g. using `AC_SYS_LARGEFILE` [1]).
Filtering out `-D_FILE_OFFSET_BITS=64` can lead to a configuration error
when `BR2_TIME_BITS_64` is enabled:
checking whether gcc supports -Wl,-z,relro... yes
checking for __thread support... no
configure: error: __thread support required
...
With the configuration log providing the specific reason:
configure:7175: .../output-1/host/bin/m68k-buildroot-linux-gnu-gcc -o conftest -fPIC -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_TIME_BITS=64 -Ofast -g0 -D_FORTIFY_SOURCE=2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_TIME_BITS=64 -shared -Wl,-z,defs -Wl,-z,relro -latomic -Wl,--build-id conftest.c >&5
In file included from .../output-1/host/m68k-buildroot-linux-gnu/sysroot/usr/include/features.h:394,
from .../output-1/host/m68k-buildroot-linux-gnu/sysroot/usr/include/bits/libc-header-start.h:33,
from .../output-1/host/m68k-buildroot-linux-gnu/sysroot/usr/include/stdlib.h:26,
from conftest.c:13:
.../output-1/host/m68k-buildroot-linux-gnu/sysroot/usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
26 | # error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
| ^~~~~
configure:7175: $? = 1
...
Fixes:
- http://autobuild.buildroot.org/results/fbfe131673ed78999a07dbc879436e0ef6a8a1c0
[1]: https://sourceware.org/git/?p=elfutils.git;a=commit;h=3425454a10d307fae891fb667cf7969e945cde79
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switch from distutils to setuptools to avoid the following build failure
raised since bump of python to version 3.12.1 in commit
36e635d2d5:
Traceback (most recent call last):
File "/home/fabrice/buildroot/output/build/libpwquality-1.4.5/python/setup.py", line 9, in <module>
from distutils.core import setup, Extension
ModuleNotFoundError: No module named 'distutils'
Fixes: 36e635d2d5
No autobuilder failures (yet)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc >= 13:
In file included from /home/buildroot/autobuild/instance-3/output-1/build/uhd-4.3.0.0/host/lib/cal/database.cpp:7:
/home/buildroot/autobuild/instance-3/output-1/build/uhd-4.3.0.0/host/include/uhd/cal/database.hpp:86:24: error: 'uint8_t' was not declared in this scope
86 | static std::vector<uint8_t> read_cal_data(const std::string& key,
| ^~~~~~~
/home/buildroot/autobuild/instance-3/output-1/build/uhd-4.3.0.0/host/include/uhd/cal/database.hpp:14:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
13 | #include <functional>
+++ |+#include <cstdint>
14 |
Fixes:
- http://autobuild.buildroot.org/results/cc52f2ed4fa43fe9c92713eb8561afcba29e12f3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit c10349bf67 (package:libselinux: replace PKG_PYTHON_DISTUTILS_ENV)
forgot to update a comment that refered to PKG_PYTHON_DISTUTILS_ENV.
Replace that now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gpg key generation can take longer than the default timeout on a
loaded or slow test host. The commit increase the timeout for the
key generation command to prevent the test to randomly fail.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Replace PKG_PYTHON_DISTUTILS_ENV by PKG_PYTHON_SETUPTOOLS_ENV as libdnet
uses setuptools instead of distutils since version 1.16.2 and
https://github.com/ofalk/libdnet/commit/4e4fc687953105b66bcc847a68869126ac3ec918
This will avoid the following build failure raised since commit
09de823cbc:
In file included from /home/fabrice/buildroot/output/per-package/libdnet/host/include/python3.12/Python.h:38,
from ./dnet.c:40:
/home/fabrice/buildroot/output/per-package/libdnet/host/include/python3.12/pyport.h:586:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
586 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes: 09de823cbc
(No autobuilder failure (yet))
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Replace PKG_PYTHON_DISTUTILS_ENV by PKG_PYTHON_SETUPTOOLS_ENV as
libselinux uses setuptools instead of distutils since version 3.5 and
https://github.com/SELinuxProject/selinux/commit/2b5d5585754eb731a68158b613c7676fc3195ed9
This will avoid the following build failure raised since commit
09de823cbc:
In file included from /home/buildroot/autobuild/instance-0/output-1/per-package/libselinux/host/include/python3.12/Python.h:38,
from selinuxswig_python_wrap.c:168:
/home/buildroot/autobuild/instance-0/output-1/per-package/libselinux/host/include/python3.12/pyport.h:586:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
586 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes: 09de823cbc
Fixes: http://autobuild.buildroot.org/results/3fbbb741de33310c8cacab753a32e79c5e531036
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since the addition of the package
in commit 0a1f2fce04:
/home/autobuild/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-uclibc/bin/ld.real: pty.o: in function `my_pty_fork':
pty.c:(.text+0x68): undefined reference to `fork'
/home/autobuild/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-uclibc/bin/ld.real: filter.o: in function `.L0 ':
filter.c:(.text+0x134): undefined reference to `fork'
Fixes:
- http://autobuild.buildroot.org/results/0a3a68cfb181bc67a7dbf1d44f64b0a29df75987
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that we can specify that the default values for the CPE_ID variables
are valid, without having to actually set one (or more) to their
default, add a check-package check that validates that the CPE_ID
variables are indeed not set to their default.
It also validates that CPE_ID_VALID is not set when another CPE_ID
variable is set to a non-default value.
Add an anchor in the manual so that we can easily point to it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that we document _CPE_ID_VALID, and that it shall be used instead of
setting a default value to one of the other _CPE_ID_* variables, change
all of the existing packages to use it, to avoid any error when we later
extend check-package to validate the sanity ofthe _CPE_ID_* variables.
Mechanical change done within the reference container, running the new
check in check-package, to report the CPE_ID errors:
$ make check-package 2>/dev/null \
|awk '{
split($(1), a, ":"); fname = a[1]
split($(2), a, "'\''"); val = a[2]
new_var = $(8); gsub("_CPE_ID_.*", "_CPE_ID_VALID", new_var)
printf("%s %s %s %s\n", fname, $(8), val, new_var)
}' \
|while read fname var val new_var; do
sed -r -i -e "s/${var}[[:space:]]*=[[:space:]]*${val}/${new_var} = YES/" "${fname}"
done
$ git diff -I'CPE_ID_(VENDOR|VALID)'
[empty]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The way we handle CPE_ID variable is unusual compared to the other
variables: we mostly compute defaults for all of them, and eventually
aggregate the various CPE_ID variables to form the CPE ID name.
However, we do not consider that CPE ID to valid, unless there is one
(or more) CPE_ID variables actually set by the package; this shows that
the CPE ID has been checked to be valid against the NVD CPE database. In
that situation, we internally define the duly undocumented _CPE_ID_VALID
variable.
However, it is totally possible (and very often the case) that the
default value we set to those variables are appropriate, and do defne a
valid CPE ID. In this case, the package will define any arbitrary CPE_ID
variable to its default value, usually by setting either the VENDOR or
PRODUCT field, though there is no rule or requirement that be the case.
This is not very clean, non-obvious, and does not allow for easily
adding checks in check-package.
Add the _CPE_ID_VALID variable to the manual, to make it official that
it should be used when the default values of the others are valid.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With recent asiidoc versions (at least 10.2.0 is known to report that),
rendering the manual yields a few warnings related to ordered lists:
asciidoc: WARNING: customize-quick-guide.adoc: line 13: list item index: expected 2 got 1
asciidoc: WARNING: customize-quick-guide.adoc: line 15: list item index: expected 3 got 1
[...]
asciidoc: WARNING: customize-quick-guide.adoc: line 65: list item index: expected 13 got 1
asciidoc: WARNING: customize-quick-guide.adoc: line 66: list item index: expected 14 got 1
asciidoc: WARNING: adding-packages-gettext.adoc: line 30: list item index: expected 2 got 1
asciidoc: WARNING: adding-packages-gettext.adoc: line 41: list item index: expected 3 got 1
The reason is that we use the same index to tell asciidoc to
automatically number items.
However, the official way to provide an automatic index is to write no
index:
https://docs.asciidoctor.org/asciidoc/latest/lists/ordered/
[...] since the numbering is obvious, the AsciiDoc processor will
insert the numbers for you if you omit them:
[...]
If you number the ordered list explicitly, you have to manually keep
the list numerals sequential. Otherwise, you will get a warning.
So, abide by the documentation, and drop the repeating indices to
ordered lists where we want automatic numbering.
Note that there is another ordered list, in adding-packages-directory.adoc,
but it does use explicit, sequential numbering. For consistency within
the whole document, we also convert it.
To avoid extra useless churn, the indentation of the items is not
changed to match the elided indices.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
phobosdpl is an old work email I don't really use anymore, so I'm
changing it to my personal email.
Signed-off-by: Sen Hastings <sen@phobosdpl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The last Jailhouse tag is v0.12. It dates from 2020-02-04, which is
4 years old. This version no longer compiles with recent Kernels.
This commit updates Jailhouse to the latest commit e57d1ef, which
dates from 2023-01-10.
For commit logs, see:
https://github.com/siemens/jailhouse/commits/master/
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The jailhouse package installs files in the /usr/local prefix. This is
not convenient, because the jailhouse binary ends up in /usr/local/sbin,
which is not in the default Buildroot PATH. See [1]. Moreover, all
other Buildroot packages install files in /usr.
This is because the Buildroot package recipe does not set any prefix
value, and the upstream Jailhouse Makefile has a default to /usr/local.
See [2].
This commit sets the prefix value in the JAILHOUSE_MAKE_OPTS and also
updates other installation commands to put all the files in /usr.
[1] https://gitlab.com/buildroot.org/buildroot/-/blob/2023.11.1/system/Config.in#L495
[2] https://github.com/siemens/jailhouse/blob/v0.12/scripts/include.mk#L22
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
https://webkitgtk.org/security/WSA-2024-0001.html
- CVE-2024-23222: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue may
have been exploited. Description: A type confusion issue was addressed
with improved checks.
- CVE-2024-23206: A maliciously crafted webpage may be able to fingerprint
the user. Description: An access issue was addressed with improved access
restrictions.
- CVE-2024-23213: Processing web content may lead to arbitrary code execution.
Description: The issue was addressed with improved memory handling.
- CVE-2023-40414: Processing web content may lead to arbitrary code
execution. Description: A use-after-free issue was addressed with
improved memory management.
- CVE-2023-42833: Processing web content may lead to arbitrary code execution.
Description: A correctness issue was addressed with improved checks.
- CVE-2014-1745: Processing a file may lead to a denial-of-service or
potentially disclose memory contents. Description: The issue was
addressed with improved checks.
https://webkitgtk.org/security/WSA-2023-0012.html
- CVE-2023-42883: Processing a SVG image may lead to a denial-of-service.
Description: The issue was addressed with improved memory handling.
- CVE-2023-42890: Processing web content may lead to arbitrary code
execution. Description: The issue was addressed with improved memory
handling.
https://webkitgtk.org/security/WSA-2023-0011.html
- CVE-2023-42916: Processing web content may disclose sensitive information.
Apple is aware of a report that this issue may have been actively
exploited. Description: An out-of-bounds read was addressed with improved
input validation.
- CVE-2023-42917: Processing web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have been
actively exploited. Description: A memory corruption vulnerability was
addressed with improved locking.
Add an upstream post-2.42.5 patch to fix an issue with an invalid backport
causing a build issue.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 1edb9d691d (package/v4l2loopback: add
V4L2LOOPBACK_CPE_ID_VENDOR) added that variable, but set to its default
value.
This is however not required to define a valid CPE ID, as it also
defines a non-default CPE_ID_PREFIX.
Drop V4L2LOOPBACK_CPE_ID_VENDOR now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The symmetric encryption test can sometimes take longer than the default
timeout. This commit increase the timeout to 10 seconds for that
command.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds support for the AVNET RZBoard V2L.
The board support creates a bootable sd card image. The board is
shipped with a u-boot inside its eMMC. The board support uses this
u-boot and does not build and deploy a u-boot onto the sd card.
Instead the sd card only contains a uEnv.txt, a kernel image and the
rootfs.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The petitboot UI looks much nicer in a Unicode locale:
* Items in the language selection submenu use multibyte Unicode
characters. In other locales, they say "Unable to display text in this
locale".
* The combination of TERM=linux with a UTF-8 locale is required to
trigger a special-case workaround in ncurses code[1]. Without
this, line-drawing characters in the menu look like q's.
Turn on wchar support in ncurses, and add a reminder that a UTF-8 locale
should be generated for things to look right.
[1] https://invisible-island.net/ncurses/ncurses.faq.html#no_line_drawing
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Normalize the order of arguments to $(INSTALL). Remove an unnecessary
pair of parentheses.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The patch drops the file README.md from the license files. Indeed, the
licensing terms apply to third-party libraries that uuu links to, and
even though they are bundled in the source tree of uuu|mfgtools, they
are not used by Buildroot as we use the ones we build. Therefore, the
actual license file of the package is the file LICENSE.
Moreover, this also leads to simplifying the bump to new versions.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop no longer required python-setuptools runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When the CVE lookup was added in commit
4a157be9ef, the starting year of the JSON
files was set to 2002. However, there are also CVEs from 1999, 2000 and
2001. It is not clear why these were skipped back then.
Set the start year to 1999 to capture these old CVEs too.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
NVD will deprecate the v1.1 API which allows us to download the full
database as individual JSON files. Instead, there's a horribly crappy
API that is extremely slow and subject to race conditions.
Fortunately, there is a project, Fraunhofer FKIE - Cyber Analysis and
Defense [1], that goes through the effort of adapting to this new API
and regenerating the convenient JSON files. The JSON files and meta
files are re-generated daily.
Instead of implementing the NVD v2 API, we decided to just use the JSON
files generatd by fkie-cad. That saves us the effort of solving the race
conditions, devising a cache mechanism that works, handling the frequent
gateway timeouts on the NVD servers, dealing with the rate limiting, and
keeping up with changes in the API.
Switch to this repository on github as NVD_BASE_URL. The file name is
also slightly different (CVE-20XX.json instead of nvdcve-1.1-20XX.json).
The fkie-cad repository compresses with xz instead of gz. Therefore:
- rename the filename variables to _xz instead of _gz;
- use xz as a subprocess because there is no xz decompressor in Python
stdlib.
[1] https://www.fkie.fraunhofer.de/en/departments/cad.html
Cc: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We currently check the CPE database to see if the CPE ID we use
(including the version) is already in the database.
However, the version part of the CPE ID is not actually used for CVE
matching. Instead, the CVEs have a range of versions associated with
them and we match against those ranges.
In addition, NVD is moving to a new API for accessing the CPE database.
It will not longer be possible to simply download all the CPE IDs, and
due to rate limiting, the download will have to be done in several
queries.
Since all of this is anyway of limited use, drop the CPE database lookup
entirely. Instead, as long as a CPE ID is defined in a package, it is
considered OK, without any checks.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The package/busybox/busybox-minimal.config is the default configuration
for MMU-less systems, so the setting is redundant and can be removed
without effect.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with aarch64 and BR2_OPTIMIZE_0 raised
since commit 0512910e49:
src/convert-neon-body-bayer8.inc.h: In function 'bayer2rgb_convert_neon':
src/convert-neon.c:233:17: error: third argument to '__builtin_prefetch' must be a constant
233 | __builtin_prefetch(((void const *)(_addr)) + 64, 0, (_lvl)); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/convert-neon-body-bayer8.inc.h:8:9: note: in expansion of macro 'do_prefetch'
8 | do_prefetch(&in[+1*stride - 1], (rows_per_loop) < 3 ? 3 : 0);
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/307c1c448becd99dfba3a17b3ef816db0bb5cad6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
swugenerator might use openssl to encrypt files in .swu(cpio)
resulting output archive and gzip or zlib to compress the same files
but we're not sure whether build environment have or not openssl, gzip
and zlib installed so we add them as host dependencies.
Signed-off-by: Giulio Benetti <giulio.benetti+tekvox@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The meson upgrade from 1.1.1 to 1.2.0 have been reverted because
host-qemu (version v8.0.3) was searching libraries in the build machine
instead of buildroot host directory [1].
$ grep -r LINK_ARGS * | grep "\-L/usr"
build.ninja: LINK_ARGS =
-L/usr/lib/gcc/x86_64-linux-gnu/10 \
-L/usr/lib/gcc/x86_64-linux-gnu/10/../../../x86_64-linux-gnu -L/usr/lib/x86_64-linux-gnu \
-L/usr/lib/gcc/x86_64-linux-gnu/10/../../../../lib -L/usr/lib \
-L/lib/x86_64-linux-gnu \
-L/lib/../lib \
-L/usr/lib/../lib \
-L/usr/lib/gcc/x86_64-linux-gnu/10/../../.. \
-L/lib \
-I/[...]/host/include \
-L/[...]/host/lib \
-I/[...]/host/include/libfdt \
...
Upgrading qemu to version v8.1.0 solves the problem:
$ grep -r LINK_ARGS * | grep "\-L/usr"
build.ninja: LINK_ARGS =
-I/[...]/host/include \
-L/[...]/host/lib \
-I/[...]/host/include/libfdt \
...
Those two tests were done with the same buildroot version (2023.08) on
the same machine were the bug appeared. Using, git bisect, in this
environment, it was found that the problem was fixed in qemu by the
commit [2].
Thus, it is possible that the problem was introduced by improper use of
meson by qemu <= v8.0.3. Also, meson has been updated to version 1.2.1
and 1.3.0 in yocto and it doesn't seem to create any issue. [3]
The original problem is no longer present and some projects require
meson > 1.1.1 (e.g. rusticl requires meson 1.2.0 since mesa 23.3.0 and
meson 1.3.1 since mesa 24.0.0).
"pkgconfig" field is deprecated by meson 1.3.0 and replaced by
"pkg-config". See: [4]
The patch that adds the pkg_config_static property has been rebased.
[1] https://gitlab.com/buildroot.org/buildroot/-/commit/acfdf21f0b752e844a33c70a0fd2f82f4534a5a0
[2] https://gitlab.com/qemu-project/qemu/-/commit/Fc9a809e0d28417fa1e7f7efc19f845bda4c1be9
[3] https://github.com/yoctoproject/poky/commits/master/meta/recipes-devtools/meson
[4] https://mesonbuild.com/Release-notes-for-1-3-0.html#machine-files-pkgconfig-field-deprecated-and-replaced-by-pkgconfig
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
[yann.morin.1998@free.fr:
- keep our formatting in the patch
- reflow commit log (to keep busy while test-building!)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
TestGlxinfo fail with a new runtime error:
# glxinfo -B -display :0
name of display: :0
traps: glxinfo[84] trap invalid opcode ip:b73c7027 sp:bf8433c0 error:0 in swrast_dri.so[b6e4c000+64f000]
Illegal instruction
The x86-core2 Bootlin toolchains are built for a core2 CPU [0],
this means that the Bootlin toolchains may use core2-specific
instructions.
The TestGlxinfo test is setup for BR2_x86_core2, so our
executables will also contain core2 instructions.
However, the default Qemu x86 is not guaranteed to emulate all the
instructions specific to core2, causing runtime issues as reported
above.
A similar issue has been fixed by adding Nehalem cpu emulation on
the qemu command line. See 4f565b5222 ("support/testing: use Nehalem
cpu emulation for TestGrubX8664EFI").
Set core2duo cpu emulation for TestGlxinfo on the qemu command line.
[0] https://gitlab.com/buildroot.org/toolchains-builder/-/blob/kubu/toolchain-builder-2023.08/configs/arch/x86-core2.config?ref_type=heads
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mesa3d 23.3 added dri3_priv.h header and dri3_check_multibuffer() function in
drisw (part of swrast gallium driver) that can be build without dri3.
i686-buildroot-linux-gnu/bin/ld: src/glx/libglx.a.p/drisw_glx.c.o: in function `driswCreateScreenDriver':
drisw_glx.c:(.text.driswCreateScreenDriver+0x3a0): undefined reference to `dri3_check_multibuffer'
collect2: error: ld returned 1 exit status
Add HAVE_DRI3 guard around dri3_priv.h header and the zink code using
dri3_check_multibuffer().
While testing again the TestGlxinfo runtime test, a new unexpected error line
appeared in the glxinfo log:
MESA-LOADER: failed to open zink: /usr/lib/dri/zink_dri.so
mesa3d try to load zink gallium driver even if it was not enabled at
build time, indeed there is no such option in Buildroot.
Apply patches sent upstream:
https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/27478
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6093854455
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The defconfig choice is the default one, so it is redundant and can be
removed without effect.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 6b2329bb80 ("configs/ti_am64x_sk: new defconfig") forgot to
specify the Linux kernel version, so do that now.
When the defconfig was added, the default version was 6.4.x, so use
version 6.4.16.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes build issue of the python support with python 3.12 (2.3.4
unconditionally uses distutils).
The license file used being a header file, it has changed due to code
changes, but the license is still LGPL-3.0+.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 719921bebe (package/kexec: bump to version 2.0.27) forgot to
propagate the new dependency on kernel headers to petitboot, which may
select kexec, causing unmet dependencies warnings (unfortunately, not
errors), such as:
$ KCONFIG_SEED=0x84462FFC make randconfig
WARNING: unmet direct dependencies detected for BR2_PACKAGE_KEXEC
Depends on [n]: BR2_PACKAGE_KEXEC_ARCH_SUPPORTS [=y] && BR2_TOOLCHAIN_HEADERS_AT_LEAST_3_17 [=n]
Selected by [y]:
- BR2_PACKAGE_PETITBOOT [=y] && (BR2_PACKAGE_KEXEC_ARCH_SUPPORTS [=y] || BR2_PACKAGE_KEXEC_LITE_ARCH_SUPPORTS [=n]) && BR2_USE_MMU [=y] && BR2_USE_WCHAR [=y] && !BR2_STATIC_LIBS [=n] && BR2_TOOLCHAIN_HAS_THREADS [=y] && BR2_PACKAGE_HAS_UDEV [=y] && !BR2_PACKAGE_KEXEC_LITE_ARCH_SUPPORTS [=n]
Propagate the dependency from kexec, and add comments about dependencies
also inherited from kexec-lite.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Laurent Vivier <laurent@vivier.eu>
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the comment about availability is between the package main
symbol and its suboptions, breaking the threading in menuconfig.
Invert the order, and move the comment last. Also enclose the suboptions
between an if-block, as it is more customary.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, the makedevs syntax explanations are duplicated: one in
the package directory, which was introduced firat but bit-rotted for
a while each time the makedevs was updated, and once in the manual,
which lagged much less. As for all duplicated documentation, the two
diverged and one was not updated.
In commit 738fb6dfa4 (docs/manual: extend makedev syntax section),
we recently updated the makedevs syntax description, but that indeed
missed the old README.
Get rid of the README and replace it with a symlink to the manual
makedevs section.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The gstreamer plugin select the EGL backend of gst1-plugins-base, but
forgot to propagate all of its dependencies, notably the _HAS_API
condition, causing unmet dependencies warnings (unfortunately, not
errors), such as;
$ KCONFIG_SEED=0x597D22A8 make randconfig
WARNING: unmet direct dependencies detected for BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_EGL
Depends on [n]: BR2_PACKAGE_GSTREAMER1 [=y] && BR2_PACKAGE_GST1_PLUGINS_BASE [=y] && BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL [=y] && BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_HAS_API [=n] && BR2_PACKAGE_HAS_LIBEGL [=y]
Selected by [y]:
- BR2_PACKAGE_IVI_HOMESCREEN_GSTREAMER_EGL_PLUGIN [=y] && BR2_PACKAGE_IVI_HOMESCREEN [=y] && BR2_PACKAGE_FFMPEG_ARCH_SUPPORTS [=y] && BR2_PACKAGE_HAS_LIBEGL [=y]
We can't select _HAS_API, because it is a symbol that represents a
capability provided by other features of gst1-plugins-base; it's
semantically like a virtual package: we can't select it, we can only
depend on it.
Add this dependency to fix this situation.
This however causes circular (recursive) dependencies errors:
package/gstreamer1/gst1-plugins-base/Config.in:135:error: recursive dependency detected!
package/gstreamer1/gst1-plugins-base/Config.in:135: symbol BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL is selected by BR2_PACKAGE_IVI_HOMESCREEN_GSTREAMER_EGL_PLUGIN
package/ivi-homescreen/Config.in:221: symbol BR2_PACKAGE_IVI_HOMESCREEN_GSTREAMER_EGL_PLUGIN depends on BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_HAS_API
package/gstreamer1/gst1-plugins-base/Config.in:149: symbol BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_HAS_API is selected by BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_OPENGL
package/gstreamer1/gst1-plugins-base/Config.in:152: symbol BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL_OPENGL depends on BR2_PACKAGE_GST1_PLUGINS_BASE_LIB_OPENGL
Indeed, _HAS_API is only even set when gstreamer1, gst1-plugins-base,
and the gst1-plugins-base's lib-opengl support, are all already enabled.
As such, the dependency on _HAS_API already implies those, and there is
no need to select them.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
Reviewed-by: Adam Duskett <Adam.Duskett@amarulasolutions.com>
Tested-by: Adam Duskett <Adam.Duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Born as a project to read/write the bootcount on the TI am3xx platform,
over time it has introduced bootcount management on EEPROM and for the
stm32mp1 platform. As a result, the project removed the 'davinci' tag
from its name and GitHub link.
The patch aligns the package name in Buildroot with the current one on
GitHub.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Peter: extend/rework legacy handling]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We recently added support for building a bare-metal toolchain, and the
autobuilders are therefore trying to build such toolchains. However,
by default the BR2_TOOLCHAIN_BARE_METAL_BUILDROOT_ARCH option is
empty, causing the target tuple to be empty, and therefore
host-gcc-bare-metal tries to build a toolchain for the target
"x86_64-pc-linux-gnu", which isn't a bare-metal target, and fails
badly.
In order to properly test this bare-metal support, this commit adjusts
the genrandconfig script so that it injects a valid target
architecture tuple.
Fixes:
http://autobuild.buildroot.net/results/6cb1514b19bfe056fb984d3538bdccdda5e174c1/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 4b8fddb060 ("configs/ti_am62x_sk: new defconfig) forgot to
specify the Linux kernel version, so do that now.
When the defconfig was added, the default version was 6.4.x, so use
version 6.4.16.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[Romain:
use BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_4 as suggested
by Giulio Benetti]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Commit
c6ab9328e1 ("boot/arm-trusted-firmware:
change BR_NO_CHECK_HASH_FOR logic") was written too hastily, and is
actually broken as it does the reverse of what it should do. It really
should disable the check when we're using a custom version/git/tarball
of TF-A, not the opposite.
Thanks to Romain for pointing out the problem, and providing an IRL
patch to solve the issue.
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This toolset was designed to facilitate the testing, monitoring, and
tracing of various things with virtual memory, pages, and slab objects.
It is an invaluable resource for identifying and analyzing
memory-related issues, such as leaks and bottlenecks, and can greatly
enhance one's understanding of memory utilization within a system.
The mm toolset includes:
- page_owner_sort: userspace helper to sort the output of
/sys/kernel/debug/page_owner, which helps to know who allocates
the page from kernel context
- slabinfo: the tool which gets reports about slabs, for example
show empty slabs, modify of slab debug options at runtime, display
all information about a slabcache
- page-types: a handy tool for querying page flags
Signed-off-by: Dmitry Rokosov <ddrokosov@salutedevices.com>
Signed-off-by: Alexey Romanov <avromanov@salutedevices.com>
[yann.morin.1998@free.fr:
- don't depend on linux, already a patch dependency
- don't set CC: default is based on CROSS_COMPILE
- no need to fully recheck at install time
- move the option for alphabetical ordering
- fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com>
[Peter: Fix check-package warnings, move to "Shell and utilities" and add
DEVELOPERS entry]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following musl build failure raised since bump to version 1.6.0
in commit 7794fa4c4e:
pam_namespace.c: In function 'process_line':
pam_namespace.c:649:41: error: 'SIZE_MAX' undeclared (first use in this function)
649 | if (count > UINT_MAX || count > SIZE_MAX / sizeof(uid_t)) {
| ^~~~~~~~
pam_namespace.c:41:1: note: 'SIZE_MAX' is defined in header '<stdint.h>'; did you forget to '#include <stdint.h>'?
40 | #include "argv_parse.h"
+++ |+#include <stdint.h>
41 |
Fixes:
- http://autobuild.buildroot.org/results/f07360f33010a2cf19aace266faae14a834bd9a4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
uImage is almost deprecated so let's switch to zImage. Let's also bump
Linux version to 6.1.44, U-Boot to 2023.07 and remove
BR2_TARGET_UBOOT_NEEDS_PYTHON3 since it's selected by
BR2_TARGET_UBOOT_NEEDS_PYLIBFDT.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Note that we do not document the special flit-bootstrap value, as it
is considered an internal implementation detail, and shouldn't
normally be used by packages.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Python 3.12.1 has removed distutils support. As such, we remove the distutils
option from pkg-python.mk as well.
Tested on Fedora 39, and Debian 11. All 68 package tests pass.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
All Python packages have been migrated to a different setup type, and
we're about to bump to Python 3.12 which no longer supports distutils,
so let's drop support for distutils in our python-package
infrastructure.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Thomas: also update the Buildroot manual]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current package has not recieved an update since Sat Oct 9 2021
33ece2446e and is not python 3.12 compatible.
Furthermore, the current version requires at least 42 new packages worth of
depedencies of which several require patches to be python 3.12 compatible.
As nobody has stepped up to maintain the package and its ever-growing list of
dependencies, along with the other problems, it is time to drop the package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The python-pygame package has not recieved any update since
Sun May 1 22:15:17 2016 (commit: a9ec96e545)
Also, this package no longer builds properly against python 3.12.0. Receiving
the following error when building:
```
src/surface.c:2812:14: error: invalid type argument of unary ‘*’ (have
‘int’)
2812 | ch = *PyUnicode_AS_UNICODE (obj);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
src/surface.c: In function ‘PySurface_Blit’:
```
If someone wants to re-introduce this package at a later date they are more
than welcome to do so!
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libressl dropped engine support since version 3.8.1 resulting in the
following build failure since bump of libressl to version 3.8.2 in
commit 21eca49ed5:
eng_front.c: In function 'IMPLEMENT_DYNAMIC_CHECK_FN':
eng_front.c:262:1: error: expected declaration specifiers before 'IMPLEMENT_DYNAMIC_BIND_FN'
262 | IMPLEMENT_DYNAMIC_BIND_FN(bind_fn)
| ^~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/389ed112f082a4917f777f3e236211059c4c6d6e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fixes:
- CVE-2023-52425: Fix quadratic runtime issues with big tokens that can
cause denial of service, in partial where dealing with compressed XML
input. Applications that parsed a document in one go -- a single call
to functions XML_Parse or XML_ParseBuffer -- were not affected. The
smaller the chunks/buffers you use for parsing previously, the bigger
the problem prior to the fix.
- CVE-2023-52426: Fix billion laughs attacks for users compiling
*without* XML_DTD defined (which is not common). Users with XML_DTD
defined have been protected since Expat >=2.4.0 (and that was
CVE-2013-0340 back then).
https://blog.hartwork.org/posts/expat-2-6-0-released/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The custom kernel used for the Rock5B features an FIQ debug
interface which is enabled by default. As it is not needed, it is
disabled. The documentation features instructions on how to
re-enable it, if it is needed.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Search the external trees for package files and add them to the list.
The list of directories walked and excluded are the same as for the main
tree, and should work out of the box if the user sticks to the directory
structure suggested in the manual.
Two additional properties were added to the Package class, the tree name and
the path. For consistency and to simplify the code, packages in the main tree
are marked as coming from "BR2".
The HTML output has a new column listing the external name (or "BR2") and the
json output has a new property "tree".
Signed-off-by: Juan Carrano <juan.carrano@ebee.berlin>
[Arnout:
- fix flake8 error "'itertools' imported but unused";
- use str.split instead of str.partition;
- use BR2_EXTERNAL_BUILDROOT_PATH instead of BR2_EXTERNAL_BR2_PATH;
- remove pkgdir variable, instead use self.pkgdir.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[yann.morin.1998@free.fr: make it explicit it is not the official way]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds a new package for building newlib for a bare-metal toolchain.
The cpu architecture is defined by a toolchain-bare-metal virtual package.
While any cpu architecture could be used, the default configuration will be a
Xilinx microblaze little endian architecture, so that buildroot will be able
to build the microblaze firmware applications for zynqmp and versal.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Ibai Erkiaga <ibai.erkiaga-elorza@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds a new package for building gcc for a bare-metal toolchain.
The cpu architecture is defined by a toolchain-bare-metal virtual package.
While any cpu architecture could be used, the default configuration will be a
Xilinx microblaze little endian architecture, so that buildroot will be able
to build the microblaze firmware applications for zynqmp and versal.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Ibai Erkiaga <ibai.erkiaga-elorza@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds a new package for building binutils for a bare-metal toolchain.
The cpu architecture is defined by a toolchain-bare-metal virtual package.
While any cpu architecture could be used, the default configuration will be a
Xilinx microblaze little endian architecture, so that buildroot will be able
to build the microblaze firmware applications for zynqmp and versal.
In order to build the zynqmp pmufw and versal plm applications without error,
binutils version 2.41 or higher is required.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Ibai Erkiaga <ibai.erkiaga-elorza@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds a new virtual package for adding a bare-metal
toolchain to Buildroot. For now, it depends on nothing, so it will not
actually build anything, but it defines some options that will be
needed by the various packages that will be part of this toolchain
build process.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Ibai Erkiaga <ibai.erkiaga-elorza@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The assumption is that updates to the stable branch should not break anything,
so we use the latest LTS rather than a specific version.
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The assumption is that updates to the stable branch should not break anything,
so we use the latest LTS rather than a specific version.
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patch 0001-feat-build-add-support-for-new-binutils-versions.patch as
found in v2.8 patch dir has already been applied in lts-v2.8.13
Patch 0002-build-tools-avoid-unnecessary-link.patch from v2.8 has
been included as 0001-build-tools-avoid-unnecessary-link.patch for
lts-v2.8.13
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, arm-trusted-firmware checks the hash only if
BR2_TARGET_ARM_TRUSTED_FIRMWARE_LATEST_VERSION=y. As we're about to
introduce other version options for which the hash checking is needed,
let's reverse the logic, and instead ignore hash checking if we're
using a custom version or custom git or custom tarball.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The #buildroot IRC channel recently changed from only allowing
registered users to join to allowing anyone to join but only allowing
registered users to talk in the channel. This still avoids the spam
problem on IRC while allowing an exception for users bridged from
matrix.org. These already have a username registered on the matrix side
and thus similar properties as a registered IRC user/nick.
The commands to set these options were:
* Set +q on all unregistered nicks: ~/mode #buildroot +q $~a~ this lets
people join but they can't talk
* Set exempt on matrix hosts: ~/mode #buildroot +e $x:matrix.org~
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
[yann.morin.1998@free.fr: the default is an interactive shell]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
check-package does a lot more by now than checking .mk and
Config.in files. Add this to the description.
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate from setuptools to hatchling pep517 build backend.
Drop no longer required python-setuptools runtime dependency.
Drop no longer required python-six runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
pkg-cargo currently sets the --release flag unless BR2_ENABLE_DEBUG is
set. However, this does not accurately reflect the configured build
settings. In addition, it only works for packages that use the cargo
infrastructure directory and not with packages using the cargo
environment indirectly, such as pyo3 based python packages. To support
these, we really want to pass the necessary flags in PKG_CARGO_ENV.
In order to accurately reflect the configured build settings
(optimization and debug levels), we set the appropriate environment
variables according to the global settings.
There is no way to specify the profile to use through an environment
variable, it has to be set through a cargo flag like --release. Since we
can't easily control the profile flags used by non-cargo package
infrastructures, we instead set the env variables for both root profiles
(dev/release). For the aspects that are not affected by the global
settings (incremental, codegen-units, split-debuginfo), we set them
equal to the default for release - which in our context is the
appropriate choice even when BR2_ENABLE_DEBUG is set.
For reference the default cargo root profile settings are:
https://doc.rust-lang.org/cargo/reference/profiles.html#default-profiles
Cc: Moritz Bitsch <moritz@h6t.eu>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Moritz Bitsch <moritz@h6t.eu>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Reviewed-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
glm did not install headers since [1], at least in a per-package
build. Bumping to 1.0.0 fixes that.
The cmake option to avoid building the lib has changed
Partially fixes [2], where cegui failed to configure because of
the missing glm headers.
It also fixes kodi-screensaver and kodi-visualisation (no autobuidl
failures so far):
CMake Error at [...]/output/per-package/kodi-screensaver-asteroids/host/share/cmake-3.28/Modules/FindPackageHandleStandardArgs.cmake:230 (message):
Could NOT find glm (missing: GLM_INCLUDE_DIR)
[1] 01ad113 package/glm: bump to version 0.9.9.8
[2] http://autobuild.buildroot.org/results/241/241a60f8ecb6fec5dc122d64dd438dd4249f8c3e/
Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
[yann.morin.1998@free.fr: add kodi failures from Bernd]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Patch 0001-build-tools-avoid-unnecessary-link.patch that was applied to
v2.9 is already in v2.10, so no new patch dir for v2.10 is added
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- v2.6 changes to FIP instead of SSBL boot.
- This requires switching to u-boot.bin in U-Boot, and using that
instead of .stm32 in ATF.
- fiptool expects dtb to be split off from u-boot.bin, so need custom
u-boot-nodtb.bin in addition to u-boot.dtb.
Caveat: this is perhaps not really obligatory, but the ATF
documentation explains it like that.
- The partition must be named fip (while it must be named ssbl for
SSBL boot).
- Since the partition name is set in the common template, all
defconfigs using that template must be bumped in a single commit
- ATF now produces both fip.bin and <boardname>.stm32, so fip.bin has
been added to the configs
- While we're at it, add the structuring comments to
avenger96_defconfig similar like the other defconfigs
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The regex was a bit too strict in which characters it allowed. Thus,
if e.g. a file name appears in the
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES string, it no
longer matches, and we end up with an empty ATF_VARIABLES. This makes
the subsequent grep fail, and the post-image.sh script fails without
any error message (thanks to the -e option).
Simplify the regex to match everything except the closing quotation
mark. Note that Kconfig doesn't allow quotation marks at all inside a
string (even escaped ones), so this regular expression is always OK.
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The buildroot manual says this kind of commit should be done together
with the actual changes made to a config/board. But since a number of
changes will follow for some boards and configs, it seemed more
logical to make a separate commit for this.
Signed-off-by: Marleen Vos <marleen.vos@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a runtime test for fastapi. Use uvicorn as the asgi server
application as does the fastapi hello world example [1].
Fastapi depends on PydanticV2 now which is written in rust so we need to
run the test on armv7.
[1] https://fastapi.tiangolo.com/tutorial/first-steps/
Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
[Arnout:
- fix flake8 errors
support/testing/tests/package/sample_python_fastapi.py:5:1: E302 expected 2 blank lines, found 1
support/testing/tests/package/sample_python_fastapi.py:8:1: W391 blank line at end of file
- Remove BR2_CCACHE (as requested by Marcus).
- Add a comment explaining that this also tests uvicorn and pydantic.
- Re-try wget in a loop instead of a fixed timeout of 30 seconds.
- Add a DEVELOPERS entry.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Uvicorn has a hard requirement on the python ssl module. Without it even
running uvicorn --help fails.
Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop no longer required dependency on python-anyio. Note that
python-starlette still depends on anyio, but there's no direct
dependency from fastapi any more.
Signed-off-by: Marcus Hoffmann <buildroot@bubu1.eu>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The section of the manual describing the makedev syntax is not
up-to-date with the current features, and does not properly describe
existing ones.
- extend the list of types with the requirements on the existence of
the target file or directory; for 'c', 'b', and 'p', the existence
requirement is inherited from mknod(2):
ERRORS
...
ENOENT A directory component in pathname does not exist or is a
dangling symbolic link.
for the other types, the existence requirements are extracted from
the source of makedev.c;
- format the types flags, so they are rendered in monospace;
- extend the 'mode' description, as it can be set to -1 for 'f', 'd',
or 'r', so that only the uid and gid are set. This is most useful
for 'r', where setting the same mode recursively for all the
sub-directories and files alike does not really make sense; indeed
in this case, the modes are usually set correctly when the package
(or rootfs overlay) installs the files, and only the uid and gid are
interesting to set;
- extend and update the examples to show-case the -1 mode use-case.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump qemu_arm_ebbr_defconfig and qemu_aarch64_ebbr_defconfig in sync:
- Bump Linux to v6.6.11
- Bump U-Boot to 2024.01
- Bump TF-A to v2.10
While at it, adapt Qemu command line arguments to avoid a warning when
disabling ACPI.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The yjit feature requires rust toolchain support, since we don't
currently handle setting up the rust toolchain for ruby lets disable
this feature for now.
This broke when ruby was bumped to version 3.3.0 in buildroot commit
a01c278df7.
Fixes:
linking static-library libruby-static.a
LLVM ERROR: Invalid encoding
make[2]: *** [Makefile:318: libruby-static.a] Aborted
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
cpe:2.3:a:green_end:sftpserver has been deprecated in favor of
cpe:2.3:a:greenend:sftpserver in December 2022:
<cpe-item name="cpe:/a:green_end:sftpserver:0.2.2" deprecated="true" deprecation_date="2022-12-30T17:53:22.797Z">
<reference href="https://github.com/ewxrjk/sftpserver/releases">Version</reference>
<reference href="http://www.greenend.org.uk/rjk/sftpserver/">Product</reference>
<cpe-23:cpe23-item name="cpe:2.3:a:green_end:sftpserver:0.2.2:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3:a:greenend:sftpserver:0.2.2:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Under some conditions (mostly slow execution due to test host load),
the netcat runtime test can randomly fail. This is due to several
facts:
- the sleep time between the server and client is too short,
- the use of netcat option -c could close the connection before the
server could receive all the data.
This commit improves the test robustness by increasing the sleep time,
and by reducing the amount of transferred data (from 1MB of random data,
to a simpler string of few bytes). Also, to make sure netcat cannot wait
on DNS resolution, this commit also adds the -n option.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6093854664
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
For details, see https://github.com/troglobit/watchdogd/releases/tag/4.0
- Major feature upgrade, command line and .conf files compatible
- LICENSE hash update due to update in copyright years
- Enabling system monitor plugins have changed syntax upstream. The
`--with-foo=SECONDS` is now just `--with-foo`
This last upstream change require converting affected Config.in options
from int -> bool. Legacy _WRAP:ers have been added to Config.legacy.in,
modeled on BR2_TARGET_ROOTFS_EXT2_BLOCKS.
Forcibly disable new monitors; they'll be enabled in a followup commit.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
[yann.morin.1998@free.fr:
- forcibly disable new monitors
- minor tweaks in Config.in.legacy
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 4b6202f721 set
LIBCURL_CPE_ID_PRODUCT to libcurl but this is not needed as
LIBCURL_CPE_ID_PRODUCT will be set to the package name
(i.e. libcurl) by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Antoine Coutant <antoine.coutant@smile.fr>
Commit 35af2bb801 set
CONTAINERD_CPE_ID_PRODUCT to containerd but this is not needed as
CONTAINERD_CPE_ID_PRODUCT will be set to the package name
(i.e. containerd) by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Antoine Coutant <antoine.coutant@smile.fr>
While the list of licenses is present in the show-info output, the list
of license files and the redistributable status were missing. Add them.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable lua bindings to avoid the following build failure if host-lua
and lua are built before brltty raised since bump to version 6.5 in
commit 82c6e87d5e and
https://github.com/brltty/brltty/commit/42bf48ca010d9163652cb0a014662fa243132736:
configure: lua package: lua
configure: lua includes:
configure: lua libs: -L/home/autobuild/autobuild/instance-0/output-1/host/bin/../sparc64-buildroot-linux-gnu/sysroot/usr/lib -llua -lm -ldl
checking for lua5.4... no
checking for lua... /home/autobuild/autobuild/instance-0/output-1/host/bin/lua
configure: Lua shell: /home/autobuild/autobuild/instance-0/output-1/host/bin/lua
configure: Lua library directory: /home/autobuild/autobuild/instance-0/output-1/host/lib/lua/5.3
[...]
/usr/bin/install -c -d /home/autobuild/autobuild/instance-0/output-1/target/home/autobuild/autobuild/instance-0/output-1/host/lib/lua/5.3
/usr/bin/install -c -s --strip-program /bin/true brlapi.so /home/autobuild/autobuild/instance-0/output-1/target/home/autobuild/autobuild/instance-0/output-1/host/lib/lua/5.3
make[3]: Leaving directory '/home/autobuild/autobuild/instance-0/output-1/build/brltty-6.6/Bindings/Lua'
[...]
brltty: installs files in /home/autobuild/autobuild/instance-0/output-1/target//home/autobuild/autobuild/instance-0/output-1
While at it, disable emacs bindings which have also been added in
version 6.5 with
https://github.com/brltty/brltty/commit/64a487e29941df54796645229a872ecbe2a06bfe
Fixes:
- http://autobuild.buildroot.org/results/f424e6727bbe61ea4b7703e93aae6fcab7506898
- http://autobuild.buildroot.org/results/bf4a161fc66fb99a24f08bea3436b13738f2e383
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/wlroots/0001-Add-feature-macros-to-more-C-files-.patch has been
rejected upstream, and the initial pull request was moved to the
freedesktop gitlab. Update the patch to reflect these changes.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Without the vulkan-loader package present, the configure step fails with the
following error message:
```
Run-time dependency vulkan found: NO (tried pkgconfig and system)
Message: Install "vulkan" or pass "-Dvulkan=disabled" to disable it.
```
The above error is due to the lack of the vulkan.pc file provided by the
vulkan-loader package. A search of autobuild failures containing
BR2_PACKAGE_WLROOTS=y and BR2_PACKAGE_MESA3D_VULKAN_DRIVER=y shows two build
failures. However, the failure reasons happened before wlroots could compile.
One for gerbera-1.10.0 and another for host-rust-1.64.0.
Add a dependency on the vulkan-loader package to resolve the above issue.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enable the flutter-pi vulkan option if a suitable driver is enabled.
Currently, only Mesa provides Vulkan drivers. As such, gating the
feature behind the BR2_PACKAGE_MESA3D_VULKAN_DRIVER option is
reasonable at the moment and is done by three other packages already:
flutter-engine, ivi-home screen, and wlroots.
Furthermore, a dependency on BR2_PACKAGE_VULKAN_LOADER is needed as the
vulkan-loader package provides the vulkan.pc file, which the configure step
relies upon.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following grpc build failure raised since bump of libabseil-cpp
to version 20230802.1 in commit
aea790392a:
configure:25127: checking grpc++/grpc++.h usability
configure:25127: /home/buildroot/autobuild/instance-0/output-1/host/bin/sparc64-linux-g++ -c -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O1 -g0 -D_FORTIFY_SOURCE=2 -std=c++11 -DNOMINMAX -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.cpp >&5
In file included from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/absl/base/config.h:86,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/absl/base/const_init.h:25,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/absl/synchronization/mutex.h:67,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/grpcpp/impl/codegen/sync.h:32,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/grpcpp/completion_queue.h:41,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/grpcpp/channel.h:25,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/grpcpp/grpcpp.h:52,
from /home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/grpc++/grpc++.h:26,
from conftest.cpp:167:
/home/buildroot/autobuild/instance-0/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/absl/base/policy_checks.h:79:2: error: #error "C++ versions less than C++14 are not supported."
79 | #error "C++ versions less than C++14 are not supported."
| ^~~~~
[...]
grpc . . . . . . . . no (libgrpc++ not found) (dependency error)
[...]
configure: error: "Some plugins are missing dependencies - see the summary above for details"
Fixes:
- http://autobuild.buildroot.org/results/e2cf909ab3c356f1881fd18cfa039e87faa10d7d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- drops support for proto2
- fixes compatibility with protobuf >= 22.0 (which we did not yet bump)
- to be compatible with new protobuf versions c++17 is now required
when building with protoc (which we only do for the host package) [0]
hence require host gcc >= 7 for c++17 support, propagate to
depending packages
- the license file has changed with a change of the copyright years,
nothing else
[0] https://github.com/protobuf-c/protobuf-c/pull/673
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Before commit ca63464e37 (package/python-numpy: bump to version
1.25.0), numpy was using python distuils. Then, the default for BLAS and
LAPACK detection was to disable support if they were not found, even
when OPENBLAS is installed on the host system.
Commit ca63464e37 switched python-numpy to use the meson-package
infrastructure, where the default has changed, and now fails when the
host system does have OPENBLAS installed:
buildroot$ make
>>> host-python-numpy 1.25.0 Configuring
[...]
Run-time dependency openblas found: NO (tried pkgconfig and cmake)
WARNING: CMake Toolchain: Failed to determine CMake compilers state
Run-time dependency openblas found: YES 0.3.21
Dependency openblas found: YES 0.3.21 (cached)
Program _build_utils/process_src_template.py found: YES (/path/to/buildroot/output/host/bin/python3 /path/to/buildroot/output/build/host-python-numpy-1.25.0/numpy/_build_utils/process_src_template.py)
Program _build_utils/tempita.py found: YES (/path/to/buildroot/output/build/host-python-numpy-1.25.0/numpy/_build_utils/tempita.py)
output/build/host-python-numpy-1.25.0/numpy/meson.build:201:44: ERROR: Could not get cmake variable and no default provided for <CMakeDependency OpenBLAS: True None>
[...]
Two obvious ways to correct this:
- Add some kind of host-lapack / host-openblas dependency to
host-python-numpy, or
- Tell host-python-numpy not to look for (or rely on) external code.
Because the host numpy environment shouldn't be doing any numerical
heavy lifting, we opt for the latter here.
Signed-off-by: Graeme Smecher <gsmecher@threespeedlogic.com>
[yann.morin.1998@free.fr:
- explain why the issue was not found before
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use pkg-config to find libnet and avoid the following build failure
raised since commit 100ba8351c if
libnet-config is found on the host:
/home/autobuild/autobuild/instance-4/output-1/host/bin/mips64el-buildroot-linux-gnu-gcc -s -o ngrep ngrep.o tcpkill.o -lpcap -lnet -lpcre -L/usr/lib -lnet
mips64el-buildroot-linux-gnu-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
While at it, format Upstream tag of other patches
Fixes:
- http://autobuild.buildroot.org/results/05c916162b9c1027cf53f1699a1f5653151098ed
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop no longer used python-aenum runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: drop python-setuptools as pointed out by Marcus Hoffmann]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 78e8f383 "configs/imx8mmpico: bump bsp components to version
tn-kirkstone_5.15.71-2.2.0" bumped components, but forgot to add
BR2_TARGET_UBOOT_NEEDS_OPENSSL=y.
This commit adds it to the defconfig to fix the build.
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/5858180248
In file included from tools/imagetool.h:24,
from tools/aisimage.c:7:
include/image.h:1166:12: fatal error: openssl/evp.h: No such file or directory
1166 | # include <openssl/evp.h>
| ^~~~~~~~~~~~~~~
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 7e0e6e3b86 (toolchain/toolchain-external/toolchain-external-bootlin:
update to 2023.11-1) the TestGrubX8664EFI fails with this error:
# efivar -l
traps: efivar[86] trap invalid opcode ip:7fc187f4c7f4 sp:7fff9bbaa930 error:0 in libefivar.so.1.38[7fc187f4c000+16000]
Illegal instruction
This error can be reproduced by installing other packages like "file".
The 2023.11-1 Bootlin toolchains are built for a corei7 CPU [0], which
is in fact a Nehalem CPU; we switched to the new names in commit
653fa001f3 (arch/Config.in.x86: add "newer" names for several Intel
x86 CPU variants). This means that the Bootlin toolchains may use
Nehalem-specific instructions.
The TestGrubX8664EFI test is also setup for BR2_x86_corei7, so our
executables will also contain Nehalem instructions.
However, the default Qemu x86_64 is not guaranteed to emulate all the
instructions specific to Nehalem, causing runtime issues as reported
above.
A similar issue has been fixed in toolchain-builder by adding Nehalem
cpu emulation on the qemu command line [0].
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6093853712
[0] https://gitlab.com/buildroot.org/toolchains-builder/-/commit/f2b253732b4d1fc5b87badba7c2d48f12a197f76
Signed-off-by: Romain Naour <romain.naour@smile.fr>
[yann.morin.1998@free.fr:
- reword the commit log to explain corei7 -> Nehalem equivalence
- note that the toolchain-builder *and* our test target corei7, thus
Nehalem
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A new kvm-unit-tests version has recently been tagged, so we can use this
version now for buildroot. It ships now with a full version of the GPL v2
license in the LICENSE file, thus we add a hash for that file, too.
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libtracefs needs threads resulting in the following build failure since
its addition in commit b1dbd3f679:
In file included from /home/autobuild/autobuild/instance-2/output-1/host/xtensa-buildroot-linux-uclibc/sysroot/usr/include/stdio.h:27,
from ../src/tracefs-instance.c:10:
/home/autobuild/autobuild/instance-2/output-1/host/xtensa-buildroot-linux-uclibc/sysroot/usr/include/features.h:218:5: warning: #warning requested reentrant code, but thread support was disabled [-Wcpp]
218 | # warning requested reentrant code, but thread support was disabled
| ^~~~~~~
../src/tracefs-instance.c:20:10: fatal error: pthread.h: No such file or directory
20 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/e0a8dd0781a1d1824a4cb78f47dcff4055083959
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also adjust the include path for the device tree. Since Linux 6.5-rc1
(724ba67515 "ARM: dts: Move .dts files to vendor sub-directories"),
sama5d31.dtsi lives in the microchip subdirectory.
Signed-off-by: Edgar Bonet <bonet@grenoble.cnrs.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
[yann.morin.1998@free.fr: add the comment to explain failure is success]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Calling `setup.py` build builds and installs an empty package
after upstream changed their packaging. Calling setuptools via
`python -m build` builds the package correctly.
Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The http://pagesperso-orange.fr service being down,
http://pagesperso-orange.fr/sebastien.godard/ is no longer
accessible (or more precisely serves some HTML junk), meaning that we
currently cannot download the tarball of sysstat from the official
upstream location, and we always fallback to sources.buildroot.net.
This commit therefore updates to use the new upstream location on
github.io. The 12.6.1 release is available there, with the same hash,
so we can just point to the new upstream location.
Fixes:
ERROR: while checking hashes from package/sysstat//sysstat.hash
ERROR: sysstat-12.6.1.tar.xz has wrong sha1 hash:
ERROR: expected: a730982e0c2d4964a0022c1509f3ea0a345402bc
ERROR: got : d64a079729f2ff5b304294d68fbc041a46c4966d
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop no longer required python-msgfy runtime dependency.
Drop no longer required python-six runtime dependency.
Add new python-tcolorpy runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The license file 'README' has changed due to the following diff:
- $p3->parse($foo, ProtocolEncoding => 'ISO-8859-1');
- close($foo);
+ $p3->parse($fh, ProtocolEncoding => 'ISO-8859-1');
+ close($fh);
This does not affect the licensing terms.
A 'LICENSE' file was added in 2.47, but it contains the terms of the
wrong license (Artistic 2.0), while this package is under Artistic or
GPL-1.0+. This has been reported upstream at
https://github.com/cpan-authors/XML-Parser/pull/99.
Signed-off-by: Kevin Cui <bh@bugs.cc>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop no longer required python-setuptools runtime dependency.
Drop no longer required python-six runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 8f403f0 "package/micropython-lib: merge with, and install
as part of micropython" brought micropython library within the
package.
This commit improves the micropython runtime test by enabling the
micropython-lib and by also adding a runtime test using one of its
module. We choose to use the gzip module, and check whther decodign q
simple gziped file works; the micropython-lib gzip can only decompress,
so we need to prepare it from the shell.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
fit_check_sign is a tool for verifying fit image signatures, which gets
built if host-uboot-tools is built with fit signature support.
Install it if so.
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
[Peter: reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The webrtc-audio-processing package was bumped from version 0.3.1 to
version 1.3 in commit ef0fa986eb which
broke compatibility with the gst1-plugins-bad webrtcdsp plugin.
To fix this backport a commit from upstream adding support for
webrtc-audio-processing version 1.3 to gst1-plugins-bad.
Fixes:
output/build/gst1-plugins-bad-1.22.9/ext/webrtcdsp/meson.build:7:13: ERROR: Dependency "webrtc-audio-processing" not found, tried pkgconfig and cmake
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop no longer required python-six runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Bump version of Linux to 6.6.14 and U-Boot to 2024.01
and also use upstream configs and dts.
Signed-off-by: Ludwig Kormann <ludwig.kormann@ict42.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release changelog:
- Use default values for IQ calibration correction when the eFuse
register has zero values.
- Fix for "WILC1000 Firmware initialization issue" by updating
the PMU clock switching sequence during firmware initialization.
Signed-off-by: Kris Bahnsen <kris@embeddedTS.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* Rework strerror_l() patch by declaring it only in utils.h as a macro
* select BR2_PACKAGE_UTIL_LINUX_LIBUUID since it's now mandatory
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Arnout:
- Preserve author of patch 0001.
- Update .checkpackageignore.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Setting HAPROXY_CFLAGS on the haproxy build command line overrides CFLAGS
which were internally set by the haproxy Makefile.
Among those omitted CFLAGS is -fwrapv. Compiling haproxy without it and
and then running the program results in runtime error:
$ haproxy
FATAL ERROR: invalid code detected -- cannot go further, please recompile!
...
To address this issue, include HAPROXY_CFLAGS in the DEFINE variable instead
of CFLAGS in haproxy.mk.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 363b4ebf1a set DBUS_CPE_ID_PRODUCT
to dbus but this is not needed as DBUS_CPE_ID_PRODUCT will be set to the
package name (i.e. dbus) by default
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
cpe:2.3:a:flex_project:flex has been deprecated in favor of
cpe:2.3:a:westes:flex in October 2023:
<cpe-item name="cpe:/a:flex_project:flex:2.6.4" deprecated="true" deprecation_date="2023-10-06T17:12:20.950Z">
<title xml:lang="en-US">Flex Fast Lexical Analyser 2.6.4</title>
<reference href="https://github.com/westes/flex/releases">Version</reference>
<reference href="https://github.com/westes/flex/">Product</reference>
<cpe-23:cpe23-item name="cpe:2.3:a:flex_project:flex:2.6.4:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3:a:westes:flex:2.6.4:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
cpe:2.3:a:netatalk_project:netatalk has been deprecated in favor of
cpe:2.3:a:netatalk:netatalk in September 2023:
<cpe-item name="cpe:/a:netatalk_project:netatalk:3.1.13" deprecated="true" deprecation_date="2023-09-29T11:15:00.340Z">
<reference href="https://sourceforge.net/projects/netatalk/files/netatalk/">Version</reference>
<cpe-23:cpe23-item name="cpe:2.3:a:netatalk_project:netatalk:3.1.13:*:*:*:*:*:*:*">
<cpe-23:deprecated-by name="cpe:2.3:a:netatalk:netatalk:3.1.13:*:*:*:*:*:*:*" type="NAME_CORRECTION"/>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
JSON Web Tokens are an open, industry standard RFC 7519
method for representing claims securely between two parties.
This Library is used by Asterisk 20.6.0 and newer.
We need to use autotools to install pkgconfig file.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Peter: drop _SOURCE, add host-pkgconf, add to DEVELOPERS]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 8519de517e (package/{glibc, localedef}: security bump to version
glibc-2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701) correctly mentioned
CVE-2023-4806 in the commit message, but forgot to add an ignore for it.
Fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[v1.3.1] - 2023-12-02
---------------------
Fixes mvls to work with kernels 6.2 and onwards.
- mdio: Multiple registers can now be dumped at once, via the generic
dump operation.
- mvls: Relax the driver matching to accept the strings used in
kernels 6.2 and newer.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Until now, micropython-lib was a package that installed v1.9.3, which is
more than 6 years old. This was acceptable since micropython never made
any other official release of the library until v1.20.
Meanwhile, the libraries underwent a reorganization, and they are now
available in a directory structure that cannot be copied directly into
the target. This might explain why v1.9.3 is still present in the
current day buildroot (which comes with micropython v1.22).
As part of the changes made by the micropython project, the libraries
are now released together with the interpreter. They are cloned as a
submodule into the lib/micropython-lib directory, and are present in the
release tarball.
This commit introduces an auxiliary script to collect those libraries
and reorder them into a structure that can then be copied into
/usr/lib/micropython. The script utilizes a module from the tools
directory of the micropython repo.
The helper script is kept as simple as possible, and makes use of
existing micropython tools (used to process manifests) to discover the
list of packages available in micropython-lib. The hope is that by
relying on them, any future changes in directory structure will be
covered by the official "manifestfile.py" tool.
It is to be noted that, even though the manifestfile.py script/module is
part of the micropython package, it is actually written for CPython, and
is not expected to even work when using micropython as an interpreter.
This we do not need to introduce host-micropython to use that tool, and
microython already depends on host-python3 for other parts of the build.
With this commit, micropython-lib is installed (optionally) as part
of micropython, and thus a separate package is no longer needed. The
original config variable name was retained as it fits with the
micropython package "namespace", and thus this is backward compatible
and no legacy handling is needed.
This commit also ensures that the libraries in micropython-lib will
be updated together with newer versions of micropython in the future.
Signed-off-by: Abilio Marques <abiliojr@gmail.com>
[yann.morin.1998@free.fr:
- use if-block in Config.in
- simplify PYTHONPATH
- fix check-package
- reword and reorder parts of the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
diff LICENSE:
-This software is Copyright (c) 2000 - 2019 by David Rolsky.
+This software is Copyright (c) 2000 - 2024 by David Rolsky.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Updated WHENCE hash due to various new entries for new blobs.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit c07aafa087 (package/Makefile.in: set GIT_DIR=. in {HOST,
TARGET}_MAKE_ENV) added GIT_DIR=. to TARGET_MAKE_ENV (which is included in
TARGET_CONFIGURE_OPTS) to work around issues with packages getting confused
when building in a subdir of the Buildroot git repo.
This unfortunately also causes git commands to fail when
output/host/environment-setup is sourced:
git status
fatal: not a git repository: '.'
So strip GIT_DIR= from TARGET_CONFIGURE_OPTS when generating
environment-setup.
Reported-by: Mircea Gliga <gliga.mircea@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds support for the rtl8188fufw firmware variant, for 802.11n, as
covered by the mainline rtl8xxxu kernel driver since Linux 6.2.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit 04dfeff624 as it
raises the following build failure because patch has been merged since
version 1.5.104:
Applying 0001-Fix-missing-references.patch using patch:
patching file libuuu/libcomm.h
Reversed (or previously applied) patch detected! Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file libuuu/libcomm.h.rej
patching file uuu/buildincmd.h
Reversed (or previously applied) patch detected! Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file uuu/buildincmd.h.rej
Fixes:
- http://autobuild.buildroot.org/results/bf7b2206261e3385c567ae4359b0379b03161e3a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without gbm raised since commit
534c22dd60:
Message: dmabuf-feedback requires gbm which was not found. If you rather not build this, drop "dmabuf-feedback" from simple-clients option.
Move the option assignment further down, below all the simple-clients
lists; in Makefile, and because we are usign simply expanded variables,
this is not necessary, but it is easier on us humans when we review the
code.
Also add a comment explaining why the initial list is incomplete.
Fixes:
- http://autobuild.buildroot.org/results/ebbba1d73ceeaacee17fde0c6c853415cd316091
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The NuGet packaging description file is installed as:
$(DEST_DIR)/build/native/hiredis.targets
This is a sprurious file that has nothing to do on a Linux system,
whether that be in host/, staging/, or target/.
Backport an upstream patch to get rid of it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Fixes the following security issues:
1) CVE-2023-6816 can be triggered by passing an invalid array index to
DeviceFocusEvent or ProcXIQueryPointer.
2) CVE-2024-0229 can be triggered if a device has both a button and a
key class and zero buttons.
3) CVE-2024-21885 can be triggered if a device with a given ID was
removed and a new device with the same ID added both in the same
operation.
4) CVE-2024-21886 can be triggered by disabling a master device with
disabled slave devices.
5) CVE-2024-0409 can be triggered by enabling SELinux
xserver_object_manager and running a client.
6) CVE-2024-0408 can be triggered by enabling SELinux
xserver_object_manager and creating a GLX PBuffer.
For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2024-January/003444.html
Switch to .tar.gz as the announcement mail only contained hashes for that:
https://lists.x.org/archives/xorg-announce/2024-January/003442.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
1) CVE-2023-6816 can be triggered by passing an invalid array index to
DeviceFocusEvent or ProcXIQueryPointer.
2) CVE-2024-0229 can be triggered if a device has both a button and a
key class and zero buttons.
3) CVE-2024-21885 can be triggered if a device with a given ID was
removed and a new device with the same ID added both in the same
operation.
4) CVE-2024-21886 can be triggered by disabling a master device with
disabled slave devices.
5) CVE-2024-0409 can be triggered by enabling SELinux
xserver_object_manager and running a client.
6) CVE-2024-0408 can be triggered by enabling SELinux
xserver_object_manager and creating a GLX PBuffer.
For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2024-January/003444.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Genimage complains about the config using the deprecated gpt option:
INFO: hdimage(sdcard.img): The option 'gpt' is deprecated. Use
'partition-table-type' instead
So change to partition-table-type for consistency with the other configs.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This changes bumps the version of the genimage package,
which brings in fixes when generating flash images that
reference sparse files, along with other fixes and features.
Signed-off-by: Hudson Ayers <hudson.ayers@getcruise.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The versioning scheme for libwpe uses the middle version number to
indicate stability: an even number for stable releases, odd for
development preview releases. As such, Buildroot should be using
version 1.14.2, which is the most recent of the stable releases.
While at it, add a note in the .mk file about the versioning scheme.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e88823d667 (package/refpolicy: fix build with smartmontools) added
a 0001-policy-modules-services-smartmon.te-make-fstools-opt.patch patch, but
forgot to put it in the version specific sub directory - Breaking builds
using BR2_PACKAGE_REFPOLICY_CUSTOM_GIT as shown by the TestSELinuxCustomGit
test:
>>> refpolicy RELEASE_2_20200818 Extracting
gzip -d -c /builds/buildroot.org/buildroot/test-dl/refpolicy/refpolicy-RELEASE_2_20200818-br1.tar.gz | tar --strip-components=1 -C /builds/buildroot.org/buildroot/test-output/TestSELinuxCustomGit/build/refpolicy-RELEASE_2_20200818 -xf -
>>> refpolicy RELEASE_2_20200818 Patching
Applying 0001-policy-modules-services-smartmon.te-make-fstools-opt.patch using patch:
patching file policy/modules/services/smartmon.te
Hunk #1 FAILED at 143.
1 out of 1 hunk FAILED -- saving rejects to file policy/modules/services/smartmon.te.rej
make[1]: *** [package/pkg-generic.mk:241: /builds/buildroot.org/buildroot/test-output/TestSELinuxCustomGit/build/refpolicy-RELEASE_2_20200818/.stamp_patched] Error 1
https://gitlab.com/buildroot.org/buildroot/-/jobs/5929796183
Fix it by moving the patch to a versioned sub directory.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
see CVE-2024-0553: Fix more timing side-channel inside RSA-PSK key exchange
see CVE-2024-0567: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The help text is currently copy and pasted from the gstreamer video
player plugin help text. Change it to reflect the text from the
CMakeLists.txt file.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 99a50a8c98 (package/flutter-pi: new package) erroneously made
the gstreamer-based audio plugin depend on GLES, although there is no
such requirement defined in the CMakeLists. This error was likely due to
a copy/paste mistake.
Remove the requirement.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since the addition of the package
in commit 6aa1bc3167:
In file included from /home/buildroot/autobuild/run/instance-3/output-1/build/vulkan-loader-1.3.262/loader/extension_manual.h:24,
from /home/buildroot/autobuild/run/instance-3/output-1/build/vulkan-loader-1.3.262/loader/extension_manual.c:23:
/home/buildroot/autobuild/run/instance-3/output-1/host/aarch64-buildroot-linux-gnu/sysroot/usr/include/vulkan/vulkan.h:71:10: fatal error: X11/extensions/Xrandr.h: No such file or directory
71 | #include <X11/extensions/Xrandr.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/55ddfd44393e3bcc2f25bad2f9ecb7e1b142a985
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The variable should be a YES/NO value, FALSE is not a valid value.
E.g. the yesno-to-bool cmd does not translate a FALSE value and therefore returns invalid JSON.
Signed-off-by: Maximilian Senftleben <maximilian.senftleben@frogblue-tec.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The MICROPYTHON_MAKE_ENV variable contained two things;
- the comon target environment variables CC, CFLAGS et al. defined in
TARGET_MAKE_ENV,
- the GIT_DIR workaround
Commit 9024e18665 (package/micropython: drop GIT_DIR=. workaround)
totally dropped the assignment to MICROPYTHON_MAKE_ENV, but did not
replace its expansin with TARGET_MAKE_ENV.
This yields build error like:
LINK build-standard/micropython
arm-linux-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib64/../lib64'
Fix this by expanding TARGET_MAKE_ENV in lieu of MICROPYTHON_MAKE_ENV.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
See release notes (https://github.com/redis/redis/blob/7.2.4/00-RELEASENOTES):
================================================================================
Redis 7.2.4 Released Tue 09 Jan 2024 10:45:52 IST
================================================================================
Upgrade urgency SECURITY: See security fixes below.
Security fixes
==============
* (CVE-2023-41056) In some cases, Redis may incorrectly handle resizing of memory
buffers which can result in incorrect accounting of buffer sizes and lead to
heap overflow and potential remote code execution.
Bug fixes
=========
* Fix crashes of cluster commands clusters with mixed versions of 7.0 and 7.2 (#12805, #12832)
* Fix slot ownership not being properly handled when deleting a slot from a node (#12564)
* Fix atomicity issues with the RedisModuleEvent_Key module API event (#12733)
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit 2a8065e "package/postgresql: bump version to 16.1", the
postgresql service fail to start at runtime with an error:
FATAL: could not load library "/usr/lib/postgresql/dict_snowball.so": /usr/lib/postgresql/dict_snowball.so: undefined symbol: CurrentMemoryContext
This is due to the Posgresql autotool configure script trying to
detect whether the toolchain linker needs --export-dynamic or not.
This test is done with a runtime execution of a test program, and
therefore cannot run in cross-compilation. In that case, the
configure script assumes it is not needed. See commit [1], included
in PostgreSQL v16.0.
This commit fixes the issue by forcing the value in _CONF_ENV, as
suggested in an upstream bug report [2]. The package has already a
Kconfig dependency on !BR2_STATIC_LIBS, so the value can be
unconditionally set.
Note that upstream is not considering cross-compiling as supported, and
are not keen on fixing any cross-compiling issue [3].
[1] https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=9db49fc5bfdc0126be03f4b8986013e59d93b91d
[2] https://www.postgresql.org/message-id/79e63515-0f5e-30f4-136d-96e23b1a817d%40posteo.de
[3] https://www.postgresql.org/message-id/1266022.1701958693%40sss.pgh.pa.us
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Maxim Kochetkov <fido_max@inbox.ru>
[yann.morin.1998@free.fr: add upstream ML thread on the issue]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Flutter-engine is by name an engine, i.e. a runtime for applications, a
super-library of sorts. As such, it makes more sense for applications to
select flutter-engine rather than to depend on it.
Change flutter-pi to select flutter-engine.
It also brings flutter-pi on par with ivi-homescreen, another embedder.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Remove and create the kernel_blob.bin file in the flutter_assets directory:
When Flutter compiles the source code, it creates the kernel_blob.bin file,
a Dart Kernel Bytecode of the application.
If kernel_blob.bin exists inside the flutter_assets directory, then the
application source code can be extracted with nothing more than apktool.
Not only is this a security risk, it's also redundant and a waste of space.
Removing the kernel_blob.bin file generated for flutter-gallery saves 86M!
Because this package is a reference package, and some applications may check
if the kernel_blob.bin file exists, we also touch a blank kernel_blob.bin
file.
Do not use relative symlinks:
Users may install their applications in any arbitaryt location, not
necessarily in the /usr/share/flutter/${package_name} directory. Because
flutter-gallery is a reference application, using exact symlinks to
icudtl.dat and libflutter_engine.so is preferable.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As the flutter-gallery package is a reference package for users wishing to use
Flutter for their UX with Buildroot, this package must have the correct build
options. Indeed, this package currently starts and runs, but only because of
the 0001-remove-GetStorage.patch. Through testing, flutter-gallery fails to
run during the following scenario:
- The xdg-user-dirs package is ported and present.
- flutter-gallery depends on xdg-user-dirs.
- The 0001-remove-GetStorage.patch file is removed.
After extensive testing and comparing the current build arguments against what
the meta-flutter repository for Yocto passes to all of the applications that
inherit flutter-app, it is clear that handling the dart_plugin_registrant.dart
file is missing from the dart arguments in the flutter-gallery build step.
As the documentation for the dart_plugin_registrant.dart file is nonexistent
in any official documentation. However, there is a comment from an issue on
the official dart-lang/sdk page on Github that explains what this file is
(and refers to the Dark SDK source code instead of official documentation.)
From https://github.com/dart-lang/sdk/issues/52506#issuecomment-1562806787:
```
The dart_plugin_registrant.dart is a very special file. It's neither included
in the Dart app nor any dependent packages. Rather it's an artificially
created file by the flutter tools. It contains logic to run plugin
registration logic.
A flutter build will eventually compile the Dart application where it will add
<dir>/.dart_tool/flutter_build/dart_plugin_registrant.dart as an extra source
file (see here). Additionally it will also inject that uri as a constant into
Dart source code via a -Dflutter.dart_plugin_registrant=<uri>.
Once the app runs it will access the
package:flutter/src/dart_plugin_registrant.dart:dartPluginRegistrantLibrary
constant and use it to look up the library object and then invoke the plugin
registration logic.
```
Now that what the dart_plugin_registrant.dart does is understood, we need to
pass the following to the dart binary during the flutter-gallery build step:
-Dflutter.dart_plugin_registrant=file://[...]/dart_plugin_registrant.dart:
Injects a file containing the logic to run the plugin registration logic as
a constant into the flutter-application source code.
--source file://$(@D)/.dart_tool/flutter_build/dart_plugin_registrant.dart:
Adds the dart_plugin_registrant.dart file as a source file to compile.
--source package:flutter/src/dart_plugin_registrant.dart:
Binds the plugin implementation to the platform interface based on the
configuration of the app's pubpec.yaml, and the plugin's pubspec.yaml.
The native_assets.yaml file provides the native-assets mapping for
@Native external functions. The flutter-gallery package has no functions
marked as @Native; however, calling "flutter build bundle" creates a blank
template "native_assets.yaml" file, which is safe to include in the build.
This line, while not necessary for flutter-gallery, may be helpful for other
users who use @Native external functions in their applications, and this
example makes porting other applications quicker and easier.
Finally, there is a known issue when using the dart_plugin_registrant.dart
file outlined here: https://github.com/flutter/flutter/issues/137972.
To summarize: If a user fails to pass the --obfuscate flag to gen_snapshsot
when using the dart_plugin_registrant.dart file, their application may fail
to start. One such application is Gallery, which I have independently verified.
As such, pass the --obfuscate flag to gen_snapshot to ensure that
flutter-gallery properly starts when building with the additional
dart_plugin_registrant.dart arguments above.
However, I acknowledge that the obfuscate flag hides function and class names
in compiled Dart code, and there are some cases when a user should avoid using
the flag. For example, when using the runtimeType API:
https://api.flutter.dev/flutter/dart-core/Object/runtimeType.html. However,
this is not the case with flutter-gallery, and the --obfuscate flag is needed.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: restore FLUTTER_RUNTIME_MODES]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To make the next patch easier to understand, add a configure step to the
flutter-gallery.mk file. The `$(HOST_FLUTTER_SDK_BIN_FLUTTER) build bundle`
command is placed in the configure step because it generates several files
needed for the flutter_gen_snapshot tool to generate the target .so file.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The canonical name for the 'pub' action is 'pub', while 'packages' is
just an alias. Switch to using the canonical name.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: split off to its own commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As Yann mentioned in commit 9d8497e79d, a
dependency on a glibc toolchain implies a dependency on
BR2_TOOLCHAIN_HAS_THREADS_NPTL. As such, remove the dependency from
package/flutter-engine/Config.in.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current depot-tools version is from Jul 13 2023, and there is a bug
where when building with PPD enabled, building a Flutter application on
my laptop running Fedora 39 or even in the Debian 11 container fails due
to permission issues when running rsync such as:
/usr/bin/sed: couldn't open temporary file [...]/output/per-package/flutter-gallery/host/share/flutter/sdk/.vpython-root/0e1e32/lib/python3.8/sed763MrF: Permission denied
make: *** [package/pkg-generic.mk:267: [...]/output/build/flutter-gallery-2.10.2/.stamp_configured] Error 123
After several hours of attempting to find the exact cause of the issue
by parsing git logs of the depot_tools repository and cross-referencing
bugs on https://bugs.chromium.org/p/chromium/issues I am unable to
determine the exact reason why the problem occurs or the exact commit
that fixes the issue.
However, updating depot-tools does indeed fix the issue, and looking at
the source code between 4e87f5bf and 8d14454b shows improvements to
several bash scripts, such as gclient, vpython3, and spid. All of which
could be culprits of this bug. As flutter-engine is the only package
that uses host-depot-tools, it is safe to update.
This permission bug is present on PPD and normal builds, but causes a
build to crash only on PPD because of rsyncing. On non-ppd builds, the
bug only causes some minor annoyance when trying to run `make clean`
because permission denials crop up when trying to remove the
.vpython-root directory.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- copy the cover-letter description as commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The keyboard manager plugin is also missing the flutter/standard_method_codec.h
header.
- Add shell/plugins/keyboard_manager/keyboard_manager.h to the patch.
- Rename the patch to
0001-add-missing-headers-to-the-audio-players-and-keyboar.patch
Upstream pull request updated as well.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When running the command "flutter pub get," the plugins are stored in the
pub-cache directory along with their sha256sum hashes. The default location of
the pub-cache directory is current $(HOST_DIR)/share/flutter/sdk/.pub-cache,
which is not an acceptable choice by default because every plugin is
re-downloaded during every build of a flutter application either during a new
build or when building with the per-package-directory option enabled.
Furthermore, keeping the pub-cache in its current location prevents users from
committing the pub-cache directory to git for faster rebuilds of a
Buildroot-based system, as users cannot store the pub-cache for later use.
To fix the above issue completely, the following two changes must occur:
- Change the hard-coded Flutter pub-cache location to
$(DL_DIR)/br-flutter-pub-cache.
- Remove the `rm -rf $(HOST_FLUTTER_SDK_BIN_SDK)/.pub-cache` and the
associated comment about why the build system removes the .pub-cache
directory. After further research, the help text of the precache command
reads, "Populate the Flutter tool's cache of binary artifacts."
The current reasoning listed in the comments is not accurate for a
the following reasons:
1. We do not want to remove their directory if users already have a pub
cache they have symlinked to.
2. If the flutter-sdk-bin package previously set up the pub-cache, then
the pub-cache directory is set up with the options we want, and there
is no reason to remove the pub-cache directory.
Note that upstream considers it safe to have multiple instances of
readers/writers to the pub cache concurently, which is a situation that
can happen when two flutter-based pacakges are going to be built in
parallel. There have been reports upstream [0] [1] [2] where concurrency
was an issue, and they have always been fixed [3] [4] (or considered
fixed already). So we can assune that, if the conncurrent ccess to the
shared pub-cache causes issues, that will be an upstream bug that will
get solved.
If that turns out to be an unsolvable problem, we'll still have the
option to run the pub-get commands under flock.
[0] https://github.com/dart-lang/pub/issues/1178
[1] https://github.com/dart-lang/pub/issues/3404
[2] https://github.com/dart-lang/pub/issues/3420
[3] https://github.com/dart-lang/pub/issues/1178#issuecomment-1006489414
[4] https://github.com/dart-lang/pub/issues/1178#issuecomment-1007273739
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: add blurb about concurrent access]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The BCM2712 of the RaspberryPi 5 supports for 16KB page size.
This adds support for 16 KB on ARM64.
Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot commit c50e9c21f0 initially
added the package onevpl (meanwhile renamed to libvpl) and forgot to
add all dependencies of BR2_PACKAGE_LIBDRM_INTEL.
Fixes:
http://autobuild.buildroot.org/results/8fa/8fa0f2cd7a027d3d8fae56125621b0b814e132da/
Note: BR2_PACKAGE_LIBDRM_HAS_ATOMIC is always true on x86, but it is
propagated for consistency with the actual dependencies of libdrm-intel.
Notes: this means the current comntition in the .mk is correct in
practice, even if it does not account for the atomic case on x86.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[yann.morin.1998@free.fr: add notes]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As found out by Yann E. Morin in [1], apcupsd configure script is ugly,
and uses gcc to do the link line-wrapping which will raise the following
build failure with gcc 13:
/home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/13.2.0/../../../../powerpc64le-buildroot-linux-gnu/bin/ld: /home/buildroot/autobuild/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/powerpc64le-buildroot-linux-gnu/13.2.0/../../../../powerpc64le-buildroot-linux-gnu/lib/../lib64/libsupc++.a(eh_alloc.o): in function `std::basic_string_view<char, std::char_traits<char> >::compare(unsigned long, unsigned long, char const*, unsigned long) const':
eh_alloc.cc:(.text._ZNKSt17basic_string_viewIcSt11char_traitsIcEE7compareEmmPKcm[_ZNKSt17basic_string_viewIcSt11char_traitsIcEE7compareEmmPKcm]+0x44): undefined reference to `std::__throw_out_of_range_fmt(char const*, ...)'
It will also raise the following build failure on sparc/arc:
/home/autobuild/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/arceb-buildroot-linux-uclibc/sysroot/lib/libsupc++.a(eh_throw.o): in function `__exchange_and_add_dispatch':
/SCRATCH/arcjenkins2/slaves/ru20-custom-arcgnu2/workspace/arcoss_verification/arc_gnu_toolchain_release/arc_gnu_toolchain_release/bd-uclibceb/gcc-stage2/arceb-snps-linux-uclibc/libstdc++-v3/include/ext/atomicity.h:82: undefined reference to `__gnu_cxx::__exchange_and_add(int volatile*, int)'
/home/autobuild/autobuild/instance-3/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: /SCRATCH/arcjenkins2/slaves/ru20-custom-arcgnu2/workspace/arcoss_verification/arc_gnu_toolchain_release/arc_gnu_toolchain_release/bd-uclibceb/gcc-stage2/arceb-snps-linux-uclibc/libstdc++-v3/include/ext/atomicity.h:82: undefined reference to `__gnu_cxx::__exchange_and_add(int volatile*, int)'
Instead of trying to patch the configure script as advocated by
Yann E. Morin, set LD to TARGET_CXX as:
- this solution is quicker
- usptream is dead (last release in 2016)
- this solution has already been used in other packages (nodejs, zmqpp)
[1]: https://patchwork.ozlabs.org/project/buildroot/patch/20200812171821.2517-1-Evgeniy.Didin@synopsys.com/
Fixes:
- http://autobuild.buildroot.org/results/6096c3ddc5edf3204635c2c90246c2e8c8e074e7
- http://autobuild.buildroot.org/results/d8a/d8a3ab31c5b86871c7e1117f4ffa7b6cedfcb7e0/build-end.log
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- updated LICENSE hash because of changed link to fmt's license
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add support of Amlogic bluetooth firmware.
Signed-off-by: Yang Li <yang.li@amlogic.com>
[yann.morin.1998@free.fr:
- add license file and its hash
- move to BT submenu
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Although similar in name, they use different kernel driver (with the
exception of common Bluetooth driver, but the firmware file is quite
large anyway, so it's worth having the possibility to be specific).
Signed-off-by: Jan Čermák <sairon@sairon.cz>
[yann.morin.1998@free.fr:
- add hash for license file
- reorder alphabeticlly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add files for rtw89 driver and extend help text for rtw88 option a bit.
Signed-off-by: Jan Čermák <sairon@sairon.cz>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: drop patch from .checkpackageignore]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All in-tree configs with the uboot bootloader use a custom version,
so this patch is mostly for the menuconfig default uboot version
Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested on a Raspberry PI4 with a SNOM 360 and a SIP Trunk to Easybell.
Attention: chan_sip is deprecated, use chan_pjsip instead.
For chan_pjsip you need to enable openssl otherwise the module will not
load.
Patches 0005 and 0006 are applied upstream.
Remove unused configure options:
--without-curses
--without-isdnnet
--without-misdn
--without-nbs
--without-oss
--without-sqlite
--without-suppserv
--without-termcap
--without-tinfo
--without-vpb
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The condition checking whether the webrtc-audio-processing package is
enabled, added in commit
3ccd3b4c38 ("package/pipewire: bump to
version 0.3.32") is obviously incorrect, and can never be true.
Fix the condition to use the correct variable instead.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Custom Northstar images allow installing (flashing) them using vendor UI
or CFE bootloader.
The change of DTS files paths ("broadcom/" prefix introduction in Linux
6.5+) prevented post script from generating them.
Adjust post-image.sh to deal with new paths.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Even though Northstart platform support is well upstreamed it may always
happen that some kernel change affects/breaks something. It's a good
practice to specify fixed versions for kernel & Linux headers.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.14.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that profile mode is an option for the flutter-engine package, the logic
in package/flutter-sdk-bin/flutter-sdk-bin.mk is no longer sufficient.
The profile/debug/release logic was inspired by:
https://github.com/meta-flutter/meta-flutter/blob/kirkstone/conf/include/
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- make FLUTTER_ENGINE_RUNTIME_MODE_PROFILE win over
BR2_ENABLE_RUNTIME_DEBUG
- don't set variables to empty string
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A number of packages try to detect if they are running in a git repo and run
git describe at build time instead of using the hard coded version number if
it succeed, leading to odd version numbers as they end up picking up the
Buildroot git version if building inside a Buildroot git checkout, E.G.:
rauc --version
rauc 2023.11-562-g9c954953b4+
This is because rauc builds with meson and uses vcs_tag:
https://github.com/rauc/rauc/blob/v1.11/meson.build#L168-L171https://mesonbuild.com/Reference-manual_functions.html#vcs_tag
Another example is micropython, where we already work around it by passing
GIT_DIR=.
In the context of Buildroot the packages are never built in their own git
checkout, so pass GIT_DIR=. to ensure git doesn't walk back up the
directory tree and finds the Buildroot git repo, which fixes the rauc (and
similar) issues.
>>> rauc 1.11 Building
..
ninja: Entering directory `/home/peko/source/buildroot/output-rauc/build/rauc-1.11//build'
[1/29] Generating version.h with a custom command
fatal: not a git repository: '.'
cat output-rauc/build/rauc-1.11/build/version.h
#define PACKAGE_STRING "rauc 1.11"
#define PACKAGE_VERSION "1.11"
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building for i386 raises the following build failure since the additon
of the package in commit 3e4b479f39:
Makefile:23: *** "The architecture i386 isn't supported". Stop.
Setting ARCH=x86 won't work either as it results in the following build
failure:
compel/arch/x86/plugins/std/memcpy.S: Assembler messages:
compel/arch/x86/plugins/std/memcpy.S:20: Error: bad register name `%rdi'
compel/arch/x86/plugins/std/memcpy.S:21: Error: bad register name `%rdx'
compel/arch/x86/plugins/std/memcpy.S:22: Error: `shrq' is only supported in 64-bit mode
compel/arch/x86/plugins/std/memcpy.S:24: Error: `movsq' is only supported in 64-bit mode
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S: Assembler messages:
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S:13: Error: bad register name `%rcx'
compel/arch/x86/plugins/std/syscalls/syscall-common-x86-64.S:19: Error: bad register name `%rax'
Fixes:
- http://autobuild.buildroot.org/results/94cc463762b57efacf743d107a8dda7660a995a3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot only offers two possible runtime modes for Flutter that are
automatically selected based on what the user has selected:
- debug if BR2_ENABLE_RUNTIME_DEBUG is enabled.
- release if BR2_ENABLE_RUNTIME_DEBUG is not enabled.
However, Flutter also offers the profile runtime mode option.
From https://docs.flutter.dev/testing/build-modes:
```
"Use profile mode when you want to analyze performance."
What is profile mode?
Some debugging ability is maintained in profile mode, which is enough to
profile your app's performance. Profile mode is turned off on the emulator
and simulator because their behavior does not represent actual performance.
```
As Flutter projects can be heavy and consume many resources, it is necessary
to allow users developing a Flutter application to profile their application
during development.
This patch introduces a new choice: FLUTTER_ENGINE_RUNTIME_MODE_PROFILE.
If unselected, the global option BR2_ENABLE_RUNTIME_DEBUG continues to
determine whether to build Flutter in release or debug mode. This new option
may confuse some users who wonder where the release and debug options are, so
the help menu section under the FLUTTER_ENGINE_RUNTIME_MODE_PROFILE option
explains that the global BR2_ENABLE_RUNTIME_DEBUG option controls the debug
and release modes.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- move plugin description, from commit log, to help text
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There are 14 commits between the current version of d62e84 and f34d7b.
Some highlights include:
- egl_gbm_render_surface: fix initialization of is_locked:
- src/egl_gbm_render_surface: properly fallback to surface with no modifier
(so we can drop our patch)
- user input: store mt positions separately
- video player: Transition to READY before NULL
- check all malloc returns
In addition, commit 6a28738 introduces the charset_converter, which is a
platform-side implementation of the charset_converter plugin found here:
https://pub.dev/packages/charset_converter
As this is a new plugin, disable it; a follow-up commit will add an
option to enable it.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently the tests TestRust and TestRustBin do check for vendoring by
requiring package ripgrep to be built but only if the download
directory is already empty, otherwise the existing contents of the download
directory will be reused and therefore not be redownloaded.
This new test will only verify that the required packages are downloaded
and vendored correctly without doing a runtime test. It does so by setting a
path to a folder "dl" inside the build directory (output-directory/testname/)
and then setting the environment variable BR2_DL_DIR to this path before the
build starts. BR2_DL_DIR is not set in the config options because it would be
overridden by the user's own environment variable if defined. This code was
essentially copied from the file test_gitforge.py which was added in commit
1ca6ab6ace
We want the package ripgrep to be built since it requires vendoring
directly. Additionally we want the package python-cryptography to be
built because it has rust dependencies and therefore indirectly also requires
vendoring.
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 768f9f80f6 (support/download: generate even more reproducible
tarballs) causes non-reproducibility in tarballs we previousy
generated, especially the archives for two cargo-vendored packages,
ripgrep and sentry-cli.
The cause is that those two pakcages eventually vendor a file that has
the u+x bit set, but is otehrwise go-x. With 768f9f80f6, the files are
now go+x, so the hash for those generated archives has changed.
Besides, that commit was wrong: it did not account for the 'r' bit for
go part, leaving some non-reproducibility still unaccounted for.
So, to generate really reproducible archives, we would need to fix that
read bit as well, and that has the potential to affect all the archives
we generated so far. If we wanted to do so, we'd need a way to version
all generated archives, like we do for git and svn, but now for all the
different CVSes, as well as for all the vendoring post-processes.
For 768f9f80f6, all that was of conern was the working copies of CVSes
(i.e. git, svn, cvs...) that we cache in the Buildroot download dir, not
the temporary files during post-processing. Indeed, in that latter case,
the user has virtually no way to mangle with the mode of the
intermediate extract before repack.
And we do have a big fat warning that users should not attempt to meddle
with the git tree that Buildroot caches.
As 768f9f80f6 however demonstrates, is that it took quite a long time
between the introduction of the git caching, and the time someone
eventually discovered they could meddle in there. This shows that the
issue it not actually critical in most setups.
Also, the tar manual [0] hints at a better solution to handle
reproducibility, which even avoids touching the files on disk which is
even nicer:
‘--mode='go+u,go-w'’
Omit irrelevant information about file permissions.
If we were to actually handle the mode bit for reproducibility, we'd
need to:
- introduce archive versioning for all download backends and
prost-processing
- use the tar officially suggested method
So, revert that change, as it was incomplete, was not really fixing much
issues, and causes actual issues.
This reverts commit 768f9f80f6.
[0] https://www.gnu.org/software/tar/manual/tar.html#Reproducibility
Thanks to Vincent and Arnout for pointing at the tar manual.
Reported-by: Antoine Coutant <antoine.coutant@smile.fr>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Commit 6d163e12a4 (package/udev: move render and sgx to
package/systemd) moved the sgx group creation to the systemd package because
eudev at that time did not reference it. This changed in eudev 3.1.12 with
commit a8ffcd1b985fb4 (rules/50-udev-default.rules: fix issue 160) so move
it back to get rid of a warning from udevd:
udevd[303]: specified group 'sgx' unknown
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream changed their --{en,dis}able-telemetry option, and replaced it
with --{en,dis}able-analytics.
A subsequent look at the rest of the file including the logic around the
change of the name of the above option provides no other elevant changes
that would apply to this package update.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
flutter-gallery was erroneously placed under the "Graphic libraries"
section of the menu "Graphic libraries and applications (graphic/text)"
menu. However, as flutter-gallery is a flutter-based graphical user
interface (GUI) application, it is better suited to be placed under the
"Graphic applications" section.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
flutter-pi was erroneously placed under the "Graphic libraries" section
of the menu "Graphic libraries and applications (graphic/text)" menu.
However, as flutter-pi is an application that runs graphic applicaitons
it is better suited to be placed under the "Graphic applications"
section.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's drop local patch thas has been upstreamed but another one to fix
linking failure due to meson and Makefile unalignment. Also, now libtracefs
samples require pthread, but we don't want samples to be built to save
target size and reduce dependencies counot, so let's disable it by setting
meson samples variable to false in LIBTRACEFS_CONF_OPTS.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: do an actual backport now it's upstreamed]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a choice to allow using the Wayland variant of the r6p2 Mali driver.
When selected, the package is marked as provider for libgbm as
libMali.so includes the symbols and a libgbm.so symlink is installed;
and both BR2_PACKAGE_HAS_{LIBGBM,LIBEGL_WAYLAND} are selected
accordingly.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Much like flutter-pi, this package is a Flutter embedder used to run Flutter
applications. However, unlike Flutter-pi, this package requires a Wayland
compositor to run, which flutter-pi does not support. Furthermore, flutter-pi
lacks several plugins and features that ivi-homescreen supports, such as:
- Dart VM console redirection
- DLT logging
- Accessibility
- Compositor region
- Compositor surface
- Desktop Window
- Go Router
- Isolate
- Keyboard Manager
- Layer Playground
- Mouse Cursor
- PackageInfo
- Platform
- Platform Views
- Restoration
The following plugins and options are hardcoded to off:
- Crash handler: Requires a newer version of sentry-native.
- File selector: Requires the zenity package.
- Firebase-core: Requires the firebase-cpp-sdk package.
- URL Launcher: Requires a runtime-dependency on xdg-open.
- BUILD_TEXTURE_NAVI_RENDER_EGL: Failes to build.
- BUILD_TEXTURE_TEST_EGL: Fails to build.
- ENABLE_AGL_CLIENT: Used for Automitve Grade Linux (AGL).
The ENABLE_XDG_CLIENT=ON option is a requirement to run Flutter apps.
If this option is disabled, ivi-homescreen segfaults when starting an
application.
Finally, there is a need for a patch that fixes the audio-players plugin:
If the audio-players plugin is the only plugin selected, several compilation
errors occure because of undeclared definitions, as the standard_method_codec.h
header file is missing.
Upstream-status: https://github.com/toyota-connected/ivi-homescreen/pull/133
This package has been tested on a x86_64 host with an AMD Ryzen 9 6900HS
with Docker 24.0.5:
- The following distributions:
- Fedora 39: Host system
- Ubuntu 22.04: Docker
- Debian 11: Docker
- The following targets:
- BR2_aarch64
- BR2_arm
- BR2_x86_64
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- propagate BR2_PACKAGE_HOST_FLUTTER_SDK_BIN_ARCH_SUPPORTS to comments
- drop NPTL, implied by glibc
- reorder dependencies in a more logical way
- reorder comments
- drop undefined BR2_PACKAGE_IVI_HOMESCREEN_HAS_CLIENT
- grammar ("for to change")
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure on sparc64 raised since bump to version
0.85 in commit 470f0fb1ec:
error[E0308]: mismatched types
--> /home/autobuild/autobuild/instance-7/output-1/build/nushell-0.85.0/VENDOR/uucore/src/lib/features/fs.rs:121:16
|
111 | pub fn number_of_links(&self) -> u64 {
| --- expected `u64` because of return type
...
121 | return self.0.st_nlink;
| ^^^^^^^^^^^^^^^ expected `u64`, found `u32`
|
help: you can convert a `u32` to a `u64`
|
121 | return self.0.st_nlink.into();
| +++++++
For more information about this error, try `rustc --explain E0308`.
error: could not compile `uucore` (lib) due to previous error
Fixes:
- http://autobuild.buildroot.org/results/f9f0287a8e39c65895014ca513ed25071f020add
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patch (not needed anymore)
- Switch to meson-package
- libabseil-cpp is a mandatory dependency
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While updating ARC GNU toolchain version (see [1]) we unintentionally
got rid of "0001-poison-system-directories.patch" which still makes
sense.
Even though one may think that we do not need these Binutils patches
because we do "poisoning" of system directories in toolchain wrapper,
but these wrappers don't exist for tools originated from Binutils, only
for gcc, g++ etc.
So we need to keep that patch still, sorry.
[1] https://git.buildroot.net/buildroot/commit/?id=045ab73702b8bc09f94ca1f3b8e5bf3acb0b0843
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since the addition of the package
in commit ea45b95c0e:
/home/autobuild/autobuild/instance-12/output-1/build/python-grpcio-1.60.0/setup.py:40: DeprecationWarning: pkg_resources is deprecated as an API. See https://setuptools.pypa.io/en/latest/pkg_resources.html
import pkg_resources
Traceback (most recent call last):
File "/home/autobuild/autobuild/instance-12/output-1/build/python-grpcio-1.60.0/setup.py", line 289, in <module>
if check_linker_need_libatomic():
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/autobuild/autobuild/instance-12/output-1/build/python-grpcio-1.60.0/setup.py", line 223, in check_linker_need_libatomic
cpp_test = subprocess.Popen(
^^^^^^^^^^^^^^^^^
File "/home/autobuild/autobuild/instance-12/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/lib/python3.11/subprocess.py", line 1026, in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
File "/home/autobuild/autobuild/instance-12/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/lib/python3.11/subprocess.py", line 1950, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'no'
Fixes:
- http://autobuild.buildroot.org/results/58ac25b4e426712269c5fc144121c955b714c760
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libopenssl needs perl Math::BigInt for s390x asm to avoid the following
build failure since commit a5cacb6308:
Can't locate bigint.pm in @INC (you may need to install the bigint module) (@INC contains: /home/buildroot/autobuild/instance-0/output-1/build/libopenssl-3.2.0/crypto/poly1305/asm/../.. /home/buildroot/autobuild/instance-0/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /home/buildroot/autobuild/instance-0/output-1/build/libopenssl-3.2.0/crypto/poly1305/asm/../../perlasm/s390x.pm line 16.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance-0/output-1/build/libopenssl-3.2.0/crypto/poly1305/asm/../../perlasm/s390x.pm line 16.
Fixes:
- http://autobuild.buildroot.org/results/986cb07d368c7214ffbc9d60c378e7ac00797f00
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop python-chardet/python-cchardet runtime dependencies.
Drop python-typing-extensions runtime dependencies.
Add new python-brotli runtime dependency.
Add new python-frozenlist runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The qwt package is a Qt5 package, not a Qt6 one, so it can't benefit
from the target-finalize hook that was introduced in e29fcde4ba
(package/qt6base: remove $(TARGET_DIR)/usr/mkspecs in target-finalize).
Indeed, the original patch was hard-coding the mkspecs removal directly
in the target-finalize recipe, and that was made a hook as a last-minute
change when applying, without realising that qwt was qt5-based.
So, reinstate the mkspecs removal as an ad-hoc fixup in the qwt package.
This actually partially reverts commit e29fcde4ba (package/qt6base:
remove $(TARGET_DIR)/usr/mkspecs in target-finalize).
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised because madplay uses mad_f_mul
which is defined in usr/include/mad.h (installed by libmad which has
been fixed by a similar workaround in commit
0aaadd525f, unfortunately the fix works
for compiled code, not mad_f_mul define):
/tmp/cc5SGGoU.s:102: Error: selected processor does not support `smull r8,r9,r2,r4' in Thumb mode
Fixes:
- http://autobuild.buildroot.org/results/0c0955d4f6726b50cad721f4d3437dabde316e70
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Use official tarball
- Update hash of license file (some packages have been added or removed
but the list of licenses is the same)
- Fix CVE-2023-7158: A vulnerability was found in MicroPython up to
1.21.0. It has been classified as critical. Affected is the function
slice_indices of the file objslice.c. The manipulation leads to
heap-based buffer overflow. It is possible to launch the attack
remotely. The exploit has been disclosed to the public and may be
used. Upgrading to version 1.22.0 is able to address this issue. It is
recommended to upgrade the affected component. The identifier of this
vulnerability is VDB-249180.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop patch (already in version) and so also drop autoreconf
- The sudoers plugin has been modified to make it more resilient to
ROWHAMMER attacks on authentication and policy matching. This
addresses CVE-2023-42465.
https://www.sudo.ws/releases/stable/#1.9.15p5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update site to avoid redirections (HSTS, etc.)
Version 5.0.3 - 12/17/2023
A memory leak fix in the prior version wasn't applied correctly, resulting
in an invalid memory access causing a crash. Bug fixed.
Version 5.0.2 - 11/8/2023
Fixed bug that caused crash when a CLIENT_KEY arrived out of order
Fixed option handling on Windows when an argument is missing
https://sourceforge.net/projects/uftp-multicast/files/Changes.txt/download
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since the addition of the package
in commit 1474f1b34b:
../src/event-plugin.c:10:10: fatal error: dlfcn.h: No such file or directory
10 | #include <dlfcn.h>
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/7802d1ad00293147edda39683f6d3f614dd48263
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: only list first-level inherited deps]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This usage of <PKG>_NAME was introduced in commit f9e9c6349a
("package/rng-tools: bump to 6.7"). No other package uses <PKG>_NAME
this way.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We switched to new upstream since commit f9e9c6349a
("package/rng-tools: bump to 6.7"). Update the website URL as well.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Historically, Buildroot has defaulted to -Os as the gcc optimization
flags. However, this default is probably not the most appropriate
anymore, and this commit therefore changes the default to -O2.
Here are some arguments in favor of this change:
- Most Buildroot users use Buildroot for platforms that have a
reasonable amount of storage, and the difference between -Os and -O2
in terms of code size is no longer as significant compared to the
size of storage available on average embedded Linux devices
typically found these days.
- -Os can have a pretty bad performance impact, compared to -O2.
- -Os is much less widely tested than -O2. For example, with recent
versions of gcc, there are parts of Qt5 that segfault when compiled
with -Os and work perfectly fine with -O2. Yes, it's a compiler bug
that should be fixed, but in the mean time, having a default that's
more widely used/tested makes sense.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without neon raised since bump to
version 1.4.0 in commit 2f7f8f3813 and
https://github.com/jgaeddert/liquid-dsp/commit/c821187dd9af2758c8e3c82e95eaf041b8ac81a0:
/home/peko/autobuild/instance-0/output-1/host/bin/arm-none-linux-gnueabi-gcc -std=gnu11 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g0 -D_FORTIFY_SOURCE=2 -ffast-math -mcpu=cortex-a7 -mfloat-abi=hard -mfpu=neon-vfpv4 -Wall -fPIC -Wno-deprecated -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I. -Iinclude -c -o src/audio/src/cvsd.o src/audio/src/cvsd.c
In file included from /home/peko/autobuild/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/features.h:388:0,
from /home/peko/autobuild/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/stdlib.h:24,
from src/libliquid.c:25:
/home/peko/autobuild/instance-0/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/gnu/stubs.h:10:29: fatal error: gnu/stubs-hard.h: No such file or directory
# include <gnu/stubs-hard.h>
^
Indeed, upstream considers that NEON is available on all ARM platforms,
and their configure.ac contains that code snippet:
239 arm|armv7*|armv8*)
240 # assume neon instructions are available
241 # TODO: check for Neon availability
242
243 # ARM architecture : use neon extensions
Fixes:
- http://autobuild.buildroot.org/results/36b3c2220c462e7a20262fd1b9064d9aeb6c9ec4
- http://autobuild.buildroot.org/results/881826b4b6c141e59a0da2d7d1ad55d3709fdb95
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- refactor with LIQUID_DSP_SIMDOVERRIDE
- add comment about --disable-simdoverride
- extend commit log with upstream code snippet
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libaio is only needed for standard install
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: fix check-package]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
trace-cmd's dependencies 'libtracefs' and 'libtraceevent' were split
into dedicated projects, maintained outside of trace-cmd.
This release, on top of bumping the version, adds this new dependencies.
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
[Giulio: bump to version 3.1.7]
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: alphabetical order in dependencies]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The RealTime Linux Analysis tool includes a set of commands that relies
on the osnoise and timerlat tracers from the ftrace kernel subsystem,
allowing to analyze the lantency sources coming from the hardware and
the kernel itself.
This tool was introduced in v5.17 but until v5.19 it relied on libprocps
that has been deprecated soon. So let's make it available for v5.19+.
Rtla relies on libtracefs and libtraceevent, although libtraceevent itself
is already a dependency for libtracefs.
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
[Giulio: fix install on recent Linux versions]
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Andreas: deal with Linux Fixups, musl, SSP]
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[yann.morin.1998@free.fr: reword and extend help text]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Introduce the libtracefs library, that is used to be bundled with the
trace-cmd tool. This library is now used by several tools and libraries
such as trace-cmd and rtla, and is used as an interface to the ftrace
kernel subsystem through tracefs.
To build with meson, this package requires to disable documentation
generation, and since this is not possible add a local patch pending
upstream that adds -Ddoc=false support to libtracefs.
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
[Giulio:
- bump version to 1.7.0 and add hash file
- move to meson build system
]
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Introduce the libtraceevent library, that is used to be bundled with the
trace-cmd tool. This library is now used by several tools and libraries
such as trace-cmd, libtracefs and rtla.
To build with meson, this package requires to disable documentation
generation, and since this is not possible add a local patch pending
upstream that adds -Ddoc=false support to libtraceevent.
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
[Giulio:
- bump version to 1.7.3 and add hash file
- move to meson build system
]
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- bump to 1.8.1, drop patch applied upstream
- add "homepage" to help text
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
--{dis,en}able-avahi is unrecognized since bump to version 2.3.3op2 in
commit 8cf034ab0f (which switched upstream
location from apple to openprinting):
configure: WARNING: unrecognized options: --disable-gtk-doc, --disable-gtk-doc-html, --disable-doc, --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --disable-dependency-tracking, --enable-ipv6, --disable-nls, --disable-systemd, --disable-avahi
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With [1], [2] & [3] we made sure Buildroot packages get built with
proper MMU page size assumed. This was done nicely through insertion of
required flags into the toolchain wrapper so that there's no need to
pass these flags to each and every package separately - toolchain
wrapper used for real building has all set internally and so proper
flags are implicitly used.
But there's yet another corner case which is not handled that way -
these are binaries or rather libraries which are being used as a part of
GCC compilation: libgcc_s.so.1 and libstdc++.so.
And so to make sure both the libraries get built properly we need to
set TARGET_CFLAGS (cures libgcc_s.so) & TARGET_LDFLAGS (cures
libstdc++.so).
In case of ARM by defaut 64 KiB page size seems to be used, as w/o
that patch we see the following for BR2_ARM64_PAGE_SIZE_4K=y:
--------------------------->8----------------------------
$ ./output/host/bin/aarch64-linux-readelf -l ./output/target/lib/libgcc_s.so.1
Elf file type is DYN (Shared object file)
Entry point 0x0
There are 6 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000013d1c 0x0000000000013d1c R E 0x10000
LOAD 0x000000000001fd98 0x000000000002fd98 0x000000000002fd98
0x0000000000000438 0x00000000000005c8 RW 0x10000
DYNAMIC 0x000000000001fdb8 0x000000000002fdb8 0x000000000002fdb8
0x0000000000000200 0x0000000000000200 RW 0x8
$ ./output/host/bin/aarch64-linux-readelf -l ./output/target/usr/lib/libstdc++.so.6.0.32
Elf file type is DYN (Shared object file)
Entry point 0x0
There are 7 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x00000000001d3462 0x00000000001d3462 R E 0x10000
LOAD 0x00000000001d5760 0x00000000001e5760 0x00000000001e5760
0x000000000000e528 0x0000000000012de8 RW 0x10000
DYNAMIC 0x00000000001deef0 0x00000000001eeef0 0x00000000001eeef0
0x0000000000000240 0x0000000000000240 RW 0x8
--------------------------->8----------------------------
Note alignment of 0x10000 in sections marked for loading.
And with the patch applied we get expected alignment of 0x1000 (4
KiB):
--------------------------->8----------------------------
$ ./output/host/bin/aarch64-linux-readelf -l ./output/target/lib/libgcc_s.so.1
Elf file type is DYN (Shared object file)
Entry point 0x0
There are 6 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000013d1c 0x0000000000013d1c R E 0x1000
LOAD 0x0000000000013d98 0x0000000000014d98 0x0000000000014d98
0x0000000000000438 0x00000000000005c8 RW 0x1000
DYNAMIC 0x0000000000013db8 0x0000000000014db8 0x0000000000014db8
0x0000000000000200 0x0000000000000200 RW 0x8
$ ./output/host/bin/aarch64-linux-readelf -l ./output/target/usr/lib/libstdc++.so.6.0.32
Elf file type is DYN (Shared object file)
Entry point 0x0
There are 7 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x00000000001d3462 0x00000000001d3462 R E 0x1000
LOAD 0x00000000001d3760 0x00000000001d4760 0x00000000001d4760
0x000000000000e528 0x0000000000012de8 RW 0x1000
DYNAMIC 0x00000000001dcef0 0x00000000001ddef0 0x00000000001ddef0
0x0000000000000240 0x0000000000000240 RW 0x8
--------------------------->8----------------------------
A nice side effect is that we can get rid of the special handling of
"-matomic" as it's already part of ARCH_TOOLCHAIN_WRAPPER_OPTS.
[1] https://git.buildroot.net/buildroot/commit/?id=3cc2c6d19ab2e1bb4634f26f9318da9b07df5fff
[2] https://git.buildroot.net/buildroot/commit/?id=dcb74db89e74e512e36b32cea6f574a1a1ca84c4
[3] https://git.buildroot.net/buildroot/commit/?id=5e52c28397b79f8c4c99552217cbe95202166626
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Vladimir Isaev <VVIsaev@gmail.com>
Signed-off-by: Pavel Kozlov <kozlov@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A RISC-V 64bit EFI defconfig was added in commit 82199551
"configs/qemu_riscv64_virt_efi: new defconfig". So efivar can now be
enabled for this architecture.
This commit adds BR2_RISCV_64 in BR2_PACKAGE_EFIVAR_ARCH_SUPPORTS.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop all patches except first one (already in version)
- This bump will fix the following build failure with kernel >= 6.6:
/home/autobuild/autobuild/instance-2/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wct4xxp/base.c: In function ‘free_wc’:
./include/linux/workqueue.h:639:9: error: call to ‘__warn_flushing_systemwide_wq’ declared with attribute warning: Please avoid flushing system-wide workqueues. [-Werror=attribute-warning]
639 | __warn_flushing_systemwide_wq(); \
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/home/autobuild/autobuild/instance-2/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wct4xxp/base.c:2025:9: note: in expansion of macro ‘flush_scheduled_work’
2025 | flush_scheduled_work();
| ^~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
https://github.com/asterisk/dahdi-linux/releases/tag/v3.3.0
Fixes:
- http://autobuild.buildroot.org/results/e9755e1f4814b6b0c151c590b5c34acfd89556ad
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to the latest version of the gcnano-binaries blobs, which are
compatible with the last v6.1-stm32mp-r1 kernel from the
STMicroelectronics BSP.
The location of the driver has changed it is now in the
gcnano-driver-stm32mp directory instead of an archive.
The VERSION and PREFIX temporary variable in pkgconfig file came back
therefore the sed replacement also came back.
The EULA license file has changed due to copyright year update, so its
hash has changed.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Hash of license file is changed due to:
-Copyright 2005-2022 SQLAlchemy authors and contributors <see AUTHORS file>.
+Copyright 2005-2024 SQLAlchemy authors and contributors <see AUTHORS file>.
Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/5834758777
Commit e7d16c35a (boot/arm-trusted-firmware: fix the RPATH of fiptool) tried
to fix the build of host-fiptool, but forgot to pass HOST_CFLAGS.
On hosts without (compatible) openssl development headers, this breaks
the build when it cannot find the openssl headers:
fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following musl build failure with powerpc raised since bump to
version 2.14 in commit c6addf4606:
In file included from fault.h:36,
from handler-unix.c:77,
from handler.c:19:
handler-unix.c: In function 'sigsegv_handler':
fault-linux-powerpc.h:35:73: error: 'mcontext_t' has no member named 'uc_regs'; did you mean 'gregs'?
35 | # define SIGSEGV_FAULT_STACKPOINTER ((ucontext_t *) ucp)->uc_mcontext.uc_regs->gregs[1]
| ^~~~~~~
handler-unix.c:157:43: note: in expansion of macro 'SIGSEGV_FAULT_STACKPOINTER'
157 | uintptr_t old_sp = (uintptr_t) (SIGSEGV_FAULT_STACKPOINTER);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/77b600071f07605be3ec28e2da46d6938e240087
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PostgreSQL has optional ICU support. So enable it if library are available.
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
I will only be supporting Flutter and other packages needed by Amarula Solution
in a professional related capacity from now on.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Starting with kernel release v6.5 ARM DTS files are placed in vendor
subdirectories (Linux commit 724ba6751532 ("ARM: dts: Move .dts files to
vendor sub-directories")).
This fixes:
make[3]: *** No rule to make target 'arch/arm/boot/dts/bcm4708-smartrg-sr400ac.dtb'. Stop.
make[2]: *** [Makefile:1384: bcm4708-smartrg-sr400ac.dtb] Error 2
make[3]: *** No rule to make target 'arch/arm/boot/dts/bcm47094-luxul-xwr-3150-v1.dtb'. Stop.
make[2]: *** [Makefile:1384: bcm47094-luxul-xwr-3150-v1.dtb] Error 2
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bump will fix the following libsoup3 build failure raised since
commit 9cbffdf9be:
FAILED: libsoup/libsoup-3.0.vapi
/home/buildroot/autobuild/instance-1/output-1/host/bin/vapigen --quiet --library=libsoup-3.0 --directory=/home/buildroot/autobuild/instance-1/output-1/build/libsoup3-3.4.4/build/libsoup --pkg=gio-2.0 --metadatadir=/home/buildroot/autobuild/instance-1/output-1/build/libsoup3-3.4.4/libsoup /home/buildroot/autobuild/instance-1/output-1/build/libsoup3-3.4.4/build/libsoup/Soup-3.0.gir /home/buildroot/autobuild/instance-1/output-1/build/libsoup3-3.4.4/libsoup/Soup-3.0-custom.vala
Soup-3.0.gir:6877.95-6877.95: error: The type name `GLib.TlsProtocolVersion' could not be found
https://gitlab.gnome.org/GNOME/vala/-/blob/0.56.14/NEWS
Fixes:
- http://autobuild.buildroot.org/results/732fcd20c2998e7d7b6b8f61871ad104f8d243df
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static build failure raised since bump to version
5.38.2 in commit 41e2828c41:
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: lib/auto/re/re.a(re_comp.o): in function `Perl_reg_add_data':
re_comp.c:(.text+0x9a24): multiple definition of `Perl_reg_add_data'; libperl.a(regcomp.o):regcomp.c:(.text+0x4f7c): first defined here
Fixes:
- http://autobuild.buildroot.org/results/c61b60430d36c5c63bd3cf0257f2193a40fb0b60
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use linux64-s390x configure target to fix the following s390x build
failure raised since bump to version 3.2.0 in commit
973b1eba5a and
https://github.com/openssl/openssl/commit/79040cf29e011c21789563d74da626b7465a0540:
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/13.2.0/../../../../s390x-buildroot-linux-gnu/bin/ld: libcrypto.a(libcrypto-lib-dh_key.o): in function `dh_bn_mod_exp':
dh_key.c:(.text+0x3c8): undefined reference to `s390x_mod_exp'
/home/buildroot/autobuild/instance-3/output-1/host/lib/gcc/s390x-buildroot-linux-gnu/13.2.0/../../../../s390x-buildroot-linux-gnu/bin/ld: libcrypto.a(libcrypto-lib-rsa_ossl.o): in function `rsa_ossl_s390x_mod_exp':
rsa_ossl.c:(.text+0xd2c): undefined reference to `s390x_crt'
Fixes:
- http://autobuild.buildroot.org/results/77c5e13127de67a69782f138aa28c8b0ad951941
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This reverts commit 245b13a077 as docker
selinux module is for docker-engine, not for "a system tray dock for X"
Moreover, it raises the following build failure:
Compiling targeted policy.33
env LD_LIBRARY_PATH="/home/buildroot/autobuild/instance-0/output-1/per-package/refpolicy/host/lib:/home/buildroot/autobuild/instance-0/output-1/per-package/refpolicy/host/usr/lib" /home/buildroot/autobuild/instance-0/output-1/per-package/refpolicy/host/usr/bin/checkpolicy -c 33 -U deny -S -O -E policy.conf -o policy.33
policy.conf:1912:ERROR 'attribute container_engine_domain is not declared' at token ';' on line 1912:
type dockerd_t, container_engine_domain;
type dockerd_exec_t;
Fixes:
- http://autobuild.buildroot.org/results/87d78b6f15875f0fa3e6fc85e352db14ab0383bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann reported in [1] that edk2 build could sometimes fail. The issue
can be reproduced when per-package directories is enabled, or also
when building on a system with GNU Make >= 4.4 using the
"--shuffle=reverse" option (such as Fedora 39). Those are pointing
toward a Makefile dependency issue.
The issue can be reproduced with commands:
cat > .config <<EOF
BR2_riscv=y
BR2_RISCV_64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TARGET_EDK2=y
EOF
make olddefconfig
Then, building either with:
make --shuffle=reverse
Or:
utils/config -e BR2_PER_PACKAGE_DIRECTORIES
make olddefconfig
make -j$(nproc)
It is interesting to mention that when using "make --shuffle=reverse"
to build, the build can be completed if restarted only with "make". It
will not pull any other Buildroot package. This fact hints toward a
Makefile dependency issue internal to the EDK2 build system, rather
than in the Buildroot recipe.
The EDK2 build system is quite unique. See [2]. It generates files,
makefiles and internally uses GNU Make to compile code. This system is
likely not tested as being a sub-Make process in a complex Makefile
such as Buildroot.
In order to prevent Buildroot to pass unexpected Make flags to the
EDK2 sub-Make, this commit unset the MAKEFLAGS variable in the EDK2
build environment. This will put the EDK2 build script in a more
common and tested state. See GNU Make documentation about recursive use
of Make, more specifically [3].
Note: as mentioned, the build failure is likely due to an internal
issue of the EDK2 build system. The failure points to a missing
dependency in the EDK2 generator itself. This commit does not fix this
issue, but rather put the EDK2 build system in a normalized
environment, avoiding Buildroot flags being passed to the internal
EDK2 sub-Make invocation. The upstream EDK2 build system most likely
need a fix too.
Fixes:
make[2]: *** No rule to make target '/buildroot/output/build/edk2-edk2-stable202308/Build/RiscVVirtQemu/RELEASE_GCC5/RISCV64/MdeModulePkg/Application/UiApp/UiApp/DEBUG/UiApp.efi', needed by '/buildroot/output/build/edk2-edk2-stable202308/Build/RiscVVirtQemu/RELEASE_GCC5/FV/Ffs/462CAA21-7614-4503-836E-8AB6F4662331UiApp/UiApp.offset'. Stop.
build.py...
: error 7000: Failed to execute command
make tbuild [/buildroot/output/build/edk2-edk2-stable202308/Build/RiscVVirtQemu/RELEASE_GCC5/RISCV64/MdeModulePkg/Application/UiApp/UiApp]
build.py...
: error F002: Failed to build module
/buildroot/output/build/edk2-edk2-stable202308/MdeModulePkg/Application/UiApp/UiApp.inf [RISCV64, GCC5, RELEASE]
[1] https://lists.buildroot.org/pipermail/buildroot/2023-December/681507.html
[2] https://tianocore-docs.github.io/edk2-BuildSpecification/draft/4_edk_ii_build_process_overview/42_build_process_overview.html
[3] https://www.gnu.org/software/make/manual/make.html#Options_002fRecursion
Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
vala bindings are needed to build gssdp 1.6 vapi bindings and avoid the
following build failure since commit
0cd1096eb0:
FAILED: vala/gssdp-1.6.vapi
/home/buildroot/autobuild/instance-2/output-1/host/bin/vapigen --quiet --library=gssdp-1.6 --directory=/home/buildroot/autobuild/instance-2/output-1/build/gssdp-1.6.3/build/vala --pkg=gio-2.0 --pkg=libsoup-3.0 --metadatadir=/home/buildroot/autobuild/instance-2/output-1/build/gssdp-1.6.3/vala /home/buildroot/autobuild/instance-2/output-1/build/gssdp-1.6.3/build/libgssdp/GSSDP-1.6.gir
error: Package `libsoup-3.0' not found in specified Vala API directories or GObject-Introspection GIR directories
Fixes:
- http://autobuild.buildroot.org/results/e5fbfc95964beac314c9faffc2c12541d0a10a48
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
1) CVE-2023-6377: X.Org server: Out-of-bounds memory write in XKB button actions
A device has XKB button actions for each button on the device. When a
logical device switch happens (e.g. moving from a touchpad to a mouse), the
server re-calculates the information available on the respective master
device (typically the Virtual Core Pointer). This re-calculation only
allocated enough memory for a single XKB action rather instead of enough for
the newly active physical device's number of button. As a result, querying
or changing the XKB button actions results in out-of-bounds memory reads and
writes.
This may lead to local privilege escalation if the server is run as root or
remote code execution (e.g. x11 over ssh).
2) CVE-2023-6478: X.Org server: Out-of-bounds memory read in
RRChangeOutputProperty and RRChangeProviderProperty
This fixes an OOB read and the resulting information disclosure.
Length calculation for the request was clipped to a 32-bit integer. With
the correct stuff->nUnits value the expected request size was truncated,
passing the REQUEST_FIXED_SIZE check.
The server then proceeded with reading at least stuff->nUnits bytes
(depending on stuff->format) from the request and stuffing whatever it finds
into the property. In the process it would also allocate at least
stuff->nUnits bytes, i.e. 4GB.
See also CVE-2022-46344 where this issue was fixed for other requests.
For more details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-December/003435.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump of libxml2 to version
2.12.1 in commit d8ac52108c:
/home/buildroot/autobuild/instance-1/output-1/build/libiio-0.25/xml.c: In function 'xml_create_context':
/home/buildroot/autobuild/instance-1/output-1/build/libiio-0.25/xml.c:481:15: warning: implicit declaration of function 'xmlReadFile' [-Wimplicit-function-declaration]
481 | doc = xmlReadFile(xml_file, NULL, XML_PARSE_DTDVALID);
| ^~~~~~~~~~~
/home/buildroot/autobuild/instance-1/output-1/build/libiio-0.25/xml.c:481:43: error: 'XML_PARSE_DTDVALID' undeclared (first use in this function); did you mean 'XML_DOC_DTDVALID'?
481 | doc = xmlReadFile(xml_file, NULL, XML_PARSE_DTDVALID);
| ^~~~~~~~~~~~~~~~~~
| XML_DOC_DTDVALID
Fixes:
- http://autobuild.buildroot.org/results/f97c2db33e07a02699e4650caf97de5f3c475eb8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump of libxml2 to version
2.12.1 in commit d8ac52108c:
../libxml++/nodes/entityreference.cc: In member function 'xmlpp::ustring xmlpp::EntityReference::get_resolved_text() const':
../libxml++/nodes/entityreference.cc:30:35: error: invalid use of incomplete type 'struct _xmlEntity'
30 | const xmlChar* pch = cEntity->content;
| ^~
Fixes:
- http://autobuild.buildroot.org/results/f3cef04950eeaa744ebe9409561d505606375787
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The test_python_ml_dtypes.py enabled BR2_PACKAGE_PYTHON3_ZLIB=y in its
configuration to workaround the fact that the toolchain used to
testing was tainted with zlib.
The commit 7e0e6e3
"toolchain/toolchain-external/toolchain-external-bootlin: update to
2023.11-1" updated the toolchains which are no longer tainted with
zlib.
The workaround is no longer needed and this commit removes this
config, for consistency.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
New toolchains have been released, with the following changes:
- The bleeding-edge toolchains are based on gcc 13.2, binutils 2.41,
gdb 14.1, kernel headers 5.10, glibc 2.38, musl 1.2.4 or uclibc-ng
1.0.45.
- The stable toolchains are based on gcc 12.3, binutils 2.40, gdb
13.2, kernel headers 4.14, glibc 2.38, musl 1.2.4 or uclibc-ng
1.0.45.
- The glibc version is no longer affected by CVE-2023-4911
- The gdb build has been fixed to no longer rely on uninstalled
libbfd.so and libopcodes.so libraries
- The zlib library, which was incorrectly present in the toolchain
sysroot, is gone, fixing various build failures encountered with
2023.08 toolchains.
- There are now toolchains for m68k 68xxx based on uclibc and musl in
addition to glibc, which was already supported
The careful reviewer will notice that a number of
depends on !BR2_ARCH_NEEDS_GCC_AT_LEAST_14
are being added to the toolchains that use gcc 13.x, as per
a0d2a5cfec
("support/scripts/gen-bootlin-toolchains: generate
BR2_ARCH_NEEDS_GCC_AT_LEAST_X guard").
All 214 test cases were successfully run:
https://gitlab.com/tpetazzoni/buildroot/-/pipelines/1120323562
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since commit
a0d2a5cfec ("support/scripts/gen-bootlin-toolchains:
generate BR2_ARCH_NEEDS_GCC_AT_LEAST_X guard"), the
gen-bootlin-toolchains script will generate references to
BR2_ARCH_NEEDS_GCC_AT_LEAST_X including potentially against the "next"
version of gcc.
Indeed, a toolchain using gcc 13.x should have a "depends on
!BR2_ARCH_NEEDS_GCC_AT_LEAST_14" so that once some architectures that
require gcc 14.x are added, such toolchains are not made visible.
In order for this to work, we must have the
BR2_ARCH_NEEDS_GCC_AT_LEAST_x symbol ready for the N+1 version of gcc
compared to the latest one we support.
As we're supporting up to gcc 13.x right now, let's introduce the
symbol BR2_ARCH_NEEDS_GCC_AT_LEAST_14 so that gcc 13.x toolchains can
be marked depends on !BR2_ARCH_NEEDS_GCC_AT_LEAST_14.
The other alternative would be to make the gen-bootlin-toolchains a
bit smarter, and not emit this depends on
!BR2_ARCH_NEEDS_GCC_AT_LEAST_14 if BR2_ARCH_NEEDS_GCC_AT_LEAST_14 does
not exist. But this would require re-running the script when
BR2_ARCH_NEEDS_GCC_AT_LEAST_14 which we are unlikely to do. While
today, when the script is invoked, the usual check-symbols complains
and reminds us that BR2_ARCH_NEEDS_GCC_AT_LEAST_14 should be added, so
we remember to do it right away.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since commit 5770a645a3 ("package/qt5:
bump packages to latest kde submodule versions"), the
QT_HEADERS_SYNC_HOOK hook no longer calls the syncqt.pl script, so
host-perl is no longer needed as a dependency of running this
hook (and as a dependency of building Qt).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
qt6base installs things in /usr/mkspecs, but also the soon to be added
qt6core5compat, and the existing package qwt as well.
So let's move the removal of /usr/mkspecs in target-finalize, where we
already remove lots of development-related directories, using a
target-finalize hook in the qt6base package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: make it a qt6base target-finalize hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_DOWNLOAD_FORCE_CHECK_HASHES currently has the following
dependency:
depends on BR2_GLOBAL_PATCH_DIR != ""
However, strictly speaking checking all hashes does not necessarily
require using BR2_GLOBAL_PATCH_DIR, as long as you don't use custom
versions.
But more importantly:
- Having this dependency means that this options is hidden when people
don't use BR2_GLOBAL_PATCH_DIR. Instead the option should always be
made visible, encouraging people to turn it on.
- The Config.in comment was there to mitigate this previous argument,
but this comment then shows up all the time when you have an empty
global patch dir.
This seems over-complicated, and it sounds much easier to have the
option unconditionally available, and visible, and clarify in its help
text that in order to this to work fully with custom package versions,
BR2_GLOBAL_PATCH_DIR can be used to provide extra hash files.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- fix typo noticed by Peter K.
- reword kast sentence after review by Peter K.
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With upstram commit [1] (since version v0.1.0) the pipeline option 'raspberrypi'
was renamed to 'rpi/vc4'.
Change the buildroot option name from BR2_PACKAGE_LIBCAMERA_PIPELINE_RASPBERRYPI
to BR2_PACKAGE_LIBCAMERA_PIPELINE_RPI_VC4 (and add Config.in.legacy entry
accordingly) and move handling in Config.in/libcamer.mk to follow alphabetic
ordering.
Fixes:
.../build/libcamera-v0.1.0/meson.build:3:0: ERROR: Options "raspberrypi" are not in allowed choices: "all, auto, imx8-isi, ipu3, rkisp1, rpi/vc4, simple, uvcvideo, vimc"
[1] https://git.libcamera.org/libcamera/libcamera.git/commit/?id=726e9274ea95fa46352556d340c5793a8da51fcd
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit c9645fd29b.
Building libcamera-apps 1.3.0 with current libcamera 0.1.0 fails because
some of the symbols like controls::AeFlickerMode are not recognized.
According to my research, they have been introduced after libcamera 0.1.0
but there is no release version of libcamera newer than 0.1.0 available
to which we could bump.
Signed-off-by: Sebastian Bauer <mail@sebastianbauer.info>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After adding GDB 14.x and making GDB 13.x the new default, let's drop
support for GDB 11.x.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
All patches are still relevant, and have been rebased on top of GDB
14.1.
GDB 14.1 now needs mpfr unconditionally, so it is added as a
dependency of host-gdb, and of gdb when the full debugger is built.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
- add comment about selecting mpfr for 14.x or later
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A few package or config removals have been introduced after the 2023.11
release, but there entries were still added to the list of options
removed in 2023.11.
The affected commits are:
64a5831679 package/libmpd: remove package
f93380ab1a package/gmpc: remove package
6d8c7aecbb package/flickcurl: remove package
f6acde11ab package/onevpl: rename package to libvpl
fffb245f66 package/linux-headers: drop 6.5.x option
Introduce the 2024.02 section and move the 2023.11 one to where it
belongs.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since GDB 13.x and upstream commit
b686ecb5b10be9a33ab8f1bfdcff22eef920d1a5 ("gdb: link executables with
libtool"), gdb will be linked against the shared variants of libbfd
and libopcodes if they exist. However, this causes host gdb and target
gdb to not work, because our gdb package does not install libbfd and
libopcodes (to not clash with the ones potentially installed by
binutils).
In order to get around this, this commit proposes to get back to the
situation we had before GDB 13.x: libbfd and libopcodes are only
compiled as static libraries, so that they are linked directly inside
the gdb binary, avoiding the problem entirely.
This resolves:
# gdb --version
gdb: error while loading shared libraries: libopcodes-2.39.50.so: cannot open shared object file: No such file or directory
for target gdb, and:
$ ./host/bin/arm-linux-gdb --version
./host/bin/arm-linux-gdb: error while loading shared libraries: libopcodes-2.39.50.so: cannot open shared object file: No such file or directory
for host gdb.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Following the removal of gmpc, we can drop libmpd as well, which was
apparently developed/maintained by the same group of people. The URL
in Config.in, http://gmpcwiki.sarine.nl/index.php?title=Libmpd, no
longer works, and no new alternative upstream was found.
The reference MPD client library is libmpdclient, which is still
maintained.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop patches (already in version) and so drop autoreconf
- Fix the following security issues:
- CVE-2023-40660: Fix Potential PIN bypass
- CVE-2023-40661: Important dynamic analyzers reports
- CVE-2023-4535: Out-of-bounds read in MyEID driver handling
encryption using symmetric keys
https://github.com/OpenSC/OpenSC/releases/tag/0.24.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default terminal used by sway is the foot terminal. Add a note in
the Config.in explaining that if a user is using the default sway config,
it is recommended to also enable the foot package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a config option to build sway with swaybar support.
- The bar requires dejavu fonts.
- If bash-completions is selected, JQ is required.
- Select dmenu-wayland as a runtime dependency.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: jq is a runtime dependency too]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
From foot/INSTALL.md:
```
As of ncurses 2021-07-31, ncurses includes a version of foot’s
terminfo. **The recommendation is to use those**, and only install the
terminfo definitions from this git repo if the system’s ncurses
predates 2021-07-31.
```
So it is best to follow the instructions and install the foot terminfo
provided by ncurses.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is the default terminal sway uses.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: add comment only for first-order deps]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The traditional dmenu is only running under X; dmenu-wayland is an
implementation that runs only on (some) wayland compositors; Sway
uses it by default as its menu bar.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- _SYNC_4 is an arch dependency, so comment should be hidden
- add a few missing comments for first-level dependencies
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since upstream commit
https://github.com/ImageMagick/ImageMagick/commit/25e3a4f3845f59536d19aba0ac0580aa6715147f
(which first appeared in version 7.1.1-19), ImageMagick does not trust
unvalidated XMP profiles in images anymore.
If such a XML profile is encountered inside e.g. a PNG image the
processing is aborted. Validating the XMP profile requires that
ImageMagick is compiled with XML support.
As host-imagemagick supports PNG file also activate XML support.
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This defconfig enables edk2 UEFI shell and grub2 riscv64-efi boot
of a Linux Kernel.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop no longer needed
0001-mainline-version-gcc-13-cannot-use-uintptr_t-via-inc.patch as
it was a backport from upstream
- Updated license hash due to numerous additions of licenses, and
updated copyright years. The LICENSE variable was updated
accordingly, and clarified
- zlib is now a mandatory dependency, it is not checked at configure
time, but <zlib.h> is uncondtionnally included, and libzlib is
linked in unconditionnally. See
https://chromium.googlesource.com/breakpad/breakpad/+/de086a98595f68715c1dce9860f77014a2a1b187
- explicitly disable zstd support, which was added in upstream commit
https://chromium.googlesource.com/breakpad/breakpad/+/9ea5b228f560580f85df895c2f117d7e43340935. This
requires adding AUTORECONF = YES because the pre-generated
configure/Makefile.in available in the Git repository is out of
date, and links unconditionnally with -lzstd, even when
--disable-zstd is passed.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Thomas: handle zlib dependency, handle zstd option, fix LICENSE variable]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
grub2 build is failing, when compiled on host system not including
gawk and host-gawk is not built by another package before. This can
be the the case on current Buildroot Docker image, based on Debian,
which includes mawk.
grub2 was updated in commit 5baf1ffe7e "boot/grub2: bump to version
2.12". This version includes the commit [1], which introduced the use
of the asorti() awk function. This function is a specific gawk
builtin extension. See [2].
This commit fixes this issue by adding host-gawk as a dependency.
Fixes:
mawk: ../../grub-core/genmoddep.awk: line 110: function asorti never defined
make[4]: *** [Makefile:49030: moddep.lst] Error 1
make[4]: Leaving directory '/buildroot/output/build/grub2-2.12/build-i386-pc/grub-core'
make[3]: *** [Makefile:28116: all] Error 2
make[3]: Leaving directory '/buildroot/output/build/grub2-2.12/build-i386-pc/grub-core'
make[2]: *** [Makefile:11714: all-recursive] Error 1
make[2]: Leaving directory '/buildroot/output/build/grub2-2.12/build-i386-pc'
make[1]: *** [Makefile:3547: all] Error 2
make[1]: Leaving directory '/buildroot/output/build/grub2-2.12/build-i386-pc'
make: *** [package/pkg-generic.mk:283: /buildroot/output/build/grub2-2.12/.stamp_built] Error 2
[1] https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commitdiff;h=87648e9c12a32bddb005b899edc44c2c9c63df82
[2] https://www.gnu.org/software/gawk/manual/gawk.html#Sorting-Array-Values-and-Indices-with-gawk
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Thomas: improved with a more complete patch provided by upstream
developer.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As we're about to update libxml2 to version 2.12, let's first fix a
build issue that would occur with squid by backporting an upstream
patch.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The linux defconfig 'bb.org_defconfig' is the best for beagleboard.
To load compressed kernel modules, kmod and xz packages are needed
because busybox doesn't support it.
Bump U-Boot to version 2023.10. The uboot-tools package is no need.
Tested on beaglebone black.
[1] https://github.com/beagleboard/linux/releases/tag/6.1.46-ti-r13
Signed-off-by: Scott Fan <fancp2007@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The runscript and rc binaries have been removed in this release. However,
Buildroot does not use those binaries, so only a simple version bump is
necessary.
Fixes:
- cgroups being inconsistent
- Start-stop-daemon did not work correctly on Linux 6.6
Tested on Debian 11 and Fedora 39 with the following command:
./support/testing/run-tests tests.init.test_openrc
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit d344ffe624 (configs/rock5b: add hash for custom uboot)
explicitly noted that the kernel was retrieved from a git-clone, so the
sha1 of the commit was enough to get what we expect.
However, that does not account for the fact that the upstream repository
can disapear or be temporarily unavailable (maliciously or not). In that
case, the kernel archive will be looked up on the backup mirror.
In that case, the download is via wget over https, which protects the
transport, but does not guarantee that the remote server serves the
expected archive.
The hash file was dropped when d344ffe624 was applied; restore it.
Since the defconfig now has hashes for all its downloads, enforce
checking hashes.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The defconfig uses a custom uboot version, downloaded with wget, so we
weant to be sure that it does not get modified on the server, so we add
a hash for it.
The kernel we get from a git clone, so the sha1 of the commit is enough
to be sure that what we get is what we expect (because we do a local
tarball out of a git clone).
Since we only get a hash for uboot and not for the kernel, we don't
enable BR2_DOWNLOAD_FORCE_CHECK_HASHES.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since upstream commit
eec95e3d5e1a4f2e13b1f6b34cc287475ca57daf ("backend/drm: use pnp.ids to
fetch EDID data"), the pnp.ids file from hwdata is parsed at build
time to generate a C source file. As per backend/drm/meson.build:
hwdata = dependency('hwdata', required: false, native: true)
if hwdata.found()
hwdata_dir = hwdata.get_variable(pkgconfig: 'pkgdatadir')
pnp_ids = files(hwdata_dir / 'pnp.ids')
else
pnp_ids = files('/usr/share/hwdata/pnp.ids')
endif
This is only needed when the DRM backend of wlroots is enabled, but
currently, Buildroot enables this backend unconditionally.
This failure can be reproduced using the following defconfig:
BR2_x86_64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_OSMESA_GALLIUM=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_WLROOTS=y
The issue was not caught in the autobuilders because the last
successful build of a configuration that includes wlroots dates back
from 2022-05-05, at which time Buildroot had wlroots 0.15.1.
This change in wlroots was introduced in wlroots 0.16.0, which means
that it's only since Buildroot bumped from 0.15.1 to 0.16.2 in
d6279bc82c ("package/wlroots: bump to
version 0.16.2") that the issue occurs. This commit is not yet in any
tagged release, so there is no need to backport this fix.
It should be noted that the proposed patch also installs pnp.ids to
the target filesystem, while it is in practice not needed at runtime
by wlroots. However, our current hwdata packaging doesn't allow
installing it only in staging, and since wlroots anyway implies we're
building a fairly heavy graphics stack, the size overhead of hwdata is
deemed to be an acceptable trade-off.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Thomas: further extend the commit log, with details gathered by Yann
and myself.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
According to the Debian changelog, it doesn't seem like there is any
security issue addressed between 6.2.10 and 6.2.12:
unrar-nonfree (1:6.2.12-1) unstable; urgency=medium
* New upstream version 6.2.12
* Rediff patches
-- YOKOTA Hiroshi <yokota.hgml@gmail.com> Thu, 05 Oct 2023 20:49:53 +0900
unrar-nonfree (1:6.2.11-1) unstable; urgency=medium
* New upstream version 6.2.11
-- YOKOTA Hiroshi <yokota.hgml@gmail.com> Wed, 20 Sep 2023 21:41:29 +0900
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As described in the announcement, this fixes a security issue:
There is one security fix in this release:
- Fix for a newly discovered security issue known as the 'Terrapin'
attack, also numbered CVE-2023-48795. The issue affects widely-used
OpenSSH extensions to the SSH protocol: the ChaCha20+Poly1305
cipher system, and 'encrypt-then-MAC' mode.
In order to benefit from the fix, you must be using a fixed version
of PuTTY _and_ a server with the fix, so that they can agree to
adopt a modified version of the protocol. Alternatively, you may be
able to reconfigure PuTTY to avoid selecting any of the affected
modes.
If PuTTY 0.80 connects to an SSH server without the fix, it will
warn you if the initial protocol negotiation chooses an insecure
mode to run the connection in, so that you can abandon the
connection. If it's possible to alter PuTTY's configuration to
avoid the problem, then the warning message will tell you how to do
it.
https://lists.tartarus.org/pipermail/putty-announce/2023/000037.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
RISC-V 64bit qemu virt machine support has been added in edk2
version "stable202302". See [1].
Since edk2-stable202308, introduced in buildroot in commit 5c9f310
"boot/edk2: bump to version edk2-stable202308", it is now possible
to boot the edk2 UEFI shell in qemu.
This commit adds this early RISC-V support to edk2.
The RISC-V edk2 UEFI shell can be booted in Buildroot with the
following commands:
# Build EDK2 images
cat > .config <<EOF
BR2_riscv=y
BR2_RISCV_64=y
BR2_PACKAGE_HOST_QEMU=y
BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE=y
BR2_TARGET_EDK2=y
EOF
make olddefconfig
make
# edk2 image size should fit the 32MB of qemu pflash memories
truncate -s 32M output/images/RISCV_VIRT_CODE.fd
truncate -s 32M output/images/RISCV_VIRT_VARS.fd
# Start qemu:
output/host/usr/bin/qemu-system-riscv64 \
-M virt,pflash0=pflash0,pflash1=pflash1,acpi=off \
-nographic \
-blockdev node-name=pflash0,driver=file,read-only=on,filename=output/images/RISCV_VIRT_CODE.fd \
-blockdev node-name=pflash1,driver=file,filename=output/images/RISCV_VIRT_VARS.fd
Note: a Qemu version >= 8.0.0 is needed to properly start edk2. A qemu
version on the host system might not be sufficient. This is why the
Buildroot host-qemu is built in this config example.
[1] https://github.com/tianocore/edk2/releases/tag/edk2-stable202302
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
After 10 years we don't have to justify the fork anymore, as it has been
the new upstream for that long now.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For release announce on mailing list, see [1].
For release general news, see [2].
This commit removes all package patches, as they are all included in
this version.
The .checkpackageignore file is updated accordingly (the entry for
patch 0001 is removed).
This commit also removes GRUB2_AVOID_AUTORECONF hooks, since patch
0001 is removed.
This commit also removes the GRUB2_IGNORE_CVES entries associated to
the removed patches. The version bump should now explicitly exclude
those CVEs. For patches 8 and 9, the upstream commit IDs were
incorrectly recorded:
- patch 8 mentioned d5caac8ab79d068ad9a41030c772d03a4d4fbd7b while
the actual commit is 5bff31cdb6b93d738f850834e6291df1d0b136fa
- patch 9 mentioned 166a4d61448f74745afe1dac2f2cfb85d04909bf while
the actual commit is 347880a13c239b4c2811c94c9a7cf78b607332e3
Finally, this commit introduces a new patch, adding a missing file in
the release tarball.
[1] https://lists.gnu.org/archive/html/grub-devel/2023-12/msg00052.html
[2] https://git.savannah.gnu.org/gitweb/?p=grub.git;a=blob;f=NEWS;hb=refs/tags/grub-2.12
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds BR2_PACKAGE_LIBOPENSSL_TARGET_ARCH for riscv32 and riscv64.
Otherwise, riscv targets fall back to the linux-generic libopenssl
configs. This exacerbates the issue partially addressed in
openssl/openssl#22871 which causes build failures.
Fixes a mispelling in upstream causing 0builds for riscv32 to fail when
linking.
Signed-off-by: Grant Nichol <me@grantnichol.com>
[yann.morin.1998@free.fr: squash the two commits together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 CVEs affecting glibc according to the NVD database are considered as
not being security issues by upstream glibc developers:
* CVE-2010-4756: The glob implementation in the GNU C Library (aka
glibc or libc6) allows remote authenticated users to cause a denial
of service (CPU and memory consumption) via crafted glob expressions
that do not match any pathnames. glibc maintainers position: "That's
standard POSIX behaviour implemented by (e)glibc. Applications using
glob need to impose limits for themselves"
* CVE-2019-1010022: GNU Libc current is affected by: Mitigation
bypass. The impact is: Attacker may bypass stack guard
protection. The component is: nptl. The attack vector is: Exploit
stack buffer overflow vulnerability and use this bypass
vulnerability to bypass stack guard. NOTE: Upstream comments
indicate "this is being treated as a non-security bug and no real
threat. glibc maintainers position: "Not treated as a security issue
by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22850"
* CVE-2019-1010023: GNU Libc current is affected by: Re-mapping
current loaded library with malicious ELF file. The impact is: In
worst case attacker may evaluate privileges. The component is:
libld. The attack vector is: Attacker sends 2 ELF files to victim
and asks to run ldd on it. ldd execute code. NOTE: Upstream comments
indicate "this is being treated as a non-security bug and no real
threat. glibc maintainers position: "Not treated as a security issue
by upstream https://sourceware.org/bugzilla/show_bug.cgi?id=22851"
* CVE-2019-1010024: GNU Libc current is affected by: Mitigation
bypass. The impact is: Attacker may bypass ASLR using cache of
thread stack and heap. The component is: glibc. NOTE: Upstream
comments indicate "this is being treated as a non-security bug and
no real threat. glibc maintainers position: "Not treated as a
security issue by upstream
https://sourceware.org/bugzilla/show_bug.cgi?id=22852"
* CVE-2019-1010025: GNU Libc current is affected by: Mitigation
bypass. The impact is: Attacker may guess the heap addresses of
pthread_created thread. The component is: glibc. NOTE: the vendor's
position is "ASLR bypass itself is not a vulnerability. Glibc
maintainers position: "Not treated as a security issue by upstream
https://sourceware.org/bugzilla/show_bug.cgi?id=22853"
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported in bug 15895, the GLIBC_VERSION field having a value
looking like 2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701, it
prevents the CPE/CVE matching with the NVD database to work correctly.
This commit fixes that by defining GLIBC_CPE_ID_VERSION, derived from
GLIBC_VERSION, by extracting the base version.
Also, we update GLIBC_IGNORE_CVES to account for the CVEs that have
clearly been fixed between 2.38 and
2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701. There are a number
of other CVEs still affecting the glibc package, but they are not
related to this
2.38...2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701 range.
Fixes: #15895
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
According to the source file:
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add new python-contourpy runtime dependency.
Add new python-pybind dependency.
Add new host-python-setuptools-scm build dependency.
Update setup.cfg to new mplsetup.cfg install location.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add new python-urwid-readline runtime dependency.
Add new python-packaging runtime dependency.
Remove no longer required python-setuptools runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
this file could be required by some native modules
note: compat-5.3.c is included by compat-5.3.h
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
the project has moved to the organization “Lunar Modules”,
see https://github.com/lunarmodules/
diff LICENCE:
-Copyright (c) 2015 Kepler Project.
+Copyright (C) 1994-2020 Lua.org, PUC-Rio.
+Copyright (C) 2013-2023 The Lua-Compat-5.3 authors.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It turns out that wildcard expansion, * and ?, is not performed in
matching lists {...}, at least in the vim plugin. The spec is not clear
about that, but refer to "pattern matching through Unix shell-style
wildcards" [0].
So, let's consider that this is not supported. Expand the patterns into
one section each, rather than use a list.
[0] https://spec.editorconfig.org/
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
OpenSSH 9.6 was released on 2023-12-18.
This release contains fixes for a newly-discovered weakness in the
SSH transport protocol (the "Terrapin" attack), a logic error relating
to constrained PKCS#11 keys in ssh-agent(1) and countermeasures for
programs that invoke ssh(1) with user or hostnames containing invalid
characters.
https://www.openssh.com/txt/release-9.6
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Git shortlog:
Ben Wolsieffer (3):
fork: generate stub on no-MMU systems
arm: elf-fdpic.h: avoid void pointer subtraction
libpthread/nptl: make default stack size configurable
Greg Ungerer (1):
elf: support ELF binaries in noMMU
Marcus Haehnel (3):
fnmatch: fix possible access beyond of parameter string
getaddrinfo.c: Avoid misleading indentation warning
linuxthreads: Avoid unused variable warning
Marcus Hähnel (1):
setjmp.h: Fix C++ build and avoid duplicate throw declaration
Max Filippov (1):
daemon.c: make _fork_parent static inline again
Paul Iannetta (1):
kvx: fix asm syntax
Pavel Kozlov (6):
setrlimit/getrlimit: fix prlimit64 syscall use for 32-bit CPUs
Fix -Warray-parameter warning for __sigsetjmp
prlimit: add name redirection and fix incorrect parameters to syscall
arc: add acq/rel variants for atomic cmpxchg/xchg
arc: remove read ahead in asm strcmp code for ARCHS
rlimit: fix 64-bit RLIM64_INFINITY macro
Waldemar Brodkorb (8):
aarch64: add hwcap header file
fcntl.h: declare f_owner_ex for all architectures
arm: add hwcap header file
lm32: disable ctor/dtor
aarch64: disable lazy relocations
riscv64: define __NR_riscv_flush_icache if not available
depend on __UCLIBC_HAVE_STATX__
bump version for 1.0.45 release
Yann Sionneau (9):
fstatat64: define it as a wrapper of statx if the kernel does not support fstatat64 syscall
fstat: add missing return value statement for the statx wrapping case
add support for systems without legacy setrlimit/getrlimit syscalls
fstatat: add wrapper that uses statx for non-legacy arch
kvx: add support for kv3-2 (Coolidge v2 SoC)
kvx: atomic: rework using compiler builtins
kvx: align specification of user regs
kvx: define that kvx port supports statx syscall
kvx: use a custom stat.h header
lordrasmus (8):
add vsdo support
fix file permissions
fix getauxval() on aarch64 gcc 11
vdso support missing file
c6x compile fix vdso support
gettimeofday() only include ldso.h if vdso support is activated
vdso support for x86_64
gitignore
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The 6.5.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: drop option from linux-headers/Config.host.in]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since the update of Python to version 3.11 in commit
738500c296 ("package/python3: bump to
version 3.11.0"), python-sip fails to compile with:
siplib.c: In function ‘sip_api_get_frame’:
siplib.c:13750:22: error: invalid use of undefined type ‘struct _frame’
13750 | frame = frame->f_back;
This is due to a change in the Python C API, which is fixed by a new
patch. The patch can't be upstreamed, as SIP 4.x is no longer
maintained upstream.
Fixes:
http://autobuild.buildroot.net/results/7b01739e7514e48c06182bc1804b32497ce2e414/
Signed-off-by: Ralf Dragon <hypnotoad@lindra.de>
[Thomas: improved commit log, reformatted patch using Git]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2023-5367 X.Org server: OOB write in
XIChangeDeviceProperty/RRChangeOutputProperty
- CVE-2023-5380: Use-after-free bug in DestroyWindow
- CVE-2023-5574: Use-after-free bug in DamageDestroy
For details, see the advisory:
https://lists.x.org/archives/xorg-announce/2023-October/003430.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
rsync is used in the infrastructure, mostly for the per-package infra,
and for the override-srcdir mechanism, but also to build the manual.
As such, it is not optional but mandatory, and already listed so.
Drop the reference to rsync from the list of optional packages.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2023-46218: cookie mixed case PSL bypass
This flaw allows a malicious HTTP server to set "super cookies" in curl
that are then passed back to more origins than what is otherwise allowed
or possible. This allows a site to set cookies that then would get sent
to different and unrelated sites and domains.
https://curl.se/docs/CVE-2023-46218.html
- CVE-2023-46219: HSTS long file name clears contents
When saving HSTS data to an excessively long file name, curl could end up
removing all contents, making subsequent requests using that file unaware
of the HSTS status they should otherwise use.
https://curl.se/docs/CVE-2023-46219.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by TestDtbocfg.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The prebuilt kernel has been updated to 5.10.202, sync the kernel
built by InitSystemSystemdBaseOverlayfs.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the zynq readme.txt to add documentation for the zc702 and correct
documentation that was no longer up to date.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Let's also enable NXP firmware package to let latest SDMA firmware to be
loaded. To achieve this we also need to enable dynamic eudev to let it to
load the firmware as it is requested early before the rootfs is mounted.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[Peter: explain why eudev is needed]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Let's also enable NXP firmware package to let latest SDMA firmware to be
loaded. To achieve this we also need to enable dynamic eudev to let it
load the firmware as it is requested early before the rootfs is mounted.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
[Peter: explain why eudev is needed]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patches (already in version)
This bump will fix the following build failure raised since bump of
leptonica to version 1.83.1 in commit
a4e713558d thanks to
https://github.com/tesseract-ocr/tesseract/commit/27b1827ccde6014df1231e1cec6263ee108066e9:
src/textord/devanagari_processing.cpp: In member function 'bool tesseract::ShiroRekhaSplitter::Split(bool, tesseract::DebugPixa*)':
src/textord/devanagari_processing.cpp:130:19: error: invalid use of incomplete type 'struct Pixa'
130 | Box *box = ccs->boxa->box[i];
| ^~
In file included from /home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/alltypes.h:52,
from /home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/allheaders.h:35,
from src/textord/devanagari_processing.h:16,
from src/textord/devanagari_processing.cpp:25:
/home/autobuild/autobuild/instance-5/output-1/host/bin/../s390x-buildroot-linux-gnu/sysroot/usr/include/leptonica/bmf.h:48:12: note: forward declaration of 'struct Pixa'
48 | struct Pixa *pixa; /*!< pixa of bitmaps for 93 characters */
| ^~~~
https://github.com/tesseract-ocr/tesseract/blob/5.3.3/ChangeLog
Fixes:
- http://autobuild.buildroot.org/results/46d3ffc8885245ee9a56a528be055b0b27a18245
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 6b915358ba introduced PKG_PYTHON_MATURIN_INSTALL_CMD while
it should be HOST_PKG_PYTHON_MATURIN_INSTALL_CMD.
Adding any new host python package using maturin setup type will
fail during the install step.
Fixes: 6b915358ba
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Updated to gcc 13.2, gdb 13, binutils 2.41, glibc 2.38.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Release note:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Updated to gcc 13.2, gdb 13, binutils 2.41, glibc 2.38.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Tested with qemu_aarch64_virt_defconfig.
Release note:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Updated to gcc 13.2, gdb 13, binutils 2.41, glibc 2.38.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Tested with qemu_arm_vexpress_defconfig.
Release note:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The arm-trusted-firmware package builds a host tool called "fiptool",
which is used during the build process of arm-trusted-firmware
itself. This tool links against the OpenSSL host library, and
therefore needs to be built with the correct RPATH pointing to
$HOST_DIR/lib.
This is why commit a957d9a90a
("boot/arm-trusted-firmware: build fiptool separately with dependency
o n host-openssl") added the ARM_TRUSTED_FIRMWARE_BUILD_FIPTOOL
variable, which builds the fiptool tool first, with the right
variables set, before invoking the full build of TF-A. This ensured
that fiptool was built with the correct RPATH.
However, more recent versions of TF-A have modified their Makefile
machinery, and fiptool is being rebuilt even if it was built
before. Unfortunately, this rebuild is no longer done with the right
flags, so we end up with a fiptool binary that no longer has the right
RPATH, and fiptool fails to find the OpenSSL libraries from
$HOST_DIR/lib.
In order to fix this, we take a different approach: we do not build
fiptool separately first, but we inject the necessary flags through
the HOSTCC variable. Indeed, there's no HOST_LDFLAGS or HOST_LDLIBS
variable or similar that would allow us to pass the -Wl,-rpath flag
that is needed. Shoe-horning this flag into HOSTCC gets the job done,
and actually simplifies our arm-trusted-firmware.mk.
This patch break the compatibility with version prior to 1.4 (upstream
commit 72610c4102990 ("build: Introduce HOSTCC flag")). v1.4 is very old
(July 2017), not used anymore in-tree and probably not used anymore
outside the tree.
Signed-off-by: Louis Chauvet <louis.chauvet@bootlin.com>
Co-authored-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When an error occurs, the gitlab-ci job log doesn't contain any useful
information than the name of the failing test:
FAIL: test_run (tests.package.test_python_paho_mqtt.TestPythonPahoMQTT)
In order to encourage contributors to investigate issues reported by
gitlab-ci, we want to print the last lines of the log file (build or
runtime).
Unfortunately, gitlab-ci job log completely strips lines ending with
CRCRLF [1][2]. We have to take a look at the gitlab-ci raw log to see
the complete log [3].
To workaround this issue, remove crlf from qemu serial stdio log
while printing in the gitlab-ci job log (we don't want to change
the log file generated by support/testing/run-tests and saved as
artefacts).
[1] https://gitlab.com/gitlab-org/gitlab/-/issues/218771
[2] https://gitlab.com/kubu93/buildroot/-/jobs/5492937691
[3] https://gitlab.com/kubu93/buildroot/-/jobs/5492937691/raw
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The zynq_qmtech_defconfig has not been maintained for 3 years, and is now
using a very out of date u-boot and Linux kernel. Since there are 4 other
zynq7000 defconfigs available in buildroot and Julien no longer has a
functional board, drop the defconfig.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Julien Olivain <ju.o@free.fr>
[Peter: reword commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the versal_vck190_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30 with additional bug fixes
- U-Boot v2023.01 with additional bug fixes
- ATF v2.8 with additional bug fixes
- PLM xilinx_v2023.2
- PSMFW xilinx_v2023.2
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynqmp_kria_kv260_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30 with additional bug fixes
- U-Boot v2023.01 with additional bug fixes
- ATF v2.8 with additional bug fixes
- PMUFW xilinx_v2023.2
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynqmp_zcu106_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30 with additional bug fixes
- U-Boot v2023.01 with additional bug fixes
- ATF v2.8 with additional bug fixes
- PMUFW xilinx_v2023.2
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynqmp_zcu102_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30 with additional bug fixes
- U-Boot v2023.01 with additional bug fixes
- ATF v2.8 with additional bug fixes
- PMUFW xilinx_v2023.2
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch adds support for Xilinx Kria KR260 starter kit.
KR260 features can be found here:
https://www.xilinx.com/products/som/kria/kr260-robotics-starter-kit.html
While the Kria SOM is based on a ZynqMP SoC, there are some key
boot config differences from the other ZynqMP evaluation boards.
1. There are no boot switches on Kria SOMs. The boot mode is thus
hard configured for QSPI flash. A pre-programmed boot.bin comes
with every Starter Kit. U-Boot can then find the Linux kernel and
file system on the SD card.
Optional instructions for updating the boot.bin in the QSPI flash
can be found in the readme.txt file and the link below.
https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/1641152513/Kria+K26+SOM
2. Kria SOMs use UART1 for the console instead of UART0. For this
reason, Kria Starter Kits will use a separate extlinux.conf file
from other ZynqMP evaluation boards.
3. The KR260 has a USB to SD card bridge, so the Linux kernel
and file system are found on /dev/sda1 and /dev/sda2.
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: fix kr260.sh shellcheck warnings, similar to kv260.sh]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following static build failure raised since bump to version
1.1.4 in commit 7205df8a4f:
CMake Error at /home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/bin/cmake_install.cmake:60 (file):
file RPATH_CHANGE could not write new RPATH:
$ORIGIN/../lib
to the file:
/home/autobuild/autobuild/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/bin/memcapable
No valid ELF RPATH or RUNPATH entry exists in the file;
Call Stack (most recent call first):
/home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/src/cmake_install.cmake:52 (include)
/home/autobuild/autobuild/instance-13/output-1/build/libmemcached-1.1.4/cmake_install.cmake:52 (include)
Fixes:
- http://autobuild.buildroot.org/results/778ff517d465896f54a3cd5316a66c54f66fd4cb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add firmware files for RTL8851 and RTL8852 cards used by the rtlbt driver.
Signed-off-by: Jan Čermák <sairon@sairon.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 51d6d6c580.
That change is no more relevant since the genimage.cfg files are
generated by the commit e37ee5acdc (board/raspberrypi/post-image.sh:
generate genimage config from template if not present), and since the
variant-specific files were dropped off by the commit fc5cdeed72
(board/raspberrypi: drop variant-specific genimage files).
This removes the very last alive piece of change of the commit
51d6d6c580 (Fix rasberry Pi 64bit firmware overlay inclusion); the
commit is fully reverted now.
Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 6021f3678b.
That change is no more relevant since the genimage.cfg files are
generated by the commit e37ee5acdc (board/raspberrypi/post-image.sh:
generate genimage config from template if not present), and since the
variant-specific files were dropped off by the commit fc5cdeed72
(board/raspberrypi: drop variant-specific genimage files).
This removes the very last alive piece of change of the commit
6021f3678b (board/raspberrypi: handle dtb overlays for all variants);
the commit is fully reverted now.
Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As upstream developer mentioned in private communication, the code using
NETDB_INTERNAL is now disabled. Remove the patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to the new Linux LTS release 6.6.3. Switch to the latest
U-Boot 2023.10 and ATF 2.9. Increase ext2 partition size to fit
new versions.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to the new Linux LTS release 6.6.3. Switch to the
latest U-Boot 2023.10.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to the new Linux LTS release 6.6.3. Switch to the
latest U-Boot 2023.10.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to the new Linux LTS release 6.6.3. Switch to the
latest U-Boot 2023.10.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to the new Linux LTS release 6.6.3. Switch to the
latest U-Boot 2023.10.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
--with-ssl-dir will exclusively search for dynamic library so use
--with-ssl-static to fix the following openssl static build failure
raised since bump to version 5.33.0 in commit
8cedb39764:
checking for static SSL support... disabled
checking for SSL support... enabled
checking for SSL include directory... /home/buildroot/autobuild/instance-2/output-1/host/mipsel-buildroot-linux-uclibc/sysroot/usr/include
checking for SSL library directory... /lib64
[...]
mipsel-buildroot-linux-uclibc-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/lib64'
Fixes:
- http://autobuild.buildroot.org/results/4189decbafb5d28c11d89ddac792b4610abeaff1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The defconfig fetches Linux and U-Boot from a git repo using the
unauthenticated git:// protocol, so add download hashes for them to ensure
we get the right sources by adding a global patch dir and running
utils/add-custom-hashes.
The defconfig uses the Linux sources for the kernel headers, so make
linux-headers/linux-headers.hash a symlink to linux/linux.hash so the same
hash file is used.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc >= 12:
task.c: In function 't_start':
task.c:398:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
398 | return ret;
| ^~~
task.c:364:13: note: 'ret' was declared here
364 | int ret;
| ^~~
task.c: In function 't_resume':
task.c:444:16: error: 'ret' may be used uninitialized [-Werror=maybe-uninitialized]
444 | return ret;
| ^~~
task.c:428:13: note: 'ret' was declared here
428 | int ret;
| ^~~
Fixes:
- http://autobuild.buildroot.org/results/bc1b40de22e563b704ad7f20b6bf4d1f73a6ed8a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following NLS build failure raised since the addition of the
package in commit 9f4f8c5f89:
/home/buildroot/autobuild/run/instance-2/output-1/host/lib/gcc/arm-buildroot-linux-musleabihf/12.3.0/../../../../arm-buildroot-linux-musleabihf/bin/ld: ../../src/common/.libs/libcommon.a(libcommon_la-i18n.o): undefined reference to symbol 'libintl_bindtextdomain'
Fixes:
- http://autobuild.buildroot.org/results/8ab13cf474d732c95a1da65592d950b24b3d474b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc 4.8 raised since bump to
version 1.1.4 in commit 7205df8a4f:
/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c: In function 'ascii_get_response_handler':
/home/buildroot/autobuild/run/instance-0/output-1/build/libmemcached-1.1.4/src/libmemcachedprotocol/ascii_handler.c:249:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (int x = 0; x < keylen; ++x) {
^
Fixes:
- http://autobuild.buildroot.org/results/202aeec4dda822ac341d8882f84f968a303697c3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
I am no longer work at Synopsys, so remove this email address.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since bump to version 1.1.4 in
commit 7205df8a4f:
/home/buildroot/autobuild/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/sparc-buildroot-linux-uclibc/11.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: CMakeFiles/aslap.dir/ms_conn.c.o: undefined reference to symbol '__atomic_fetch_add_4@@LIBATOMIC_1.0'
Fixes:
- http://autobuild.buildroot.org/results/c8e4e1f9609d1339fe070afe440c63660892600e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
note: 5.36.2 was a broken release
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-38703: PJSIP is a free and open source multimedia
communication library written in C with high level API in C, C++, Java,
C#, and Python languages. SRTP is a higher level media transport which
is stacked upon a lower level media transport such as UDP and ICE.
Currently a higher level transport is not synchronized with its lower
level transport that may introduce use-after-free issue. This
vulnerability affects applications that have SRTP capability
(`PJMEDIA_HAS_SRTP` is set) and use underlying media transport other
than UDP. This vulnerability’s impact may range from unexpected
application termination to control flow hijack/memory corruption. The
patch is available as a commit in the master branch.
https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66https://github.com/pjsip/pjproject/releases/tag/2.14
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following static build failure raised since bump to version 0.78
in commit 5673ea3ce4:
In file included from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/putty.h:8,
from /home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/callback.c:8:
/home/buildroot/autobuild/instance-0/output-1/build/putty-0.78/unix/platform.h:11:10: fatal error: dlfcn.h: No such file or directory
11 | #include <dlfcn.h> /* Dynamic library loading */
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/06f0b14bd0414f97b06070198e290fb3253348c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following wolfssl build failure raised at least since bump to
version 7.4.0 in commit 6b5907bf65:
/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c: In function 'ssl_last_error_string':
/home/autobuild/autobuild/instance-4/output-1/build/rtty-8.1.0/src/ssl/openssl.c:143:24: error: implicit declaration of function 'ERR_peek_error_line_data'; did you mean 'wolfSSL_ERR_get_error_line_data'? [-Werror=implicit-function-declaration]
143 | ssl_err_code = ERR_peek_error_line_data(&file, &line, &data, &flags);
| ^~~~~~~~~~~~~~~~~~~~~~~~
| wolfSSL_ERR_get_error_line_data
Fixes:
- http://autobuild.buildroot.org/results/9db9f1dcc6760de4b78771bb79f109c4efd06c36
- http://autobuild.buildroot.org/results/16422af9469de114e552124542508c3b18ea8f19
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: don't force wolfssl-all]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream re-released the v0.1.8 tarballs with autotools related stuff. [1]
That makes the hash test to fail:
ERROR: while checking hashes from package/libusb-compat//libusb-compat.hash
ERROR: libusb-compat-0.1.8.tar.bz2 has wrong sha256 hash:
ERROR: expected: 698c76484f3dec1e0175067cbd1556c3021e94e7f2313ae3ea6a66d900e00827
ERROR: got : b692dcf674c070c8c0bee3c8230ce4ee5903f926d77dc8b968a4dd1b70f9b05c
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
Update the hash and drop LIBUSB_COMPAT_AUTORECONF.
[1] https://github.com/libusb/libusb-compat-0.1/issues/28#issuecomment-1759400548
[Peter: use .tar.gz to not conflict with s.b.o]
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This bump will fix the following build failure thanks to
https://github.com/trabucayre/openFPGALoader/commit/933ed793e85dea7e16ddd6540791097fd3a299f5:
In file included from /home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/jtag.hpp:13,
from /home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/device.hpp:13,
from /home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/efinix.hpp:11,
from /home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/efinix.cpp:6:
/home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/board.hpp:49:9: error: 'uint8_t' does not name a type
49 | uint8_t tms_pin; /*! TMS pin value */
| ^~~~~~~
/home/buildroot/autobuild/instance-3/output-1/build/openfpgaloader-0.10.0/src/board.hpp:12:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
11 | #include "cable.hpp"
+++ |+#include <cstdint>
12 |
https://github.com/trabucayre/openFPGALoader/releases/tag/v0.11.0
Fixes:
- http://autobuild.buildroot.org/results/ee89dcc7430079195e2e9ff300e1320de848d3e3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update patch to fix the following musl build failure with m68k which is
only raised (for an unknown reason) since bump to version 2.7.1 in commit
3e48f8358e:
In file included from fp.c:6:
fp-gnum68k.c:21:10: fatal error: fpu_control.h: No such file or directory
21 | #include <fpu_control.h>
| ^~~~~~~~~~~~~~~
Add also upstream link to first patch iteration which was sent in
November 2022 but didn't get it any reply (like most of the other emails
sent to bug-gsl@gnu.org ...)
Fixes:
- http://autobuild.buildroot.org/results/e59636f6ac148807c1c67f09eef0e0a9f5d52303
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix issues spotted by Yann E. Morin in commit
ca169d1d0a:
- BR2_TOOLCHAIN_BUILDROOT_UCLIBC -> BR2_TOOLCHAIN_USES_UCLIBC
- Add dependency to openrc package and not only to init system
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 2cfa86a54882(package/erlang: bump version to 26.0.2) added a
patch to restore building on uClibc.
However, that patch is not upstream, and has been rejected:
https://github.com/erlang/otp/pull/7500
Please open a PR to https://github.com/asmjit/asmjit instead and we
will get the fix next time we sync with upstream. We do not want
theirs and our implementation to diverge.
Furthermore, it happens to work on uClibc, because uClibc does not
expose sys/auxv.h, but it fails to work on glibc, because the define is
not propagated to "sub-trees", and thus is never defined where it is
checked for, even when sys/auxv.h is available. This causes build
failures such as:
asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectHWCaps(CpuInfo&, long unsigned int, const LinuxHWCapMapping*, size_t)’:
asmjit/core/cpuinfo.cpp:840:24: error: ‘getauxval’ was not declared in this scope
840 | unsigned long mask = getauxval(type);
| ^~~~~~~~~
asmjit/core/cpuinfo.cpp: In function ‘void asmjit::_abi_1_10::detectARMCpu(CpuInfo&)’:
asmjit/core/cpuinfo.cpp:972:21: error: ‘AT_HWCAP’ was not declared in this scope
972 | detectHWCaps(cpu, AT_HWCAP, hwCapMapping, ASMJIT_ARRAY_SIZE(hwCapMapping));
| ^~~~~~~~
asmjit/core/cpuinfo.cpp:973:21: error: ‘AT_HWCAP2’ was not declared in this scope
973 | detectHWCaps(cpu, AT_HWCAP2, hwCapMapping2, ASMJIT_ARRAY_SIZE(hwCapMapping2));
| ^~~~~~~~~
Yet, sys/auxv.h was detected at configure time:
checking for sys/auxv.h... yes
This defconfig is enough to reproduce the error:
BR2_aarch64=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_PACKAGE_ERLANG=y
Since upstream refused the patch, and there is no fix that was submitted
to the actual upstream (asmjit), drop the rejectred patch, and disable
for uClibc: the patch is incorrect, and we can't fix a build issue on
uClibc by introducing another on glibc.
Fixes:
http://autobuild.buildroot.org/results/fc1/fc19bad2263bdfacea594217d5ddfde0e27895b1/http://autobuild.buildroot.org/results/114/11416d81d5b27fc0627b335a971154c088d5754a/
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Bernd Kuhls <bernd@kuhls.net>
Cc: Maxim Kochetkov <fido_max@inbox.ru>
Changes v1 -> v2:
- update comment when unavailable
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
fix CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
openrc raises the following uclibc build failures since bump to version
0.51 in commit 730c90faa3:
../src/rc-abort/rc-abort.c: In function 'main':
../src/rc-abort/rc-abort.c:27:21: error: implicit declaration of function 'kill'; did you mean 'killpg'? [-Werror=implicit-function-declaration]
27 | if (kill(pid, SIGUSR1) != 0)
| ^~~~
| killpg
../src/libeinfo/libeinfo.c: In function 'colour_terminal':
../src/libeinfo/libeinfo.c:319:26: error: implicit declaration of function 'fileno' [-Werror=implicit-function-declaration]
319 | if (f && !isatty(fileno(f)))
| ^~~~~~
../src/librc/librc-misc.c: In function 'rc_getfile':
../src/librc/librc-misc.c:79:14: error: implicit declaration of function 'fileno'; did you mean 'd_fileno'? [-Werror=implicit-function-declaration]
79 | fd = fileno(fp);
| ^~~~~~
| d_fileno
../src/librc/librc-daemon.c: In function 'rc_service_daemons_crashed':
../src/librc/librc-daemon.c:633:37: error: implicit declaration of function 'kill'; did you mean 'killpg'? [-Werror=implicit-function-declaration]
633 | if (kill(pid, 0) == -1 && errno == ESRCH)
| ^~~~
| killpg
These build failures could be fixed by patching openrc but upstream
is not happy with this patch: https://github.com/OpenRC/openrc/pull/674.
So, as advised by Yann E. Morin, openrc is hidden away for uClibc, until
upstream has a proper fix.
Fixes:
- http://autobuild.buildroot.org/results/494ef392a971ddb3c5c7b01e0149c6439018dbe7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-45322: libxml2 through 2.11.5 has a use-after-free that can
only occur after a certain memory allocation fails. This occurs in
xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think
these issues are critical enough to warrant a CVE ID ... because an
attacker typically can't control when memory allocations fail."
https://gitlab.gnome.org/GNOME/libxml2/-/blob/v2.11.6/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-46852: In Memcached before 1.6.22, a buffer overflow exists
when processing multiget requests in proxy mode, if there are many
spaces after the "get" substring.
Fix CVE-2023-46853: In Memcached before 1.6.22, an off-by-one error
exists when processing proxy requests in proxy mode, if \n is used
instead of \r\n.
https://github.com/memcached/memcached/wiki/ReleaseNotes1622
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-47359: Videolan VLC prior to version 3.0.20 contains an
incorrect offset read that leads to a Heap-Based Buffer Overflow in
function GetPacket() and results in a memory corruption.
Fix CVE-2023-47360: Videolan VLC prior to version 3.0.20 contains an
Integer underflow that leads to an incorrect packet length.
https://code.videolan.org/videolan/vlc/-/blob/3.0.20/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the favicon image was added in f26e61319f (docs/website: add
favicon.png), it was added to a different directory then where the header's
icon link points. This causes the favicon to fail to load with 404.
While we are here, remove the "shortcut" rel attribute as it is non-standard
and it's recommended not to use it[1].
[1] https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/rel#sect4
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since bump of webp to version
1.3.2 in commit c88c1d3319:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/aarch64_be-buildroot-linux-uclibc/13.2.0/../../../../aarch64_be-buildroot-linux-uclibc/bin/ld: picture.o: undefined reference to symbol 'WebPMemoryWriterClear'
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/aarch64_be-buildroot-linux-uclibc/13.2.0/../../../../aarch64_be-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-9/output-1/host/aarch64_be-buildroot-linux-uclibc/sysroot/usr/lib64/libwebp.so.7: error adding symbols: DSO missing from command line
Fixes:
- http://autobuild.buildroot.org/results/9b859a701debeaddf1f9909e16adc6811a620576
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update README hash for changed not related to license.
Change patch 0001 to git format. socat is now hosted on git. Also,
update to apply to current version.
Add upstream status to both patches.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with libressl >= 3.8 raised since bump
of libressl to version 3.8.2 in commit
21eca49ed5:
In file included from card-westcos.c:37:
/home/autobuild/autobuild/instance-11/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/openssl/evp.h:627:32: error: macro "EVP_sha3_224" passed 1 arguments, but takes just 0
627 | const EVP_MD *EVP_sha3_224(void);
| ^
Fixes:
- http://autobuild.buildroot.org/results/cecee659371f370bf4bd2b27a4752bf20ceff326
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following build failure without stack-protector occurs since commit
160f0e4b5f (package/libpam-tacplus: bump to version 1.7.0):
cc1: warning: '-fstack-protector' not supported for this target
In file included from libtac/lib/xstrncpy.c:36:
libtac/lib/xstrncpy.c: In function 'xstrncpy':
./libtac/include/libtac.h:71:15: error: called object is not a function or function pointer
71 | #define abort exit(EXIT_FAILURE)
| ^~~~
Since we are passing the appropriate SSP and fortify flags via our
toolchain wrapper, we need to tell the package not to add its own.
Upstream commit b1054ad8bb33 (Add '--disable-am-ldcflags' configure
option), available since version 1.4.1, has been added for "a
distribution to select its own C/LD flags" which is exactly our
situation.
So that's what we do: replace the ax cache variable by this new
configure flag.
Fixes:
- http://autobuild.buildroot.org/results/cc8a7c5cca65e002d40a775f09e3c4577fbab5b7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit 13fc9dcb34, netsnmp was bumped
from 5.9.3 to 5.9.4 to fix two CVEs.
However, even though it's a minor version bump, there are actually 163
commits upstream between those two minor releases, and some of them
are breaking existing use-cases. In particular upstream
a2cb167514ac0c7e1b04e8f151e0b015501362e0 now requires that config_()
macros in MIB files are terminated with a semicolon, causing a build
breakage with existing MIB files that were totally valid with 5.9.3.
This commit therefore proposes to revert back to 5.9.3, by reverting
those two commits:
56caafceab package/netsnmp: fix musl build
13fc9dcb34 package/netsnmp: security bump to version 5.9.4
and instead backport the one upstream commit that fixes both CVEs.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: fix typo as reported by Baruch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Although pydantic-core likely implements a subset of the functionality
in pydantic 1.10.8 as we currently package, there will not be any
conflict as the modules namespace differ:
import pydantic # 1.10.8
import pydantic_core
So, we can add pydantic-core, then bump pydantic; we don't need to do
both in the same commit.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: add explanations from James about no-conflict]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Git-generated patches embed the short-hash of the objects in the
repository. The length of those short hashes are subject to change
in at least three cases:
- the number of objects in the repository increases, so git increases
the length of short hashes to get a good change there is no
collision;
- the git configuration changes, see core.abbrev in git-config;
- the heuristic to compute the length changes in a newer git version.
Since the bump to zfs 2.1.4 in commit 68dfd09708, the patch generated
by github has changed, causing download failures:
wget --passive-ftp -nd -t 3 -O '/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output' 'https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch'
--2023-11-26 16:53:25--
https://github.com/openzfs/zfs/commit/bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch
Resolving github.com (github.com)... 140.82.121.3
Connecting to github.com (github.com)|140.82.121.3|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2976 (2.9K) [text/plain]
Saving to: ‘/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output’
/home/ymorin/dev/buildroot/O/ 100%[================================================>] 2.91K --.-KB/s in 0s
2023-11-26 16:53:25 (15.0 MB/s) - ‘/home/ymorin/dev/buildroot/O/master/build/.bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch.uoFq9e/output’ saved [2976/2976]
ERROR: while checking hashes from package/zfs//zfs.hash
ERROR: bc3f12bfac152a0c28951cec92340ba14f9ccee9.patch has wrong sha256 hash:
ERROR: expected: 96a27353fe717ff2c8b95deb8b009c4eb750303c6400e2d8a2582ab1ec12b25a
ERROR: got : 246c80f66abca5a7e0c41cc7c56eec0b4cb7f16b142262480401142bbc2f999f
ERROR: Incomplete download, or man-in-the-middle (MITM) attack
And indeed, the length of short hashes has increased by one since then.
Fix that by bundling the patch, with the short hashes that were known
then, so that it matches the sha256 we had for it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
gcc.mk attempts to disable building the documentation by setting
MAKEINFO=missing, but it is not working. If makeinfo is installed
and recent enough, gcc still uses it. This can be checked easily:
grep BUILD_INFO='info' host-gcc-initial-*/build/gcc/config.log
It happens because the root ./configure script will check
$MAKEINFO --version (aka 'missing --version') and will overwrite it with
MAKEINFO='missing makeinfo' because the version does not match.
Having MAKEINFO='missing makeinfo' is a problem because
'missing makeinfo' will actually attempt to run 'makeinfo' before
failing with an error message. If makeinfo is installed on the host,
then 'missing makeinfo' will successfully run makeinfo anyway.
Many gcc subprojects will check $MAKEINFO --version and enable building
the documentation if it is recent enough. This patch overrides these
checks by forcing gcc_cv_prog_makeinfo_modern=no.
Building the GCC documentation can fail with the wrong makeinfo version.
It happened at least when building GCC 11.3.0 with makeinfo 7.1.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following uclibc build failure raised since the addition of the
package in commit d5bba26801:
In file included from /home/autobuild/autobuild/instance-4/output-1/build/oatpp-1.3.0/src/oatpp/algorithm/CRC.hpp:28,
from /home/autobuild/autobuild/instance-4/output-1/build/oatpp-1.3.0/src/oatpp/algorithm/CRC.cpp:25:
/home/autobuild/autobuild/instance-4/output-1/build/oatpp-1.3.0/src/oatpp/core/base/Environment.hpp:359:93: error: 'va_list' has not been declared
359 | static void vlogFormatted(v_uint32 priority, const std::string& tag, const char* message, va_list args);
| ^~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/bcdf7548ff752f936defd111d13c63245ea70cbe
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
These variables were removed. In addition, the text describing them
wasn't terribly useful. Just remove the sentences describing them.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The _BASE_INSTALL*_CMD variables are set based on the setup type, and
only based on the setup type. Because of this, we have a large
conditional tree in inner-python-package which makes things hard to
read.
Rather than conditions, it's also possible to use indirect variables.
Concretely, we can define PKG_PYTHON_DISTUTILS_INSTALL_TARGET_CMD etc.,
and use $(PKG_PYTHON_$($(PKG)_SETUP_TYPE)_INSTALL_TARGET_CMD) instead of
$($(PKG)_BASE_INSTALL_TARGET_CMD) to dispatch to the right
_INSTALL_TARGET_CMD variable. The same applies to _INSTALL_STAGING_CMD
and HOST_..._INSTALL_CMD.
Since the _INSTALL*_OPTS variables are not (or no longer) used anywhere
else, we can fold them into the _INSTALL*_CMD variables.
setuptools-rust, flit and maturin didn't have their own definition of
_BUILD_CMD but were under the setuptools resp. pep517 condition. For
these, we have to define new variables that copy the value from
PKG_PYTHON_SETUPTOOLS_BUILD_CMD resp. PKG_PYTHON_PEP517_BUILD_CMD.
The condition tree is now empty, except for the error handling. Rework
the conditions for the error handling and remove all other conditions.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In a follow-up patch, we want to remove this variable. Replace it with
its expansion, which is anyway just
$(PKG_PYTHON_SETUPTOOLS_INSTALL_OPTS) --root=$(TARGET_DIR)
Also remove PKG_PYTHON_SETUPTOOLS_BUILD_OPTS, which is not defined (i.e.
empty).
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In a follow-up patch, we want to remove this variable. Replace it with
its expansion, which is anyway just
$(PKG_PYTHON_SETUPTOOLS_INSTALL_OPTS) --root=$(TARGET_DIR)
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
[yann.morin.1998@free.fr:
- fixup after introduction of JAILHOUSE_INSTALL_HELPER_SCRIPTS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The usual way of having conditional build and installation of parts
of a generic-package, is to conditionally define macros that do that
build and installation, and unconditionally expand the macros in the
_BUILD_CMDS and _INSTALL_CMDS.
Do that in jailhouse, which used to use an ad-hoc conditional block
directly in _BUILD_CMDS and _INSTALL_CMDS.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python-flit-core is the only package that overrides
_BASE_INSTALL_CMD. Since we're going to remove that variable in a
follow-up patch, we no longer will be able to do that.
Since host-python-flit-core is really a special case, it makes sense to
define HOST_PYTHON_FLIT_CORE_INSTALL_CMDS in its entirety.
While we're at it, also instantiate
HOST_PKG_PYTHON_PEP517_BOOTSTRAP_INSTALL_OPTS directly there. This
variable is not used anywhere else, and it's a bit confusing to have it
in pkg-python.mk - it looks like a mistake.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The _BASE_BUILD_CMD variable is set based on the setup type, and only
based on the setup type. Because of this, we have a large conditional
tree in inner-python-package which makes things hard to read.
Rather than conditions, it's also possible to use indirect variables.
Concretely, we can define PKG_PYTHON_DISTUTILS_BUILD_CMD etc., and use
$(PKG_PYTHON_$($(PKG)_SETUP_TYPE)_BUILD_CMD) instead of
$($(PKG)_BASE_BUILD_CMD) to dispatch to the right _BUILD_CMD variable.
Once we do the same for all other variables that are set in the
condition tree, we'll be able to remove the condition tree entirely.
setuptools-rust, flit and maturin didn't have their own definition of
_BUILD_CMD but were under the setuptools resp. pep517 condition. For
these, we have to define new variables that copy the value from
PKG_PYTHON_SETUPTOOLS_BUILD_CMD resp. PKG_PYTHON_PEP517_BUILD_CMD.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The _BASE_ENV variable is set based on the setup type, and only based on
the setup type. Because of this, we have a large conditional tree in
inner-python-package which makes things hard to read.
Rather than conditions, it's also possible to use indirect variables.
Concretely, we can use $(PKG_PYTHON_$($(PKG)_SETUP_TYPE)_ENV) instead
of $($(PKG)_BASE_ENV) to dispatch to the right ENV variable.
Once we do the same for all other variables that are set in the
condition tree, we'll be able to remove the condition tree entirely.
Because $($(PKG)_SETUP_TYPE) is lowercase (e.g. 'setuptools' or
'pep517'), while the existing _ENV variables have uppercase names (e.g.
PKG_PYTHON_SETUPTOOLS_ENV), we need to convert the setup type to
uppercase. Introduce the variable $(PKG)_SETUP_TYPE_UPPER for this.
flit was reusing the _BASE_ENV definition from pep517, and flit-bootstrap
also didn't have its own _ENV definition yet, so those have to be added.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Only define the _CMDS variables that are relevant for the target resp.
host variant. Duplicate the _BUILD_CMDS. This will allow us to
differentiate part of the _BUILD_CMDS definition in a follow-up patch.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This variable can just as well be merged into _BASE_BUILD_CMD. This is
how it's done for the install opts. And anyway it's only used by
distutils and nowhere else.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a leftover from python 2/3. Since the interpreter is now always
python3, we can simply call it like that - like is done in all the other
places where python is called.
While we're at it, call python3 explicitly rather than relying on the
symlink.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
These packages don't have a setup.py so we instead need to parse their
pyproject.toml file.
It is possible that such a package does not define a project_urls config
item, so ensure we do not choke on it (None.get() would raise).
Note that this currently doesn't handle flit package dependency
resolution.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
[yann.morin.1998@free.fr:
- add sentence about the project_urls rewrite
- fix flake8 errors
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NodeJS requires GCC 10.1. However, GCC 10.1 is the first release of the
GCC 10.x series. As such, we can safely downgrade the GCC version
requirements to 10.
Tested with: run-tests tests.package.test_nodejs using Debian 11 and
gcc 10.2.1.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- bumped package version to 6.20
- as 6.20 prebuilt version is not available on same download site but
source code is released at https://github.com/memtest86plus/memtest86plus/releases
so updated mk file to download source from git release
- prebuilt binary not found in 6.20 package and also README.md
does not mention any toolchain limitation for compilation
so added source build command depending on 32-bit or 64-bit x86 target.
- corrected License file name
- installed memtest binaries to image folder like other bootable
images(grub , kernel) are copied.
- updated config help as per package README.md
Signed-off-by: Kalpesh Panchal <kalpesh.panchal2@collins.com>
Signed-off-by: Abhishek Anand <abhishek.anand@collins.com>
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
[yann.morin.1998@free.fr:
- fix check-package errors
- fix hash file
- better install commands
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Without this patch, the devicetree used by linux at runtime is
the u_boot devicetree.
While using rusticl on the khadas vim3 board with the default
extlinux.conf, mesa's panfrost driver return "gpu shed timeout"
errors. Adding "devicetree /meson-g12b-khadas-vim3.dtb" to the
extlinux.conf file solve the problem. Linux successfully boot
with and without the change but without this patch the devicetree
used by linux at runtime is the u-boot devicetree.
The differences between the u-boot devicetree and the linux
devicetree are:
-The u-boot devicetree contains two more nodes than the linux devicetree. Those nodes are:
- smbios : compatible option is set to "u-boot,sysinfo-smbios".
- __symbols__ : present if -@ or --symbols is used during the devicetree compilation.
-Most of u-boot devicetree nodes have a "phandle" property.
-SoC and vpu have a "u-boot,dm-pre-reloc;" property.
-Some aliases are different.
-The u-boot operating points tables contains more nodes.
The size difference between the u-boot devicetree and the linux
devicetree is approximately 3.5kB.
During runtime, the linux devicetree have the "phandle" and
"u-boot,dm-pre-reloc;" properties and the smbios node. So,
The runtime devicetree is the one from u-boot.
Signed-off-by: Antoine Coutant <antoine.coutant@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
flutter-engine will forcibly create ~/.dart/ and ~/.flutter/ and store
stuff in there.
This is however quite dirty and pollutes the user's home, and will also
not work when the home is read-only (e.g. shared in a container).
Forcibly redirect flutter-engine to the same location where we
redirected host-flutter-sdk-bin, using the same trick of redefining
HOME as for host-flutter-sdk-bin.
Ideally, we'd like to have some way to share this with all flutter-based
packages, but we so far have only a few of them, so it is too early to
even think about some commonalities (even less so about a shared infra).
So we just duplicate the setting for now, this can be revisited later.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes CVE-2022-48303: GNU Tar through 1.34 has a one-byte out-of-bounds read
that results in use of uninitialized memory for a conditional jump.
Exploitation to change the flow of control has not been demonstrated. The
issue occurs in from_header in list.c via a V7 archive in which mtime has
approximately 11 whitespace characters.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: add _IGNORE_CVES entry]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit d4d483451f.
Tar 1.35 unfortunately changes the behaviour for the devmajor/devminor
fields, breaking the download hash validation. From the release notes:
* Leave the devmajor and devminor fields empty (rather than zero) for
non-special files, as this is more compatible with traditional tar.
https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html
So revert the bump for now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 7f1088f9ca.
We're going back to tar 1.34, so this needs to be reverted as well.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 083e65a67c introduced tests for the
various read-only root options under systemd, but while applying the
fs-overlay that is used in one of the tests wasn't included. Include it
now.
Fixes: 083e65a67c
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes:
http://autobuild.buildroot.net/results/98f/98fedf4969c260f73a01b937b9625e66dcd86b3c
When BR2_TOOLCHAIN_HAS_LIBATOMIC is "n", there is no gcc libatomic.so
library to install. For configurations with such settings, compilation
fails as gcc-final.mk unconditionally adds libatomic as an installation
target. This error, for instance, shows for all Canaan K210 riscv
configs, as they all use uclibc flat binary format which disabled
libatomic:
Fix this by modifying package/gcc/gcc-final/gcc-final.mk to add
libatomic to GCC_FINAL_LIBS only for configurations that have
BR2_TOOLCHAIN_HAS_LIBATOMIC set to "y".
Signed-off-by: Damien Le Moal <dlemoal@kernel.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Stripping when cross-compiling and libtool static behavior are fixed in
2.5.16, so drop 0001-fix_cross_strip.patch and rename the remaining patches.
Signed-off-by: Hmaied Ben Abdellatif <hmaied.benabdellatif@etictelecom.com>
[Peter: extend commit message, update .checkpackageignore]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a script to manage the .hash files in the BR2_GLOBAL_PATCH_DIR for
packages using custom versions.
To use it, run in a configured Buildroot directory, E.G.
make foo_defconfig; ./utils/add-custom-hashes
We support multiple patch directories in BR2_GLOBAL_PATCH_DIR. If multiple
directories are specified then use the last one as that is likely to be the
most specific one.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: silence command -v invocation]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump version of Linux to 6.1.61 and U-Boot to 2023.10.
U-Boot requires enabling pylibfdt and pyelftools
We need to increase the size of the rootfs, and we get rid of a
64bit warning on `mke2fs` by passing `-O 64bit` as an argument.
Signed-off-by: Roberto Medina <robertoxmed@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with gcc 5 raised since bump to version
0.17 in commit 725580a26e:
/home/thomas/autobuild/instance-2/output-1/build/json-c-0.17/json_pointer.c: In function 'json_pointer_result_get_recursive':
/home/thomas/autobuild/instance-2/output-1/build/json-c-0.17/json_pointer.c:193:25: error: 'idx' may be used uninitialized in this function [-Werror=maybe-uninitialized]
res->index_in_parent = idx;
^
Fixes:
- http://autobuild.buildroot.org/results/523b35a979d59121fe4e18c38171792b06233940
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default dhcpcd installed with 555 permissions as it is
configured in its Makefile.inc. Since 'w' bit is missing,
strip fails and dhcpcd binary installed non-stripped.
On ARM GCC 12 glibc configuration strip saves over 1MB of disk space.
Signed-off-by: Oleg Lyovin <ovlevin@salutedevices.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Switch to setuptools
- Update License hash due to a year change: 2019 -> 2021
- Install the packages to the site-packages directory, or else packages using
scons fail to build with import errors.
Tested with benejson, gpsd, and mongodb.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Used with the latest version of python-constantly. It is only needed as a
host package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Remove the "# Should be kept in sync with $(SYSTEMD_VERSION)" line from
python-systemd.mk, as this package is not updated on a regular basis and does
not keep up to date with systemd.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop no longer required python-pyrsistent runtime dependency.
Add new python-jsonschema-specifications runtime dependency.
Add new python-referencing runtime dependency.
Add new python-rpds-py runtime dependency.
Propagate python-rpds-py target rust support requirement to
python-jsonschema reverse dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The last time python-pyxb was updated according to pypi.org is in 2017.
As there are no maintainers listed for the package, and the package uses
distutils which has been removed in Python 3.12.0, remove the package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2add559e50 (package/python-kmod: new package) listed LGPL-2.1+
(aka -or-later) as the licensed applicable. However, thode contains the
following blurbs:
# python-kmod is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License version 2.1 as published
# by the Free Software Foundation.
There is no mention of the usual "or, at your option, any later
version".
As such, the license is reall LGPL-2.1-only.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This package is currently used in Fedora39 to provide python bindings
for kmod, and it is Python 3.12.0 compatible.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: LGPL in in COPYING.LESSER]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The python bindings provided by kmod were last updated 9 years ago.
- They are not compatible with Python 3.12.
- No major distribution uses this option.
Remove the option.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patch and associated CVE ignore which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also, bump package/opencv4-contrib to in lock-step.
This addresses both CVE-2023-2617 and CVE-2023-2618, that have been
fixed in OpenCV 4.8.0.
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with musl raised since bump to version
2.9.0 in commit 8c70374c4f:
atop.h:157:1: error: unknown type name 'time_t'
157 | time_t normalize_epoch(time_t, long);
| ^~~~~~
atop.h:157:1: note: 'time_t' is defined in header '<time.h>'; did you forget to '#include <time.h>'?
atop.h:157:40: error: expected ')' before 'long'
157 | time_t normalize_epoch(time_t, long);
| ^~~~~
| )
Fixes:
- http://autobuild.buildroot.org/results/e7ec8d16f2299320f374a0198c8e9b18a102b037
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Instead of only checking .mk and Config.in{,.host}, check
all files in a package directory.
.checkpackageignore isn't considered here, therefore the shown number
includes ignored warnings as well.
Add another css class to signal some warning, compared to a lot (>5),
similar to patches.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some packages are grouped and have a general makefile that defines
reusable variables. These makefiles have no relevant information for
pkg-stats and should be excluded.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Go version 1.21.4 includes the following security fixes:
CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device path prefix.
CVE-2023-45284: path/filepath: recognize device names with trailing spaces and superscripts
https://go.dev/doc/devel/release#go1.21.4
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When installing node modules with native code, said code needs to be
built for the target; npm will delegate that to an internal copy of gyp,
node_gyp, which uses a python script to generate the build configuration
matching the target.
That script is generated by the nodejs build system (at configure time),
and eventually installed to staging alongside the headers.
Currently, we tell node_gyp to use the script in the nodejs build
directory, with the npm_config_nodedir environment variable:
npm_config_nodedir=$(BUILD_DIR)/nodejs-$(NODEJS_VERSION)
However, that is no longer working since commit 4cbc2af604
(package/nodejs: rename to nodejs-src and convert to virtual package),
for two reasons:
- the version variable NODEJS_VERSION was renamed to
NODEJS_COMMON_VERSION;
- the actual build directory is that of nodejs-src, not nodejs.
When installing node modules with NODEJS_SRC_MODULES_LIST, we happen to
still be running in the nodejs-src package, so it kinda makes sense that
we use the file in nodejs-src build directory. But the NPM macro can
also be called from other packages, in which case it looks uglier to
have to look into nosejs-src build dir from another package context.
Looking at the documentation for node-gyp [0], we can see that nodedir
is meant to point to the path of the node source code;
| `--nodedir=$path` | Set the path to the node source code
However, that is only valid when building natively; here we are more
similar to the "Third Party Node.js Runtimes", where the runtime nodejs
is not the one doing the build; in that case, the following looks more
appropriate:
[...] you
should use `--dist-url` or `--nodedir` flags to specify the headers of the
runtime to build for.
Also when `--dist-url` or `--nodedir` flags are passed, node-gyp will use the
`config.gypi` shipped in the headers distribution to generate build
configurations [...]
So, we are going that route, and point npm_config_nodedir to the staging
dir, where the headers are to be found. This is valid when installing
modules with NODEJS_SRC_MODULES_LIST, as nodejs is already installed in
staging at that time, as the package infra guarantees that staging is
installed before target; it alsop works for modules installed in later
packages (as long as they have nodejs in their dependencies, of course).
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15826
[0] https://github.com/nodejs/node/blob/main/deps/npm/node_modules/node-gyp/README.md
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- use STAGING_DIR/usr, not TARGET_DIR/usr
- extend commit log to explain what and why
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Node modules available on the npm registry, may contain prebuild
binaries for various targets and/or ABIs; for example., there might be
ARM. AArch64, x86_64 binaries for glibc or musl, for Linux or Darwin.
Needless to say, those binaries will most often not match the current
target architecture; as such, check-bin-arch will whine loudly as
reported in #15823:
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv6.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/android-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.glibc.node" is "Advanced Micro Devices X86-64", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.musl.node" is "Advanced Micro Devices X86-64", should be "AArch64"
The proper solution would be to remove all those prebuilt binaries, and
request npm to forcefully rebuild the proper binary for the current
architecture; alas, there is no option to tell npm to do so.
Doing it manually would not be easy either, as such modules might be
retrieved as part of the "vendoring" for another module that the user
has requested, and be pretty deep in the dependency chain; trying to fix
this properly would be a nightmare: it would require that we manually
inspect the depednency chain, and install dependent modules one by one,
recursively, re-implementing the same logic npm has when multiple
verions of the same module are installed as part of different branches
of the depenency tree, all while detecting prebuilds and removing them
before installing the mpdule (hence decorrelating download and install,
which is not trivial to do with npm alone).
We also can't simply remove all the prebuilds, because it is not known
whether the location ("<module>/prebuilds/") is standardised, or a
convention with the path noted somewhere in the package metadata, and
how deep they would be in the tree, and whether that could conflict with
arbitrary files...
Instead, we will consider that npm has a sane heuristic to detect
whether it should indeed rebuilt the modules, and that node has a sane
heuristic to know which binary to load at runtime, and we will leave the
prebuilt binaries in place and just exclude them from being checked.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15823
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate from generic pep517 infrastructure to maturin infrastructure.
Verified license is still MIT after hash changed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, when a package is downloaded from a custom location or
version, Buildroot excludes such a package from the mandatory integrity
check with hashes, because it was until now not possible to have such
hashes.
We now have a mechanism which users can leverage to provide additional
hashes, and so custom versions or locations can now be checked too.
Buildroot has no way to know that hashes have indeed been provided for
a custom location/version, and so will still happily ignore an
unchecked package.
However, users who do provide extra hashes most probably do expect that
no download is done without an integrity check, and thus expect that a
missing hash not be ignored.
Add an option that users can select to make Buildroot forcibly require
at least one valid hash, and no invalid hash, for all downloads.
Reported-by: "Martin Zeiser (mzeiser)" <mzeiser@cisco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we expect and only use hash files that lie within the package
directory, alongside the .mk file. Those hash files are thus bundled
with Buildroot.
This implies that only what's known to Buildroot can ever get into those
hash files. For packages where the version is fixed (or a static
choice), then we can carry hashes for those known versions.
However, we do have a few packages for which the version is a free-form
entry, where the user can provide a custom location and/or version. like
a custom VCS tree and revision, or a custom tarball URL. This means that
Buildroot has no way to be able to cary hashes for such custom versions.
This means that there is no integrity check that what was downloaded is
what was expected. For a sha1 in a git tree, this is a minor issue,
because the sha1 by itself is already a hash of the expected content.
But for custom tarballs URLs, or for a tag in a VCS, there is indeed no
integrity check.
Buildroot can't provide such hashes, but interested users may want to
provide those, and currently there is no (easy) way to do so.
We leverage the existing global-patch-dir mechanism to look for extra
hash files. We use the same heuristic that is used for bundled hash
files, and for each global patch directory <dir>, we use the first file
to exist among:
1. look into <dir>/<package>/<version>/<package>.hash
2. look into <dir>/<package>/<package>.hash
Reported-by: "Martin Zeiser (mzeiser)" <mzeiser@cisco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we expect and only use hash files that lie within the package
directory, alongside the .mk file. Those hash files are thus bundled
with Buildroot.
This implies that only what's known to Buildroot can ever get into those
hash files. For packages where the version is fixed (or a static
choice), then we can carry hashes for those known versions.
However, we do have a few packages for which the version is a free-form
entry, where the user can provide a custom location and/or version. like
a custom VCS tree and revision, or a custom tarball URL. This means that
Buildroot has no way to be able to cary hashes for such custom versions.
This means that there is no integrity check that what was downloaded is
what was expected. For a sha1 in a git tree, this is a minor issue,
because the sha1 by itself is already a hash of the expected content.
But for custom tarballs URLs, or for a tag in a VCS, there is indeed no
integrity check.
Buildroot can't provide such hashes, but interested users may want to
provide those, and currently there is no (easy) way to do so.
So, we need our download helpers to be able to accept more than one hash
file to lookup for hashes.
Extend the dl-wrapper and the check-hash helpers thusly, and update the
legal-info accordingly.
Note that, to be able to pass more than one hash file, we also need to
re-order the arguments passed to support/download/check-hash, which also
impies some shuffling in the three places it is called:
- 2 in dl-wrapper
- 1 in the legal-info infra
That in turn also requires that the legal-license-file macro args get
re-ordered to have the hash file last; we take the opportunity to also
move the HOST/TARGET arg to be first, like in the other legal-info
macros.
Reported-by: "Martin Zeiser (mzeiser)" <mzeiser@cisco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop no longer required python-six runtime dependency.
Add new python-more-itertools runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Migrate from setuptools to flit build backend.
Remove python-setuptools runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 27bf08e4ad (configs/avenger96_defconfig: bump ATF version to 2.9
for binutils 2.39+ support) bumped TF-A, but it unfortunately does not boot
and instead dies with a panic:
NOTICE: CPU: STM32MP157AAC Rev.B
NOTICE: Model: Arrow Electronics STM32MP157A Avenger96 board
ERROR: nvmem node board_id not found
INFO: PMIC version = 0x10
ERROR: Product_below_2v5=1:
ERROR: HSLVEN update is destructive,
ERROR: no update as VDD > 2.7V
PANIC at PC : 0x2fff086f
Exception mode=0x00000016 at: 0x2fff086f
Instead use v2.5 to match the other stm32mp1 boards and use the same E=0
-Werror workaround. The avenger95 support is unfortunately broken since
v2.3 with the introduction of authentication support, so add a patch to the
DTS to fix that.
Notice that the authentication support was reworked in v2.7 so it is skipped
for the mp157a variant used on the avenger96, so the patch is not upstreamable.
While we're at it, also drop the debug option for consistency with the other
boards.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit f20589cbc7 (configs/stm32mp157c_odyssey: new defconfig) forgot to
specify a fixed TF-A version, so do that now.
When the defconfig was added, the default version was v2.5 - So use that.
Similarly to the other stm32mp1 defconfigs, this needs disabling -Werror
with E=0 to fix a build issue with GCC >= 12.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the move to default to GCC 12 in commit e0091e42ee (package/gcc:
switch to gcc 12.x as the default), TF-A now fails to build as a warning is
generated and it builds with -Werror:
CC plat/st/stm32mp1/bl2_plat_setup.c
drivers/st/io/io_stm32image.c: In function ‘stm32image_partition_read’:
drivers/st/io/io_stm32image.c:249:13: error: ‘result’ may be used uninitialized [-Werror=maybe-uninitialized]
249 | int result;
| ^~~~~~
cc1: all warnings being treated as errors
This is fixed in TF-A v2.6 with commit c1d732d0db24 (fix(io_stm32image):
uninitialized variable warning), but I do not have the board to verify if
v2.6 works, so instead disable -Werror by passsing E=0.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the move to default to GCC 12 in commit e0091e42ee (package/gcc:
switch to gcc 12.x as the default), TF-A now fails to build as a warning is
generated and it builds with -Werror:
CC plat/st/stm32mp1/bl2_plat_setup.c
drivers/st/io/io_stm32image.c: In function ‘stm32image_partition_read’:
drivers/st/io/io_stm32image.c:249:13: error: ‘result’ may be used uninitialized [-Werror=maybe-uninitialized]
249 | int result;
| ^~~~~~
cc1: all warnings being treated as errors
This is fixed in TF-A v2.6 with commit c1d732d0db24 (fix(io_stm32image):
uninitialized variable warning), but I do not have the board to verify if
v2.6 works, so instead disable -Werror by passsing E=0.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump to version 3.2.3 in
commit 4155139365:
In file included from /home/thomas/autobuild/instance-1/output-1/host/include/python3.11/Python.h:38,
from src/modules/rlm_python3/rlm_python3.c:37:
/home/thomas/autobuild/instance-1/output-1/host/include/python3.11/pyport.h:596:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
596 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/36143ab06b66a047aa2247ea66b1df0d6c1cbd66
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update hash of license file:
Updated the Nmap Public Source License (NPSL) to Version 0.95. This just
clarifies that the derivative works definition and all other license
clauses only apply to parties who choose to accept the license in return
for the special rights granted (such as Nmap redistribution rights). If
a party can do everything they need to using copyright provisions
outside of this license such as fair use, we support that and aren't
trying to claim any control over their work. Versions of Nmap released
under previous versions of the NPSL may also be used under the NPSL 0.95
terms.
https://nmap.org/changelog#7.94
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
flashrom depends on libftdi1 since bump to version 1.3.0 in commit
073b0fc9c1:
Dependency libftdi1 found: no
[...]
/home/autobuild/autobuild/instance-7/output-1/host/lib/gcc/mips64el-buildroot-linux-gnu/12.3.0/../../../../mips64el-buildroot-linux-gnu/bin/ld: libflashrom.a(ft2232_spi.o): in function `send_buf':
ft2232_spi.c:(.text+0x20): undefined reference to `ftdi_write_data'
Fixes:
- http://autobuild.buildroot.org/results/11fae0933b38d82f15fec37e78298df232321bcd
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure on sh4 raised since bump to version
1.3.0 in commit
/home/thomas/autobuild/instance-3/output-1/per-package/flashrom/host/bin/../lib/gcc/sh4a-buildroot-linux-gnu/12.3.0/../../../../sh4a-buildroot-linux-gnu/bin/ld: libflashrom.a(internal.o): in function `internal_chip_readn':
internal.c:(.text+0x8): undefined reference to `mmio_readn'
Fixes:
- http://autobuild.buildroot.org/results/f74a9d315fb519f284428234713f43fcf4e35fd0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Badly introduced in
727c041a25 ("package/openjdk{-bin}: bump
versions to 17.0.9+9 and 21.0.1+12")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
License file hash changed because CRLF line endings were removed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
- Move openjdk-bin.hash into separate directories, as the
legal/java.prefs/ASSEMBLY_EXCEPTION file has an upated URL for OpenJDK 21.
openjdk.java.net -> https://openjdk.org. The license type remains the same.
- Move 0001-Add-ARCv2-ISA-processors-support-to-Zero.patch into separate
directories as the list of architectures in src/hotspot/os/linux/os_linux.cpp
is no longer the same. 17 has LOONGARCH and 21 has LOONGARCH64.
Tested on Fedora39 and Debian 11 with:
./support/testing/run-tests tests.package.test_openjdk.TestOpenJdk.test_run
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following refpolicy build failure raised since commit
64ce823223:
policy/modules/system/xen.te:559:ERROR 'type udev_runtime_t is not within scope' at token ';' on line 628879:
allow xm_t udev_runtime_t:dir { open read getattr lock search ioctl add_name remove_name write };
[...]
policy/modules/system/udev.te:205:ERROR 'unknown type systemd_hwdb_t' at token ';' on line 582304:
allow udev_t systemd_hwdb_t:file map;
Fixes:
- http://autobuild.buildroot.org/results/849050b00a2ee5983c2324cb955cd533189a0460
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This test case runs firewalld using both system and sysvinit.
run `firewalld-cmd --state` and ensure the output is "running" with a return
code of 0.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
timeout = 35 * self.emulator.timeout_multiplier
[...]
self.assertRunOk(cmd, timeout=timeout)
Gets re-multiplied by self.emulator.timeout_multiplier in self.emulator.run().
Drop multiplying the timeout by self.emulator.timeout_multiplier to fix this
issue.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
to override the current value of 60 seconds
As per a suggestion by Thomas, add a timeout argument to override the current
value of 60 seconds for the emulator.login method.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Werror is unconditionally set since version 1.6.2 and
https://github.com/kravietz/pam_tacplus/commit/649e6f2efb2f3278c55d4c9704bb48cb9f74cb73
resulting in the following build failure since bump to version 1.7.0 in
commit 160f0e4b5f:
In file included from /home/thomas/autobuild/instance-0/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/bits/libc-header-start.h:33,
from /home/thomas/autobuild/instance-0/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/stdlib.h:26,
from ./lib/stdlib.h:36,
from ./libtac/include/libtac.h:35,
from support.h:25,
from support.c:28:
/home/thomas/autobuild/instance-0/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/features.h:413:4: error: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Werror=cpp]
413 | # warning _FORTIFY_SOURCE requires compiling with optimization (-O)
| ^~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9b5ece5d01eac8a760ed9ca331a902d1c47387a7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump U-Boot to 2023.10 and kernel to version 6.6.
There was a change in the location of the devicetrees for arm32
platforms, so adjust it accordingly.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 89f5e98932 (support/download/svn: generate reproducible
svn archives), we've been able to generate reproducible archives, and
thus we have been able to verify the hashes for those archives.
However, the manual was not changed, and still falsely hinted that this
was not the cae.
Fix that.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream suggests to use it as a static library only, so follow that
principle.
Signed-off-by: Alessandro Partesotti <a.partesotti@gmail.com>
[Arnout:
- keep DEVELOPERS alphabetical;
- use oatpp for the prompt;
- add threads to the toolchain dependencies comment;
- move comment after the main prompt;
- rewrap the help text;
- empty line before upstream URL;
- hash comment Locally calulated instead of pointing to upstream
tarball URL;
- change hash to sha256;
- add hash for license file;
- reorder variables in .mk file;
- use _CONF_OPTS instead of invalid _CMAKE_OPTS.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Display the petitboot UI instead of a login prompt, allowing the
configuration of custom tty(s) as we do for the login prompt.
petitboot already depends on udev, so let's use it instead of rcS to
launch pb-console. This has the advantage of easily wildcarding the list
of ttys ("hvc*") and enables hotplug devices ("ttyUSB0").
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is a better choice on platforms where it is available, so default
to it. Still select kexec for platforms where kexec-lite is not
available.
While we're at it, make use of the new
BR2_PACKAGE_KEXEC_LITE_ARCH_SUPPORTS symbol instead of relying of the
kexec-lite arch depends being a subject of kexec.
While we're at it, sort all run-time dependencies alphabetically and
don't repeat the comment.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
[Arnout:
- use BR2_PACKAGE_KEXEC_LITE_ARCH_SUPPORTS;
- still allow full kexec by turning around the dependency;
- extend commit message.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This will make it easier to handle packages that want to select
kexec-lite.
It also fixes the current inconsistency in the comment: it was not
displayed for powerpc64le.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
All the petitboot components assume /var/log/petitboot by default;
pb-console can also put multiple logs there and pb-sos collects that
directory when creating a diagnostic tarball.
Defer to this default when launching pb-discover. If someone wants to
override, let's call the file /etc/default/petitboot which makes more
sense to be shared by all the components.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
pb-discover does not create its own pid file. Handle the creation and
removal of the pid file in the init script.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The comment should appear if threads aren't enabled, not when they are.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The license file listed in the original commit adding the package in
a9ceaba794 did not exist.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
distutils is removed in Python 3.12.0. Switch to using sysconfig.get_path to
facilitate the migration.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Versioneer < 0.21 is incompatible with Python 3.12.0. Use the latest version
which is 0.29 as of this commit.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Versioneer < 0.21 is incompatible with Python 3.12.0. Use the latest version
which is 0.29 as of this commit.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Versioneer < 0.21 is incompatible with Python 3.12.0. Use the latest version
which is 0.29 as of this commit.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Versioneer < 0.21 is incompatible with Python 3.12.0. Use the latest version
which is 0.29 as of this commit.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This update is required to install the latest version of the GNOME desktop.
Currently, only gvfs depends on this package, and we have confirmed that
gvfs can be built.
Signed-off-by: Takumi Takahashi <takumiiinn@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In preperation of python 3.12.0, distutils has been removed completely.
Take an upstream commit that switches to sysconfig instead of distutils
to find the python module path.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[Arnout:
- apply to libftdi1, not libftdi;
- use the actual upstream commit instead of something homegrown;
- use a URL to the upstream commit instead of just the hash.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes build error
Building dns library in /home/bernd/buildroot/br4/output/build/dhcp-4.4.3-
P1/bind/bind-9.11.36/lib/dns
./gen: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found
(required by ./gen)
make[4]: *** [Makefile:601: include/dns/enumtype.h] Error 1
make[3]: *** [Makefile:595: include] Error 2
with this defconfig
BR2_x86_64=y
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_DHCP=y
Please note that this build error only occurs when the target and the
host system have the same arch. For example this defconfig builds fine:
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_DHCP=y
on a Debian 12 x86_64 host using glibc-2.36:
$ /lib/ld-linux.so.2 --version
ld.so (Debian GLIBC 2.36-9+deb12u1) stable release version 2.36.
The error occurs since buildroot commit 34f8d874ee which bumped glibc
from 2.37 to 2.38.
This patch is inspired by the Yocto Project:
https://patchwork.yoctoproject.org/project/oe/patch/20230715212159.3265080-1-raj.khem@gmail.com/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since Docker v1.13.0 experimental only exists as a runtime flag. Drop
the config from buildroot as well.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switch to using HTTPS for downloading libzlib from zlib.net.
(zlib.net doesn't default to HTTPS but does suggest HTTPS in the permalink
for the latest zlib release. Also works better with some corporate firewalls
that get suspicious about zlib for some reason.)
Signed-off-by: Andrew Donnellan <ajd@linux.ibm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable the AUFS snapshotter by default. AUFS support has been deprecated
since v1.5 and won't be available with containerd v2.0.
Add configuration option for the ZFS snapshotter and add the proper
runtime dependencies.
Add configuration option for Kubernetes CRI support. Note that CRI
support requires a writeable /etc or an appropriate containerd
configuration.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2023-24805: cups-filters contains backends, filters, and other
software required to get the cups printing service working on operating
systems other than macos. If you use the Backend Error Handler (beh) to
create an accessible network printer, this security vulnerability can
cause remote code execution. `beh.c` contains the line `retval =
system(cmdline) >> 8;` which calls the `system` command with the operand
`cmdline`. `cmdline` contains multiple user controlled, unsanitized
values. As a result an attacker with network access to the hosted print
server can exploit this vulnerability to inject system commands which
are executed in the context of the running server. This issue has been
addressed in commit `8f2740357` and is expected to be bundled in the
next release. Users are advised to upgrade when possible and to restrict
access to network printers in the meantime.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In 6fa3a239 the gen-missing-cpe support script was removed together with
"make missing-cpe".
Remove the leftover path variable and drop it from "make clean".
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This should have been part of commit
9a51a07a91 ("configs/sipeed_licheepi_nano:
new board")
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
"mschap" and "realm" are already part of default required
raddb modules(DEFAULT_MODULES in raddb/all.mk).
so removed them from disabled module list so that
radiusd.service can start without following errors:
- /etc/raddb/mods-enabled/mschap[11]: Failed to link to module 'rlm_mschap': /usr/lib/rlm_mschap.so
- /etc/raddb/mods-enabled/realm[21]: Failed to link to module 'rlm_realm': /usr/lib/rlm_realm.so
Signed-off-by: Kalpesh Panchal <kalpesh.panchal2@collins.com>
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
linux-pam is required to login via OpenSSH if the upstream refpolicy for
SELinux is enaabled, as linux-pam handles changing user contexts. If a
user wants to make their own policy and use a refpolicy via git, we of course
should let them do so. As such, only select linux-pam if the upstream version
of refpolicy is selected.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The ifrename tool is separate from iwconfig and is not being built. The
upstream does not have an install target for ifrename either, so we must
manually install it.
Signed-off-by: Neal J. Buchmeyer <neal.buchmeyer@collins.com>
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When dealing with enterprise-grade networks, it is more often than not
the case that the wider internet is unreachable but through proxies.
There is a usual set of variables that users can set in the
environment to point various tools (curl, git...) to use those
proxies.
Propagate those variables inside the container.
Note that there are a few tools (e.g. cvs, svn) that may not recognise
those variables; instead, they require custom setup that is too
complex to handle, so is left as an exercise to interested parties.
Similarly, there are other types of proxy, socks4 or socks5, that also
require custom setup that is not trivial to replicate in a container,
so is also left out as an exercise for interested parties.
In the large majority of cases, those few variables are enough to Make
Things Work™.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Our utils/docker-run wrapper is needed to provide a reproducible build
environment: tools, variables, etc... but is not meant for
isolation. As such, we do not care which network configuration is
used.
In some settings (e.g. enterprise networks), it is often the case that
a VPN is in use, especially in those wonderful times of widespread
remote work.
Letting Docker decide on the network setup will most usually lead to
it creating a private network that is NATed onto the principal network
interface, leading to non-functional network in the container when a
VPN is in use.
As such, always use the host network configuration, and do not let
Docker create a private network for the container.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The description of REFPOLICY_CUSTOM_GIT states:
The custom refpolicy must define the full policy explicitly,
and must be a fork of the original refpolicy, to have the
same build system. When this is selected, only the custom
policy definition are taken into account and all the modules
of the policy are built into the binary policy.
Currently, if a user definess their own policy, a package containing a selinux
directory would add to their custom policy, which is not what they would want.
Disable applying selinux policies in selinux/ directories for custom git
refpolicies.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The licensing terms are inherited from the target variant to the host
variant: when the host _LICENSE is empty, then the value of the target
_LICENSE is used.
However, for the golang infra, we want to append a little blurb about
vendored depndencies. If the package is a host-only, then it would
inherit the target _LICENSE, i.e. the variable without the leading
HOST_. If that is defined, this is inherited in the generic-package part
of the infra, but in the golang infra, we saw an empty variable, and so
we would not add the vendoring blurb.
We can't move the condition appending that blurb, after we called into
the generic-package infra, otherwise in that case, we'd have the
opposite issue for packages that are both target and host packages,
where the blurb would be duplicated for host packages...
Instead, we workaround the issue by duplicating the heuristic to inherit
the target value, from the generic- into the golang-package infra.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The golang infrastructure automatically expands the list of licenses
with a little blurb that the licenses for vendored dependencies might be
missing in the list.
However, when a package does not define a license, the resulting text is
sub-optimal, resulting in a manifest that contains (with a leading
comma, yes):
, vendored dependencies licenses probably not listed
In that case, pointing out some unkown licensing terms may be part of
unkonwn licensing terms is superfluous.
Instead, just let the legal infra do its job, and report an "unkown"
license altogether.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The licensing terms are inherited from the target variant to the host
variant: when the host _LICENSE is empty, then the value of the target
_LICENSE is used.
However, for the cargo infra, we want to append a little blurb about
vendored depndencies. If the package is a host-only, then it would
inherit the target _LICENSE, i.e. the variable without the leading
HOST_. If that is defined, this is inherited in the generic-package part
of the infra, but in the cargo infra, we saw an empty variable, and so
we would not add the vendoring blurb.
We can't move the condition appending that blurb, after we called into
the generic-package infra, otherwise in that case, we'd have the
opposite issue for packages that are both target and host packages,
where the blurb would be duplicated for host packages...
Instead, we workaround the issue by duplicating the heuristic to inherit
the target value, from the generic- into the cargo-package infra.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The cargo infrastructure automatically expands the list of licenses with
a little blurb that the licenses for vendored dependencies might be
missing in the list.
However, when a package does not define a license, the resulting text is
sub-optimal, resulting in a manifest that contains (with a leading
comma, yes):
, vendored dependencies licenses probably not listed
In that case, pointing out some unkown licensing terms may be part of
unkonwn licensing terms is superfluous.
Instead, just let the legal infra do its job, and report an "unkown"
license altogether.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Firewalld requires IPV6 to function. We also should enable the
other dependencies such as networking support to ensure all other
options in the giant list of kernel config options are selected
properly.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Refresh patch
Thu Aug 4 18:47:10 2022 Jutta Degener (jutta@pobox.com)
* Release 1.0 Patchlevel 22
Remove unused, and occasionally out of date, VERSION variable
from Makefile.
Sun Jul 31 16:17:59 2022 Jutta Degener (jutta@pobox.com)
* Release 1.0 Patchlevel 21
Use $(LN), not ln, in the Makefile rules for the installed binary
of untoast and tcat.
(Thanks to Carlo Cabrera for pointing that out!)
Mon Jul 4 10:34:18 2022
* Release 1.0 Patchlevel 20
Use $(RMFLAGS) with the rms in the Makefile; add -f to $(RMFLAGS) to
avoid spurious error messages during build.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
websocketpp had some ill-formed usage of template parameters which was
finally removed in C++20. Hence build fails when building with C++20
support enabled.
The patch is already in the develop branch but no new release was
done.
There are no autobuilder failures because websocketpp is a header-only
library, and there are no packages in Buildroot that depned on
websocketpp.
A build issue was encountered when bumping an internal project to
C++20. This issue triggered quite some bug reports in the project [0]
and there are backports to other package managers like vcpkg [1] and
conan [2].
[0] https://github.com/zaphoyd/websocketpp/pull/1060
[1] https://github.com/microsoft/vcpkg/pull/23669
[2] https://github.com/conan-io/conan-center-index/pull/15295
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[Thomas: extend commit log with details provided by Michael.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Refactor 0001-add-qemu-wrapper-support.patch for 20.9.0
- NodeJS now requires GCC 10.1 header. However, as there is no
BR2_TOOLCHAIN_GCC_AT_LEAST_10_1, we round up to BR2_TOOLCHAIN_GCC_AT_LEAST_11.
- Drop the --without-dtrace and --without-etw config options as they no longer
exist.
- Update support/testing/tests/package/test_nodejs.py to use
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN, otherwise the test fails as the
gcc version selected will be 7.
- Update the hash file for LICENSE.txt due to numerous changes, such
as the addition of new libraries and updated dates. No new license
types are added.
Tested with: ./support/testing/run-tests tests.package.test_nodejs
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
NodeJS 20 requires gcc >= 10.1. Unfortunately, except for
BR2_HOST_GCC_AT_LEAST_4_9, Buildroot only handles host gcc version
with the granularity of the major release, so we will have to round up
to GCC >= 11 for NodeJS 20.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fixed a regression in Django 4.2 that caused a crash of QuerySet.aggregate()
with aggregates referencing expressions containing subqueries (#34798).
- Restored, following a regression in Django 4.2, creating
varchar/text_pattern_ops indexes on CharField and TextField with
deterministic collations on PostgreSQL (#34932).
Tested on Fedora 39 with:
./support/testing/run-tests tests.package.test_python_django
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
apache uses pkgconfig to find dependencies such as lua, nhgttp2, openssl
and systemd.
For openssl, pkgconfig is used since version 2.1.1 and
https://github.com/apache/httpd/commit/0d4387dedc4ad83460bf52fc326c475c64133634
resulting in the following build failure since at least bump to version
2.4.54 in commit 78e5a9c40e:
ac_cv_path_PKGCONFIG=/usr/bin/pkg-config
[...]
configure:28669: checking for SSL_CTX_new
configure:28669: /home/buildroot/autobuild/instance-1/output-1/host/bin/armeb-buildroot-linux-uclibcgnueabi-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O3 -g0 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -L/home/buildroot/autobuild/instance-1/output-1/host/armeb-buildroot-linux-uclibcgnueabi/sysroot/usr/bin/../../../../armeb-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/usr/lib conftest.c -lssl -lcrypto -lpthread >&5
armeb-buildroot-linux-uclibcgnueabi-gcc: ERROR: unsafe header/library path used in cross-compilation: '-L/usr/lib'
Fixes:
- http://autobuild.buildroot.org/results/d85c86ee1070582014c7b29b39f9a9f356988220
- http://autobuild.buildroot.org/results/55d6bad8572138e200730d3a9f2dd1b9048fd95d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From https://docs.flutter.dev/perf/impeller:
Impeller provides a new rendering runtime for Flutter. The Flutter
team’s believes this solves Flutter’s early-onset jank issue. Impeller
precompiles a smaller, simpler set of shaders at Engine build time so
they don’t compile at runtime.
Impeller has the following objectives:
- Predictable performance: Impeller compiles all shaders reflection
and offline at build time. It builds all pipeline state objects
upfront. The engine controls caching and caches explicitly.
- Instrumentable: Impeller tags and labels all graphics resources
like textures, and buffers. It can capture and persist animations
to disk without affecting per-frame rendering performance.
- Portable: Flutter doesn’t tie Impeller to a specific client
rendering API. You can author shaders once and convert them to
backend-specific formats as necessary.
- Leverages modern graphics APIs: Impeller uses, but doesn’t depend
on, features available in modern APIs like Metal and Vulkan.
- Leverages concurrency: Impeller can distribute single-frame
workloads across multiple threads if necessary.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc >= 13:
In file included from ../include/pistache/reactor.h:19,
from ../src/common/reactor.cc:13:
../include/pistache/flags.h:29:35: error: 'uint8_t' was not declared in this scope
29 | struct TypeStorage<sizeof(uint8_t)>
| ^~~~~~~
../include/pistache/flags.h:17:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
16 | #include <iostream>
+++ |+#include <cstdint>
17 | #include <type_traits>
Fixes:
- http://autobuild.buildroot.org/results/d3b6eb6fb943d69571a311235944df879fccc831
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
TF-A prints a version string at boot which includes the version number as
specified in the Makefile and additional "build" information, specified by
the BUILD_STRING parameter:
https://trustedfirmware-a.readthedocs.io/en/v2.9/getting_started/build-options.html
BUILD_STRING: Input string for VERSION_STRING, which allows the TF-A build
to be uniquely identified. Defaults to the current git commit id.
This is implemented as:
# Default build string (git branch and commit)
ifeq (${BUILD_STRING},)
BUILD_STRING := $(shell git describe --always --dirty --tags 2> /dev/null)
endif
https://github.com/ARM-software/arm-trusted-firmware/blob/master/Makefile#L225-L228
Which is never correct in the context of Buildroot, as the TF-A build
directory is never a git repo, and git will move up the directory tree and
possibly and (possibly) pick up the git version of Buildroot instead.
To fix that, explicitly set BUILD_STRING to the version of the package.
Pass it before BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES so it
can still be overridden by the user if needed.
strings images/tf-a-* | egrep '^v2\.'
v2.9(debug):2023.08-859-g99d78b52a0
v2.9(debug):v2.9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
tftpy is described as a pure Python implementation of the Trivial FTP
protocol. Add support for this package.
Signed-off-by: Colin Foster <colin.foster@in-advantage.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
After talking with Thomas Petazzoni, it is agreed that Amarulasolutions should
be added to the list of companies that can provide commercial support for
Buildroot.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
EditorConfig [0] is an editor-agnostic configuration file, to set
preferences on how to edit text: tabs vs. spaces, tab width, indentation
size, line endings...
A large number of editors support EditorConfig, either natively [1] or
with the help of plugins [2].
Add a basic .editorconfig that provides defaults for most of the files
used by Buildroot. More can be added in the future if we can find more
matching patterns.
The values are chosen a bit arbitrarily, unless we already have a
(un)written rule about it. Notably, indentation defaults to using 4
spaces, and only a set of files for which we require TABs (Makefile,
essentially) or have already settled for TABs (Kconfig files, init
scripts...) are configured so. The traditional width of TABs is 8 char,
and we pair TAB indentation with TAB size.
Trailing spaces are usually useless, except in asciidoc source where
they can be used to force a new line without a new paragraph.
One of the limitations of .editorconfig, though, is that it matches on
filenames (e.g. *.py), not on the content (e.g. no use of mimetype, or
libmagic, or such). Still, this is enough to cover a lot of files in
Buildroot.
[0] https://editorconfig.org/
[1] https://editorconfig.org/#pre-installed
[2] https://editorconfig.org/#download
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes:
- Major upgrade, no API or ABI breaking changes (that we know of).
https://github.com/libnet/libnet/releases/tag/v1.3
Packaging:
- Verified builds on *all* test-pkg archs & toolchains
- Verified test-pkg also with ngrep, suricata, and mz
- Drop backported int64_t patch
- Disable doxygen (html docs) in build
- sha256sum of tarball now generated upstream
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also, introduce a new test in support/testing/tests/init/test_openrc.py that
ensures split-user support works properly.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
OpenRC has not been updated for quite some time, and much has changed.
- Convert to a meson package.
- Update the license hash as the year has changed from 2015 to 2023.
- Introduce one new patch:
- 0007-allow-setting-rc_libexecdir-path.patch: Introduces the previous
behavior of setting the rc directory to /usr/libexec/rc.
(Upstream: Upstream: https://github.com/OpenRC/openrc/pull/443)
- Install the sysv-rcs script in the new OPENRC_INSTALL_SYSV_RCS_SCRIPT
post install hook as the OPENRC_BUILD_CMDS define no longer exists.
Tested with tests.init.test_openrc all tests pass.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is bugfix release of stable libmdbx branch, on the day of the 100th
anniversary of the birth of the outstanding Soviet and Russian scientist
and engineer Vladimir Fedorovich Utkin.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
The most significant fixes of v0.12.8:
- Fixed regression of mdbx_put(MDBX_MULTIPLE) during batch/bulk
insertion of multi-values (aka "dupsort").
- Implemented overwriting in mdbx_put(MDBX_CURRENT) of all current
multi-key values in the absence of the flag MDBX_NOOVERWRITE.
- Added the ability to use mdbx_cursor_get(MDBX_GET_MULTIPLE) without
first setting the cursor, combining the batch data getting operation
with positioning the cursor.
- Micro-optimization and refactoring cursor_put_nochecklen().
- Clarifying the wording in the API description, including explanation
about SIGSEGV and not allowing direct data changes.
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
OpenJDK 21 is out and with it, OpenJDK11 is now EOL.
See: https://endoflife.date/oracle-jdk As such, drop support for 11 and do the
following:
- The 0001-Add-ARCv2-ISA-processors-support-to-Zero.patch patch now applies to
both 17 and 21. Move it out of the version-specific directoriy.
- BR2_OPENJDK_VERSION_LTS is now set to 17.
- BR2_OPENJDK_VERSION_LATEST is now set to 21.
- Drop --disable-hotspot-gtest as it has been removed, and was ignored in 17.
- Add two separate HOST_OPENJDK_BIN_VERSION defines in openjdk-bin.mk as
there is not a point release yet for OpenJDK 21.
- Update the expectedVersion variable in JniTest.java from 0x000A0000 to
0x00150000
Tested with:
./support/testing/run-tests tests.package.test_openjdk.TestOpenJdk.test_run
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
conmon unconditionally uses seccomp_notif_sizes which is only available
since kernel 5.0 and
https://github.com/torvalds/linux/commit/6a21cc50f0c7f87dae5259f6cfefe024412313f6
resulting in the following build failure since the addition of the
package in commit 06f50ff1bf:
In file included from src/seccomp_notify.h:4,
from src/seccomp_notify.c:26:
src/seccomp_notify_plugin.h:33:78: warning: 'struct seccomp_notif_sizes' declared inside parameter list will not be visible outside of this definition or declaration
33 | typedef int (*run_oci_seccomp_notify_handle_request_cb)(void *opaque, struct seccomp_notif_sizes *sizes, struct seccomp_notif *sreq,
| ^~~~~~~~~~~~~~~~~~~
src/seccomp_notify.c:47:36: error: field 'sizes' has incomplete type
47 | struct seccomp_notif_sizes sizes;
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/cbfa2f3a585b7feecd902137bc589a1ec15cbefe
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Checkpoint/Restore In Userspace (CRIU), is a software tool for the
Linux operating system to make it possible to freeze a running
application and checkpoint it to persistent storage as a collection of files.
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
[yann.morin.1998@free.fr:
- BR2_ARM_CPU_ARMV8M does not exist
- BR2_BR2_powerpc64le misspelled
- move all arch dependencies to BR2_PACKAGE_CRIU_ARCH_SUPPORTS
- comment hidden with arch dependencies
- select host-python3, don't depend on it
- extend legal-info: LPLG-2.1 for lib/, MIT for images/
- PREFIX is also used at compile time for PLUGINDIR
- copy .proto file, rather than symlinking
- wrap long lines
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gcc >= 13:
In file included from /home/buildroot/autobuild/instance-1/output-1/build/reproc-14.2.4/reproc++/src/reproc.cpp:1:
/home/buildroot/autobuild/instance-1/output-1/build/reproc-14.2.4/reproc++/include/reproc++/reproc.hpp:95:5: error: declaration of 'reproc::options::<unnamed struct> reproc::options::env' changes meaning of 'env' [-Wchanges-meaning]
95 | } env = {};
| ^~~
/home/buildroot/autobuild/instance-1/output-1/build/reproc-14.2.4/reproc++/include/reproc++/reproc.hpp:91:5: note: used here to mean 'class reproc::env'
91 | env::type behavior;
| ^~~
Fixes:
- http://autobuild.buildroot.org/results/11feca3698154c255938ab3b25a34429135c31f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc >= 13:
In file included from /home/thomas/autobuild/instance-1/output-1/build/snort3-3.1.40.0/src/packet_io/sfdaq_config.cc:25:
/home/thomas/autobuild/instance-1/output-1/build/snort3-3.1.40.0/src/packet_io/sfdaq_config.h:59:25: error: 'uint32_t' has not been declared
59 | void set_batch_size(uint32_t);
| ^~~~~~~~
/home/thomas/autobuild/instance-1/output-1/build/snort3-3.1.40.0/src/packet_io/sfdaq_config.h:62:5: error: 'uint32_t' does not name a type
62 | uint32_t get_batch_size() const { return (batch_size == BATCH_SIZE_UNSET) ? BATCH_SIZE_DEFAULT : batch_size; }
| ^~~~~~~~
/home/thomas/autobuild/instance-1/output-1/build/snort3-3.1.40.0/src/packet_io/sfdaq_config.h:26:1: note: 'uint32_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
25 | #include <vector>
+++ |+#include <cstdint>
26 |
Fixes:
- http://autobuild.buildroot.org/results/c91a74bad542f32693f2e31412fba70446fd3959
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
1.72 Added examples/smi/smi.c showing how to use new SMI bus support,
courtesy Benoit Bouchez. Added support for disabling
documentation genetration with "./configure --with-docs=no",
courtesy of Christian Zuckschwerdt.
1.73 Fixed some inconsistent indenting in bcm2835.c that triggers
warnings for some people. Added Timeout checks to
bcm2835_i2c_write() in case of IO problems. New reason cade
BCM2835_I2C_REASON_ERROR_TIMEOUT added. Patch courtesy Simon
Peacock.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build is failing with an unrecognised opcode error due to missing
`zicsr` extension requirement. This is introduced with GCC version 12.
When binutils was updated to v2.38 they updated to the default ISA spec
version 20191213. In this version the original i extension split into i,
Zicsr and Zifencei. A fix for this has been added since U-Boot version
2022.01 to detect new Zicsr and Zifencei extensions and enable it when needed
therefore, an updated U-Boot tag to our latest 2023.09 release will fix
this as in our latest release we have updated to U-Boot version 2023.07.
Update the kernel verion in line with the U-Boot release version to
ensure compatiblities and latest features and fixes are included.
Remove riscv_g selection as it is now selected by default.
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
aespipe-v2.4g October 23 2023
- Added configure script autodetection for -fno-strict-aliasing compile
flag. This option is needed with some compilers that miscompile code
when link-time-optimization is used.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
nettle uses m4 during its build process. Without it, the build fails
with:
m4 ./m4-utils.m4 ./asm.m4 config.m4 machine.m4 aes-decrypt-internal.asm >aes-decrypt-internal.s
/bin/sh: 1: m4: not found
For the target package this is not visible, as the existing gmp
dependency pulls in host-m4. But technically speaking, nettle needs
host-m4 directly, so it makes sense to have this dependency.
For the host package, it clearly fails to build, but probably isn't
very visible as most systems have m4 installed system-wide: this was
noticed when building inside Buildroot's minimal Docker
container. There are no recorded autobuilder failures for this issue.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Sway to version 1.8.1, which brings a new release series to
Buildroot and can be built with wlroots 0.16.x
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Cage to version 0.1.5, which is a bug fix release that
supports using wlroots 0.16.x.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to version 0.16.2, which brings in support for a few new Wayland
protocols, and improved input device and scene graph APIs. Applications
which use wlroots might need to be adapted, and at least rebuilt. The
only packages in Buildroot which use wlroots at the moment are the Cage
and Sway compositors, to be updated in follow-up patches.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc >= 13:
In file included from ./Common/log.h:45,
from LinuxPBA/LinuxPBA.cpp:25:
./Common/DtaOptions.h:33:5: error: 'uint8_t' does not name a type
33 | uint8_t password; /**< password supplied */
| ^~~~~~~
./Common/DtaOptions.h:1:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
Fixes:
- http://autobuild.buildroot.org/results/b6feb4fb33d595414b61174deb9867e8c30cd186
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since Qemu 6.0.0, a warning appear in the log if a short-form boolean
option is used. This was fixed by Romain for the main cmdline description
(see 04afe86cd7 ("board/qemu/arm-vexpress-tz: use enable=on")) but was
not updated in the alternate cmdlines for when using a dual console or
a GDB debug setup.
By the way, fix description mentioning qemu-system-arm command line option
-S that is an uppercase S, not a lower case s.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumps OP-TEE test package version to OP-TEE release 4.0.0.
Removes the local patch on OpenSSL support that has been integrated
into mainline repository before release tag 4.0.0.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Medium] A fix was added, but still under review for completeness, for a
Bleichenbacher style attack, leading to being able to decrypt a saved
TLS connection and potentially forge a signature after probing with a
large number of trial connections. This issue is around RSA decryption
and affects static RSA cipher suites on the server side, which are not
recommended to be used and are off by default. Static RSA cipher suites
were also removed from the TLS 1.3 protocol and only present in TLS 1.2
and lower. All padding versions of RSA decrypt are affected since the
code under review is outside of the padding processing. Information
about the private keys is NOT compromised in affected code. It's
recommended to disable static RSA cipher suites and update the version
of wolfSSL used if using RSA private decryption alone outside of TLS.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 72c653367d (board/licheepi_zero: move board files to their own
directory) forgot to rename the defconfig file, even though the
readme.txt was updated.
Do the rename now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add support for the LicheePi Nano with mainline components:
- U-Boot 2023.04
- Linux 6.5.9
Board homepage and more usable WiKi:
- https://wiki.sipeed.com/hardware/en/lichee/Nano/Nano.html
- https://linux-sunxi.org/LicheePi_Nano
linux.fragment is required to disable some features in order to keep the
kernel size small, otherwise the board does not boot due to limited
memory. See note in readme.txt.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr:
- use fixed kernel version
- use manufacturer directory
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Group files for board licheepi_zero under the existing manufacturer
directory, like all the other boards by Sipeed.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr: use the manufacturer sub-dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gcc >= 13:
In function 'find_best_lang_match_cached',
inlined from 'find_best_lang_match_cached' at ../pango/pango-language.c:501:1,
inlined from 'pango_language_get_scripts' at ../pango/pango-language.c:661:21:
../pango/pango-language.c:518:12: error: array subscript 0 is outside array bounds of 'const void *[0]' {aka 'const void *[]'} [-Werror=array-bounds=]
518 | *cache = result;
| ~~~~~~~^~~~~~~~
In function 'pango_language_get_scripts':
cc1: note: source object is likely at address zero
cc1: some warnings being treated as errors
Fixes:
- http://autobuild.buildroot.org/results/e8b5a752a62621099942b29c1642747eef2930cb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no need to define SDBUS_CPP_SOURCE explicitly because the
github helper works perfectly well with the default _SOURCE value.
Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
python-pycryptodomex uses C99 features like variable
declaration in for-loop statement, while old compilers
assumes C89 by default.
This patch explicitly specifies C99 standard.
Signed-off-by: Oleg Lyovin <ovlevin@salutedevices.com>
[yann.morin.1998@free.fr: use TARGET/HOST_CFLAGS]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in the C AMQP client library (aka rabbitmq-c)
through 0.13.0 for RabbitMQ. Credentials can only be entered on the
command line (e.g., for amqp-publish or amqp-consume) and are thus
visible to local attackers by listing a process and its arguments.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Drop --without-x (now unrecognized)
- Fix CVE-2023-40745: LibTIFF is vulnerable to an integer overflow. This
flaw allows remote attackers to cause a denial of service (application
crash) or possibly execute an arbitrary code via a crafted tiff image,
which triggers a heap-based buffer overflow.
- Fix CVE-2023-41175: A vulnerability was found in libtiff due to
multiple potential integer overflows in raw2tiff.c. This flaw allows
remote attackers to cause a denial of service or possibly execute an
arbitrary code via a crafted tiff image, which triggers a heap-based
buffer overflow.
https://libtiff.gitlab.io/libtiff/releases/v4.6.0.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since the addition of the package
in commit 0a01085abe:
CMake Error at /home/buildroot/autobuild/instance-3/output-1/host/share/cmake-3.27/Modules/CMakeTestCXXCompiler.cmake:60 (message):
The C++ compiler
"/usr/bin/c++"
is not able to compile a simple test program.
Fixes:
- http://autobuild.buildroot.org/results/4b94edf6dee03e74ff53939aa228069cc6ba4292
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: propagate to spirv-tools]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
git.code.sf.net is available over HTTPS, so use that for security and
consistency with the other packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
git.code.sf.net is available over HTTPS, so use that for security and
consistency with the other packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we have HTTPS support for sources.buildroot.net (through Lets
encrypt / Cloudflare), it makes sense to default to it for our backup site.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host-riscv64-elf-toolchain package was missing a hash file, add it now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host-mxsldr package was missing a hash file, add it now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
MiniZip in zlib through 1.3 has an integer overflow and resultant
heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long
filename, comment, or extra field. NOTE: MiniZip is not a supported part
of the zlib product.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0b9efc991f ("linux: use BR2_MAKE") switched LINUX_MAKE to
$(BR2_MAKE) to avoid build issue with kernel version >= 6.2 and GNU
Make version < 3.82. However, the same issue is actual for kernel
modules as well.
Using $(BR2_MAKE) should guarantee a consistent behavior between
kernel and kernel-modules builds.
Signed-off-by: Alexey Romanov <avromanov@sberdevices.ru>
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
[yann.morin.1998@free.fr: minor coding style]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Support for sha256 has no additional dependency, the size increase is
minimal, and sha256 is the smallest hash still not broken (md5 and sha1
are), so it makes sense to enable it unconditionally.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: make it unconditional and commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop option, use package as condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop option, use package as condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop option, use package as condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop option, use package as condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop option, use package as condition]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit d31db334c3 (opkg: Add gnupg signature checking support.),
the macro definition for the hook, and the hook assignment, got
separated by the then-newly introduced GPG handling.
Move the macro definition closer to the hook assignment. Since this is
a post-install hook, it is but logical that it comes further down in
the .mk file.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tested in Fedora 39 and Debian 11 with:
./support/testing/run-tests tests.package.test_opkg.TestOpkg.test_run
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the bump of tar to version 1.35 in Buildroot commit
d4d483451f ("package/tar: security bump
to version 1.35"), the build will fail on systems that are not Y2038,
such as uClibc configurations.
In order to preserve the previous behavior, pass --disable-year2038.
See the gnulib documentation for details [0]. Contrary to what the
option name might suggest, it doesn't really disable Y2038 support,
but only the check that the system is Y2038 compliant. So even with
--disable-year2038, if the system is Y2038 compliant (uses a 64-bit
arch, uses the musl C library, or uses the glibc C library with
BR2_TIME_BITS_64=y), tar will be Y2038 compliant.
[0] https://www.gnu.org/software/gnulib/manual/html_node/Avoiding-the-year-2038-problem.html
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot commit eb60820c0a disabled
elfutils for musl toolchains in 2015. Current code builds fine with musl
so remove the exceptions.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[yann.morin.1998@free.fr:
- move all libc-related conditional blocks together
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit 21d52e52d8 (package/pkg-utils.mk: break hardlinks in global
{TARGET, HOST}_DIR on per-package build) was recently reverted, so we
are back to a situation where it is possible for packages and post-build
scripts to modify files in-place, and thus impact files in any arbitrary
per-package directory, which may break things on rebuild for example.
21d52e52d8 was too big a hammer, but we can still apply the reasoning
from it, to the aggregation of the final target and host directories.
This solves the case for post-build scripts at least. We leave the case
of inter-package modification aside, as it is a bigger issue that will
need more than just copying files around.
We use --hard-links, so that hard-links in the source (the PPD), are
kept as new hard-links (i.e. "copy" of hard-links) in the destination.
This contributes to limiting the size of target/.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Herve Codina <herve.codina@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
Commit 21d52e52d8 (package/pkg-utils.mk: break hardlinks in global
{TARGET, HOST}_DIR on per-package build) stopped hardlink the source and
destination when rsyncing per-package directory, on the rationale that
modifying files in-place after the rsync would also modify the original
file, and that break foo-rebuild and can cause issues with post-build
scripts.
However, what 21d52e52d8 did not envision, is that copying instead of
hard-linking has two nasty side effects:
- the size increase for the build directory increase with the number
of packages and with the depth of th dependency chains for those
packages: a (relatively small) build that was previously totalling
~13GiB in output/, now totals north of 122GiB, an almost 10-time
increase;
- the build time increases, as it takes more time to read+write files
than it takes to create a new link to a file; the same build saw an
increase of build time from 5min 10s to 7min 30s, a 45% increase.
These regressions are both serious, so revert the change; we'll come up
with a stopgap measure in follow-up commits.
This reverts commit 21d52e52d8.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Herve Codina <herve.codina@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
This patch bumps the zynq_microzed_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30
- U-Boot v2023.01 with additional bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_zed_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30
- U-Boot v2023.01 with additional bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_zc706_defconfig to xilinx-v2023.2 which includes
the following updates:
- Linux v6.1.30
- U-Boot v2023.01 with additional bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0455f957a3 (package/network-manager: bump to version 1.44.2)
dropped the two patches but forgot to update .checkpackageignore.
Fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The last architecture-specific patch we had was removed 2015-02-14 with
commit 9863553fe8 (packages: all salute the passing of avr32), where
we eventually got rid of the avr32-specific patch for fbv.
Since then, we've only had common patches (that apply systematically),
or conditional patches, that are applied in an ad-hoc manner with
post-patch hooks. Currently, we even only have one such patch (for
Linux).
Since we do not advertise that possibility in the manual, and since we
do not want to have such patches, drop the support for it.
This has the potential for breaking existing br2-external trees, but
there is a workaround for those: they can provide a pre-patch ook that
copies the necessary per-arch patches if needed. We document this in the
manual.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop patches which are now upstream.
CONTRIBUTING.md hash changed due to text various text updates, most of
them outside of the section about licensing. The only change in that
section is:
@@ -39,26 +39,29 @@
new contributions already must already agree to that.
For more details see [RELICENSE.md](RELICENSE.md).
+Do not use "Signed-off-by:" lines in commits for NetworkManager. It has no meaning.
+
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Add 2 upstream patches, one to avoid build failure due to different libc
ioctl() prototype and one to avoid link conflict due to test unit enabled
by default.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fix the following build failure with gcc >= 13:
In file included from ../src/compressor.c:3:
../src/compressor.h:59:59: error: unknown type name 'size_t'
59 | int compressor_input(CompressorContext *c, const void *p, size_t sz);
| ^~~~~~
../src/compressor.h:19:1: note: 'size_t' is defined in header '<stddef.h>'; did you forget to '#include <stddef.h>'?
18 | #include "cacompression.h"
+++ |+#include <stddef.h>
19 |
Fixes:
- http://autobuild.buildroot.org/results/ab08f3b90d253db45643dd058b80ae1dd5f49d0f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
CuteKeyboard is a Qt virtual keyboard plugin for embedded applications
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Acked-by: Andrea Ricchi <andrea.ricchi@amarulasolutions.com>
[Arnout:
- add DEVELOPERS entry;
- fixed the title in the .mk file;
- use select instead of depends on;
- with the above, add depends on QT5 and QT5_JSCORE.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The relocate-sdk.sh script does not work correctly when
BR2_PER_PACKAGE_DIRECTORIES is enabled. relocate-sdk.sh expects
everything to point at $HOST_DIR, but each package will be pointing at
its $(O)/per-package/*/host.
Use the same command for scrubing host paths during the build, to scrub
to the final host directory location.
Signed-off-by: Brandon Maier <Brandon.Maier@collins.com>
Acked-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following CVEs :
- CVE-2023-4135 (https://gitlab.com/qemu-project/qemu/-/commit/ecb1b7b082d3b7dceff0e486a114502fc52c0fdf)
- CVE-2023-3354 (https://gitlab.com/qemu-project/qemu/-/commit/10be627d2b5ec2d6b3dce045144aa739eef678b4)
- CVE-2023-3180 (https://gitlab.com/qemu-project/qemu/-/commit/9d38a8434721a6479fe03fb5afb150ca793d3980)
The changes between 8.1.0 and 8.1.1 are only limited to bug fixes:
6bb4a8a47a (v8.1.1) Update version for 8.1.1 release
045fa84784 tpm: fix crash when FD >= 1024 and unnecessary errors due to EINTR
56270e5d3d meson: Fix targetos match for illumos and Solaris.
60da8301fe s390x/ap: fix missing subsystem reset registration
8b479229ff ui: fix crash when there are no active_console
d4919bbcc2 virtio-gpu/win32: set the destroy function on load
cae7dc1452 target/riscv: Allocate itrigger timers only once
7385e00665 target/riscv/pmp.c: respect mseccfg.RLB for pmpaddrX changes
1d4fb5815c target/riscv: fix satp_mode_finalize() when satp_mode.supported = 0
b822207513 hw/riscv: virt: Fix riscv,pmu DT node path
2947da750e linux-user/riscv: Use abi type for target_ucontext
60a7f5c8fe hw/intc: Make rtc variable names consistent
566dac7127 hw/intc: Fix upper/lower mtime write calculation
8ae20123b6 target/riscv: Fix zfa fleq.d and fltq.d
6c24b6000b target/riscv: Fix page_check_range use in fault-only-first
987e90cfd2 target/riscv/cpu.c: add zmmul isa string
b9f83298b9 hw/char/riscv_htif: Fix the console syscall on big endian hosts
3d6251f416 hw/char/riscv_htif: Fix printing of console characters on big endian hosts
9832a670b3 arm64: Restore trapless ptimer access
df33ce9b6d virtio: Drop out of coroutine context in virtio_load()
eeee989f72 qxl: don't assert() if device isn't yet initialized
93d4107937 hw/net/vmxnet3: Fix guest-triggerable assert()
6356785daa docs tests: Fix use of migrate_set_parameter
01bf87c8e3 qemu-options.hx: Rephrase the descriptions of the -hd* and -cdrom options
25ec23ab3f hw/i2c/aspeed: Fix TXBUF transmission start position error
9dc6f05cc8 hw/i2c/aspeed: Fix Tx count and Rx size error in buffer pool mode
d5361580ac hw/ide/ahci: fix broken SError handling
e8f5ca57e4 hw/ide/ahci: fix ahci_write_fis_sdb()
4448c345bc hw/ide/ahci: PxCI should not get cleared when ERR_STAT is set
4fbd5a5202 hw/ide/ahci: PxSACT and PxCI is cleared when PxCMD.ST is cleared
16cc9594d2 hw/ide/ahci: simplify and document PxCI handling
1efefd13ca hw/ide/ahci: write D2H FIS when processing NCQ command
c2e0495e3c hw/ide/core: set ERR_STAT in unsupported command completion
f64f1f8704 target/ppc: Fix LQ, STQ register-pair order for big-endian
9f54fef2c0 target/ppc: Flush inputs to zero with NJ in ppc_store_vscr
5358980d33 hw/ppc/e500: fix broken snapshot replay
6864f05cb1 ppc/vof: Fix missed fields in VOF cleanup
0175121c6c ui/dbus: Properly dispose touch/mouse dbus objects
e975434d62 target/i386: raise FERR interrupt with iothread locked
e5e77f256f linux-user: Adjust brk for load_bias
645b87f650 target/arm: properly document FEAT_CRC32
86d7b08d71 block-migration: Ensure we don't crash during migration cleanup
5691fbf440 softmmu: Assert data in bounds in iotlb_to_section
441106eebb docs/about/license: Update LICENSE URL
63188a00bb target/arm: Fix 64-bit SSRA
7012e20b2d target/arm: Fix SME ST1Q
c8e381d672 accel/kvm: Specify default IPA size for arm64
34808d041c kvm: Introduce kvm_arch_get_default_type hook
01f6417f15 include/hw/virtio/virtio-gpu: Fix virtio-gpu with blob on big endian hosts
14a8213b75 target/s390x: Check reserved bits of VFMIN/VFMAX's M5
c12eddbd48 target/s390x: Fix VSTL with a large length
880e82ed78 target/s390x: Use a 16-bit immediate in VREP
5980189e96 target/s390x: Fix the "ignored match" case in VSTRS
Signed-off-by: Clement Ramirez <ramirez.clement3@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This fixes a typo by dropping off the spurious x in ensure.
Signed-off-by: Gaël PORTAY <gael.portay@rtone.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 0c82f3f635 (package/gcc: remove powerpc conditional patching
logic), the macro defining the conditional patch was removed, but it was
still referenced and expanded in the apply-patches hook.
Drop that now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2023-39325: rapid stream resets can cause excessive work
A malicious HTTP/2 client which rapidly creates requests and immediately
resets them can cause excessive server resource consumption. While the
total number of requests is bounded to the http2.Server.MaxConcurrentStreams
setting, resetting an in-progress request allows the attacker to create a
new request while the existing one is still executing.
go1.21.3 (released 2023-10-10) includes a security fix to the net/http
package.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The gpt-auto-generator can generate the boot.mount unit, which reports
an error if this directory can't be created (if / is read-only). There
is no reason not to create this directory, even if the platform doesn't
actually have a boot partition that can be mounted there.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
journald will always have a runtime log in /run/systemd/journal,
and a persistent one in /var/log/journal under certain conditions.
By default it will check for the existence of that directory.
When /var is not backed by mass-storage you typically don't want your
log duplicated and journald should be tuned to account for
having only RAM available.
With this commit, the directory will no longer be created automatically,
but instead it's created only if the root filesystem is writeable.
It is rather easy for users to opt-in by either creating that directory
(e.g. with a tmpfiles fragment) or editing /etc/systemd/journald.conf.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The mode should reflect the mount directory,
and 755 is the default - so drop the mount option.
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout:
- use a simple mount unit for
TestInitSystemSystemdRoFullOverlayfsVarBacking;
- change the test of TestInitSystemSystemdRoFullOverlayfsVarBacking to
check that the exact expected mount was performed;
- add a test of var backing with fstab instead of mount unit.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Systemd requires /var to be writeable [1]. With read-only rootfs, we
need a solution that makes sure /var is writeable. We already have a
solution using a factory, with systemd-tmpfiles. This approach has a few
limitations:
- The behaviour of what happens when the rootfs is updated and the
contents of the factory /var changes are not very intuitive.
- systemd-tmpfiles is not started super early in the boot, so there's a
relatively long time that /var is not writeable. There is also no easy
way in systemd to express dependencies on the subdirectories of /var
to have been populated from the factory.
- The contents of /var is duplicated. If it is big, the rootfs size
increases unnecessarily and it takes a long time before the copying is
done. This is also not done atomically.
This commit adds an alternative using an overlay filesystem that has the
following characteristics:
- Don't depend on anything being available, except the
API File Systems [2]. In other words, this can be done very early in
the boot process. This is useful because /var is meant to be
available before normal and even some early services are running.
- Be a clean drop-in, that can be trivially added / removed.
- Make sure that overlayfs is available in the kernel.
- Units are (partially) reusable for custom solutions. This goal is
actually not fully reached yet: for that the service file should be
converted into a template, and the mount unit should use a specifier
for all repeated references to /var.
Mounting the overlay is slightly acrobatic and requires a few steps:
- First, we have to make sure the directories for overlayfs's upper,
lower and work directories are available on a tmpfs. Note that
"upper" and "work" must be on the same filesystem.
- The writeable overlay upper directory must be mounted.
- The original contents of /var must be bind-mounted to the overlay
lower directory.
- Finally, the overlay must be mounted on /var.
For the overlayfs directories, we create a tree on /run. Since there is
no standard name convention for this, we create a new directory
"/run/buildroot" with subdirectory "mounts" for everything
mount-related. Below that, a subdirectory is created for every mount
point that needs helper directories. Thus, we arrive to
/run/buildroot/mounts/var as the base directory for the overlay. Below
this, the directories lower, upper and work are created.
The bind-mount of /var is done in the same service as the one creating
the overlay lower, upper and work directories. Creating those
directories can't be done in a mount unit, and bind-mounting /var in a
mount unit would create a circular dependency. Indeed, if we had a mount
unit to do the bind mount, then it sould look like:
# run-buildroot-mounts-var-lower.mount
[Mount]
What=/var
Where=/run/buildroot/mounts/var/lower
Options=bind
and then the var.mount unit would need to have a dependency on that
unit:
# var.mount
[Unit]
After=run-buildroot-mounts-var-lower.mount
[Mount]
Where=/var
However, the What=/var of the first unit automatically adds an implicit
dependency on /var, and since there is a unit providing Where=/var, we
would have run-buildroot-mounts-var-lower.mount depend on var.mount, but
we need var.mount to depend on run-buildroot-mounts-var-lower.mount, so
this is a circular dependency. There is no way to tell systemd no to add
the implicit dependency. So we do the bind mont manually in the service
unit that prepares the overlay structure.
For the writeable upper layer, we don't need to do anything. In the
default configuration, the upper layer is supposed to be a tmpfs, and
/run/buildroot/mounts/var/upper is already a tmpfs so it can serve as
is. To make it persistent, we suggest to the user to mount a writeable,
persistent filesystem on /run/buildroot/mounts/var. The
RequiresMountsFor dependency in the prepare-var-overlay service makes
sure that that mount is performed before the overlay is started. Using
/run/buildroot/mounts/var/upper as the mount point sounds more logical
at first, but since the work directory is supposed to be on the same
filesystem as the upper directory, this wouldn't work very well.
As example, consider using /dev/sdc1 as upper layer for var, this can be
achieved by adding the following line to fstab:
/dev/sdc1 /run/buildroot/mounts/var ext4 defaults
Systemd will convert this into a mount unit with all the proper
dependencies.
Norbert provided some systemd units as a starting point, and that was
quite a huge help in understanding how to fit all those things together.
[1] - https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/
Co-authored-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout:
- Merge commit messages from Yann and from Norbert.
- Remove the run-buildroot-mounts-var.mount unit; instead, just reuse
the existing tmpfs for the upper layer in the default case.
- Update the help text to explain how to mount a custom upper layer
with fstab.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Currently, we have a single solution to handle the /var content on a
read-only root filesystem, and users can opt out of using it.
We're going to introduce another solution (based on an overlayfs), which
is incompatible with using the factory, so we'll have a choice of three
mutually exclusive options.
Introduce that choice now with just the existing /var factory, and a new
option to opt out of it.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@smile.fr>
Cc : Jérémy Rosen <jeremy.rosen@smile.fr>
Acked-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes CVE-2023-39323: Line directives ("//line") can be used to bypass the
restrictions on "//go:cgo_" directives, allowing blocked linker and compiler
flags to be passed during compilation. This can result in unexpected
execution of arbitrary code when running "go build".
go1.21.2 (released 2023-10-05) includes one security fixes to the cmd/go
package, as well as bug fixes to the compiler, the go command, the linker,
the runtime, and the runtime/metrics package.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b574a9606e (package/erlang: do not hard-code the Erlang
Interface Version (EI_VSN)) removed the need to care about keeping
the erlang version and its API version in sync, as the latter is
automatically extracted from installed files. The corresponding comment
was removed in that commit:
# Whenever updating Erlang, this value should be updated as well, to the
# value of EI_VSN in the file lib/erl_interface/vsn.mk
However, the removal of the comment above the package version was
leftover (probably because of a conflict with a version bump that was
improperly resolved).
Drop the comment now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 4cbc2af604 moved the nodejs patches
to the nodejs-src directory, but forgot to update .checkpackageignore
accordingly. Fix that, by running `make .checkpackageignore`.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The TestNodeJSModule test triggers the build of host-nodejs to be able
to install third party modules. Now that host-nodejs has two
providers, it makes sense to test both cases, so we duplicate
TestNodeJSModule into TestNodeJsModuleHostBin (which tests the
host-nodejs-bin) and TestNodeJSModuleHostSrc (which tests the
host-nodejs-src).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This package downloads the pre-built version of nodejs, if the host
platform supports it.
Reuse the variables defined in nodejs.mk.
For the definition of BR2_PACKAGE_PROVIDES_HOST_NODEJS, take care of
defaulting to host-nodejs-bin if host-nodejs is not selected at all.
This makes sure that in the future we will be able to run 'make
foo-source' for a package that uses nodejs vendoring, and it will use
the prebuilt nodejs to perform the vendoring.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout:
- update to 16.20.0 to match nodejs.mk - including hashes;
- add HOST_NODEJS_BIN_ACTUAL_SOURCE_TARBALL + hash;
- move to package/nodejs/nodejs-bin;
- drop DEVELOPERS change, it's already covered by package/nodejs;
- re-order the series;
- immediately add it as a virtual package provider;
- add prompt and helpt text to choice;
- select host-nodejs-bin as provider if host-nodejs is not selected at
all.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
host-nodejs is quite long to build (5 minutes on a very fast build
machine), and will become a download dependency when we implement
vendoring for NodeJS-based packages.
In order to mitigate this build time, an idea is to use a pre-compiled
host NodeJS. One option would be to use a pre-installed NodeJS, but
we're concerned by version compatibility issues of the host NodeJS/NPM
does not have the same version as the target NodeJS/NPM. So another
option is to use a pre-compiled NodeJS provided by the NodeJS project
itself.
To achieve this, this commit turns the host-nodejs package into a
virtual package. For the time being, this has just one provider:
host-nodejs-src, which builds host-nodejs from source. This is the
original host-nodejs package, renamed to host-nodejs-src.
The target nodejs package is also renamed to nodejs-src in order to have
a single package nodejs-src that has a host and target version, as
usual. We do keep the nodejs target package itself, but it's an empty
package - not even a virtual package. This means the following.
- Its VERSION, SOURCE and SITE variables are left empty. The existing
variables are renamed to NODEJS_COMMON_VERSION etc. to allow them to
be reused by nodejs-src and the future nodejs-bin.
- It's a generic package with a single dependency, nodejs-src.
- The Config.in remains unchanged, except that it selects
BR2_PACKAGE_NODEJS_SRC.
- BR2_PACKAGE_NODEJS_SRC is a blind option.
Co-authored-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Later we will change host-nodejs into a virtual package with the option
to download the binary, or to build from source. Those two
implementations will share version etc., so we want them in a
subdirectory in order to guarantee order of inclusion.
As a preparatory step, move the existing, single nodejs implementation
down into a subdirectory.
The definitions in nodejs.mk that will later be shared between the
source and binary variants of the package stay in
package/nodejs/nodejs.mk; the rest moves down to
package/nodejs/nodejs/nodejs.mk.
The hash file will be shared between the implementations and therefore
stays in package/nodejs/nodejs.hash. package/nodejs/nodejs/nodejs.hash
is a symlink to it.
The Config.in and Config.in.host don't move. The two implementations
will only have blind options.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Bumb rwmem to the latest version. The main reason to bumb is to get a
fix for a compilation issue present when compiling with gcc-13 (need to
include <cstdint>).
As the project has moved to C++20, we need to adjust the Config.in
accordingly.
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
CVE-2023-4527: If the system is configured in no-aaaa mode via
/etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address
family, and a DNS response is received over TCP that is larger than
2048 bytes, getaddrinfo may potentially disclose stack contents via
the returned address data, or crash.
CVE-2023-4806: When an NSS plugin only implements the
_gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use
memory that was freed during buffer resizing, potentially causing a
crash or read or write to arbitrary memory.
CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when
an application calls getaddrinfo for AF_INET6 with AI_CANONNAME,
AI_ALL and AI_V4MAPPED flags set.
CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the
environment of a setuid program and NAME is valid, it may result in a
buffer overflow, which could be exploited to achieve escalated
privileges. This flaw was introduced in glibc 2.34.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed patch which was backported from upstream and is now included
in this release.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: drop CVE ignore for patch]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/5676609b6331b645f2e557aca67afe4c3a087433/
Fix a build failure for --without-gd builds since the bump to 5.4.9 with
commit 6dc3d3c360 (package/gnuplot: bump version to 5.4.9):
In file included from term.h:298,
from term.c:1211:
../term/post.trm:4016:11: error: expected declaration specifiers or '...' before string constant
4016 | fputs("%%%%BeginImage\n", gppsfile);
Add a patch fixing that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CVE-2022-44792 handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c
in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can
be used by a remote attacker (who has write access) to cause the
instance to crash via a crafted UDP packet, resulting in Denial of
Service.
CVE-2022-44793 handle_ipv6IpForwarding in
agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a
NULL Pointer Exception bug that can be used by a remote attacker to
cause the instance to crash via a crafted UDP packet, resulting in
Denial of Service.
The pgp key was changed [0] as the old one expired [1].
[0]: https://sourceforge.net/p/net-snmp/htdocs/ci/90a6d98aae21fcdff06b5be139eb4d44ae96a9de/
[1]: https://github.com/net-snmp/net-snmp/issues/595
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Due to a change in util-linux (commit
10f5f79485964ab52272ebe79c3b0047b1f84d82, "libbuid: use
_UL_LIBUUID_UUID_H to cover uuid.h"), gptfdisk no longer detects the
availability of libuuid to generate UUIDs, causing the following
message at runtime:
Warning! Unable to generate a proper UUID! Creating an improper one as a last
resort! Windows 7 may crash if you save this partition table!
This issue exists since util-linux was bumped to version 2.38 in
Buildroot
ee978e853a ("package/util-linux: bump
version to 2.38").
This issue has been fixed in upstream gptfdisk, but the fix [0] is not
yet in a new stable release, so we backport it.
Additionally, now that gptfdisk uses libuuid again, the build fails
because passing LDLIBS to make overrides the default value in the
Makefile. To fix this, this patch adds -luuid to GPTFDISK_LDLIBS.
[0] https://sourceforge.net/p/gptfdisk/code/ci/6a8416cbd12d55f882bb751993b94f72d338d96f
Signed-off-by: Ben Wolsieffer <ben.wolsieffer@hefring.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 369ff9a88f (package/libmodplug: update to git version)
improperly used a short hash as version, so switch to the full-length
hash.
Github use the full-length hash when it creates the top-level directory
of the generated archive, so the hash of the archive does not in fact
change, only its filename. This is perfectly fine fine our handling of
s.b.o.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libmodplug calls `cctype` functions, such as `isspace`,
with negative values. This is undefined behaviour.
While glibc allows it, it crashes on uClibc compiled
without `UCLIBC_HAS_CTYPE_SIGNED`.
Adds a patch that resolves the issue.
Also sent upstream. However, the library author has not merged
any pull request for about a year.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
[yann.morin.1998@free.fr:
- add Gleb's SoB to the patch
- add upstream URL to the patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Y2038 is now almost only 15 years away, and embedded systems built
today are potentially going to still be operational in 15 years, and
even though they are supposed to receive updates by then, we all know
how things go, and potentially some of these embedded systems will not
receive any update.
In 2038, the signed 32-bit representation of time_t used on 32-bit
architectures will overflow, causing all time-related functions to go
back in time in a surprising way.
The Linux kernel has already been modified to support a 64-bit
representation of time_t on 32-bit architectures, but from a C library
perspective, the situation varies:
- glibc uses this 64-bit time_t representation on 32-bit systems
since glibc 2.34, but only if -D_TIME_BITS=64 is
specified. Therefore, this commit adds an option to add this flag
globally to the build, when glibc is the C library and the
architecture is not 64-bit.
- musl uses unconditionally a 64-bit time_t representation on 32-bit
systems since musl 1.2.0. So there is nothing to do here since
Buildroot has been using a musl >= 1.2.0, used since Buildroot
2020.05. No Buildroot option is needed here.
- uClibc-ng does not support a 64-bit time_t representation on 32-bit
systems, so systems using uClibc-ng will not be Y2038 compliant, at
least for now. No Buildroot option is needed here.
It should be noted that being Y2038-compliant will only work if all
application/library code is correct. For example if an
application/library stores a timestamp in an "int" instead of using
the proper time_t type, then the mechanisms described above will not
fix this, and the application/library will continue to be broken in
terms of Y2038 support.
Possible discussions points about this patch:
- Should we have an option at all, or should we unconditionally pass
-D_TIME_BITS=64, like we have been doing for _FILE_OFFSET_BITS=64
for quite some time. The reasoning for having an option is that
the mechanism is itself opt-in in glibc, and generally relatively
new, so it seemed logical for now to make it optional as well in
Buildroot.
- Should we show something (a Config.in comment?) in the musl and
uClibc-ng case to let the user know that the code is Y2038
compliant (musl) or not Y2038 compliant (uClibc-ng). Or should this
discussion be part of the Buildroot documentation?
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a bugfix release which fixes a CVE.
See:
https://www.enlightenment.org/news/2022-09-15-enlightenment-0.25.4
CVE-2022-37706 "enlightenment_sys in Enlightenment before 0.25.4 allows
local users to gain privileges because it is setuid root, and the system
library function mishandles pathnames that begin with a /dev/..
substring."
Hashes were never part of the online news page, therefore mark them as
locally computed.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We recently discovered that host-spirv-llvm-translator downloads the
SPIR-V headers during its build process, which is bad. Now that we
have a host variant of spirv-headers, we use it to avoid the
"downloading during the build".
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We discovered that the existing host-spirv-llvm-translator package
downloads the spirv-headers during its build process, which of course
is very wrong. In order to fix this, we first introduce a host variant
of the spirv-headers.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
host-rust-bindgen will be required to build several different rust-based
packages, including a Linux kernel with rust modules and mesa3d's
rusticl which is the rust-based implementation of OpenCL.
The Cargo.toml file at the project root is a "virtual manifest". Since
we only want to install rust-bindgen, we can specify RUST_BINDGEN_SUBDIR
= bindgen-cli to use the Cargo.toml from this directory.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Make 4.4 introduces a shuffle mode which randomizes prerequisites
in order to better flush out issues with parallel builds. On the other
hand, we use MAKE1 to build packages that are known to be broken with
parallel build. For these, passing the shuffle option would be
counter-productive and lead to spurious build failures.
The --shuffle=none option exists to turn off shuffling again. We can't
add this option unconditionally, however, because Make < 4.4 doesn't
know it. Therefore, conditionally pass --shuffle=none only if there is a
shuffle option in MAKEFLAGS.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The reinstall, rebuild and reconfigure commands rely on the
left-to-right order of evaluation of the dependencies to make sure that
the stamp files are removed before attempting to rebuild. However, this
order of evaluation is not guaranteed. In particular, if top-level
parallel build is enabled, they are executed in parallel and the stamp
file may not have been removed yet when it is evaluated to decide if
rebuild has to be done.
Since make 4.4, it is possible to reproduce this issue by passing
`--shuffle=reverse` to the make commandline.
To solve this, add a .WAIT directive between the clean and
install/build/configure dependencies. .WAIT was introduced in make 4.4
as well. It makes sure that the dependencies on the left are evaluated
before the dependencies on the right - exactly what we want here.
Earlier versions of make don't know about .WAIT, so we need to add a
.PHONY dependency to effectively ignore it.
Note that this doesn't fix the problem for make versions earlier than
4.4. However, the issue isn't really that important: reinstall, rebuild
and reconfigure are development tools, they're not fully reliable to
begin with, and it's anyway less likely that someone uses `make -j` when
doing a reinstall/rebuild/reconfigure.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Reported-by: James Hilliard <james.hilliard1@gmail.com>
- Fix CVE-2022-48303: GNU Tar through 1.34 has a one-byte out-of-bounds
read that results in use of uninitialized memory for a conditional
jump. Exploitation to change the flow of control has not been
demonstrated. The issue occurs in from_header in list.c via a V7
archive in which mtime has approximately 11 whitespace characters.
- Update hash of COPYING (http replaced by https)
https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When building for a target architecture that go does not support, the
installation fails with:
$ make host-go
[...]
ln -sf ../lib/go/bin/go /home/nyma7486/dev/work/5GCroCo/O/pouet/per-package/host-go/host/bin/
ln: failed to create symbolic link '/home/nyma7486/dev/work/5GCroCo/O/pouet/per-package/host-go/host/bin/': No such file or directory
Indeed, the HOST_DIR/bin is not guaranteed to exist when we install a
host package, so it needs to be explicitly created before we can create
entries in there.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Christian Stewart <christian@aperture.us>
Cc: Anisse Astier <anisse@astier.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Without this patch, a make <pkg>_rebuild detects overwrites. Indeed, in
target_finalize steps some modifications are done on installed files (ie
strip or TARGET_FINALIZE_HOOKS for instance).
In order to avoid these modifications seen from per-package {TARGET,HOST}_DIR
and so been analyzed as some overwrites, global {TARGET,HOST}_DIR is built
using a full copy of the involved per-package files instead of hardlinks.
Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit fixes the S10hyperv SysV init script which expects binaries
to be locate in /sbin while they are installed in /usr/sbin. Please
note, that the systemd init scripts correctly reference them.
Furthermore, the SysV init script did not check for an actual HyperV
environment to be present, which is also corrected. In addition, this
commit also fixes check-package warnings regarding a missing DAEMON
definition.
Signed-off-by: Jens Maus <mail@jens-maus.de>
[Peter: drop from .checkpackageignore]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The toolchain wrapper automatically adds Position Independent
Execution and stack protector flags in the build process when selected
in the configuration. at91bootstrap being freestanding code, it
doesn't support these, so we have to disable them.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The "official" repository we used to reference disapeared quite some
time ago, so in commit 8c25838b53 (package/rockchip-mali: fix build
failure due to missing URL) we switched to using a mirror.
The tarballs generated on the Github side have a top-level directory
that is named "repo-name-HASH", so when we switched to a repository
named "libmali" to one named "mirrors", the content of the generated
tarball changed, even though the content of the files did not.
We can't just change the hash to the new value, or that would conflict
with thecopy on s.b.o and older versions of Buildroot.
So, we drop one cahr from the commit hash, which eans the tarball name
changes, and thus we can calculate a new hash for that tarball, and
there will be no conflict with any existing tarball on s.b.o.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NVIDIA driver persistence daemon.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
[Arnout:
- disable on BR2_STATIC_LIBS;
- only depend on tirpc if toolchain doesn't have RPC;
- use unstripped binary - the strip support in the makefile is utterly
broken (and we anyway strip in target-finalize);
- define NVIDIA_PERSISTENCED_USERS directly rather than with another
variable;
- install all the systemd stuff in
NVIDIA_PERSISTENCED_INSTALL_INIT_SYSTEMD.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
udisks now requires that libblockdev has support for NVME via
libnvme, while udisks itself is not linked against libnvme,
just against libblockdev-nvme.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: fix+extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add defconfig for the Khadas VIM3 board which uses a A311D SoC with a 4x
ARM Cortex-A73 + 2x ARM Cortex-A53 big.LITTLE architecture.
This defconfig includes the Linux mainline kernel version 6.3 as well as
mainline uboot version 2023.04 with an in-tree .dts and uboot-defconfig.
It also includes the host-tool amlogic-boot-fip which is necessary for
signing the bootloader. This host tool is used in the post-image.sh script
in order to generate the signed binary.
This binary is then flashed to the final sdcard.img after it is
generated using genimage. It is done in this way because the bootloader
image needs to be flashed in 2 steps. First the first 444 bytes need to
be flashed to the beginning of the sdcard.img, then we need to skip 68 bytes
in the source and the destination and then write the remaining
bootloader image to the sdcard.img.
Ref: http://docs.khadas.com/products/sbc/vim3/development/create-bootable-tf-card
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
[Romain:
add BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_6_3=y
add BR2_TARGET_UBOOT_NEEDS_OPENSSL=y
add BR2_PACKAGE_HOST_DOSFSTOOLS=y for genimage vfat support
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
This tool is needed by some SoCs to sign the bootloader.
See the list of supported SoCs:
https://github.com/LibreELEC/amlogic-boot-fip
The variable BR2_PACKAGE_HOST_AMLOGIC_BOOT_FIP_DEVICE is used to specify
for which device this package needs to be used.
This tool uses pre-compiled binaries in order to sign the bootloader.
These binaries are provided under a proprietary license that prohibits
any redistribution of the resulting images.
A similar tool was tried to be added in the past:
http://patchwork.ozlabs.org/project/buildroot/patch/1533545408-11248-2-git-send-email-narmstrong@baylibre.com/
This time however a license file is present which can be used by
make legal-info. Additionally, acs_tool.pyc was replaced by acs_tool.py
and is therefore not compiled anymore.
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
[Romain:
add AMLOGIC_BOOT_FIP_REDISTRIBUTE = NO
add qstrip for BR2_PACKAGE_HOST_AMLOGIC_BOOT_FIP_DEVICE
remove build-fip-all.sh copy, not needed
factorize file copy in HOST_AMLOGIC_BOOT_FIP_INSTALL_CMDS
update commit log with the github url where we can find the list of supported SoCs.
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
We can expand the list of supported musl architectures by
letting libucontext provide required context API's.
Use the following table to determine which architectures require
libucontext for BR2_PACKAGE_LIBUNWIND_MUSL_CONTEXT_REQUIRED:
https://github.com/libunwind/libunwind/tree/v1.6.2#libc-requirements
Enable BR2_PACKAGE_LIBUNWIND_ARCH_SUPPORTS if we have
BR2_PACKAGE_LIBUCONTEXT_ARCH_SUPPORTS or if context is not required
by checking for !BR2_PACKAGE_LIBUNWIND_MUSL_CONTEXT_REQUIRED.
Select BR2_PACKAGE_LIBUCONTEXT when selecting BR2_PACKAGE_LIBUNWIND
if we have BR2_PACKAGE_LIBUNWIND_MUSL_CONTEXT_REQUIRED.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The post-image.sh script is used in several STM32MP157-based board
configs. It had hardcoded device tree file names for the supported
boards which were used for matching the expected TF-A binary name.
Replace this mechanism with a pair of grep and sed that build the TF-A
binary name from the device tree file name. For example, if
BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES contained
DTB_FILE_NAME=stm32mp157c-dk2.dtb, the appropriate TF-A file would be
named tf-a-stm32mp157c-dk2.stm32.
Since the Bash Here Strings are removed with this change, I took the
opportunity to remove the only other non-POSIX command, "local", and
then I was able to change the shebang to plain /bin/sh, with -eu for
simpler error handling.
Signed-off-by: Grzegorz Szymaszek <gszymaszek@short.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit b9bf1c6535 (package/opkg-utils: add opkg-utils as target pkg)
misspelled the macro to install to target, most probably as a bad
copy-paste from the host macro.
Fix that.
Reported-by: Michael Hacker <mh@superbox.one>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We want to initialize the kernel random number generator as soon as
possible, as early init scripts may also need random numbers (E.G.
syslog-ng in S01syslog-ng does).
Seedrng was presumably only using S20 because the previos urandom script
used S20, which (after som moves) dates all the way back to:
commit 8262508fc4
Author: Eric Andersen <andersen@codepoet.org>
Date: Fri Apr 26 22:01:43 2002 +0000
With this update, everything now works as expected.
-Erik
Seedrng needs persistent storage, but mount -a is run before executing the
init scripts, so S01 should be as good as S20 - Atleast with the scripts in
upstream Buildroot.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The gnu-efi package was enabled on mips64el by commit
11b347c03a ("package/gnu-efi: add
mips64el support"). However, it has been failing to build for a long
time, and nobody bothered fixing it:
gnu-efi-3.0.15//gnuefi/crt0-efi-mips64el.S:71: Error: cannot represent BFD_RELOC_16 relocation in this object file format
Even reverting back to gnu-efi 3.0.10, which was the version used at
the time of 11b347c03a, does not fix the
issue. We tested updating to the latest gnu-efi version, 3.0.17, and
the problem still exists.
Since EFI on MIPS is extremely niche, we don't really want to invest
the time to fix this issue, so let's disable it again. If someone
cares enough, it can be fixed and re-enabled.
Fixes:
http://autobuild.buildroot.net/results/d5938edcf50ebb7fdcec148d73f402845079779d/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gpsd >= 3.25 raised since commit
3c7fece853:
In file included from src/configuration.h:50,
from src/configuration.c:46:
src/gpsdclient.h:64:8: error: redefinition of 'struct fixsource_t'
64 | struct fixsource_t {
| ^~~~~~~~~~~
In file included from src/gpsdclient.h:49,
from src/configuration.h:50,
from src/configuration.c:46:
/tmp/instance-17/output-1/host/aarch64-buildroot-linux-gnu/sysroot/usr/include/gps.h:2714:8: note: originally defined here
2714 | struct fixsource_t
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/47a619686bb47debd525c92aa7e14bee5c40ca9e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Mako provide some external plugins that requires additionnal and
optional runtime dependencies, make sure we test these situations.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some extensions of python-mako use python-babel, if they are used,
python-babel must be added as a runtime dependency.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some extensions of python-mako use python-pygments, if they are used,
python-pygments must be added as a runtime dependency.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This new runtime test allows to make sure that the python-mako package
minimally works at runtime.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- To match NXP 6.1.22-2.0.0 release.
- EULA/COPYING: update to LA_OPT_NXP_Software_License v45.
Signed-off-by: Chris Dimich <cdimich2188@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- To match NXP 6.1.22-2.0.0 release.
- EULA/COPYING: update to LA_OPT_NXP_Software_License v45.
Signed-off-by: Chris Dimich <cdimich2188@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- To match NXP 6.1.22-2.0.0 release.
- EULA/COPYING: update to LA_OPT_NXP_Software_License v45.
Signed-off-by: Chris Dimich <cdimich2188@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the linux-imx kernel to be aligned with the NXP BSP
LF6.1.22_2.0.0 (same release used in meta-freescale [1]).
Add BR2_TARGET_UBOOT_NEEDS_GNUTLS=y and BR2_TARGET_UBOOT_NEEDS_UTIL_LINUX=y
since they are new dependencies for building mkeficapsule u-boot tool.
The uboot-imx doesn't use the default imx8mp-evk devicetree anymore due
to commit [2]:
"Change to use imx8mp-evk-revb4.dtb and imx8mp-ddr4-evk-revb4.dtb
as default kernel DTB for iMX8MP re-design EVK board. Old EVK
board is EOL, to boot old EVK, user can switch to old DTB manually."
Since the freescale_imx8mpevk_defconfig only install imx8mp-evk.dtb in
the final image, the boot stop with:
Booting from mmc ...
Failed to load 'imx8mp-evk-revb4.dtb'
WARN: Cannot load the DT
Add a u-boot defconfig fragment to revert this change [2] and use the
imx8mp-evk.dtb by default.
Runtime tested on i.MX 8M Plus EVK REV B2.
[1] https://github.com/Freescale/meta-freescale/commit/e6b1b6725cd1d44550ba473ff6a80c1b80663965
[2] https://github.com/nxp-imx/uboot-imx/commit/a60e787a6e35b9c14c391e03d41468e4ad63d598
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit
55e83008fc ("package/gcc/gcc-final:
rework installation of libgcc_s/libatomic"), we reworked the libgcc_s
installation. In the previous code, libgcc_s was installed to
STAGING_DIR/TARGET_DIR unconditionally, but a "-cp" command was used,
which means that any failure was ignored. As we are now more picky, it
has become clear that this in fact wasn't entirely correct: libgcc_s
only exists for shared builds. For static builds, only libgcc.a is
available, but it doesn't need to be installed to STAGING_DIR (for
some reason, and as it was never installed by Buildroot, it has always
worked without libgcc.a in STAGING_DIR).
So long story short: we change the code to only install libgcc_s when
BR2_STATIC_LIBS is disabled. This fixes the following build failure on
BR2_STATIC_LIBS=y builds:
cp -dpf /home/thomas/buildroot/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/lib*/libgcc_s* /home/thomas/buildroot/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/lib/
cp: cannot stat '/home/thomas/buildroot/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/lib*/libgcc_s*': No such file or directory
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add initial support for Orangepi Zero3 board:
- U-Boot 2021.07 fork by Orangepi
- Linux 6.1.31 fork by Orangepi
- Default packages from buildroot
Enable CONFIG_MFD_AC200 as it is used directly by other module,
resulting in build failure when disabled.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Tested-by: Sergey Kuzminov <kuzminov.sergey81@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The buildroot-association repository used to be hosted on Github, then
was closed for some banking issues. We're now making it public again,
but on Gitlab like the rest of Buildroot.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that the snapshot tarball section is gone, the "Source code" block
has only one sub-block "Repository" which makes it look odd. So bring
the sub-block content into the parent block, and rename this parent
block "Git repository".
As this requires re-indenting the whole HTML soup, take advantage of
this to use <p>...</p> in a more correct manner.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: fix "git pull" layout]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We're now using Gitlab as our official Git repository, so let's update
the website accordingly. Gitlab only provides https:// access, so drop
the explanation about the Git native protocol being more efficient
than HTTP (also because that's no longer true).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a host option to build the xml2cpp-codegen part of the
sdbus-cpp package for use in creating adaptor and proxy
implementations from the D-Bus IDL.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 32cec3be97 (docs/manual: rename *.txt as *.adoc) renamed the manual
files but forgot to update the reference in the DEVELOPERS file, causing
check-package to warn:
WARNING: 'docs/manual/adding-packages-meson.txt' doesn't match any file, line 851
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit adds the licensing information for the host-gcc-initial,
host-gcc-final and gcc-final packages.
For host-gcc-initial and host-gcc-final, instead of duplicating the
information, we use common variables coming from gcc.mk.
Of course for the target gcc-final, we use a different license than
for host-gcc-final, as it's the whole point of this series: be able to
describe that the target side of gcc is GPL-3.0 with linking
exception.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
This commit adds a target package "gcc-final", which is a target
package responsible for installing the gcc runtime libraries to
STAGING_DIR and TARGET_DIR. This task was so far done by the host
gcc-final package.
The motivation for splitting it up into a target package is to be able
to properly handle the licensing situation of GCC, where the host part
of GCC (the compiler itself) is under GPLv3, but the runtime libraries
on the target are under GPLv3-with-exception. So far, we were not
handling at all the license of gcc.
So what this commit does is:
* Add a gcc-final target package, which is depended on by the
toolchain-buildroot package, and which depends on
host-gcc-final.
* Moves to gcc-final the logic for installing target/staging
libraries
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The HOST_GCC_FINAL_M68K_LIBGCC_FIXUP hook is tweaking the staging
directory. In preparation for additional rework, let's move it further
down in the file so that the diff of the rework will be easier to look
at.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Right now the library installation was split between installation of
static libs vs. shared libs. In preparation for additional rework, it
makes more sense to split it between target installation and staging
installation.
For staging installation we simply install $(lib)* so that both static
and shared libraries are copied.
For target installation, we only install when shared libraries are
used, and we copy $(lib).so*
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
This provides better error handling, and is more in line with our
current coding style. We also replace ";" by "&&" for the same reason
of proper error handling.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
We typically don't define empty variables in Buildroot, and the
comment is a bit useless, so drop both.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The installation of libgcc_s/libatomic (which have to go in /lib) is
handled differently than all the other libraries (which go in
/usr/lib). For consistency, and in preparation for additional changes
in this area, handle both in a more consistent manner, with a new
HOST_GCC_FINAL_LIBS that looks like HOST_GCC_FINAL_USR_LIBS.
Consequently, the hook HOST_GCC_FINAL_INSTALL_USR_LIBS is renamed to
HOST_GCC_FINAL_INSTALL_LIBS, and made unconditional rather than being
conditional on ifneq ($(HOST_GCC_FINAL_USR_LIBS),). Indeed, we now
need to install libraries in /lib unconditionally, and if
HOST_GCC_FINAL_USR_LIBS is empty, the loops will simply not iterate on
any element, and they will not install anything in /usr/lib.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
The weston runtime test uses the CRC of the framebuffer to detect that
"something" is being drawned on the framebuffer. This requires that the
sampling of the CRC happens does not happen too early after trigerring
an action, or the rendering may be not be finishe, either:
- weston may not have had time to initialise, or
- the test application may not have started rednering,
The sequence of rendering that has been observed yields this sequence of
CRCs (elided for brevity):
- boot:
- alternating between 0x4c4126bf and 0x5d2f9aa5: console cursor
blinking
- start weston:
- 0x4c4126bf: weston switches to a cleared vt, no blinking cursor
...
- 0xe54b7895: weston is starting
...
- 0xe54b7895: wayland socket appears!
...
- 0x6bf28bdf: weston is ready
...
- start weston-simple-egl:
- 0x6bf28bdf: application is starting
...
- 0xNNNNNNNN: random CRCs while the application renders
...
- stop weston-simple-egl:
- 0xNNNNNNNN: zero, one, or two random CRCs while the application
renders before it handles SIGTERM
- 0x6bf28bdf: application is stopped
...
- stop weston:
- 0x6bf28bdf: a few CRC identical to when weston was started, while
weston is processing SIGTERM
- oscillating between 0x4c4126bf and 0x5d2f9aa5: console cursor
blinking, back to initial vt, weston dead.
So, we need to wait "enough" after each action. Moreover, when the
wayland socket appears, weston may not have stabilised yet, so we also
need to wait after the socket appears.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Julien Olivain <ju.o@free.fr>
When testing the virt machine with EDK2, the buildroot 6.1 kernel
will not boot as it has no base ACPI support. Whilst you can run
qemu with the -no-acpi option, it would help if basic ACPI support
was there as otherwise there is no output from the kernel post the
ACPI BIOS initialisation.
Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building go with cgo support needs to build some .c files to generate target
support code, and thus calls the cross C compiler, which is failing when the
toolchain is not built before host-go:
>>> host-go 1.21.1 Building
cd .../build/host-go-1.21.1/src && GO111MODULE=off GOCACHE=.../per-package/host-go/host/share/host-go-cache GOROOT_BOOTSTRAP=.../per-package/host-go/host/lib/go-1.19.11 GOROOT_FINAL=.../per-package/host-go/host/lib/go GOROOT=".../build/host-go-1.21.1" GOBIN=".../build/host-go-1.21.1/bin" GOOS=linux CC=/usr/bin/gcc CXX=/usr/bin/g++ CGO_ENABLED=1 CC_FOR_TARGET=".../per-package/host-go/host/bin/arm-linux-gcc" CXX_FOR_TARGET=".../per-package/host-go/host/bin/arm-linux-g++" GOOS="linux" GOARCH=arm GOARM=6 GO_ASSUME_CROSSCOMPILING=1 ./make.bash
Building Go cmd/dist using .../per-package/host-go/host/lib/go-1.19.11. (go1.19.11 linux/amd64)
go tool dist: cannot invoke C compiler [".../per-package/host-go/host/bin/arm-linux-gcc"]: fork/exec .../per-package/host-go/host/bin/arm-linux-gcc: no such file or directory
Go needs a system C compiler for use with cgo.
To set a C compiler, set CC=the-compiler.
To disable cgo, set CGO_ENABLED=0.
This happens systematically with PPD, and happens without PPD when
host-go is explicitly built (by running: "make host-go").
Since only CGO support needs to compile C files, only add the toolchain
dependency in that case.
When the target is not supported by go, then there is obviously no need
to depend on the toolchain (even if we unconditionally enable cgo
support in only-for-the-host host-go).
Signed-off-by: Christian Stewart <christian@aperture.us>
[yann.morin@orange.com:
- only add the toolchain dependency for target cgo
- reword commit log
]
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Anisse Astier <anisse@astier.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0c15169f5a (package/pppd: bump version to 2.5.0) forgot to drop
the check-package exclusion when it dropped the patches.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a simple test that builds and runs the futter-gallery application and
checks if the service is active.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: fix flake8 warnings]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Flutter Gallery is a resource to help developers evaluate and use Flutter.
It is a collection of Material Design & Cupertino widgets, behaviors, and
vignettes implemented with Flutter.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
flutter-pi is one of many flutter-embedders. However, flutter-pi is unique
because it doesn't require X or Wayland to run. So long as there is support for
KMS and DRI flutter-pi should run on any platform that flutter-engine supports.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: drop unused BR2_PACKAGE_FLUTTER_PI_TEST_PLUGIN]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There are many issues with this package:
- The release tarballs from https://github.com/flutter/engine are in no state
to compile. They are only for the use of gclient to download a source
directory structure suitable to build the Flutter engine! If you download,
extract and attempt to run `./tools/gn --no-goma --no-prebuilt-dart-sdk`, you
receive the error message:
`No such file or directory: 'flutter/flutter/third_party/gn/gn.'
But wait! Wasn't the gn binary just called? No, that's a wrapper in the
Flutter source tree that formats arguments to call the real gn binary.
The real gn is not provided in the tarball but is downloaded via gclient
(among many other supporting repositories.)
Even worse, the flutter buildsystem depends on the .git dirs being present.
(https://github.com/meta-flutter/meta-flutter/issues/271) This dependency
means it is not possible to create a reproducible tarball from the downloaded
sources, which is why there is no .hash file provided.
I have asked the flutter project to release full tarballs suitable for
compiling here: https://github.com/flutter/flutter/issues/130734
- Flutter engine includes a patched copy of clang that must be used to compile.
Using a Buildroot-build clang results in linking warning and errors.
As such, we depend on LLVM_ARCH_SUPPORTS but use the included clang for
building. On the plus side, this saves time having to compile clang.
- flutter-engine relies on the "PUB_CACHE", that is provided by flutter-sdk,
so we need a build dependency, even if no tool from host-flutter-sdk-bin
is used to build flutter-engine
Tested with:
- Debian 11 and 12
- Ubuntu 18.04, 20.04, and 22.04
- Fedora 38
- Per-package directories
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- search gclient.py from PATH
- indent shell script with 4 spaces
- reorganise schell script with prepare/cleanup
- tweak comment about weirdness of flutter buildsystem
- use suitable-extactor and TAR_OPTIONS
- use FLUTTER_SDK_BIN_PUB_CACHE
- add dependency to host-futter-sdk-bin (Adam)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
flutter-sdk-bin is a collection of host tools and plugins used to compile
flutter applications.
- As this is a collection of pre-compiled tools, append -bin to the end of the
package name.
- We must set the HOME directory variable to the sdk directory or else the
flutter dart binaries place .dart, .dart-sdk, and .flutter in ~/.
- set --clear-features, --no-analytics and --disable-telemetry first to disable
google tracking as soon as possible.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr:
- set FLUTTER_SDK_BIN_PUB_CACHE for other packages to make use of it
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Chromium and Chromium OS use a package of scripts called
depot_tools to manage checkouts and code reviews. This package
also includes the gclient utility.
gclient is a Python script to manage a workspace of modular dependencies that
are each checked out independently from different subversion or git
repositories. Features include:
- Dependencies can be specified on a per-OS basis.
- Dependencies can be specified relative to their parent dependency.
- Variables can be used to abstract concepts.
- Hooks can be specified to be run after a checkout.
- .gclient and DEPS are Python scripts. You can hack in easily or add
additional configuration data.
.gclient file: It's the primary file. It is, in fact, a Python script. It
specifies the following variables:
- solutions: an array of dictionaries specifying the projects that will be
fetched.
- hooks: additional hooks to be run when this meta checkout is synced.
- target_os: an optional array of (target) operating systems to fetch
OS-specific dependencies for.
- cache_dir: Primarily for bots, multiple working sets use a single git
cache.
gclient is necessary for checking out the flutter-engine source code, as the
release tarballs provided on the flutter-engine github are in no state to
compile. Google expects the use of gclient to download a source directory
structure suitable to build the Flutter engine.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed all patches, they are now included in this release.
Added other patches fixing errors.
Removed option BR2_PACKAGE_PPPD_RADIUS, upstream build system, now auto-
conf-based, does not support disabling the radius plugin.
Removed BR2_PACKAGE_PPPD_OVERWRITE_RESOLV_CONF, upstream now defaults to
/etc, quoting README:
"Note that if you have built and installed previous versions of this
package and you want to continue having configuration and TDB files in
/etc/ppp, you will need to use the --sysconfdir option to ./configure."
Switched build system to autoconf, added optional systemd support.
Added configure option to enable multilink support which now defaults to
false but was enabled before:
https://github.com/ppp-project/ppp/blob/2.4.9/pppd/Makefile.linux#L57
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit updates monit to the latest 5.33.0 version which also
requires an additional patch to configure.ac as well as enabled ipv6
support.
Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove no longer supported soup2 config option
We now build webkit with soup3 so we need to set wpe_api to 2.0 to
be compatible.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can now significantly simplify the python-rtoml build using the
new setuptools-rust setup type introduced in the python package
infrastructure.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
We can now significantly simplify the python-orjson build using the
new maturin setup type introduced in the python package
infrastructure.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
We can now significantly simplify the python-cryptography build using
the new setuptools-rust setup type introduced in the python package
infrastructure.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The python-maturin build backend while itself is a pep517 backend
uses setuptools-rust for bootstrapping purposes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Python has two build backends for packages that use Rust:
setuptools-rust and maturin. Both are provided by the pyo3 package
infrastructure (but that's not relevant for Buildroot).
The setuptools-rust build backend is a setuptools extension that is
capable of building python rust extensions.
The maturin build backend is a pep517 build extension that is itself
written in rust, it is itself bootstrapped using setuptools-rust but
is not itself a setuptools extension.
Both are from the pyo3 build infrastructure, so we add both of them in a
single patch. They also share a lot of the cargo-specific handling.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Arnout: remove the _PYO3_ENV variables, the add little benefit]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
While building host-localedef from glibc 2.38 sources, it uses the
features.h header from its sources that define _ISOC2X_SOURCE 1 as
soon as _GNU_SOURCE is defined.
_ISOC2X_SOURCE enable __GLIBC_USE_ISOC2X 1 that enable the header
redirection to use __isoc23_* functions introduced in glibc 2.38 [1].
If an older version is installed on the host, those functions
doesn't exist and break the build.
Add a local patch to keep _ISOC2X_SOURCE and __GLIBC_USE_ISOC2X
disabled.
Fixes:
host-localedef-2.38-13-g92201f16cbcfd9eafe314ef6654be2ea7ba25675/build/locale/ld-ctype.o: in function `ctype_read':
ld-ctype.c:(.text+0x6cef): undefined reference to `__isoc23_strtoul'
(glibc 2.31 installed on the host)
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=64924422a99690d147a166b4de3103f3bf3eaf6c
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Enable mathvec explicitly on aarch64(be) since it's now enabled by
default [1]. aarch64 mathvec requires at gcc-10 but Buildroot already
provide gcc-11 as minimum version.
Don't use --enable-fortify-source for now in order to keep original
behavior while doing the glibc version bump (and because some
architecture doesn't support well fortify-source, i.e Microblaze).
Postpone this change to a follow up commit.
Keep the "deprecated" libcrypt enabled just in case if some
application are not yet ready to use an alternative such as libxcrypt.
Security related changes:
CVE-2023-25139: When the printf family of functions is called with a
format specifier that uses an <apostrophe> (enable grouping) and a
minimum width specifier, the resulting output could be larger than
reasonably expected by a caller that computed a tight bound on the
buffer size. The resulting larger than expected output could result
in a buffer overflow in the printf family of functions.
See:
https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00010.html
Runtime tested with Qemu on Gitlab-ci:
https://gitlab.com/kubu93/buildroot/-/pipelines/998435203https://gitlab.com/buildroot.org/toolchains-builder/-/pipelines/998926028
[1] https://sourceware.org/git/?p=glibc.git;a=commit;h=cd94326a1326c4e3f1ee7a8d0a161cc0bdcaf07e
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE_2023-5217: Heap buffer overflow in vp8 encoding in libvpx in
Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote
attacker to potentially exploit heap corruption via a crafted HTML page.
https://www.openwall.com/lists/oss-security/2023/09/28/5
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: extend commit message, add _IGNORE_CVES]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Small improvements to on-screen use only. CLI -B and GUI 'B' to toggle
boxes around stats. CLI -^ and '^' to change units for Disk I/O KB/s ->
MB/s -> GB/s. This happen temporarily too if the size of the statistic
will not fit on-scree. Code changed to ensure clean compile for GCC 12
which does extra checks but got confused by some perfectly good C code!
Note: updated makefile makefile
https://nmon.sourceforge.io/pmwiki.php?n=Site.CompilingNmon
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop LDFLAGS_EXTRA to fix the following build failure raised since
commit 42f2518023:
/home/buildroot/autobuild/run/instance-2/output-1/host/opt/ext-toolchain/bin/../lib/gcc/mipsel-buildroot-linux-gnu/12.3.0/../../../../mipsel-buildroot-linux-gnu/bin/ld: stress-crypt.o: in function `$L17':
stress-crypt.c:(.text+0x2dc): undefined reference to `crypt_r'
Fixes:
- http://autobuild.buildroot.org/results/0c1d2ef59b88ebb3ae10bf8cb986280b4c1283eb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that we have a template generating an equivalent genimage configuration.
The generated genimage is identical to these +/- file ordering and a
trailing comma / newline that is ignored by genimage, E.G. for rpi3-64:
@@ -8,9 +8,10 @@
"rpi-firmware/cmdline.txt",
"rpi-firmware/config.txt",
"rpi-firmware/fixup.dat",
- "rpi-firmware/start.elf",
"rpi-firmware/overlays",
- "Image"
+ "rpi-firmware/start.elf",
+ "Image",
+
}
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The rpi genimage configurations are all identical, except for the boot
partition files, which include:
- Device tree files (*.dtb)
- rpi-firmware files (rpi-firmware/*)
- Kernel image (Image/zImage)
All of these are quite simple to figure out programmatically based on the
content of BINARIES_DIR, so extend post-image.sh to fall back to generating
a genimage configuration based on genimage.cfg.in if a board specific one
does not exist.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2023-35852: In Suricata before 6.0.13 (when there is an
adversary who controls an external source of rules), a dataset
filename, that comes from a rule, may trigger absolute or relative
directory traversal, and lead to write access to a local filesystem.
This is addressed in 6.0.13 by requiring allow-absolute-filenames and
allow-write (in the datasets rules configuration section) if an
installation requires traversal/writing in this situation.
- Fix CVE-2023-35853: In Suricata before 6.0.13, an adversary who
controls an external source of Lua rules may be able to execute Lua
code. This is addressed in 6.0.13 by disabling Lua unless allow-rules
is true in the security lua configuration section.
- Drop first patch (not needed since
https://github.com/OISF/suricata/commit/c8a3aa608eaae1acbaf33dba8a7c1a3cbfeb4285)
https://github.com/OISF/suricata/blob/suricata-6.0.14/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2023-38633: A directory traversal problem in the URL decoder of
librsvg before 2.56.3 could be used by local or remote attackers to
disclose files (on the local filesystem outside of the expected area),
as demonstrated by href=".?../../../../../../../../../../etc/passwd" in
an xi:include element.
https://gitlab.gnome.org/GNOME/librsvg/-/blob/2.50.9/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The COPYING also contains a BSD-3-Clause license. The BSD-3-Clause
applies to "manual page unifdef.1 and the portability support code in
the FreeBSD subdirectory". The BSD-2-Clause applies to everything else.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Reviewed-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 84c24ab1b5 (package/nodejs: fix parallel build) made use of
BR2_JLEVEL to set the number of jobs nodejs should use instead of using
the number of CPUs (+2).
However, BR2_JLEVEL can be set to 0 by the user, to let Buildroot detect
the number of CPUs (+1), and stores it in PARALLEL_JOBS, and leaves
BR2_JLEVEL untouched, so 0.
Thus, we can end up spawning a build by passing -j0 to ninja, which it
interprets as "no -limit yolo" and does not limit the number oj jobs it
spawns, which usually ends up in an OOM somewhere...
Fix this by using PARALLEL_JOBS.
Reported-by: Cédric & Co
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2023-3341: The code that processes control channel messages sent
to `named` calls certain functions recursively during packet parsing.
Recursion depth is only limited by the maximum accepted packet size;
depending on the environment, this may cause the packet-parsing code to
run out of available stack memory, causing `named` to terminate
unexpectedly. Since each incoming control channel message is fully
parsed before its contents are authenticated, exploiting this flaw does
not require the attacker to hold a valid RNDC key; only network access
to the control channel's configured TCP port is necessary. This issue
affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18,
9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1
through 9.18.18-S1.
https://ftp.isc.org/isc/bind9/9.16.44/CHANGES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 6.4.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When nodejs is build, a qemu wrapper script is used to execute some
programs built for the target in user-mode emulation. However, when the
target and build machines are similar (e.g. x86_74), running those
programs fails, with errors such as:
cd ../../tools/v8_gypfiles; python ../../deps/v8/tools/run.py ../../out/Release/v8-qemu-wrapper ../../out/Release/bytecode_builtins_list_generator ../../out/Release/obj.host/gen/generate-bytecode-output-root/builtins-generated/bytecodes-builtins-list.h
../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libstdc++.so.6: version `GLIBCXX_3.4.29' not found (required by ../../out/Release/bytecode_builtins_list_generator)
../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.33' not found (required by ../../out/Release/bytecode_builtins_list_generator)
../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by ../../out/Release/bytecode_builtins_list_generator)
../../out/Release/bytecode_builtins_list_generator: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.34' not found (required by ../../out/Release/bytecode_builtins_list_generator)
Return code is 1
So the question is: why the heck does Qemu use the host C library?
To answer this question, we first have to look at how the -L option of
Qemu is implemented. This option is documented as such:
-L path QEMU_LD_PREFIX set the elf interpreter prefix to 'path'
The v8-qemu-wrapper script makes this option point to $(STAGING_DIR),
so that the ELF interpreter used is the one in $(STAGING_DIR).
However, contrary to what the option documentation says, this option
does much more than setting the ELF interpreter prefix: it is going to
affect how *all* system calls manipulating files (open, etc.) are
going to work.
When this option is passed, the function init_paths() in
https://git.qemu.org/?p=qemu.git;a=blob;f=util/path.c is called at
initialization time, and essentially its sets the global "base"
variable to point to the directory passed as -L argument.
Then, for every single syscall that manipulates a path, this path will
be passed through the path() function in the same file. This function
will first attempt to resolve the path with "base" as a prefix, and if
not, return the unprefixed path.
After adding some traces into this function, I was able to understand
what happens:
(1) -L$(STAGING_DIR) is passed, causing "base" to point to
$(STAGING_DIR)
(2) The target ELF interpreter from $(STAGING_DIR) is properly invoked
(3) When this ELF interpreter then resolves the libc.so.6 library, it
first looks for /etc/ld.so.cache.
(4) Qemu first looks for /etc/ld.so.cache with the -L prefix, i.e
$(STAGING_DIR)/etc/ld.so.cache, but it does not exist. So, the Qemu
system call emulation falls back to /etc/ld.so.cache, which means
the target ELF interpreter reads the /etc/ld.so.cache of the host
system.
(5) This /etc/ld.so.cache of the host system says that libc.so.6 is in
/lib/x86_64-linux-gnu/
(6) The target ELF interpreter therefore tries to use
/lib/x86_64-linux-gnu/libc.so.6. The Qemu system call emulation
first tries $(STAGING_DIR)/lib/x86_64-linux-gnu/libc.so.6, but
this library does not exist (it is in
$(STAGING_DIR)/lib/libc.so.6), so the Qemu system call emulation
falls back to /lib/x86_64-linux-gnu/libc.so.6 of the host system,
which exist... but is too old compared to the target C library.
Indeed, results from ld.so.cache take precedence over the simple
resolution of library paths in /usr/lib and /lib.
We see 3 possible ideas to resolve this problem:
(A) Change the behavior of Qemu to not fallback to unprefixed paths:
when -L is passed, all path-related system calls should see the
paths prefixed by the -L option.
Issue with this is that this change is unlikely to get accepted by
Qemu upstream. And there might be some side effects we have not
really identified.
(B) Create an empty $(STAGING_DIR)/etc/ld.so.cache. We have tested
this solution and it works: it gets used instead of the host
/etc/ld.so.cache. Because $(STAGING_DIR)/etc/ld.so.cache is empty,
there's no libc.so.6 match, so the target ELF interpreter goes
through its normal library location resolution logic, which falls
back to trying in /usr/lib and /lib, which works as those paths
ends up being prefixed with $(STAGING_DIR) by Qemu.
(C) Pass LD_LIBRARY_PATH pointing to $(STAGING_DIR)/lib and
$(STAGING_DIR)/usr/lib in the Qemu wrapper. This works because
LD_LIBRARY_PATH paths have precedence over paths given by
ld.so.cache.
This is the solution already used by the GOI qemu wrapper in
package/gobject-introspection/g-ir-scanner-qemuwrapper.in.
We chose to go with the third option, because it has been proven to work
for the GOI wrapper, and has been reported to solve #14366. Even though
the first option would be the best, it is also the one that has the
least chances to land any time soon (if ever); the second has not been
exercised, and the impact is not fully understood either (e.g what about
non-glibc toolchains?).
Fixes: #14366
Signed-off-by: Jens Maus <mail@jens-maus.de>
[yann.morin.1998@free.fr:
- add whole analsys done by Thomas in:
https://lore.kernel.org/buildroot/20221031213926.50d3c778@windsurf/
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Unless told otherwise, ninja will spawn as many jobs as there are CPU
(plus 2). Nodejs is built with ninja, but it is a generic package, so
there is no variable (like with cmake-package) that passes the proper
number of parallel jobs as configured by the user.
As a consequence, the nodejs build will use as many CPU as are
available, possibly overcommitting the rsources the user expected to be
used.
Set the JOBS variableto limit that number.
Signed-off-by: Jens Maus <mail@jens-maus.de>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit fixes a problem where the NUT package couldn't be
used as a NUT server due to the fact that the default group for
nobody is "nogroup" and not "nobody" like the internal default
of NUT. Thus, when starting a NUT server daemon the daemon starts
with incorrect group permissions. This commit fixes this
shortcoming by introducing a dedicated 'nut' user and 'nut' group
to drop priviledges to it.
Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For release announce, see:
https://lists.infradead.org/pipermail/kexec/2023-August/027830.html
This new version introduced a usage of memfd_create() in [1]. This
function was introduced in Kernel 3.17. Therefore, this commit adds
this new dependency. This direct use of memfd_create() requires a
glibc >= 2.27. As is, this version would no longer work with uclibc-ng
or musl libc. This commit also adds a patch to allow compilation with
glibc < 2.27, and also uclibc and musl. See the patch commit log for
more details.
[1] https://git.kernel.org/pub/scm/utils/kernel/kexec/kexec-tools.git/commit/?id=714fa11590febc9cf6fd3c6309374a040a05ebb0
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: add arch dependency to comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The affected code isn't present in any release, see [0].
[0]: https://www.libssh.org/2023/07/14/cve-2023-3603-potential-null-dereference-in-libsshs-sftp-server/
The CPE entry for this CVE is
cpe:2.3:a:libssh:libssh:-:*:*:*:*:*:*:*
We interpret the "-" as matching any version. It actually means
"unspecified version", which is the cop-out in case there is nothing
useful to match. We can't really make our infrastructure ignore "-"
entirely, because for all we know our version is an unreleased commit
sha which _is_ vulnerable. Thus, the only way out is an exclusion which
we'll never be able to remove.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Allow enabling support for both the X11 and Wayland backends.
This in turn needs reorganizing how desktop GL or OpenGL ES is chosen,
as it no longer can depend on whether Wayland support is enabled: the
BR2_PACKAGE_HAS_LIBGL and BR2_PACKAGE_HAS_LIBGLES variables are both
checked, and ENABLE_GLES2 is set only if the package providing OpenGL
claims only GLES is supported; otherwise desktop GL is preferred. This
matches the existing logic.
The existing comment indicating that only one of both windowing systems
can be enabled was wrong: the same WebKitGTK build can target both
X11 and Wayland at the same time, as long as GTK itself has been built
accordingly. Enabling both is the approach taken by most Linux
distributions, and has been supported for years.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Sometimes it happens that a Company or a Physical Person sponsors the
creation and/or the upstreaming process of a patch, but at the moment
there is no way to give credits to it. In Linux they prepend '+sponsor'
to the e-mail of the contributor in both authorship and commit log tag as
discussed here[0]. So let's describe in the manual how to do that as a
standard.
[0]: https://lore.kernel.org/linux-doc/20230817220957.41582-1-giulio.benetti@benettiengineering.com/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- reword to reference sub-addressing and the RFC
- move to the "submitting patches" section, that already deals with
SoB tags
- differentiate between Your/Their names
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Per default, the fio package uses the "-march=native" GCC option. This
is of course wildly inappropriate for cross-compilation and can result
in illegal instructions. Thus we make sure fio will not use that
compiler option by adding --disable-native to FIO_OPTS.
Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This commit integrates support for the iwlwifi QuZ firmware files
to support the wifi chipsets for the intel NUC10 type of hardware.
Thus, this change adds BR2_PACKAGE_LINUX_FIRMWARE_IWLWIFI_QUZ.
Signed-off-by: Jens Maus <mail@jens-maus.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The commit 4e365d1768 "package/tcl: bump to version 8.6.13" did NOT
refreshed the package patch, because the patch was still applying
correctly and the package was working as expected.
It was refreshed in the previous bump, in commit 9cf314745a
"package/tcl: bump to version 8.6.12". This was part of 2022.02.
Looking closer at the patch content, the -/+ lines are exactly the
same. So this patch does not change anything. Since the file was kept
and the commit log mention a patch refresh, the intent was more
likely to carry over the old patch (which was declaring all libc
functions as "unbroken".
This commit actually refreshes this patch. It was regenerated with
git format-patch. Since the patch is renamed due to git format-patch,
the .checkpackageignore is updated accordingly.
Note:
This ancient patch will be removed soon, as an upstream commit [1],
not yet in a release, cleaned up and removed those old parts.
[1] https://github.com/tcltk/tcl/commit/04d66a25716cb7738dad3170cca4d0a4683db08a
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
As off 2022-11-22 CVE-2022-39377 is listed as affecting sysstat
< 2.16.1 instead of < 2.17.1. The text is not updated, but the CPE info
is.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The install to staging commands of the ne10 package are careful to
install the shared libraries only if they are built, but we forgot to
use the same care for the install to target commands, causing a build
failure on BR2_STATIC_LIBS=y configurations as no shared library was
built:
cp: cannot stat '/home/autobuild/autobuild/instance-15/output-1/build/ne10-1.2.1/modules/libNE10*.so*': No such file or directory
This commit fixes this by guarding the target installation commands to
BR2_STATIC_LIBS being empty.
The problem exists since the package was introduced in commit
318f3db0dc ("ne10: new package"), a good
10 years ago. Most likely it was not seen for many years as this
package is only available for ARM with NEON and AArch64, and we were
not testing fully static builds, except for ARMv5 that don't have
NEON. Now that we are doing more random testing, the problem started
being visible.
Fixes:
http://autobuild.buildroot.net/results/45b2c1af052271bc2f1bb96544f138d29e4f7dfd/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
- tag prefix changed from 'release-' to 'v'
- C++14 is now required which gcc5 already provides
(tested with bootlin toolchain armv7-eabihf--glibc--stable-2017.05-toolchains-1-1)
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As off 2021-05-17 NVD added 1.19 as the first version that isn't
affected by CVE-2007-4476.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2022-45061 affects python <= 3.7.15, 3.8.0 through 3.8.15,
3.9.0 through 3.9.15, 3.10.0 through 3.10.8
The mentioned patch was removed in c38de813 when bumping to 3.11.1.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2021-32749 affects fail2ban <= 0.9.7, 0.10.0 through 0.10.6, and
0.11.0 through 0.11.2.
The mentioned patch was removed in 76853089 when bumping to 1.0.1.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failures raised since bump to version 1.4.0 in
commit 456a739831:
-- Found PythonInterp: /usr/bin/python3.6 (found suitable version "3.6.9", minimum required is "3.6")
CMake Error at /home/buildroot/autobuild/run/instance-3/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/share/cmake/pybind11/FindPythonLibsNew.cmake:147 (message):
Python config failure:
Traceback (most recent call last):
File "<string>", line 6, in <module>
ImportError: cannot import name 'sysconfig'
and
In file included from /home/buildroot/autobuild/instance-1/output-1/host/include/python3.11/Python.h:38,
from /home/buildroot/autobuild/instance-1/output-1/host/sh4-buildroot-linux-gnu/sysroot/usr/include/pybind11/detail/common.h:266,
from /home/buildroot/autobuild/instance-1/output-1/host/sh4-buildroot-linux-gnu/sysroot/usr/include/pybind11/attr.h:13,
from /home/buildroot/autobuild/instance-1/output-1/host/sh4-buildroot-linux-gnu/sysroot/usr/include/pybind11/detail/class.h:12,
from /home/buildroot/autobuild/instance-1/output-1/host/sh4-buildroot-linux-gnu/sysroot/usr/include/pybind11/pybind11.h:13,
from /home/buildroot/autobuild/instance-1/output-1/host/sh4-buildroot-linux-gnu/sysroot/usr/include/pybind11/numpy.h:12,
from /home/buildroot/autobuild/instance-1/output-1/build/zxing-cpp-2.1.0/wrappers/python/zxing.cpp:18:
/home/buildroot/autobuild/instance-1/output-1/host/include/python3.11/pyport.h:601:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
601 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/665b246a4bb14480152ee59050672a7469148a5b
- http://autobuild.buildroot.org/results/0502b05020de57e4910125c699c4264047187c51
- http://autobuild.buildroot.org/results/c5e7fe83d46c704e05800e3ae62bf476458c7b71
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with oprofile raised since bump of
binutils to version 2.40 in commit
35656482d3:
configure: error: bfd library not found
[...]
configure:17928: checking for bfd_openr in -lbfd
configure:17953: /home/buildroot/autobuild/run/instance-1/output-1/host/bin/arm-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c -lbfd -liberty -lpopt -ldl -lintl >&5
/home/buildroot/autobuild/run/instance-1/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arm-buildroot-linux-uclibcgnueabi/12.3.0/../../../../arm-buildroot-linux-uclibcgnueabi/bin/ld: warning: libsframe.so.0, needed by /home/buildroot/autobuild/run/instance-1/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libbfd.so, not found (try using -rpath or -rpath-link)
Indeed, in this case, libsframe is not installed even after applying
commit 1b4d921e1d because
BR2_BINUTILS_VERSION_2_40_X is not selected by anyone (binutils package
is selected by oprofile and the toolchain is not generated by buildroot)
To fix this issue, invert the logic: install libsframe by default (i.e.
when binutils is selected or with a buildroot toolchain). libsframe will
not be installed only if binutils < 2.40 is detected.
Fixes:
- http://autobuild.buildroot.org/results/af9a2d52823a332b48e6df14d2708b6a4b3833a4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc 4.8 raised since bump of snmppp
to version 3.5.0 in commit e011fa0415:
configure: error: Cannot find suitable libsnmp++ library
[...]
configure:9496: checking if libsnmp++ can be linked with flags from pkg-config
configure:9528: /home/buildroot/autobuild/run/instance-1/output-1/host/bin/arm-none-linux-gnueabi-g++ -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -D_FORTIFY_SOURCE=1 -pthread -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -D_XOPEN_SOURCE=XPG6 conftest.cpp -L/home/buildroot/autobuild/run/instance-1/output-1/host/bin/../arm-buildroot-linux-gnueabi/sysroot/usr/lib -lsnmp++ >&5
In file included from /home/buildroot/autobuild/run/instance-1/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/snmp_pp/snmp_pp.h:71:0,
from conftest.cpp:92:
/home/buildroot/autobuild/run/instance-1/output-1/host/arm-buildroot-linux-gnueabi/sysroot/usr/include/snmp_pp/uxsnmp.h:628:35: error: 'nullptr' was not declared in this scope
CSNMPMessage *snmp_message = nullptr);
^
Fixes:
- http://autobuild.buildroot.org/results/f272473e7b588f5390b183072935a0217290ee4e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patches (already in version) and so autoreconf
- Update COPYING hash (gpl mailing address updated with
https://github.com/Netatalk/netatalk/commit/9bd45cc06e02e9bbfe8156bb1e5e2843b7727a51https://github.com/Netatalk/netatalk/commit/6a5997fbd64d6cd5a5400ea6a0a930d005ed89df)
- Fix CVE-2022-43634: This vulnerability allows remote attackers to
execute arbitrary code on affected installations of Netatalk.
Authentication is not required to exploit this vulnerability. The
specific flaw exists within the dsi_writeinit function. The issue
results from the lack of proper validation of the length of
user-supplied data prior to copying it to a fixed-length heap-based
buffer. An attacker can leverage this vulnerability to execute code in
the context of root. Was ZDI-CAN-17646.
- Fix CVE-2022-45188: Netatalk through 3.1.13 has an afp_getappl
heap-based buffer overflow resulting in code execution via a crafted
.appl file. This provides remote root access on some platforms such as
FreeBSD (used for TrueNAS).
- Fix CVE-2023-42464: Validate data type in dalloc_value_for_key()
https://github.com/Netatalk/netatalk/blob/netatalk-3-1-17/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A vulnerability was found in OpenSC. This security flaw cause a buffer
overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The
attacker can supply a smart card package with malformed ASN1 context.
The cardos_have_verifyrc_package function scans the ASN1 buffer for 2
tags, where remaining length is wrongly caculated due to moved starting
pointer. This leads to possible heap-based buffer oob read. In cases
where ASAN is enabled while compiling this causes a crash. Further info
leak or more damage is possible.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2023-40359: xterm before 380 supports ReGIS reporting for
character-set names even if they have unexpected characters (i.e.,
neither alphanumeric nor underscore), aka a pointer/overflow issue.
This can only occur for xterm installations that are configured at
compile time to use a certain experimental feature.
- Update COPYING hash (update in year and version)
https://invisible-island.net/xterm/xterm.log.html#xterm_384
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CVE-2022-1304 only affects e2fsprogs 1.46.5.
The mentioned patch was removed in 6a21733f when bumping to 1.47.0.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CVE-2021-38185 affects cpio <= 2.13.
The mentioned patches were removed in b0306d94 when bumping to 2.14.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As of 2021-05-14 CVE-2017-3139 is no longer listed as affecting bind, only RHEL.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Fix CVE-2023-36664: Artifex Ghostscript through 10.01.2 mishandles
permission validation for pipe devices (with the %pipe% prefix or the |
pipe character prefix).
- Fix CVE-2023-38559: A buffer overflow flaw was found in
base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This
issue may allow a local attacker to cause a denial of service via
outputting a crafted PDF file for a DEVN device with gs.
- Fix CVE-2023-38560: An integer overflow flaw was found in
pcl/pl/plfont.c:418 in pl_glyph_name in ghostscript. This issue may
allow a local attacker to cause a denial of service via transforming a
crafted PCL file to PDF format.
https://ghostscript.readthedocs.io/en/gs10.02.0/News.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 7dd27cbe5b (support/download: add support to exclude svn
externals) introduced an improperly formatted list item. That was
carried over with bf2d7f8f53 (package/pkg-generic: don't download svn
externals by default).
Fix that.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since 3341ceb1e5 (package/gdb: zlib is mandatory, not optional), zlib
has become a mandatory dependencies of the gdb package.
However, zlib is only needed for the debugger, gdb itself, while the
server, gdbserver, does not use it.
This means that, when building an SDK to be later reused as an external
toolchain, the zlib headers and libraries are present in the sysroot of
the toolchain, tainting the toolchain and making it unsuitable to be
reused.
As Julien noticed, for example, tcl will try and link with zlib if
available, and at build time it is. But at runtime, it is not, and thus
tclsh fails to run; see 7af8dee3a8 (package/tcl: add mandatory
dependency to zlib)
When we only need to build gdbserver, we still need to configure and
build the whole gdb distribution, which means we call the top-level
configure script; that script has no option to disable the detection
of zlib: it wants to either use a system one, or it will build the
bundled one.
So, when we only build gdbserver, we tell configure to not use a system
zlib. This triggers the build of the bundled one, but it is not linked
with gdbserver so in the end it is not used on the target.
Reported-by: Julien Olivain <ju.o@free.fr>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
HOST_PROG_SHUTDOWN currently references a file that doesn't exist. Fix
by setting it to /usr/libexec/petitboot/bb-kexec-reboot, which this
package already installs but doesn't use.
Signed-off-by: Reza Arbab <arbab@linux.ibm.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Tcl changed its zlib handling in upstream commit [1]. Before this
commit, the HAVE_ZLIB macro was defined only if a zlib headers/library
was found. After that commit, the HAVE_ZLIB macro is unconditionally
defined. The only change is that: if a working zlib library is found
in the toolchain sysroot, it is used. Otherwise, the package will use
a shipped version in [2]. See also [3] and [4].
This tcl commit is included in Buildroot since commit 7fda943b43
"tcl: bump to version 8.6.1".
In Buildroot, we prefer to not use bundled libraries wherever possible,
so add an unconditional dependency to zlib.
Further notes:
This behavior leads to runtime failures, when the package is compiled
with toolchains including zlib in their sysroot. This is because at
configuration time, the package will detect zlib in the sysroot and
link against it, but the library files won't be installed on target.
This happen to be the case with Bootlin toolchains such as [5], as they
also contaions gdbserver, and since 3341ceb1e5 (package/gdb: zlib is
mandatory, not optional), we also build zlib even if only gdbserver is
built (gdbserver does not use zlib, so that's a bug in our gdb
packaging).
This toolchain also happen to be the one used in basic configurations
of the runtime test infrastructure (this issue was found while
attempting to write a runtime test for tcl).
In such cases, running "tclsh" command fails with error message:
tclsh: error while loading shared libraries: libz.so.1: cannot open shared object file: No such file or directory
libtcl library also miss its dependency.
ldd /usr/lib/libtcl8.6.so
libz.so.1 => not found
libm.so.6 => /lib/libm.so.6 (0xb6dad000)
libc.so.6 => /lib/libc.so.6 (0xb6c65000)
/lib/ld-linux.so.3 (0xb6f6c000)
[1] https://github.com/tcltk/tcl/commit/6f3dea45cee94f12ffa0b2acbbdb3eedbc01807b
[2] https://github.com/tcltk/tcl/tree/core-8-6-13/compat/zlib
[3] https://github.com/tcltk/tcl/blob/core-8-6-13/unix/configure.in#L172
[4] https://github.com/tcltk/tcl/blob/core-8-6-13/unix/Makefile.in#L240
[5] https://toolchains.bootlin.com/downloads/releases/toolchains/armv5-eabi/tarballs/armv5-eabi--glibc--stable-2023.08-1.tar.bz2
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2023-40225: HAProxy through 2.0.32, 2.1.x and 2.2.x through
2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15,
2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty
Content-Length headers, violating RFC 9110 section 8.6. In uncommon
cases, an HTTP/1 server behind HAProxy may interpret the payload as an
extra request.
https://www.mail-archive.com/haproxy@formilux.org/msg43864.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex()
caused by a maliciously crafted file may lead to an application crash.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issue:
CVE-2023-38039: HTTP headers eat all memory
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed later via the libcurl headers API.
However, curl did not have a limit on the size or quantity of headers it
would accept in a response, allowing a malicious server to stream an endless
series of headers to a client and eventually cause curl to run out of heap
memory.
https://curl.se/docs/CVE-2023-38039.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Mutt 2.2.12 was released on September 9, 2023. This is a bug-fix
release, fixing two crash bugs. One is possible by viewing a crafted
message header, so upgrading is strongly recommended.
Fix CVE-2023-4874: Null pointer dereference when viewing a specially
crafted email in Mutt >1.5.2 <2.2.12
Fix CVE-2023-4875: Null pointer dereference when composing from a
specially crafted draft message in Mutt >1.5.2 <2.2.12
http://www.mutt.org/
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch and disable libseccomp when building statically to avoid the
following build failure raised since commit
29834d8a12:
src/seccomp_notify.c: In function 'seccomp_notify_plugins_load':
src/seccomp_notify.c:136:42: warning: implicit declaration of function 'dlopen'; did you mean 'popen'? [-Wimplicit-function-declaration]
136 | ctx->plugins[s].handle = dlopen(it, RTLD_NOW);
| ^~~~~~
| popen
src/seccomp_notify.c:136:53: error: 'RTLD_NOW' undeclared (first use in this function)
136 | ctx->plugins[s].handle = dlopen(it, RTLD_NOW);
| ^~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/13d3b46990720bba8621c922b5dce54ab650e96d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Does not install systemd unit if nodm or xdm is enabled.
Signed-off-by: Yanghao Cheng <yanghao.cheng@aioi-atg.com>
[yann.morin.1998@free.fr:
- don't use $(or ...)
- slightly reword comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
xdm package also installs a init script that utimately starts X server
Signed-off-by: Yanghao Cheng <yanghao.cheng@aioi-atg.com>
[yann.morin.1998@free.fr:
- don't use $(or ...)
- slightly reword comment
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
tests.package.test_python_pytest.TestPythonPy3Pytest runtime tests fails
now with following error:
======================================================================
FAIL: test_run (tests.package.test_python_pytest.TestPythonPy3Pytest.test_run)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/buildroot/support/testing/tests/package/test_python.py", line 137, in test_run
self.run_sample_scripts()
File "/buildroot/support/testing/tests/package/test_python_pytest.py", line 18, in run_sample_scripts
self.assertRunOk(cmd, timeout=self.timeout)
File "/buildroot/support/testing/infra/basetest.py", line 89, in assertRunOk
self.assertEqual(
AssertionError: 1 != 0 :
Failed to run: python -m pytest sample_python_pytest.py
output was:
Traceback (most recent call last):
File "<frozen runpy>", line 189, in _run_module_as_main
File "<frozen runpy>", line 148, in _get_module_details
File "<frozen runpy>", line 112, in _get_module_details
File "/usr/lib/python3.11/site-packages/pytest/__init__.py", line 5, in <module>
File "/usr/lib/python3.11/site-packages/_pytest/_code/__init__.py", line 2, in <module>
File "/usr/lib/python3.11/site-packages/_pytest/_code/code.py", line 36, in <module>
File "/usr/lib/python3.11/site-packages/pluggy/__init__.py", line 16, in <module>
File "/usr/lib/python3.11/site-packages/pluggy/_manager.py", line 10, in <module>
File "/usr/lib/python3.11/importlib/metadata/__init__.py", line 8, in <module>
File "/usr/lib/python3.11/zipfile.py", line 6, in <module>
ImportError: libz.so.1: cannot open shared object file: No such file or directory
Fix that by adding BR2_PACKAGE_PYTHON3_ZLIB dependency.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
[yann.morin.1998@free.fr: split long _DEPENDENCIES line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Improved accuracy of MARK timer, optional, default: 20 minutes.
- Fix sub-second faking of kernel timestamps
- Fix reading kernel logs from /proc/kmsg, regression in v2.4.0.
Only relevant to really old kernels (pre 4.4?) or systems with
static device nodes and no auto-devtmpfs mounting in kernel
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Sync w/ OpenBSD upstream
- Fix key bindings, Home/End
- Fix buffer overflow on no match in i-search
- Fix mark reset
- Usability:
- persistent help in status bar
- F1 toggle quick-help buffer
- F2 save
- F3/F4 macro start/end + run, like GNU Emacs
Full ChangeLog https://github.com/troglobit/mg/releases/tag/v3.7
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add upstream patch for Unordered available on the Release Page.
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libjxl was failing to build for riscv targets, since commit ff7c37e57
"package/libjxl: security bump to version 0.8.1". Build was failing with
output:
/build/libjxl-0.8.1/lib/jxl/enc_xyb.cc: In function 'jxl::Image3F jxl::N_SCALAR::TransformToLinearRGB(const jxl::Image3F&, const jxl::ColorEncoding&, float, const JxlCmsInterface&, jxl::ThreadPool*)':
/build/libjxl-0.8.1/lib/jxl/enc_xyb.cc:223:21: error: variable 'std::atomic<bool> ok' has initializer but incomplete type
223 | std::atomic<bool> ok{true};
| ^~
This build failure was due to a missing <atomic> header inclusion. For
some reason, the build failure was observed only with RISC-V toolchains.
This commit fixes the issue by adding an upstream commit, not yet in a
package release. See [1].
Fixes:
http://autobuild.buildroot.org/results/121/12107bc7aea7afae1d2fb935d31b44eee6ea1501
[1] https://github.com/libjxl/libjxl/commit/22d12d74e7bc56b09cfb1973aa89ec8d714fa3fc
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU
packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can
remotely force the lldpd daemon to perform an out-of-bounds read on heap
memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The quoting around the expansion of ${relative_dir} was indeed incorrect
since it was introduced back in 8fe9894f65 (suport/download: fix git
wrapper with submodules on older git versions): it is in fact already
quoted as part of the whole sed expression.
${GIT} can contain more than one item, but we don't care about splitting
on spaces when we just print it for debug, so we can just quote it
rather than add an exception.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit b7efb43e86 (download/git: try to recover from
utterly-broken repositories), we catch errors through an ERR
trap, so we can try and recover from a broken repository. In
that commit, we switched from using "set -e" to "set -E", so
that trap is inherited in functions, command substitutions,
and subshells.
However, the trap is not defined until we have parsed the
options, created the cache directory, and eventually chdir()ed
into it. Athough improbable, it is possible for the git helper
to fail in any of those steps, and that would not get caught.
Fix that
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we generate the taballs off a local working copy of a VCS tree,
the umask is the one that we enforce in out top-level Makefile.
However, it is possible that a user manually tinkers in said working
copy (e.g. to check an upstream bug fix, or regression). If the user
umask is different from the one Buildroot enfirces, such tinkering
can impact the mode bits of the files, even if their content is not
modified.
When we eventually need to create a tarball from said working copy,
the VCS (e.g. git) will only be interested in checking whether the
content of the files have changed before chcking them out, and will
not look at, and restore/fix the mode bits.
As a consequence, we may create non-reproducible archives.
We fix that by enforcing the mode bits on the files before we create
the tarball: we disable the write and execute bits, and only set the
execute bit if the user execute bit is set.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Several of our patches have been accepted upstream and are included in
elf2flt version 2023.09.
Patch 0001-elf2flt-handle-binutils-2.34.patch is upstream as of commit
c70b9f208979 ("elf2flt: handle binutils >= 2.34").
Patch 0002-elf2flt.ld-reinstate-32-byte-alignment-for-.data-sec.patch is
upstream as of commit 679c94adf27c ("elf2flt.ld: reinstate 32 byte
alignment for .data section").
Patch 0003-elf2flt-add-riscv-64-bits-support.patch is upstream as of
commit c5c8043c4d79 ("elf2flt: add riscv 64-bits support").
Patch 0008-riscv64-add-more-relocations-required-to-be-handled.patch was
squashed into upstream commit c5c8043c4d79 ("elf2flt: add riscv 64-bits
support") during upstreaming.
Patch 0006-xtensa-fix-text-relocations.patch is upstream as of commit
26dfb54a59c8 ("elf2flt: xtensa: fix text relocations").
Patch 0007-elf2flt-remove-use-of-BFD_VMA_FMT.patch is upstream as of
commit a36df7407d9e ("elf2flt: remove use of BFD_VMA_FMT").
Patch 0004-elf2flt-create-a-common-helper-function.patch simply added
a helper function to make the changes in the follow-up patch
0005-elf2flt-fix-fatal-error-regression-on-m68k-xtensa-ri.patch
less intrusive.
Patch 0005-elf2flt-fix-fatal-error-regression-on-m68k-xtensa-ri.patch
is no longer needed as upstream has reverted the commit that necessitated
this patch, see upstream commit 35c692ca4546 ("Revert "elf2flt: fix for
segfault on some ARM ELFs""). The problem that the reverted upstream patch
solved is now instead solved by the combination of upstream commits
7a59b265c2dc ("Revert "elf2flt: fix relocations for read-only data"") and
a934fb42cf59 ("elf2flt: force ARM.exidx section into text").
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Tested-By: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The LuaJIT project switches to a rolling release scheme.
Now, the version contains the timestamp of its latest commit.
The timestamp can be seen in build log:
==== Successfully installed LuaJIT 2.1.1693350652 to /usr ====
diff COPYRIGHT:
-Copyright (C) 2005-2022 Mike Pall. All rights reserved.
+Copyright (C) 2005-2023 Mike Pall. All rights reserved.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If a patch only removes files, it is ignored. Meaning, that the
registered developer isn't automatically picked up when calling
get-developer.
Fix this by also checking if the line starts with ---, as a patch
removing a file has a line starting with --- with the name of the
removed file and one started with +++ /dev/null.
A set is used to store the changed files, which doesn't allow
duplicates. Therefore normal patches aren't affected by this change.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update github organization name to nxp-imx which is being
redirected to.
Rename COPYING TO LICENSE.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.21.1 (released 2023-09-06) includes four security fixes to the cmd/go,
crypto/tls, and html/template packages, as well as bug fixes to the compiler,
the go command, the linker, the runtime, and the context, crypto/tls,
encoding/gob, encoding/xml, go/types, net/http, os, and path/filepath packages.
Security fixes:
CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary execution
CVE-2023-39318: html/template: improper handling of HTML-like comments within script contexts
CVE-2023-39319: html/template: improper handling of special tags within script contexts
CVE-2023-39321: crypto/tls: panic when processing post-handshake message on QUIC connections
https://go.dev/doc/devel/release#go1.21.0
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This was added both on master and next, but the symbol was also renamed in
next by commit cbd91e89e4 (arch/Config.in.riscv: allow extensions for
generic) and resolved wrong. Ensure we use the new symbol name.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is a bugfix release only containing the fix to a potential integer underflow
which got assigned CVE-2023-36328.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4.1.9 is affected by CVE-2023-36053, and 4.1.10 was released to fix
it. The changes between 4.1.9 and 4.1.10 are just:
f9a14b8f0668029fb7e0aebcae57b60dcec4a529 (tag: 4.1.10) [4.1.x] Bumped version for 4.1.10 release.
beb3f3d55940d9aa7198bf9d424ab74e873aec3d [4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
3b48fe413f91612fb8c43fe9d489860d10c84bf7 [4.1.x] Added stub release notes for 4.1.10 and 3.2.20.
0e5948b8df5d25deb48a505cbf16f010d9dc603c [4.1.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if Pillow isn't installed.
66e1e9b006618ba00e804d18bd90d3a9e94801b3 [4.1.x] Added CVE-2023-31047 to security archive.
d1385cc51b142b05b21b721d9d68fc461bc7241f [4.1.x] Post-release version bump.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit updates poppler to the latest version in the 22.x series,
with only has bug fixes. Here is the list of commits between 22.10.0
and 22.12.0:
df568263c51950ceed6f1fb42f80e99a2614c275 (tag: poppler-22.12.0) poppler 22.12.0
198dc1d0674c0a462668e6868c35b1ee0e731005 Form::addFontToDefaultResources: Be stubborn in finding a font we can use
a5952ab70716a2d4f792a943c2dcf3068f1d6885 Revert "CI: Fix Debian brokenness"
8fcaa7c622d24761a9ecb3922f95d072077d6f34 CI: Fix Debian brokenness
cc665f757af6b87dd245d36e079dd44d8d2d2182 (tag: poppler-22.11.0) poppler 22.11.0
a296982e1d5b4968b2bd044d80647ae6f9267526 Do not include a poppler/ file from a splash/ header
bc4a0d9a2abfcd75d9b0ee4be3f7600905fe6001 Form: Provide Unicode marker when ensuring fonts
111f38a722eedddd94faa52dda8c5e0da561fb41 Cairo: Update font after restore
907d05a6a141284aee22fbd16ab0a2fb4e0f2724 Fix crash in file that wants to do huge transparency group
e53f5aae3bce7d09788f2ad62be998895fb9807b PSOutputDev::setupResources: Fix stack overflow in malformed doc
a4ca3a96a6b1f65b335a1ea362e6c202e46ae055 topIdx can't be negative
e471f8e09bf2e38df0cf5df1acecbcca70685573 Init all the fields of JPXStreamPrivate
5190c0d4369bd9f501922585140be4ec736e24f2 No need to store smaskInData in priv
6263bb90b09326103b10e4c4edfbc5b84c884921 Page label ranges can't start in < 0
Note: this version bump does not include the fix for CVE-2023-34872,
so we still need the backported patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libdecor cannot be selected due to a circular dependency:
package/wayland/Config.in:1:error: recursive dependency detected!
package/wayland/Config.in:1: symbol BR2_PACKAGE_WAYLAND is selected by BR2_PACKAGE_LIBDECOR
package/libdecor/Config.in:1: symbol BR2_PACKAGE_LIBDECOR is selected by BR2_PACKAGE_MESA3D_DEMOS
package/mesa3d-demos/Config.in:1: symbol BR2_PACKAGE_MESA3D_DEMOS is selected by BR2_PACKAGE_PIGLIT
package/piglit/Config.in:1: symbol BR2_PACKAGE_PIGLIT depends on BR2_PACKAGE_WAFFLE_SUPPORTS_WAYLAND
package/waffle/Config.in:7: symbol BR2_PACKAGE_WAFFLE_SUPPORTS_WAYLAND depends on BR2_PACKAGE_WAYLAND
Without libdecor, the build fails since the bump of mesa3d-demos to
version 9.0.0 in 80304d9911:
"""
Run-time dependency libdecor-0 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency libdecor-0
../output-1/build/mesa3d-demos-9.0.0/meson.build:88:17: ERROR: Automatic wrap-based subproject downloading is disabled
"""
Fixes:
http://autobuild.buildroot.net/results/8de50be8233f0133aadc26bda71b48d7ec329e04/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Following build failure occurs:
opasswd.c: In function 'compare_password':
opasswd.c:142:3: error: 'retval' undeclared (first use in this function); did you mean 'outval'?
142 | retval = outval != NULL && strcmp(outval, oldpass) == 0;
| ^~~~~~
| outval
Add a patch from upstream to fix it.
Happens since the update to 1.5.3 in Buildroot commit:
f8147e27cd
Fixes:
- http://autobuild.buildroot.net/results/576/576fc4b9ccbc6cff82569692bdec82192e89f036
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cleanup the implementation for reading lines by having files processed
in context managers and utilizing the iterable file object for line
reading (instead of needing to call `readlines()`).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Notes:
- eglfs/vulkan is only implemented for eglfs_viv
(see stub implementation for QEglFSDeviceIntegration::createPlatformVulkanInstance()
in src/plugins/platforms/eglfs/api/qeglfsdeviceintegration.cpp and
real implementation for QEglFSVivIntegration::createPlatformVulkanInstance()
in src/plugins/platforms/eglfs/deviceintegration/eglfs_viv/qeglfsvivintegration.cpp)
- or for xcb (see QXcbIntegration::createPlatformVulkanInstance()
in src/plugins/platforms/xcb/qxcbintegration.cpp)
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use $(VULKAN_HEADERS_VERSION) for VULKAN_TOOLS_VERSION as the vulkan packages
need to all be the same version.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use $(VULKAN_HEADERS_VERSION) for VULKAN_LOADER_VERSION as the vulkan packages
need to all be the same version.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the license hash as the license file is now located at LICENSE.md
isntead of LICENSE.txt, and add MIT to the list of licenses.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Go 1.21.0 is a major release of Go.
https://go.dev/doc/devel/release#go1.21.0
Set GOTOOLCHAIN=local to disable the new toolchain download feature. This
feature, introduced in Go 1.21.x, will automatically download pre-built compiler
binaries from Google for the toolchain version specified in go.mod. We do not
want this in Buildroot as we build from source instead: set GOTOOLCHAIN=local to
disable the feature and use the locally built toolchain.
https://go.dev/doc/toolchain
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when verifying the configuration of a uClibc toolchain for
the presence of locale support, we check __UCLIBC_HAS_LOCALE__. It
turns out that we in fact also expect __UCLIBC_HAS_XLOCALE__ to be
defined, as without it locale_t is not defined, causing build failure
in some packages, such as libcpprestsdk:
In file included from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/json.h:18,
from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/pch/stdafx.h:88,
from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/http/client/http_client_msg.cpp:13:
/home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/asyncrt_utils.h:317:13: error: 'locale_t' does not name a type
317 | typedef locale_t xplat_locale;
| ^~~~~~~~
As essentially our requirement for uClibc in external toolchains is
"it should match the uClibc configuration used by Buildroot for
internal toolchains", it makes sense to verify
__UCLIBC_HAS_XLOCALE__. Note that of course checking
__UCLIBC_HAS_XLOCALE__ is sufficient, as it cannot be enabled if
__UCLIBC_HAS_LOCALE isn't.
This addresses an issue with the Synopsys ARC external toolchain,
which is built with __UCLIBC_HAS_LOCALE__, but without
__UCLIBC_HAS_XLOCALE__ causing a build failure with some
packages (such as libcpprestsdk).
Therefore, this patch also changes how the Synospys ARC external
toolchain is exposed in Buildroot: it no longer advertise locale
support.
Fixes:
http://autobuild.buildroot.org/results/e6778e60cc1ea455f5b4511d5824f04d8040f67b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The intention of this script is to generate the XML that can be sent to
NVD to request a new CPE identifier.
As discussed on the mailing list [0] keeping up with version numbers of
all registered CPE ID won't work.
In addition the feed used to generated the XML files will be retired
[1]. In the future an API needs to be used for fetching the data in
connection with a local database.
All of this works against keeping this script and porting it to the new
API.
As a last blow Matthew, the original author concluded [2]:
> Makes sense to drop it. There never got to be enough momentum in the overall
> software community to make CVE or even the new identifier really accurate.
The intention is to ignore the version part of CPE IDs in the future,
and only look at the version range specified on a CVE. Therefore, a tool
to add new CPE ID versions isn't useful to us. It might still be useful
to have a tool to create the vendor and project parts of a CPE ID.
However, the current gen-missing-cpe tool doesn't support that, and the
API is anyway going to be retired. So there is no reason at all to keep
this around.
Remove gen-missing-cpe and the cpedb module. Remove the Makefile target
to call the script.
Since the cpedb module is removed, the CPEDB_URL definition must be
moved to the place where it is still used, in pkg-stats.
[0]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672620.html
[1]: https://nvd.nist.gov/General/News/change-timeline
[2]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672651.html
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The CVE-2004-2771 is already fixed by the Debian patch
0014-globname-Invoke-wordexp-with-WRDE_NOCMD.patch. The Debian patch
description is:
Subject: [PATCH 4/4] globname: Invoke wordexp with WRDE_NOCMD (CVE-2004-2771)
See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
more details.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In commit
15972770cf ("package/heirloom-mailx:
security bump to version 12.5-5 from Debian"), we added CVE-2014-7844
in HEIRLOOM_MAILX_IGNORE_CVES, but with the wrong comment about it: it
is a different patch in the Debian stack of patches that fixes
it. Indeed the description of patch
0011-outof-Introduce-expandaddr-flag.patch is:
=====================================================================
Subject: [PATCH 1/4] outof: Introduce expandaddr flag
Document that address expansion is disabled unless the expandaddr
binary option is set.
This has been assigned CVE-2014-7844 for BSD mailx, but it is not
a vulnerability in Heirloom mailx because this feature was documented.
=====================================================================
See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
details.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
CVE-2023-31038 affects log4cxx only if ODBC is supported. While
CVE-2023-31038 has been fixed in newer versions of log4cxx, there is
quite a huge gap to do a version bump, and the commit that fixes
CVE-2023-31038 could not be identified.
Therefore, we want to rely on the fact that our log4cxx package does
not support ODBC: there is indeed no explicit dependency on our
unixodbc package in log4cxx.mk. However, log4cxx automatically detects
if ODBC is available and if it is, it uses it.
So what we do in this commit is backport an upstream commit, which
adds explicitly options to enable/disable ODBC and ESMTP support, and
we use them to (1) always disable ODBC and (2) explicitly
enable/disable ESMTP support.
Thanks to ODBC being disabled, we're not affected by CVE-2023-31038.
Of course, there is a potential regression for users who were relying
on the implicit unixodbc dependency, but as we could not identify the
commit fixing the CVE-2023-31038, this is the best we can do at the
moment.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit c1038fe47c renamed the patch, but didn't update
.checkpackageignore, leading to two failures:
.checkpackageignore:1055: ignored file package/openjdk/17.0.7+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch is missing
package/openjdk/17.0.8+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
Rename the file in .checkpackageignore as well.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Grub 2.06 is affected by a number of CVEs, which have been fixed in
the master branch of Grub, but are not yet part of any release (there
is a 2.12-rc1 release, but nothing else between 2.06 and 2.12-rc1).
So this patch backports the relevant fixes for CVE-2022-28736,
CVE-2022-28735, CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
CVE-2022-28733, CVE-2022-28734, CVE-2022-2601 and CVE-2022-3775.
It should be noted that CVE-2021-3695, CVE-2021-3696, CVE-2021-3697
are not reported as affecting Grub by our CVE matching logic because
the NVD database uses an incorrect CPE ID in those CVEs: it uses
"grub" as the product instead of "grub2" like all other CVEs for
grub. This issue has been reported to the NVD maintainers.
This requires backporting a lot of patches, but jumping from 2.06 to
2.12-rc1 implies getting 592 commits, which is quite a lot.
All Grub test cases are working fine:
https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500585https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500679
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: fix check-package warning in patch 0002]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The pcm-tools package contains a version.h with git attributes:
$ cat version.h
#define PCM_VERSION " ($Format:%ci ID=%h$)"
$ man 5 gitattributes
Creating an archive
export-subst
If the attribute export-subst is set for a file then Git
will expand several placeholders when adding this file to
an archive. The expansion depends on the availability of
a commit ID, i.e., if git-archive(1) has been given a tree
instead of a commit or a tag then no replacement will be
done. The placeholders are the same as those for the option
--pretty=format: of git-log(1), except that they need to be
wrapped like this: $Format:PLACEHOLDERS$ in the file. E.g.
the string $Format:%H$ will be replaced by the commit hash.
So, the archive generated by github has changed since we updated
pcm-tools in 2021-12-08 with commit d1d93d488c (package/pcm-tools:
bump to version 202110). The downlad was still OK in 2022-01-04 [0]
but has been failing at least since 202-08-25 [1].
Since the archive is generated on the github side, there is not much we
can do to fix this up.
We switch over to using git to do the download, and we generate the
archive localy, which we know is reproducible.
We fix the version.h so that it contains the same string as the backup
tarball we host on s.b.o.
There are three other files in pcm-tools that have git attributes, to
exclude them from the generated archive, all pertaining to CI/CD stuff:
.cirrus.yml export-ignore
.gitlab-ci.yml export-ignore
.travis.yml export-ignore
We don't remove them, because they have no impact on the build, and they
are anyway already present in the archive by the time we could act on it
anyway...
[0] http://autobuild.buildroot.org/results/127/1276a3d49c8848039f034e7f03632df365097e94/
[1] http://autobuild.buildroot.org/results/8bb/8bbf9c36af332bbf5e7c1abcbb594a0b231ef97e/
Reported-by: Woody Douglass <wdouglass@carnegierobotics.com>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Load sample script support/testing/tests/package/sample_nu.nu onto the
target and verify proper execution by nushell
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Nushell is a shell - written in Rust - that makes use of the nushell
language to interact with the operating system
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes a problem with the build system that would make it fail to
use pkg-config to detect libssh2. It worked anyway because -lssh2
works.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update license info. COPYING hash updated because of added reference to
additional licenses. Licenses for local snprintf and getopt
implementations do not apply, since this code is not used for Linux
targets.
Add Tatu Ylonen Permissive license of the code in pseudo.c.
Add LGPL-2.0+ license text file.
Rename BSD-3-Clause text file and update hash because of text formatting
change.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Each time a new pipeline is triggered, some jobs may fail due to
temporary issue with a Gitlab runner (network, power supply, docker or
maintainance).
Most of the problems are "runner system failure" [1] and require to
retart each failed jobs manually by maintainers to complete the
pipeline with only real failures if any.
The "retry" keyword allows to configure how many times a job is retried
if it fails. "retry:when" allows to retry a failed job only on
specific failure types like "runner_system_failure".
While at it, retry a job if it failed due to a timeout failure (this
timeout means that the job was pending for more than 24h) [2].
Such timeout failures occur on pipelines testing each Buildroot's
defconfig since there is not enough gitlab runner available to build
all of them within 24h.
Retry only jobs that are more likely to wait for a runner
(generate-gitlab-ci-yml, runtime_test_base, defconfig_base and test_pkg).
[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/4936949397 (runner system failure)
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/4936949530 (timeout failure or the job got stuck)
https://docs.gitlab.com/ee/ci/yaml/#retrywhen
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for PineCube with:
- U-Boot 2022.04
- Linux 5.15.61
PineCube is a low-powered, open source IP camera
with the following specs:
- Allwinner S3 Cortex-A7
- 128 MiB DDR3
- 16 MiB SPI flash
- 5 MPx OV5640 camera
- MicroSD slot
- 10/100M Ethernet with passive PoE
- 802.11 b/g/n WiFi
- Bluetooth 4.1
- USB 2.0
- 26 pins GPIO header
- Microphone
- IR LEDs for night vision
Board homepage: https://www.pine64.org/cube/
Board wiki: https://wiki.pine64.org/wiki/PineCube
Signed-off-by: Jan Havran <havran.jan@email.cz>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In Python 3.12, support for 'distutils' is going to be dropped. In
preparation for this, this commit backports an upstream i2c-tools
patch that switches the build logic to 'setuptools', future-proofing
i2c-tools to the upcoming bump to Python 3.12.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patch which is now upstream.
Replace no longer supported --with-git-submodules config option with
new --disable-download option.
Replace no longer supported --meson config option with --python config
option. The configure script expects --python to point to the python
interpreter with the meson installation.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While switching ATF to github, the BR2_TARGET_UBOOT_CUSTOM_GIT=y
symbol was not removed. Since then this defconfig fail to build
in gitlab-ci due to invalid defconfig check.
WARN: defconfig ./configs/freescale_imx6qsabresd_defconfig can't be used:
Missing: BR2_TARGET_UBOOT_CUSTOM_GIT=y
[1] dd42b159a5
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4889436612
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, fixing a number of regressions in 2.0.16
From the changelog
(https://github.com/eclipse/mosquitto/blob/master/ChangeLog.txt)
2.0.17 - 2023-08-22
===================
Broker:
- Fix `max_queued_messages 0` stopping clients from receiving messages.
Closes#2879.
- Fix `max_inflight_messages` not being set correctly. Closes#2876.
Apps:
- Fix `mosquitto_passwd -U` backup file creation. Closes#2873.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, fixing a number of regressions in 2.0.16
From the changelog
(https://github.com/eclipse/mosquitto/blob/master/ChangeLog.txt)
2.0.17 - 2023-08-22
===================
Broker:
- Fix `max_queued_messages 0` stopping clients from receiving messages.
Closes#2879.
- Fix `max_inflight_messages` not being set correctly. Closes#2876.
Apps:
- Fix `mosquitto_passwd -U` backup file creation. Closes#2873.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit ee93213d18 (package/check: fix compile issue due to missing
source file), we switched from using the released tarball, to using the
autogenerated tarball from github.
However, that means that the filename of the archive did not change,
while its content did change. The hash was promptly updated, but that
means that the archive we cache on s.b.o (and possibly the one users
may also already have locally) will not match the new hash (and
conversely).
So we switch to using the sha1-hash of the commit corresponding to the
tag.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump qemu_arm_ebbr_defconfig and qemu_aarch64_ebbr_defconfig in sync:
- Bump Linux to v6.4.3
- Bump U-Boot to 2023.07.02
- Bump TF-A to v2.9
While at it, tune the documentation:
- Increase the amount of memory in the example commands to help run the
largest OS distributions.
- Update the link to the IR Guide to point at the latest version.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The docker image currently contains qemu-system-arm and
qemu-system-x86. Each package contains the 32bit and 64bit variants.
This has been sufficient for the time being.
The RISC-V ecosystem is growing rapidly. It is starting to become
mainstream. To increase the diversity in Buildroot runtime tests,
this commit adds the qemu-system-misc package in the Docker image,
in order to have the commands qemu-system-riscv{32,64}. This package
also contains other architectures (for example: microblaze, nios2,
s390x, xtensa, ...).
For Debian package details, see:
https://packages.debian.org/bullseye/qemu-system-misc
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For now the "QT libraries and helper libraries" section was only made
visible when BR2_PACKAGE_QT5 was enabled. In preparation for enabling
some of those libraries with Qt6, we now show this section when
BR2_PACKAGE_QT5 || BR2_PACKAGE_QT6.
All of the 8 packages in this section already had a (redundant)
"depends on BR2_PACKAGE_QT5" in their own Config.in file, so the only
functional change of this commit is that the comment "QT libraries and
helper libraries" now becomes visible with Qt6, but it is not followed
by any selectable option. This will be changed in a following commit
enabling one of those libraries with Qt6.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As of upstream commit cbd91e89e4
we can use the default BR2_riscv_g to select IMAFD extensions and
still be able to enable additional extensions, such as the C extension
in our cse.
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 0a8ef2f3f7 bumped the headers
version requirements, but did not update the associated comment.
Remove the comment entirely, as it does not apply anymore.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 30997eaa65438a2ce726ad8a204ac5a36363f5c8 a mistake
was made. Guard the definition correctly.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 2423d9f16b (Merge tag '2023.08-rc2' into next), we missed
the fact that util-linux on next is a newer version than on master,
version which includes the patch we backported on master.
Unsurprisingly, that patch no longer applies; drop it.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit eb2f2886b2 ("package/swupdate:
add staging install"), the swupdate package was changed to also be
installed in the staging directory, as it provides an API to external
programs, through libraries and headers.
Back then the commit log said:
This patch installs headers and libs to STAGING_DIR, to prevent a
header name collision a subdirectory /usr/include/swupdate creates.
And indeed a custom INCLUDEDIR was specified. However, installing
swupdate headers in /usr/include/swupdate/ doesn't work well, as
progress_ipc.h (installed by swupdate) does a #include
<swupdate_status.h>, which doesn't work as swupdate_status.h is also
in /usr/include/swupdate/ instead of /usr/include/.
To address this Daniel Lang submitted a patch [0], which was proposed
to upstream swupdate to fix this header inclusion. The patch was
rejected by upstream saying that the swupdate header files should be
installed in /usr/include.
Currently, swupdate installs only 3 headers files:
/usr/include/network_ipc.h
/usr/include/swupdate_status.h
/usr/include/progress_ipc.h
To the best of our knowledge, this doesn't conflict with any other
header files installed by other packages. A good proof of that is that
even Debian (which has many more packages than Buildroot) also
installs swupdate headers directly in /usr/include.
In addition, the original submitter of
eb2f2886b2 said "I'm not remember what
was a problem. Probably network_ipc.h but Im not sure now. I think
it's safe to install this headers to /usr/include w/o subdir if this
collision was met only in my environment. PS: currently I don't see
any collisions with this files."
So, we switch to installing swupdate into their standard location.
[0] https://patchwork.ozlabs.org/project/buildroot/patch/VI1P190MB0493D233ECC579510F8C0FC69FB29@VI1P190MB0493.EURP190.PROD.OUTLOOK.COM/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Let's select the RVA option as Andes 45-series CPUs support IMAFDC
extensions.
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot commit 8f1418b5dd bumped the
version of gnupg2 on the next branch causing a build error:
server.c:(.text+0xbf8): undefined reference to `ks_ldap_help_variables'
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 0e19425c77 ("package/libassuan: bump to version 2.5.6") moved
the sha256 hash below a link that provides the hash directly. The key
check comment now appears to refer to license hashes, which does not
make sense.
Remove the redundant key check comment.
Cc: Julien Olivain <ju.o@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Certain TI K3 devices such as AM62x and AM62Ax require a Device Manager
(DM) firmnware to be made available to the U-Boot build, which will get
packaged into the "tispl.bin" image tree blob during A53 SPL build.
Without that DM firmware U-Boot will not be functional. To support this,
add a config option called BR2_TARGET_UBOOT_NEEDS_TI_K3_DM to enable
this feature, and another option BR2_TARGET_UBOOT_TI_K3_DM_SOC to allow
setting the name of the SOC which needs to match the corresponding
folder name in the ti-linux-firmware Git repository.
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The TI K3 R5 loader package essentially is a wrapper to build a special
version of U-boot SPL used as part of a multi-stage boot flow on TI K3
devices, and as such needs full flexibility as to specifying the U-Boot
sources used for the build. To accomodate this, add the same options as
already available in the regular U-Boot package. For most use cases, the
same source settings (repo URL, versions, etc.) should be used for both
ti-k3-r5-loader and uboot packages.
Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2023-34241 (see [0] for details)
[0] https://github.com/OpenPrinting/cups/releases/tag/v2.4.6
The number of changes between 2.4.4 and 2.4.6 is really small, and
limited to bug fixes:
9d614a4b3184205294c55355a1d2eb54d4532ccd (tag: v2.4.6) Update CHANGES.md
6f6da74ec284e28c156f0b9f62f3bd610e61aa78 Fix use-after-free in cupsdAcceptClient() (fixes CVE-2023-34241)
3f12185ca9cbb5350a6370d6046066907b8abc12 Merge pull request #735 from AtariDreams/Fixer
f5281777c80cdf820a2a71c9e7f08b91f0e11160 Fix compilation on older macOS versions
ee82c5b18409def3ec1424ce2eb343aabb0ff0d1 Merge pull request #730 from zdohnal/cupssinglefile_24x
1504527b2415a4b67b0e3e17593b053f3628746f cups/ppd-cache.c: Put cupsSingleFile into generated PPD
3be1d5da8fe9ee13aab5ee6ecc11b2f9387821a6 Prepare files for next release
c1f54ec966ccc5d5564eed95dcb540842af7b5ca (tag: v2.4.5) cups/cups.h: Update for 2.4.5
70dba05b7511a96476ea0ef8fe1d92c6500c6e61 Finish hotfix release 2.4.5
87f5cb7d8f0da8fa2835bb0aa3ca48b5e5a66a3f Merge pull request #727 from AtariDreams/hotfix
61aa0b259183fe59124566f08ecf649bb806cd24 Regression: Certificate data is corrupted during base64 conversion
7362f41c45d834564f876ffac536f59eece843ec Prepare files for next release
Signed-off-by: Clement Ramirez <ramirez.clement3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hss-payload-generator cannot find where u-boot.bin is when looking
for it using the config.yaml. Update syntax issues and working
directories. Fix the post image script to allow an image to get built.
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, when Busybox is enabled, it uses the
package/busybox/busybox.config configuration file, even on noMMU
configurations. As this default configuration enables the 'ash' shell
which isn't available for noMMU targets, Busybox falls back to
enabling the 'hush' shell, but without enabling a number of its
sub-options that are quite relevant. In particular, it doesn't enable
umask, which is used in our startup scripts.
In order to have a default configuration that is more sensible, this
commit changes the Busybox package to use
package/busybox/busybox-minimal.config by default for noMMU
configurations.
Signed-off-by: Jesse Taube <Mr-Bossman075@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enclosure LED Utilities
ledmon and ledctl are userspace tools designed to control storage
enclosure LEDs. The user must have root privileges to use these tools.
These tools use the SGPIO and SES-2 protocols to monitor and control LEDs.
They been verified to work with Intel(R) storage controllers (i.e. the
Intel(R) AHCI controller) and have not been tested with storage controllers of
other vendors (especially SAS/SCSI controllers).
For backplane enclosures attached to ISCI controllers, support is limited to
Intel(R) Intelligent Backplanes.
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 2a5d90a595 (configs/rock5b: Add patches to fix gcc12 warnings)
introduced the kernel patches in an incorrect directory.
Fix that by moving them in the proper location.
Reported-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since it was introduced in 5a6087d62e (toolchain: add powerpc SPE ABI
support), the CLASSIC vs. SPE choice for the ABI was never really a
choice: CPU without SPE could only use the CLASSIC ABI, while CPUs with
SPE could only use the SPE ABI.
Commit b4c824562b (powerpc: add BR2_POWERPC_CPU_HAS_SPE to replace
adhoc deps/checks) added a blind option that CPUs with SPE would select
rather than duplicate the ad-hoc dependencies in both CLASSIC and SPE
ABI options. Since then, it was even more obvious that the ABI choice
was really not a choice, as the two options have mutually exclusive
conditions.
Drop the useless choice, and directly use the blind option as selected
by the specific CPUs.
We don't need legacy handling, because the situation fixes itself.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Other packages, or rootfs overlays, may install certificates, so only
create the certificate bundle as a target-finalize hook.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch introduces patches for the custom kernel, as it is
currently used for the Radxa Rock 5B. The patches fix two gcc
compiler warnings, which result in a build error, if the kernel
is used with gcc version 12.
Since also the code of custom board drivers for WiFi support is
affected, and no fixes are provided by the vendor, the custom WiFi
support is disabled.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 7dd27cbe5b (support/download: add support to exclude svn
externals) departed from the usual opt-in scheme, like is done for
git submodule or large files, in an attempt to keep the previous
behaviour unchanged, that is to download externals by default.
As an afterthought, we've concluded that the chances for svn-hosted
packages with externals that are indeed required to do the build,
are relatively slim. For those cases, it even makes sense to explicitly
requested the use of the externals.
So, we change the default to not download svn externals.
Since the generated archives may change, we bump the version suffix.
This will allow users to more easily catch the situation and decide if
they really need the externals or not.
We have a single in-tree package that uses svn, and it does not use
externals, so the generated archive does not change, and we just need
to update the archive filename in the hash file.
Finally, we add a new section to the manual, in the chapter about
migrating Buildroot to a newer version.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It is sometimes useful to use docker-run, but with a different image
than the default one. This commit allows to override the image being
used by only defining IMAGE if not already passed in the environment.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: s/\t/ /g]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After switching to a fresh Fedora 38 installation with SELinux disabled,
we noticed that utils/docker-run doesn't work as the applications
running inside the container are not allowed to accept the data mounted
through the bind mount.
Since we do not really need to isolate and confine the build, but rather
to provide a known environment, we don;t really need to enforce any
SELinux confinment in the container.
So, we tell docker to turn off label confinement for the container:
https://manpages.org/docker-run
--security-opt=[]
Security Options
[...]
"label=disable" : Turn off label confinement for the container
Suggested-by: Antoine Tenart <atenart@kernel.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: use Antoine's proposal]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, using utils/docker-run expects that the current working
directory is the working copy. This means that it is not possible
to use docker-run with an out-of-tree build (one using O=).
Add the current working directory to the list of mountpoints, and
use that as working directory in the container.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If buildroot is checked out as part of a 'repo' manifest, docker-run
doesn't fully bind mount the .git directory, leading to commands such
as `utils/docker-run make check-package` to fail.
Signed-off-by: Nicolas Boichat <drinkcat@google.com>
[yann.morin.1998@free.fr: use newly introduced mountpoints list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If the user has defined $BR2_DL_DIR in the environment, it would be
nice to have it accessible inside the Docker container, and the
BR2_DL_DIR environment variable set to access it.
This commit does exactly this: it mounts the host $BR2_DL_DIR as /dl
in the container, and sets BR2_DL_DIR=/dl in the container.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: use the new mountpoints list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For now, we only ever mount two mountpoints, the main directory (i.e.
the working copy), and the git directory.
To pave the way for adding new mountpoints, we introduce a list of them,
that we sort to ensure that we never mount a shallower mounpoint after a
deeper one (that would shadow the deeper mountpoint).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit
b86adfb89a ("configs/roc_rk3399_pc: new
defconfig") introduced a new defconfig with the relevant entries in
the DEVELOPERS file, but one of these entries points to a non-existing
directory. This commit fixes that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is the follow-up commit to the 4de60e4 which disables
sourcehighlight dependency for the target GDB package.
Do the same for the host variant to be sure that this
won't be picked up from the host system.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
nftables provides python bindings; it uses setuptools to install them.
We currently install those bindings by telling the nftables buildsystem,
autotools, to install the python bindings.
However, we do not pass any of the environment variables that are needed
for setuptools packages. When host-python-setuptools is installed before
nftables is built [0], this breaks the system at runtime, as the
bindings are not installed; only the egg is, resulting in runtime errors
like:
# python -c 'import nftables'
Traceback (most recent call last):
File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'nftables'
Upstream has been doing some changes on their python handling, but it is
not in a released version yet, and we can't backport those changes
either, due to other big changes.
Instead, we split the pyhon bindings to their own package.
For legacy handling, we make that new package default to y, so that
existing (def)config still work. The only novelty is that it can be
disabled now.
Many thanks to Julien for testing and finding the offending dependency,
to James for suggesting the package split, and to Adam for, well,
trigerring the issue in the first place! ;-p
Note: a git bisect of the issue turns up 72 candidates for the breakage,
all around the time we dropped python2 support in early 2022; the last
known-good commit is 55df30f8b1 (package/zfs: drop python2 support)
and the first known-bad commit is 697acda00d (package/pkg-python: drop
python2 host/setuptools support); everything in-between does not
configure (package/python/Config.in.host still sourced but already
removed), or does not build (host-python still in the dependency chain
but already removed), so had to be skipped during the bisect.
[0] This can happen when another python package using setuptools is
built before nftables. However, with PPD, this never happens because
host-python-setuptools is never in the dependency chain of nftables.
Reported-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Suggested-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2
messages with the same message ID, but then never respond to the PUBREC
commands.
- CVE-2023-0809: Fix excessive memory being allocated based on malicious
initial packets that are not CONNECT packets.
- CVE-2023-3592: Fix memory leak when clients send v5 CONNECT packets with a
will message that contains invalid property types.
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
identity are valid UTF-8.
- Fix potential crash when loading invalid persistence file.
- Library will no longer allow single level wildcard certificates, e.g. *.com
For more details, see the changelog:
https://mosquitto.org/ChangeLog.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we build the full host-gettext-gnu, we don't need the
standalone libtextstyle anymore.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[yann.morin.1998@free.fr: split off to its own commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The bump to meson 1.2.0 triggers unexpected build failure of the host
packages, because meson changed the way it passes library search paths
when building natively:
https://github.com/mesonbuild/meson/commit/59cfbf68e00aa774a9868101f423bd662938c15dhttp://lists.busybox.net/pipermail/buildroot/2023-August/672649.html
As a consequence, the libraries are searched for in the system paths
before being searched in our host-dir, leading to failures when
incompatible libraries are installed in both locations. For example, if
the system has an older version of libglib2 installed, this causes link
failures when one of the glib2 library (e.g. libgio) is linked by path,
but a dependent library (e.g. libgmodule) is linked by name:
/path/to/host/lib/libgio-2.0.so -L /path/to/host/lib/ -lgmodule-2.0
The first is indeed the one we built and installed in host-dir, but the
second is found in the system path; when it is an older (or more
recent?) version than the one we use, the link fails;
/path/to/host/lib/libgio-2.0.so: undefined reference to `g_module_open_full'
Since fixing the issue is not trivial, revert to the previous meson
version that did not exhibit the issue.
This reverts commit d06e610d58.
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update the instruction sets for MPFS icicle kit to mirror the
configuration update, i.e. It is now classed as a RISC-V G core with
support for C, IMAFDC.
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The generic extension set 'G' is realy a base with the minimal set of
extensions needed to be comfortable (but not required) to run a
linux-bassed system. Similarly, we consider the custom to be about the
custom set of features (not about a custom core implementing such a
set).
As such, we allow that a core with the G set can have futher extensions
without requiring it to be configured as a custom set.
We drop the intermediate symbols with the prompts, and move the prompts
to the previously hidden symbols, and add a prompt for the I set.
This alows one to clearly see what the generic set is about, without
having to delve into the help and hunt the list of selected symbol.
Note however that the G set implies Zicsr and Zifencei, but we have no
prompt for thos two, because in Buildroot, we assume that they are
mandatory and always present, like the I set (which they previously were
part of).
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
[yann.morin.1998@free.fr:
- drop the intermediate symbols
- move prompt to previously hidden symbols
- add symbol for I
- update defconfigs
- reword the commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit e3322e2c7 "lsof: add license info" added the package license
info. At that time, lsof was at version 4.85. The package was not
including a dedicated license file. Instead, the license text was
copied in many files (source files, readmes, ...). It was then decided
to use the small source file "dialects/linux/dproto.h".
Recently, lsof added a COPYING license file. See [1]. This commit was
first included in lsof version 4.97.0. We can now use this file.
The license file hash is updated due to formatting changes. As a side
note, the copyright year in source file was 1997 (see [2]), whereas in
the new license file it is 2002. Source files have different copyright
dates, and can be as old as 1994, for example in [3]. The rest of the
license text remains unchanged.
[1] https://github.com/lsof-org/lsof/commit/62dab61cae3ca9e4d41ec573ae5cda0c5689c326
[2] https://github.com/lsof-org/lsof/blob/4.98.0/dialects/linux/dproto.h#L9
[3] https://github.com/lsof-org/lsof/blob/4.98.0/arg.c#L7
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The compiler-rt project intructs to build out of tree:
https://compiler-rt.llvm.org/
Otherwise, the dependency chain declared in the include/CMakelLists.txt
causes a circular dependency of source files upon themselves:
make[4]: Circular include/sanitizer/allocator_interface.h <- include/sanitizer/allocator_interface.h dependency dropped.
make[4]: Circular include/sanitizer/asan_interface.h <- include/sanitizer/asan_interface.h dependency dropped.
make[4]: Circular include/sanitizer/common_interface_defs.h <- include/sanitizer/common_interface_defs.h dependency dropped.
[--snip 19 other files--]
This is because include/CMakeLists.txt unconctional declares
dependencies in this manner:
set(SANITIZER_HEADERS
sanitizer/allocator_interface.h
sanitizer/asan_interface.h
sanitizer/common_interface_defs.h
[...]
)
set(COMPILER_RT_HEADERS
${SANITIZER_HEADERS}
[...])
set(output_dir ${COMPILER_RT_OUTPUT_DIR}/include)
foreach( f ${COMPILER_RT_HEADERS} )
set( src ${CMAKE_CURRENT_SOURCE_DIR}/${f} )
set( dst ${output_dir}/${f} )
add_custom_command(OUTPUT ${dst}
[...]
)
[...]
endforeach( f )
The froeach() loop creates dependency rules between the files in
output_dir and CMAKE_CURRENT_SOURCE_DIR, without provision for the
case they are both the same directories, thus in-source builds are
not supported.
With the Makefiles backend, this only triggers the above warning
from make, because make arbitrarily breaks circluar dependencies, and
in this case it makes it work. But when we switch to the ninja backend,
this is going to be a hard error.
Anyway, ninja or make, compiler-rt does not support in-source builds.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
[yann.morin.1998@free.fr: drastically expand commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since it was iontroduced in commit d4ecefa3cc (package/perftest: new
package), perftest was missing the reverse dependency on the kernel
headers version inherited from rdma-core.
In commit 3279d8b9c4 (package/rdma-core: needs NPTL), the dependency
of rdma-core on NTPL was not propagated to its reverse dependencies,
notably perftests.
Fixes:
- http://autobuild.buildroot.net/results/00c/00ce19a1589c6028ee77c333ed9107e2c8c8d6de
- d4ecefa3cc
- 3279d8b9c4
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[yann.morin.1998@free.fr:
- also add misisng headers dependency
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Firewalld provides a dynamically managed firewall with
support for network or firewall zones to define the trust level of network
connections or interfaces.
Items of note:
- Setting PYTHON="/usr/bin/env python$(PYTHON3_VERSION_MAJOR)" prevents
Firewalld from setting the shebang in the installed python files to the
full path to the python interpreter used when building.
- The bundled provided SYSV init file has several bashisms and requires
/etc/init.d/functions which buildroot doesn't provide. So instead, a more
simple init.d file is provided in the package directory, which does not
require bash.
- Firewalld >= 1.0.0 requires a linux kernel version of 5.3 or later.
Because Buildroot does not have a mechanism to detect what version a user
is compiling if the kernel is external, there is no way to prevent a user
with an external kernel older than 5.3 to select this package.
- To run, Firewalld requires enabling almost every single nftables option in
the kernel menuconfig. Indeed for a regular user, this task is quite a
time-consuming operation, and missing even one required nftables option
results in firewalld failing to start.
Through a mix of trial and error and talking to the upstream developers,
the package selects the minimum amount of kernel options required for
runtime. Understandably the list is daunting. However, these options
have passed run-time tests with kernel 5.3 (the minimum kernel version
required) and kernel 6.2.10 (the latest kernel version as of this commit
log.)
As such, it is safe to say these options will work for anybody wanting to
use firewalld with a supported kernel version of 5.3 or higher.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[Thomas:
- select python3 instead of depending on it
- fixup Config.in comment
- rely on NLS support by autotools-package]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Previously, gen-bootlin-toolchains did not add a `depends` guard to
limit the available toolchains based on the minimum required GCC version
for the user selected CPU tuning.
Now, the proper BR2_ARCH_NEEDS_GCC_AT_LEAST_X guard will be added based
on the version of GCC provided by the toolchain.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[yann.morin.1998@free.fr: regenerate the toolchain list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previously, it was possible to select an external toolchain that did not
support the GCC arch tuning the user had selected. This is problematic
because it can lead to confusing error messages during builds [0].
Now, external toolchain selections will be filtered to only those that
support the required GCC version specified by the target arch tuning.
Note: this patch does not touch the Bootlin toolchain config file as it
is generated by a script.
Additional note: there is "soft" support for toolchains prior to GCC 4.8
but there are no accompanying BR2_ARCH_NEEDS_GCC_AT_LEAST_X symbols.
Instead of adding those, just use BR2_ARCH_NEEDS_GCC_AT_LEAST_4_8 which
is the minimum GCC version with claimed support [1].
[0]: https://lists.buildroot.org/pipermail/buildroot/2023-August/671877.html
[1]: https://buildroot.org/downloads/manual/manual.html#requirement-mandatory
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The upstream QEMU 'sifive_u' machine supports running upstream U-Boot
for the SiFive HiFive Unleashed board out of the box.
Add the QEMU instructions for testing in readme.txt.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As the rootfs size is set to 60M, let's put it right on the 4M offset
in the SD card, so that the generated sdcard.img can be exactly
64M. This will allow sdcard.img to be accepted as an image by Qemu,
which requires power of two sizes for the disk images.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A new version of Bootlin toolchains, 2023.08, has been recently
released. Besides the usual updates of GCC, binutils, GDB, kernel
headers, and C libraries, support for AArch64 BE with musl has been
enabled, which explains why there are two new toolchains and two new
test cases.
All test cases where successfully tested:
https://gitlab.com/tpetazzoni/buildroot/-/pipelines/957304450/builds
Note that the sparcv8 uClibc toolchains are considered obsolete. They
are still available, but at some point we'll have to drop them from the
choice.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We now have 3 different options to select an image as the BL33 stage
of TF-A: Barebox, U-Boot or EDK2. Technically speaking, they are
mutually exclusive: they all specify a BL33= variable to the TF-A
build, and TF-A can only support a single BL33 stage.
However, as pointed out by Vincent Fazio in [0] there is nothing that
prevents selecting Barebox, U-Boot and EDK2 together, even though it
doesn't make sense.
To address this, this commit introduces a choice...endchoice block,
into which the Barebox, U-Boot and EDK2 options are moved. An
additional "none" option is added, which is the default, and
corresponds to not having any BL33 image.
Since we keep the same name for the options, no legacy handling is
necessary.
[0] https://lore.kernel.org/buildroot/PH1P110MB1603A4AA1638838DA56BAA069FDA9@PH1P110MB1603.NAMP110.PROD.OUTLOOK.COM/
Reported-by: Vincent Fazio <vfazio@xes-inc.com>
Cc: Vincent Fazio <vfazio@xes-inc.com>
Cc: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The issue seems to be fixed. I checked qemu and linux git repositories
but can not find any information when this is starting to work.
System gets successfully an IP, no further testing was done.
Tested with Qemu 8.0.3 and Linux 6.1.x.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use full relative pathes for rootfs and kernel, like in other
readme's.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This test is a followup of the discussion at:
https://lists.buildroot.org/pipermail/buildroot/2023-July/671639.html
It provides an example of a runtime tests using standard Linux graphic
components (Kernel, DRM, Mesa3D, weston).
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- use an overlay rather than create config file at runtime
- sleep in python not in target
- increase delay to capture DRI CRCs
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit "package/weston: fix the configuration of simple-clients"
fixed the configuration of Weston simple-clients by always enabling all
supported applications.
Since it is not desirable to always have all those applications
installed on target, this commit introduces a new package Kconfig
option to control this.
Since there is already a BR2_PACKAGE_WESTON_DEMO_CLIENTS option present,
this commit also update the Kconfig "help" entries, to clarify the
difference between those "demo clients" and "simple clients". Those
clients groups are directly coming from the upstream package (and are
directly mapped to Meson configure options).
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- set -Dsimple-clients= only once, outside conditional block
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit 7329a0db44
"weston: disable v4l simple dmabuf for headers < 3.8"
disabled dmabuf-v4l-client when kernel headers are older than v3.8.
This commit was made at the time the weston package was at version
1.10.0, using the autotools package infra.
commit e672eb5c39
"package/weston: bump to version 8.0.0"
replaced the package infra to meson (since upstream deprecated
autotools). This commit changed a disable of dmabuf-v4l-client in
autotools, by enabling it only if supported. The end result is that
the current meson package recipe disable ALL simple clients, or just
enable dmabuf-v4l-client when supported. In all cases, all other
weston simple clients are disabled. This behavior is not convenient
since some of those simple clients are useful to test the correct
operation of Weston and the rest of the graphic stack.
This commit fixes this issue by enabling all supported simple clients.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 21d5d592a4 (package/fft_eval: new package) got last-minute
changes when comitted, changes which no longer made use of the
FFT_EVAL_TARGETS variable, but forgot to drop assignments to that
variable.
Drop them now.
Reported-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Compile of e2fsprogs is failing because of gcc bug
111001. Workaround it by forcing the usage of -Os.
Compile fails with:
CC rw_bitmaps.c
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
during RTL pass: sh_treg_combine2
rw_bitmaps.c: In function 'read_bitmaps_range_start':
rw_bitmaps.c:447:1: internal compiler error: Aborted
447 | }
| ^
0x5e7a6f ???
../sysdeps/aarch64/start.S:81
Please submit a full bug report, with preprocessed source (by using -freport-bug).
Please include the complete backtrace with any bug report.
See <http://bugs.buildroot.net/> for instructions.
No need to backport, because gcc 13.2.0 was introduced recently in
Buildroot commit: 3009095ba8
Fixes:
- http://autobuild.buildroot.net/results/fb7/fb7e9c8b02b979b3a75185c0afa4ab0ca654f6f6
- http://autobuild.buildroot.net/results/659/659313b1783db491653bcc85b37da40c7b077225
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
e2fsprogs package fails to build for the SH4 architecture due to a gcc
13.2.0 bug that leads to:
during RTL pass: sh_treg_combine2
rw_bitmaps.c: In function read_bitmaps_range_start:
internal compiler error: Aborted
Let's add gcc bug to avoid to deal with architectures in packages
when a gcc bug arises. Let's instead deal directly with gcc
bug number.
It's been reported upstream:
https://gcc.gnu.org/bugzilla//show_bug.cgi?id=111001
No need to backport as gcc 13.20 was introduced recently in
buildroot.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The dependency is not provided by Buildroot, and it can potentially be
found by gdb's build system from the host system, which results in the
following build errors:
../../gdb/source-cache.c:37:10: fatal error: srchilite/sourcehighlight.h: No such file or directory
37 | #include <srchilite/sourcehighlight.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[4]: *** [Makefile:1645: source-cache.o] Error 1
make[4]: *** Waiting for unfinished jobs....
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
screenfetch requires an "awk" implementation, but upstream would
only use an executable called "awk": pick up upstream patch that
can autodetect awk implementation, so that "mawk" can be used.
Signed-off-by: Nicolas Boichat <drinkcat@google.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Most of the users use HDMI console on RPi and with increasing popularity
of systemd they face a trouble.
systemd doesn't use /etc/inittab, enable getty@tty1.service instead.
Signed-off-by: Alexey Roslyakov <alexey.roslyakov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In Buildroot commit cc69dbf8fd
("package/libedit: bump version to 20221030-3.1"), the version of
libedit was bumped from 20210910-3.1 to 20221030-3.1. This broke the
build with uClibc:
./sys.h:96:1: error: unknown type name 'ssize_t'; did you mean 'size_t'?
Header file uses ssize_t so sys/types.h must be included.
This commit adds a patch that fixes this issue.
Fixes:
http://autobuild.buildroot.net/results/439538b23776a58ff81c38754a19ee92c3590a1f
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit "f6fe8932df pkg-generic: add checks on deprecated variables
FOO_BAR_OPT" introduced checks for deprecated variables, and warns the
user to use _INSTALL_HOST_OPTS instead of _INSTALL_HOST_OPT.
Commit "6a25cec33d package/pkg-cmake.mk: rename _INSTALL_HOST_OPTS ->
_INSTALL_OPTS" removed the usage of _INSTALL_HOST_OPTS but didn't add a
check for the deprecated variable.
Add a warning to change _INSTALL_HOST_OPTS to _INSTALL_OPTS.
And change the warning for _INSTALL_HOST_OPT to also suggest
_INSTALL_OPTS.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The note above the erlang version instructs to refer to another note
further down the file. However, even if it is not too difficult to find,
it is still located a bit too far away, and the reference is not very
explicit what note we should look at.
When we introduced that variable in 6c1d128844 (package/erlang: export
EI_VSN so other packages can use it), the rationale for hard-coding it
was "to avoid spawning a shell every time the variable is dereferenced".
However, that can get a bit confusing and hard to follow. Also, that in
fact spawns a shell only once for each rebar-packages, so the overhead
is far from being too high.
The EI_VSN is only used by rebar-package packages, is derefrenced from
the rebar-infra and not the packages themselves, and is not needed by
erlang itself (it knows its own EI_VSN), so we can de-hard-code it, and
rely on build-time detection, by looking in the appropriate file.
We have two files where we could look:
- lib/erl_interface/vsn.mk in the erlang source tree, but it is not
installed,
- .../lib/erlang/releases/$(ERLANG_RELASE)/installed_application_versions
as installed by erlang.
We use the second one, as it is cleaner, for a package, to look into
installed files, rather than to look in the source tree of another
package.
Although both the host and target erlang are the same, we still look
into the corresponding file to extract the version. This is so that it
would be easier if in the future we ever manage to rely on a
system-installed erlang that could have a EI_VSN different from the
target one.
We can't re-use the variable ERLANG_EI_VSN, because it now needs to be
$(call)-ed with a parameter. Hopefully, external packages that use it
directly rather than through the rebar infra, are not legion...
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Will Newton <will.newton@gmail.com>
Cc: Johan Oudinet <johan.oudinet@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update linux-3.14.config for Galileo to enable Linux kernel root
file system on NFS.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Support for MIPS IV was dropped in commit
dd45fe0efb ("arch/mips: remove
deprecated mips1/2/3/4 support"). However, even though it is an older
ISA than R1, it is still useful to support older MIPS-based
systems (e.g.: Cobalt Qube).
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This version makes it explicit that it uses libxdiff, a library which is
not maintained upstream since 2008. It now have numerous forks, none of
them sticking out. For now, use the one which is bundled in the libgit2
sources.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch taken from upstream pull request ([1]) to fix gcc-13.x compile
failure because of a missing csdtint include.
Fixes:
In file included from libserial/SerialStreamBuf.h:36,
from SerialStreamBuf.cpp:34:
./libserial/SerialPortConstants.h:93:37: error: ‘uint8_t’ was not declared in this scope
93 | using DataBuffer = std::vector<uint8_t> ;
| ^~~~~~~
[1] https://github.com/crayzeewulf/libserial/pull/186
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- update to latest git version
- switch to https url for better access for users behind a proxy
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Support for m68k with MMU in musl was added in 2018 with
commit f81e44a0d96c88e052e51982f9fdd6fe0a212b46.
Tested with qemu_m68k_q800_defconfig.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 503252d8b0 (boot/lpc32xxcdl: remove package) forgot to remove
the special handling in genrandconfig. Since the package no longer
exists, we don't need to special-case its symbol anymore, so drop it
now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This package has dubious licensing conditions (not even documented in
the .mk file), and is a bootloader for very old platforms. The
defconfigs making use of it have been removed in Buildroot in 2014, in
commit c6a410964b ("configs: remove
lpc32xx defconfigs"), so let's get rid of the package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
[yann.morin.1998@free.fr: remove reference in test]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds a new defconfig for OrangePI PC2 board.
It was supported before in Buildroot, however due to problems in
building TF-A, it was removed in commit
eeede611f8. This commit re-adds it, in a
state that properly builds.
Signed-off-by: Javad Rahimi <javad321javad@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Newer versions of Google's Material Design icon package are structured
differently, making a version bump no so trivial. While work can be done
to support this, considering this package is using v2.2.3 and the most
recent version is v4.0, it is most likely that this package is not being
used. Environments which desire Material icons/fonts/etc. will most
likely achieve better results be managing their own custom package to
have an explicit selection/filter of design styles (e.g. standard,
Android, etc.), variants (basic, outlined, rounds, etc.), display
resolutions and scale selection desired.
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Until now, the Python build system was building a _dbm.cpython-*.so
native module when BR2_PACKAGE_PYTHON3_BERKELEYDB was enabled, but
since the bump of Python to 3.11.x, it was no longer building this
native module.
Investigation this, we found out that Python 3.11 changed how libdb
was detected [1] and that check now fails:
quoting configure log:
checking for libdb... no
quoting python config.log:
conftest.c:(.text.startup+0x8): undefined reference to `__db_ndbm_open'
However, in fact it turns that this problem is not new in Python
3.11. In Python 3.10, the build system was always producing the native
module, but it was in fact not working at runtime:
>>> from _dbm import *
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: /usr/lib/python3.10/lib-dynload/_dbm.cpython-310-arm-linux-gnueabihf.so: undefined symbol: __db_ndbm_delete
It was not really visible because when one does "import dbm", it
actually tries several "backends", including ndbm (which relies on
_dbm above), and if it doesn't work, it falls back silently on a pure
Python implementation.
So the issue was never noticed, but has already been there,
potentially forever.
In order for this _dbm native module to be built (Python >= 3.11) or
to work (Python < 3.11), the BerkeleyDB library need to be built with
its so-called "dbm" interface, which we do by selecting select
BR2_PACKAGE_BERKELEYDB_DBM.
And now:
>>> import _dbm
>>>
[1] https://github.com/python/cpython/blob/d2340ef25721b6a72d45d4508c672c4be38c67d3/configure.ac#L4002
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Thomas: did more research to have a better explanation of what is
happening, and realize the problem is not related to Python 3.11]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add support for the icicle kit, the main development board for
Microchip's PolarFire SoC.
The configuration file is microchip_mpfs_icicle_defconfig. It builds a
bootable kernel image with an embedded root file system. The image
built can be flashed to the board using the eMMC or an SD card.
The yaml configuration file is used by the hss payload generator. It
maps the ELF binaries or binary blobs to the individual application
harts (U54s).
The image generator script sets the partitions of the image.
The kernel fragment file sets additional configurations for the icicle
kit in buildroot that are not in the default configuration.
The image tree souce file creates a FIT image.
The post image script creates the payload using the payload generator
host package and finally, creates the FIT image using the ITS after the
kernel build.
The U-Boot script and additional U-Boot configurations ensure that
U-Boot behaves as expected for the icicle kit and boots the FIT image.
The readme.txt file documents how to build and boot the icicle kit with
this configuration.
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Reviewed-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The Buildroot icicle kit configuration uses the Hart Software
Service's (HSS) payload generator tool. This tool creates a formatted
payload image for the HSS zero-stage bootloader on PolarFire SoC,
given a configuration file and a set of ELF binaries. The
configuration file is used to map the ELF binaries or binary blobs to
the individual application harts (U54s). Add the HSS payload generator
as a host package to support this.
Signed-off-by: Jamie Gibbons <jamie.gibbons@microchip.com>
Reviewed-by: Valentina Fernandez <valentina.fernandezalanis@microchip.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit duplicates the asus_tinker_rk3288_defconfig changing:
- BR2_LINUX_KERNEL_INTREE_DTS_NAME to rk3288-tinker-s
- BR2_TARGET_UBOOT_BOARD_DEFCONFIG to tinker-s-rk3288
- extlinux.conf devicetree to /boot/rk3288-tinker-s.dtb
- root device format to <major>:<minor> in order to prevent the kernel to mount rootfs
from the wrong device
- Add Flávio Tapajós for configs/asus_tinker-s_rk3288_defconfig and for
configs/asus_tinker-s_rk3288_defconfig and for board/asus/tinker-s
Signed-off-by: Flávio Tapajós <flavio.tapajos@newtesc.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While it's not strictly necessary to update go-bootstrap-stage2, we can
continue to update the package to the latest 1.19.x until Go 1.19.x is
discontinued, at which point we can leave it at the final 1.19.x
version.
This package is only used when bootstrapping host-go.
go1.19.11 includes a security fix to the net/http package, as well as
bug fixes to cgo, the cover tool, the go command, the runtime, and the
go/printer package.
https://go.dev/doc/devel/release#go1.19.minor
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the newly introduce backend option (4cf79d9b71)
to specify what cmake backend to use, instead of special-coding it's use.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the versal_vck190_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
- TF-A v2.8 (including mainline patches)
- PLM xilinx_v2023.1
- PSMFW xilinx_v2023.1
- versal-firmware uses new github.com/Xilinx/soc-prebuilt-firmware repo
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The m68k Linux kernel build is broken with binutils >= 2.41 with:
arch/m68k/fpsp040/skeleton.S: Assembler messages:
arch/m68k/fpsp040/skeleton.S:502: Error: junk at end of line, first unrecognized character is `#'
arch/m68k/fpsp040/skeleton.S:508: Error: junk at end of line, first unrecognized character is `#'
This commit adds a backport from the upstream Linux kernel which fixes
this issue. Many thanks to Romain Naour for the issue investigation
and the identification of the kernel commit fixing this.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In upstream commit e71ecc8771a4f13bc6046438ab0845944831b9a6 ("build:
Remove deprecated -Diconv option"), merged since glib 2.75.1, the
meson -Diconv option was removed.
In Buildroot, this means that the build of libglib2 has been broken
since commit 3f9622fe3d, which bumped
libglib2 from 2.72.3 to 2.76.1 for configurations that have libiconv
enabled, causing this build failure:
../output-1/build/libglib2-2.76.1/meson.build:1:0: ERROR: Unknown options: "iconv"
iconv is now automatically detected by Meson machinery, and so the
option was considered as no longer being needed. This commit fixes
that by dropping the useless -Diconv=external.
Another related change done is remove the double addition of libiconv
into the <pkg>_DEPENDENCIES variable: libiconv can only be enabled
when BR2_ENABLE_LOCALE is disabled, and libglib2/Config.in selects
BR2_PACKAGE_LIBICONV when !BR2_ENABLE_LOCALE. So testing
BR2_ENABLE_LOCALE!=y and BR2_PACKAGE_LIBICONV=y is exactly the same
thing, causing libiconv to be added twice to the dependencies.
Fixes:
http://autobuild.buildroot.net/results/d2da03f7558f3b6ee59c813bb64115702e52704c/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libheif package fails to build for the M68K architecture due to a binutils
bug that leads to:
Internal error in emit_expr_encoded at dw2gencfi.c:215
Let's add binutils bug to avoid to deal with architectures in packages
when a binutils bug arises. Let's instead deal directly with binutils
bug number.
It's been reported upstream:
https://sourceware.org/bugzilla/show_bug.cgi?id=30730
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 134900401f (support/scripts/fix-rpath: parallelize patching
files) broke the rpath fixup, because it improperly quoted or expanded
variables:
- $@ was expanded in the main() context, rather than in the sub-bash
as expected, propagating incorrect parameters to patch_file();
- an array was passed without array expansion, so only the first item
was passed; that was in turn assigned to a string, anyway loosign
the array. Liuckily, we only ever put a single item in that array,
so that worked by chance.
We fix that by inverting the parameters to patch_elf(), where the extra
args are passed last, so we can put as many we want in the future. We
also pass every variables as positional parameters outside the bash -c
command, which allows us proper quoting of all variables, specifically
of the extra args array which now comes last.
The ultralong line was split, too, in a hopefully easier-to-read form.
Fixing all that also required fixing the many shellcheck issues at the
same time (wome were pre-existing before 134900401f).
While at it, expand two TABs into spaces like the rest of the script.
Note: shellcheck does not seem to warn when a variable expansion will be
used as the command to run, i.e. ${PATCHELF} does not trigger the
quoting error. Still, for consistency, we also double-quote it (we know
it is a single word, as it is already double-quoted once in the script).
Fixes: 134900401f
Cc: Victor Dumas <dumasv.dev@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- improve 8ULP support (rev A1)
- add mmc user fastboot support
- add fastboot partconf support
- add nitrogen8mp smarc support
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The release tarball of check 0.15.2 lacks a source file, causing a
build failure, as reported at
https://github.com/libcheck/check/issues/303. This failures happens
when thread support is not available, as the file missing is getting
compiled in when thread support is not there:
if(NOT HAVE_PTHREAD)
target_sources(check PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../lib/pthread_mutex.c)
target_sources(checkShared PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../lib/pthread_mutex.c)
endif()
This issue started appearing when we moved from the autotools build
system to the CMake build system in commit
6dfc789f4f. One might wonder why
changing the build system can cause this kind of issue: the file was
in fact already missing. Turns out that the missing file is never used
with the autotools build system: this file provides some Win32
compatibility layer for pthread functions, so the autotools build
system never compiled this file as the autotools build system was only
used on Unix platforms. With CMake it now gets compiled to support
Windows platform. But on Linux, the entire contents of the file is
ignored as it is within a HAVE_WIN32_INIT_ONCE ifdef...endif. Still,
with the file missing, the build fails.
Until upstream publishes a new release with a complete tarball, switch
to fetching the Github-generated tarball, which does contain the
missing file.
Fixes:
http://autobuild.buildroot.net/results/b1087e9a67ff0382632b73f280fabe92cd863593/
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 4cf79d9b71 (pkg-cmake: add option to select the Ninja
generator) forgot to account for the late expansion rule in the inner
infrastructure macros, which breaks the build in two ways:
1. the expansion of $(firstword $$(MAKE)) does not actually expands to
the first word, but to the full value of $(MAKE);
2. the paths are invalid for per-package directories.
Fix that by applying the proper double-dollar rule for inner macros.
Reported-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Using "xargs" instead of "while read" loop allows for the patching of
files to be parallelized. This significantly reduces the amount of
time it takes to fix all the paths. On a larger RFS(~300MB) this
script was taking 5 minutes, it now only takes about 30s on a 12 core
machine.
Signed-off-by: Victor Dumas <dumasv.dev@gmail.com>
[Thomas: take into account the suggestion of Quentin Schulz to pass
PARALLEL_JOBS through the environment down to the fix-rpath script]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mpd's Config.in selects expat and/or yajl depending on which
sub-options is enabled, and adds build dependencies, but does not pass
-D<option>=enabled/disabled for both of these features, relying on
auto-detection.
This commit fixes that by explicitly enabling/disabling expat and yajl
depending on their presence. The mpd sub-options no longer need to
have these as build-time dependencies, as it is handled globally.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[Thomas: extracted from
https://patchwork.ozlabs.org/project/buildroot/patch/20221005091032.3014-5-br015@umbiko.net/]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Just like BR2_PACKAGE_MPD_UPNP_PUPNP needs expat and curl support,
BR2_PACKAGE_MPD_UPNP_NPUPNP also needs expat and curl. curl was
already selected, but not expat. It didn't cause any visible issue, as
BR2_PACKAGE_MPD_UPNP_NPUPNP selects BR2_PACKAGE_LIBNPUPNP, which
itself select BR2_PACKAGE_EXPAT. But as mpd directly checks for the
availability of expat, it makes sense to also select it directly.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[Thomas: extracted from a larger patch at
https://patchwork.ozlabs.org/project/buildroot/patch/20221005091032.3014-5-br015@umbiko.net/]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
id3tag is a sub-feature that is needed to extract information from mp3 files.
It selects the corresponding library and handles config settings. Two other
features need this sub-feature, but handle all library selections themselves
and omit enabling the id3tag feature. In consequence, users have to remember
to select both mp3 library and id3tag, otherwise the mpd executable will not
process mp3 files.
Reflect feature dependency in mpd Config.in to make id3tag selection automatic.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 54b9008d48 ("package/mpd: bump
to version 0.21.11"), mpd was migrated from using the autotools build
system to the meson build system.
As part of this, the BR2_PACKAGE_MPD_TCP was incorrectly modified,
leading BR2_PACKAGE_MPD_TCP disabled to actually enable TCP, and
BR2_PACKAGE_MPD_TCP enabled to not explicitly enable TCP support.
This commit fixes that by handling this option in the common way.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds support for the i.MX8DXL SoC from NXP, by adding a
new BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX8DXL and propagate its
support in the affected packages.
Signed-off-by: Stefan Nickl <Stefan.Nickl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The COPYING and EULA files have changed, with the following main
changes:
- update to copyright years
- switch from ASCCI double quotes to fancy Unicode ones ("" -> “”)
- reflow the license text
- identify new third-parties and their conditions
Signed-off-by: Stefan Nickl <Stefan.Nickl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The COPYING and EULA files have changed, with various changes, mainly:
- update to copyright years
- switch from ASCCI double quotes to fancy Unicode ones ("" -> “”)
- reflow the license text
- identify new third-parties and their conditions
Signed-off-by: Stefan Nickl <Stefan.Nickl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Both the COPYING and EULA files have changed, with the following main
changes:
- update to copyright years (2022 -> 2023)
- switch from ASCCI double quotes to fancy Unicode ones ("" -> “”)
- reflow the license text
- identify new third-parties and their conditions
Signed-off-by: Stefan Nickl <Stefan.Nickl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the zynqmp defconfigs to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
- ATF v2.8 (including mainline buildroot patches)
- PMUFW xilinx_v2023.1
- Updated pm_cfg_obj.c from Vitis v2023.1
- Removed kria u-boot patch which is included with xilinx-v2023.1
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The less package currently installs only the "less" binary, rather
than running the default "make install" behavior from the autotools
build system.
However, at least another binary, "lessecho" is needed for the "s"
command in less to work properly: so in that sense this commit is
fixing a broken behavior.
Since the less installation only installs 3 programs, "less",
"lessopen" and "lesskey", there is no good reason to not use the
default installation command, which we do in this commit.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
[Thomas: rework commit message]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that gdb 13.x has been added, and 12.x made the default, follow
our usual logic of dropping the oldest gdb version: 10.x.
Only the special ARC release still needs some special handling of the
GMP dependency.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We can remove the quirk around BR2_or1k: it was there to make sure
that 11.x was the default when no target gdb is selected for all
architectures except or1k, and that 12.x would be used by default on
or1k, as 11.x is not available/broken.
Now that 12.x is the default for everybody, this quirk is no longer
needed. 11.x was already no selectable for or1k, and remains not
selectable.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sadly, the stack of patches remain exactly the same, none of the
changes have been upstreamed.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Like git which can have submodules, subversion can have externals. The
default behaviour for subversion is to retrieve all the externals,
unless told otherwise.
For some repositories, the externals may be huge (e.g. a dataset or some
assets) and may not be required for building the package. In such a
case, retrieving the externals is both a waste of network bandwitdh and
time, and a waste of disk storage.
Like for git submodules and git lfs, add an option that packages can set
to specify whether they want externals or not.
Since we've so far been retrieving externals, we keep that the default,
and packages can opt-out (rather than the opt-in for git submodules or
git lfs).
We must only set it when the package is actually hosted on svn, to avoid
passing -r when the package is not hosted by svn; otherwise, -r would
also be passed e.g. to a git-hosted package, triggering the download of
git submodules even when they are not requested. We need to do so,
because we have a default value, which we usually do not have in other
download options.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When an svn repository requires credentials, and they are passed
in _DL_OPTS, they must be used also to retrieve the revision date.
One could argue that credentials should not be handled in _DL_OPTS, but
rather that they be fed through other means (e.g. by pre-authenticating
manually once in an interactive session, or by filling them in the usual
~/svn/auth/* mechanisms for a CI).
However, some public facing repositories are using authentication, even
though the credentials are public. This is the case for example for:
http://software.rtcm-ntrip.org/
In such a case, it does make sense to pass credentials via _DL_OPTS,
because they are not really, even really not, secret.
Another use-case (e.g. for a CI) is to pass the credentials as
environment variables, with _DL_OPTS not hard-coded in the .mk file.
However, _DL_OPTS may contain options that are not valid for 'svn info',
as they are meant to be passed to 'svn export' in the first place. Since
the only options common to 'svn info' and 'svn export' are the
credentials, we just extract those and pass them to 'svn info'.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bizarrely enough, the unquoted expansion of ${quiet} does not trigger
any warning from shellcheck, so we do not add any exception for it.
${SVN} can contain more than one item, but we don't care about splitting
on spaces when we just print it for debug, so we can just quote it
rather than add an exception.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
uClibc now provides fexecve(), so crun can build just fine with
uClibc. However, argp-standalone is needed, just like it was needed
for musl.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Libsoup3 has a new API [1], packages using libsoup may not compile
with libsoup3 or may crash at runtime in unexpected ways, so we add a
new package. It can be installed side by site with libsoup, without
any conflict.
[1] https://libsoup.org/libsoup-3.0/ch02.html
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the newly introduce backend option to specify what cmake backend to
use, in lieue of special-coding its use as done in 78d499409f
(package/wpewebkit: Build with ninja).
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use the newly introduce backend option to specify what cmake backend to
use, in lieue of special-coding its use as done in 16e5c92ff5
(package/webkitgtk: Build with ninja).
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
elf2flt needs to link against libbfd.a and libiberty.a which are
provided by host-binutils, but not installed, so we poke directly
into the host-binutils build directory. While not very nice, it has
already been like this for a long time. We could build host-binutils
with --enable-install-libbfd and --enable-install-libiberty so that
those libraries are installed, but we prefer to do this separately,
and there is a serious potential for perturbations to other packages
by having libbfd/libiberty installed in $(HOST_DIR).
In the mean time, an issue of poking directly into the host-binutils
build directory is that the location of libbfd.a has changed in
binutils >= 2.41, so we special case binutils 2.39 and 2.40, which are
the two remaining versions still using the "old" path".
Note: the ARC-special binutils version is not considered because
Buildroot only supports ARC CPUs with a MMU and therefore host-elf2flt
is never used on ARC.
Fixes:
gcc: error: /builds/buildroot.org/toolchains-builder/build/output/build/host-binutils-2.41/bfd/libbfd.a: No such file or directory
When build host-elf2flt against host-binutils 2.41.
This issue is not visible in the autobuilders as it is hidden by the
BFD_VMA_FMT issue fixed in the previous commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some patches had some fuzz, and patch 0004 was no longer applicable
using "git am". Patch 0006 is renamed so that it matches the commit
log title, as generated automatically by git format-patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cmake supports multiple generators. For now, Buildroot only uses the
venerable "GNU Makefile" generator, which generates Makefiles as the
build backend.
Cmake also has support for Ninja as a build backend, and provides the
corresponding generator. Ninja is a small build system with a focus on
speed. It is mainly used with the meson build system, but also cmake has
very good support for it.
Packages that are selecting Ninja (or over time another generator),
should also use the _BUILD_{ENV,OPTS} variables instead of the _MAKE
variables.
No _INSTALL{,_STAGING,_TARGET}_OPTS used so far, so reuse as cmake install opts:
$ grep '_INSTALL_OPTS' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
$ grep '_INSTALL_STAGING_OPTS' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
$ grep '_INSTALL_TARGET_OPTS' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
The _MAKE_{ENV,OPTS} are copied to _BUILD_{ENV,OPTS}, involved packages:
$ grep '_MAKE_ENV =' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
package/netopeer2/netopeer2.mk:NETOPEER2_MAKE_ENV = \
package/racehound/racehound.mk:RACEHOUND_MAKE_ENV = $(LINUX_MAKE_FLAGS)
(qt6, webkitgtk, and wpewebkit also match, but already use -Gninja)
$ grep '_MAKE_OPTS =' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
package/mariadb/mariadb.mk:HOST_MARIADB_MAKE_OPTS = import_executables
package/zeek/zeek.mk:HOST_ZEEK_MAKE_OPTS = binpac bifcl
Only "musepack" seems to overwrite MAKE to enforce -j1, so replace it:
$ grep '_MAKE =' $(git grep -l -E '\$\(eval \$\((host-)?cmake-package))')
package/musepack/musepack.mk:MUSEPACK_MAKE = $(MAKE1)
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Reviewed-by: John Keeping <john@metanate.com>
[yann.morin.1998@free.fr:
- switch to FOO_CMAKE_BACKEND = (make|ninja)
- use firstword of $(MAKE), not $(BR2_MAKE)
- explain why we use firstword of $(MAKE)
- update manual with the three new variables
- yweak commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In 2b43579e94 (package/gdal: switch to cmake build to fix libgeotiff
detection) a workaround was added to use the generated 'Makefile' rather
than the bundled-for-autotools GNUMakefile, which was supposedly removed
for the then upcoming 3.6 version.
In 4c17985880 (package/gdal: bump version to 3.6.2) the bump occured,
but the workaround was left untouched. However, in 3.6.2, there is
indeed no GNUMakefile anymore.
Drop the workaround now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the bump of ccache from 4.7.4 to 4.8.2 in Buildroot commit
1db3f0f844 ("package/ccache: bump
version to 4.8.2"), it started failing to build on machines that use
gcc 12.3, due to a bug in gcc:
/home/buildroot/autobuild/instance-0/output-1/build/host-ccache-4.8.2/src/storage/local/LocalStorage.cpp:701:24: required from here
/home/buildroot/autobuild/instance-0/output-1/build/host-ccache-4.8.2/src/Logging.hpp:33:7: internal compiler error: Segmentation fault
33 | Logging::log(std::string_view(message_)); \
| ^~~~~~~
Upstream ccache has committed a workaround to avoid this compiler bug,
which we backport in this commit.
Fixes:
http://autobuild.buildroot.net/results/cd341365d1c429bfca505a742e86b3090897db23/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The at91dataflashboot code contains some hand-written ARM assembly
that uses ARM classic instructions, and will not build in Thumb-1
mode.
This issue has always existed in Buildroot, but it's only since we
started testing random configurations, including Thumb-1
configurations, that this issue popped up.
Fixes:
http://autobuild.buildroot.net/results/68bf2291201ef1882d8e8d3eca2b1a5ad731e4b0/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/992/99235aa2aca1afe031a088baebbd46057fe75fcd/
/home/autobuild/autobuild/instance-15/output-1/build/tvheadend-fe47ecb5504a521fed9c1ca9705fb0dd2bb8443a/src/atomic.h:253:
undefined reference to `__sync_lock_test_and_set_8'
/home/autobuild/autobuild/instance-15/output-1/build/tvheadend-fe47ecb5504a521fed9c1ca9705fb0dd2bb8443a/src/atomic.h:81:
undefined reference to `__sync_fetch_and_add_8'
The build error was introduced by the latest bump of tvheadend with
commit 67cbbbfe6e.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot commit 319c56dfe3 bumped
stellarium which included this commit
https://github.com/Stellarium/stellarium/commit/186b06fa215bd28ea03cc291dc861b552af8d99a
It removed the previously bundled QXlsx source and lets stellarium
git-clone the sourcecode of the QXlsx package (not present in buildroot)
during the build:
$ find output/build/stellarium-23.2/ -iname .gitignore | grep qxl
output/build/stellarium-23.2/_deps/qxlsxqt5-src/.gitignore
which breaks offline builds.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot commit 319c56dfe3 bumped
stellarium which included this commit
https://github.com/Stellarium/stellarium/commit/186b06fa215bd28ea03cc291dc861b552af8d99a
It removed the previously bundled libindi source and lets stellarium
download the sourcecode of the indiclient package (not present in
buildroot) during the build:
$ find output/build/stellarium-23.2/ -iname *.zip
output/build/stellarium-23.2/_deps/indiclient-subbuild/indiclient-populate-prefix/src/v1.8.5.zip
which breaks offline builds.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The patch adds an option that allows you to not install the data along
with the binaries (less than 100kb), saving 1.4Mb of rootfs data.
By default, the data is installed for backward compatibility.
Cc: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot 2022.05 use binutils 2.37 by default, but the binutils
version was downgraded to the previous binutils version in qemu_ppc64*
defconfigs due to a bug in binutils 2.37 [1].
Later when binutils 2.36 has been removed the binutils version has
been updated to 2.38 (even though it was already the default version
selected by Buildroot at that time) [2].
Since then, several binutils release has been added and the binutils
version 2.38 has been removed recently [3].
Since the initial bug is gone with the removal of binutils 2.37,
we can safely remove the binutils version from qemu_ppc64 defconfigs.
[1] 1e2fe860f3
[2] e461c9adc8
[3] 1391c99d62
Fixes:
https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/4798047373
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Cédric Le Goater <clg@kaod.org>
Cc: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is no such thing as a BR2_TARGET_GENERIC_TTY_PATH variable. The
comment here should mention BR2_TARGET_GENERIC_GETTY_PORT instead.
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go1.20.7 (released 2023-08-01) includes a security fix to the crypto/tls
package, as well as bug fixes to the assembler and the compiler.
Fixes CVE-2023-29409: restrict RSA keys in certificates to <= 8192 bits
Extremely large RSA keys in certificate chains can cause a client/server to
expend significant CPU time verifying signatures. Limit this by restricting the
size of RSA keys transmitted during handshakes to <= 8192 bits.
Based on a survey of publicly trusted RSA keys, there are currently only three
certificates in circulation with keys larger than this, and all three appear to
be test certificates that are not actively deployed. It is possible there are
larger keys in use in private PKIs, but we target the web PKI, so causing
breakage here in the interests of increasing the default safety of users of
crypto/tls seems reasonable.
https://go.dev/doc/devel/release#go1.20.7
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since its introduction in 7d8a59b40, the BR2_x86_geode CPU target has
pointed to GCC -march=geode which targets AMD Geode processors [0].
This arch tuning enables MMX and 3DNow! extensions in GCC but these are
not currently reflected in the selected flags by BR2_x86_geode.
This is likely due to the confusing naming and history of "Geode".
The AMD Geode can trace its origins back to the Cyrix MediaGXm [1] and
then to the NSC Geode GXm/GXLV/GX1/GX2 [2]. All of these processors have
MMX instruction support listed in their datasheets. The NSC GX2 was the
first in the series to enable 3DNow!.
When 7fed07d3a4 introduced BR2_X86_CPU_HAS_MMX, Geode was skipped
presumably because it wasn't clear that the target is AMD Geode and
because the Wikipedia documentation for Geode is incomplete [2] with
regards to supported instructions as they all support MMX.
When f6cd56b9ce introduced BR2_X86_CPU_HAS_3DNOW, Geode was skipped
presumably for similar reasons.
Note: the in-tree olpc_xo1_defconfig uses BR2_x86_geode which is fine
as this hardware uses the AMD Geode [3].
Make it more clear that the target is AMD Geode by renaming the Kconfig
menu option and add both MMX and 3DNow! flags to BR2_x86_geode.
This also means that BR2_x86_geode_mmx is no longer needed, and can be
removed. No legacy handling is needed since BR2_x86_geode_mmx has
never been part of any release.
[0]: https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/config/i386/geode.md;;hb=HEAD
[1]: https://en.wikipedia.org/wiki/MediaGX#MediaGXm
[2]: https://en.wikipedia.org/wiki/Geode_%28processor%29
[3]: https://wiki.laptop.org/go/Hardware_specification
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that 2.41.x has been added, that 2.40.x is the default version,
drop support for 2.38.x.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that 2.41 has been released, let's use 2.40.x as the default
binutils version.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release notes:
https://sourceware.org/pipermail/binutils/2023-July/128719.html
Copied patches from version 2.40.
Build-tested using these four defconfigs:
----------
BR2_arceb=y
----------
BR2_BINUTILS_VERSION_2_39_X=y
----------
(empty defconfig meaning binutils-2.40)
----------
BR2_BINUTILS_VERSION_2_41_X=y
----------
each using these commands:
$ make host-libiberty
$ make host-binutils
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
composer describes itself as a dependency manager for PHP, it is used
by projects such as CakePHP.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Having a working PHP with the correct version, is mandatory for
executing some PHP tools, such as composer, when building packages.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mhz is a tool to mathematically calculate the real running CPU frequency
and as such has proved as invaluable tool for developing CPUFreq and
similar features in the kernel.
Its source finally got a license recently so it can be packaged.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit [1], the testsuite build is unconditionally disabled
although we have the option BR2_PACKAGE_XENOMAI_TESTSUITE to
install Xenomai testsuite on the target.
Handle --disable-testsuite option with BR2_PACKAGE_XENOMAI_TESTSUITE.
[1] 74196b7d05
Signed-off-by: Pierre Ficheux <pierre.ficheux@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add purge loacle data support (inspired by BR2_ENABLE_LOCALE_PURGE
handling in Makefile) to reduce target space allocation by the
python-babel package, e.g. from 32MB to 24K for
target/usr/lib/python3.11/site-packages/babel/locale-data with
BR2_ENABLE_LOCALE_WHITELIST="C en_US de_DE".
The special en_US_POSIX locale data is kept as it is used by default
by the python-babel code:
https://github.com/python-babel/babel/blob/0ce196fccc024b1a65453ba6519954ada1dab6cb/babel/core.py#L1076
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds esp-hosted package that allows to build the Linux
Kernel Driver for Espressif Esp32-* SoCs, that once programmed with
the corresponding firmware behave like a normal Wi-Fi module. Both
SDIO and SPI busses are supported and selectable.
Cc: Jesse Taube <jesse.taube@benettiengineering.com>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Provides the `swaybg` utility, which is commonly used with `sway` to
manage background images/color configuration for the compositor.
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patch 0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
should have been deleted as part of Buildroot commit
08792a60df ("package/sysdig: bump to
version 0.29.3"). Indeed, this patch was merged upstream as commit
114436c1a45142ef73acfc2607fbc6572782160f between 0.29.2 and 0.29.3.
This fixes the following build failure:
Applying 0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch using patch:
patching file cmake/modules/nlohmann-json.cmake
Reversed (or previously applied) patch detected! Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file cmake/modules/nlohmann-json.cmake.rej
There are no autobuilder failures, probably because getting to build
sysdig requires so many special conditions that it never triggered.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9079079092 (utils/docker-run: fix support for git-worktrees)
got last-minute changes when it was applied, and the case when the
current working directory is not the top of the current working copy
got broken.
Fix that by duplicating (and thus reinstating) the 'cd MAIN_DIR' to
match what is done when retrieving the git-common-dir.
Fixes: 9079079092
Reported-by: Brandon Maier <Brandon.Maier@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
From https://marlam.de/msmtp/news/:
"""
msmtp 1.8.24 is released
2023-06-29
This release fixes the allow_from_override command, adds the
from_full_name command, fixes a few minor bugs and updates the
translations (thanks again to everyone at translationproject.org).
msmtp 1.8.23 is released
2023-01-30
This release fixes XOAUTH2 authentication with some servers, updates
the msmtpq scripts, and updates the translations (including a new
Swedish translation).
"""
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The cmocka package checks if a toolchain supports the
-fstack-clash-protection compiler flag, and if it does automatically
uses it. That flag is not supported by GCC for Thumb1 builds (at least
as of both GCC 11 and GCC 12). Let's tell cmocka about this by passing
-DWITH_STACK_CLASH_PROTECTION=OFF in this configuration, as suggested
by Arnout Vandecappelle.
Fixes:
http://autobuild.buildroot.net/results/4044b3a71d3130d934c7a7c0c5badfabb2a97030/
Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
[Thomas: change the initial patch from Joel to use the suggestion from
Arnout]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add swugenerator as host utility to generate images for swupdate with
all the possible options available like encryption, passkey etc.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Current versions of sam-ba are 64bit only.
objdump -p $(HOST_DIR)/bin/sam-ba
$(HOST_DIR)/bin/sam-ba: file format elf64-x86-64
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This library provides an API suitable for the decode of
ARM(r) CoreSight(tm) trace streams.
OpenCSD is for example an optional dependency in the Linux
"perf" tool, starting from kernel version 5.1.
https://github.com/Linaro/OpenCSD
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the libiberty package is not the same version as the one packaged
with binutils AND if libiberty is installed before binutils, then the
below error is observed. Hence for now let us keep the versions in sync.
/usr/bin/ld: ../libiberty/libiberty.a(hashtab.o):(.data.rel.local+0x0)
: multiple definition of `htab_eq_pointer'
Fixes:
http://autobuild.buildroot.net/results/f07/f077ec588b395102ad501a18c85d5030c0765031/
Build-tested using these four defconfigs:
----------
BR2_arceb=y
----------
BR2_BINUTILS_VERSION_2_38_X=y
----------
(empty defconfig meaning binutils-2.39)
----------
BR2_BINUTILS_VERSION_2_40_X=y
----------
each using these commands:
$ make host-libiberty
$ make host-binutils
Signed-off-by: Akshay Bhat <nodeax@gmail.com>
[Bernd: bump to version 2.40, replace hash file with link to binutils]
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Similar to dnsmasq, mrouted saves state data across reboots in the
/var/lib/misc/ directory. In the case of mrouted it is the unique
generation id (used by neighboring mrouted routers to identify any
router restarting). This file is generated on first boot.
Workaround only needed for systemd builds, the sysv skeleton already
has the /var/lib/misc/ directory.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream ChangeLog:
- Ignore IGMP proxy querys (src ip: 0.0.0.0), they must never win a
querier election
- Fix compat read location and new location for mrouted.genid
- Fix "non-decreasing" generation id, must increment on each restart
- Add support for configurable IGMP query response interval
- Add support for configurable IGMP querier timeout
- New 'join-group <group>' phyint option for cases where an IGMP
snooping switch blocks flooding of multicast to the port where
mrouted is connected
- On startup and reconf, log why we skip disabled interfaces
- Change to always log when assuming the IGMP querier role
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Similar to dnsmasq, ssdp-responder saves state data across reboots in
the /var/lib/misc/ directory. In the case of ssdp-responder it is the
(per-device unique) UUID that is generated on first boot.
Workaround only needed for systemd builds, the sysv skeleton already has
the /var/lib/misc/ directory.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream ChangeLog, summary:
- Add support for JSON output with 'ssdpd-scan -j'
- Dump received data from devices in 'ssdp-scan -l debug'
- Termios support for disabling '^C' output from 'ssdp-scan'
- Update copyright years, LICENSE file hash change
- Source '/etc/default/ssdpd' from systemd unit file
- Add fallback if '/var/lib/misc' is missing on system
- Fix truncated UUID when reading from cache file
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch to enable build without c++.
Add configure option to fix subsequent configure error due to patched
source file during git version check:
CMake Error at cmake/GitVersion.cmake:118 (message):
Unable to find current project version !
Call Stack (most recent call first):
CMakeLists.txt:100 (GetGitVersion)
Fixes:
http://autobuild.buildroot.net/results/2f8/2f819871a89cb2a2df239b1f879c1babcdd022fc/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
objtool built by the kernel requires libelf
ldd TestSELinuxSystemdExt4/build/linux-6.1.26/tools/objtool/objtool
linux-vdso.so.1
libelf.so.1 => TestSELinuxSystemdExt4/host/lib/libelf.so.1
While updating the kernel used in TestSELinuxSystemd [1] we
forgot to select BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF to provide
Buildroot's host-libelf. Using host-libelf avoid linking with
libelf installed on the host or failing to build objtool if
libelf is not installed.
[1] 60b84fb7ce
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4725186370 (TestSELinuxSystemdSquashfs)
https://gitlab.com/buildroot.org/buildroot/-/jobs/4725186368 (TestSELinuxSystemdExt4)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The bind package exhibits gcc bug 101737 when built for the SH4
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_101737=y.
To achieve this we need to correct the override of CFLAGS by using:
BIND_CONF_OPTS += CFLAGS="$(BIND_CFLAGS)"
instead of:
BIND_CONF_ENV = BUILD_CFLAGS"$(BIND_CFLAGS)"
since the latter doesn't work as expected and doesn't override CFLAGS.
Fixes:
http://autobuild.buildroot.net/results/e7b/e7b9a4cbee8bb16431609182b96d1ac1ccec10e7/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The rtl8821cu repository comes with a 8821cu.conf file intended to be installed
in /etc/modprobe.d - the configuration file enables some driver features.
Install the /etc/modprobe.d/8821cu.conf file to the target.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The docker-run script attempts to support git-new-workdirs and
git-worktrees by resolving the symlink at '$GIT_DIR/config' to get the
true $GIT_DIR. However this does not work for git-worktrees as they do
not use symlinks, instead they change the $GIT_DIR into a regular file
that contains the path to the real $GIT_DIR. To complicate things
further, we actually want the $GIT_COMMON_DIR which is the superset of a
worktree's $GIT_DIR.
git-rev-parse supports the '--git-common-dir' which will resolve the
$GIT_COMMON_DIR for us. However it does not work for git-new-workdirs,
so we still need to detect and handle them.
'--git-common-dir' also appeared only with git 2.10.0, released in 2016,
so it will not be available in older "enterprise-grade" distributions.
In that case, 'git rev-parse --git-common-dir' would return the option
flag '--git-common-dir' as-is, which is incorrect. So, we instruct it to
never return flags.
'--git-common-dir' also returns just '.git' for the main working copy,
but 'docker run' want an absolute path, so we canonicalise it.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
[yann.morin.1998@free.fr:
- support git versions before --git-common-dir was introduced
- don't mount GIT_DIR if unknown (i.e. not needed)
- fix expanding MAIN_DIR
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since commit 247ef2a fio has optional libiscsi engine support
This patch enables fio iscsi support if BR2_PACKAGE_LIBISCSI
was selected, which also requires pkg-config as it is used by the
configure script to detect libiscsi.
There is no --disable-libscsi option in the configure script: if
--enable-libiscsi is not passed, it doesn't even try to detect/use
libiscsi.
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog 1.09 -> 1.10:
ef1034d Tag version 1.10
c596390 Controlling TTY code fix.
32b7553 Help message problems
c89cee9 Convert repository from SVN to git
934f87f Sig unsafe functions in signal handler
ed856e6 Better "-e" handling.
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also apply system.conf and session.conf updates to dbus-broker.
License file is changed due to:
-D-Bus is licensed to you under your choice of the Academic Free
+dbus is licensed to you under your choice of the Academic Free
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add aarch64 to BR2_PACKAGE_MONO_ARCH_SUPPORTS to allow building for
aarch64 targets.
Compiles successfully and runs on the actual target (imx8mp based
board)
Signed-off-by: Stefan Mayrhofer <stefan@familie-mayrhofer.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mbpoll is a tool that can be used to test communication
with modbus slave devices
Signed-off-by: Jon Ringle <jringle@gridpoint.com>
[Thomas:
- add MBPOLL_LICENSE, MBPOLL_LICENSE_FILES
- add host-pkgconf to dependencies
- improve Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some barebox targets need to build host tools (for example rockchip64
uses scripts/rkimage) that require some host libraries, such as
host-openssl or host-libusb. These are detected by the Barebox build
system using pkg-config.
In order to allow supporting such Barebox configurations, we add two
new options: BR2_TARGET_BAREBOX_NEEDS_OPENSSL and
BR2_TARGET_BAREBOX_NEEDS_LIBUSB that respectively allow to ensure that
host-openssl and/or host-libusb are built before Barebox.
Additionally, $(1)_MAKE_ENV is adjusted to ensure that when pkg-config
is run by the Barebox build system, it finds host libraries. This is
similar to what is done in U-Boot.
This allows to fix the following build failure:
HOSTCC scripts/rkimage
Package openssl was not found in the pkg-config search path.
Perhaps you should add the directory containing `openssl.pc'
to the PKG_CONFIG_PATH environment variable
Package 'openssl', required by 'virtual:world', not found
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: /tmp/ccN8Xyaj.o: in function `main':
rkimage.c:(.text.startup+0x218): undefined reference to `SHA256_Init'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x22b): undefined reference to `SHA256_Update'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x23e): undefined reference to `SHA256_Final'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x253): undefined reference to `SHA256_Init'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x265): undefined reference to `SHA256_Update'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x275): undefined reference to `SHA256_Final'
collect2: error: ld returned 1 exit status
make[2]: *** [scripts/Makefile.host:107: scripts/rkimage] Error 1
make[1]: *** [Makefile:976: scripts] Error 2
Signed-off-by: Alexander Shiyan <eagle.alexander923@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gcc 13.2 is around, gcc 12.3 is the default version, so drop
10.4 in order to reduce the gcc choice.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since gcc 11 [1] the sparc architecture is disabled since
it produce a non working image. Buildroot now provide gcc
13.x, 12.x and 11.x and we are going to remove gcc 10
that was the last working release (thanks to a local patch).
We have to disable the internal toolchain backend for sparc
before removing gcc 10. While at it, remove !BR2_sparc
dependency for gcc 11.x, 12.x and 13.x.
[1] 2ab88dac29
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since gcc 11 [1] the sparc architecture is disabled since
it produce a non working image. Buildroot now provide gcc
13.x, 12.x and 11.x and we are going to remove gcc 10
that was the last working release (thanks to a local patch).
First remove qemu_sparc_ss10_defconfig since it will no longer
be possible to build it with the internal toolchain backend.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even if gcc 11 is still maintained for some time, switch to gcc 12.x
since it has been released since 2022-05-06 and gcc 13.x is available
since 2023-04-26.
We have been having toolchains in the autobuilders with gcc
12.x for a while, so the vast majority of the problems should have
already been solved.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order to add gcc 13 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_13 symbol.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Building kodi with cmake version 3.22.3 provided by buildroot is broken
-- Found Python3: /home/buildroot/br6/output/per-package/kodi/host/x86_
64-buildroot-linux-gnu/sysroot/usr/include/python3.11 (found suitable
exact version "3.11.4") found components: Development Development.
Module Development.Embed
-- Could NOT find Python3 (missing: Interpreter) (Required is exact
version "3.11")
Reason given by package:
Interpreter: Cannot run the interpreter "/home/buildroot/br6/
output/per-package/kodi/host/x86_64-buildroot-linux-gnu/sysroot/
usr/bin/python3"
CMake Error at cmake/scripts/common/Macros.cmake:432 (message):
PYTHON enabled but not found
Call Stack (most recent call first):
CMakeLists.txt:214 (core_optional_dep)
using this defconfig
BR2_x86_64=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_FORCE_HOST_BUILD=y
BR2_PER_PACKAGE_DIRECTORIES=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_IRIS=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
BR2_PACKAGE_HOST_CMAKE=y
due to "BR2_FORCE_HOST_BUILD=y".
The cmake version provided by my distro is 3.25.1 which works fine.
Adding "CMAKE_FIND_DEBUG_MODE TRUE" to the "find_package(Python3 [...]"
call in Kodi's cmake/modules/FindPython.cmake and comparing the logfile
of both cmake versions shows that 3.25.1 adds
CMAKE_FIND_USE_INSTALL_PREFIX: 1
while searching for python3.
This option was introduced in cmake 3.24:
https://cmake.org/cmake/help/latest/variable/CMAKE_FIND_USE_INSTALL_PREFIX.html
After introducing this fix it turns out that
0002-cmake-modules-fix-python-detection.patch is not needed anymore so
we remove this patch.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If systemd is used we should enable support in mariadb and enable
"Type=notify" in the mysqld.service unit file
"Type=notify" stops systemd from starting services which depend on mariadb
until it has notified systemd that it has finished starting up, this helps
avoid startup race conditions
Signed-off-by: Danny Wood <danny@rotronics.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure:
/tmp/ccqcLrVb.s:4053: Error: selected processor does not support `umlal r2,r1,r0,r3' in Thumb mode
/tmp/ccqcLrVb.s:4076: Error: selected processor does not support `umlal r0,r3,r1,r2' in Thumb mode
/tmp/ccqcLrVb.s:8644: Error: selected processor does not support `umlal r0,r3,r2,r4' in Thumb mode
Fixes:
http://autobuild.buildroot.net/results/1d09a0a58cbc1712416de746d57d4532df580673/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bug fixes & enhancements.
One major bug fix included in this release: The Go client now avoids using UNIX
socket paths in the HTTP Host: header, in order to be compatible with changes
introduced in go1.20.6.
Previously docker commands would fail with "invalid Host header."
https://github.com/moby/moby/releases/tag/v24.0.5
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we updated weston to version 12.0.1 the only supported launcher
was the libseat based launcher.
For this launcher to function correctly when used with weston we also
need to enable the seatd daemon.
Fixes:
[libseat/backend/logind.c:660] Could not get primary session for user: No data available
[libseat/libseat.c:76] Backend 'logind' failed to open seat, skipping
[libseat/libseat.c:79] No backend was able to open a seat
libseat: could not open seat
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patch which is now upstream.
Drop no longer supported weston-launch/launcher-logind.
Drop no longer supported color-management-colord config option.
Remove duplicate backend-headless config option.
Add new libgbm requirement for renderer-gl.
Add new freerdp server requirement for backend-rdp.
Add support for new screenshare feature.
Add support for new rdp as backend default feature.
Add support for new pipewire backend feature.
Always enable libseat launcher.
Disable new unsupported vnc backend.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For change log since 20220331, see:
- https://github.com/acpica/acpica/blob/R06_28_23/documents/changes.txt
This commit also drop the patch removing -Werror in CFLAGS, as an
alternative is now available upstream, merged in [1]. This commit is
included in release 20221020. The build commands are updated
accordingly to set the new NOWERROR=TRUE option to achieve the same
behavior.
With the patch removal, .checkpackageignore is also updated
accordingly.
Upstream commit [2] also introduced a use of wcslen() and <wchar.h>.
This commit was first included in tag R10_20_22 (version 20221020).
Therefore, this new version need wchar. The new depedency is added.
The _SOURCE file is also changed from acpica-unix2 to acpica-unix,
as the current acpica download page at [3] shows:
"""
Note: The unix2 source package is deprecated since the dual license is
now included in all source modules (along with the Intel
license). This package will be removed from future ACPICA releases.
"""
The _SITE url is also updated to the new download link, since the
acpica website now redirects to Intel:
curl -si https://www.acpica.org | grep Location:
Location: https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html
The license file hash is also updated, due to the copyright year
update. It is also worth mentioning that the files in the new archive
have three alternative licenses in their headers: Intel, BSD-3-Clause
and GPL-2.0.
Finally, since a SHA1 hash is published on the download page, it is
added to the hash file.
This version bump is motivated by the introduction of RISC-V related
definitions.
[1] https://github.com/acpica/acpica/commit/3fd0f940408fc01a2c52c5be5f2beb0218a3d907
[2] https://github.com/acpica/acpica/commit/cd6a30897593f6052abf0b9a791671dcf07b9596
[3] https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/download.html
Cc: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds the defconfig file needed to build u-boot, kernel
and rootfs for the Rock 5B. In addition it adds a kernel config
fragment file, which activates the needed ethernet driver support.
It also adds a readme and post image scripts, needed to generate an
sdcard.img file, which can be flashed on an SD card to boot the
Radxa Rock 5B.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- drop custom version
- fix shellcheck in post-image script
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently for some Rockchip SoCs binary blobs are needed, e.g., for
the RK3588 bl31 and tpl. These blobs are provided by Rockchip. This
patch adds U-Boot package options to use theses binaries, provided
by the rockchip-rkbin package, which is also introduced in this
patch series. The U-Boot package is modified so that it takes the
chosen binaries and automatically uses them during build.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- use already-qstripped variables from rockchip-rkbin
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds a package for the Rockchip ATF binary blobs. These
binaries are needed to build U-Boot for some Rockchip SoCs (e.g.,
RK3588).
As there as so many binary blobs, for each suported SoCs, it is not
practical to introduce a choice, so one must manually define which
blobs (for bl31, tpl and optee) to use from the repository, that
match their actual board.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- drop custom version
- simplify copying blobs
- slightly tweak help texts
- add hash for license file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The u-boot.stm32 image is now created by binman tool, so the
BR2_TARGET_UBOOT_BUILD_FORMAT_STM32_LEGACY configuration needs to be
disabled, but pylibfdt is now needed.
Tested on stm32mp157f_dk2.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As reported in commit [1] of the U-Boot project, the config.mk file has
been suppressed in order to use binman to manage FIT
generation. Therefore, the "u-boot.stm32" make target should no longer
be used with recent versions of U-Boot.
The configuration option added by this comit allows the creation of
the u-boot.stm32 image for both recent versions of U-Boot, which use
binman, and older versions.
Legacy handling would have suggested that this new option should
"default y" to preserve existing behavior, but as moving forward all
U-Boot new versions will no longer need this u-boot.stm32 target, it
probably makes sense here to not comply with this backward
compatibility rule, as an exception.
[1] 5564b4cd4d5c69 ("stm32mp: add binman support for STM32MP15x")
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Tested-by: David Reaver <me@davidreaver.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
check_fortran will display an error message if there is no Fortran
compiler in the toolchain. In the past, running into this error message
would be unlikely, since the Fortran test was only execuded when
BR2_TOOLCHAIN_HAS_FORTRAN was set.
However, since commit c7f641cbaa (toolchain/toolchain-external: always
call checks with dependencies), the Fortran check is unconditional. The
error itself benign, and the macro will handle the situation correctly,
since that is what it is designed to do. However, the error message
looks ugly and can be confusing.
[...]
>>> toolchain-external-custom Extracting
>>> toolchain-external-custom Patching
>>> toolchain-external-custom Configuring
/bin/bash: line 1: .../bin/aarch64-linux-gfortran: No such file or directory
>>> toolchain-external-custom Building
... everything continues normally ...
Let's suppress the error message, since triggerig the error is an
integral part of how the test works and doesn't mean that anything is
wrong.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Without this patch openssl adds -latomic twice to Libs.private in
libcrypto.pc:
cat output/per-package/opensc/host/arceb-buildroot-linux-uclibc/sysroot/usr/lib/pkgconfig/libcrypto.pc | grep atomic
Libs.private: -ldl -pthread -latomic -latomic
Instead of passing -latomic to Configure we use the target arch
"linux-latomic" which is provided by upstream since version 3.0.0
especially for libatomic handling:
https://github.com/openssl/openssl/commit/535130c39d33df41b6a7d14302a93ffaa10ebc46https://github.com/openssl/openssl/commit/cdf2986a70d92668d882eb29737225f1aaafd0f1
To be noted: the build still fails for both bootlin-armv7m-uclibc and
bootlin-m68k-5208-uclibc, but this is not a regression due to this
patch, and is tracked as #15709.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel 6.3 has split the C22 and C45 MDIO support and mdio-tools needed to
be adapted to that.
So, now that new release with support for kernel 6.3 and later is available
lets update to it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The symbol for Aarch64 big-endian, as added by 9b19030f3f
(package/fluent-bit: rework wasm handling), is misspelled.
Fixes: 9b19030f3f
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot commit c02707a342 added two
upstream patches with the same number, renumber the younger patch.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fluent-bit isn't very great at supporting the various architectures,
so help a little bit by defining the WAMR_BUILD_TARGET ourselves.
Two failures for MIPS while executing ./utils/test-pkg:
- sourcery-mips64:
core/iwasm/common/arch/invokeNative_mips.s: Assembler messages:
core/iwasm/common/arch/invokeNative_mips.s:58: Error: opcode not supported on this processor: mips64r2 (mips64r2) `ldc1 $f12,0($sp)'
core/iwasm/common/arch/invokeNative_mips.s:59: Error: opcode not supported on this processor: mips64r2 (mips64r2) `ldc1 $f14,8($sp)'
make[4]: *** [src/wasm/CMakeFiles/vmlib-static.dir/build.make:495: src/wasm/CMakeFiles/vmlib-static.dir/__/__/lib/wasm-micro-runtime-WAMR-1.1.1/core/iwasm/common/arch/invokeNative_mips.s.o] Error 1
make[4]: *** Waiting for unfinished jobs....
- sourcery-mips:
core/iwasm/common/arch/invokeNative_mips.s: Assembler messages:
core/iwasm/common/arch/invokeNative_mips.s:58: Error: opcode not supported on this processor: mips32r2 (mips32r2) `ldc1 $f12,0($sp)'
core/iwasm/common/arch/invokeNative_mips.s:59: Error: opcode not supported on this processor: mips32r2 (mips32r2) `ldc1 $f14,8($sp)'
make[4]: *** [src/wasm/CMakeFiles/vmlib-static.dir/build.make:495: src/wasm/CMakeFiles/vmlib-static.dir/__/__/lib/wasm-micro-runtime-WAMR-1.1.1/core/iwasm/common/arch/invokeNative_mips.s.o] Error 1
make[4]: *** Waiting for unfinished jobs....
Which are fixed by setting the obscure flag "WAMR_BUILD_INVOKE_NATIVE_GENERAL".
See https://github.com/bytecodealliance/wasm-micro-runtime/issues/625 for more info:
“Hi, building the invokeNative_general.c explicitly is supported now, please pull the latest code and use
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building a fip firmware (BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y), the
TF-A build recipe starts by building the host program fiptool with the
proper build environment variables. Then the main TF-A target firmware
build step takes place, with the expectation that the fiptool program will
be used under the hood if necessary.
In TF-A, the build recipe for the host program fiptool has subtly changed
after v2.7, in commit cf2dd17ddda2 ("refactor(security): add OpenSSL 1.x
compatibility"). This change has the effect to force re-linking fiptool
each time.
If we try to build with Buildroot a fip firmware with a TF-A version after
v2.7 comprising the aforementioned change, the fiptool program is forcibly
re-linked during the main firmware build step. This happens without the
proper build environment variables and consequently, if openssl is not
installed on the host, the libcrypto shared library will not be found by
the linker and the link will fail with the following error:
/usr/bin/ld: cannot find -lcrypto: No such file or directory
A patch has been integrated into TF-A to avoid re-linking fiptool when not
necessary, which should solve the problem starting with version v2.10. Add
that patch in Buildroot for versions v2.8 and v2.9, to repair the build in
the cases described above.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4664845767
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
[yann.morin.1998@free.fr:
- don't use symlink in v2.9, just copy patch
- fix numbering in v2.8 which now has two patches
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When EDK2 OVMF is built with debug, messages are printed to
IO port 0x402. Those messages are not shown in the normal
Qemu emulated serial port. Enabling this option will print
debug messages on the emulated serial port, potentially
mixing messages with UEFI serial console output.
See OVMF README:
https://github.com/tianocore/edk2/blob/master/OvmfPkg/README
This option has been useful to debug problems such as [1], in which the
emulator was hanging at startup without any log. Enabling this option
show the debug message on the console, before hanging:
...
PlatformCpuCountBugCheck: Present=0 Possible=1
PlatformCpuCountBugCheck: Broken CPU hotplug register block found. Update QEMU to version 8+, or
PlatformCpuCountBugCheck: to a stable release with commit dab30fbef389 backported. Refer to
PlatformCpuCountBugCheck: <https://bugzilla.tianocore.org/show_bug.cgi?id=4250>.
...
[1] http://lists.busybox.net/pipermail/buildroot/2023-July/670807.html
Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, there is no MMX support for modern GEODE processors in Buildroot.
Yet, some packages like ffmpeg can leverage it when the package is built.
Signed-off-by: Cherniaev Andrei <dungeonlords789@naver.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The test_pixz.py test was initially written as a standalone test.
The commit cf132a13
"support/testing/tests/package/test_compressor_base.py: new helper class"
introduced a helper class for testing data compression programs.
This commit rewrites this test to use this helper class.
The test coverage is mostly the same as before the rewrite. Notable
differences are:
- the test file is slightly smaller for faster testing,
- its content layout also slightly different.
Cc: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commits adds support for building a RISC-V toolchain with the
vector extension, available since gcc 12.
Signed-off-by: Tianrui Wei <tianrui@tianruiwei.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fluent-bit is written in pure c, so drop any cxx handling. Only the wasm
part needs c++, but that one doesn't need the fixes which are now dropped.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Luajit was not used at all when it was selected, instead fluent-bit
recompiled it without taking care of the complexities that were
handled in the luajit package. Fix this by linking dynamically to the
buildroot provided version.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Call these unconditionally to make sure proper support is flagged so
proper dependencies are included in the resultant filesystem.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Previously, it was possible for external toolchains to be used that had
support for languages or libraries that Buildroot was not aware of.
If Buildroot is not made aware of this support, it will not know to copy
the requisite libraries into the filesystem.
This is problematic as packages may perform their own checks [0] to find
out what the toolchain supports and builds will link against libraries
from the toolchain but will be missing dependencies in the filesystem.
Now, the support helpers alert the user when a toolchain supports a
language or library that has not been set in the Buildroot configuration.
Also, while we're here, add `-ffree-form` to the Fortran check to
suppress a meaningless warning.
[0]: https://bugs.busybox.net/show_bug.cgi?id=15634
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The fragments provided by toolchains.bootlin.com were incorrectly
flagging toolchains as not having OpenMP support while they had it
[0]. This has been fixed in toolchains.bootlin.com, so a run of
gen-bootlin-toolchains has allowed to adjust the toolchain definitions
in Buildroot, leading to this commit.
OpenMP support needs to be flagged so the proper libraries get copied
into the resultant filesystem to avoid missing dependencies [1].
[0]: https://github.com/bootlin/toolchains-builder/issues/60
[1]: https://bugs.busybox.net/show_bug.cgi?id=15634
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
check-package is verifying the alphabetic ordering of package names,
not directory, so package/llvm-project/clang/Config.in should be
sorted as "clang" and not "llvm-project".
Fixes:
package/Config.in:2130: Packages in: menu "Other",
are not alphabetically ordered;
correct order: '-', '_', digits, capitals, lowercase;
first incorrect package: clang
In:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4718833134
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since upstream Linux commit 6898e60f709b0047206110d3ec9f4612210e3ff7
("perf build: If libtraceevent isn't present error the build") present
in Linux 6.4 and newer, Linux will fail to build if libtraceevent is not
present. Since we do not currently have support for libtracevent in
buildroot, pass NO_LIBTRACEVENT=1 to get perf to build again.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, module libraries have a suffix based on cpython version + host
architecture: this is fine for a native compile when these libraries are used on
the same computer (or similar computers). But when target architecture is not
the same python is unable to find libraries due to the wrong suffix and produces
unclear errors messages:
# python3
Python 3.11.3 (main, Jun 19 2023, 14:15:44) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from gnuradio import blocks
Traceback (most recent call last):
File "/home/xxx/buildroot/output/build/gnuradio-3.10.4.0/gr-blocks/python/blocks/__init__.py", line 18, in <module>
ModuleNotFoundError: No module named 'gnuradio.blocks.blocks_python'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/xxx/buildroot/output/build/gnuradio-3.10.4.0/gr-blocks/python/blocks/__init__.py", line 22, in <module>
ModuleNotFoundError: No module named 'gnuradio.blocks.blocks_python'
>>>
By adding _PYTHON_SYSCONFIGDATA_NAME="$(PKG_PYTHON_SYSCONFIGDATA_NAME)" at configure time, sysconfig will
return correct informations (target architecture) instead of host architecture.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adjust comments in the Go package to improve clarity:
Config.in.host:
- Add comment mentioning list of supported architectures.
go.mk:
- Reword comment re: copying src/ to host/
- the previously linked issue is not relevant.
- instead: mention that src/ is needed for stdlib.
- Adjust comment re: adjusting file timestamps.
- mention this is needed to avoid rebuilding stdlib
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed unneeded patches and replace them with an upstream commit.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 6.3.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Following the bump of LLVM in commit
d8291fde5e ("package/llvm-project: bump
to version 15.0.3"), gcc >= 7.x is needed, so update the dependency of
BR2_PACKAGE_QT5TOOLS_QDOC_TOOL accordingly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Add new build dependencies to lld and llvm
- Add host-gcc and gcc >= 7.x dependency since clang doesn't build with gcc 6.3
[ 28%] Building CXX object utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/TableGen.cpp.o
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp: In instantiation of ‘{anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)> [with auto:2 = const llvm::SmallVector<clang::RISCV::PrototypeDescriptor>]’:
/usr/include/c++/6/bits/stl_algo.h:3769:5: required from ‘_Funct std::for_each(_IIter, _IIter, _Funct) [with _IIter = std::_Rb_tree_const_iterator<llvm::SmallVector<clang::RISCV::PrototypeDescriptor> >; _Funct = {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)>]’
output/host/include/llvm/ADT/STLExtras.h:1611:23: required from ‘UnaryFunction llvm::for_each(R&&, UnaryFunction) [with R = std::set<llvm::SmallVector<clang::RISCV::PrototypeDescriptor>, {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::Compare>&; UnaryFunction = {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)>]’
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp:249:64: required from here
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp:249:50: error: cannot call member function ‘void {anonymous}::SemaSignatureTable::insert(llvm::ArrayRef<clang::RISCV::PrototypeDescriptor>)’ without object
llvm::for_each(Signatures, [this](auto &Sig) { insert(Sig); });
^~~~~~
utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/build.make:313: recipe for target 'utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/RISCVVEmitter.cpp.o' failed
make[4]: *** [utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/RISCVVEmitter.cpp.o] Error 1
Indeed LLVM_TEMPORARILY_ALLOW_OLD_TOOLCHAIN is OFF, the CheckCompilerVersion.cmake
trigger an error if gcc < 7.x. Indded since llvm 15 this option check for C++17 [1]
The last gcc 7.x version (7.5) has been released in 2019.
Fixing llvm/clang issues for old compiler maybe it's not worth it.
- Remove LLVM_TEMPORARILY_ALLOW_OLD_TOOLCHAIN since
gcc >= 7 is mendatory.
When updating LLVM, we also need to update the version of
SPIRV_LLVM_TRANSLATOR because its CMakeLists.txt verifies the LLVM
base version [2].
The patch
package/llvm/0002-Add-missing-cstdint-header-to-Signals.h.patch has
been included in tag llvmorg-15.0.0 of llvm-project.
[1] https://github.com/llvm/llvm-project/commit/4c72deb613d9d8838785b431facb3eb480fb2f51
[2] https://github.com/KhronosGroup/SPIRV-LLVM-Translator/blob/5be08b8bb91fc6ca62857792c177bc7479e5e3db/CMakeLists.txt#LL82C6-L82C6
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To make version bumping easier, move libclc to a new llvm-project subfolder
and specify site for the project. Since the version of libclc is more
recent than the version specified in LLVM_PROJECT_VERSION, don't change
it for now until a later update.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
"stages" is curently not defined in the .gitlab-ci.yml file,
so the default pipeline stages are:
.pre
build
test
deploy
.post
Since any jobs specify a stage, all jobs are assigned the "test"
stage [1]. All other stages defined by default are not used in the
gitlab-ci pipeline, they remain hidden.
In order to introduce a new custom stage, add the "test" stage
explicitely.
[1] https://docs.gitlab.com/ee/ci/yaml/#stages
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, emulator builtin binaries are downloaded after the rootfs
build by each tests running the emulator (Qemu) on armv5 or armv7.
Due to download quota on the server hosting theses binaries [1]
some GitLab jobs are failing due to "Connection reset by peer" [2]:
ConnectionResetError: [Errno 104] Connection reset by peer
In a follow up commit, we'll add the possibility to download only once
all emulator builtin binaries to pass them as build artifacts.
As such, we will need to make sure that run-tests only download theses
binaries, and that it does not run the testsuite.
Add such a mode, with a new option, --prepare-only.
[1] http://autobuild.buildroot.net/artefacts
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/4409032417
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/b85/b85b64162b3889d96c713030b46401e3e0a9a4e2/http://autobuild.buildroot.net/results/fea/fea92e9c2a87a317675a7d0610c2ee467a373b69/
Since the bump to 3.0.9 with buildroot commit
3c66f65a6a the configure script of
(host-)libopenssl needs the FindBin perl module on the host:
Can't locate IPC/Cmd.pm in @INC (you may need to install the IPC::Cmd
module) (@INC contains: /home/buildroot/autobuild/instance-1/output-1/
build/host-libopenssl-3.0.9/util/perl /home/buildroot/autobuild/instance
-1/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/
perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 /home/buildroot/autobuild/instance-1/
output-1/build/host-libopenssl-3.0.9/external/perl/Text-Template-1.56/
lib) at /home/buildroot/autobuild/instance-1/output-1/build/host-lib
openssl-3.0.9/util/perl/OpenSSL/config.pm line 19.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance
-1/output-1/build/host-libopenssl-3.0.9/util/perl/OpenSSL/config.pm line
19.
As this is needed for both libopenssl and host-libopenssl (which does not
have a corresponding config symbol in the .config), we have to require it
unconditionally.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Rebase patches onto new version
Remove 0005-crypto-perlasm-ppc-xlate.pl-add-linux64v2-flavour.patch,
0006-Add-support-for-io_pgetevents_time64-syscall.patch, and
0007-Fixup-support-for-io_pgetevents_time64-syscall.patch as these are
already applied upstream
Updated license after switch to Apache license:
https://www.openssl.org/blog/blog/2021/06/17/OpenSSL3.0ReleaseCandidate/
[Bernd: fixed license file/hash]
Signed-off-by: Danny Wood <danny@rotronics.co.uk>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: update .checkpackageignore]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build is broken:
"It seems that you are using `distutils.command.build` to add
new subcommands. Using `distutils` directly is considered deprecated,
please use `setuptools.command.build`.
By 2023-Dec-13, you need to update your project and remove deprecated
calls or your builds will no longer be supported."
The last commit for this package occured on May, 30th, 2016.
The last issue was opened Jan, 31st, 2017 and was unanswered.
Fixes:
http://autobuild.buildroot.net/results/b57/b571d7838950e0b5ca67106cbcd9ba61b4f04a48/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- update docs/license.rst hash (removed duplicated BSD-3-Clause and
reference to LICENSE.rst, removed Artwork and reference to
artwork/LICENSE.rst)
- add new runtime dependency on python-blinker
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While at it remove Glibc from the test name since all Timezone
now use a Glibc toolchain.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch updates the default toolchain used for runtime tests. The
last time this toolchain was updated was in commit
0207a65323 3 years ago. Since then,
multiple things have changed:
Firstly, it used uclibc-ng as the libc whereas since commit
4057e36ca9, glibc is used as the default
library.
And secondly, since commit 531b2a10cd, buildroot
dropped the support for gcc 8 and it cannot be built internally anymore.
So the testsuite was executed using a toolchain that can't be built by
the Buildroot internal toolchain backend anymore.
This new Bootlin toolchain stable 2022.08-1 is based on gcc 11.3.0,
linux headers 4.9.327, glibc 2.35 and binutils 2.38.
The previous toolchain bleeding edge 2018.11-1 is based on gcc 8.2.0,
linux headers 4.14.80, uclibc 1.0.30 and binutils 2.31.1
Nowadays Bootlin toolchains are packaged in Buildroot and we can
directly select them from BASIC_TOOLCHAIN_CONFIG and avoid
setting the toolchain parameters (BR2_TOOLCHAIN_EXTERNAL_CUSTOM...).
The switch to Glibc requires to update some tests for the following
reasons:
- TestPython3Py, TestPython3Pyc and TestPython3PyPyc has been updated
since they use the libc binary file name in their test
(uClibc: libc.so.1 vs Glibc: libc.so.6).
- TestTmux needs at least one locale to pass (as stated in tmux help
text "tmux needs a working UTF-8 locale"), so use "C.UTF-8".
- TestOpenSsh needs a toolchain >= 5.x due to a openssh issue
(Similar to: https://bugs.busybox.net/show_bug.cgi?id=13671)
Use the Bootlin toolchain bleeding-edge 2022.08-1 rhat provide
kernel headers 5.4
- TestShadow needs a toolchain >= 4.14
Use the Bootlin toolchain bleeding-edge 2022.08-1 rhat provide
kernel headers 5.4
Runtime tested on the gcc farm server.
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will break the kernel build with the Bootlin stable
toolchain due to an latent issue.
Fixes:
arch/x86/entry/thunk_64.o: warning: objtool: missing symbol table
make[4]: *** [scripts/Makefile.build:361: arch/x86/entry/thunk_64.o] Error 1
make[4]: *** Deleting file 'arch/x86/entry/thunk_64.o'
make[4]: *** Waiting for unfinished jobs....
[fixed since kernel 6.0]
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=de979c83574abf6e78f3fa65b716515c91b2613d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the commit [1] already fixed some runtime issue with
uClibc toolchain, the same test TestPythonPy3Iptables fail
with Glibc toolchain.
xtables_version = 12
if xtables_version:
_searchlib = "libxtables.so.%s" % (xtables_version,)
else:
_searchlib = "xtables"
_lib_xtables, xtables_version = find_library(_searchlib)
_lib_xtables and xtables_version are null with glibc
The implementation of find_library() rely on the custom
_find_library() that try to use the IPTABLES_LIBDIR
environment variable (that does not exist in the context
of Buildroot).
Within the scope of buildroot we can determine what
IPTABLES_LIBDIR should be at build time and replace the
calls to os.environ.get('IPTABLES_LIBDIR', None) with
the correct value.
[1] d341ec0350
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.19.11 (released 2023-07-11) includes a security fix to the net/http package,
as well as bug fixes to cgo, the cover tool, the go command, the runtime, and
the go/printer package.
CVE-2023-29406 and Go issue https://go.dev/issue/60374
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This new Bootlin toolchain stable 2022.08-1 is based on gcc 11.3.0,
linux headers 4.9.327, glibc 2.35 and binutils 2.38.
Nowadays Bootlin toolchains are packaged in Buildroot and we can
directly select them from BASIC_TOOLCHAIN_CONFIG and avoid
setting the toolchain parameters (BR2_TOOLCHAIN_EXTERNAL_CUSTOM...).
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Take the basename of the appended DTBs to workaround the following problem:
(cd .../arch/arm/boot; for dtb in cirrus/ep93xx-edb9302
do if test -e ${dtb}.dtb ; then dtbpath=${dtb}.dtb
else dtbpath=dts/${dtb}.dtb ; fi
cat zImage ${dtbpath} > zImage.${dtb} || exit 1; done)
/bin/sh: line 1: zImage.cirrus/ep93xx-edb9302: No such file or directory
Necessary to support ARM Linux starting from commit 724ba6751532
("ARM: dts: Move .dts files to vendor sub-directories"), i.e. Linux v6.4+.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure:
/tmp/ccw5V2Ti.s: Assembler messages:
/tmp/ccw5V2Ti.s:2013: Error: selected processor does not support `itt gt' in Thumb mode
/tmp/ccw5V2Ti.s:2014: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2015: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2017: Error: selected processor does not support `it le' in Thumb mode
/tmp/ccw5V2Ti.s:2018: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2020: Error: selected processor does not support `it gt' in Thumb mode
/tmp/ccw5V2Ti.s:2021: Error: Thumb does not support conditional execution
Fixes:
http://autobuild.buildroot.net/results/3fc/3fc68f756cf1661673941c411c4a2477e901e361/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a helper class providing a template for testing data
compressor and decompressor programs such as gzip, bzip2, xz...
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build the am335x-bonegreen-wireless.dtb device tree.
The genimage script which is shared between beaglebone and
beaglebone_qt5 was updated to support the bonegreen-wireless.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removal requested via email:
could you somehow please remove me as maintainer from this package.
I am since many years not using builtroot anymore and have no longer
systems with which I could do patch requests.
I am going into retirement.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot always enable largefile support in the toolchain, and thus
the associated definitions are always on. This leads to a problem in
unzip that on a 32-bit arch with these flags being passed in
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
but the LARGE_FILE_SUPPORT define not being set will cause a size
mismatch on the comparison of the zipfiles:
$ unzip test.zip
Archive: test.zip
error: invalid zip file with overlapped components (possible zip bomb)
The simple solution is just enable LARGE_FILE_SUPPORT to enable large
file support. In order to avoid redefinition warnings, we undefine
_LARGEFILE_SOURCE and _LARGEFILE64_SOURCE.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the selection of the ahab container images for the imx8dxl
asics. The initial support assumed these were imx8 but this is
actually the imx8x architecture as well. This was fixed when run on
the first tests against the imx8dxl SoCs.
Files from upstream:
mx8dxla0-ahab-container.img
mx8dxla1-ahab-container.img
mx8dxlb0-ahab-container.img
The B0 revision should be considered the latest
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There was some imx SDMA firmware in the base linux-firmware package at
one time, but the firmware-imx is updated with the latest versions
from NXP releases.
This just ensures a dependency is set so that the firmware-imx package
will always come later in case an overlap occurs again.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed for upcoming Kodi version 21.0-Omega.
Depends on the previous patch to fix build error on Coldfire.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the NOTICE file has changed due to:
- Update in copyright year
- Addition of a BSD-2-Clause license, so no change from that perspective
Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed md5 hash.
Switch to new maintainer repo as indicated by metacpan.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Most rpi defconfigs use dtb overlays, but not rpi0 / rpi2 - Making it harder
to use overlays on those boards as the genimage files have to be tweaked.
To fix this, create the rpi-firmware/overlays directory in the post-build
script if needed and unconditionally include it in the genimage files so
rpi0/rpi2 works consistently with the other variants.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit 0e82c360942907f5a2f379e64e0d211aaff80774 (and since release
2.10.1), a new variable called PYBIND11_PYTHONLIBS_OVERWRITE was introduced
and set to ON by default.
According to comment before this option:
"Overwrite cached values read from Python library (classic search). Turn off if
cross-compiling and manually setting these values."
In buildroot's context this option must be disabled to keep variables
provided by buildroot and lib/app.
Fixes:
- http://autobuild.buildroot.net/results/7423df5db5237d94bb49e32698828d4fe470e39b/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes uboot build errors:
In file included from tools/imagetool.h:24,
from tools/aisimage.c:7:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
1383 | # include <openssl/evp.h>
|
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumping libssh2 to 1.11.0 with buildroot commit
af87ad197c
causes build errors with libcurl due to "-R" being added to libssh2.pc.
Quoting autobuilder build-end.log
checking for recv... no
configure: error: Unable to link function recv
Quoting autobuilder libcurl-8.1.2/config.log
arc-buildroot-linux-uclibc-gcc.br_real: error: unrecognized command-line option '-R'
Fixes:
http://autobuild.buildroot.net/results/78f/78ffda92d51f8abdbcef93f968ace432d0d44979/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 3b2913552e (package/python-setuptools: add missing dependency on
host-python-wheel) adding the select of the runtime, as a last-minute
fixup.
However, there is no target python-wheel package; it is a host-only
package, leading to sainty-check failures:
$ make check-symbol
package/python-setuptools/Config.in:5: BR2_PACKAGE_PYTHON_WHEEL referenced but not defined
Srop the select. If there was a rationale for actually having
python-wheel on the target, it's going to need a bit more.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In the case of bluetooth audio thet incoming audio stream will be
coming from bluetooth devices at varying sample rates like (44.1, 48,
96, 192 kHz) and the odds of a sound device matching that samplerate
exactly is a bit slim. So in the case of a bluez audio playback the
system will need to do a samplerate conversion.
Thus when enabling bluez-alsa and the alsa plugins select libsamplerate
to support the shift from the incoming samplerates to an often fix-rated
audio device.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While migrating to pep517 build backend the host-python-wheel
dependency has been added to host-python-setuptools but
not to python-setuptools. Note that host-python-wheel is not really
needed during the build of (target) setuptools, but the setup.py script
checks if the dependency is present in the host directory.
To make everything consistent, add host-python-wheel as a build
dependency, and BR2_PACKAGE_PYTHON_WHEEL as a runtime dependency.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4537951715
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
[Arnout: also add runtime dependency on the target package.]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Now that 2.40.x has been added, that 2.39.x is the default version,
drop support for 2.37.x.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_BINUTILS_GPROFNG was made available for known supported versions
only (binutils 2.39 at this point). As all new versions of binutils
support gprofng, it makes sense to invert the logic, and instead make
BR2_BINUTILS_GPROFNG not available with old binutils versions.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use pidfile for more accurate process match
- Fix coding style issues to be able to drop a problem reported by
check-package on missing variables
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
Tested with qemu_aarch64_virt_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
Tested with qemu_arm_vexpress_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is bugfix release of stable libmdbx branch,
on the day of international children's camp «Artek».
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
The most significant fixes of v0.12.7:
- added workaround for build issues with modern GCC using `-m32 -arch=i686 -Ofast`.
- fixed the cause of the false-positive warning of modern GCC in the C++ API.
- refined DB opening in "recovery" mode and switching to a given meta-page.
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the comment out of the if-clause and include the python3 dependency
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_riscv_custom should only contain the basic I extension. The A
extension should be optional and selected by board configs.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With upstream commit ae2d9506a36c ("riscv: sifive: Rename fu540 board to unleashed")
in U-Boot v2021.07 release, the defconfig for SiFive Unleashed board
has been changed to sifive_unleashed_defconfig.
Also newer U-Boot has deprecated the usage of SPL_FIT_GENERATOR
to generate u-boot.itb hence there is no 'u-boot.itb' target in
the U-Boot Makefile anymore. Instead binman is used to assemble
the u-boot.itb image.
We will need to switch to BR2_TARGET_UBOOT_FORMAT_CUSTOM for
installing u-boot.itb.
Switch over to use the latest U-Boot v2023.04 release.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
libtiff package. A specially crafted tiff file can lead to an
out-of-bounds read in the extractImageSection function in
tools/tiffcrop.c, resulting in a denial of service and limited information
disclosure. This issue affects libtiff versions 4.x.
- CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
- CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
has a heap-based use after free via a crafted TIFF image
Drop the now upstream
0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 9d58b525fc the newline at the
end got accidentally removed. Commit
fd6b334269 re-added the newline, but
accidentally added an empty line as well. Remove the empty line.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The alsa-utils will remove and create the /usr/share/alsa dir
as a whole and since the alsa plugins needs to add config into
this same directory it should come after those install steps.
Also, the bluez alsa needs the plugins installed to find them
during the configuration phases - so, interlock the plugins
when configured.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In commit 9d58b525fc the newline at the
end got accidentally removed. Re-add it.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libcgroup depends on fts API which is missing in musl and uClibc
and provided by musl-fts package.
This patch makes libcgroup dependent on musl-fts for
non-glibc configurations.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following security issues:
- CVE-2023-34969: Fix an assertion failure in dbus-daemon when a privileged
Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or
similar) is active, and a message from the bus driver cannot be delivered
to a client connection due to <deny> rules or outgoing message quota.
This is a denial of service if triggered maliciously by a local attacker.
- Fix an incorrect assertion that could be used to crash dbus-daemon or
other users of DBusServer prior to authentication, if libdbus was compiled
with assertions enabled.
For details, see the NEWS file:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Right now there is a LICENSE file included in the package, so use it for
license validation.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Now that all dependencies of host-python-setuptools no longer
use setuptools as a build backend we can now migrate setuptools
itself to the pep517 build backend.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This will be required for upcoming setuptools pep517 support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
We overrode the default in 4386bbdf08 to
work around target shebang bug, as this issue no longer appears to be
present lets revert back to the local version as this is what will be
use in the future when distutils is removed from the python stdlib.
Tested with:
$ support/testing/run-tests -d dl -o output_folder -k tests.package.test_ipython.TestIPythonPy3
15:43:26 TestIPythonPy3 Starting
15:43:27 TestIPythonPy3 Building
15:49:35 TestIPythonPy3 Building done
Downloading to /home/buildroot/buildroot/dl/tmp_iyk_fn6
Renaming from /home/buildroot/buildroot/dl/tmp_iyk_fn6 to /home/buildroot/buildroot/dl/kernel-versatile-5.10.7
Downloading to /home/buildroot/buildroot/dl/tmpokk23l2z
Renaming from /home/buildroot/buildroot/dl/tmpokk23l2z to /home/buildroot/buildroot/dl/versatile-pb-5.10.7.dtb
15:50:04 TestIPythonPy3 Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 398.709s
OK
$ head -n 1 output_folder/TestIPythonPy3/target/usr/bin/ipython
#!/usr/bin/python
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Other changes:
- Remove 0002-plc-plc.h-fix-build-with-gcc-10.patch as
related MR https://github.com/qca/open-plc-utils/pull/141
has been merged.
Notable changes since last version:
- Drop privileges after opening the channel file descriptor
- Remove all checks for root permissions
- Add chip identification for QCA7006AQ
Signed-off-by: Kai Stuhlemmer (ebee Engineering) <kai.stuhlemmer@ebee.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Currently there is no explicit way to enable/disable the adaptivedemux2
plugin. Create a menu entry allowing users to disable or enable the plugin,
like we have for other features.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr: use plugin name in prompt, drop useless help]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Select BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following
build error:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
Reported-by: Jan-Benedict Glaw <jbglaw@lug-owl.de>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update 002-vc4-add-meson-option-to-disable-optional-neon-suppor.patch to
fix an syntax error introduced by commit 'package/{mesa3d, mesa3d-headers}:
bump version to 23.1.0' ([1])
Fixes:
.../build/mesa3d-23.1.2/src/gallium/drivers/vc4/meson.build:87:76: ERROR:
Trying to compare values of different types (UserFeatureOption, str) using !=.
This was deprecated and undefined behavior previously and is as of 0.60.0 a hard error.
[1] https://git.buildroot.net/buildroot/commit/?id=e6203db11ed40122a2d9f29012db5683a7eb10d0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
E-mails are bouncing:
<jose.pekkarinen@unikie.com>: host ASPMX.L.GOOGLE.com[74.125.133.26] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0b9efc991f ("linux: use BR2_MAKE") switched LINUX_MAKE to
$(BR2_MAKE). However, this also implicitly sets LINUX_KCONFIG_MAKE.
Thus, when host-make is being used in a build that has
PER_PACKAGE_DIRECTORIES enabled, the dotconfig step will try to use the
make instance from the host directory, but since it is not listed in
LINUX_KCONFIG_DEPENDENCIES, it won't be available yet at that point in
time.
Add an explicit dependency to LINUX_KCONFIG_DEPENDENCIES to have it
copied over early enough.
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following security issues:
- CVE-2023-32067: High. 0-byte UDP payload causes Denial of Service
- CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS
query IDs
- CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
- CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during
cross compilation
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The autoconf-build system fails to properly detect vsnprintf
checking for vsnprintf... yes
checking whether vsnprintf is C99 compliant... no
which leads to a build error
snprintf.c:495:1: error: inlining failed in call to 'always_inline'
'rpl_vsnprintf.localalias': function not inlinable
Building with cmake fixes the problem:
-- Looking for vsnprintf
-- Looking for vsnprintf - found
The cmake build system has an option to disable checkmk, so we don't
need to remove it from target anymore.
Fixes:
http://autobuild.buildroot.net/results/e55/e5562513226de902dae642526165b1555a540144/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
hwdata provides a .pc file, which other packages can look up to find the
location where hwdata files are, and use them at build time.
This is the case for the upcoming libdisplay-info package, which
requires the hwdata's PNP IDs at build time.
However, installing the .pc file is not enough. Indeed, meson (which
libdisplay-info uses) will look for the corresponding data files in
datadir, which it locates relative to the sysroot, which is our staging.
So, we also need to install the hwdata files in staging.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream ChageLog, summary:
- Add wildcard support for Cloudflare
- New DDNS providers from DD-WRT;
- goip.de
- myonlineportal.net
- desec.io (a.k.a. dedyn.io)
- domaindiscount24.com
- dy.fi
- do.de (Domain-Offensive)
- Domopoli.de
- inwx
- It's DNS
- Joker.com
- all-inkl.com
- core-networks.de
- dnsever.com
- dnshome.de
- dnsmadeeasy.com
- dnsmax.com
- schokokeks.org
- variomedia.de
- udmedia.de
- moniker.com
- dyndns.it
- infomaniak.com
- oray.com
- simply.com
- mydns.jp
- myonlineportal.net
- namecheap.com
- regfish.de
- twodns.de
- Support for updating both ipv4 and ipv6 address for same provider
- Add new command line options -L and -S NAME to list supported
providers and their respective details
- Add 'success' as a valid generic response to DNS update
- Fix use after free in logger at inadyn exit
- Use dynv6 'auto' IP only if we have not detected an address
- Replace unstable api.ipify.org with http://ifconfig.me
- Fix default checkip server for dnsexit.com
- Fix easydns response code problem
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop no longer required host-python-setuptools-scm and
host-python-toml dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Removed md5 hash, switched _SITE to https.
Updated license hash due to copyright year bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Rebased two patches.
Changelog:
https://docs.python.org/release/3.11.4/whatsnew/changelog.html#python-3-11-4
Fixes the following security problems:
- gh-99889: Fixed a security in flaw in uu.decode() that could allow for
directory traversal based on the input if no out_file was specified.
- gh-104049: Do not expose the local on-disk location in directory
indexes produced by http.client.SimpleHTTPRequestHandler.
- gh-102153: urllib.parse.urlsplit() now strips leading C0 control and
space characters following the specification for URLs defined by WHATWG
in response to CVE-2023-24329. Patch by Illia Volochii.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Python-docker needs a working docker setup to do anything useful, so add it
to the existing docker_compose (which tests docker and docker-compose)
rather than adding a completely new test.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d680db0ba7 (package/python-docker: bump to version 6.0.1) forgot
to add the new dependency on python-packaging, leading to runtime errors:
import docker
File "/usr/lib/python3.11/site-packages/docker/__init__.py", line 2, in <module>
File "/usr/lib/python3.11/site-packages/docker/api/__init__.py", line 2, in <module>
File "/usr/lib/python3.11/site-packages/docker/api/client.py", line 10, in <module>
File "/usr/lib/python3.11/site-packages/docker/auth.py", line 7, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/__init__.py", line 3, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/decorators.py", line 4, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/utils.py", line 9, in <module>
ModuleNotFoundError: No module named 'packaging'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
defconfig fragment to reproduce the issue:
BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET=y
BR2_PACKAGE_QEMU=y
BR2_PACKAGE_QEMU_SYSTEM=y
ERROR: Problem encountered: fdt not available but required by targets
aarch64-softmmu, arm-softmmu, i386-softmmu, loongarch64-softmmu,
microblaze-softmmu, microblazeel-softmmu, mips64el-softmmu,
nios2-softmmu, or1k-softmmu, ppc-softmmu, ppc64-softmmu,
riscv32-softmmu, riscv64-softmmu, rx-softmmu, x86_64-softmmu
Commit [1] select BR2_PACKAGE_QEMU_FDT for each individual emulator targets
but forgot to select is when BR2_PACKAGE_QEMU_CHOOSE_TARGETS is not set
(building for all targets).
Fixes:
http://autobuild.buildroot.org/results/e44/e444a02b899d325a9d99daed96b8cb96108383e7
[1] 44be514b21
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Carlos Santos <unixmania@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop local patch that has been upstreamed but add a new one to fix build
failure:
../meson.build:180:12: ERROR: Can not run test applications in this
cross environment.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
1.3.39:
- oss-fuzz: Several security fixes originating from oss-fuzz testing.
- ALL: Replace strcpy() with strlcpy(), replace strcat() with strlcat(),
replace sprintf() with snprintf(). Prefer using bounded string functions.
This change is made for the purpose of increasing safety than to address
any existing demonstrated concern.
1.3.40:
- DCX: Fixed heap overflow when writing more than 1023 scenes, and also
eliminated use of uninitialized memory.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Peter: mark as security fix, extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/293/2936d9b054269b7055e66ab5a7f7c1f7f4926d48/
Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:
../bisonflex/cmdoptions.yy.cpp: In member function 'virtual int CO::FlexScanner::yylex()':
../bisonflex/cmdoptions.yy.cpp:1362:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream<char>'} and 'std::istream*' {aka 'std::basic_istream<char>*'})
Fix it by using normal local includes (#include "") instead.
Notice: This was already fixed on master, but the cmdoptions.yy.cpp and
reginit.yy.cpp hunks were accidentally dropped when the changes were
squashed for the 2023.1 release.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some packages (e.g. libjxl) requires a quite recent cmake version,
that is not yet available in most distributions, especially those
LTS versions.
Currently, when we bump the minimum cmake version we require, it gets
bumped for all packages, regardless of their own minimum required
version, which means that a given configuration will trigger the
build of our host-cmake even if the packages that require it are not
enabled and those that are would be content with the system-provided
cmake.
Since host-cmake can take quite some time to build, this can get a
bit annoying to pay the price of a host-cmake build that would
otherwise not be needed.
Some packages even use an alternative build system when available
since they requires a more recent version of cmake than the our
minimum cmake version
(wpewebkit use Ninja: 78d499409f).
We introduce config options that packages can select to indicate
what minimal cmake version they require, and use that version as the
required minimal version required by the current configuration [0].
We would like to ensure that the currently selected minimum cmake
version is indeed lower (or equal) to the cmake version we package,
but that is not possible: dependencies.mk is parsed before we parse
packages, so we do not yet know the cmake version we have, and we
can't invert the parsing order as we need to know the required
dependencies before we parse packages (so that we can build their
dependency rules in Makefile). So we can only add comments in both
places, that refer to the other location.
[0] note that this is yet not optimal, as in such a case, host-cmake
would be in the dependency chain of all cmake-based packages, even
for those packages that do not require it. The optimum would be for
each package to gain such a dependency on an as-needed basis, but
this is by far more complex to achieve, and would only speed up
cases where a single package is built from scratch (e.g. with:
make clean; make foo), which is not worth optimising (yet?)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Julien Olivain <ju.o@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- cmd/go: cgo code injection
The go command may generate unexpected code at build time when using cgo.
This may result in unexpected behavior when running a go program which
uses cgo.
This may occur when running an untrusted module which contains directories
with newline characters in their names. Modules which are retrieved using
the go command, i.e. via "go get", are not affected (modules retrieved
using GOPATH-mode, i.e. GO111MODULE=off, may be affected).
Thanks to Juho Nurminen of Mattermost for reporting this issue.
This is CVE-2023-29402 and Go issue https://go.dev/issue/60167.
- runtime: unexpected behavior of setuid/setgid binaries
The Go runtime didn't act any differently when a binary had the
setuid/setgid bit set. On Unix platforms, if a setuid/setgid binary was
executed with standard I/O file descriptors closed, opening any files
could result in unexpected content being read/written with elevated
prilieges. Similarly if a setuid/setgid program was terminated, either
via panic or signal, it could leak the contents of its registers.
Thanks to Vincent Dehors from Synacktiv for reporting this issue.
This is CVE-2023-29403 and Go issue https://go.dev/issue/60272.
- cmd/go: improper sanitization of LDFLAGS
The go command may execute arbitrary code at build time when using cgo.
This may occur when running "go get" on a malicious module, or when
running any other command which builds untrusted code. This is can by
triggered by linker flags, specified via a "#cgo LDFLAGS" directive.
Thanks to Juho Nurminen of Mattermost for reporting this issue.
This is CVE-2023-29404 and CVE-2023-29405 and Go issues
https://go.dev/issue/60305 and https://go.dev/issue/60306.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch cleans up board/zynqmp shellcheck issues.
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: wrap long lines, use quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch cleans up board/zynq shellcheck issues.
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: use ${} for variables, quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes
(see https://github.com/redis/redis/blob/7.0/00-RELEASENOTES):
================================================================================
Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT command to create
an invalid hash field that will crash Redis on access
...
================================================================================
Redis 7.0.10 Released Mon Mar 20 16:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial-of-service
...
================================================================================
Redis 7.0.9 Released Tue Feb 28 12:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion
and termination of the Redis server process.
* (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
crafted pattern to trigger a denial-of-service attack on Redis, causing it to
hang and consume 100% CPU time.
...
================================================================================
Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
commands can drive Redis to OOM panic
* (CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
commands can lead to denial-of-service
...
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And restore support for MIPS64, which is supported by Lightning.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The commit f69c972ae6 (support/testing/tests/package/test_kexec.py:
new runtime test) was tested locally with a qemu version (>= 7.x) more
recent than the one available in our buidroot/base Docker image (5.2).
As a consequence, that test fails to run in gitlab-ci as reported by [1].
Remove "dtb-kaslr-seed=off" from the Qemu command line and pass
a custom devicetree to qemu virt machine. This devicetree is
based on qemu aarch64 5.2 dts with kaslr-seed set 0.
The qemu aarch64 devicetree has been exported [2] and updated with the
following method:
qemu-system-aarch64 -machine virt -machine dumpdtb=qemu-aarch64-virt-5.2-machine.dtb
dtc -I dtb qemu-aarch64-virt-5.2-machine.dtb > qemu-aarch64-virt-5.2-machine.dts
edit the dts and replace kaslr-seed parameter by "kaslr-seed = <0 0>;"
As soon as our buidroot/base Docker image is updated and a newer qemu version
is available, we can safely revert this change and use the initial method.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819092
[1] http://lists.busybox.net/pipermail/buildroot/2023-May/668091.html
[2] https://u-boot.readthedocs.io/en/latest/develop/devicetree/dt_qemu.html#obtaining-the-qemu-devicetree
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes:
http://autobuild.buildroot.net/results/37e5075a5c790d5c96bdc72c44d4362a16ae00bb/
Commit b41ff7dd46 (package/sdl2_net: bump version to 2.2.0) forgot to
update the license hash / filename, breaking the build.
Upstream renamed COPYING.txt to LICENSE.txt, changed white space and updated
the copyright years, so update the hash to match:
diff -uw sdl2_net-2.0.1/COPYING.txt sdl2_net-2.2.0/LICENSE.txt
--- sdl2_net-2.0.1/COPYING.txt 2016-01-03 08:57:09.000000000 +0100
+++ sdl2_net-2.2.0/LICENSE.txt 2022-08-17 18:55:22.000000000 +0200
@@ -1,6 +1,4 @@
-/*
- SDL_net: An example cross-platform network library for use with SDL
- Copyright (C) 1997-2016 Sam Lantinga <slouken@libsdl.org>
+Copyright (C) 1997-2022 Sam Lantinga <slouken@libsdl.org>
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
@@ -17,4 +15,4 @@
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
-*/
+
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bump to 11.4.0 in commit f1e3d02cd4 missed
0001-or1k-Add-mcmodel-option-to-handle-large-GOTs.patch, so add it back
again to keep checkpackage happy.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
'earlyoom --help' still says 'earlyoom 1.6' though it's already
version 1.7. '-DVERSION' flag value should be either unhardcoded,
either updated with each package version bump.
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
'/etc/init.d/S02earlyoom start' simply prints 'OK' instead of
'Starting earlyoom: OK' because of a typo in the printf function call.
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
earlyoom.mk file explicitly sets 'PREFIX=/usr', and the init script
fails to start earlyoom because of a nonexistent executable path:
# /etc/init.d/S02earlyoom start
start-stop-daemon: unable to stat /bin/earlyoom (No such file or directory)
FAIL
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
perl-clone is a new mandatory dependency of perl-http-message v6.44
that is already available in Buildroot since commit [1].
[1] 79e8aad721
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The commit [1] removed setuptools from runtime dependencies
"Drop spurious setuptools runtime dependency.". Since then
the test TestPythonPy3Can fail with the following error:
ModuleNotFoundError: No module named 'pkg_resources'
Add back setuptools to provide "pkg_resources".
Fixes
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819285
[1] 09c966af73
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 6.2.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 3.2.0, libwebsockets does not compile its external loop
support code anymore. That code was put under LWS_WITH_EXTERNAL_POLL
compile option, which defaults to OFF.
Applications relying on that support need to turn that option on, so
let's add it to the package.
For example, when libwebsockets is enabled, mosquitto broker is built
with websocket support, but its code requires LWS_WITH_EXTERNAL_POLL
to be on, otherwise it gives compile-time warning hinting to unusable
websocket support:
https://github.com/eclipse/mosquitto/commit/1b24f625ea4ee77f3c4796ec2233d059f8c7977e
Signed-off-by: Luca Pesce <luca.pesce@vimar.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"Toolchain prefix" option apparently doesn't have any help describing
it, which causes confusion when using external toolchain. Leaving this
option at default prefix name ("$(ARCH)-linux") when external toolchain
components are called with different prefix (e.g.
"$(ARCH)-unknown-linux-gnu") may cause build failure unless the prefix
symlink is already in place (e.g. when using Buildroot-generated
toolchain as external toolchain).
Describe the option to clarify.
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add upstream patch to fix host compile error on openSUSE Tumbleweed
(gcc-13.0.1).
Fixes:
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:117:8: error: variable or field ‘CleanupOnSignal’ declared void
117 | void CleanupOnSignal(uintptr_t Context);
| ^~~~~~~~~~~~~~~
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:117:24: error: ‘uintptr_t’ was not declared in this scope
117 | void CleanupOnSignal(uintptr_t Context);
| ^~~~~~~~~
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:18:1: note: ‘uintptr_t’ is defined in header ‘<cstdint>’; did you forget to ‘#include <cstdint>’?
17 | #include <string>
+++ |+#include <cstdint>
18 |
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The br-arm-internal-glibc.config used to be generally used as a configuration
to test the bleeding edge versions of components. However, it has been
lagging behind somewhat and produce invalid configuration since binutils 2.36
removal in d08639e6b9e5... so let's bring it up-to-date:
- Binutils 2.39.x
- GCC 12.x
Since Buildroot 2022.02, the autobuilders doesn't use the csv file anymore
but the test-pkg script still use it.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch bumps the zynq_zed_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_microzed_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_zc706_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps bootgen to version xilinx_v2023.1.
The patch for build machines with modern flex is no longer needed.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
179ae2f ("package/tzdata: bump version to 2023c") forgot to update the
URL of the hash files.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's also switch to a _SITE that can be accessed from a web browser and
results to be the official one for mmc-utils.
The license file we use is a header, so it changes every now and then,
even when the licenins terms do not. Switch to using README instead, as
it identifies the license (albeit just by name, b ut that's enough for
us), which is still GPL-2.0 (only).
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: switch to README]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
https://gitlab.gnome.org/GNOME/gtkmm/-/blob/3.24.7/NEWS
README [0] states:
It's easiest to build with Meson, if the tarball was made with Meson,
and to build with Autotools, if the tarball was made with Autotools.
Then you don't have to use maintainer-mode.
How do you know how the tarball was made? If it was made with Meson,
it contains files in untracked/gdk/gdkmm/, untracked/gtk/gtkmm/ and
other subdirectories of untracked/.
This is the case, therefore switch to meson build system.
gtkmm3 tries to detect if X11 is enabled for gtk.
Switch to explicit definition to be safe.
Also disable tests and demos.
[0]: https://gitlab.gnome.org/GNOME/gtkmm/-/blob/3.24.7/README
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
tzdata and tzcode (for zic) are released in lock-step, as they go
together, so we update both simultaneously.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For change log, see:
https://octave.org/NEWS-8.html
Notable changes in this commit:
- the package patch was rebased and updated for this new version
- a comment in .hash file about signature verification is added
- the pcre dependency is replaced by pcre2, following the upstream
package recommendation and preference. See:
https://octave.org/NEWS-8.html#general-improvements
This change also adds the host-pkgconf as a dependency.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Switch to tar.xz as the package is not distributed as a .bz2 any longer.
- Update the sha256sum of the license file, as it has been updated to
include the following text:
"Original author of nftables distributed the code under the terms of the
GPL version 2 *only*. New code though is moving to GPL version 2 or any
later which is the preferred license for this project these days."
The author has also changed from Patrick McHardy <kaber@trash.net> to
Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also: Switch to tar.xz as the package is not distributed as a .bz2 any longer.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also remove the last two '*_IGNORE_CVES', since the corresponding
patches have been removed (they are now part of upstream) in
1fb64680bf.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[yann.morin.1998@free.fr: move dropping CVE ignores into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Back in commit 1fb64680bf (package/mupdf: bump to version 1.20.3), we
no longer carry the two patches that were fixing two CVEs. But the
commit forgot to rop the exclusion of those two CVEs.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[yann.morin.1998@free.fr: offload to its own commit, write commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It appears that python-pymupdf needs swig when building since mupdf
was bumped to 1.18.0 in commit
f00da714a2. This was not noticed before
because when building on a machine where swig is already available
outside buildroot, it is used and the build succeeds.
This fixes the following build failure:
swigging fitz/fitz.i to fitz/fitz_wrap.c
swig -python -w509 -o fitz/fitz_wrap.c fitz/fitz.i
error: command 'swig' failed: No such file or directory
make: *** [package/pkg-generic.mk:293:
/home/buildroot/autobuild/instance-2/output-1/build/python-pymupdf-1.21.1/.stamp_built]
Error 1
Fixes:
- http://autobuild.buildroot.net/results/c689a385d984b87b63f3f2ff30338049774b1bf2
- http://autobuild.buildroot.net/results/cf268d3631330a8288fb8ad2af009abb7f1ca6b0
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the current python-botocore version, the test times out on
machines on which it was passing with previous versions. Increase the
timeout so that the test can be run without using a timeout
multiplier.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Board support package includes the following components:
- mainline Linux kernel 5.15.108
- mainline U-Boot 2023.04
- default packages from buildroot
Note: There is a problem in u-boot display management. It should display
the ST microelectronics logo but "noise" is displayed (like when running
the command dd if=/dev/urandom of=/dev/fb0 in Linux). I also tried to
change version (even the first version in which this feature was
introduced), but without success. Despite this I decided not to disable
the video management configuration to remind us that it needs to be
fixed :).
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Link: https://www.st.com/en/evaluation-tools/32f769idiscovery.html
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel is built without network support. It is useless to compile the
package and then remove it from rootfs.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Same version as NXP release 6.1.1-1.0.0
- Tested on Nitrogen8MP device with Weston (DRM backend) as follows:
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop local patches since they have been upstreamed but add a new local
patch already upstreamed that checks for libevent and sqlite since with the
adding of reexport they became mandatory. This is because it's not possible
to disable reexport.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It is quite customary to use a single repository with multiple workdirs,
one for each active branch, with either the aging 'git new-workdir' or
the more recent 'git worktree'.
However, in a workdir/worktree, most entries in .git/ are only symlinks
to the actual files in the main repository.
Currently, utils/docker-run only bind-mounts the current working copy.
If that is a workdir/worktree, then it is going to be missing the actual
git data, resulting in errors like:
$ ./utils/docker-run make check-package
fatal: not a git repository (or any parent up to mount point [....]/buildroot)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
No files to check style
make: *** [Makefile:1257: check-package] Error 1
So, we also bind-mount the actual git directory. If that is a subdir
of the current working copy, then it is already mounted and thus the
bind-mount is superfluous but harmless; for simplicity, we mount it
unconditionally.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
When an ignored file is removed (e.g. a package patch is no longer
needed after a version bump), the corresponding entry in the ignore list
is no longer needed.
However, we currently only validate that an ignored *test* still fails,
not that a ignore files is now missing.
Add a new test to check-package that does that check, and add a
test-case for that check.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
For various reasons, like debugging or compliance, it is important to
identify what br2-external trees versions were used for a specific
build.
Add a Kconfig option that contains the version as computed by
support/scripts/setlocalversion; this will appear in the .config file
(but not in defconfig files, which is what we want).
Also generate that variable on the .mk side, so that it gets properly
exported in the environment, for post-build of post-iamge scripts to use
as they see fit (like, ensuring there is no dirtyness when in a CI for
example).
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the list of external trees is a private variable, but for
debugging or compliance, one may need to get that list.
Add a Kconfig option so that the list appears in the .config file, and
export the already existing .mk variable in the environment, so that
post-build or post-image scripts can use it.
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The iproute2 package requires MMU support, and the BusyBox "ip link"
command does not handle CAN interfaces. The rtnl-link-can application,
added by applying the upstream patch, allows for the use of CAN devices
even on such systems.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Systems that lack a MMU cannot use fork() to create the child process.
The added upstream patch does not compile the affected programs on
MMU-less systems.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable ipam/host-local, ipam/static, and main/tap.
Note: main/tap is new as of cni-plugins 1.3.0.
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Most of the tools are useful only on virtualization hosts. After the
upgrade to QEMU 7.2.0, it is possible to build only quemu-ga, which
makes more sense when we build guest VM images.
Also do not build the other tools by default if none of the emulators is
selected, since the user does not necessarily wants them. Ideally, it
should not be possible to select qemu without selecting at least one of
the subcomponents but it is hard to guess what the user wants.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit d06dca38bb (linux: cleanup
kconfig fixup processing) moved the initramfs setup out of an
enclosing statement but kept the closing bracket.
Remove the extra bracket to fix a syntax error in sed processing.
Fixes:
>>> linux 6.4-rc1 Updating kernel config with fixups
/bin/bash: -c: line 1: syntax error near unexpected token `)'
/bin/bash: -c: line 1: `/usr/bin/sed -i -e '/^\(# \)\?CONFIG_INITRAMFS_ROOT_GID\>/d' /home/data/buildroot.experimental/build/linux-6.4-rc1//.config && echo 'CONFIG_INITRAMFS_ROOT_GID=0' >> /home/data/buildroot.experimental/build/linux-6.4-rc1//.config)'
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The toolchain-builder project reported an issue with Qemu 7.2.0 for
x86-core2--glibc--bleeding-edge toolchain [1]:
Run /sbin/init as init process
random: fast init done
EXT4-fs (vda): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: disabled.
Starting syslogd: OK
traps: syslogd[52] general protection fault ip:b7e21465 sp:bfe59e6c error:0 in libc.so.6[b7d9b000+123000]
Starting klogd: OK
traps: klogd[56] general protection fault ip:b7e94465 sp:bf8f069c error:0 in libc.so.6[b7e0e000+123000]
Running sysctl: traps: logger[62] general protection fault ip:b7e48b6c sp:bfd7d194 error:0 in libc.so.6[b7e05000+123000]
Segmentation fault
traps: logger[64] general protection fault ip:b7dd3b6c sp:bf9b8604 error:0 in libc.so.6[b7d90000+123000]
Segmentation fault
(Followed by a kernel panic.)
Testing with the pevious Qemu release (7.1.0) allows to boot the system without any problem.
Building qemu sources between 7.1.0 and 7.2.0 allows to identify the first "bad" commit [2] and
report to the Qemu project [3].
Thanks to Qemu maintainers review, several issues was noticed:
"The default i386 busybox build config does not respect glibc's requirements around stack alignment
(see [4] for previous discussions and a workaround)."
Disabling CONFIG_STACK_OPTIMIZATION_386 option (as suggested in the Gentoo bug report) fixed the issue!
This option has been added and enabled by default in buxybox 1_29_0, so it was used since then the for
Buildroot's qemu defconfig.
Note: The x86-i686--glibc--bleeding-edge (generic x86) doesn't trigger the issue with
CONFIG_STACK_OPTIMIZATION_386 enabled.
Fixes:
https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/3731683337
[1] https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/3731683337
[2] https://gitlab.com/qemu-project/qemu/-/commit/958e1dd1300f37f18b2161dfb4eb806fc8c19b44
[3] https://gitlab.com/qemu-project/qemu/-/issues/1478
[4] https://bugs.gentoo.org/725674
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
According to release notes from Microchip, this fixes a memory
leak in AP modes, fixes a failure with an undisclosed but specific
AP, and re-certified with WFA for WILC1000.
Signed-off-by: Kris Bahnsen <kris@embeddedTS.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream patch in package/refpolicy/2.20221101 that makes dbus optional
for the mount interface. The patch must go in the 2.20221101 directory or else
the build system will automatically attempt to apply the patch to a custom git
version of refpolicy if chosen.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In addition:
- Refresh 0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
- Update COPYING hash as the license file has been rewritten for clarity.
However, the licenses have not been changed.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also:
- Change the license file to LICENSE. The hash remains the same.
- Add 0001-python-sepolgen-fix-ausearch-path.patch as audit 3.1
installs ausearch to /usr/sbin not /sbin
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: rewrite 0001 into an upstreamable patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- libselinux now requires pip, just to perform the install of the python
bindings; it still uses setuptools to do the actual build;
- rebase patches for version 3.5;
- backport a fix for the install of the python bindings.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- backport upstream patch to fix installation of python bindings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some packages, like libselinux, use pip to perform the installation step
of their python bindings. Those packages do have to use our host python
when building, so that it matches the target python.
So we need to have a host variant of pip that is usable with our host
python.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If rst2html5 is installed on a host system, meson will attempt to build
html5 documentation from the docs directory, resulting in the following
error:
/usr/local/bin/rst2html5.py
Traceback (most recent call last):
File "/usr/local/bin/rst2html5.py", line 27, in <module>
from docutils.core import publish_cmdline, default_description
ModuleNotFoundError: No module named 'docutils'
Backport an upstream that guards the build of the html documentation
behind the existing ds_doc condition, which we already disable in
Buildroot.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- as pointed out by James, backport an upstream commit rather than
carry an non-upstreamable patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2dff6e93ca (package/readline: add upstream patch to fix crash
with invalid locale specification) fixed a regression in readline 8.2
[0], that could have been caught with a runtime test. readline is a
library, so we need an executable that exercises readline.
Since readline and bash are developped in tandem [1], it is only logical
to use bash to test readline.
Add a new runtime test for bash, that checks that we can indeed run an
interactive shell, and that an non-existing locale does not cause the
dreaded segfault. We do not use the default configuration, because it
uses a uclibc toolchain, and we want to reproduce against a glibc one.
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021109
[1] https://tiswww.case.edu/php/chet/readline/rltop.html#Bugs
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This casues build failures:
..../build/busybox-1.36.0/Makefile.flags:165: *** unterminated call to function 'shell': missing ')'. Stop.
This reverts commit 441c44626f.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current mupdf version fails to build when zlib-ng is used as the
zlib implementation. Add a patch to fix it.
This fixes the following build failure raised since the bump to
version 1.21.0 of the mupdf package in commit
3c2033cd2a:
source/fitz/encode-basic.c: In function 'deflate_write':
source/fitz/encode-basic.c:343:27: error: 'UINT_MAX' undeclared (first use in this function)
343 | newbufsize = n >= UINT_MAX ? UINT_MAX : deflateBound(&state->z, n);
| ^~~~~~~~
source/fitz/encode-basic.c:26:1: note: 'UINT_MAX' is defined in header '<limits.h>'; did you forget to '#include <limits.h>'?
Fixes: http://autobuild.buildroot.net/results/87128e9967cff20078c65ab847877aa44cc409d9
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This option can be used for runtime testing or package debugging.
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: tweak the comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Add support for -c and -cc to disable log compression
A single -c disables compression for pipes, another -c (or -cc)
disables compression for all other log targets
- The default syslog.conf now logs debug messages again (disabled in
v2.4.0) due to problems (confusion) reported in the field
- Dropped not recommended KillMode=process from systemd unit file
- Fix loss of early log messages running under systemd
Full changelog: https://github.com/troglobit/sysklogd/releases/tag/v2.5.0
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
optee-benchmark package was removed in commit cf39b596e7
("package/optee-benchmark: remove deprecated package") but forgot to
remove the associated DEVELOPERS file entry.
Using the get-developers script on any file generates a warning,
for example:
utils/get-developers DEVELOPERS
WARNING: 'package/optee-benchmark/' doesn't match any file, line 865
git send-email --to buildroot@buildroot.org
This commit fixes the issue by removing the entry.
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If both, hicolor-icon-theme (selected by libgtk3-demo) and
adwaita-icon-theme is not selected, then the /usr/share/icons
folder is empty, causing find to fail.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Tested-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The at-spi2-core and at-spi2-atk were merged, and are now built by default,
so this patch is no longer required.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Tested-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr:
- rename remaining patch,
- update .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The most recent release of RPM is v4.18.1 [1].
Adding an upstream patch to prevent build failures for certain
toolchains (0001-fix-var-declare-in-label-error.patch). Fix should be
available next release.
[1]: https://rpm.org/wiki/Releases/4.18.1
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adding a series of feature-disable configurations of options introduced
over the recent versions, but where never added.
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drops the use of `RPM_CFLAGS`, which their use has been obsolete when
this package bumped to v4.17 [1].
[1]: 429e247b86
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bumps OP-TEE client package version to OP-TEE release 3.21.0.
Removes the 2 local patches that have been integrated into mainline
repository before release tag 3.21.0.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr: regenerate .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Package optee-benchmark is no more maintained by OP-TEE community
hence don't enable that package in qemu_arm_vexpress_tz_defconfig.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tweak the applied configuration options to flag support for Wayland if
the wayland package is detected. This will allow the generation of the
`interactive-wayland` utility (when `BR2_PACKAGE_LIBXKBCOMMON_TOOLS` is
also configured).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit d06dca38bb (linux: cleanup kconfig fixup processing) introduced
the conditional LINUX_KCONFIG_FIXUP_CMDS_ROOTFS_CPIO, using a negative
logic condition.
Switch that to use positive logic.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following is an attempt o cleanup the output generated when fixing
up a Linux's Kconfig:
- Quiet the conditional check host-pahole to avoid having the message
used to describe a failure generate in the output in its script form.
- Move the initramfs fixups to their own conditional macros, and move
the comments out of the macro (mainly for developers managing the
implementation).
- Adding a generic "Updating kernel config..." message, to help inform
builders that the framework is actively processing Kconfig's (while
users may be pondering why the closing of a `linux-menuconfig` is
doing).
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- introduce LINUX_KCONFIG_FIXUP_CMDS_ROOTFS_CPIO
- use MESSAGE to display... a message...
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In a previous commit [1], the use of `KCONFIG_ENABLE_OPT` was tweaked in
a way which no longer generates a default output unless the quiet flag
is unset (`Q=`). The use of `KCONFIG_SET_OPT` and `KCONFIG_DISABLE_OPT`
does not apply a quiet operation. In order to make all these kernel
configuration defines operate in a consistent way, adjusting both
`KCONFIG_SET_OPT` and `KCONFIG_DISABLE_OPT` to be default-quiet as well.
[1]: 66d2ff25ba
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit also:
- adds the md5 from the release note in the package hash file,
- rebase the patch on the new version tag,
- adds the "Upstream:" tag in the patch.
For change log since v0.3.22, see:
- https://github.com/xianyi/OpenBLAS/releases/tag/v0.3.23
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 80793107a6 package/transmission: bump version to 4.0.3
- 8d6ddb7a29 package/rtl8812-aircrack-ng: bump to 2023-05-01
version to fix build failure with Linux 6.3
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add option for new library "url"
- drop upstreamed patch
- Math now requires C++14/gcc5
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[yann.morin.1998@free.fr:
- propagate the new boost-math option to uhd
- fix indentation in help for boost-url
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Needed for bumping transmission to version 4.0.1.
Added configure option to fix build error with gcc-12.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Package binaries can be successfully built for and then executed on
RISC-V platforms including RV32 and RV64 variants. Tested in QEMU.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi PC Plus requires host OpenSSL.
Build error is masked only because Linux kernel is built
before U-Boot for this specific image configuration were
wireless driver is enabled.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi Zero requires host OpenSSL.
Build error is masked only because Linux kernel is built
before U-Boot for this specific image configuration were
wireless driver is enabled.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi One now requires host OpenSSL. Select
BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following build error:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
1383 | # include <openssl/evp.h>
| ^~~~~~~~~~~~~~~
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4187707115
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After booting Linux the userspace is unusable since every command issued,
that is a symlink to busybox, fails because of no free ram. So let's
disable IIO in linux.config to give some more ram to userspace.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
LDFLAGS need to be passed to the micropython build system via the
LDFLAGS_EXTRA variable, which was so far missing. This patch adds it.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0ce2d42aa7 (package/kodi-inputstream-adaptive: update license
info) did a last-minute update to add all the license files, but forgot
to amend the hash file.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Needed for the upcoming version bump of the Nexus version of
kodi-inputstream-adaptive.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Replaced patch 0002 to fix python detection with new version due to
upstream changes:
https://github.com/xbmc/xbmc/pull/21597#issuecomment-1166365667
Removed patches which were applied upstream.
Bump gcc requirement as kodi depends on C++17.
Rework configure options.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- git-format patch 0002
- add upstream tag to patch 0002
- regenerate .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed patches which were applied upstream, rebased remaining patches.
Added patch 0004 to avoid dependency to perl package JSON:PP.
This bump depends on bumping heimdal, see previous patch of this series.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- make new patch git-formatted
- add upstream status to new patch
- update .checkpackageignore wth removed patches
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 2d7cfd49ba package/valgrind: bump version to 3.20.0
- 4aef53575b package/libgit2: bump version to 1.6.4
- b0306d94b2 package/cpio: bump version to 2.14
- f292d9b736 package/gocryptfs: bump version to 2.3.2
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- do not only disable NTLM delegation to winbinds ntlm_auth but
disable NTLM support overall (and drop enforced libopenssl DES
dependency introduced by 'package/libcurl: make sure openssl
supports DES' (commit f25c820a4f)
- change man page hint to https URL
- rearrange configure options to one option per line
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update also the release url because the OpenPrinting https archive page
is out of sync with the current release archive on the main github
project.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* Remove patch applied upstream.
* Upstream fixed building inside the source tree, but still does not
recommend it, so keep LIBGIT2_SUPPORTS_IN_SOURCE_BUILD = NO
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- change download from git URL to https (and SITE_METHOD git)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We do not need to add a hash for 6.3, as it was already added in
eadff4efe9 ({toolchain, linux-headers}: add support for 6.3 headers).
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: explain why no hash update]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds the upstream patch that fixes the CVE.
No new release so far.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When explicitly specifying printing backends libgtk3 requires file
to be one of them on linux.
Fixes:
- output/build/libgtk3-3.24.37/modules/printbackends/meson.build:39:4: ERROR: Problem encountered: 'file' print backed needs to be enabled
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 492c803117 package/tbb: bump to version 2021.8.0.
- a1e0e7276c package/libmodsecurity: bump to version 3.0.9
- e4fb09f95f package/gstreamer1-editing-services: bump version to 1.22.2
- 460c9fa338 package/pciutils: bump to version 3.9.0
- 0f1d33b6c8 package/crun: bump to version 1.8.4
And some were renamed with a version bump:
- 60d8e52576 package/lua: bump to version 5.4.5
But the ignore list was not updated in any of those commits, the latter
causing issues because the patches are no longer ignored;
package/lua/5.4.5/0001-root-path.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0002-shared-libs-for-lua.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0011-linenoise.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
384140 lines processed
3 warnings generated
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When browsing the help references for various systemd features, it was
observed that the `systemd-rfkill` link was dead (originally pointing to
`systemd-rfkill@.service.html`; now `systemd-rfkill.service.html`). This
commit corrects this link, as well as updates all other links to https
(since freedesktop.org now force redirects to https).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable building with libressl to avoid the following build failure
raised since the addition of the package in commit
ea36681572:
In file included from /home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/analyzer/protocol/mime/MIME.cc:7:
/home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/zeek/digest.h: In function 'void* EVP_MD_CTX_md_data(const EVP_MD_CTX*)':
/home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/zeek/digest.h:22:12: error: invalid use of incomplete type 'const EVP_MD_CTX' {aka 'const struct env_md_ctx_st'}
22 | return ctx->md_data;
| ^~
Fixes:
- http://autobuild.buildroot.org/results/2db2988d495f9d06d058fb532a2dcfa9ef6e207c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Backport 2 fixes from upcoming release (memory leak and incorrect JSON
output).
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop 0003-Revert-Fix-maxminddb-link-on-FreeBSD.patch, handling of libmaxminddb
was fixed upstream in d2b700d
- Drop 0004-build-pcre.m4-fix-build-without-pcre.patch, handling of PCRE was
fixed upstream in 791964a
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The test chckes that the "Upstream:" tag be on the first column, without
any leading character (no space, no bracket of any kind).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The past participle for "to fix" is "fix". The "did you forget" got
eluded into "forget", so again a past participle.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, utils/docker-run spawns a container with a tty, so that he
user can interact properly in the container.
However, that requires a tty when calling docker-run, which is not
always guaranteed, e.g. if called from a git hook.
Since the script is a bash script already, we can use an array to store
options passed to docker, and only add the -t option when there is
actually a tty available.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
- Drop "0001-meson-change-std-to-gnu99.patch" since change is available
in this version.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: regenerate .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- glib2 has moved from PCRE to PCRE2 [1].
- Drop `fam` option since it no longer available [2].
- Drop "0001-fix-compile-time-atomic-detection.patch" since upstream
patch was dropped and new atomic detection implementation has been
applied in this version.
- Drop "0002-remove-cpp-requirement.patch" since upstream has modified
its Meson scripts to have any C++ usage as optional.
- Drop "0003-Add-Wno-format-nonliteral-to-compiler-arguments.patch"
since change is available in this version.
- Add new patch to address new Werror compilation errors [3].
- Renamed "0004-*.patch" -> "0001-*.patch" since it should still be
applicable for its mentioned build case.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1938974
[2]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2570
[3]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3390
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- update upstream status on new patch
- regenerate .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Providing an upstream status for the remaining libglib2 patch from a
recent version bump. This patch was introduced in Buildroot around
November 2021 to help deal with build errors where `GObject-2.0.gir`
could not be found (tied to Buildroot changes made in
`gobject-introspection.mk`). The discussion thread mentions this could
be submitted upstream, but looks like it never was. Reflecting that this
package has not been submitted upstream.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 5e1c238b72 (package/ltp-testsuite: require 5.11 headers for
musl) dropped a patch, which had no "upstream" status, and thus had an
ignore entry, which itself was ignored when the patch got removed.
Regenerate .checkpackage ignore now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since upstream Linux commit ed21d6d7c48e6e96c2d617e304a7ebfbd17b1807
("perf tests: Add test for PE binary format support") present in >=
v5.10 there is an unconditional installation of PE binaries.
Some toolchains have a readelf tool that correctly interpret the PE
files, and reports ELF-alike fields. This causes check-bin-arch to
reject those files.
Make sure that these binaries are excluded from being checked to allow
the installation of the perf tests.
Fixes: 6fcdaa4c50 ("package/linux-tools: Allow installation of perf scripts")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Jobs with the syntax @hourly, @daily, ... were not executed since the
version bump from `v4.5` to commit `1ba33c3325df48de46263276a43ed76cf9d81518`.
This patch fixes the bug downstream.
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There was a conflict between musl and kernel headers prior to 5.11, due
to a bug in kernel headers, which was fixed in a85cbe6159ff ("uapi: move
constants from <linux/kernel.h> to <linux/const.h>") in v5.11, and
backported to stable/LTS kernels.
Upsteam ltp-testsuite has been unreceptive to accepting the workaround,
as they argue that the kernel headers have been fixed, and people should
update their toolchains.
However, it is not always practical, or even possible, to update the
toolchain, so lets require kernel headers at least 5.11 for musl-based
toolchains.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CGO (the Go language C bindings) normally links dynamically with the C
libraries. It seems that passing -extldflags=-static is not sufficient
to make sure they link statically. As a result, a build using CGO will
fail with
runtime.gcdata: missing Go type information for global symbol .dynsym: size 72
There are two modules in the standard Go library that can use CGO:
os/user and net. Both of these have pure Go versions, however, which can
be selected with the osusergo and netgo tags. Since these two are
standard library modules that get used in almost all Go programs, pass
those flags in the common infrastructure.
It's not entirely clear if this is always the case or only depending on
the specific way CGO is used. In the former case, we could instead
disable CGO globally if static libs are enabled. However, it turns out
that this doesn't solve the problem completely anyway (delve still fails
to link, with different errors). Also, it is possible that other cgo
modules do still work. Therefore, just stick to adding the osusergo and
netgo tags.
Cf. Statically compiling Go programs [0]
Fixes:
- crucible:
http://autobuild.buildroot.net/results/c2f/c2f29f55b461899e8e15c0494578304e6f74bf51/
- containerd:
http://autobuild.buildroot.net/results/699/69910fc6b9f474a7eb0ca7ffa27ac5512cc1bb37/
- delve:
http://autobuild.buildroot.net/results/552/55225d5da17e85271943f7adce6f07d014d9717d/
- probably others...
[0] https://www.arp242.net/static-go.html
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Corepack is a zero-runtime-dependency Node.js script that acts as a
bridge between Node.js projects and the package managers. It ships
with Node.js but is disabled by default.
Some JavaScript packages, such as vuejs and vuejs-router can benefit
from having Corepack installed on the host. Therefore, add an option
to enable Corepack with host-nodejs.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The coremark build needs to set PORT_CFLAGS explicitly in order to pick
up the configured optmisation level, and other flags.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Acked-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
PDF support was disabled in commit 7a4944569c (package/ghostscript:
bump to version 9.55.0) as it was then a new option which broke the
build.
PDF support depends on both openjpeg and jbig2dec. There is already a
conditional block for each, but it is not trivial to merge sanely, so we
introduce a third conditionl block to enable PDF. AS explained in the
comment, the dependencies are duplicated in that conditional block: in
case the other conditions get dropped in the future, we will still want
to depend on both for PDF support (unless that changes too, in which
case it will also be easier to spot and update).
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=14976
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move to its own conditional block
- add a comment about duplicated dependencies
- expadn commit log.
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thierry GUIBERT <thierry.guibert@croix-rouge.fr>
[yann.morin.1998@free.fr: split off the previous patch by Thierry]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a paragraph and an example about using the Buildroot image registry
hosted on gtilab.com, for people who want to build their own image based
on the offical one.
Signed-off-by: Thierry GUIBERT <thierry.guibert@croix-rouge.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since commit
9d1d4818c3:
[ 98%] Generating Poppler-0.18.typelib
Could not find GIR file 'GObject-2.0.gir'; check XDG_DATA_DIRS or use --includedir
error parsing file /home/giuliobenetti/autobuild/run/instance-1/output-1/build/poppler-21.12.0/glib/Poppler-0.18.gir: Failed to parse included gir GObject-2.0
If the above error message is about missing .so libraries, then setting up GIR_EXTRA_LIBS_PATH in the .mk file should help.
Typically like this: PKG_MAKE_ENV += GIR_EXTRA_LIBS_PATH="$(@D)/.libs"
Fixes:
- http://autobuild.buildroot.org/results/d2f50aa56410c2fff8a0538c57038104906e747e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- drop patch adding INTROSPECTION_COMPILER_ARGS as it's now upstream
as of 22.02.0, and we use 22.10.0
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Due to the sheer number of patches that fail the new Upstream trailer
check (1500+) and the time it would take to make them compliant, for
now, just add them to the ignore list.
Created via `./utils/docker-run make .checkpackageignore`
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[yann.morin.1998@free.fr: regenerate]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Implement a check-package check for an Upstream: trailer in patches
being applied to packages per a mailing list discussion [0].
No strict formatting checks are implemented for the contents within the
trailer as the needed level of detail will vary patch-to-patch.
Tested with: `./utils/docker-run python3 -m pytest utils/checkpackagelib`
[0] https://lists.buildroot.org/pipermail/buildroot/2023-March/666016.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previously, the documentation only requested links to upstream commits
when backporting patches.
Based on a mailing list discussion [0], patches should, when possible
and when approriate, provide a link as evidence that the patch has been
submitted upstream.
The motivation is that hopefully the patch gets applied to upstream at
some point reducing the long term maintenance burden within Buildroot.
This also makes future patch review on subsequent package version bumps
more streamlined.
For patches that are unique to BR and do not apply to the upstream
repository, patches should have a comment explaining why they do not
apply upstream.
[0] https://lists.buildroot.org/pipermail/buildroot/2023-March/666000.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bump Linux kernel to 6.1.14, U-Boot to 2023.01, ATF to 2.8.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With introduction of vmap'ed stacks to ARM in Linux v5.18, stack
parameters can no longer be used for DMA. So pull the latest xradio
changes that fix the driver and make it work with vmap'ed stacks
in new kernels.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by [1], version 0.12.0 fixes these errors:
Error executing event examine-end on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/target/stm32f7x.cfg", line 103
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
Info : starting gdb server for stm32f7x.cpu on 3333
Info : Listening on port 3333 for gdb connections
Info : Unable to match requested speed 2000 kHz, using 1800 kHz
Info : Unable to match requested speed 2000 kHz, using 1800 kHz
Error executing event examine-end on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'ocd_process_reset'
in procedure 'ocd_process_reset_inner' called at file "embedded:startup.tcl", line 288
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/target/stm32f7x.cfg", line 103
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
target halted due to debug-request, current mode: Thread
xPSR: 0x01000000 pc: 0x080003fc msp: 0x20050000
Error executing event reset-init on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'ocd_process_reset'
in procedure 'ocd_process_reset_inner' called at file "embedded:startup.tcl", line 288
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/board/stm32f769i-disco.cfg", line 71
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
Remove upstream patches.
The new version moves the GPL-2.0 license from COPYING to the subfolder
"preferred", adding the header required by spdxcheck.py. A minimalist
COPYING is added in the top directory, as required by automake, pointing
to the files in LICENSES.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014849
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr:
- one license or license file per line
- reorder licenses to match file order
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel versions prior to 3.4 did not have V4L2_CAP_DEVICE_CAPS and
compiling against such a kernel will fail.
This patch introduces a version check and makes eudev fall back to
v2cap.capabilities on these kernels.
Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update to latest upstream git version, fixes compile failure since
nginx-1.23.0:
src/event/ngx_event_udp.h:38:27: error: field ‘pkt6’ has incomplete type
38 | struct in6_pktinfo pkt6;
| ^~~~
.../nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2925:36: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
2925 | if (r->headers_in.x_forwarded_for.nelts >= 1) {
| ^
| ->
- remove 0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch
(upstream commit, see [1])
- remove 0002-PCRE2-compatibility.patch
(upstream commit, see [2])
Changelog (since 1.3):
- a2add9f docs: fix simple typo, registred -> registered (#538)
- aa9da98 Fix#541 - Removing useless assert.
- fbe6ffd Some includes are required for OpenBSD (#545)
- 296583f naxsi_src/naxsi_runtime.c: fix build without x_forwarded_for (#568)
- fe5df20 redirect naxsi log to a separate log file (#563)
- c81a4e3 parse HTTP PATCH requests and associated tests (#595)
- 2937c44 PCRE2 compatibility (#587)
- d714f16 Fixes NGINX >= v.1.23.0 (all credits @lubomudr) (#598)
Given the short history since 1.3, and rather than backporting one more
patch, just bump to current HEAD of the upstream repository.
[1] https://github.com/nbs-system/naxsi/commit/296583f06ba5c43cc859e01fd3c0ae1271eef0ce
[2] https://github.com/nbs-system/naxsi/commit/2937c44276cba21601ade4e265d32515f570d68c
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The QEMU board's post-image script will glob through various
`readme.txt` files for an appropriate command line to use. Recent linter
changes [1] prevents this from happening, and results in the following
build error:
>>> Executing post-image script board/qemu/post-image.sh
sed: can't read board/qemu/*/readme.txt: No such file or directory
Reverting part of the shellcheck fixes for the README file arguments and
marking a linter exception.
[1]: b32d7c99c6
Signed-off-by: James Knight <james.d.knight@live.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr: also reinstate plural to the variable name]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Virtually all PCs nowadays have a PCI bridge and PCI devices.
All framnebuffer options depend on CONFIG_FB, which default is not 'y',
so also enable that.
The overwhelming majority of PCs nowadays also come with an UEFI
bootloader, that configures a framebuffer usable in early boot, which
the kernel can reuse without needing any hardware-specific driver.
EDID allows retrieving the capabilities of the connected display,
especially the frequencies and so on, to properly drive the display.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- drop cosmetic CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y
- rewrite commit log to explain all new options
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's use a more modern kernel with a broader range of hardware support
for PCs.
We stick to 6.1, rather than 6.2, as the former is an LTS, whicle the
latter is not.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In 38b798da73 (package/skeleton: drop $(HOST_DIR)/usr compatibility
symlink), we considered that $(HOST_DIR)/usr is a legacy symlink, and so
we dropped it. During review, it was pointed out that:
1. [if] something installs in HOST_DIR/usr it's probably going to
break somewhere down the line,
2. DESTDIR is empty for host builds. And PREFIX/usr would be completely
crazy.
However, we do have a package where DESTDIR is not empty for host
packages. Indeed, for host-systemd, we do have a convoluted sequence
where we configure it for the traditional /usr prefix, rather than
$(HOST_DIR) for all other host packages, and we install it with
DESTDIR=$(HOST_DIR). This is because systemd has to interpret path on
the target, not on the host, and confusion ensues if host systemd is not
configured with the same prefix as the target systemd. See commit
35c11a027c (package/systemd: add host variant) for the full, in-depth
explanations.
This reverts commit 38b798da73.
This also changes the comment to note that, although legacy, the usr
symlink is still required for some weird host packages.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Last-minute changes to d9b244d8a3 (board/qemu: define start qemu
script outside of post-image script) were not tested before being
pushed, so they introduced a bug.
As Arnout put it:
[...] multiple expressions need a -e to interpret them as
expressions (now they're interpreted as file names).
Fixes: d9b244d8a3
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Knight <james.d.knight@live.com>
In Cargo, it is quite typical for "build scripts" to be written in Rust
and therefore they need to be compiled as part of the overall build. In
cross-compilation, that means a mixed host and target build.
Unfortunately, by default Cargo makes no distinction between the
RUSTFLAGS used for the host and the target. There is, however, an
unstable feature to make this distinction [1][2].
We already have CARGO_TARGET_APPLIES_TO_HOST="false". This makes sure
that any configuration that we make for the target doesn't automatically
apply to the host as well. However, this only applies for per-target
configuration, for example the setting of "cc" in the config.toml
generated by package/rust/rust.mk. Flags that are passed with RUSTFLAGS
still apply to both host and target. Therefore, we need to use the
CARGO_TARGET_<tuple>_RUSTFLAGS environment variable instead of plain
RUSTFLAGS.
This, however, doesn't allow us to specify flags that apply only to the
host. We could use CARGO_TARGET_<hosttuple>_RUSTFLAGS for that, but that
doesn't work in case the host and target tuple are the same. For this,
we need another unstable feature, enabled with
CARGO_UNSTABLE_HOST_CONFIG="true". With this enabled, we can specify
flags that apply only for the host build using CARGO_HOST_RUSTFLAGS.
Currently, we don't have any such flags, but we really should: we should
pass the proper link flags to point to $(HOST_DIR)/lib. Therefore, add
CARGO_HOST_RUSTFLAGS doing exactly that.
[1] https://doc.rust-lang.org/nightly/cargo/reference/unstable.html#host-config
[2] https://github.com/rust-lang/cargo/pull/10395
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit b32d7c99 fixed the shellcheck errors in board/qemu/post-image.sh,
but forgot to remove it from .checkpackageignore, leading to "Shellcheck
was expected to fail" errors.
Re-generate .checkpackageignore.
Fixes: b32d7c99c6
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Provides the ability to use a host system's QEMU. While a Buildroot
generated QEMU should work for most cases, a developer may wish to use
the system's QEMU for options which may not have been configured in the
Buildroot's QEMU build (e.g. configuring a different display mode).
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- use false/true instead of 0/1
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Provides the ability to forward command line options directly to QEMU.
When invoking `start-qemu.sh`, users can forward arguments by adding a
double dash (`--`) into the argument set, and any trailing arguments
will be forwarded into QEMU. For example, `start-qemu.sh -- --help`.
The original implementation supported a "serial-only" command line
argument to help run in a non-graphical mode for some use cases. These
changes try to promote a newly added `--serial-only` argument to drive
this mode; that being said, a `serial-only` argument will still be
accepted for backwards compatibility.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- drop the warning: unknown options cause 'exit 1' already, and any
leftover is explicitly for qemu.
- use false/true instead of 0/1
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following moves the definition of the QEMU board's `start-qemu.sh`
helper script from being inlined in the post-image script into its own
file. This should, in theory, make it easier to maintain the script in
the future.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- don't sub-shell in the script
- merge all 3 sed calls into one
- create dest file with the sed, don't cp first
- also substitute HOST_DIR
- fix shellcheck
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For some documents, we may want a terse or deeper TOC depth. For
example, short documents may want just the level-0 in the TOC, while
longer documents may want depth 1 or 2, or even deeper; also, some
documents may not use the document-title levels [0], only section
levels [1], and so may want to increase the TOC depth.
Additionally, allow per-format depth. For example, split-html has a
single page dedicated to the TOC, so there we may want a deeper TOC,
while on the html output, where the TOC is on the same page as the
whole document, a shorter TOC is preferred.
[0] https://docs.asciidoctor.org/asciidoc/latest/syntax-quick-reference/#document-header
[1] https://docs.asciidoctor.org/asciidoc/latest/syntax-quick-reference/#section-titles
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 17feaf0016 (manual: set toc depth to 4 for html outputs) did
not explain why it set the depth of the table of content (TOC) only for
the html and split-html formats.
From memory, but it is a bit fuzzy after all those years, the TOC for
HTML documentation was by default deeper than for the other formats, so
it was really useless to expand it more than one-level deep, while for
other formats, the default was acceptable.
However, it does not make much sense to limit/enforce the depth of the
TOC only for specific formats, and keep the default for the others;
indeed, there is nothing that prevents the default to change with
various versions of asciidoc and the rendering backends.
Render all the formats with the same, explicit level of TOC.
We move the assignment of _A2X_OPTS above the comment, because the
comment does not apply to the TOC setting. Also note that the previous
assignment to an empty value was completely superfluous...
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It has been years that we removed $(HOST_DIR)/usr. Because of this
symlink, however, there are still packages that install things in
$(HOST_DIR)/usr. Remove the symlink so those packages will start to
fail.
Note that there's now a check-package check to detect such incorrectly
instaled things, so this should only affect external packages.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The shebang in check-package now defines python3. There is no longer a
need to maintain support with python 2.x.
See-also: 02b165dc71 (check-package: fix Python3 support)
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Tested-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
kernel.
Use BR2_MAKE and BR2_MAKE1 for linux, and depend on
BR2_MAKE_HOST_DEPENDENCY. In addition, we need to set LINUX_MAKE to
BR2_MAKE for use in the kconfig infrastructure.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
toolchain (which is the only reason to build linux-headers).
Use BR2_MAKE for linux-headers, and depend on BR2_MAKE_HOST_DEPENDENCY.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Excerpt of https://github.com/troglobit/mg/releases/tag/v3.6:
- Sync with mg upstream, OpenBSD 7.2, as of April 10 2023
- Drop trailing whitespace on RET (c-mode)
- Add zap-to-char and zap-up-to-char, binding the former to M-z
- Fix dobeep_msgs() usage, does not support format strings, this may
have caused unexpected crashes for some operations, e.g. goto line
that does not exist
- Fix memleaks and possible crashes in ctags support
- Fall back to /bin/sh if $SHELL is undefined
- Fix typos and duplicate undo in *quick* help buffer
- Add support for exuberant/universal Ctags tags file format
- Add support for M-, to pop-tag-mark, like GNU Emacs
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This patch bumps version of the sunxi-tools to latest commit on master branch.
There are no new tags\releases since 2016 so let's use commit hash as version.
New version brings support for the following SOCs: A63, V5, R528/T113s, V853,
F1C100s, R329, H616, H6
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
[Arnout: use full hash in VERSION]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When we updated .checkpackageignore in commit 29d6f319a, this was done
using a different version of shellcheck, that apparently detects some
additional issues. Thus,
board/terasic/de10nano_cyclone5/barebox-env/boot/mmc was detected as
containing shellcheck errors. However this doesn't happen with the
version in CI, leading to "Shellcheck was expected to fail" errors.
Re-generate .checkpackageignore under docker-run, like it should have
been done to begin with.
Fixes: 29d6f319a0
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/4084485150
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It's been ages (5 years at the next release) that we've not installed
host packages in $(HOST_DIR)/usr, but we still have a few packages that
reference it or install things in there. See [1]
Add a new check_function that warns when a file is added installing to
or referencing $(HOST_DIR)/usr .
[1] "d9ff62c4cd pacakge: drop remnants of $(HOST_DIR)/usr"
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: exclude skeleton.mk with disable comment instead of explicit
code]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
For years already, $(HOST_DIR)/usr is deprecated. Install directly in
$(HOST_DIR). This will trigger a check-package error in the following
commit.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Teach check-package to detect python files by type and check them using
flake8.
Do not use subprocess to call 'python3 -m flake8' in order to avoid too
many spawned shells, which in its turn would slow down the check for
multiple files. (make check-package takes twice the time using a shell
for each flake8 call, when compared of importing the main application)
Expand the runtime test and the unit tests for check-package.
Remove check-flake8 from the makefile and also from the GitLab CI
because the exact same checks become part of check-package.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: add a comment to x-python to explain its purpose]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The .mk files inside both support/dependencies and support/misc are not
package recipes, similar to package/pkg-*.mk. The check-package don't
apply to them. Therefore ignore such files.
In the test infra, some br2-externals are used as fixtures to provide
(sometimes) failure cases, so ignore files in these directories.
Files inside support/kconfig are files copied from linux upstream, so do
not generate warnings for them.
support/gnuconfig contains auto-generated config.{guess,sub} files,
so do not generate shellcheck warnings for them.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When a SysV init script is inside package/ it doesn't need to be
executable. However, when an init script is inside a fs_overlay, it
*does* need to be executable. Therefore, skip the NotExecutable test for
init scripts. We detect them based on the directory /etc/init.d
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: update .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Move RUSTFLAGS for host builds to HOST_PKG_CARGO_ENV so that they
are set for host cargo builds which don't use the cargo infrastructure,
e.g. python packages that include rust code.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Bump U-Boot to version 2023.04 and remove the patch that has already
been upstreamed.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
mdadm contains various udev rules to manage RAID assembly and create
symlinks, install them if udev (or equivalent) is enabled.
Signed-off-by: Simon Rowe <simon.rowe@nutanix.com>
[Arnout: use MDADM_INSTALL_TARGET_OPTS for install-bin as well]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The version of U-Boot must be explicitly set because if you keep the
default setting, the bootloader is continuously updated in buildroot with
the risk of building a non-working image.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
go1.19.8 (released 2023-04-04) includes security fixes to the go/parser,
html/template, mime/multipart, net/http, and net/textproto packages, as well as
bug fixes to the compiler, the linker, the runtime, and the time package.
Fixes security vulnerabilities:
go/parser: infinite loop in parsing (CVE-2023-24537)
html/template: backticks not treated as string delimiters (CVE-2023-24538)
net/http, net/textproto: denial of service from excessive memory
allocation (CVE-2023-24534)
net/http, net/textproto, mime/multipart: denial of service from excessive
resource consumption (CVE-2023-24536)
https://go.dev/doc/devel/release#go1.19.8https://github.com/golang/go/issues?q=milestone%3AGo1.19.8+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches.
Update license to include mode licenses. Add license file hashes and
update hashes of existing files for added licenses, as well as
formatting and copyright date updates.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Although this is a "boot loader", it really is a tool that should be
part of an image that acts as the bootloader. Thus, it is not in the
bootloader menu.
A UI is required and can be provided by ncurses, X11 or fbdev. Only
ncurses is supported for now. The other two use libtwin which isn't part
of Buildroot for now.
Adapted from https://github.com/glevand/petitboot--buildroot
Updated to work with m68k architecture rather than just PlayStation3
(focused on qemu-system-m68k virt machine)
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Add missing arch and toolchain dependencies.
- Remove nonexistent BR2_PACKAGE_NCURSES_TARGET_* selects.
- Swap kexec/kexec-lite priority.
- Add hash for license file.
- Use version without v for VERSION.
- Remove unnecessary --localstatedir=/var.
- Add --disable-busybox.
- Remove --enable-debug.
- Remove --with-ncursesw and explicit libraries.
- Add explicit arguments for all configure options.
- Always select busybox tftp.
- Add optional dependency on dtc.
- Move dtc-specific options under a single condition.
- Minor cleanups (whitespace, comments, ...).
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
kexec supports m68k since commit
027413d822fd57dd39d2d2afab1484bc6b6b84f9 in v2.0.5
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Split off in a separate commit.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is the fifth patch release in the 1.1.z series of runc, which fixes
three CVEs found in runc.
CVE-2023-25809 is a vulnerability involving rootless containers where
(under specific configurations), the container would have write access to the
/sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host
were affected. This vulnerability was discovered by Akihiro Suda.
GHSA-m8cg-xc2p-r3fc
CVE-2023-27561 was a regression which effectively re-introduced CVE-2019-19921.
This bug was present from v1.0.0-rc95 to v1.1.4. This regression was discovered
by Beuc. GHSA-vpvm-3wq2-2wvm
CVE-2023-28642 is a variant of CVE-2023-27561 and was fixed by the same patch.
This variant of the above vulnerability was reported by Lei Wang.
GHSA-g2j6-57v7-gm8c
In addition, the following other fixes are included in this release:
- Fix the inability to use /dev/null when inside a container
- Fix changing the ownership of host's /dev/null caused by fd redirection
- Fix rare runc exec/enter unshare error on older kernels, including CentOS < 7.7
- nsexec: Check for errors in write_log()
https://github.com/opencontainers/runc/releases/tag/v1.1.5
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There's a runtime dependency on tomli, but only for Python < 3.11.
Therefore this is not applicable for us.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Extend the linux-tools package to also build the userspace USB tools,
which currently include testusb and ffs-test.
These tools are in the kernel tree since a long time, and althogh a
Makefile had been present since kernel 2.6.39, it has been entirely
rewritten (with an install rule) back with kernel 5.9, to allow building
the same way as other tools provided with the kernel.
We make use of the Makefile install rule, thus version >= 5.9 is
required. Support for older kernels may be added later if needed, and
is left as an exercise for the motivated party.
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
[yann.morin.1998@free.fr: fix history of Makefile]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
LVM relies on the glibc-specific behaviour of assigning to the
standard streams (stdin etc). As a result the package is currently
disabled when using musl.
This commit backports two patches from upstream lvm2 (not yet in a
release) that fix some build issues with musl, and two additional
patches taken from the Gentoo distribution to address more issues.
With those 4 patches combined, lvm2 builds fine with musl and can
therefore be re-enabled in musl configurations.
Signed-off-by: Simon Rowe <simon.rowe@nutanix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This variable is no longer used anywhere in the tree so remove it.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Remove all support for FOO_GETTEXTIZE and alert users to FOO_AUTOPOINT
as the recommended solution in its stead. We can use the standard
check-deprecated-variable for this, because from a user perspective
FOO_AUTOPOINT is pretty-much a drop-in replacement.
The warnings about FOO_GETTEXTIZE_OPTS are no longer relevant, because
they will only make sense if FOO_GETTEXTIZE was already set.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[Arnout:
- use check-deprecated-variable;
- remove FOO_GETTEXTIZE_OPTS warnings;
- remove definition of GETTEXTIZE]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 895bfba dropped POPT_AUTORECONF but did not drop POPT_GETTEXTIZE,
which requires POPT_AUTORECONF = YES.
Fixes: 895bfba ("package/popt: bump to version 1.19")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop patch that is no longer necessary after moving to new package flag.
Add patch to fix builds due to missing required files.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Add a new variable to run autopoint during autoreconf.
This variable depends on FOO_AUTORECONF = YES. It is mutually exclusive
to FOO_GETTEXTIZE. If both are set, FOO_AUTOPOINT is ignored to preserve
previous behavior.
This support is being added per a previous discussion [1].
The usage of gettextize needs to be removed cuz mama says so [2].
... is not part of the GNU build system, in the sense that it should
not be invoked automatically, and not be invoked by someone who doesn’t
assume the responsibilities of a package maintainer. For the latter
purpose, a separate tool is provided, see Invoking the autopoint Program [3]
Using gettextize has the unintended consequence of updating the package
based on the version of host-gettext vs what was chosen by the upstream
maintainer. As mama said above, we should use autopoint. Do as she says
to avoid further scolding (gettextize shoehorning and package patching).
[1] https://patchwork.ozlabs.org/project/buildroot/patch/20170827110920.15579-1-aleksander@aleksander.es/
[2] https://www.gnu.org/software/gettext/manual/html_node/gettextize-Invocation.html
[3] https://www.gnu.org/software/gettext/manual/html_node/autopoint-Invocation.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Previously, AUTOPOINT was hardcoded to /bin/true in autoconf.mk.
Moving the definition of this variable into AUTOCONF_ENV as part of the
autotools infrastructure will allow us to conditionally set the variable
based on package flags to support migrating away from FOO_GETTEXTIZE.
While we're at it, split the overly long line that defines AUTORECONF,
wrapping at 80 columns.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[Arnout: split long line]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
No package in the current tree is currently utilizing this option.
The long term solution is to use autopoint over gettextize in which case
these options aren't relevant anyway.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Migrate to flit build backend.
Use license file instead of readme hashes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From [1]:
* sshd(8): fix a pre-authentication double-free memory fault
introduced in OpenSSH 9.1. This is not believed to be exploitable,
and it occurs in the unprivileged pre-auth process that is
subject to chroot(2) and is further sandboxed on most major
platforms.
* ssh(8): in OpenSSH releases after 8.7, the PermitRemoteOpen option
would ignore its first argument unless it was one of the special
keywords "any" or "none", causing the permission list to fail open
if only one permission was specified. bz3515
* ssh(1): if the CanonicalizeHostname and CanonicalizePermittedCNAMEs
options were enabled, and the system/libc resolver did not check
that names in DNS responses were valid, then use of these options
could allow an attacker with control of DNS to include invalid
characters (possibly including wildcards) in names added to
known_hosts files when they were updated. These names would still
have to match the CanonicalizePermittedCNAMEs allow-list, so
practical exploitation appears unlikely.
From [2]:
* ssh-add(1): when adding smartcard keys to ssh-agent(1) with the
per-hop destination constraints (ssh-add -h ...) added in OpenSSH
8.9, a logic error prevented the constraints from being
communicated to the agent. This resulted in the keys being added
without constraints. The common cases of non-smartcard keys and
keys without destination constraints are unaffected. This problem
was reported by Luci Stanescu.
* ssh(1): Portable OpenSSH provides an implementation of the
getrrsetbyname(3) function if the standard library does not
provide it, for use by the VerifyHostKeyDNS feature. A
specifically crafted DNS response could cause this function to
perform an out-of-bounds read of adjacent stack data, but this
condition does not appear to be exploitable beyond denial-of-
service to the ssh(1) client.
The getrrsetbyname(3) replacement is only included if the system's
standard library lacks this function and portable OpenSSH was not
compiled with the ldns library (--with-ldns). getrrsetbyname(3) is
only invoked if using VerifyHostKeyDNS to fetch SSHFP records. This
problem was found by the Coverity static analyzer.
[1] https://www.openssh.com/txt/release-9.2
[2] https://www.openssh.com/txt/release-9.3
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-22432: Open redirect vulnerability exists in web2py
versions prior to 2.23.1. When using the tool, a web2py user may be
redirected to an arbitrary website by accessing a specially crafted URL.
As a result, the user may become a victim of a phishing attack.
https://github.com/web2py/web2py/compare/v2.23.0...v2.23.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fixed (security) [APP-70]: Memory leak in MibLeaf::set if same OID is set
twice in the same PDU.
- Fix the following build failure raised since bump of snmppp to version
3.5.0 in commit e011fa0415:
snmp_pp_ext.cpp: In member function 'int Agentpp::Snmpx::send(const Agentpp::Pdux&, Snmp_pp::SnmpTarget*)':
snmp_pp_ext.cpp:1172:47: error: binding reference of type 'Snmp_pp::Pdu&' to 'const Snmp_pp::Pdu' discards qualifiers
1172 | status = snmpmsg.loadv3(Snmp::get_mpv3(), pdu, engine_id, security_name,
|
Fixes:
- http://autobuild.buildroot.net/results/d7347b8b3953596b66da6ca6d85f084fb427934c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-27371: GNU libmicrohttpd before 0.9.76 allows remote DoS
(Denial of Service) due to improper parsing of a multipart/form-data
boundary in the postprocessor.c MHD_create_post_processor() method. This
allows an attacker to remotely send a malicious HTTP POST packet that
includes one or more '\0' bytes in a multipart/form-data boundary field,
which - assuming a specific heap layout - will result in an
out-of-bounds read and a crash in the find_boundary() function.
https://lists.gnu.org/archive/html/libmicrohttpd/2023-02/msg00000.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The impetus for this change was that wget fails to load pages signed by
Let's Encrypt due to missing root certs. This version has the updated and
correct certs.
0002-mozilla-certdata2pem.py-Fix-compat-with-cryptography.patch
Patch dropped because the fix is incorporated upstream.
Signed-off-by: Steve Hay <me@stevenhay.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
MUSL support is patched by defining FNM_EXTMATCH to zero, which omits
GNU-only extended pattern matching.
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use daemon name (bluetoothd) as file name.
- Script doesn't need to be executable.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With bluez 5.66 (bumped in c6c79d6) the Media Control Profile (MCP), Basic
Audio Profile (BAP) and Volume Control Profile (VCP) where added.
All three are enabled by default.
MCP only works if AVRCP is enabled, as it requires player.c which is
otherwise not compiled.
Only enable all three new profiles when the audio plugin is selected.
Fixes:
- http://autobuild.buildroot.net/results/d62/d6260a5acf766657f683d85fa1bdc27b7a43551e/
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
- http://autobuild.buildroot.net/results/fdf2b2eb252a24e81bddad1c81c4fdfb03dc0afe
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp: In member function 'bool dtlsopenssl::DtlsState::initCtxAndConnection(QDtlsBasePrivate*)':
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp:669:9: error: 'q_SSL_set_psk_server_callback' was not declared in this scope; did you mean 'q_SSL_set_psk_use_session_callback'?
669 | q_SSL_set_psk_server_callback(newConnection.data(), dtlscallbacks::q_PSK_server_callback);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| q_SSL_set_psk_use_session_callback
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp:671:9: error: 'q_SSL_set_psk_client_callback' was not declared in this scope; did you mean 'q_SSL_set_info_callback'?
671 | q_SSL_set_psk_client_callback(newConnection.data(), dtlscallbacks::q_PSK_client_callback);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| q_SSL_set_info_callback
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When running "make check-package" on a system with shellcheck 0.9.0,
the command fails with output:
make check-package
package/linux-tools/S10hyperv:0: run 'shellcheck' and fix the warnings
...
2 warnings generated
This commit fixes the warnings reported by the command:
shellcheck package/linux-tools/S10hyperv
This commit also fixes the four-space indent by a single tab on the
changed lines. Since this fixes the indentation warnings of
check-package, the Indent exclusion in .checkpackageignore is also
removed.
Fixes:
In package/linux-tools/S10hyperv line 27:
return $ret
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
In package/linux-tools/S10hyperv line 48:
return $ret
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bagas is keen to maintain git package for Buildroot. However, due to
limited resources available, he can only do testing as far as
build testing. Other developers are needed to help him maintain the
package.
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This release contains mostly a bugfixes, with some improvements around
error handling for unimplemented functionality and resiliency against
runtime changes of dbus service-files.
Also update hashes of license files. There was no change in license,
the hashes changed due to copyright date bump and additional authors
listend in the same files.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
bluez 5.66 contains various fixes and initial support for Basic Audio
Profile and Volume Control Profile.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the major release changed all the packages that have direct
dependency to harfbuzz has been succesfully built:
- efl
- libass
- mupdf
- pango
- qt5base
- qt5webengine
- qt6base
- sdl2_ttf
- supertuxkart
- vlc
- webkitgtk
- wpewebkit
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
lzop 1.04 uses libtool 2.4.2.418, which is right between 2.4.2 and
2.4.4. While our patch for 2.4 is also supposed to work up to and
including 2.4.2.x, it does not work for libtool 2.4.2.418, which
requires the patch for 2.4.4.
We could change our infra to better pick the appropriate patch, but we
do not know exactly which 2.4.2.x version is actually the cutting
point that requires the 2.4.4 patch. Until we have more data point,
let's handle the case in an ad-hoc manner for lzop.
Additionally, we add a patch from Florian Bäuerle, which allows to set
the mtime of the lzop archive for reproducible build support using
SOURCE_DATE_EPOCH.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Uptream does not provide a change log.
The package now needs a C++11 compiler. For example, the source file
"blake2s.hpp" is using the "constexpr" keyword.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libev and libevent can be enabled at the same time since version 4.1.0,
thanks to the event lib support refactoring into plugins, which is enabled by
default for unix platform builds (LWS_WITH_EVLIB_PLUGINS=ON):
https://github.com/warmcat/libwebsockets/commit/c6c7ab2b4498c62bf9461b36395d8466e023575d
In this way, libwebsockets can be compiled with both libev and libevent
support, which is then user-selectable at runtime.
This basically restores the behavior changed by previous commit 27f257e.
Signed-off-by: Luca Pesce <luca.pesce@vimar.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Fix the license because libgit2 has been using some android code
without attribution. This explains the change of the hash in the
license file, which now includes the text of the BSD-2-Clause
license.
* Building in-source is accidentely broken in this release and upstream
recommends a separate build directory anyway, so use a separate build
directory.
* Some win32-specific declarations use wchar_t, add an upstreamed patch
to avoid a dependency to wchar_t elsewhere.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The kernel config board/qemu/aarch64-sbsa/linux.config has never been in
use by qemu_aarch64_sbsa_defconfig, neither via
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE, nor via
BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES.
test_edk2.py is using the kernel config
board/qemu/aarch64-sbsa/linux.config. However, storing a kernel config
that is not used by qemu_aarch64_sbsa_defconfig, in a directory that is
"owned" by qemu_aarch64_sbsa_defconfig, is bound to cause confusion.
Therefore, move the config file to a new subdirectory:
support/testing/tests/boot/test_edk2/
This is similar to how e.g. test_grub.py has a subdirectory:
support/testing/tests/boot/test_grub/
where it keeps the kernel config that is only used by test_grub.py.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ARM SBBR (Server Base Boot Requirements) defines SPCR (Serial Port
Console Redirection Table) as a mandatory ACPI table that specifies
the configuration of a serial console.
In the linux kernel, ARM developers have decided that consoles defined
by SPCR are always enabled when existing, see e.g.:
https://lore.kernel.org/linux-serial/20200430161438.17640-1-alpernebiyasak@gmail.com/T/
Specifying console=ttyAMA0 (which is a serial console) is thus
redundant for an ARM SBSA board. (It also blindly assumes that
the serial console is on ttyAMA0, which might not be true.)
Drop the explicit console=ttyAMA0 on the kernel command line,
such that the kernel can pick up the default console defined
by SPCR.
This is similar to how it is currently done for
board/aarch64-efi/grub.cfg.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Specifying /dev/sda2 is ambigious, and when booting my arm64 machine
this tries to mount the second partition of my ATA drive, instead of
the second partition of the USB-stick, simply because the ATA driver
is probed earlier than the USB controller driver.
To solve this problem, use PARTLABEL=root to specify the root filesystem.
This is similar to how it is currently done for board/aarch64-efi/grub.cfg
and board/qemu/aarch64-ebbr/grub.cfg.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Bump Linux kernel to v6.1.13 and increase the rootfs size accordingly.
- Bump the FVP in the readme to version 11.20 build 15 and update the
command line.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Multiple library checks are obsolete, either due to removal or due to built-in solutions.
License file changed due to update of copyright year.
Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
shadow provides utilities to deal with user accounts.
The shadow package includes the necessary programs for converting UNIX
password files to the shadow password format, plus programs for managing
user and group accounts. Especially it is useful if rootless podman
container should be used, which requires newuidmap and newgidmap.
Co-authored-by: Nicolas Carrier <Nicolas.Carrier@orolia.com>
[Nicolas.Carrier@orolia.com provided the test case]
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Binary blobs are BIOS of some sorts for the various machines emulated
by QEMU. There is no option to individually install blobs; it's an
all-or-nothing option.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 2022.04.0, Barebox now supports a generic image built
for platforms, to be used as BL33 to generate FIP images. This patch
makes it available as a choice of BL33 to be used with ATF and is
based on the similar work put into U-Boot as BL33.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The upcoming ccache update will depend on host-cmake, so we must
ensure host-cmake doesn't use ccache when being built.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Notable changes in this commit:
- change from v4.0.x to v4.1.x "current" version series,
- move the sha256 hash out of the "Locally computed" section,
as the value comes from the download page,
- the LICENSE file hash changed, as the file was updated
(copyright years updated and new contributors added),
- the IME (Infinite Memory Engine), introduced in v4.1.x,
is disabled to workaround a failure when cross-compiled,
- the package now requires a toolchain with atomic support,
and needs to link against libatomic when needed.
For change log since v4.0.0, see:
- https://github.com/open-mpi/ompi/blob/v4.1.4/NEWS#L61
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The LICENSE text has changed, nominally the copyright owner changed
from "Facebook" to "Meta Platforms, Inc. and affiliates",
reflecting the name change of that company.
Add upstream patch to fix zstd-dll build.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Bump Linux kernel version to 6.1.12.
- Bump U-Boot version to 2023.01 and rename config fragment to make it
clearer that it is not a complete config file.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Let's also reorder BR2_UBOOT_ options by moving
BR2_TARGET_UBOOT_FORMAT_DTB_IMX after BR2_TARGET_UBOOT_NEEDS_OPENSSL since
this reflects the order in boot/uboot/Config.in file.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This directory contains a Buildroot configuration for building a
Pine64 PineCube.
Board homepage: https://www.pine64.org/cube/
Board wiki: https://wiki.pine64.org/wiki/PineCube
How to build it
===============
$ make pine64_pinecube_defconfig
$ make
Note: you will need access to the internet to download the required
sources.
How to write the SD card
========================
Once the build process is finished you will have an image called "sdcard.img"
in the output/images/ directory.
Copy the bootable "sdcard.img" onto an SD card with "dd":
$ sudo dd if=output/images/sdcard.img of=/dev/sdX
$ sudo sync
Insert the micro SDcard in your PineCube and power it up. The console
is on the serial port 2, 115200 8N1 (check Wiki for board pinout).
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.