This is a bugfix release only containing the fix to a potential integer underflow
which got assigned CVE-2023-36328.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4.1.9 is affected by CVE-2023-36053, and 4.1.10 was released to fix
it. The changes between 4.1.9 and 4.1.10 are just:
f9a14b8f0668029fb7e0aebcae57b60dcec4a529 (tag: 4.1.10) [4.1.x] Bumped version for 4.1.10 release.
beb3f3d55940d9aa7198bf9d424ab74e873aec3d [4.1.x] Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
3b48fe413f91612fb8c43fe9d489860d10c84bf7 [4.1.x] Added stub release notes for 4.1.10 and 3.2.20.
0e5948b8df5d25deb48a505cbf16f010d9dc603c [4.1.x] Fixed MultipleFileFieldTest.test_file_multiple_validation() test if Pillow isn't installed.
66e1e9b006618ba00e804d18bd90d3a9e94801b3 [4.1.x] Added CVE-2023-31047 to security archive.
d1385cc51b142b05b21b721d9d68fc461bc7241f [4.1.x] Post-release version bump.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit updates poppler to the latest version in the 22.x series,
with only has bug fixes. Here is the list of commits between 22.10.0
and 22.12.0:
df568263c51950ceed6f1fb42f80e99a2614c275 (tag: poppler-22.12.0) poppler 22.12.0
198dc1d0674c0a462668e6868c35b1ee0e731005 Form::addFontToDefaultResources: Be stubborn in finding a font we can use
a5952ab70716a2d4f792a943c2dcf3068f1d6885 Revert "CI: Fix Debian brokenness"
8fcaa7c622d24761a9ecb3922f95d072077d6f34 CI: Fix Debian brokenness
cc665f757af6b87dd245d36e079dd44d8d2d2182 (tag: poppler-22.11.0) poppler 22.11.0
a296982e1d5b4968b2bd044d80647ae6f9267526 Do not include a poppler/ file from a splash/ header
bc4a0d9a2abfcd75d9b0ee4be3f7600905fe6001 Form: Provide Unicode marker when ensuring fonts
111f38a722eedddd94faa52dda8c5e0da561fb41 Cairo: Update font after restore
907d05a6a141284aee22fbd16ab0a2fb4e0f2724 Fix crash in file that wants to do huge transparency group
e53f5aae3bce7d09788f2ad62be998895fb9807b PSOutputDev::setupResources: Fix stack overflow in malformed doc
a4ca3a96a6b1f65b335a1ea362e6c202e46ae055 topIdx can't be negative
e471f8e09bf2e38df0cf5df1acecbcca70685573 Init all the fields of JPXStreamPrivate
5190c0d4369bd9f501922585140be4ec736e24f2 No need to store smaskInData in priv
6263bb90b09326103b10e4c4edfbc5b84c884921 Page label ranges can't start in < 0
Note: this version bump does not include the fix for CVE-2023-34872,
so we still need the backported patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libdecor cannot be selected due to a circular dependency:
package/wayland/Config.in:1:error: recursive dependency detected!
package/wayland/Config.in:1: symbol BR2_PACKAGE_WAYLAND is selected by BR2_PACKAGE_LIBDECOR
package/libdecor/Config.in:1: symbol BR2_PACKAGE_LIBDECOR is selected by BR2_PACKAGE_MESA3D_DEMOS
package/mesa3d-demos/Config.in:1: symbol BR2_PACKAGE_MESA3D_DEMOS is selected by BR2_PACKAGE_PIGLIT
package/piglit/Config.in:1: symbol BR2_PACKAGE_PIGLIT depends on BR2_PACKAGE_WAFFLE_SUPPORTS_WAYLAND
package/waffle/Config.in:7: symbol BR2_PACKAGE_WAFFLE_SUPPORTS_WAYLAND depends on BR2_PACKAGE_WAYLAND
Without libdecor, the build fails since the bump of mesa3d-demos to
version 9.0.0 in 80304d9911:
"""
Run-time dependency libdecor-0 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency libdecor-0
../output-1/build/mesa3d-demos-9.0.0/meson.build:88:17: ERROR: Automatic wrap-based subproject downloading is disabled
"""
Fixes:
http://autobuild.buildroot.net/results/8de50be8233f0133aadc26bda71b48d7ec329e04/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Following build failure occurs:
opasswd.c: In function 'compare_password':
opasswd.c:142:3: error: 'retval' undeclared (first use in this function); did you mean 'outval'?
142 | retval = outval != NULL && strcmp(outval, oldpass) == 0;
| ^~~~~~
| outval
Add a patch from upstream to fix it.
Happens since the update to 1.5.3 in Buildroot commit:
f8147e27cd
Fixes:
- http://autobuild.buildroot.net/results/576/576fc4b9ccbc6cff82569692bdec82192e89f036
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when verifying the configuration of a uClibc toolchain for
the presence of locale support, we check __UCLIBC_HAS_LOCALE__. It
turns out that we in fact also expect __UCLIBC_HAS_XLOCALE__ to be
defined, as without it locale_t is not defined, causing build failure
in some packages, such as libcpprestsdk:
In file included from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/json.h:18,
from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/pch/stdafx.h:88,
from /home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/src/http/client/http_client_msg.cpp:13:
/home/thomas/autobuild/instance-0/output-1/build/libcpprestsdk-2.10.18/Release/include/cpprest/asyncrt_utils.h:317:13: error: 'locale_t' does not name a type
317 | typedef locale_t xplat_locale;
| ^~~~~~~~
As essentially our requirement for uClibc in external toolchains is
"it should match the uClibc configuration used by Buildroot for
internal toolchains", it makes sense to verify
__UCLIBC_HAS_XLOCALE__. Note that of course checking
__UCLIBC_HAS_XLOCALE__ is sufficient, as it cannot be enabled if
__UCLIBC_HAS_LOCALE isn't.
This addresses an issue with the Synopsys ARC external toolchain,
which is built with __UCLIBC_HAS_LOCALE__, but without
__UCLIBC_HAS_XLOCALE__ causing a build failure with some
packages (such as libcpprestsdk).
Therefore, this patch also changes how the Synospys ARC external
toolchain is exposed in Buildroot: it no longer advertise locale
support.
Fixes:
http://autobuild.buildroot.org/results/e6778e60cc1ea455f5b4511d5824f04d8040f67b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The intention of this script is to generate the XML that can be sent to
NVD to request a new CPE identifier.
As discussed on the mailing list [0] keeping up with version numbers of
all registered CPE ID won't work.
In addition the feed used to generated the XML files will be retired
[1]. In the future an API needs to be used for fetching the data in
connection with a local database.
All of this works against keeping this script and porting it to the new
API.
As a last blow Matthew, the original author concluded [2]:
> Makes sense to drop it. There never got to be enough momentum in the overall
> software community to make CVE or even the new identifier really accurate.
The intention is to ignore the version part of CPE IDs in the future,
and only look at the version range specified on a CVE. Therefore, a tool
to add new CPE ID versions isn't useful to us. It might still be useful
to have a tool to create the vendor and project parts of a CPE ID.
However, the current gen-missing-cpe tool doesn't support that, and the
API is anyway going to be retired. So there is no reason at all to keep
this around.
Remove gen-missing-cpe and the cpedb module. Remove the Makefile target
to call the script.
Since the cpedb module is removed, the CPEDB_URL definition must be
moved to the place where it is still used, in pkg-stats.
[0]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672620.html
[1]: https://nvd.nist.gov/General/News/change-timeline
[2]: https://lists.buildroot.org/pipermail/buildroot/2023-August/672651.html
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The CVE-2004-2771 is already fixed by the Debian patch
0014-globname-Invoke-wordexp-with-WRDE_NOCMD.patch. The Debian patch
description is:
Subject: [PATCH 4/4] globname: Invoke wordexp with WRDE_NOCMD (CVE-2004-2771)
See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
more details.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In commit
15972770cf ("package/heirloom-mailx:
security bump to version 12.5-5 from Debian"), we added CVE-2014-7844
in HEIRLOOM_MAILX_IGNORE_CVES, but with the wrong comment about it: it
is a different patch in the Debian stack of patches that fixes
it. Indeed the description of patch
0011-outof-Introduce-expandaddr-flag.patch is:
=====================================================================
Subject: [PATCH 1/4] outof: Introduce expandaddr flag
Document that address expansion is disabled unless the expandaddr
binary option is set.
This has been assigned CVE-2014-7844 for BSD mailx, but it is not
a vulnerability in Heirloom mailx because this feature was documented.
=====================================================================
See also https://marc.info/?l=oss-security&m=141875285203183&w=2 for
details.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
CVE-2023-31038 affects log4cxx only if ODBC is supported. While
CVE-2023-31038 has been fixed in newer versions of log4cxx, there is
quite a huge gap to do a version bump, and the commit that fixes
CVE-2023-31038 could not be identified.
Therefore, we want to rely on the fact that our log4cxx package does
not support ODBC: there is indeed no explicit dependency on our
unixodbc package in log4cxx.mk. However, log4cxx automatically detects
if ODBC is available and if it is, it uses it.
So what we do in this commit is backport an upstream commit, which
adds explicitly options to enable/disable ODBC and ESMTP support, and
we use them to (1) always disable ODBC and (2) explicitly
enable/disable ESMTP support.
Thanks to ODBC being disabled, we're not affected by CVE-2023-31038.
Of course, there is a potential regression for users who were relying
on the implicit unixodbc dependency, but as we could not identify the
commit fixing the CVE-2023-31038, this is the best we can do at the
moment.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit c1038fe47c renamed the patch, but didn't update
.checkpackageignore, leading to two failures:
.checkpackageignore:1055: ignored file package/openjdk/17.0.7+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch is missing
package/openjdk/17.0.8+7/0001-Add-ARCv2-ISA-processors-support-to-Zero.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
Rename the file in .checkpackageignore as well.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Grub 2.06 is affected by a number of CVEs, which have been fixed in
the master branch of Grub, but are not yet part of any release (there
is a 2.12-rc1 release, but nothing else between 2.06 and 2.12-rc1).
So this patch backports the relevant fixes for CVE-2022-28736,
CVE-2022-28735, CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
CVE-2022-28733, CVE-2022-28734, CVE-2022-2601 and CVE-2022-3775.
It should be noted that CVE-2021-3695, CVE-2021-3696, CVE-2021-3697
are not reported as affecting Grub by our CVE matching logic because
the NVD database uses an incorrect CPE ID in those CVEs: it uses
"grub" as the product instead of "grub2" like all other CVEs for
grub. This issue has been reported to the NVD maintainers.
This requires backporting a lot of patches, but jumping from 2.06 to
2.12-rc1 implies getting 592 commits, which is quite a lot.
All Grub test cases are working fine:
https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500585https://gitlab.com/tpetazzoni/buildroot/-/pipelines/984500679
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: fix check-package warning in patch 0002]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The pcm-tools package contains a version.h with git attributes:
$ cat version.h
#define PCM_VERSION " ($Format:%ci ID=%h$)"
$ man 5 gitattributes
Creating an archive
export-subst
If the attribute export-subst is set for a file then Git
will expand several placeholders when adding this file to
an archive. The expansion depends on the availability of
a commit ID, i.e., if git-archive(1) has been given a tree
instead of a commit or a tag then no replacement will be
done. The placeholders are the same as those for the option
--pretty=format: of git-log(1), except that they need to be
wrapped like this: $Format:PLACEHOLDERS$ in the file. E.g.
the string $Format:%H$ will be replaced by the commit hash.
So, the archive generated by github has changed since we updated
pcm-tools in 2021-12-08 with commit d1d93d488c (package/pcm-tools:
bump to version 202110). The downlad was still OK in 2022-01-04 [0]
but has been failing at least since 202-08-25 [1].
Since the archive is generated on the github side, there is not much we
can do to fix this up.
We switch over to using git to do the download, and we generate the
archive localy, which we know is reproducible.
We fix the version.h so that it contains the same string as the backup
tarball we host on s.b.o.
There are three other files in pcm-tools that have git attributes, to
exclude them from the generated archive, all pertaining to CI/CD stuff:
.cirrus.yml export-ignore
.gitlab-ci.yml export-ignore
.travis.yml export-ignore
We don't remove them, because they have no impact on the build, and they
are anyway already present in the archive by the time we could act on it
anyway...
[0] http://autobuild.buildroot.org/results/127/1276a3d49c8848039f034e7f03632df365097e94/
[1] http://autobuild.buildroot.org/results/8bb/8bbf9c36af332bbf5e7c1abcbb594a0b231ef97e/
Reported-by: Woody Douglass <wdouglass@carnegierobotics.com>
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Each time a new pipeline is triggered, some jobs may fail due to
temporary issue with a Gitlab runner (network, power supply, docker or
maintainance).
Most of the problems are "runner system failure" [1] and require to
retart each failed jobs manually by maintainers to complete the
pipeline with only real failures if any.
The "retry" keyword allows to configure how many times a job is retried
if it fails. "retry:when" allows to retry a failed job only on
specific failure types like "runner_system_failure".
While at it, retry a job if it failed due to a timeout failure (this
timeout means that the job was pending for more than 24h) [2].
Such timeout failures occur on pipelines testing each Buildroot's
defconfig since there is not enough gitlab runner available to build
all of them within 24h.
Retry only jobs that are more likely to wait for a runner
(generate-gitlab-ci-yml, runtime_test_base, defconfig_base and test_pkg).
[1] https://gitlab.com/buildroot.org/buildroot/-/jobs/4936949397 (runner system failure)
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/4936949530 (timeout failure or the job got stuck)
https://docs.gitlab.com/ee/ci/yaml/#retrywhen
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While switching ATF to github, the BR2_TARGET_UBOOT_CUSTOM_GIT=y
symbol was not removed. Since then this defconfig fail to build
in gitlab-ci due to invalid defconfig check.
WARN: defconfig ./configs/freescale_imx6qsabresd_defconfig can't be used:
Missing: BR2_TARGET_UBOOT_CUSTOM_GIT=y
[1] dd42b159a5
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4889436612
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bugfix release, fixing a number of regressions in 2.0.16
From the changelog
(https://github.com/eclipse/mosquitto/blob/master/ChangeLog.txt)
2.0.17 - 2023-08-22
===================
Broker:
- Fix `max_queued_messages 0` stopping clients from receiving messages.
Closes#2879.
- Fix `max_inflight_messages` not being set correctly. Closes#2876.
Apps:
- Fix `mosquitto_passwd -U` backup file creation. Closes#2873.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit ee93213d18 (package/check: fix compile issue due to missing
source file), we switched from using the released tarball, to using the
autogenerated tarball from github.
However, that means that the filename of the archive did not change,
while its content did change. The hash was promptly updated, but that
means that the archive we cache on s.b.o (and possibly the one users
may also already have locally) will not match the new hash (and
conversely).
So we switch to using the sha1-hash of the commit corresponding to the
tag.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 0a8ef2f3f7 bumped the headers
version requirements, but did not update the associated comment.
Remove the comment entirely, as it does not apply anymore.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 30997eaa65438a2ce726ad8a204ac5a36363f5c8 a mistake
was made. Guard the definition correctly.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2023-34241 (see [0] for details)
[0] https://github.com/OpenPrinting/cups/releases/tag/v2.4.6
The number of changes between 2.4.4 and 2.4.6 is really small, and
limited to bug fixes:
9d614a4b3184205294c55355a1d2eb54d4532ccd (tag: v2.4.6) Update CHANGES.md
6f6da74ec284e28c156f0b9f62f3bd610e61aa78 Fix use-after-free in cupsdAcceptClient() (fixes CVE-2023-34241)
3f12185ca9cbb5350a6370d6046066907b8abc12 Merge pull request #735 from AtariDreams/Fixer
f5281777c80cdf820a2a71c9e7f08b91f0e11160 Fix compilation on older macOS versions
ee82c5b18409def3ec1424ce2eb343aabb0ff0d1 Merge pull request #730 from zdohnal/cupssinglefile_24x
1504527b2415a4b67b0e3e17593b053f3628746f cups/ppd-cache.c: Put cupsSingleFile into generated PPD
3be1d5da8fe9ee13aab5ee6ecc11b2f9387821a6 Prepare files for next release
c1f54ec966ccc5d5564eed95dcb540842af7b5ca (tag: v2.4.5) cups/cups.h: Update for 2.4.5
70dba05b7511a96476ea0ef8fe1d92c6500c6e61 Finish hotfix release 2.4.5
87f5cb7d8f0da8fa2835bb0aa3ca48b5e5a66a3f Merge pull request #727 from AtariDreams/hotfix
61aa0b259183fe59124566f08ecf649bb806cd24 Regression: Certificate data is corrupted during base64 conversion
7362f41c45d834564f876ffac536f59eece843ec Prepare files for next release
Signed-off-by: Clement Ramirez <ramirez.clement3@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 2a5d90a595 (configs/rock5b: Add patches to fix gcc12 warnings)
introduced the kernel patches in an incorrect directory.
Fix that by moving them in the proper location.
Reported-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch introduces patches for the custom kernel, as it is
currently used for the Radxa Rock 5B. The patches fix two gcc
compiler warnings, which result in a build error, if the kernel
is used with gcc version 12.
Since also the code of custom board drivers for WiFi support is
affected, and no fixes are provided by the vendor, the custom WiFi
support is disabled.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is the follow-up commit to the 4de60e4 which disables
sourcehighlight dependency for the target GDB package.
Do the same for the host variant to be sure that this
won't be picked up from the host system.
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
nftables provides python bindings; it uses setuptools to install them.
We currently install those bindings by telling the nftables buildsystem,
autotools, to install the python bindings.
However, we do not pass any of the environment variables that are needed
for setuptools packages. When host-python-setuptools is installed before
nftables is built [0], this breaks the system at runtime, as the
bindings are not installed; only the egg is, resulting in runtime errors
like:
# python -c 'import nftables'
Traceback (most recent call last):
File "<string>", line 1, in <module>
ModuleNotFoundError: No module named 'nftables'
Upstream has been doing some changes on their python handling, but it is
not in a released version yet, and we can't backport those changes
either, due to other big changes.
Instead, we split the pyhon bindings to their own package.
For legacy handling, we make that new package default to y, so that
existing (def)config still work. The only novelty is that it can be
disabled now.
Many thanks to Julien for testing and finding the offending dependency,
to James for suggesting the package split, and to Adam for, well,
trigerring the issue in the first place! ;-p
Note: a git bisect of the issue turns up 72 candidates for the breakage,
all around the time we dropped python2 support in early 2022; the last
known-good commit is 55df30f8b1 (package/zfs: drop python2 support)
and the first known-bad commit is 697acda00d (package/pkg-python: drop
python2 host/setuptools support); everything in-between does not
configure (package/python/Config.in.host still sourced but already
removed), or does not build (host-python still in the dependency chain
but already removed), so had to be skipped during the bisect.
[0] This can happen when another python package using setuptools is
built before nftables. However, with PPD, this never happens because
host-python-setuptools is never in the dependency chain of nftables.
Reported-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Suggested-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2023-28366: Fix memory leak in broker when clients send multiple QoS 2
messages with the same message ID, but then never respond to the PUBREC
commands.
- CVE-2023-0809: Fix excessive memory being allocated based on malicious
initial packets that are not CONNECT packets.
- CVE-2023-3592: Fix memory leak when clients send v5 CONNECT packets with a
will message that contains invalid property types.
- Broker will now reject Will messages that attempt to publish to $CONTROL/.
- Broker now validates usernames provided in a TLS certificate or TLS-PSK
identity are valid UTF-8.
- Fix potential crash when loading invalid persistence file.
- Library will no longer allow single level wildcard certificates, e.g. *.com
For more details, see the changelog:
https://mosquitto.org/ChangeLog.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The bump to meson 1.2.0 triggers unexpected build failure of the host
packages, because meson changed the way it passes library search paths
when building natively:
https://github.com/mesonbuild/meson/commit/59cfbf68e00aa774a9868101f423bd662938c15dhttp://lists.busybox.net/pipermail/buildroot/2023-August/672649.html
As a consequence, the libraries are searched for in the system paths
before being searched in our host-dir, leading to failures when
incompatible libraries are installed in both locations. For example, if
the system has an older version of libglib2 installed, this causes link
failures when one of the glib2 library (e.g. libgio) is linked by path,
but a dependent library (e.g. libgmodule) is linked by name:
/path/to/host/lib/libgio-2.0.so -L /path/to/host/lib/ -lgmodule-2.0
The first is indeed the one we built and installed in host-dir, but the
second is found in the system path; when it is an older (or more
recent?) version than the one we use, the link fails;
/path/to/host/lib/libgio-2.0.so: undefined reference to `g_module_open_full'
Since fixing the issue is not trivial, revert to the previous meson
version that did not exhibit the issue.
This reverts commit d06e610d58.
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit e3322e2c7 "lsof: add license info" added the package license
info. At that time, lsof was at version 4.85. The package was not
including a dedicated license file. Instead, the license text was
copied in many files (source files, readmes, ...). It was then decided
to use the small source file "dialects/linux/dproto.h".
Recently, lsof added a COPYING license file. See [1]. This commit was
first included in lsof version 4.97.0. We can now use this file.
The license file hash is updated due to formatting changes. As a side
note, the copyright year in source file was 1997 (see [2]), whereas in
the new license file it is 2002. Source files have different copyright
dates, and can be as old as 1994, for example in [3]. The rest of the
license text remains unchanged.
[1] https://github.com/lsof-org/lsof/commit/62dab61cae3ca9e4d41ec573ae5cda0c5689c326
[2] https://github.com/lsof-org/lsof/blob/4.98.0/dialects/linux/dproto.h#L9
[3] https://github.com/lsof-org/lsof/blob/4.98.0/arg.c#L7
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The compiler-rt project intructs to build out of tree:
https://compiler-rt.llvm.org/
Otherwise, the dependency chain declared in the include/CMakelLists.txt
causes a circular dependency of source files upon themselves:
make[4]: Circular include/sanitizer/allocator_interface.h <- include/sanitizer/allocator_interface.h dependency dropped.
make[4]: Circular include/sanitizer/asan_interface.h <- include/sanitizer/asan_interface.h dependency dropped.
make[4]: Circular include/sanitizer/common_interface_defs.h <- include/sanitizer/common_interface_defs.h dependency dropped.
[--snip 19 other files--]
This is because include/CMakeLists.txt unconctional declares
dependencies in this manner:
set(SANITIZER_HEADERS
sanitizer/allocator_interface.h
sanitizer/asan_interface.h
sanitizer/common_interface_defs.h
[...]
)
set(COMPILER_RT_HEADERS
${SANITIZER_HEADERS}
[...])
set(output_dir ${COMPILER_RT_OUTPUT_DIR}/include)
foreach( f ${COMPILER_RT_HEADERS} )
set( src ${CMAKE_CURRENT_SOURCE_DIR}/${f} )
set( dst ${output_dir}/${f} )
add_custom_command(OUTPUT ${dst}
[...]
)
[...]
endforeach( f )
The froeach() loop creates dependency rules between the files in
output_dir and CMAKE_CURRENT_SOURCE_DIR, without provision for the
case they are both the same directories, thus in-source builds are
not supported.
With the Makefiles backend, this only triggers the above warning
from make, because make arbitrarily breaks circluar dependencies, and
in this case it makes it work. But when we switch to the ninja backend,
this is going to be a hard error.
Anyway, ninja or make, compiler-rt does not support in-source builds.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
[yann.morin.1998@free.fr: drastically expand commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since it was iontroduced in commit d4ecefa3cc (package/perftest: new
package), perftest was missing the reverse dependency on the kernel
headers version inherited from rdma-core.
In commit 3279d8b9c4 (package/rdma-core: needs NPTL), the dependency
of rdma-core on NTPL was not propagated to its reverse dependencies,
notably perftests.
Fixes:
- http://autobuild.buildroot.net/results/00c/00ce19a1589c6028ee77c333ed9107e2c8c8d6de
- d4ecefa3cc
- 3279d8b9c4
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[yann.morin.1998@free.fr:
- also add misisng headers dependency
- expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previously, gen-bootlin-toolchains did not add a `depends` guard to
limit the available toolchains based on the minimum required GCC version
for the user selected CPU tuning.
Now, the proper BR2_ARCH_NEEDS_GCC_AT_LEAST_X guard will be added based
on the version of GCC provided by the toolchain.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[yann.morin.1998@free.fr: regenerate the toolchain list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previously, it was possible to select an external toolchain that did not
support the GCC arch tuning the user had selected. This is problematic
because it can lead to confusing error messages during builds [0].
Now, external toolchain selections will be filtered to only those that
support the required GCC version specified by the target arch tuning.
Note: this patch does not touch the Bootlin toolchain config file as it
is generated by a script.
Additional note: there is "soft" support for toolchains prior to GCC 4.8
but there are no accompanying BR2_ARCH_NEEDS_GCC_AT_LEAST_X symbols.
Instead of adding those, just use BR2_ARCH_NEEDS_GCC_AT_LEAST_4_8 which
is the minimum GCC version with claimed support [1].
[0]: https://lists.buildroot.org/pipermail/buildroot/2023-August/671877.html
[1]: https://buildroot.org/downloads/manual/manual.html#requirement-mandatory
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use full relative pathes for rootfs and kernel, like in other
readme's.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Compile of e2fsprogs is failing because of gcc bug
111001. Workaround it by forcing the usage of -Os.
Compile fails with:
CC rw_bitmaps.c
terminate called after throwing an instance of 'std::bad_alloc'
what(): std::bad_alloc
during RTL pass: sh_treg_combine2
rw_bitmaps.c: In function 'read_bitmaps_range_start':
rw_bitmaps.c:447:1: internal compiler error: Aborted
447 | }
| ^
0x5e7a6f ???
../sysdeps/aarch64/start.S:81
Please submit a full bug report, with preprocessed source (by using -freport-bug).
Please include the complete backtrace with any bug report.
See <http://bugs.buildroot.net/> for instructions.
No need to backport, because gcc 13.2.0 was introduced recently in
Buildroot commit: 3009095ba8
Fixes:
- http://autobuild.buildroot.net/results/fb7/fb7e9c8b02b979b3a75185c0afa4ab0ca654f6f6
- http://autobuild.buildroot.net/results/659/659313b1783db491653bcc85b37da40c7b077225
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
e2fsprogs package fails to build for the SH4 architecture due to a gcc
13.2.0 bug that leads to:
during RTL pass: sh_treg_combine2
rw_bitmaps.c: In function read_bitmaps_range_start:
internal compiler error: Aborted
Let's add gcc bug to avoid to deal with architectures in packages
when a gcc bug arises. Let's instead deal directly with gcc
bug number.
It's been reported upstream:
https://gcc.gnu.org/bugzilla//show_bug.cgi?id=111001
No need to backport as gcc 13.20 was introduced recently in
buildroot.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The dependency is not provided by Buildroot, and it can potentially be
found by gdb's build system from the host system, which results in the
following build errors:
../../gdb/source-cache.c:37:10: fatal error: srchilite/sourcehighlight.h: No such file or directory
37 | #include <srchilite/sourcehighlight.h>
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[4]: *** [Makefile:1645: source-cache.o] Error 1
make[4]: *** Waiting for unfinished jobs....
Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
screenfetch requires an "awk" implementation, but upstream would
only use an executable called "awk": pick up upstream patch that
can autodetect awk implementation, so that "mawk" can be used.
Signed-off-by: Nicolas Boichat <drinkcat@google.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Most of the users use HDMI console on RPi and with increasing popularity
of systemd they face a trouble.
systemd doesn't use /etc/inittab, enable getty@tty1.service instead.
Signed-off-by: Alexey Roslyakov <alexey.roslyakov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In Buildroot commit cc69dbf8fd
("package/libedit: bump version to 20221030-3.1"), the version of
libedit was bumped from 20210910-3.1 to 20221030-3.1. This broke the
build with uClibc:
./sys.h:96:1: error: unknown type name 'ssize_t'; did you mean 'size_t'?
Header file uses ssize_t so sys/types.h must be included.
This commit adds a patch that fixes this issue.
Fixes:
http://autobuild.buildroot.net/results/439538b23776a58ff81c38754a19ee92c3590a1f
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch taken from upstream pull request ([1]) to fix gcc-13.x compile
failure because of a missing csdtint include.
Fixes:
In file included from libserial/SerialStreamBuf.h:36,
from SerialStreamBuf.cpp:34:
./libserial/SerialPortConstants.h:93:37: error: ‘uint8_t’ was not declared in this scope
93 | using DataBuffer = std::vector<uint8_t> ;
| ^~~~~~~
[1] https://github.com/crayzeewulf/libserial/pull/186
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 503252d8b0 (boot/lpc32xxcdl: remove package) forgot to remove
the special handling in genrandconfig. Since the package no longer
exists, we don't need to special-case its symbol anymore, so drop it
now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This package has dubious licensing conditions (not even documented in
the .mk file), and is a bootloader for very old platforms. The
defconfigs making use of it have been removed in Buildroot in 2014, in
commit c6a410964b ("configs: remove
lpc32xx defconfigs"), so let's get rid of the package.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
[yann.morin.1998@free.fr: remove reference in test]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Until now, the Python build system was building a _dbm.cpython-*.so
native module when BR2_PACKAGE_PYTHON3_BERKELEYDB was enabled, but
since the bump of Python to 3.11.x, it was no longer building this
native module.
Investigation this, we found out that Python 3.11 changed how libdb
was detected [1] and that check now fails:
quoting configure log:
checking for libdb... no
quoting python config.log:
conftest.c:(.text.startup+0x8): undefined reference to `__db_ndbm_open'
However, in fact it turns that this problem is not new in Python
3.11. In Python 3.10, the build system was always producing the native
module, but it was in fact not working at runtime:
>>> from _dbm import *
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ImportError: /usr/lib/python3.10/lib-dynload/_dbm.cpython-310-arm-linux-gnueabihf.so: undefined symbol: __db_ndbm_delete
It was not really visible because when one does "import dbm", it
actually tries several "backends", including ndbm (which relies on
_dbm above), and if it doesn't work, it falls back silently on a pure
Python implementation.
So the issue was never noticed, but has already been there,
potentially forever.
In order for this _dbm native module to be built (Python >= 3.11) or
to work (Python < 3.11), the BerkeleyDB library need to be built with
its so-called "dbm" interface, which we do by selecting select
BR2_PACKAGE_BERKELEYDB_DBM.
And now:
>>> import _dbm
>>>
[1] https://github.com/python/cpython/blob/d2340ef25721b6a72d45d4508c672c4be38c67d3/configure.ac#L4002
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Thomas: did more research to have a better explanation of what is
happening, and realize the problem is not related to Python 3.11]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While it's not strictly necessary to update go-bootstrap-stage2, we can
continue to update the package to the latest 1.19.x until Go 1.19.x is
discontinued, at which point we can leave it at the final 1.19.x
version.
This package is only used when bootstrapping host-go.
go1.19.11 includes a security fix to the net/http package, as well as
bug fixes to cgo, the cover tool, the go command, the runtime, and the
go/printer package.
https://go.dev/doc/devel/release#go1.19.minor
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The m68k Linux kernel build is broken with binutils >= 2.41 with:
arch/m68k/fpsp040/skeleton.S: Assembler messages:
arch/m68k/fpsp040/skeleton.S:502: Error: junk at end of line, first unrecognized character is `#'
arch/m68k/fpsp040/skeleton.S:508: Error: junk at end of line, first unrecognized character is `#'
This commit adds a backport from the upstream Linux kernel which fixes
this issue. Many thanks to Romain Naour for the issue investigation
and the identification of the kernel commit fixing this.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In upstream commit e71ecc8771a4f13bc6046438ab0845944831b9a6 ("build:
Remove deprecated -Diconv option"), merged since glib 2.75.1, the
meson -Diconv option was removed.
In Buildroot, this means that the build of libglib2 has been broken
since commit 3f9622fe3d, which bumped
libglib2 from 2.72.3 to 2.76.1 for configurations that have libiconv
enabled, causing this build failure:
../output-1/build/libglib2-2.76.1/meson.build:1:0: ERROR: Unknown options: "iconv"
iconv is now automatically detected by Meson machinery, and so the
option was considered as no longer being needed. This commit fixes
that by dropping the useless -Diconv=external.
Another related change done is remove the double addition of libiconv
into the <pkg>_DEPENDENCIES variable: libiconv can only be enabled
when BR2_ENABLE_LOCALE is disabled, and libglib2/Config.in selects
BR2_PACKAGE_LIBICONV when !BR2_ENABLE_LOCALE. So testing
BR2_ENABLE_LOCALE!=y and BR2_PACKAGE_LIBICONV=y is exactly the same
thing, causing libiconv to be added twice to the dependencies.
Fixes:
http://autobuild.buildroot.net/results/d2da03f7558f3b6ee59c813bb64115702e52704c/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libheif package fails to build for the M68K architecture due to a binutils
bug that leads to:
Internal error in emit_expr_encoded at dw2gencfi.c:215
Let's add binutils bug to avoid to deal with architectures in packages
when a binutils bug arises. Let's instead deal directly with binutils
bug number.
It's been reported upstream:
https://sourceware.org/bugzilla/show_bug.cgi?id=30730
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- improve 8ULP support (rev A1)
- add mmc user fastboot support
- add fastboot partconf support
- add nitrogen8mp smarc support
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The release tarball of check 0.15.2 lacks a source file, causing a
build failure, as reported at
https://github.com/libcheck/check/issues/303. This failures happens
when thread support is not available, as the file missing is getting
compiled in when thread support is not there:
if(NOT HAVE_PTHREAD)
target_sources(check PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../lib/pthread_mutex.c)
target_sources(checkShared PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../lib/pthread_mutex.c)
endif()
This issue started appearing when we moved from the autotools build
system to the CMake build system in commit
6dfc789f4f. One might wonder why
changing the build system can cause this kind of issue: the file was
in fact already missing. Turns out that the missing file is never used
with the autotools build system: this file provides some Win32
compatibility layer for pthread functions, so the autotools build
system never compiled this file as the autotools build system was only
used on Unix platforms. With CMake it now gets compiled to support
Windows platform. But on Linux, the entire contents of the file is
ignored as it is within a HAVE_WIN32_INIT_ONCE ifdef...endif. Still,
with the file missing, the build fails.
Until upstream publishes a new release with a complete tarball, switch
to fetching the Github-generated tarball, which does contain the
missing file.
Fixes:
http://autobuild.buildroot.net/results/b1087e9a67ff0382632b73f280fabe92cd863593/
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mpd's Config.in selects expat and/or yajl depending on which
sub-options is enabled, and adds build dependencies, but does not pass
-D<option>=enabled/disabled for both of these features, relying on
auto-detection.
This commit fixes that by explicitly enabling/disabling expat and yajl
depending on their presence. The mpd sub-options no longer need to
have these as build-time dependencies, as it is handled globally.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[Thomas: extracted from
https://patchwork.ozlabs.org/project/buildroot/patch/20221005091032.3014-5-br015@umbiko.net/]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Just like BR2_PACKAGE_MPD_UPNP_PUPNP needs expat and curl support,
BR2_PACKAGE_MPD_UPNP_NPUPNP also needs expat and curl. curl was
already selected, but not expat. It didn't cause any visible issue, as
BR2_PACKAGE_MPD_UPNP_NPUPNP selects BR2_PACKAGE_LIBNPUPNP, which
itself select BR2_PACKAGE_EXPAT. But as mpd directly checks for the
availability of expat, it makes sense to also select it directly.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
[Thomas: extracted from a larger patch at
https://patchwork.ozlabs.org/project/buildroot/patch/20221005091032.3014-5-br015@umbiko.net/]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
id3tag is a sub-feature that is needed to extract information from mp3 files.
It selects the corresponding library and handles config settings. Two other
features need this sub-feature, but handle all library selections themselves
and omit enabling the id3tag feature. In consequence, users have to remember
to select both mp3 library and id3tag, otherwise the mpd executable will not
process mp3 files.
Reflect feature dependency in mpd Config.in to make id3tag selection automatic.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 54b9008d48 ("package/mpd: bump
to version 0.21.11"), mpd was migrated from using the autotools build
system to the meson build system.
As part of this, the BR2_PACKAGE_MPD_TCP was incorrectly modified,
leading BR2_PACKAGE_MPD_TCP disabled to actually enable TCP, and
BR2_PACKAGE_MPD_TCP enabled to not explicitly enable TCP support.
This commit fixes that by handling this option in the common way.
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The less package currently installs only the "less" binary, rather
than running the default "make install" behavior from the autotools
build system.
However, at least another binary, "lessecho" is needed for the "s"
command in less to work properly: so in that sense this commit is
fixing a broken behavior.
Since the less installation only installs 3 programs, "less",
"lessopen" and "lesskey", there is no good reason to not use the
default installation command, which we do in this commit.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
[Thomas: rework commit message]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
elf2flt needs to link against libbfd.a and libiberty.a which are
provided by host-binutils, but not installed, so we poke directly
into the host-binutils build directory. While not very nice, it has
already been like this for a long time. We could build host-binutils
with --enable-install-libbfd and --enable-install-libiberty so that
those libraries are installed, but we prefer to do this separately,
and there is a serious potential for perturbations to other packages
by having libbfd/libiberty installed in $(HOST_DIR).
In the mean time, an issue of poking directly into the host-binutils
build directory is that the location of libbfd.a has changed in
binutils >= 2.41, so we special case binutils 2.39 and 2.40, which are
the two remaining versions still using the "old" path".
Note: the ARC-special binutils version is not considered because
Buildroot only supports ARC CPUs with a MMU and therefore host-elf2flt
is never used on ARC.
Fixes:
gcc: error: /builds/buildroot.org/toolchains-builder/build/output/build/host-binutils-2.41/bfd/libbfd.a: No such file or directory
When build host-elf2flt against host-binutils 2.41.
This issue is not visible in the autobuilders as it is hidden by the
BFD_VMA_FMT issue fixed in the previous commit.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some patches had some fuzz, and patch 0004 was no longer applicable
using "git am". Patch 0006 is renamed so that it matches the commit
log title, as generated automatically by git format-patch.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the bump of ccache from 4.7.4 to 4.8.2 in Buildroot commit
1db3f0f844 ("package/ccache: bump
version to 4.8.2"), it started failing to build on machines that use
gcc 12.3, due to a bug in gcc:
/home/buildroot/autobuild/instance-0/output-1/build/host-ccache-4.8.2/src/storage/local/LocalStorage.cpp:701:24: required from here
/home/buildroot/autobuild/instance-0/output-1/build/host-ccache-4.8.2/src/Logging.hpp:33:7: internal compiler error: Segmentation fault
33 | Logging::log(std::string_view(message_)); \
| ^~~~~~~
Upstream ccache has committed a workaround to avoid this compiler bug,
which we backport in this commit.
Fixes:
http://autobuild.buildroot.net/results/cd341365d1c429bfca505a742e86b3090897db23/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The at91dataflashboot code contains some hand-written ARM assembly
that uses ARM classic instructions, and will not build in Thumb-1
mode.
This issue has always existed in Buildroot, but it's only since we
started testing random configurations, including Thumb-1
configurations, that this issue popped up.
Fixes:
http://autobuild.buildroot.net/results/68bf2291201ef1882d8e8d3eca2b1a5ad731e4b0/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/992/99235aa2aca1afe031a088baebbd46057fe75fcd/
/home/autobuild/autobuild/instance-15/output-1/build/tvheadend-fe47ecb5504a521fed9c1ca9705fb0dd2bb8443a/src/atomic.h:253:
undefined reference to `__sync_lock_test_and_set_8'
/home/autobuild/autobuild/instance-15/output-1/build/tvheadend-fe47ecb5504a521fed9c1ca9705fb0dd2bb8443a/src/atomic.h:81:
undefined reference to `__sync_fetch_and_add_8'
The build error was introduced by the latest bump of tvheadend with
commit 67cbbbfe6e.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot commit 319c56dfe3 bumped
stellarium which included this commit
https://github.com/Stellarium/stellarium/commit/186b06fa215bd28ea03cc291dc861b552af8d99a
It removed the previously bundled QXlsx source and lets stellarium
git-clone the sourcecode of the QXlsx package (not present in buildroot)
during the build:
$ find output/build/stellarium-23.2/ -iname .gitignore | grep qxl
output/build/stellarium-23.2/_deps/qxlsxqt5-src/.gitignore
which breaks offline builds.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot commit 319c56dfe3 bumped
stellarium which included this commit
https://github.com/Stellarium/stellarium/commit/186b06fa215bd28ea03cc291dc861b552af8d99a
It removed the previously bundled libindi source and lets stellarium
download the sourcecode of the indiclient package (not present in
buildroot) during the build:
$ find output/build/stellarium-23.2/ -iname *.zip
output/build/stellarium-23.2/_deps/indiclient-subbuild/indiclient-populate-prefix/src/v1.8.5.zip
which breaks offline builds.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Buildroot 2022.05 use binutils 2.37 by default, but the binutils
version was downgraded to the previous binutils version in qemu_ppc64*
defconfigs due to a bug in binutils 2.37 [1].
Later when binutils 2.36 has been removed the binutils version has
been updated to 2.38 (even though it was already the default version
selected by Buildroot at that time) [2].
Since then, several binutils release has been added and the binutils
version 2.38 has been removed recently [3].
Since the initial bug is gone with the removal of binutils 2.37,
we can safely remove the binutils version from qemu_ppc64 defconfigs.
[1] 1e2fe860f3
[2] e461c9adc8
[3] 1391c99d62
Fixes:
https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/4798047373
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Cédric Le Goater <clg@kaod.org>
Cc: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is no such thing as a BR2_TARGET_GENERIC_TTY_PATH variable. The
comment here should mention BR2_TARGET_GENERIC_GETTY_PORT instead.
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go1.20.7 (released 2023-08-01) includes a security fix to the crypto/tls
package, as well as bug fixes to the assembler and the compiler.
Fixes CVE-2023-29409: restrict RSA keys in certificates to <= 8192 bits
Extremely large RSA keys in certificate chains can cause a client/server to
expend significant CPU time verifying signatures. Limit this by restricting the
size of RSA keys transmitted during handshakes to <= 8192 bits.
Based on a survey of publicly trusted RSA keys, there are currently only three
certificates in circulation with keys larger than this, and all three appear to
be test certificates that are not actively deployed. It is possible there are
larger keys in use in private PKIs, but we target the web PKI, so causing
breakage here in the interests of increasing the default safety of users of
crypto/tls seems reasonable.
https://go.dev/doc/devel/release#go1.20.7
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since its introduction in 7d8a59b40, the BR2_x86_geode CPU target has
pointed to GCC -march=geode which targets AMD Geode processors [0].
This arch tuning enables MMX and 3DNow! extensions in GCC but these are
not currently reflected in the selected flags by BR2_x86_geode.
This is likely due to the confusing naming and history of "Geode".
The AMD Geode can trace its origins back to the Cyrix MediaGXm [1] and
then to the NSC Geode GXm/GXLV/GX1/GX2 [2]. All of these processors have
MMX instruction support listed in their datasheets. The NSC GX2 was the
first in the series to enable 3DNow!.
When 7fed07d3a4 introduced BR2_X86_CPU_HAS_MMX, Geode was skipped
presumably because it wasn't clear that the target is AMD Geode and
because the Wikipedia documentation for Geode is incomplete [2] with
regards to supported instructions as they all support MMX.
When f6cd56b9ce introduced BR2_X86_CPU_HAS_3DNOW, Geode was skipped
presumably for similar reasons.
Note: the in-tree olpc_xo1_defconfig uses BR2_x86_geode which is fine
as this hardware uses the AMD Geode [3].
Make it more clear that the target is AMD Geode by renaming the Kconfig
menu option and add both MMX and 3DNow! flags to BR2_x86_geode.
This also means that BR2_x86_geode_mmx is no longer needed, and can be
removed. No legacy handling is needed since BR2_x86_geode_mmx has
never been part of any release.
[0]: https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/config/i386/geode.md;;hb=HEAD
[1]: https://en.wikipedia.org/wiki/MediaGX#MediaGXm
[2]: https://en.wikipedia.org/wiki/Geode_%28processor%29
[3]: https://wiki.laptop.org/go/Hardware_specification
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that 2.41.x has been added, that 2.40.x is the default version,
drop support for 2.38.x.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that 2.41 has been released, let's use 2.40.x as the default
binutils version.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Release notes:
https://sourceware.org/pipermail/binutils/2023-July/128719.html
Copied patches from version 2.40.
Build-tested using these four defconfigs:
----------
BR2_arceb=y
----------
BR2_BINUTILS_VERSION_2_39_X=y
----------
(empty defconfig meaning binutils-2.40)
----------
BR2_BINUTILS_VERSION_2_41_X=y
----------
each using these commands:
$ make host-libiberty
$ make host-binutils
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
composer describes itself as a dependency manager for PHP, it is used
by projects such as CakePHP.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Having a working PHP with the correct version, is mandatory for
executing some PHP tools, such as composer, when building packages.
Signed-off-by: Nicolas Carrier <carrier.nicolas0@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mhz is a tool to mathematically calculate the real running CPU frequency
and as such has proved as invaluable tool for developing CPUFreq and
similar features in the kernel.
Its source finally got a license recently so it can be packaged.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit [1], the testsuite build is unconditionally disabled
although we have the option BR2_PACKAGE_XENOMAI_TESTSUITE to
install Xenomai testsuite on the target.
Handle --disable-testsuite option with BR2_PACKAGE_XENOMAI_TESTSUITE.
[1] 74196b7d05
Signed-off-by: Pierre Ficheux <pierre.ficheux@smile.fr>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add purge loacle data support (inspired by BR2_ENABLE_LOCALE_PURGE
handling in Makefile) to reduce target space allocation by the
python-babel package, e.g. from 32MB to 24K for
target/usr/lib/python3.11/site-packages/babel/locale-data with
BR2_ENABLE_LOCALE_WHITELIST="C en_US de_DE".
The special en_US_POSIX locale data is kept as it is used by default
by the python-babel code:
https://github.com/python-babel/babel/blob/0ce196fccc024b1a65453ba6519954ada1dab6cb/babel/core.py#L1076
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds esp-hosted package that allows to build the Linux
Kernel Driver for Espressif Esp32-* SoCs, that once programmed with
the corresponding firmware behave like a normal Wi-Fi module. Both
SDIO and SPI busses are supported and selectable.
Cc: Jesse Taube <jesse.taube@benettiengineering.com>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Provides the `swaybg` utility, which is commonly used with `sway` to
manage background images/color configuration for the compositor.
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Patch 0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch
should have been deleted as part of Buildroot commit
08792a60df ("package/sysdig: bump to
version 0.29.3"). Indeed, this patch was merged upstream as commit
114436c1a45142ef73acfc2607fbc6572782160f between 0.29.2 and 0.29.3.
This fixes the following build failure:
Applying 0001-cmake-Check-USE_BUNDLED_DEPS-before-getting-nlohmann.patch using patch:
patching file cmake/modules/nlohmann-json.cmake
Reversed (or previously applied) patch detected! Skipping patch.
1 out of 1 hunk ignored -- saving rejects to file cmake/modules/nlohmann-json.cmake.rej
There are no autobuilder failures, probably because getting to build
sysdig requires so many special conditions that it never triggered.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9079079092 (utils/docker-run: fix support for git-worktrees)
got last-minute changes when it was applied, and the case when the
current working directory is not the top of the current working copy
got broken.
Fix that by duplicating (and thus reinstating) the 'cd MAIN_DIR' to
match what is done when retrieving the git-common-dir.
Fixes: 9079079092
Reported-by: Brandon Maier <Brandon.Maier@collins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
From https://marlam.de/msmtp/news/:
"""
msmtp 1.8.24 is released
2023-06-29
This release fixes the allow_from_override command, adds the
from_full_name command, fixes a few minor bugs and updates the
translations (thanks again to everyone at translationproject.org).
msmtp 1.8.23 is released
2023-01-30
This release fixes XOAUTH2 authentication with some servers, updates
the msmtpq scripts, and updates the translations (including a new
Swedish translation).
"""
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The cmocka package checks if a toolchain supports the
-fstack-clash-protection compiler flag, and if it does automatically
uses it. That flag is not supported by GCC for Thumb1 builds (at least
as of both GCC 11 and GCC 12). Let's tell cmocka about this by passing
-DWITH_STACK_CLASH_PROTECTION=OFF in this configuration, as suggested
by Arnout Vandecappelle.
Fixes:
http://autobuild.buildroot.net/results/4044b3a71d3130d934c7a7c0c5badfabb2a97030/
Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
[Thomas: change the initial patch from Joel to use the suggestion from
Arnout]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add swugenerator as host utility to generate images for swupdate with
all the possible options available like encryption, passkey etc.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Current versions of sam-ba are 64bit only.
objdump -p $(HOST_DIR)/bin/sam-ba
$(HOST_DIR)/bin/sam-ba: file format elf64-x86-64
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This library provides an API suitable for the decode of
ARM(r) CoreSight(tm) trace streams.
OpenCSD is for example an optional dependency in the Linux
"perf" tool, starting from kernel version 5.1.
https://github.com/Linaro/OpenCSD
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the libiberty package is not the same version as the one packaged
with binutils AND if libiberty is installed before binutils, then the
below error is observed. Hence for now let us keep the versions in sync.
/usr/bin/ld: ../libiberty/libiberty.a(hashtab.o):(.data.rel.local+0x0)
: multiple definition of `htab_eq_pointer'
Fixes:
http://autobuild.buildroot.net/results/f07/f077ec588b395102ad501a18c85d5030c0765031/
Build-tested using these four defconfigs:
----------
BR2_arceb=y
----------
BR2_BINUTILS_VERSION_2_38_X=y
----------
(empty defconfig meaning binutils-2.39)
----------
BR2_BINUTILS_VERSION_2_40_X=y
----------
each using these commands:
$ make host-libiberty
$ make host-binutils
Signed-off-by: Akshay Bhat <nodeax@gmail.com>
[Bernd: bump to version 2.40, replace hash file with link to binutils]
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Similar to dnsmasq, mrouted saves state data across reboots in the
/var/lib/misc/ directory. In the case of mrouted it is the unique
generation id (used by neighboring mrouted routers to identify any
router restarting). This file is generated on first boot.
Workaround only needed for systemd builds, the sysv skeleton already
has the /var/lib/misc/ directory.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream ChangeLog:
- Ignore IGMP proxy querys (src ip: 0.0.0.0), they must never win a
querier election
- Fix compat read location and new location for mrouted.genid
- Fix "non-decreasing" generation id, must increment on each restart
- Add support for configurable IGMP query response interval
- Add support for configurable IGMP querier timeout
- New 'join-group <group>' phyint option for cases where an IGMP
snooping switch blocks flooding of multicast to the port where
mrouted is connected
- On startup and reconf, log why we skip disabled interfaces
- Change to always log when assuming the IGMP querier role
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Similar to dnsmasq, ssdp-responder saves state data across reboots in
the /var/lib/misc/ directory. In the case of ssdp-responder it is the
(per-device unique) UUID that is generated on first boot.
Workaround only needed for systemd builds, the sysv skeleton already has
the /var/lib/misc/ directory.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream ChangeLog, summary:
- Add support for JSON output with 'ssdpd-scan -j'
- Dump received data from devices in 'ssdp-scan -l debug'
- Termios support for disabling '^C' output from 'ssdp-scan'
- Update copyright years, LICENSE file hash change
- Source '/etc/default/ssdpd' from systemd unit file
- Add fallback if '/var/lib/misc' is missing on system
- Fix truncated UUID when reading from cache file
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch to enable build without c++.
Add configure option to fix subsequent configure error due to patched
source file during git version check:
CMake Error at cmake/GitVersion.cmake:118 (message):
Unable to find current project version !
Call Stack (most recent call first):
CMakeLists.txt:100 (GetGitVersion)
Fixes:
http://autobuild.buildroot.net/results/2f8/2f819871a89cb2a2df239b1f879c1babcdd022fc/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
objtool built by the kernel requires libelf
ldd TestSELinuxSystemdExt4/build/linux-6.1.26/tools/objtool/objtool
linux-vdso.so.1
libelf.so.1 => TestSELinuxSystemdExt4/host/lib/libelf.so.1
While updating the kernel used in TestSELinuxSystemd [1] we
forgot to select BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF to provide
Buildroot's host-libelf. Using host-libelf avoid linking with
libelf installed on the host or failing to build objtool if
libelf is not installed.
[1] 60b84fb7ce
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4725186370 (TestSELinuxSystemdSquashfs)
https://gitlab.com/buildroot.org/buildroot/-/jobs/4725186368 (TestSELinuxSystemdExt4)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The bind package exhibits gcc bug 101737 when built for the SH4
architecture with optimization enabled, which causes a build failure.
As done for other packages in Buildroot work around this gcc bug by
setting optimization to -O0 if BR2_TOOLCHAIN_HAS_GCC_BUG_101737=y.
To achieve this we need to correct the override of CFLAGS by using:
BIND_CONF_OPTS += CFLAGS="$(BIND_CFLAGS)"
instead of:
BIND_CONF_ENV = BUILD_CFLAGS"$(BIND_CFLAGS)"
since the latter doesn't work as expected and doesn't override CFLAGS.
Fixes:
http://autobuild.buildroot.net/results/e7b/e7b9a4cbee8bb16431609182b96d1ac1ccec10e7/
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The rtl8821cu repository comes with a 8821cu.conf file intended to be installed
in /etc/modprobe.d - the configuration file enables some driver features.
Install the /etc/modprobe.d/8821cu.conf file to the target.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The docker-run script attempts to support git-new-workdirs and
git-worktrees by resolving the symlink at '$GIT_DIR/config' to get the
true $GIT_DIR. However this does not work for git-worktrees as they do
not use symlinks, instead they change the $GIT_DIR into a regular file
that contains the path to the real $GIT_DIR. To complicate things
further, we actually want the $GIT_COMMON_DIR which is the superset of a
worktree's $GIT_DIR.
git-rev-parse supports the '--git-common-dir' which will resolve the
$GIT_COMMON_DIR for us. However it does not work for git-new-workdirs,
so we still need to detect and handle them.
'--git-common-dir' also appeared only with git 2.10.0, released in 2016,
so it will not be available in older "enterprise-grade" distributions.
In that case, 'git rev-parse --git-common-dir' would return the option
flag '--git-common-dir' as-is, which is incorrect. So, we instruct it to
never return flags.
'--git-common-dir' also returns just '.git' for the main working copy,
but 'docker run' want an absolute path, so we canonicalise it.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
[yann.morin.1998@free.fr:
- support git versions before --git-common-dir was introduced
- don't mount GIT_DIR if unknown (i.e. not needed)
- fix expanding MAIN_DIR
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since commit 247ef2a fio has optional libiscsi engine support
This patch enables fio iscsi support if BR2_PACKAGE_LIBISCSI
was selected, which also requires pkg-config as it is used by the
configure script to detect libiscsi.
There is no --disable-libscsi option in the configure script: if
--enable-libiscsi is not passed, it doesn't even try to detect/use
libiscsi.
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog 1.09 -> 1.10:
ef1034d Tag version 1.10
c596390 Controlling TTY code fix.
32b7553 Help message problems
c89cee9 Convert repository from SVN to git
934f87f Sig unsafe functions in signal handler
ed856e6 Better "-e" handling.
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also apply system.conf and session.conf updates to dbus-broker.
License file is changed due to:
-D-Bus is licensed to you under your choice of the Academic Free
+dbus is licensed to you under your choice of the Academic Free
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add aarch64 to BR2_PACKAGE_MONO_ARCH_SUPPORTS to allow building for
aarch64 targets.
Compiles successfully and runs on the actual target (imx8mp based
board)
Signed-off-by: Stefan Mayrhofer <stefan@familie-mayrhofer.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
mbpoll is a tool that can be used to test communication
with modbus slave devices
Signed-off-by: Jon Ringle <jringle@gridpoint.com>
[Thomas:
- add MBPOLL_LICENSE, MBPOLL_LICENSE_FILES
- add host-pkgconf to dependencies
- improve Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some barebox targets need to build host tools (for example rockchip64
uses scripts/rkimage) that require some host libraries, such as
host-openssl or host-libusb. These are detected by the Barebox build
system using pkg-config.
In order to allow supporting such Barebox configurations, we add two
new options: BR2_TARGET_BAREBOX_NEEDS_OPENSSL and
BR2_TARGET_BAREBOX_NEEDS_LIBUSB that respectively allow to ensure that
host-openssl and/or host-libusb are built before Barebox.
Additionally, $(1)_MAKE_ENV is adjusted to ensure that when pkg-config
is run by the Barebox build system, it finds host libraries. This is
similar to what is done in U-Boot.
This allows to fix the following build failure:
HOSTCC scripts/rkimage
Package openssl was not found in the pkg-config search path.
Perhaps you should add the directory containing `openssl.pc'
to the PKG_CONFIG_PATH environment variable
Package 'openssl', required by 'virtual:world', not found
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: /tmp/ccN8Xyaj.o: in function `main':
rkimage.c:(.text.startup+0x218): undefined reference to `SHA256_Init'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x22b): undefined reference to `SHA256_Update'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x23e): undefined reference to `SHA256_Final'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x253): undefined reference to `SHA256_Init'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x265): undefined reference to `SHA256_Update'
/usr/lib/gcc/x86_64-pc-linux-gnu/12/../../../../x86_64-pc-linux-gnu/bin/ld: rkimage.c:(.text.startup+0x275): undefined reference to `SHA256_Final'
collect2: error: ld returned 1 exit status
make[2]: *** [scripts/Makefile.host:107: scripts/rkimage] Error 1
make[1]: *** [Makefile:976: scripts] Error 2
Signed-off-by: Alexander Shiyan <eagle.alexander923@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gcc 13.2 is around, gcc 12.3 is the default version, so drop
10.4 in order to reduce the gcc choice.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since gcc 11 [1] the sparc architecture is disabled since
it produce a non working image. Buildroot now provide gcc
13.x, 12.x and 11.x and we are going to remove gcc 10
that was the last working release (thanks to a local patch).
We have to disable the internal toolchain backend for sparc
before removing gcc 10. While at it, remove !BR2_sparc
dependency for gcc 11.x, 12.x and 13.x.
[1] 2ab88dac29
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since gcc 11 [1] the sparc architecture is disabled since
it produce a non working image. Buildroot now provide gcc
13.x, 12.x and 11.x and we are going to remove gcc 10
that was the last working release (thanks to a local patch).
First remove qemu_sparc_ss10_defconfig since it will no longer
be possible to build it with the internal toolchain backend.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even if gcc 11 is still maintained for some time, switch to gcc 12.x
since it has been released since 2022-05-06 and gcc 13.x is available
since 2023-04-26.
We have been having toolchains in the autobuilders with gcc
12.x for a while, so the vast majority of the problems should have
already been solved.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order to add gcc 13 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_13 symbol.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Building kodi with cmake version 3.22.3 provided by buildroot is broken
-- Found Python3: /home/buildroot/br6/output/per-package/kodi/host/x86_
64-buildroot-linux-gnu/sysroot/usr/include/python3.11 (found suitable
exact version "3.11.4") found components: Development Development.
Module Development.Embed
-- Could NOT find Python3 (missing: Interpreter) (Required is exact
version "3.11")
Reason given by package:
Interpreter: Cannot run the interpreter "/home/buildroot/br6/
output/per-package/kodi/host/x86_64-buildroot-linux-gnu/sysroot/
usr/bin/python3"
CMake Error at cmake/scripts/common/Macros.cmake:432 (message):
PYTHON enabled but not found
Call Stack (most recent call first):
CMakeLists.txt:214 (core_optional_dep)
using this defconfig
BR2_x86_64=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
BR2_FORCE_HOST_BUILD=y
BR2_PER_PACKAGE_DIRECTORIES=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_IRIS=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
BR2_PACKAGE_HOST_CMAKE=y
due to "BR2_FORCE_HOST_BUILD=y".
The cmake version provided by my distro is 3.25.1 which works fine.
Adding "CMAKE_FIND_DEBUG_MODE TRUE" to the "find_package(Python3 [...]"
call in Kodi's cmake/modules/FindPython.cmake and comparing the logfile
of both cmake versions shows that 3.25.1 adds
CMAKE_FIND_USE_INSTALL_PREFIX: 1
while searching for python3.
This option was introduced in cmake 3.24:
https://cmake.org/cmake/help/latest/variable/CMAKE_FIND_USE_INSTALL_PREFIX.html
After introducing this fix it turns out that
0002-cmake-modules-fix-python-detection.patch is not needed anymore so
we remove this patch.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If systemd is used we should enable support in mariadb and enable
"Type=notify" in the mysqld.service unit file
"Type=notify" stops systemd from starting services which depend on mariadb
until it has notified systemd that it has finished starting up, this helps
avoid startup race conditions
Signed-off-by: Danny Wood <danny@rotronics.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure:
/tmp/ccqcLrVb.s:4053: Error: selected processor does not support `umlal r2,r1,r0,r3' in Thumb mode
/tmp/ccqcLrVb.s:4076: Error: selected processor does not support `umlal r0,r3,r1,r2' in Thumb mode
/tmp/ccqcLrVb.s:8644: Error: selected processor does not support `umlal r0,r3,r2,r4' in Thumb mode
Fixes:
http://autobuild.buildroot.net/results/1d09a0a58cbc1712416de746d57d4532df580673/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bug fixes & enhancements.
One major bug fix included in this release: The Go client now avoids using UNIX
socket paths in the HTTP Host: header, in order to be compatible with changes
introduced in go1.20.6.
Previously docker commands would fail with "invalid Host header."
https://github.com/moby/moby/releases/tag/v24.0.5
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we updated weston to version 12.0.1 the only supported launcher
was the libseat based launcher.
For this launcher to function correctly when used with weston we also
need to enable the seatd daemon.
Fixes:
[libseat/backend/logind.c:660] Could not get primary session for user: No data available
[libseat/libseat.c:76] Backend 'logind' failed to open seat, skipping
[libseat/libseat.c:79] No backend was able to open a seat
libseat: could not open seat
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop patch which is now upstream.
Drop no longer supported weston-launch/launcher-logind.
Drop no longer supported color-management-colord config option.
Remove duplicate backend-headless config option.
Add new libgbm requirement for renderer-gl.
Add new freerdp server requirement for backend-rdp.
Add support for new screenshare feature.
Add support for new rdp as backend default feature.
Add support for new pipewire backend feature.
Always enable libseat launcher.
Disable new unsupported vnc backend.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For change log since 20220331, see:
- https://github.com/acpica/acpica/blob/R06_28_23/documents/changes.txt
This commit also drop the patch removing -Werror in CFLAGS, as an
alternative is now available upstream, merged in [1]. This commit is
included in release 20221020. The build commands are updated
accordingly to set the new NOWERROR=TRUE option to achieve the same
behavior.
With the patch removal, .checkpackageignore is also updated
accordingly.
Upstream commit [2] also introduced a use of wcslen() and <wchar.h>.
This commit was first included in tag R10_20_22 (version 20221020).
Therefore, this new version need wchar. The new depedency is added.
The _SOURCE file is also changed from acpica-unix2 to acpica-unix,
as the current acpica download page at [3] shows:
"""
Note: The unix2 source package is deprecated since the dual license is
now included in all source modules (along with the Intel
license). This package will be removed from future ACPICA releases.
"""
The _SITE url is also updated to the new download link, since the
acpica website now redirects to Intel:
curl -si https://www.acpica.org | grep Location:
Location: https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/overview.html
The license file hash is also updated, due to the copyright year
update. It is also worth mentioning that the files in the new archive
have three alternative licenses in their headers: Intel, BSD-3-Clause
and GPL-2.0.
Finally, since a SHA1 hash is published on the download page, it is
added to the hash file.
This version bump is motivated by the introduction of RISC-V related
definitions.
[1] https://github.com/acpica/acpica/commit/3fd0f940408fc01a2c52c5be5f2beb0218a3d907
[2] https://github.com/acpica/acpica/commit/cd6a30897593f6052abf0b9a791671dcf07b9596
[3] https://www.intel.com/content/www/us/en/developer/topic-technology/open/acpica/download.html
Cc: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds the defconfig file needed to build u-boot, kernel
and rootfs for the Rock 5B. In addition it adds a kernel config
fragment file, which activates the needed ethernet driver support.
It also adds a readme and post image scripts, needed to generate an
sdcard.img file, which can be flashed on an SD card to boot the
Radxa Rock 5B.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- drop custom version
- fix shellcheck in post-image script
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently for some Rockchip SoCs binary blobs are needed, e.g., for
the RK3588 bl31 and tpl. These blobs are provided by Rockchip. This
patch adds U-Boot package options to use theses binaries, provided
by the rockchip-rkbin package, which is also introduced in this
patch series. The U-Boot package is modified so that it takes the
chosen binaries and automatically uses them during build.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- use already-qstripped variables from rockchip-rkbin
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch adds a package for the Rockchip ATF binary blobs. These
binaries are needed to build U-Boot for some Rockchip SoCs (e.g.,
RK3588).
As there as so many binary blobs, for each suported SoCs, it is not
practical to introduce a choice, so one must manually define which
blobs (for bl31, tpl and optee) to use from the repository, that
match their actual board.
Signed-off-by: Kilian Zinnecker <kilian.zinnecker@mail.de>
[yann.morin.1998@free.fr:
- drop custom version
- simplify copying blobs
- slightly tweak help texts
- add hash for license file
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The u-boot.stm32 image is now created by binman tool, so the
BR2_TARGET_UBOOT_BUILD_FORMAT_STM32_LEGACY configuration needs to be
disabled, but pylibfdt is now needed.
Tested on stm32mp157f_dk2.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As reported in commit [1] of the U-Boot project, the config.mk file has
been suppressed in order to use binman to manage FIT
generation. Therefore, the "u-boot.stm32" make target should no longer
be used with recent versions of U-Boot.
The configuration option added by this comit allows the creation of
the u-boot.stm32 image for both recent versions of U-Boot, which use
binman, and older versions.
Legacy handling would have suggested that this new option should
"default y" to preserve existing behavior, but as moving forward all
U-Boot new versions will no longer need this u-boot.stm32 target, it
probably makes sense here to not comply with this backward
compatibility rule, as an exception.
[1] 5564b4cd4d5c69 ("stm32mp: add binman support for STM32MP15x")
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Tested-by: David Reaver <me@davidreaver.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
check_fortran will display an error message if there is no Fortran
compiler in the toolchain. In the past, running into this error message
would be unlikely, since the Fortran test was only execuded when
BR2_TOOLCHAIN_HAS_FORTRAN was set.
However, since commit c7f641cbaa (toolchain/toolchain-external: always
call checks with dependencies), the Fortran check is unconditional. The
error itself benign, and the macro will handle the situation correctly,
since that is what it is designed to do. However, the error message
looks ugly and can be confusing.
[...]
>>> toolchain-external-custom Extracting
>>> toolchain-external-custom Patching
>>> toolchain-external-custom Configuring
/bin/bash: line 1: .../bin/aarch64-linux-gfortran: No such file or directory
>>> toolchain-external-custom Building
... everything continues normally ...
Let's suppress the error message, since triggerig the error is an
integral part of how the test works and doesn't mean that anything is
wrong.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Without this patch openssl adds -latomic twice to Libs.private in
libcrypto.pc:
cat output/per-package/opensc/host/arceb-buildroot-linux-uclibc/sysroot/usr/lib/pkgconfig/libcrypto.pc | grep atomic
Libs.private: -ldl -pthread -latomic -latomic
Instead of passing -latomic to Configure we use the target arch
"linux-latomic" which is provided by upstream since version 3.0.0
especially for libatomic handling:
https://github.com/openssl/openssl/commit/535130c39d33df41b6a7d14302a93ffaa10ebc46https://github.com/openssl/openssl/commit/cdf2986a70d92668d882eb29737225f1aaafd0f1
To be noted: the build still fails for both bootlin-armv7m-uclibc and
bootlin-m68k-5208-uclibc, but this is not a regression due to this
patch, and is tracked as #15709.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel 6.3 has split the C22 and C45 MDIO support and mdio-tools needed to
be adapted to that.
So, now that new release with support for kernel 6.3 and later is available
lets update to it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The symbol for Aarch64 big-endian, as added by 9b19030f3f
(package/fluent-bit: rework wasm handling), is misspelled.
Fixes: 9b19030f3f
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot commit c02707a342 added two
upstream patches with the same number, renumber the younger patch.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fluent-bit isn't very great at supporting the various architectures,
so help a little bit by defining the WAMR_BUILD_TARGET ourselves.
Two failures for MIPS while executing ./utils/test-pkg:
- sourcery-mips64:
core/iwasm/common/arch/invokeNative_mips.s: Assembler messages:
core/iwasm/common/arch/invokeNative_mips.s:58: Error: opcode not supported on this processor: mips64r2 (mips64r2) `ldc1 $f12,0($sp)'
core/iwasm/common/arch/invokeNative_mips.s:59: Error: opcode not supported on this processor: mips64r2 (mips64r2) `ldc1 $f14,8($sp)'
make[4]: *** [src/wasm/CMakeFiles/vmlib-static.dir/build.make:495: src/wasm/CMakeFiles/vmlib-static.dir/__/__/lib/wasm-micro-runtime-WAMR-1.1.1/core/iwasm/common/arch/invokeNative_mips.s.o] Error 1
make[4]: *** Waiting for unfinished jobs....
- sourcery-mips:
core/iwasm/common/arch/invokeNative_mips.s: Assembler messages:
core/iwasm/common/arch/invokeNative_mips.s:58: Error: opcode not supported on this processor: mips32r2 (mips32r2) `ldc1 $f12,0($sp)'
core/iwasm/common/arch/invokeNative_mips.s:59: Error: opcode not supported on this processor: mips32r2 (mips32r2) `ldc1 $f14,8($sp)'
make[4]: *** [src/wasm/CMakeFiles/vmlib-static.dir/build.make:495: src/wasm/CMakeFiles/vmlib-static.dir/__/__/lib/wasm-micro-runtime-WAMR-1.1.1/core/iwasm/common/arch/invokeNative_mips.s.o] Error 1
make[4]: *** Waiting for unfinished jobs....
Which are fixed by setting the obscure flag "WAMR_BUILD_INVOKE_NATIVE_GENERAL".
See https://github.com/bytecodealliance/wasm-micro-runtime/issues/625 for more info:
“Hi, building the invokeNative_general.c explicitly is supported now, please pull the latest code and use
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building a fip firmware (BR2_TARGET_ARM_TRUSTED_FIRMWARE_FIP=y), the
TF-A build recipe starts by building the host program fiptool with the
proper build environment variables. Then the main TF-A target firmware
build step takes place, with the expectation that the fiptool program will
be used under the hood if necessary.
In TF-A, the build recipe for the host program fiptool has subtly changed
after v2.7, in commit cf2dd17ddda2 ("refactor(security): add OpenSSL 1.x
compatibility"). This change has the effect to force re-linking fiptool
each time.
If we try to build with Buildroot a fip firmware with a TF-A version after
v2.7 comprising the aforementioned change, the fiptool program is forcibly
re-linked during the main firmware build step. This happens without the
proper build environment variables and consequently, if openssl is not
installed on the host, the libcrypto shared library will not be found by
the linker and the link will fail with the following error:
/usr/bin/ld: cannot find -lcrypto: No such file or directory
A patch has been integrated into TF-A to avoid re-linking fiptool when not
necessary, which should solve the problem starting with version v2.10. Add
that patch in Buildroot for versions v2.8 and v2.9, to repair the build in
the cases described above.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4664845767
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
[yann.morin.1998@free.fr:
- don't use symlink in v2.9, just copy patch
- fix numbering in v2.8 which now has two patches
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When EDK2 OVMF is built with debug, messages are printed to
IO port 0x402. Those messages are not shown in the normal
Qemu emulated serial port. Enabling this option will print
debug messages on the emulated serial port, potentially
mixing messages with UEFI serial console output.
See OVMF README:
https://github.com/tianocore/edk2/blob/master/OvmfPkg/README
This option has been useful to debug problems such as [1], in which the
emulator was hanging at startup without any log. Enabling this option
show the debug message on the console, before hanging:
...
PlatformCpuCountBugCheck: Present=0 Possible=1
PlatformCpuCountBugCheck: Broken CPU hotplug register block found. Update QEMU to version 8+, or
PlatformCpuCountBugCheck: to a stable release with commit dab30fbef389 backported. Refer to
PlatformCpuCountBugCheck: <https://bugzilla.tianocore.org/show_bug.cgi?id=4250>.
...
[1] http://lists.busybox.net/pipermail/buildroot/2023-July/670807.html
Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, there is no MMX support for modern GEODE processors in Buildroot.
Yet, some packages like ffmpeg can leverage it when the package is built.
Signed-off-by: Cherniaev Andrei <dungeonlords789@naver.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The test_pixz.py test was initially written as a standalone test.
The commit cf132a13
"support/testing/tests/package/test_compressor_base.py: new helper class"
introduced a helper class for testing data compression programs.
This commit rewrites this test to use this helper class.
The test coverage is mostly the same as before the rewrite. Notable
differences are:
- the test file is slightly smaller for faster testing,
- its content layout also slightly different.
Cc: Vincent Stehlé <vincent.stehle@laposte.net>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commits adds support for building a RISC-V toolchain with the
vector extension, available since gcc 12.
Signed-off-by: Tianrui Wei <tianrui@tianruiwei.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fluent-bit is written in pure c, so drop any cxx handling. Only the wasm
part needs c++, but that one doesn't need the fixes which are now dropped.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Luajit was not used at all when it was selected, instead fluent-bit
recompiled it without taking care of the complexities that were
handled in the luajit package. Fix this by linking dynamically to the
buildroot provided version.
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Call these unconditionally to make sure proper support is flagged so
proper dependencies are included in the resultant filesystem.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Previously, it was possible for external toolchains to be used that had
support for languages or libraries that Buildroot was not aware of.
If Buildroot is not made aware of this support, it will not know to copy
the requisite libraries into the filesystem.
This is problematic as packages may perform their own checks [0] to find
out what the toolchain supports and builds will link against libraries
from the toolchain but will be missing dependencies in the filesystem.
Now, the support helpers alert the user when a toolchain supports a
language or library that has not been set in the Buildroot configuration.
Also, while we're here, add `-ffree-form` to the Fortran check to
suppress a meaningless warning.
[0]: https://bugs.busybox.net/show_bug.cgi?id=15634
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The fragments provided by toolchains.bootlin.com were incorrectly
flagging toolchains as not having OpenMP support while they had it
[0]. This has been fixed in toolchains.bootlin.com, so a run of
gen-bootlin-toolchains has allowed to adjust the toolchain definitions
in Buildroot, leading to this commit.
OpenMP support needs to be flagged so the proper libraries get copied
into the resultant filesystem to avoid missing dependencies [1].
[0]: https://github.com/bootlin/toolchains-builder/issues/60
[1]: https://bugs.busybox.net/show_bug.cgi?id=15634
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
check-package is verifying the alphabetic ordering of package names,
not directory, so package/llvm-project/clang/Config.in should be
sorted as "clang" and not "llvm-project".
Fixes:
package/Config.in:2130: Packages in: menu "Other",
are not alphabetically ordered;
correct order: '-', '_', digits, capitals, lowercase;
first incorrect package: clang
In:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4718833134
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since upstream Linux commit 6898e60f709b0047206110d3ec9f4612210e3ff7
("perf build: If libtraceevent isn't present error the build") present
in Linux 6.4 and newer, Linux will fail to build if libtraceevent is not
present. Since we do not currently have support for libtracevent in
buildroot, pass NO_LIBTRACEVENT=1 to get perf to build again.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, module libraries have a suffix based on cpython version + host
architecture: this is fine for a native compile when these libraries are used on
the same computer (or similar computers). But when target architecture is not
the same python is unable to find libraries due to the wrong suffix and produces
unclear errors messages:
# python3
Python 3.11.3 (main, Jun 19 2023, 14:15:44) [GCC 11.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from gnuradio import blocks
Traceback (most recent call last):
File "/home/xxx/buildroot/output/build/gnuradio-3.10.4.0/gr-blocks/python/blocks/__init__.py", line 18, in <module>
ModuleNotFoundError: No module named 'gnuradio.blocks.blocks_python'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/home/xxx/buildroot/output/build/gnuradio-3.10.4.0/gr-blocks/python/blocks/__init__.py", line 22, in <module>
ModuleNotFoundError: No module named 'gnuradio.blocks.blocks_python'
>>>
By adding _PYTHON_SYSCONFIGDATA_NAME="$(PKG_PYTHON_SYSCONFIGDATA_NAME)" at configure time, sysconfig will
return correct informations (target architecture) instead of host architecture.
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adjust comments in the Go package to improve clarity:
Config.in.host:
- Add comment mentioning list of supported architectures.
go.mk:
- Reword comment re: copying src/ to host/
- the previously linked issue is not relevant.
- instead: mention that src/ is needed for stdlib.
- Adjust comment re: adjusting file timestamps.
- mention this is needed to avoid rebuilding stdlib
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed unneeded patches and replace them with an upstream commit.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 6.3.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Following the bump of LLVM in commit
d8291fde5e ("package/llvm-project: bump
to version 15.0.3"), gcc >= 7.x is needed, so update the dependency of
BR2_PACKAGE_QT5TOOLS_QDOC_TOOL accordingly.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Add new build dependencies to lld and llvm
- Add host-gcc and gcc >= 7.x dependency since clang doesn't build with gcc 6.3
[ 28%] Building CXX object utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/TableGen.cpp.o
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp: In instantiation of ‘{anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)> [with auto:2 = const llvm::SmallVector<clang::RISCV::PrototypeDescriptor>]’:
/usr/include/c++/6/bits/stl_algo.h:3769:5: required from ‘_Funct std::for_each(_IIter, _IIter, _Funct) [with _IIter = std::_Rb_tree_const_iterator<llvm::SmallVector<clang::RISCV::PrototypeDescriptor> >; _Funct = {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)>]’
output/host/include/llvm/ADT/STLExtras.h:1611:23: required from ‘UnaryFunction llvm::for_each(R&&, UnaryFunction) [with R = std::set<llvm::SmallVector<clang::RISCV::PrototypeDescriptor>, {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::Compare>&; UnaryFunction = {anonymous}::SemaSignatureTable::init(llvm::ArrayRef<{anonymous}::SemaRecord>)::<lambda(auto:2&)>]’
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp:249:64: required from here
output/build/host-clang-15.0.3/utils/TableGen/RISCVVEmitter.cpp:249:50: error: cannot call member function ‘void {anonymous}::SemaSignatureTable::insert(llvm::ArrayRef<clang::RISCV::PrototypeDescriptor>)’ without object
llvm::for_each(Signatures, [this](auto &Sig) { insert(Sig); });
^~~~~~
utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/build.make:313: recipe for target 'utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/RISCVVEmitter.cpp.o' failed
make[4]: *** [utils/TableGen/CMakeFiles/obj.clang-tblgen.dir/RISCVVEmitter.cpp.o] Error 1
Indeed LLVM_TEMPORARILY_ALLOW_OLD_TOOLCHAIN is OFF, the CheckCompilerVersion.cmake
trigger an error if gcc < 7.x. Indded since llvm 15 this option check for C++17 [1]
The last gcc 7.x version (7.5) has been released in 2019.
Fixing llvm/clang issues for old compiler maybe it's not worth it.
- Remove LLVM_TEMPORARILY_ALLOW_OLD_TOOLCHAIN since
gcc >= 7 is mendatory.
When updating LLVM, we also need to update the version of
SPIRV_LLVM_TRANSLATOR because its CMakeLists.txt verifies the LLVM
base version [2].
The patch
package/llvm/0002-Add-missing-cstdint-header-to-Signals.h.patch has
been included in tag llvmorg-15.0.0 of llvm-project.
[1] https://github.com/llvm/llvm-project/commit/4c72deb613d9d8838785b431facb3eb480fb2f51
[2] https://github.com/KhronosGroup/SPIRV-LLVM-Translator/blob/5be08b8bb91fc6ca62857792c177bc7479e5e3db/CMakeLists.txt#LL82C6-L82C6
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To make version bumping easier, move libclc to a new llvm-project subfolder
and specify site for the project. Since the version of libclc is more
recent than the version specified in LLVM_PROJECT_VERSION, don't change
it for now until a later update.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Tested-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
"stages" is curently not defined in the .gitlab-ci.yml file,
so the default pipeline stages are:
.pre
build
test
deploy
.post
Since any jobs specify a stage, all jobs are assigned the "test"
stage [1]. All other stages defined by default are not used in the
gitlab-ci pipeline, they remain hidden.
In order to introduce a new custom stage, add the "test" stage
explicitely.
[1] https://docs.gitlab.com/ee/ci/yaml/#stages
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, emulator builtin binaries are downloaded after the rootfs
build by each tests running the emulator (Qemu) on armv5 or armv7.
Due to download quota on the server hosting theses binaries [1]
some GitLab jobs are failing due to "Connection reset by peer" [2]:
ConnectionResetError: [Errno 104] Connection reset by peer
In a follow up commit, we'll add the possibility to download only once
all emulator builtin binaries to pass them as build artifacts.
As such, we will need to make sure that run-tests only download theses
binaries, and that it does not run the testsuite.
Add such a mode, with a new option, --prepare-only.
[1] http://autobuild.buildroot.net/artefacts
[2] https://gitlab.com/buildroot.org/buildroot/-/jobs/4409032417
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/b85/b85b64162b3889d96c713030b46401e3e0a9a4e2/http://autobuild.buildroot.net/results/fea/fea92e9c2a87a317675a7d0610c2ee467a373b69/
Since the bump to 3.0.9 with buildroot commit
3c66f65a6a the configure script of
(host-)libopenssl needs the FindBin perl module on the host:
Can't locate IPC/Cmd.pm in @INC (you may need to install the IPC::Cmd
module) (@INC contains: /home/buildroot/autobuild/instance-1/output-1/
build/host-libopenssl-3.0.9/util/perl /home/buildroot/autobuild/instance
-1/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/
perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl
/usr/lib64/perl5 /usr/share/perl5 /home/buildroot/autobuild/instance-1/
output-1/build/host-libopenssl-3.0.9/external/perl/Text-Template-1.56/
lib) at /home/buildroot/autobuild/instance-1/output-1/build/host-lib
openssl-3.0.9/util/perl/OpenSSL/config.pm line 19.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance
-1/output-1/build/host-libopenssl-3.0.9/util/perl/OpenSSL/config.pm line
19.
As this is needed for both libopenssl and host-libopenssl (which does not
have a corresponding config symbol in the .config), we have to require it
unconditionally.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Rebase patches onto new version
Remove 0005-crypto-perlasm-ppc-xlate.pl-add-linux64v2-flavour.patch,
0006-Add-support-for-io_pgetevents_time64-syscall.patch, and
0007-Fixup-support-for-io_pgetevents_time64-syscall.patch as these are
already applied upstream
Updated license after switch to Apache license:
https://www.openssl.org/blog/blog/2021/06/17/OpenSSL3.0ReleaseCandidate/
[Bernd: fixed license file/hash]
Signed-off-by: Danny Wood <danny@rotronics.co.uk>
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: update .checkpackageignore]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build is broken:
"It seems that you are using `distutils.command.build` to add
new subcommands. Using `distutils` directly is considered deprecated,
please use `setuptools.command.build`.
By 2023-Dec-13, you need to update your project and remove deprecated
calls or your builds will no longer be supported."
The last commit for this package occured on May, 30th, 2016.
The last issue was opened Jan, 31st, 2017 and was unanswered.
Fixes:
http://autobuild.buildroot.net/results/b57/b571d7838950e0b5ca67106cbcd9ba61b4f04a48/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- update docs/license.rst hash (removed duplicated BSD-3-Clause and
reference to LICENSE.rst, removed Artwork and reference to
artwork/LICENSE.rst)
- add new runtime dependency on python-blinker
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While at it remove Glibc from the test name since all Timezone
now use a Glibc toolchain.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch updates the default toolchain used for runtime tests. The
last time this toolchain was updated was in commit
0207a65323 3 years ago. Since then,
multiple things have changed:
Firstly, it used uclibc-ng as the libc whereas since commit
4057e36ca9, glibc is used as the default
library.
And secondly, since commit 531b2a10cd, buildroot
dropped the support for gcc 8 and it cannot be built internally anymore.
So the testsuite was executed using a toolchain that can't be built by
the Buildroot internal toolchain backend anymore.
This new Bootlin toolchain stable 2022.08-1 is based on gcc 11.3.0,
linux headers 4.9.327, glibc 2.35 and binutils 2.38.
The previous toolchain bleeding edge 2018.11-1 is based on gcc 8.2.0,
linux headers 4.14.80, uclibc 1.0.30 and binutils 2.31.1
Nowadays Bootlin toolchains are packaged in Buildroot and we can
directly select them from BASIC_TOOLCHAIN_CONFIG and avoid
setting the toolchain parameters (BR2_TOOLCHAIN_EXTERNAL_CUSTOM...).
The switch to Glibc requires to update some tests for the following
reasons:
- TestPython3Py, TestPython3Pyc and TestPython3PyPyc has been updated
since they use the libc binary file name in their test
(uClibc: libc.so.1 vs Glibc: libc.so.6).
- TestTmux needs at least one locale to pass (as stated in tmux help
text "tmux needs a working UTF-8 locale"), so use "C.UTF-8".
- TestOpenSsh needs a toolchain >= 5.x due to a openssh issue
(Similar to: https://bugs.busybox.net/show_bug.cgi?id=13671)
Use the Bootlin toolchain bleeding-edge 2022.08-1 rhat provide
kernel headers 5.4
- TestShadow needs a toolchain >= 4.14
Use the Bootlin toolchain bleeding-edge 2022.08-1 rhat provide
kernel headers 5.4
Runtime tested on the gcc farm server.
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will break the kernel build with the Bootlin stable
toolchain due to an latent issue.
Fixes:
arch/x86/entry/thunk_64.o: warning: objtool: missing symbol table
make[4]: *** [scripts/Makefile.build:361: arch/x86/entry/thunk_64.o] Error 1
make[4]: *** Deleting file 'arch/x86/entry/thunk_64.o'
make[4]: *** Waiting for unfinished jobs....
[fixed since kernel 6.0]
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=de979c83574abf6e78f3fa65b716515c91b2613d
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We are going to update the toolchain used by the Buildroot testsuite
and this update will increase the size of the rootfs over 120M.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the commit [1] already fixed some runtime issue with
uClibc toolchain, the same test TestPythonPy3Iptables fail
with Glibc toolchain.
xtables_version = 12
if xtables_version:
_searchlib = "libxtables.so.%s" % (xtables_version,)
else:
_searchlib = "xtables"
_lib_xtables, xtables_version = find_library(_searchlib)
_lib_xtables and xtables_version are null with glibc
The implementation of find_library() rely on the custom
_find_library() that try to use the IPTABLES_LIBDIR
environment variable (that does not exist in the context
of Buildroot).
Within the scope of buildroot we can determine what
IPTABLES_LIBDIR should be at build time and replace the
calls to os.environ.get('IPTABLES_LIBDIR', None) with
the correct value.
[1] d341ec0350
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.19.11 (released 2023-07-11) includes a security fix to the net/http package,
as well as bug fixes to cgo, the cover tool, the go command, the runtime, and
the go/printer package.
CVE-2023-29406 and Go issue https://go.dev/issue/60374
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This new Bootlin toolchain stable 2022.08-1 is based on gcc 11.3.0,
linux headers 4.9.327, glibc 2.35 and binutils 2.38.
Nowadays Bootlin toolchains are packaged in Buildroot and we can
directly select them from BASIC_TOOLCHAIN_CONFIG and avoid
setting the toolchain parameters (BR2_TOOLCHAIN_EXTERNAL_CUSTOM...).
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Take the basename of the appended DTBs to workaround the following problem:
(cd .../arch/arm/boot; for dtb in cirrus/ep93xx-edb9302
do if test -e ${dtb}.dtb ; then dtbpath=${dtb}.dtb
else dtbpath=dts/${dtb}.dtb ; fi
cat zImage ${dtbpath} > zImage.${dtb} || exit 1; done)
/bin/sh: line 1: zImage.cirrus/ep93xx-edb9302: No such file or directory
Necessary to support ARM Linux starting from commit 724ba6751532
("ARM: dts: Move .dts files to vendor sub-directories"), i.e. Linux v6.4+.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure:
/tmp/ccw5V2Ti.s: Assembler messages:
/tmp/ccw5V2Ti.s:2013: Error: selected processor does not support `itt gt' in Thumb mode
/tmp/ccw5V2Ti.s:2014: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2015: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2017: Error: selected processor does not support `it le' in Thumb mode
/tmp/ccw5V2Ti.s:2018: Error: Thumb does not support conditional execution
/tmp/ccw5V2Ti.s:2020: Error: selected processor does not support `it gt' in Thumb mode
/tmp/ccw5V2Ti.s:2021: Error: Thumb does not support conditional execution
Fixes:
http://autobuild.buildroot.net/results/3fc/3fc68f756cf1661673941c411c4a2477e901e361/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is a helper class providing a template for testing data
compressor and decompressor programs such as gzip, bzip2, xz...
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Build the am335x-bonegreen-wireless.dtb device tree.
The genimage script which is shared between beaglebone and
beaglebone_qt5 was updated to support the bonegreen-wireless.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removal requested via email:
could you somehow please remove me as maintainer from this package.
I am since many years not using builtroot anymore and have no longer
systems with which I could do patch requests.
I am going into retirement.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot always enable largefile support in the toolchain, and thus
the associated definitions are always on. This leads to a problem in
unzip that on a 32-bit arch with these flags being passed in
-D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
but the LARGE_FILE_SUPPORT define not being set will cause a size
mismatch on the comparison of the zipfiles:
$ unzip test.zip
Archive: test.zip
error: invalid zip file with overlapped components (possible zip bomb)
The simple solution is just enable LARGE_FILE_SUPPORT to enable large
file support. In order to avoid redefinition warnings, we undefine
_LARGEFILE_SOURCE and _LARGEFILE64_SOURCE.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Tested-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update the selection of the ahab container images for the imx8dxl
asics. The initial support assumed these were imx8 but this is
actually the imx8x architecture as well. This was fixed when run on
the first tests against the imx8dxl SoCs.
Files from upstream:
mx8dxla0-ahab-container.img
mx8dxla1-ahab-container.img
mx8dxlb0-ahab-container.img
The B0 revision should be considered the latest
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There was some imx SDMA firmware in the base linux-firmware package at
one time, but the firmware-imx is updated with the latest versions
from NXP releases.
This just ensures a dependency is set so that the firmware-imx package
will always come later in case an overlap occurs again.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed for upcoming Kodi version 21.0-Omega.
Depends on the previous patch to fix build error on Coldfire.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The hash of the NOTICE file has changed due to:
- Update in copyright year
- Addition of a BSD-2-Clause license, so no change from that perspective
Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Removed md5 hash.
Switch to new maintainer repo as indicated by metacpan.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Most rpi defconfigs use dtb overlays, but not rpi0 / rpi2 - Making it harder
to use overlays on those boards as the genimage files have to be tweaked.
To fix this, create the rpi-firmware/overlays directory in the post-build
script if needed and unconditionally include it in the genimage files so
rpi0/rpi2 works consistently with the other variants.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit 0e82c360942907f5a2f379e64e0d211aaff80774 (and since release
2.10.1), a new variable called PYBIND11_PYTHONLIBS_OVERWRITE was introduced
and set to ON by default.
According to comment before this option:
"Overwrite cached values read from Python library (classic search). Turn off if
cross-compiling and manually setting these values."
In buildroot's context this option must be disabled to keep variables
provided by buildroot and lib/app.
Fixes:
- http://autobuild.buildroot.net/results/7423df5db5237d94bb49e32698828d4fe470e39b/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes uboot build errors:
In file included from tools/imagetool.h:24,
from tools/aisimage.c:7:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
1383 | # include <openssl/evp.h>
|
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumping libssh2 to 1.11.0 with buildroot commit
af87ad197c
causes build errors with libcurl due to "-R" being added to libssh2.pc.
Quoting autobuilder build-end.log
checking for recv... no
configure: error: Unable to link function recv
Quoting autobuilder libcurl-8.1.2/config.log
arc-buildroot-linux-uclibc-gcc.br_real: error: unrecognized command-line option '-R'
Fixes:
http://autobuild.buildroot.net/results/78f/78ffda92d51f8abdbcef93f968ace432d0d44979/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 3b2913552e (package/python-setuptools: add missing dependency on
host-python-wheel) adding the select of the runtime, as a last-minute
fixup.
However, there is no target python-wheel package; it is a host-only
package, leading to sainty-check failures:
$ make check-symbol
package/python-setuptools/Config.in:5: BR2_PACKAGE_PYTHON_WHEEL referenced but not defined
Srop the select. If there was a rationale for actually having
python-wheel on the target, it's going to need a bit more.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In the case of bluetooth audio thet incoming audio stream will be
coming from bluetooth devices at varying sample rates like (44.1, 48,
96, 192 kHz) and the odds of a sound device matching that samplerate
exactly is a bit slim. So in the case of a bluez audio playback the
system will need to do a samplerate conversion.
Thus when enabling bluez-alsa and the alsa plugins select libsamplerate
to support the shift from the incoming samplerates to an often fix-rated
audio device.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While migrating to pep517 build backend the host-python-wheel
dependency has been added to host-python-setuptools but
not to python-setuptools. Note that host-python-wheel is not really
needed during the build of (target) setuptools, but the setup.py script
checks if the dependency is present in the host directory.
To make everything consistent, add host-python-wheel as a build
dependency, and BR2_PACKAGE_PYTHON_WHEEL as a runtime dependency.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4537951715
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: James Hilliard <james.hilliard1@gmail.com>
[Arnout: also add runtime dependency on the target package.]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Now that 2.40.x has been added, that 2.39.x is the default version,
drop support for 2.37.x.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_BINUTILS_GPROFNG was made available for known supported versions
only (binutils 2.39 at this point). As all new versions of binutils
support gprofng, it makes sense to invert the logic, and instead make
BR2_BINUTILS_GPROFNG not available with old binutils versions.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use pidfile for more accurate process match
- Fix coding style issues to be able to drop a problem reported by
check-package on missing variables
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
Tested with qemu_aarch64_virt_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated to gcc 12.2, gdb 12, binutils 2.39, glibc 2.36.
Upstream changed version scheme previously based on the release
date (2021.07) to a version scheme based on gcc version (12.2.rel1).
The runtime issue (Illegal instruction on some x86 host) [1] seems to
be fixed since it can't be reproduced anymore on the same host.
The x86_64 host variant prebuilt toolchain is built on RHEL7
(glibc 2.17) and is likely also be useable on OS versions like
RHEL8, Ubuntu 18.04 or later.
The AArch64 host variant prebuilt toolchain is built on Ubuntu 18.04
(glibc 2.27) is likely also be useable on OS versions like RHEL8,
Ubuntu 18.04 or later.
Use the sha256 hash that is now provided by upsteam.
Tested with qemu_arm_vexpress_defconfig.
[1] https://bugs.linaro.org/show_bug.cgi?id=5825#c19
[2] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is bugfix release of stable libmdbx branch,
on the day of international children's camp «Artek».
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
The most significant fixes of v0.12.7:
- added workaround for build issues with modern GCC using `-m32 -arch=i686 -Ofast`.
- fixed the cause of the false-positive warning of modern GCC in the C++ API.
- refined DB opening in "recovery" mode and switching to a given meta-page.
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the comment out of the if-clause and include the python3 dependency
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
BR2_riscv_custom should only contain the basic I extension. The A
extension should be optional and selected by board configs.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
BR2_RISCV_ISA_CUSTOM_RVA is currently not explicitly listed as it is
selected by BR2_riscv_custom. This looks confusing. Let's enable it.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With upstream commit ae2d9506a36c ("riscv: sifive: Rename fu540 board to unleashed")
in U-Boot v2021.07 release, the defconfig for SiFive Unleashed board
has been changed to sifive_unleashed_defconfig.
Also newer U-Boot has deprecated the usage of SPL_FIT_GENERATOR
to generate u-boot.itb hence there is no 'u-boot.itb' target in
the U-Boot Makefile anymore. Instead binman is used to assemble
the u-boot.itb image.
We will need to switch to BR2_TARGET_UBOOT_FORMAT_CUSTOM for
installing u-boot.itb.
Switch over to use the latest U-Boot v2023.04 release.
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2023-1916: A flaw was found in tiffcrop, a program distributed by the
libtiff package. A specially crafted tiff file can lead to an
out-of-bounds read in the extractImageSection function in
tools/tiffcrop.c, resulting in a denial of service and limited information
disclosure. This issue affects libtiff versions 4.x.
- CVE-2023-25434: libtiff 4.5.0 is vulnerable to Buffer Overflow via
extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.
- CVE-2023-26965: loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0
has a heap-based use after free via a crafted TIFF image
Drop the now upstream
0001-tiffcrop-Correct-simple-copy-paste-error-Fix-488.patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 9d58b525fc the newline at the
end got accidentally removed. Commit
fd6b334269 re-added the newline, but
accidentally added an empty line as well. Remove the empty line.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The alsa-utils will remove and create the /usr/share/alsa dir
as a whole and since the alsa plugins needs to add config into
this same directory it should come after those install steps.
Also, the bluez alsa needs the plugins installed to find them
during the configuration phases - so, interlock the plugins
when configured.
Signed-off-by: Charles Hardin <ckhardin@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In commit 9d58b525fc the newline at the
end got accidentally removed. Re-add it.
Reported by check-package.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libcgroup depends on fts API which is missing in musl and uClibc
and provided by musl-fts package.
This patch makes libcgroup dependent on musl-fts for
non-glibc configurations.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following security issues:
- CVE-2023-34969: Fix an assertion failure in dbus-daemon when a privileged
Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or
similar) is active, and a message from the bus driver cannot be delivered
to a client connection due to <deny> rules or outgoing message quota.
This is a denial of service if triggered maliciously by a local attacker.
- Fix an incorrect assertion that could be used to crash dbus-daemon or
other users of DBusServer prior to authentication, if libdbus was compiled
with assertions enabled.
For details, see the NEWS file:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Right now there is a LICENSE file included in the package, so use it for
license validation.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Now that all dependencies of host-python-setuptools no longer
use setuptools as a build backend we can now migrate setuptools
itself to the pep517 build backend.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This will be required for upcoming setuptools pep517 support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
We overrode the default in 4386bbdf08 to
work around target shebang bug, as this issue no longer appears to be
present lets revert back to the local version as this is what will be
use in the future when distutils is removed from the python stdlib.
Tested with:
$ support/testing/run-tests -d dl -o output_folder -k tests.package.test_ipython.TestIPythonPy3
15:43:26 TestIPythonPy3 Starting
15:43:27 TestIPythonPy3 Building
15:49:35 TestIPythonPy3 Building done
Downloading to /home/buildroot/buildroot/dl/tmp_iyk_fn6
Renaming from /home/buildroot/buildroot/dl/tmp_iyk_fn6 to /home/buildroot/buildroot/dl/kernel-versatile-5.10.7
Downloading to /home/buildroot/buildroot/dl/tmpokk23l2z
Renaming from /home/buildroot/buildroot/dl/tmpokk23l2z to /home/buildroot/buildroot/dl/versatile-pb-5.10.7.dtb
15:50:04 TestIPythonPy3 Cleaning up
.
----------------------------------------------------------------------
Ran 1 test in 398.709s
OK
$ head -n 1 output_folder/TestIPythonPy3/target/usr/bin/ipython
#!/usr/bin/python
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Other changes:
- Remove 0002-plc-plc.h-fix-build-with-gcc-10.patch as
related MR https://github.com/qca/open-plc-utils/pull/141
has been merged.
Notable changes since last version:
- Drop privileges after opening the channel file descriptor
- Remove all checks for root permissions
- Add chip identification for QCA7006AQ
Signed-off-by: Kai Stuhlemmer (ebee Engineering) <kai.stuhlemmer@ebee.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Currently there is no explicit way to enable/disable the adaptivedemux2
plugin. Create a menu entry allowing users to disable or enable the plugin,
like we have for other features.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr: use plugin name in prompt, drop useless help]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Select BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following
build error:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
Reported-by: Jan-Benedict Glaw <jbglaw@lug-owl.de>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update 002-vc4-add-meson-option-to-disable-optional-neon-suppor.patch to
fix an syntax error introduced by commit 'package/{mesa3d, mesa3d-headers}:
bump version to 23.1.0' ([1])
Fixes:
.../build/mesa3d-23.1.2/src/gallium/drivers/vc4/meson.build:87:76: ERROR:
Trying to compare values of different types (UserFeatureOption, str) using !=.
This was deprecated and undefined behavior previously and is as of 0.60.0 a hard error.
[1] https://git.buildroot.net/buildroot/commit/?id=e6203db11ed40122a2d9f29012db5683a7eb10d0
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
E-mails are bouncing:
<jose.pekkarinen@unikie.com>: host ASPMX.L.GOOGLE.com[74.125.133.26] said:
550-5.1.1 The email account that you tried to reach does not exist. Please
try 550-5.1.1 double-checking the recipient's email address for typos or
550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0b9efc991f ("linux: use BR2_MAKE") switched LINUX_MAKE to
$(BR2_MAKE). However, this also implicitly sets LINUX_KCONFIG_MAKE.
Thus, when host-make is being used in a build that has
PER_PACKAGE_DIRECTORIES enabled, the dotconfig step will try to use the
make instance from the host directory, but since it is not listed in
LINUX_KCONFIG_DEPENDENCIES, it won't be available yet at that point in
time.
Add an explicit dependency to LINUX_KCONFIG_DEPENDENCIES to have it
copied over early enough.
Signed-off-by: Florian Larysch <fl@n621.de>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes the following security issues:
- CVE-2023-32067: High. 0-byte UDP payload causes Denial of Service
- CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS
query IDs
- CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton()
- CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during
cross compilation
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The autoconf-build system fails to properly detect vsnprintf
checking for vsnprintf... yes
checking whether vsnprintf is C99 compliant... no
which leads to a build error
snprintf.c:495:1: error: inlining failed in call to 'always_inline'
'rpl_vsnprintf.localalias': function not inlinable
Building with cmake fixes the problem:
-- Looking for vsnprintf
-- Looking for vsnprintf - found
The cmake build system has an option to disable checkmk, so we don't
need to remove it from target anymore.
Fixes:
http://autobuild.buildroot.net/results/e55/e5562513226de902dae642526165b1555a540144/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
hwdata provides a .pc file, which other packages can look up to find the
location where hwdata files are, and use them at build time.
This is the case for the upcoming libdisplay-info package, which
requires the hwdata's PNP IDs at build time.
However, installing the .pc file is not enough. Indeed, meson (which
libdisplay-info uses) will look for the corresponding data files in
datadir, which it locates relative to the sysroot, which is our staging.
So, we also need to install the hwdata files in staging.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream ChageLog, summary:
- Add wildcard support for Cloudflare
- New DDNS providers from DD-WRT;
- goip.de
- myonlineportal.net
- desec.io (a.k.a. dedyn.io)
- domaindiscount24.com
- dy.fi
- do.de (Domain-Offensive)
- Domopoli.de
- inwx
- It's DNS
- Joker.com
- all-inkl.com
- core-networks.de
- dnsever.com
- dnshome.de
- dnsmadeeasy.com
- dnsmax.com
- schokokeks.org
- variomedia.de
- udmedia.de
- moniker.com
- dyndns.it
- infomaniak.com
- oray.com
- simply.com
- mydns.jp
- myonlineportal.net
- namecheap.com
- regfish.de
- twodns.de
- Support for updating both ipv4 and ipv6 address for same provider
- Add new command line options -L and -S NAME to list supported
providers and their respective details
- Add 'success' as a valid generic response to DNS update
- Fix use after free in logger at inadyn exit
- Use dynv6 'auto' IP only if we have not detected an address
- Replace unstable api.ipify.org with http://ifconfig.me
- Fix default checkip server for dnsexit.com
- Fix easydns response code problem
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop no longer required host-python-setuptools-scm and
host-python-toml dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Removed md5 hash, switched _SITE to https.
Updated license hash due to copyright year bump.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Rebased two patches.
Changelog:
https://docs.python.org/release/3.11.4/whatsnew/changelog.html#python-3-11-4
Fixes the following security problems:
- gh-99889: Fixed a security in flaw in uu.decode() that could allow for
directory traversal based on the input if no out_file was specified.
- gh-104049: Do not expose the local on-disk location in directory
indexes produced by http.client.SimpleHTTPRequestHandler.
- gh-102153: urllib.parse.urlsplit() now strips leading C0 control and
space characters following the specification for URLs defined by WHATWG
in response to CVE-2023-24329. Patch by Illia Volochii.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Python-docker needs a working docker setup to do anything useful, so add it
to the existing docker_compose (which tests docker and docker-compose)
rather than adding a completely new test.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit d680db0ba7 (package/python-docker: bump to version 6.0.1) forgot
to add the new dependency on python-packaging, leading to runtime errors:
import docker
File "/usr/lib/python3.11/site-packages/docker/__init__.py", line 2, in <module>
File "/usr/lib/python3.11/site-packages/docker/api/__init__.py", line 2, in <module>
File "/usr/lib/python3.11/site-packages/docker/api/client.py", line 10, in <module>
File "/usr/lib/python3.11/site-packages/docker/auth.py", line 7, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/__init__.py", line 3, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/decorators.py", line 4, in <module>
File "/usr/lib/python3.11/site-packages/docker/utils/utils.py", line 9, in <module>
ModuleNotFoundError: No module named 'packaging'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
defconfig fragment to reproduce the issue:
BR2_PACKAGE_QEMU_ARCH_SUPPORTS_TARGET=y
BR2_PACKAGE_QEMU=y
BR2_PACKAGE_QEMU_SYSTEM=y
ERROR: Problem encountered: fdt not available but required by targets
aarch64-softmmu, arm-softmmu, i386-softmmu, loongarch64-softmmu,
microblaze-softmmu, microblazeel-softmmu, mips64el-softmmu,
nios2-softmmu, or1k-softmmu, ppc-softmmu, ppc64-softmmu,
riscv32-softmmu, riscv64-softmmu, rx-softmmu, x86_64-softmmu
Commit [1] select BR2_PACKAGE_QEMU_FDT for each individual emulator targets
but forgot to select is when BR2_PACKAGE_QEMU_CHOOSE_TARGETS is not set
(building for all targets).
Fixes:
http://autobuild.buildroot.org/results/e44/e444a02b899d325a9d99daed96b8cb96108383e7
[1] 44be514b21
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Carlos Santos <unixmania@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop local patch that has been upstreamed but add a new one to fix build
failure:
../meson.build:180:12: ERROR: Can not run test applications in this
cross environment.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
1.3.39:
- oss-fuzz: Several security fixes originating from oss-fuzz testing.
- ALL: Replace strcpy() with strlcpy(), replace strcat() with strlcat(),
replace sprintf() with snprintf(). Prefer using bounded string functions.
This change is made for the purpose of increasing safety than to address
any existing demonstrated concern.
1.3.40:
- DCX: Fixed heap overflow when writing more than 1023 scenes, and also
eliminated use of uninitialized memory.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Peter: mark as security fix, extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/293/2936d9b054269b7055e66ab5a7f7c1f7f4926d48/
Bootgen embeds an old version of flex, but uses the system include syntax
(#include <>) to reference it, causing conflicts on systems with the
development headers for a modern flex version installed, leading to build
issues like:
../bisonflex/cmdoptions.yy.cpp: In member function 'virtual int CO::FlexScanner::yylex()':
../bisonflex/cmdoptions.yy.cpp:1362:18: error: no match for 'operator=' (operand types are 'std::istream' {aka 'std::basic_istream<char>'} and 'std::istream*' {aka 'std::basic_istream<char>*'})
Fix it by using normal local includes (#include "") instead.
Notice: This was already fixed on master, but the cmdoptions.yy.cpp and
reginit.yy.cpp hunks were accidentally dropped when the changes were
squashed for the 2023.1 release.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some packages (e.g. libjxl) requires a quite recent cmake version,
that is not yet available in most distributions, especially those
LTS versions.
Currently, when we bump the minimum cmake version we require, it gets
bumped for all packages, regardless of their own minimum required
version, which means that a given configuration will trigger the
build of our host-cmake even if the packages that require it are not
enabled and those that are would be content with the system-provided
cmake.
Since host-cmake can take quite some time to build, this can get a
bit annoying to pay the price of a host-cmake build that would
otherwise not be needed.
Some packages even use an alternative build system when available
since they requires a more recent version of cmake than the our
minimum cmake version
(wpewebkit use Ninja: 78d499409f).
We introduce config options that packages can select to indicate
what minimal cmake version they require, and use that version as the
required minimal version required by the current configuration [0].
We would like to ensure that the currently selected minimum cmake
version is indeed lower (or equal) to the cmake version we package,
but that is not possible: dependencies.mk is parsed before we parse
packages, so we do not yet know the cmake version we have, and we
can't invert the parsing order as we need to know the required
dependencies before we parse packages (so that we can build their
dependency rules in Makefile). So we can only add comments in both
places, that refer to the other location.
[0] note that this is yet not optimal, as in such a case, host-cmake
would be in the dependency chain of all cmake-based packages, even
for those packages that do not require it. The optimum would be for
each package to gain such a dependency on an as-needed basis, but
this is by far more complex to achieve, and would only speed up
cases where a single package is built from scratch (e.g. with:
make clean; make foo), which is not worth optimising (yet?)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Julien Olivain <ju.o@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- cmd/go: cgo code injection
The go command may generate unexpected code at build time when using cgo.
This may result in unexpected behavior when running a go program which
uses cgo.
This may occur when running an untrusted module which contains directories
with newline characters in their names. Modules which are retrieved using
the go command, i.e. via "go get", are not affected (modules retrieved
using GOPATH-mode, i.e. GO111MODULE=off, may be affected).
Thanks to Juho Nurminen of Mattermost for reporting this issue.
This is CVE-2023-29402 and Go issue https://go.dev/issue/60167.
- runtime: unexpected behavior of setuid/setgid binaries
The Go runtime didn't act any differently when a binary had the
setuid/setgid bit set. On Unix platforms, if a setuid/setgid binary was
executed with standard I/O file descriptors closed, opening any files
could result in unexpected content being read/written with elevated
prilieges. Similarly if a setuid/setgid program was terminated, either
via panic or signal, it could leak the contents of its registers.
Thanks to Vincent Dehors from Synacktiv for reporting this issue.
This is CVE-2023-29403 and Go issue https://go.dev/issue/60272.
- cmd/go: improper sanitization of LDFLAGS
The go command may execute arbitrary code at build time when using cgo.
This may occur when running "go get" on a malicious module, or when
running any other command which builds untrusted code. This is can by
triggered by linker flags, specified via a "#cgo LDFLAGS" directive.
Thanks to Juho Nurminen of Mattermost for reporting this issue.
This is CVE-2023-29404 and CVE-2023-29405 and Go issues
https://go.dev/issue/60305 and https://go.dev/issue/60306.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch cleans up board/zynqmp shellcheck issues.
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: wrap long lines, use quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch cleans up board/zynq shellcheck issues.
Signed-off-by: Neal Frager <neal.frager@amd.com>
[Peter: use ${} for variables, quotes around entire word]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes
(see https://github.com/redis/redis/blob/7.0/00-RELEASENOTES):
================================================================================
Redis 7.0.11 Released Mon Apr 17 16:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-28856) Authenticated users can use the HINCRBYFLOAT command to create
an invalid hash field that will crash Redis on access
...
================================================================================
Redis 7.0.10 Released Mon Mar 20 16:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-28425) Specially crafted MSETNX command can lead to assertion and denial-of-service
...
================================================================================
Redis 7.0.9 Released Tue Feb 28 12:00:00 IST 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2023-25155) Specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD
commands can trigger an integer overflow, resulting in a runtime assertion
and termination of the Redis server process.
* (CVE-2022-36021) String matching commands (like SCAN or KEYS) with a specially
crafted pattern to trigger a denial-of-service attack on Redis, causing it to
hang and consume 100% CPU time.
...
================================================================================
Redis 7.0.8 Released Mon Jan 16 12:00:00 IDT 2023
================================================================================
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
* (CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
commands can drive Redis to OOM panic
* (CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER
commands can lead to denial-of-service
...
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
And restore support for MIPS64, which is supported by Lightning.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The commit f69c972ae6 (support/testing/tests/package/test_kexec.py:
new runtime test) was tested locally with a qemu version (>= 7.x) more
recent than the one available in our buidroot/base Docker image (5.2).
As a consequence, that test fails to run in gitlab-ci as reported by [1].
Remove "dtb-kaslr-seed=off" from the Qemu command line and pass
a custom devicetree to qemu virt machine. This devicetree is
based on qemu aarch64 5.2 dts with kaslr-seed set 0.
The qemu aarch64 devicetree has been exported [2] and updated with the
following method:
qemu-system-aarch64 -machine virt -machine dumpdtb=qemu-aarch64-virt-5.2-machine.dtb
dtc -I dtb qemu-aarch64-virt-5.2-machine.dtb > qemu-aarch64-virt-5.2-machine.dts
edit the dts and replace kaslr-seed parameter by "kaslr-seed = <0 0>;"
As soon as our buidroot/base Docker image is updated and a newer qemu version
is available, we can safely revert this change and use the initial method.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819092
[1] http://lists.busybox.net/pipermail/buildroot/2023-May/668091.html
[2] https://u-boot.readthedocs.io/en/latest/develop/devicetree/dt_qemu.html#obtaining-the-qemu-devicetree
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Signed-off-by: Julien Olivain <ju.o@free.fr>
Tested-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fixes:
http://autobuild.buildroot.net/results/37e5075a5c790d5c96bdc72c44d4362a16ae00bb/
Commit b41ff7dd46 (package/sdl2_net: bump version to 2.2.0) forgot to
update the license hash / filename, breaking the build.
Upstream renamed COPYING.txt to LICENSE.txt, changed white space and updated
the copyright years, so update the hash to match:
diff -uw sdl2_net-2.0.1/COPYING.txt sdl2_net-2.2.0/LICENSE.txt
--- sdl2_net-2.0.1/COPYING.txt 2016-01-03 08:57:09.000000000 +0100
+++ sdl2_net-2.2.0/LICENSE.txt 2022-08-17 18:55:22.000000000 +0200
@@ -1,6 +1,4 @@
-/*
- SDL_net: An example cross-platform network library for use with SDL
- Copyright (C) 1997-2016 Sam Lantinga <slouken@libsdl.org>
+Copyright (C) 1997-2022 Sam Lantinga <slouken@libsdl.org>
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
@@ -17,4 +15,4 @@
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
-*/
+
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The bump to 11.4.0 in commit f1e3d02cd4 missed
0001-or1k-Add-mcmodel-option-to-handle-large-GOTs.patch, so add it back
again to keep checkpackage happy.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
'earlyoom --help' still says 'earlyoom 1.6' though it's already
version 1.7. '-DVERSION' flag value should be either unhardcoded,
either updated with each package version bump.
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
'/etc/init.d/S02earlyoom start' simply prints 'OK' instead of
'Starting earlyoom: OK' because of a typo in the printf function call.
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
earlyoom.mk file explicitly sets 'PREFIX=/usr', and the init script
fails to start earlyoom because of a nonexistent executable path:
# /etc/init.d/S02earlyoom start
start-stop-daemon: unable to stat /bin/earlyoom (No such file or directory)
FAIL
Signed-off-by: Sergey Bobrenok <SIBobrenok@sberdevices.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
perl-clone is a new mandatory dependency of perl-http-message v6.44
that is already available in Buildroot since commit [1].
[1] 79e8aad721
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The commit [1] removed setuptools from runtime dependencies
"Drop spurious setuptools runtime dependency.". Since then
the test TestPythonPy3Can fail with the following error:
ModuleNotFoundError: No module named 'pkg_resources'
Add back setuptools to provide "pkg_resources".
Fixes
https://gitlab.com/buildroot.org/buildroot/-/jobs/4322819285
[1] 09c966af73
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 6.2.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 3.2.0, libwebsockets does not compile its external loop
support code anymore. That code was put under LWS_WITH_EXTERNAL_POLL
compile option, which defaults to OFF.
Applications relying on that support need to turn that option on, so
let's add it to the package.
For example, when libwebsockets is enabled, mosquitto broker is built
with websocket support, but its code requires LWS_WITH_EXTERNAL_POLL
to be on, otherwise it gives compile-time warning hinting to unusable
websocket support:
https://github.com/eclipse/mosquitto/commit/1b24f625ea4ee77f3c4796ec2233d059f8c7977e
Signed-off-by: Luca Pesce <luca.pesce@vimar.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
"Toolchain prefix" option apparently doesn't have any help describing
it, which causes confusion when using external toolchain. Leaving this
option at default prefix name ("$(ARCH)-linux") when external toolchain
components are called with different prefix (e.g.
"$(ARCH)-unknown-linux-gnu") may cause build failure unless the prefix
symlink is already in place (e.g. when using Buildroot-generated
toolchain as external toolchain).
Describe the option to clarify.
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Reviewed-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add upstream patch to fix host compile error on openSUSE Tumbleweed
(gcc-13.0.1).
Fixes:
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:117:8: error: variable or field ‘CleanupOnSignal’ declared void
117 | void CleanupOnSignal(uintptr_t Context);
| ^~~~~~~~~~~~~~~
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:117:24: error: ‘uintptr_t’ was not declared in this scope
117 | void CleanupOnSignal(uintptr_t Context);
| ^~~~~~~~~
.../build/host-llvm-11.1.0/include/llvm/Support/Signals.h:18:1: note: ‘uintptr_t’ is defined in header ‘<cstdint>’; did you forget to ‘#include <cstdint>’?
17 | #include <string>
+++ |+#include <cstdint>
18 |
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The br-arm-internal-glibc.config used to be generally used as a configuration
to test the bleeding edge versions of components. However, it has been
lagging behind somewhat and produce invalid configuration since binutils 2.36
removal in d08639e6b9e5... so let's bring it up-to-date:
- Binutils 2.39.x
- GCC 12.x
Since Buildroot 2022.02, the autobuilders doesn't use the csv file anymore
but the test-pkg script still use it.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch bumps the zynq_zed_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_microzed_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps the zynq_zc706_defconfig to xilinx-v2023.1 which includes
the following updates:
- Linux v6.1.5
- U-Boot v2023.01
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps bootgen to version xilinx_v2023.1.
The patch for build machines with modern flex is no longer needed.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
179ae2f ("package/tzdata: bump version to 2023c") forgot to update the
URL of the hash files.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's also switch to a _SITE that can be accessed from a web browser and
results to be the official one for mmc-utils.
The license file we use is a header, so it changes every now and then,
even when the licenins terms do not. Switch to using README instead, as
it identifies the license (albeit just by name, b ut that's enough for
us), which is still GPL-2.0 (only).
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr: switch to README]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
https://gitlab.gnome.org/GNOME/gtkmm/-/blob/3.24.7/NEWS
README [0] states:
It's easiest to build with Meson, if the tarball was made with Meson,
and to build with Autotools, if the tarball was made with Autotools.
Then you don't have to use maintainer-mode.
How do you know how the tarball was made? If it was made with Meson,
it contains files in untracked/gdk/gdkmm/, untracked/gtk/gtkmm/ and
other subdirectories of untracked/.
This is the case, therefore switch to meson build system.
gtkmm3 tries to detect if X11 is enabled for gtk.
Switch to explicit definition to be safe.
Also disable tests and demos.
[0]: https://gitlab.gnome.org/GNOME/gtkmm/-/blob/3.24.7/README
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
tzdata and tzcode (for zic) are released in lock-step, as they go
together, so we update both simultaneously.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For change log, see:
https://octave.org/NEWS-8.html
Notable changes in this commit:
- the package patch was rebased and updated for this new version
- a comment in .hash file about signature verification is added
- the pcre dependency is replaced by pcre2, following the upstream
package recommendation and preference. See:
https://octave.org/NEWS-8.html#general-improvements
This change also adds the host-pkgconf as a dependency.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Other changes:
- Switch to tar.xz as the package is not distributed as a .bz2 any longer.
- Update the sha256sum of the license file, as it has been updated to
include the following text:
"Original author of nftables distributed the code under the terms of the
GPL version 2 *only*. New code though is moving to GPL version 2 or any
later which is the preferred license for this project these days."
The author has also changed from Patrick McHardy <kaber@trash.net> to
Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also: Switch to tar.xz as the package is not distributed as a .bz2 any longer.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also remove the last two '*_IGNORE_CVES', since the corresponding
patches have been removed (they are now part of upstream) in
1fb64680bf.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[yann.morin.1998@free.fr: move dropping CVE ignores into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Back in commit 1fb64680bf (package/mupdf: bump to version 1.20.3), we
no longer carry the two patches that were fixing two CVEs. But the
commit forgot to rop the exclusion of those two CVEs.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[yann.morin.1998@free.fr: offload to its own commit, write commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It appears that python-pymupdf needs swig when building since mupdf
was bumped to 1.18.0 in commit
f00da714a2. This was not noticed before
because when building on a machine where swig is already available
outside buildroot, it is used and the build succeeds.
This fixes the following build failure:
swigging fitz/fitz.i to fitz/fitz_wrap.c
swig -python -w509 -o fitz/fitz_wrap.c fitz/fitz.i
error: command 'swig' failed: No such file or directory
make: *** [package/pkg-generic.mk:293:
/home/buildroot/autobuild/instance-2/output-1/build/python-pymupdf-1.21.1/.stamp_built]
Error 1
Fixes:
- http://autobuild.buildroot.net/results/c689a385d984b87b63f3f2ff30338049774b1bf2
- http://autobuild.buildroot.net/results/cf268d3631330a8288fb8ad2af009abb7f1ca6b0
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With the current python-botocore version, the test times out on
machines on which it was passing with previous versions. Increase the
timeout so that the test can be run without using a timeout
multiplier.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Board support package includes the following components:
- mainline Linux kernel 5.15.108
- mainline U-Boot 2023.04
- default packages from buildroot
Note: There is a problem in u-boot display management. It should display
the ST microelectronics logo but "noise" is displayed (like when running
the command dd if=/dev/urandom of=/dev/fb0 in Linux). I also tried to
change version (even the first version in which this feature was
introduced), but without success. Despite this I decided not to disable
the video management configuration to remind us that it needs to be
fixed :).
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Link: https://www.st.com/en/evaluation-tools/32f769idiscovery.html
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Reviewed-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel is built without network support. It is useless to compile the
package and then remove it from rootfs.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Same version as NXP release 6.1.1-1.0.0
- Tested on Nitrogen8MP device with Weston (DRM backend) as follows:
Signed-off-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop local patches since they have been upstreamed but add a new local
patch already upstreamed that checks for libevent and sqlite since with the
adding of reexport they became mandatory. This is because it's not possible
to disable reexport.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
It is quite customary to use a single repository with multiple workdirs,
one for each active branch, with either the aging 'git new-workdir' or
the more recent 'git worktree'.
However, in a workdir/worktree, most entries in .git/ are only symlinks
to the actual files in the main repository.
Currently, utils/docker-run only bind-mounts the current working copy.
If that is a workdir/worktree, then it is going to be missing the actual
git data, resulting in errors like:
$ ./utils/docker-run make check-package
fatal: not a git repository (or any parent up to mount point [....]/buildroot)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
No files to check style
make: *** [Makefile:1257: check-package] Error 1
So, we also bind-mount the actual git directory. If that is a subdir
of the current working copy, then it is already mounted and thus the
bind-mount is superfluous but harmless; for simplicity, we mount it
unconditionally.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@datacom.com.br>
When an ignored file is removed (e.g. a package patch is no longer
needed after a version bump), the corresponding entry in the ignore list
is no longer needed.
However, we currently only validate that an ignored *test* still fails,
not that a ignore files is now missing.
Add a new test to check-package that does that check, and add a
test-case for that check.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
For various reasons, like debugging or compliance, it is important to
identify what br2-external trees versions were used for a specific
build.
Add a Kconfig option that contains the version as computed by
support/scripts/setlocalversion; this will appear in the .config file
(but not in defconfig files, which is what we want).
Also generate that variable on the .mk side, so that it gets properly
exported in the environment, for post-build of post-iamge scripts to use
as they see fit (like, ensuring there is no dirtyness when in a CI for
example).
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the list of external trees is a private variable, but for
debugging or compliance, one may need to get that list.
Add a Kconfig option so that the list appears in the .config file, and
export the already existing .mk variable in the environment, so that
post-build or post-image scripts can use it.
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The iproute2 package requires MMU support, and the BusyBox "ip link"
command does not handle CAN interfaces. The rtnl-link-can application,
added by applying the upstream patch, allows for the use of CAN devices
even on such systems.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Systems that lack a MMU cannot use fork() to create the child process.
The added upstream patch does not compile the affected programs on
MMU-less systems.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable ipam/host-local, ipam/static, and main/tap.
Note: main/tap is new as of cni-plugins 1.3.0.
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Most of the tools are useful only on virtualization hosts. After the
upgrade to QEMU 7.2.0, it is possible to build only quemu-ga, which
makes more sense when we build guest VM images.
Also do not build the other tools by default if none of the emulators is
selected, since the user does not necessarily wants them. Ideally, it
should not be possible to select qemu without selecting at least one of
the subcomponents but it is hard to guess what the user wants.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit d06dca38bb (linux: cleanup
kconfig fixup processing) moved the initramfs setup out of an
enclosing statement but kept the closing bracket.
Remove the extra bracket to fix a syntax error in sed processing.
Fixes:
>>> linux 6.4-rc1 Updating kernel config with fixups
/bin/bash: -c: line 1: syntax error near unexpected token `)'
/bin/bash: -c: line 1: `/usr/bin/sed -i -e '/^\(# \)\?CONFIG_INITRAMFS_ROOT_GID\>/d' /home/data/buildroot.experimental/build/linux-6.4-rc1//.config && echo 'CONFIG_INITRAMFS_ROOT_GID=0' >> /home/data/buildroot.experimental/build/linux-6.4-rc1//.config)'
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The toolchain-builder project reported an issue with Qemu 7.2.0 for
x86-core2--glibc--bleeding-edge toolchain [1]:
Run /sbin/init as init process
random: fast init done
EXT4-fs (vda): warning: mounting unchecked fs, running e2fsck is recommended
EXT4-fs (vda): re-mounted. Opts: (null). Quota mode: disabled.
Starting syslogd: OK
traps: syslogd[52] general protection fault ip:b7e21465 sp:bfe59e6c error:0 in libc.so.6[b7d9b000+123000]
Starting klogd: OK
traps: klogd[56] general protection fault ip:b7e94465 sp:bf8f069c error:0 in libc.so.6[b7e0e000+123000]
Running sysctl: traps: logger[62] general protection fault ip:b7e48b6c sp:bfd7d194 error:0 in libc.so.6[b7e05000+123000]
Segmentation fault
traps: logger[64] general protection fault ip:b7dd3b6c sp:bf9b8604 error:0 in libc.so.6[b7d90000+123000]
Segmentation fault
(Followed by a kernel panic.)
Testing with the pevious Qemu release (7.1.0) allows to boot the system without any problem.
Building qemu sources between 7.1.0 and 7.2.0 allows to identify the first "bad" commit [2] and
report to the Qemu project [3].
Thanks to Qemu maintainers review, several issues was noticed:
"The default i386 busybox build config does not respect glibc's requirements around stack alignment
(see [4] for previous discussions and a workaround)."
Disabling CONFIG_STACK_OPTIMIZATION_386 option (as suggested in the Gentoo bug report) fixed the issue!
This option has been added and enabled by default in buxybox 1_29_0, so it was used since then the for
Buildroot's qemu defconfig.
Note: The x86-i686--glibc--bleeding-edge (generic x86) doesn't trigger the issue with
CONFIG_STACK_OPTIMIZATION_386 enabled.
Fixes:
https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/3731683337
[1] https://gitlab.com/buildroot.org/toolchains-builder/-/jobs/3731683337
[2] https://gitlab.com/qemu-project/qemu/-/commit/958e1dd1300f37f18b2161dfb4eb806fc8c19b44
[3] https://gitlab.com/qemu-project/qemu/-/issues/1478
[4] https://bugs.gentoo.org/725674
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
According to release notes from Microchip, this fixes a memory
leak in AP modes, fixes a failure with an undisclosed but specific
AP, and re-certified with WFA for WILC1000.
Signed-off-by: Kris Bahnsen <kris@embeddedTS.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add an upstream patch in package/refpolicy/2.20221101 that makes dbus optional
for the mount interface. The patch must go in the 2.20221101 directory or else
the build system will automatically attempt to apply the patch to a custom git
version of refpolicy if chosen.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In addition:
- Refresh 0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
- Update COPYING hash as the license file has been rewritten for clarity.
However, the licenses have not been changed.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also:
- Change the license file to LICENSE. The hash remains the same.
- Add 0001-python-sepolgen-fix-ausearch-path.patch as audit 3.1
installs ausearch to /usr/sbin not /sbin
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: rewrite 0001 into an upstreamable patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- libselinux now requires pip, just to perform the install of the python
bindings; it still uses setuptools to do the actual build;
- rebase patches for version 3.5;
- backport a fix for the install of the python bindings.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- backport upstream patch to fix installation of python bindings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Change the license file to LICENSE. The hash remains the same.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some packages, like libselinux, use pip to perform the installation step
of their python bindings. Those packages do have to use our host python
when building, so that it matches the target python.
So we need to have a host variant of pip that is usable with our host
python.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If rst2html5 is installed on a host system, meson will attempt to build
html5 documentation from the docs directory, resulting in the following
error:
/usr/local/bin/rst2html5.py
Traceback (most recent call last):
File "/usr/local/bin/rst2html5.py", line 27, in <module>
from docutils.core import publish_cmdline, default_description
ModuleNotFoundError: No module named 'docutils'
Backport an upstream that guards the build of the html documentation
behind the existing ds_doc condition, which we already disable in
Buildroot.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- as pointed out by James, backport an upstream commit rather than
carry an non-upstreamable patch
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2dff6e93ca (package/readline: add upstream patch to fix crash
with invalid locale specification) fixed a regression in readline 8.2
[0], that could have been caught with a runtime test. readline is a
library, so we need an executable that exercises readline.
Since readline and bash are developped in tandem [1], it is only logical
to use bash to test readline.
Add a new runtime test for bash, that checks that we can indeed run an
interactive shell, and that an non-existing locale does not cause the
dreaded segfault. We do not use the default configuration, because it
uses a uclibc toolchain, and we want to reproduce against a glibc one.
[0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021109
[1] https://tiswww.case.edu/php/chet/readline/rltop.html#Bugs
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This casues build failures:
..../build/busybox-1.36.0/Makefile.flags:165: *** unterminated call to function 'shell': missing ')'. Stop.
This reverts commit 441c44626f.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current mupdf version fails to build when zlib-ng is used as the
zlib implementation. Add a patch to fix it.
This fixes the following build failure raised since the bump to
version 1.21.0 of the mupdf package in commit
3c2033cd2a:
source/fitz/encode-basic.c: In function 'deflate_write':
source/fitz/encode-basic.c:343:27: error: 'UINT_MAX' undeclared (first use in this function)
343 | newbufsize = n >= UINT_MAX ? UINT_MAX : deflateBound(&state->z, n);
| ^~~~~~~~
source/fitz/encode-basic.c:26:1: note: 'UINT_MAX' is defined in header '<limits.h>'; did you forget to '#include <limits.h>'?
Fixes: http://autobuild.buildroot.net/results/87128e9967cff20078c65ab847877aa44cc409d9
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This option can be used for runtime testing or package debugging.
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: tweak the comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Add support for -c and -cc to disable log compression
A single -c disables compression for pipes, another -c (or -cc)
disables compression for all other log targets
- The default syslog.conf now logs debug messages again (disabled in
v2.4.0) due to problems (confusion) reported in the field
- Dropped not recommended KillMode=process from systemd unit file
- Fix loss of early log messages running under systemd
Full changelog: https://github.com/troglobit/sysklogd/releases/tag/v2.5.0
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
optee-benchmark package was removed in commit cf39b596e7
("package/optee-benchmark: remove deprecated package") but forgot to
remove the associated DEVELOPERS file entry.
Using the get-developers script on any file generates a warning,
for example:
utils/get-developers DEVELOPERS
WARNING: 'package/optee-benchmark/' doesn't match any file, line 865
git send-email --to buildroot@buildroot.org
This commit fixes the issue by removing the entry.
Cc: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If both, hicolor-icon-theme (selected by libgtk3-demo) and
adwaita-icon-theme is not selected, then the /usr/share/icons
folder is empty, causing find to fail.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Tested-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The at-spi2-core and at-spi2-atk were merged, and are now built by default,
so this patch is no longer required.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Tested-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
[yann.morin.1998@free.fr:
- rename remaining patch,
- update .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The most recent release of RPM is v4.18.1 [1].
Adding an upstream patch to prevent build failures for certain
toolchains (0001-fix-var-declare-in-label-error.patch). Fix should be
available next release.
[1]: https://rpm.org/wiki/Releases/4.18.1
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adding a series of feature-disable configurations of options introduced
over the recent versions, but where never added.
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drops the use of `RPM_CFLAGS`, which their use has been obsolete when
this package bumped to v4.17 [1].
[1]: 429e247b86
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bumps OP-TEE client package version to OP-TEE release 3.21.0.
Removes the 2 local patches that have been integrated into mainline
repository before release tag 3.21.0.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr: regenerate .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Package optee-benchmark is no more maintained by OP-TEE community
hence don't enable that package in qemu_arm_vexpress_tz_defconfig.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Tweak the applied configuration options to flag support for Wayland if
the wayland package is detected. This will allow the generation of the
`interactive-wayland` utility (when `BR2_PACKAGE_LIBXKBCOMMON_TOOLS` is
also configured).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit d06dca38bb (linux: cleanup kconfig fixup processing) introduced
the conditional LINUX_KCONFIG_FIXUP_CMDS_ROOTFS_CPIO, using a negative
logic condition.
Switch that to use positive logic.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following is an attempt o cleanup the output generated when fixing
up a Linux's Kconfig:
- Quiet the conditional check host-pahole to avoid having the message
used to describe a failure generate in the output in its script form.
- Move the initramfs fixups to their own conditional macros, and move
the comments out of the macro (mainly for developers managing the
implementation).
- Adding a generic "Updating kernel config..." message, to help inform
builders that the framework is actively processing Kconfig's (while
users may be pondering why the closing of a `linux-menuconfig` is
doing).
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- introduce LINUX_KCONFIG_FIXUP_CMDS_ROOTFS_CPIO
- use MESSAGE to display... a message...
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In a previous commit [1], the use of `KCONFIG_ENABLE_OPT` was tweaked in
a way which no longer generates a default output unless the quiet flag
is unset (`Q=`). The use of `KCONFIG_SET_OPT` and `KCONFIG_DISABLE_OPT`
does not apply a quiet operation. In order to make all these kernel
configuration defines operate in a consistent way, adjusting both
`KCONFIG_SET_OPT` and `KCONFIG_DISABLE_OPT` to be default-quiet as well.
[1]: 66d2ff25ba
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit also:
- adds the md5 from the release note in the package hash file,
- rebase the patch on the new version tag,
- adds the "Upstream:" tag in the patch.
For change log since v0.3.22, see:
- https://github.com/xianyi/OpenBLAS/releases/tag/v0.3.23
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 80793107a6 package/transmission: bump version to 4.0.3
- 8d6ddb7a29 package/rtl8812-aircrack-ng: bump to 2023-05-01
version to fix build failure with Linux 6.3
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- add option for new library "url"
- drop upstreamed patch
- Math now requires C++14/gcc5
Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
[yann.morin.1998@free.fr:
- propagate the new boost-math option to uhd
- fix indentation in help for boost-url
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Needed for bumping transmission to version 4.0.1.
Added configure option to fix build error with gcc-12.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Package binaries can be successfully built for and then executed on
RISC-V platforms including RV32 and RV64 variants. Tested in QEMU.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi PC Plus requires host OpenSSL.
Build error is masked only because Linux kernel is built
before U-Boot for this specific image configuration were
wireless driver is enabled.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi Zero requires host OpenSSL.
Build error is masked only because Linux kernel is built
before U-Boot for this specific image configuration were
wireless driver is enabled.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Building U-Boot for OrangePi One now requires host OpenSSL. Select
BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following build error:
include/image.h:1383:12: fatal error: openssl/evp.h: No such file or directory
1383 | # include <openssl/evp.h>
| ^~~~~~~~~~~~~~~
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/4187707115
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
After booting Linux the userspace is unusable since every command issued,
that is a symlink to busybox, fails because of no free ram. So let's
disable IIO in linux.config to give some more ram to userspace.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
LDFLAGS need to be passed to the micropython build system via the
LDFLAGS_EXTRA variable, which was so far missing. This patch adds it.
Signed-off-by: Jonathan Neuschäfer <j.neuschaefer@gmx.net>
Acked-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0ce2d42aa7 (package/kodi-inputstream-adaptive: update license
info) did a last-minute update to add all the license files, but forgot
to amend the hash file.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Needed for the upcoming version bump of the Nexus version of
kodi-inputstream-adaptive.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Replaced patch 0002 to fix python detection with new version due to
upstream changes:
https://github.com/xbmc/xbmc/pull/21597#issuecomment-1166365667
Removed patches which were applied upstream.
Bump gcc requirement as kodi depends on C++17.
Rework configure options.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- git-format patch 0002
- add upstream tag to patch 0002
- regenerate .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removed patches which were applied upstream, rebased remaining patches.
Added patch 0004 to avoid dependency to perl package JSON:PP.
This bump depends on bumping heimdal, see previous patch of this series.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- make new patch git-formatted
- add upstream status to new patch
- update .checkpackageignore wth removed patches
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 2d7cfd49ba package/valgrind: bump version to 3.20.0
- 4aef53575b package/libgit2: bump version to 1.6.4
- b0306d94b2 package/cpio: bump version to 2.14
- f292d9b736 package/gocryptfs: bump version to 2.3.2
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- do not only disable NTLM delegation to winbinds ntlm_auth but
disable NTLM support overall (and drop enforced libopenssl DES
dependency introduced by 'package/libcurl: make sure openssl
supports DES' (commit f25c820a4f)
- change man page hint to https URL
- rearrange configure options to one option per line
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update also the release url because the OpenPrinting https archive page
is out of sync with the current release archive on the main github
project.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
* Remove patch applied upstream.
* Upstream fixed building inside the source tree, but still does not
recommend it, so keep LIBGIT2_SUPPORTS_IN_SOURCE_BUILD = NO
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- change download from git URL to https (and SITE_METHOD git)
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We do not need to add a hash for 6.3, as it was already added in
eadff4efe9 ({toolchain, linux-headers}: add support for 6.3 headers).
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: explain why no hash update]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adds the upstream patch that fixes the CVE.
No new release so far.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When explicitly specifying printing backends libgtk3 requires file
to be one of them on linux.
Fixes:
- output/build/libgtk3-3.24.37/modules/printbackends/meson.build:39:4: ERROR: Problem encountered: 'file' print backed needs to be enabled
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some patches were removed in recent version bumps:
- 492c803117 package/tbb: bump to version 2021.8.0.
- a1e0e7276c package/libmodsecurity: bump to version 3.0.9
- e4fb09f95f package/gstreamer1-editing-services: bump version to 1.22.2
- 460c9fa338 package/pciutils: bump to version 3.9.0
- 0f1d33b6c8 package/crun: bump to version 1.8.4
And some were renamed with a version bump:
- 60d8e52576 package/lua: bump to version 5.4.5
But the ignore list was not updated in any of those commits, the latter
causing issues because the patches are no longer ignored;
package/lua/5.4.5/0001-root-path.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0002-shared-libs-for-lua.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
package/lua/5.4.5/0011-linenoise.patch:0: missing Upstream in the header (http://nightly.buildroot.org/#_additional_patch_documentation)
384140 lines processed
3 warnings generated
Update the ignore list accordingly.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When browsing the help references for various systemd features, it was
observed that the `systemd-rfkill` link was dead (originally pointing to
`systemd-rfkill@.service.html`; now `systemd-rfkill.service.html`). This
commit corrects this link, as well as updates all other links to https
(since freedesktop.org now force redirects to https).
Signed-off-by: James Knight <james.d.knight@live.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable building with libressl to avoid the following build failure
raised since the addition of the package in commit
ea36681572:
In file included from /home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/analyzer/protocol/mime/MIME.cc:7:
/home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/zeek/digest.h: In function 'void* EVP_MD_CTX_md_data(const EVP_MD_CTX*)':
/home/thomas/autobuild/instance-2/output-1/build/zeek-4.1.1/src/zeek/digest.h:22:12: error: invalid use of incomplete type 'const EVP_MD_CTX' {aka 'const struct env_md_ctx_st'}
22 | return ctx->md_data;
| ^~
Fixes:
- http://autobuild.buildroot.org/results/2db2988d495f9d06d058fb532a2dcfa9ef6e207c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Backport 2 fixes from upcoming release (memory leak and incorrect JSON
output).
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop 0003-Revert-Fix-maxminddb-link-on-FreeBSD.patch, handling of libmaxminddb
was fixed upstream in d2b700d
- Drop 0004-build-pcre.m4-fix-build-without-pcre.patch, handling of PCRE was
fixed upstream in 791964a
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The test chckes that the "Upstream:" tag be on the first column, without
any leading character (no space, no bracket of any kind).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The past participle for "to fix" is "fix". The "did you forget" got
eluded into "forget", so again a past participle.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, utils/docker-run spawns a container with a tty, so that he
user can interact properly in the container.
However, that requires a tty when calling docker-run, which is not
always guaranteed, e.g. if called from a git hook.
Since the script is a bash script already, we can use an array to store
options passed to docker, and only add the -t option when there is
actually a tty available.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
- Drop "0001-meson-change-std-to-gnu99.patch" since change is available
in this version.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: regenerate .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- glib2 has moved from PCRE to PCRE2 [1].
- Drop `fam` option since it no longer available [2].
- Drop "0001-fix-compile-time-atomic-detection.patch" since upstream
patch was dropped and new atomic detection implementation has been
applied in this version.
- Drop "0002-remove-cpp-requirement.patch" since upstream has modified
its Meson scripts to have any C++ usage as optional.
- Drop "0003-Add-Wno-format-nonliteral-to-compiler-arguments.patch"
since change is available in this version.
- Add new patch to address new Werror compilation errors [3].
- Renamed "0004-*.patch" -> "0001-*.patch" since it should still be
applicable for its mentioned build case.
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1938974
[2]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2570
[3]: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/3390
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- update upstream status on new patch
- regenerate .checkpackageignore
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Providing an upstream status for the remaining libglib2 patch from a
recent version bump. This patch was introduced in Buildroot around
November 2021 to help deal with build errors where `GObject-2.0.gir`
could not be found (tied to Buildroot changes made in
`gobject-introspection.mk`). The discussion thread mentions this could
be submitted upstream, but looks like it never was. Reflecting that this
package has not been submitted upstream.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 5e1c238b72 (package/ltp-testsuite: require 5.11 headers for
musl) dropped a patch, which had no "upstream" status, and thus had an
ignore entry, which itself was ignored when the patch got removed.
Regenerate .checkpackage ignore now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since upstream Linux commit ed21d6d7c48e6e96c2d617e304a7ebfbd17b1807
("perf tests: Add test for PE binary format support") present in >=
v5.10 there is an unconditional installation of PE binaries.
Some toolchains have a readelf tool that correctly interpret the PE
files, and reports ELF-alike fields. This causes check-bin-arch to
reject those files.
Make sure that these binaries are excluded from being checked to allow
the installation of the perf tests.
Fixes: 6fcdaa4c50 ("package/linux-tools: Allow installation of perf scripts")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Jobs with the syntax @hourly, @daily, ... were not executed since the
version bump from `v4.5` to commit `1ba33c3325df48de46263276a43ed76cf9d81518`.
This patch fixes the bug downstream.
Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There was a conflict between musl and kernel headers prior to 5.11, due
to a bug in kernel headers, which was fixed in a85cbe6159ff ("uapi: move
constants from <linux/kernel.h> to <linux/const.h>") in v5.11, and
backported to stable/LTS kernels.
Upsteam ltp-testsuite has been unreceptive to accepting the workaround,
as they argue that the kernel headers have been fixed, and people should
update their toolchains.
However, it is not always practical, or even possible, to update the
toolchain, so lets require kernel headers at least 5.11 for musl-based
toolchains.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CGO (the Go language C bindings) normally links dynamically with the C
libraries. It seems that passing -extldflags=-static is not sufficient
to make sure they link statically. As a result, a build using CGO will
fail with
runtime.gcdata: missing Go type information for global symbol .dynsym: size 72
There are two modules in the standard Go library that can use CGO:
os/user and net. Both of these have pure Go versions, however, which can
be selected with the osusergo and netgo tags. Since these two are
standard library modules that get used in almost all Go programs, pass
those flags in the common infrastructure.
It's not entirely clear if this is always the case or only depending on
the specific way CGO is used. In the former case, we could instead
disable CGO globally if static libs are enabled. However, it turns out
that this doesn't solve the problem completely anyway (delve still fails
to link, with different errors). Also, it is possible that other cgo
modules do still work. Therefore, just stick to adding the osusergo and
netgo tags.
Cf. Statically compiling Go programs [0]
Fixes:
- crucible:
http://autobuild.buildroot.net/results/c2f/c2f29f55b461899e8e15c0494578304e6f74bf51/
- containerd:
http://autobuild.buildroot.net/results/699/69910fc6b9f474a7eb0ca7ffa27ac5512cc1bb37/
- delve:
http://autobuild.buildroot.net/results/552/55225d5da17e85271943f7adce6f07d014d9717d/
- probably others...
[0] https://www.arp242.net/static-go.html
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Corepack is a zero-runtime-dependency Node.js script that acts as a
bridge between Node.js projects and the package managers. It ships
with Node.js but is disabled by default.
Some JavaScript packages, such as vuejs and vuejs-router can benefit
from having Corepack installed on the host. Therefore, add an option
to enable Corepack with host-nodejs.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The coremark build needs to set PORT_CFLAGS explicitly in order to pick
up the configured optmisation level, and other flags.
Signed-off-by: Joel Stanley <joel@jms.id.au>
Acked-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
PDF support was disabled in commit 7a4944569c (package/ghostscript:
bump to version 9.55.0) as it was then a new option which broke the
build.
PDF support depends on both openjpeg and jbig2dec. There is already a
conditional block for each, but it is not trivial to merge sanely, so we
introduce a third conditionl block to enable PDF. AS explained in the
comment, the dependencies are duplicated in that conditional block: in
case the other conditions get dropped in the future, we will still want
to depend on both for PDF support (unless that changes too, in which
case it will also be easier to spot and update).
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=14976
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- move to its own conditional block
- add a comment about duplicated dependencies
- expadn commit log.
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thierry GUIBERT <thierry.guibert@croix-rouge.fr>
[yann.morin.1998@free.fr: split off the previous patch by Thierry]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a paragraph and an example about using the Buildroot image registry
hosted on gtilab.com, for people who want to build their own image based
on the offical one.
Signed-off-by: Thierry GUIBERT <thierry.guibert@croix-rouge.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since commit
9d1d4818c3:
[ 98%] Generating Poppler-0.18.typelib
Could not find GIR file 'GObject-2.0.gir'; check XDG_DATA_DIRS or use --includedir
error parsing file /home/giuliobenetti/autobuild/run/instance-1/output-1/build/poppler-21.12.0/glib/Poppler-0.18.gir: Failed to parse included gir GObject-2.0
If the above error message is about missing .so libraries, then setting up GIR_EXTRA_LIBS_PATH in the .mk file should help.
Typically like this: PKG_MAKE_ENV += GIR_EXTRA_LIBS_PATH="$(@D)/.libs"
Fixes:
- http://autobuild.buildroot.org/results/d2f50aa56410c2fff8a0538c57038104906e747e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
- drop patch adding INTROSPECTION_COMPILER_ARGS as it's now upstream
as of 22.02.0, and we use 22.10.0
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Due to the sheer number of patches that fail the new Upstream trailer
check (1500+) and the time it would take to make them compliant, for
now, just add them to the ignore list.
Created via `./utils/docker-run make .checkpackageignore`
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[yann.morin.1998@free.fr: regenerate]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Implement a check-package check for an Upstream: trailer in patches
being applied to packages per a mailing list discussion [0].
No strict formatting checks are implemented for the contents within the
trailer as the needed level of detail will vary patch-to-patch.
Tested with: `./utils/docker-run python3 -m pytest utils/checkpackagelib`
[0] https://lists.buildroot.org/pipermail/buildroot/2023-March/666016.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Previously, the documentation only requested links to upstream commits
when backporting patches.
Based on a mailing list discussion [0], patches should, when possible
and when approriate, provide a link as evidence that the patch has been
submitted upstream.
The motivation is that hopefully the patch gets applied to upstream at
some point reducing the long term maintenance burden within Buildroot.
This also makes future patch review on subsequent package version bumps
more streamlined.
For patches that are unique to BR and do not apply to the upstream
repository, patches should have a comment explaining why they do not
apply upstream.
[0] https://lists.buildroot.org/pipermail/buildroot/2023-March/666000.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bump Linux kernel to 6.1.14, U-Boot to 2023.01, ATF to 2.8.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With introduction of vmap'ed stacks to ARM in Linux v5.18, stack
parameters can no longer be used for DMA. So pull the latest xradio
changes that fix the driver and make it work with vmap'ed stacks
in new kernels.
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by [1], version 0.12.0 fixes these errors:
Error executing event examine-end on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/target/stm32f7x.cfg", line 103
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
Info : starting gdb server for stm32f7x.cpu on 3333
Info : Listening on port 3333 for gdb connections
Info : Unable to match requested speed 2000 kHz, using 1800 kHz
Info : Unable to match requested speed 2000 kHz, using 1800 kHz
Error executing event examine-end on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'ocd_process_reset'
in procedure 'ocd_process_reset_inner' called at file "embedded:startup.tcl", line 288
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/target/stm32f7x.cfg", line 103
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
target halted due to debug-request, current mode: Thread
xPSR: 0x01000000 pc: 0x080003fc msp: 0x20050000
Error executing event reset-init on target stm32f7x.cpu:
buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl:37: Error: wrong # args: should be "expr expression"
in procedure 'ocd_process_reset'
in procedure 'ocd_process_reset_inner' called at file "embedded:startup.tcl", line 288
in procedure 'mmw' called at file "buildroot/output/host/bin/../share/openocd/scripts/board/stm32f769i-disco.cfg", line 71
at file "buildroot/output/host/bin/../share/openocd/scripts/mem_helper.tcl", line 37
Remove upstream patches.
The new version moves the GPL-2.0 license from COPYING to the subfolder
"preferred", adding the header required by spdxcheck.py. A minimalist
COPYING is added in the top directory, as required by automake, pointing
to the files in LICENSES.
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014849
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr:
- one license or license file per line
- reorder licenses to match file order
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Kernel versions prior to 3.4 did not have V4L2_CAP_DEVICE_CAPS and
compiling against such a kernel will fail.
This patch introduces a version check and makes eudev fall back to
v2cap.capabilities on these kernels.
Signed-off-by: Stefan Ott <stefan@ott.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Update to latest upstream git version, fixes compile failure since
nginx-1.23.0:
src/event/ngx_event_udp.h:38:27: error: field ‘pkt6’ has incomplete type
38 | struct in6_pktinfo pkt6;
| ^~~~
.../nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:2925:36: error: ‘r->headers_in.x_forwarded_for’ is a pointer; did you mean to use ‘->’?
2925 | if (r->headers_in.x_forwarded_for.nelts >= 1) {
| ^
| ->
- remove 0001-naxsi_src-naxsi_runtime.c-fix-build-without-x_forwar.patch
(upstream commit, see [1])
- remove 0002-PCRE2-compatibility.patch
(upstream commit, see [2])
Changelog (since 1.3):
- a2add9f docs: fix simple typo, registred -> registered (#538)
- aa9da98 Fix#541 - Removing useless assert.
- fbe6ffd Some includes are required for OpenBSD (#545)
- 296583f naxsi_src/naxsi_runtime.c: fix build without x_forwarded_for (#568)
- fe5df20 redirect naxsi log to a separate log file (#563)
- c81a4e3 parse HTTP PATCH requests and associated tests (#595)
- 2937c44 PCRE2 compatibility (#587)
- d714f16 Fixes NGINX >= v.1.23.0 (all credits @lubomudr) (#598)
Given the short history since 1.3, and rather than backporting one more
patch, just bump to current HEAD of the upstream repository.
[1] https://github.com/nbs-system/naxsi/commit/296583f06ba5c43cc859e01fd3c0ae1271eef0ce
[2] https://github.com/nbs-system/naxsi/commit/2937c44276cba21601ade4e265d32515f570d68c
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The QEMU board's post-image script will glob through various
`readme.txt` files for an appropriate command line to use. Recent linter
changes [1] prevents this from happening, and results in the following
build error:
>>> Executing post-image script board/qemu/post-image.sh
sed: can't read board/qemu/*/readme.txt: No such file or directory
Reverting part of the shellcheck fixes for the README file arguments and
marking a linter exception.
[1]: b32d7c99c6
Signed-off-by: James Knight <james.d.knight@live.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr: also reinstate plural to the variable name]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Virtually all PCs nowadays have a PCI bridge and PCI devices.
All framnebuffer options depend on CONFIG_FB, which default is not 'y',
so also enable that.
The overwhelming majority of PCs nowadays also come with an UEFI
bootloader, that configures a framebuffer usable in early boot, which
the kernel can reuse without needing any hardware-specific driver.
EDID allows retrieving the capabilities of the connected display,
especially the frequencies and so on, to properly drive the display.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- drop cosmetic CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER=y
- rewrite commit log to explain all new options
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's use a more modern kernel with a broader range of hardware support
for PCs.
We stick to 6.1, rather than 6.2, as the former is an LTS, whicle the
latter is not.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In 38b798da73 (package/skeleton: drop $(HOST_DIR)/usr compatibility
symlink), we considered that $(HOST_DIR)/usr is a legacy symlink, and so
we dropped it. During review, it was pointed out that:
1. [if] something installs in HOST_DIR/usr it's probably going to
break somewhere down the line,
2. DESTDIR is empty for host builds. And PREFIX/usr would be completely
crazy.
However, we do have a package where DESTDIR is not empty for host
packages. Indeed, for host-systemd, we do have a convoluted sequence
where we configure it for the traditional /usr prefix, rather than
$(HOST_DIR) for all other host packages, and we install it with
DESTDIR=$(HOST_DIR). This is because systemd has to interpret path on
the target, not on the host, and confusion ensues if host systemd is not
configured with the same prefix as the target systemd. See commit
35c11a027c (package/systemd: add host variant) for the full, in-depth
explanations.
This reverts commit 38b798da73.
This also changes the comment to note that, although legacy, the usr
symlink is still required for some weird host packages.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Last-minute changes to d9b244d8a3 (board/qemu: define start qemu
script outside of post-image script) were not tested before being
pushed, so they introduced a bug.
As Arnout put it:
[...] multiple expressions need a -e to interpret them as
expressions (now they're interpreted as file names).
Fixes: d9b244d8a3
Reported-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Knight <james.d.knight@live.com>
In Cargo, it is quite typical for "build scripts" to be written in Rust
and therefore they need to be compiled as part of the overall build. In
cross-compilation, that means a mixed host and target build.
Unfortunately, by default Cargo makes no distinction between the
RUSTFLAGS used for the host and the target. There is, however, an
unstable feature to make this distinction [1][2].
We already have CARGO_TARGET_APPLIES_TO_HOST="false". This makes sure
that any configuration that we make for the target doesn't automatically
apply to the host as well. However, this only applies for per-target
configuration, for example the setting of "cc" in the config.toml
generated by package/rust/rust.mk. Flags that are passed with RUSTFLAGS
still apply to both host and target. Therefore, we need to use the
CARGO_TARGET_<tuple>_RUSTFLAGS environment variable instead of plain
RUSTFLAGS.
This, however, doesn't allow us to specify flags that apply only to the
host. We could use CARGO_TARGET_<hosttuple>_RUSTFLAGS for that, but that
doesn't work in case the host and target tuple are the same. For this,
we need another unstable feature, enabled with
CARGO_UNSTABLE_HOST_CONFIG="true". With this enabled, we can specify
flags that apply only for the host build using CARGO_HOST_RUSTFLAGS.
Currently, we don't have any such flags, but we really should: we should
pass the proper link flags to point to $(HOST_DIR)/lib. Therefore, add
CARGO_HOST_RUSTFLAGS doing exactly that.
[1] https://doc.rust-lang.org/nightly/cargo/reference/unstable.html#host-config
[2] https://github.com/rust-lang/cargo/pull/10395
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit b32d7c99 fixed the shellcheck errors in board/qemu/post-image.sh,
but forgot to remove it from .checkpackageignore, leading to "Shellcheck
was expected to fail" errors.
Re-generate .checkpackageignore.
Fixes: b32d7c99c6
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Provides the ability to use a host system's QEMU. While a Buildroot
generated QEMU should work for most cases, a developer may wish to use
the system's QEMU for options which may not have been configured in the
Buildroot's QEMU build (e.g. configuring a different display mode).
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- use false/true instead of 0/1
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Provides the ability to forward command line options directly to QEMU.
When invoking `start-qemu.sh`, users can forward arguments by adding a
double dash (`--`) into the argument set, and any trailing arguments
will be forwarded into QEMU. For example, `start-qemu.sh -- --help`.
The original implementation supported a "serial-only" command line
argument to help run in a non-graphical mode for some use cases. These
changes try to promote a newly added `--serial-only` argument to drive
this mode; that being said, a `serial-only` argument will still be
accepted for backwards compatibility.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- drop the warning: unknown options cause 'exit 1' already, and any
leftover is explicitly for qemu.
- use false/true instead of 0/1
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The following moves the definition of the QEMU board's `start-qemu.sh`
helper script from being inlined in the post-image script into its own
file. This should, in theory, make it easier to maintain the script in
the future.
Signed-off-by: James Knight <james.d.knight@live.com>
[yann.morin.1998@free.fr:
- don't sub-shell in the script
- merge all 3 sed calls into one
- create dest file with the sed, don't cp first
- also substitute HOST_DIR
- fix shellcheck
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
For some documents, we may want a terse or deeper TOC depth. For
example, short documents may want just the level-0 in the TOC, while
longer documents may want depth 1 or 2, or even deeper; also, some
documents may not use the document-title levels [0], only section
levels [1], and so may want to increase the TOC depth.
Additionally, allow per-format depth. For example, split-html has a
single page dedicated to the TOC, so there we may want a deeper TOC,
while on the html output, where the TOC is on the same page as the
whole document, a shorter TOC is preferred.
[0] https://docs.asciidoctor.org/asciidoc/latest/syntax-quick-reference/#document-header
[1] https://docs.asciidoctor.org/asciidoc/latest/syntax-quick-reference/#section-titles
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 17feaf0016 (manual: set toc depth to 4 for html outputs) did
not explain why it set the depth of the table of content (TOC) only for
the html and split-html formats.
From memory, but it is a bit fuzzy after all those years, the TOC for
HTML documentation was by default deeper than for the other formats, so
it was really useless to expand it more than one-level deep, while for
other formats, the default was acceptable.
However, it does not make much sense to limit/enforce the depth of the
TOC only for specific formats, and keep the default for the others;
indeed, there is nothing that prevents the default to change with
various versions of asciidoc and the rendering backends.
Render all the formats with the same, explicit level of TOC.
We move the assignment of _A2X_OPTS above the comment, because the
comment does not apply to the TOC setting. Also note that the previous
assignment to an empty value was completely superfluous...
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It has been years that we removed $(HOST_DIR)/usr. Because of this
symlink, however, there are still packages that install things in
$(HOST_DIR)/usr. Remove the symlink so those packages will start to
fail.
Note that there's now a check-package check to detect such incorrectly
instaled things, so this should only affect external packages.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The shebang in check-package now defines python3. There is no longer a
need to maintain support with python 2.x.
See-also: 02b165dc71 (check-package: fix Python3 support)
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Tested-by: James Knight <james.d.knight@live.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
kernel.
Use BR2_MAKE and BR2_MAKE1 for linux, and depend on
BR2_MAKE_HOST_DEPENDENCY. In addition, we need to set LINUX_MAKE to
BR2_MAKE for use in the kconfig infrastructure.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since kernel version 6.2, the minimum GNU Make version is 3.82 [1]. We
have an optional host-make 4.0 minimum dependency, so we can use it as
is. It's a bit unfortunate that we have to apply this even to older
kernel versions, but make itself builds fairly fast compared to the
toolchain (which is the only reason to build linux-headers).
Use BR2_MAKE for linux-headers, and depend on BR2_MAKE_HOST_DEPENDENCY.
Signed-off-by: Oleg Lyovin <ovlevin@sberdevices.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Excerpt of https://github.com/troglobit/mg/releases/tag/v3.6:
- Sync with mg upstream, OpenBSD 7.2, as of April 10 2023
- Drop trailing whitespace on RET (c-mode)
- Add zap-to-char and zap-up-to-char, binding the former to M-z
- Fix dobeep_msgs() usage, does not support format strings, this may
have caused unexpected crashes for some operations, e.g. goto line
that does not exist
- Fix memleaks and possible crashes in ctags support
- Fall back to /bin/sh if $SHELL is undefined
- Fix typos and duplicate undo in *quick* help buffer
- Add support for exuberant/universal Ctags tags file format
- Add support for M-, to pop-tag-mark, like GNU Emacs
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This patch bumps version of the sunxi-tools to latest commit on master branch.
There are no new tags\releases since 2016 so let's use commit hash as version.
New version brings support for the following SOCs: A63, V5, R528/T113s, V853,
F1C100s, R329, H616, H6
Signed-off-by: Maksim Kiselev <bigunclemax@gmail.com>
[Arnout: use full hash in VERSION]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When we updated .checkpackageignore in commit 29d6f319a, this was done
using a different version of shellcheck, that apparently detects some
additional issues. Thus,
board/terasic/de10nano_cyclone5/barebox-env/boot/mmc was detected as
containing shellcheck errors. However this doesn't happen with the
version in CI, leading to "Shellcheck was expected to fail" errors.
Re-generate .checkpackageignore under docker-run, like it should have
been done to begin with.
Fixes: 29d6f319a0
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/4084485150
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
It's been ages (5 years at the next release) that we've not installed
host packages in $(HOST_DIR)/usr, but we still have a few packages that
reference it or install things in there. See [1]
Add a new check_function that warns when a file is added installing to
or referencing $(HOST_DIR)/usr .
[1] "d9ff62c4cd pacakge: drop remnants of $(HOST_DIR)/usr"
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: exclude skeleton.mk with disable comment instead of explicit
code]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
For years already, $(HOST_DIR)/usr is deprecated. Install directly in
$(HOST_DIR). This will trigger a check-package error in the following
commit.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Teach check-package to detect python files by type and check them using
flake8.
Do not use subprocess to call 'python3 -m flake8' in order to avoid too
many spawned shells, which in its turn would slow down the check for
multiple files. (make check-package takes twice the time using a shell
for each flake8 call, when compared of importing the main application)
Expand the runtime test and the unit tests for check-package.
Remove check-flake8 from the makefile and also from the GitLab CI
because the exact same checks become part of check-package.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: add a comment to x-python to explain its purpose]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The .mk files inside both support/dependencies and support/misc are not
package recipes, similar to package/pkg-*.mk. The check-package don't
apply to them. Therefore ignore such files.
In the test infra, some br2-externals are used as fixtures to provide
(sometimes) failure cases, so ignore files in these directories.
Files inside support/kconfig are files copied from linux upstream, so do
not generate warnings for them.
support/gnuconfig contains auto-generated config.{guess,sub} files,
so do not generate shellcheck warnings for them.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
When a SysV init script is inside package/ it doesn't need to be
executable. However, when an init script is inside a fs_overlay, it
*does* need to be executable. Therefore, skip the NotExecutable test for
init scripts. We detect them based on the directory /etc/init.d
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: update .checkpackageignore]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Move RUSTFLAGS for host builds to HOST_PKG_CARGO_ENV so that they
are set for host cargo builds which don't use the cargo infrastructure,
e.g. python packages that include rust code.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Bump U-Boot to version 2023.04 and remove the patch that has already
been upstreamed.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
mdadm contains various udev rules to manage RAID assembly and create
symlinks, install them if udev (or equivalent) is enabled.
Signed-off-by: Simon Rowe <simon.rowe@nutanix.com>
[Arnout: use MDADM_INSTALL_TARGET_OPTS for install-bin as well]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The version of U-Boot must be explicitly set because if you keep the
default setting, the bootloader is continuously updated in buildroot with
the risk of building a non-working image.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
go1.19.8 (released 2023-04-04) includes security fixes to the go/parser,
html/template, mime/multipart, net/http, and net/textproto packages, as well as
bug fixes to the compiler, the linker, the runtime, and the time package.
Fixes security vulnerabilities:
go/parser: infinite loop in parsing (CVE-2023-24537)
html/template: backticks not treated as string delimiters (CVE-2023-24538)
net/http, net/textproto: denial of service from excessive memory
allocation (CVE-2023-24534)
net/http, net/textproto, mime/multipart: denial of service from excessive
resource consumption (CVE-2023-24536)
https://go.dev/doc/devel/release#go1.19.8https://github.com/golang/go/issues?q=milestone%3AGo1.19.8+label%3ACherryPickApproved
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patches.
Update license to include mode licenses. Add license file hashes and
update hashes of existing files for added licenses, as well as
formatting and copyright date updates.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Although this is a "boot loader", it really is a tool that should be
part of an image that acts as the bootloader. Thus, it is not in the
bootloader menu.
A UI is required and can be provided by ncurses, X11 or fbdev. Only
ncurses is supported for now. The other two use libtwin which isn't part
of Buildroot for now.
Adapted from https://github.com/glevand/petitboot--buildroot
Updated to work with m68k architecture rather than just PlayStation3
(focused on qemu-system-m68k virt machine)
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Add missing arch and toolchain dependencies.
- Remove nonexistent BR2_PACKAGE_NCURSES_TARGET_* selects.
- Swap kexec/kexec-lite priority.
- Add hash for license file.
- Use version without v for VERSION.
- Remove unnecessary --localstatedir=/var.
- Add --disable-busybox.
- Remove --enable-debug.
- Remove --with-ncursesw and explicit libraries.
- Add explicit arguments for all configure options.
- Always select busybox tftp.
- Add optional dependency on dtc.
- Move dtc-specific options under a single condition.
- Minor cleanups (whitespace, comments, ...).
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
kexec supports m68k since commit
027413d822fd57dd39d2d2afab1484bc6b6b84f9 in v2.0.5
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
[Arnout:
- Split off in a separate commit.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is the fifth patch release in the 1.1.z series of runc, which fixes
three CVEs found in runc.
CVE-2023-25809 is a vulnerability involving rootless containers where
(under specific configurations), the container would have write access to the
/sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host
were affected. This vulnerability was discovered by Akihiro Suda.
GHSA-m8cg-xc2p-r3fc
CVE-2023-27561 was a regression which effectively re-introduced CVE-2019-19921.
This bug was present from v1.0.0-rc95 to v1.1.4. This regression was discovered
by Beuc. GHSA-vpvm-3wq2-2wvm
CVE-2023-28642 is a variant of CVE-2023-27561 and was fixed by the same patch.
This variant of the above vulnerability was reported by Lei Wang.
GHSA-g2j6-57v7-gm8c
In addition, the following other fixes are included in this release:
- Fix the inability to use /dev/null when inside a container
- Fix changing the ownership of host's /dev/null caused by fd redirection
- Fix rare runc exec/enter unshare error on older kernels, including CentOS < 7.7
- nsexec: Check for errors in write_log()
https://github.com/opencontainers/runc/releases/tag/v1.1.5
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There's a runtime dependency on tomli, but only for Python < 3.11.
Therefore this is not applicable for us.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Extend the linux-tools package to also build the userspace USB tools,
which currently include testusb and ffs-test.
These tools are in the kernel tree since a long time, and althogh a
Makefile had been present since kernel 2.6.39, it has been entirely
rewritten (with an install rule) back with kernel 5.9, to allow building
the same way as other tools provided with the kernel.
We make use of the Makefile install rule, thus version >= 5.9 is
required. Support for older kernels may be added later if needed, and
is left as an exercise for the motivated party.
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Herve Codina <herve.codina@bootlin.com>
[yann.morin.1998@free.fr: fix history of Makefile]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
LVM relies on the glibc-specific behaviour of assigning to the
standard streams (stdin etc). As a result the package is currently
disabled when using musl.
This commit backports two patches from upstream lvm2 (not yet in a
release) that fix some build issues with musl, and two additional
patches taken from the Gentoo distribution to address more issues.
With those 4 patches combined, lvm2 builds fine with musl and can
therefore be re-enabled in musl configurations.
Signed-off-by: Simon Rowe <simon.rowe@nutanix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This variable is no longer used anywhere in the tree so remove it.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Remove all support for FOO_GETTEXTIZE and alert users to FOO_AUTOPOINT
as the recommended solution in its stead. We can use the standard
check-deprecated-variable for this, because from a user perspective
FOO_AUTOPOINT is pretty-much a drop-in replacement.
The warnings about FOO_GETTEXTIZE_OPTS are no longer relevant, because
they will only make sense if FOO_GETTEXTIZE was already set.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[Arnout:
- use check-deprecated-variable;
- remove FOO_GETTEXTIZE_OPTS warnings;
- remove definition of GETTEXTIZE]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 895bfba dropped POPT_AUTORECONF but did not drop POPT_GETTEXTIZE,
which requires POPT_AUTORECONF = YES.
Fixes: 895bfba ("package/popt: bump to version 1.19")
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop patch that is no longer necessary after moving to new package flag.
Add patch to fix builds due to missing required files.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Add a new variable to run autopoint during autoreconf.
This variable depends on FOO_AUTORECONF = YES. It is mutually exclusive
to FOO_GETTEXTIZE. If both are set, FOO_AUTOPOINT is ignored to preserve
previous behavior.
This support is being added per a previous discussion [1].
The usage of gettextize needs to be removed cuz mama says so [2].
... is not part of the GNU build system, in the sense that it should
not be invoked automatically, and not be invoked by someone who doesn’t
assume the responsibilities of a package maintainer. For the latter
purpose, a separate tool is provided, see Invoking the autopoint Program [3]
Using gettextize has the unintended consequence of updating the package
based on the version of host-gettext vs what was chosen by the upstream
maintainer. As mama said above, we should use autopoint. Do as she says
to avoid further scolding (gettextize shoehorning and package patching).
[1] https://patchwork.ozlabs.org/project/buildroot/patch/20170827110920.15579-1-aleksander@aleksander.es/
[2] https://www.gnu.org/software/gettext/manual/html_node/gettextize-Invocation.html
[3] https://www.gnu.org/software/gettext/manual/html_node/autopoint-Invocation.html
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Previously, AUTOPOINT was hardcoded to /bin/true in autoconf.mk.
Moving the definition of this variable into AUTOCONF_ENV as part of the
autotools infrastructure will allow us to conditionally set the variable
based on package flags to support migrating away from FOO_GETTEXTIZE.
While we're at it, split the overly long line that defines AUTORECONF,
wrapping at 80 columns.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
[Arnout: split long line]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
No package in the current tree is currently utilizing this option.
The long term solution is to use autopoint over gettextize in which case
these options aren't relevant anyway.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Migrate to flit build backend.
Use license file instead of readme hashes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From [1]:
* sshd(8): fix a pre-authentication double-free memory fault
introduced in OpenSSH 9.1. This is not believed to be exploitable,
and it occurs in the unprivileged pre-auth process that is
subject to chroot(2) and is further sandboxed on most major
platforms.
* ssh(8): in OpenSSH releases after 8.7, the PermitRemoteOpen option
would ignore its first argument unless it was one of the special
keywords "any" or "none", causing the permission list to fail open
if only one permission was specified. bz3515
* ssh(1): if the CanonicalizeHostname and CanonicalizePermittedCNAMEs
options were enabled, and the system/libc resolver did not check
that names in DNS responses were valid, then use of these options
could allow an attacker with control of DNS to include invalid
characters (possibly including wildcards) in names added to
known_hosts files when they were updated. These names would still
have to match the CanonicalizePermittedCNAMEs allow-list, so
practical exploitation appears unlikely.
From [2]:
* ssh-add(1): when adding smartcard keys to ssh-agent(1) with the
per-hop destination constraints (ssh-add -h ...) added in OpenSSH
8.9, a logic error prevented the constraints from being
communicated to the agent. This resulted in the keys being added
without constraints. The common cases of non-smartcard keys and
keys without destination constraints are unaffected. This problem
was reported by Luci Stanescu.
* ssh(1): Portable OpenSSH provides an implementation of the
getrrsetbyname(3) function if the standard library does not
provide it, for use by the VerifyHostKeyDNS feature. A
specifically crafted DNS response could cause this function to
perform an out-of-bounds read of adjacent stack data, but this
condition does not appear to be exploitable beyond denial-of-
service to the ssh(1) client.
The getrrsetbyname(3) replacement is only included if the system's
standard library lacks this function and portable OpenSSH was not
compiled with the ldns library (--with-ldns). getrrsetbyname(3) is
only invoked if using VerifyHostKeyDNS to fetch SSHFP records. This
problem was found by the Coverity static analyzer.
[1] https://www.openssh.com/txt/release-9.2
[2] https://www.openssh.com/txt/release-9.3
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-22432: Open redirect vulnerability exists in web2py
versions prior to 2.23.1. When using the tool, a web2py user may be
redirected to an arbitrary website by accessing a specially crafted URL.
As a result, the user may become a victim of a phishing attack.
https://github.com/web2py/web2py/compare/v2.23.0...v2.23.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fixed (security) [APP-70]: Memory leak in MibLeaf::set if same OID is set
twice in the same PDU.
- Fix the following build failure raised since bump of snmppp to version
3.5.0 in commit e011fa0415:
snmp_pp_ext.cpp: In member function 'int Agentpp::Snmpx::send(const Agentpp::Pdux&, Snmp_pp::SnmpTarget*)':
snmp_pp_ext.cpp:1172:47: error: binding reference of type 'Snmp_pp::Pdu&' to 'const Snmp_pp::Pdu' discards qualifiers
1172 | status = snmpmsg.loadv3(Snmp::get_mpv3(), pdu, engine_id, security_name,
|
Fixes:
- http://autobuild.buildroot.net/results/d7347b8b3953596b66da6ca6d85f084fb427934c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-27371: GNU libmicrohttpd before 0.9.76 allows remote DoS
(Denial of Service) due to improper parsing of a multipart/form-data
boundary in the postprocessor.c MHD_create_post_processor() method. This
allows an attacker to remotely send a malicious HTTP POST packet that
includes one or more '\0' bytes in a multipart/form-data boundary field,
which - assuming a specific heap layout - will result in an
out-of-bounds read and a crash in the find_boundary() function.
https://lists.gnu.org/archive/html/libmicrohttpd/2023-02/msg00000.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The impetus for this change was that wget fails to load pages signed by
Let's Encrypt due to missing root certs. This version has the updated and
correct certs.
0002-mozilla-certdata2pem.py-Fix-compat-with-cryptography.patch
Patch dropped because the fix is incorporated upstream.
Signed-off-by: Steve Hay <me@stevenhay.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
MUSL support is patched by defining FNM_EXTMATCH to zero, which omits
GNU-only extended pattern matching.
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Use daemon name (bluetoothd) as file name.
- Script doesn't need to be executable.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With bluez 5.66 (bumped in c6c79d6) the Media Control Profile (MCP), Basic
Audio Profile (BAP) and Volume Control Profile (VCP) where added.
All three are enabled by default.
MCP only works if AVRCP is enabled, as it requires player.c which is
otherwise not compiled.
Only enable all three new profiles when the audio plugin is selected.
Fixes:
- http://autobuild.buildroot.net/results/d62/d6260a5acf766657f683d85fa1bdc27b7a43551e/
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
- http://autobuild.buildroot.net/results/fdf2b2eb252a24e81bddad1c81c4fdfb03dc0afe
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp: In member function 'bool dtlsopenssl::DtlsState::initCtxAndConnection(QDtlsBasePrivate*)':
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp:669:9: error: 'q_SSL_set_psk_server_callback' was not declared in this scope; did you mean 'q_SSL_set_psk_use_session_callback'?
669 | q_SSL_set_psk_server_callback(newConnection.data(), dtlscallbacks::q_PSK_server_callback);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| q_SSL_set_psk_use_session_callback
.../build/qt6base-6.4.2/src/plugins/tls/openssl/qdtls_openssl.cpp:671:9: error: 'q_SSL_set_psk_client_callback' was not declared in this scope; did you mean 'q_SSL_set_info_callback'?
671 | q_SSL_set_psk_client_callback(newConnection.data(), dtlscallbacks::q_PSK_client_callback);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| q_SSL_set_info_callback
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When running "make check-package" on a system with shellcheck 0.9.0,
the command fails with output:
make check-package
package/linux-tools/S10hyperv:0: run 'shellcheck' and fix the warnings
...
2 warnings generated
This commit fixes the warnings reported by the command:
shellcheck package/linux-tools/S10hyperv
This commit also fixes the four-space indent by a single tab on the
changed lines. Since this fixes the indentation warnings of
check-package, the Indent exclusion in .checkpackageignore is also
removed.
Fixes:
In package/linux-tools/S10hyperv line 27:
return $ret
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
In package/linux-tools/S10hyperv line 48:
return $ret
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bagas is keen to maintain git package for Buildroot. However, due to
limited resources available, he can only do testing as far as
build testing. Other developers are needed to help him maintain the
package.
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This release contains mostly a bugfixes, with some improvements around
error handling for unimplemented functionality and resiliency against
runtime changes of dbus service-files.
Also update hashes of license files. There was no change in license,
the hashes changed due to copyright date bump and additional authors
listend in the same files.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
bluez 5.66 contains various fixes and initial support for Basic Audio
Profile and Volume Control Profile.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the major release changed all the packages that have direct
dependency to harfbuzz has been succesfully built:
- efl
- libass
- mupdf
- pango
- qt5base
- qt5webengine
- qt6base
- sdl2_ttf
- supertuxkart
- vlc
- webkitgtk
- wpewebkit
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
go1.19.7 (released 2023-03-07) includes a security fix to the
crypto/elliptic package, as well as bug fixes to the linker, the runtime,
and the crypto/x509 and syscall packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without threads raised since bump to
version 22.11 in commit 6f848c068f:
In file included from /home/buildroot/autobuild/instance-3/output-1/build/rtl_433-22.11/src/data_tag.c:17:
/home/buildroot/autobuild/instance-3/output-1/build/rtl_433-22.11/include/mongoose.h:407:10: fatal error: pthread.h: No such file or directory
407 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9f1677fc5a4568be0b9c121060c5d821ac2ae21b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
lzop 1.04 uses libtool 2.4.2.418, which is right between 2.4.2 and
2.4.4. While our patch for 2.4 is also supposed to work up to and
including 2.4.2.x, it does not work for libtool 2.4.2.418, which
requires the patch for 2.4.4.
We could change our infra to better pick the appropriate patch, but we
do not know exactly which 2.4.2.x version is actually the cutting
point that requires the 2.4.4 patch. Until we have more data point,
let's handle the case in an ad-hoc manner for lzop.
Additionally, we add a patch from Florian Bäuerle, which allows to set
the mtime of the lzop archive for reproducible build support using
SOURCE_DATE_EPOCH.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Uptream does not provide a change log.
The package now needs a C++11 compiler. For example, the source file
"blake2s.hpp" is using the "constexpr" keyword.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libev and libevent can be enabled at the same time since version 4.1.0,
thanks to the event lib support refactoring into plugins, which is enabled by
default for unix platform builds (LWS_WITH_EVLIB_PLUGINS=ON):
https://github.com/warmcat/libwebsockets/commit/c6c7ab2b4498c62bf9461b36395d8466e023575d
In this way, libwebsockets can be compiled with both libev and libevent
support, which is then user-selectable at runtime.
This basically restores the behavior changed by previous commit 27f257e.
Signed-off-by: Luca Pesce <luca.pesce@vimar.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* Fix the license because libgit2 has been using some android code
without attribution. This explains the change of the hash in the
license file, which now includes the text of the BSD-2-Clause
license.
* Building in-source is accidentely broken in this release and upstream
recommends a separate build directory anyway, so use a separate build
directory.
* Some win32-specific declarations use wchar_t, add an upstreamed patch
to avoid a dependency to wchar_t elsewhere.
Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The kernel config board/qemu/aarch64-sbsa/linux.config has never been in
use by qemu_aarch64_sbsa_defconfig, neither via
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE, nor via
BR2_LINUX_KERNEL_CONFIG_FRAGMENT_FILES.
test_edk2.py is using the kernel config
board/qemu/aarch64-sbsa/linux.config. However, storing a kernel config
that is not used by qemu_aarch64_sbsa_defconfig, in a directory that is
"owned" by qemu_aarch64_sbsa_defconfig, is bound to cause confusion.
Therefore, move the config file to a new subdirectory:
support/testing/tests/boot/test_edk2/
This is similar to how e.g. test_grub.py has a subdirectory:
support/testing/tests/boot/test_grub/
where it keeps the kernel config that is only used by test_grub.py.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ARM SBBR (Server Base Boot Requirements) defines SPCR (Serial Port
Console Redirection Table) as a mandatory ACPI table that specifies
the configuration of a serial console.
In the linux kernel, ARM developers have decided that consoles defined
by SPCR are always enabled when existing, see e.g.:
https://lore.kernel.org/linux-serial/20200430161438.17640-1-alpernebiyasak@gmail.com/T/
Specifying console=ttyAMA0 (which is a serial console) is thus
redundant for an ARM SBSA board. (It also blindly assumes that
the serial console is on ttyAMA0, which might not be true.)
Drop the explicit console=ttyAMA0 on the kernel command line,
such that the kernel can pick up the default console defined
by SPCR.
This is similar to how it is currently done for
board/aarch64-efi/grub.cfg.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Specifying /dev/sda2 is ambigious, and when booting my arm64 machine
this tries to mount the second partition of my ATA drive, instead of
the second partition of the USB-stick, simply because the ATA driver
is probed earlier than the USB controller driver.
To solve this problem, use PARTLABEL=root to specify the root filesystem.
This is similar to how it is currently done for board/aarch64-efi/grub.cfg
and board/qemu/aarch64-ebbr/grub.cfg.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
ace needs FileHandle module:
Can't locate FileHandle.pm in @INC (you may need to install the FileHandle module) (@INC contains: /home/buildroot/autobuild/instance-0/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /home/buildroot/autobuild/instance-0/output-1/build/ace-7.0.6/MPC/prj_install.pl line 17.
BEGIN failed--compilation aborted at /home/buildroot/autobuild/instance-0/output-1/build/ace-7.0.6/MPC/prj_install.pl line 17.
Fixes:
- http://autobuild.buildroot.org/results/9dee7c09fd7b41d276df0285a0f3dcae1a71f041
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
rdma-core unconditionally uses pthread_spin_lock since its addition in
commit ea47e177f0 resulting in the
following build failure:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/sh4-buildroot-linux-uclibc/12.2.0/../../../../sh4-buildroot-linux-uclibc/bin/ld: CMakeFiles/hfi1verbs-rdmav34.dir/verbs.c.o: in function `post_recv':
verbs.c:(.text+0xc4): undefined reference to `pthread_spin_lock'
Fixes:
- http://autobuild.buildroot.org/results/a943e03b79c4cc328b7712046ecff09706045f81
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
libbpf >1.0.0 defines libbpf_bpf_link_type_str(enum bpf_link_type) in
src/libbpf.h, which is included by host-pahole.
bpf_link_type is defined in linux/bpf.h, therefore the comment stating
that pahole doesn't need bpf.h is no longer valid.
The original reason to remove bpf.h has been solved with the previous
commit: the linux build will prefer the internal bpf.h over the one in
HOST_DIR (or in /usr/include). So we can safely keep bpf.h.
Fixes:
- http://autobuild.buildroot.net/results/d126a4b6eca786402dc362c86f8df3addec3d217/
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
A package might install headers that are incompatible with the kernel's
header. One example is the most recent version of pahole (1.24).
HOST_CC includes -I$(HOST_DIR)/include which comes before any include
logic the kernel might have thus forcing the kernel to prefer headers in
HOST_DIR.
The logic to substituting -I with -isystem is taken from
boot/uboot/uboot.mk.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Reviewed-by: Francis Laniel <flaniel@linux.microsoft.com>
Tested-by: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This is the version needed for gtkmm3.
Note that 2.28 is indeed the latest version before 2.36. They skipped
versions 2.30, 2.32 and 2.34.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
- fix gettext version mismatch in case of BR2_SYSTEM_ENABLE_NLS and
BR2_PACKAGE_PROVIDES_HOST_GETTEXT="host-gettext-gnu" by setting
SPEECHD_GETTEXTIZE
Fixes:
- http://autobuild.buildroot.net/results/283333290c5adb48d0c6e592b3261992537f92d3
Making all in po
*** error: gettext infrastructure mismatch: using a Makefile.in.in from gettext version 0.19 but the autoconf macros are from gettext version 0.20
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The seccomp and apparmor build tags have been removed in 23.0.0. Don't
use those buildtags anymore.
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Header-only option raises the following build failure with gerbera since
commit cc3a4a7b1d:
/home/thomas/autobuild/instance-2/output-1/host/lib/gcc/nios2-buildroot-linux-gnu/10.4.0/../../../../nios2-buildroot-linux-gnu/bin/ld: CMakeFiles/gerbera.dir/src/main.cc.o: in function `ConfigGenerator::~ConfigGenerator()':
/home/thomas/autobuild/instance-2/output-1/build/gerbera-1.10.0/src/config/config_generator.h:33: undefined reference to `pugi::xml_document::~xml_document()'
This build failure can't be fixed by adding a
!BR2_PACKAGE_PUGIXML_HEADER_ONLY dependency as it will create the
following recursive dependency:
package/gerbera/Config.in:1:error: recursive dependency detected!
package/gerbera/Config.in:1: symbol BR2_PACKAGE_GERBERA depends on BR2_PACKAGE_PUGIXML_HEADER_ONLY
package/pugixml/Config.in:42: symbol BR2_PACKAGE_PUGIXML_HEADER_ONLY depends on BR2_PACKAGE_PUGIXML
package/pugixml/Config.in:1: symbol BR2_PACKAGE_PUGIXML is selected by BR2_PACKAGE_GERBERA
Moreover, commit 48b2e50eb8 stated that
"Compact and header-only modes are not strictly needed for our use case,
but we did the work anyway and may be useful for someone else."
So dropping header-only seems to be the right approach
Fixes:
- http://autobuild.buildroot.org/results/800537a1ef5f48d24c20aad7a9c96c56dfdc77f5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
proftpd doesn't build statically because it does not use pkg-config to
retrieve its dependencies since its addition in commit
5d173ec412:
/tmp/instance-13/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/10.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: /tmp/instance-13/output-1/host/arc-buildroot-linux-uclibc/sysroot/usr/lib/libidn2.a(libunistring_la-striconveh.o): in function `iconv_carefully_1':
buildroot/build/libidn2-2.3.4/unistring/striconveh.c:233: undefined reference to `libiconv'
[...]
/tmp/instance-5/output-1/host/lib/gcc/arceb-buildroot-linux-uclibc/10.2.0/../../../../arceb-buildroot-linux-uclibc/bin/ld: /tmp/instance-5/output-1/host/arceb-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(bio_lib.o): in function `BIO_free':
bio_lib.c:(.text+0x3f2): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/09f3f37b63dc68d31b18816b818df86fa3be095c
- http://autobuild.buildroot.org/results/2aba5297206e44dc086c3138ace70e85739196f3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the target-finalize-hook for bash was added in commit
311c9eebc4 in order to write bash into
/etc/shells, it was done at the same time as for package/mksh and it was
incorrectly copied and MKSH still appeared in the name of the hook.
The hook is now correctly named BASH_ADD_BASH_TO_SHELLS
Signed-off-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit c6b9cd9a11 added a symlink to qemu-system
as a post install hook. However, it does not check if qemu-system is actually
enabled with BR2_PACKAGE_HOST_QEMU_SYSTEM_MODE.
Add the check to make sure we only create the symlink if that is enabled.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following openssl static build failure with -latomic raised
since bump to version 8.1.0 in commit
7e608885a2:
/home/autobuild/autobuild/instance-8/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-8/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_cert.o): in function `ssl_cert_free':
ssl_cert.c:(.text+0x53c): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/f606bb15bf4f88ba29ef0795413e13acc9cd0976
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure raised since the addition of the package
in commit 2a636d1521:
sed -i 's,[^ *]power_prep.*;,\tpower_prep="/home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/power_prep/power_prep";,' /home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/
sed: couldn't edit /home/autobuild/autobuild/instance-9/output-1/build/mxs-bootlets-10.12.01/: not a regular file
Fixes:
- http://autobuild.buildroot.org/results/b4b26f6b02fd1991f46eba5db240e5050b96d333
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
At the moment module is build but not installed to target/. To fix this
let's bump package to 2023-02-18 version on master branch to fix module
installation.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
pcm-tools needs NPTL since its addition in commit
60eb2cec80:
cpucounters.cpp: In constructor 'pcm::TemporalThreadAffinity::TemporalThreadAffinity(pcm::uint32, bool)':
cpucounters.cpp:252:9: error: 'pthread_getaffinity_np' was not declared in this scope; did you mean 'sched_getaffinity'?
252 | pthread_getaffinity_np(pthread_self(), set_size, old_affinity);
| ^~~~~~~~~~~~~~~~~~~~~~
| sched_getaffinity
Fixes:
- http://autobuild.buildroot.org/results/8bbf9c36af332bbf5e7c1abcbb594a0b231ef97e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a
heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted
TIFF image.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A flaw was found in all released versions of m2crypto, where they are
vulnerable to Bleichenbacher timing attacks in the RSA decryption API
via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest
threat from this vulnerability is to confidentiality.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure without NPTL raised since the addition
of the package in commit 1e64fa2956:
/tmp/instance-7/output-1/build/gdal-3.5.2/port/cpl_multiproc.cpp: In function 'CPLSpinLock* CPLCreateSpinLock()':
/tmp/instance-7/output-1/build/gdal-3.5.2/port/cpl_multiproc.cpp:2265:9: error: 'pthread_spin_init' was not declared in this scope; did you mean 'pthread_cond_init'?
2265 | pthread_spin_init(&(psSpin->spin), PTHREAD_PROCESS_PRIVATE) == 0 )
| ^~~~~~~~~~~~~~~~~
| pthread_cond_init
Fixes:
- http://autobuild.buildroot.org/results/aa2a88990a07e551c40efb0c2180768add600c4f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
uccp420wlan is not maintained anymore (no commit since 2017) and fails
to build with any "recent" kernel (e.g. >= 4.7 which includes
https://github.com/torvalds/linux/commit/57fbcce37be7c1d2622b56587c10ade00e96afa3
or
https://github.com/torvalds/linux/commit/8552a434b6a05cc38006733afe6a239ad4d600a2):
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/tx.c: In function ‘uccp420wlan_tx_free_buff_req’:
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/tx.c:1142:49: error: ‘IEEE80211_BAND_2GHZ’ undeclared (first use in this function); did you mean ‘IEEE80211_CHAN_2GHZ’?
1142 | if (ets_band == IEEE80211_BAND_2GHZ)
| ^~~~~~~~~~~~~~~~~~~
| IEEE80211_CHAN_2GHZ
[...]
/home/thomas/autobuild/instance-1/output-1/build/uccp420wlan-6.9.1/./src/core.c:428:29: error: implicit declaration of function ‘ieee80211_csa_is_complete’; did you mean ‘ieee80211_scan_completed’? [-Werror=implicit-function-declaration]
428 | if (ieee80211_csa_is_complete(uvif->vif))
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| ieee80211_scan_completed
Fixes:
- http://autobuild.buildroot.org/results/7cd7151e390b8f7a0df3e647fe4cd5d6319a830b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following libressl build failure which is probably raised since
the addition of the package in commit
65d891efc2:
../src/server/listener.cc: In member function 'void Pistache::Tcp::Listener::setupSSLAuth(const std::string&, const std::string&, int (*)(int, void*))':
../src/server/listener.cc:582:29: error: 'SSL_verify_cb' was not declared in this scope; did you mean 'RSA_verify'?
582 | (SSL_verify_cb)cb
| ^~~~~~~~~~~~~
| RSA_verify
Fixes:
- http://autobuild.buildroot.org/results/066fc078980e5216f38411eee455088e15fa1101
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since bump to version 0.10.2 in
commit 58cc3977e8:
In file included from /home/thomas/autobuild/instance-3/output-1/per-package/lirc-tools/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/include/python3.11/Python.h:38,
from lirc/_client.c:1:
/home/thomas/autobuild/instance-3/output-1/per-package/lirc-tools/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/include/python3.11/pyport.h:601:2: error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
601 | #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/85359d3f678b49e46821a1c10da5f14edfb5e6d0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with sigrok-cli and python > 3.10:
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/mips64-buildroot-linux-gnu/11.3.0/../../../../mips64-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-3/output-1/host/bin/../mips64-buildroot-linux-gnu/sysroot/usr/lib/libsigrokdecode.so: undefined reference to `PyTuple_SetItem'
Fixes:
- http://autobuild.buildroot.org/results/435ad19597a1e216a7974bc9ccaf17064d1eccea
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Arm and aarch64 packages don't contain examples anymore so drop the
config option to install them to prevent build failure when selected:
>>> imx-gpu-g2d 6.4.3.p4.4-arm Installing to target
mkdir -p /home/sszy/br-test-pkg/bootlin-armv7-glibc/target/usr/share/examples/
cp -a /home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/gpu-demos/opt/* /home/sszy/br-test-pkg/bootlin-armv7-glibc/target/usr/share/examples/
cp: cannot stat '/home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/gpu-demos/opt/*': No such file or directory
make: *** [package/pkg-generic.mk:384: /home/sszy/br-test-pkg/bootlin-armv7-glibc/build/imx-gpu-g2d-6.4.3.p4.4-arm/.stamp_target_installed] Error 1
Fixes: b84557b588 ("package/freescale-imx/imx-gpu-g2d: bump version to 6.4.3.p4.4")
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
host-pkgconf is mandatory to find lz4 and zstd resulting in the
following build failure since commit
9cd2e6e090:
configure: error: in `/home/autobuild/autobuild/instance-5/output-1/build/postgresql-15.2':
configure: error: The pkg-config script could not be found or is too old. Make sure it
is in your PATH or set the PKG_CONFIG environment variable to the full
path to pkg-config.
Alternatively, you may set the environment variables LZ4_CFLAGS
and LZ4_LIBS to avoid the need to call pkg-config.
See the pkg-config man page for more details.
Fixes:
- http://autobuild.buildroot.org/results/8744277ebe9910635ef8fe290c8ba4eee420b538
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CPE ID is wrong since the addition of the package in commit
27b8d0ba8c, the correct CPE ID is
cpe:2.3:a:ntpsec:ntpsec:1.2.2:*:*:*:*:*:*:*, not
cpe:2.3:a:ntpsec:ntpsec:1.2:2:*:*:*:*:*:*
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl >= 3.5.0 raised since bump
to version 3.5.2 in commit 8b216927db:
tls.c:113:17: error: static declaration of 'OPENSSL_cleanup' follows non-static declaration
113 | static void OPENSSL_cleanup(void)
| ^~~~~~~~~~~~~~~
In file included from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/bio.h:69,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/evp.h:67,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/hmac.h:67,
from /home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/ssl.h:150,
from ../../../include/zbxcomms.h:65,
from tls.c:20:
/home/thomas/autobuild/instance-3/output-1/host/mips-buildroot-linux-gnu/sysroot/usr/include/openssl/crypto.h:565:6: note: previous declaration of 'OPENSSL_cleanup' with type 'void(void)'
565 | void OPENSSL_cleanup(void);
| ^~~~~~~~~~~~~~~
In file included from tls.c:20:
tls.c: In function 'zbx_log_ciphersuites':
../../../include/zbxcomms.h:222:75: error: invalid use of incomplete typedef 'SSL_CTX' {aka 'struct ssl_ctx_st'}
222 | # define SSL_CTX_get_ciphers(ciphers) ((ciphers)->cipher_list)
| ^~
tls.c:1415:31: note: in expansion of macro 'SSL_CTX_get_ciphers'
1415 | cipher_list = SSL_CTX_get_ciphers(ciphers);
| ^~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/acdfcb17b39d438ccf5e4621707a10f60577d233
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Bump Linux kernel to v6.1.13 and increase the rootfs size accordingly.
- Bump the FVP in the readme to version 11.20 build 15 and update the
command line.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SAE, unlike OWE or DPP, does not explicitly enable support for sha384
hash functions. Possible WPA3 build issue is masked, since all three
SAE/OWE/DPP are included. However, there exist other configurations
that enable only SAE. For instance, one such build configuration is
wpa_supplicant AP mode with mesh support.
This change adds upstream patch that includes sha384 and sha256 hash
functions to builds with SAE support.
Fixes: http://autobuild.buildroot.net/results/f349130985870f4a781cca56c3f551108f81aa3e/
Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix typo added by commit 917a961d9c
resulting in the following build failure:
-- Checking for module 'uuid'
-- Package 'uuid', required by 'virtual:world', not found
CMake Error at /tmp/instance-5/output-1/per-package/optee-client/host/share/cmake-3.22/Modules/FindPkgConfig.cmake:603 (message):
A required package was not found
Call Stack (most recent call first):
/tmp/instance-5/output-1/per-package/optee-client/host/share/cmake-3.22/Modules/FindPkgConfig.cmake:825 (_pkg_check_modules_internal)
CMakeLists.txt:43 (pkg_check_modules)
Fixes:
- http://autobuild.buildroot.org/results/e1c6b5c9e841a003037045b2ff7afd9836e7c640
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following uclibc build failure raised since bump to version
3.19.0 in commit 917a961d9c:
/tmp/instance-5/output-1/build/optee-client-3.19.0/libteeacl/src/group.c: In function 'teeacl_user_is_member_of':
/tmp/instance-5/output-1/build/optee-client-3.19.0/libteeacl/src/group.c:75:12: error: implicit declaration of function 'reallocarray' [-Werror=implicit-function-declaration]
75 | groups = reallocarray(groups, grouplistsize, sizeof(gid_t));
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/03eba71ab9b87676f2606ecf2a9b5a151fc396bb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Multiple library checks are obsolete, either due to removal or due to built-in solutions.
License file changed due to update of copyright year.
Signed-off-by: André Zwing <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
shadow provides utilities to deal with user accounts.
The shadow package includes the necessary programs for converting UNIX
password files to the shadow password format, plus programs for managing
user and group accounts. Especially it is useful if rootless podman
container should be used, which requires newuidmap and newgidmap.
Co-authored-by: Nicolas Carrier <Nicolas.Carrier@orolia.com>
[Nicolas.Carrier@orolia.com provided the test case]
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Binary blobs are BIOS of some sorts for the various machines emulated
by QEMU. There is no option to individually install blobs; it's an
all-or-nothing option.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with sparc raised since bump to version
1.9.11p2 in commit 9b7f8da96b and
https://github.com/sudo-project/sudo/commit/9fbbca7b7a4cc60a8aa27d73de54278004a704c0:
hecking for X509_STORE_CTX_get0_cert
configure:21215: /home/thomas/autobuild/instance-3/output-1/host/bin/sparc-buildroot-linux-uclibc-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -g0 -static -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -DZLIB_CONST -static conftest.c -L/home/thomas/autobuild/instance-3/output-1/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib -lssl -lz -pthread -latomic -lcrypto >&5
/home/thomas/autobuild/instance-3/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/thomas/autobuild/instance-3/output-1/host/bin/../sparc-buildroot-linux-uclibc/sysroot/usr/lib/libcrypto.a(x509cset.o): in function `X509_CRL_up_ref':
x509cset.c:(.text+0x108): undefined reference to `__atomic_fetch_add_4'
[...]
In file included from ./hostcheck.c:38:
../../include/sudo_compat.h:342:41: error: conflicting types for 'ASN1_STRING_data'
342 | # define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
| ^~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/8be59dd94e4916f9457cb435104e36e62a28373b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure when OPENSBI_PLAT is empty raised since
commit 9b5b7165de:
/usr/bin/install -m 0644 -D /nvmedata/autobuild/instance-4/output-1/build/opensbi-0.9/build/platform//firmware/fw_jump.bin /nvmedata/autobuild/instance-4/output-1/images/fw_jump.bin
/usr/bin/install: cannot stat '/nvmedata/autobuild/instance-4/output-1/build/opensbi-0.9/build/platform//firmware/fw_jump.bin': No such file or directory
Fixes:
- http://autobuild.buildroot.org/results/8033327f090e4a3d84a7fce1f62b14fdf89dbd89
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 35266e84043f880d7591e52b71a8c5b8d0e4717d, libcamera-apps
does enable LIBAV by default which depends on libdrm and ffpmeg.
Fixes:
- http://autobuild.buildroot.net/results/548f2a3b353ce4693fb60d7fb1e06e02af22991c/
/home/buildroot/autobuild/run/instance-1/output-1/build/libcamera-apps-1.1.1/encoder/libav_encoder.cpp:13:10: fatal error: libdrm/drm_fourcc.h: No such file or directory
13 | #include <libdrm/drm_fourcc.h>
| ^~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl raised since bump to
version 2.10.0 in commit 03bab7117d:
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c: In function 'crypto_cert_get_signature_alg':
/home/thomas/autobuild/instance-3/output-1/build/freerdp-2.10.0/libfreerdp/crypto/crypto.c:980:8: error: 'NID_sha3_224' undeclared (first use in this function)
case NID_sha3_224:
^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/e96848576ac292799636abe7485c37aa54196a2c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 2022.04.0, Barebox now supports a generic image built
for platforms, to be used as BL33 to generate FIP images. This patch
makes it available as a choice of BL33 to be used with ATF and is
based on the similar work put into U-Boot as BL33.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The upcoming ccache update will depend on host-cmake, so we must
ensure host-cmake doesn't use ccache when being built.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Notable changes in this commit:
- change from v4.0.x to v4.1.x "current" version series,
- move the sha256 hash out of the "Locally computed" section,
as the value comes from the download page,
- the LICENSE file hash changed, as the file was updated
(copyright years updated and new contributors added),
- the IME (Infinite Memory Engine), introduced in v4.1.x,
is disabled to workaround a failure when cross-compiled,
- the package now requires a toolchain with atomic support,
and needs to link against libatomic when needed.
For change log since v4.0.0, see:
- https://github.com/open-mpi/ompi/blob/v4.1.4/NEWS#L61
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The LICENSE text has changed, nominally the copyright owner changed
from "Facebook" to "Meta Platforms, Inc. and affiliates",
reflecting the name change of that company.
Add upstream patch to fix zstd-dll build.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Bump Linux kernel version to 6.1.12.
- Bump U-Boot version to 2023.01 and rename config fragment to make it
clearer that it is not a complete config file.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With change 6b7d47be3b23 ("multipath-tools: Makefiles: simplify code for
include dirs") the Makefile variable 'LINUX_HEADERS_INCDIR' has been replaced
with 'kernel_incdir'.
fpin_handlers.c:355:32: note: each undeclared identifier is reported only once for each function it appears in
fpin_handlers.c:360:37: error: ‘ELS_DTAG_LNK_INTEGRITY’ undeclared (first use in this function)
360 | if (dtag == ELS_DTAG_LNK_INTEGRITY) {
| ^~~~~~~~~~~~~~~~~~~~~~
make[2]: *** [../Makefile.inc:116: fpin_handlers.o] Error 1
Fixes:
http://autobuild.buildroot.net/results/e0f56ef924c13d6b1535fdc350ad8ecc06ea0a58
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit dedbc69022 was incomplete resuling
in the following build failure since the addition of the package in
commit 6a0f7c39bc:
-- Check for working CXX compiler: /usr/bin/c++ - broken
CMake Error at /home/autobuild/autobuild/instance-15/output-1/per-package/fluent-bit/host/share/cmake-3.22/Modules/CMakeTestCXXCompiler.cmake:62 (message):
The C++ compiler
"/usr/bin/c++"
is not able to compile a simple test program.
It fails with the following output:
Change Dir: /home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp
Run Build Command(s):/home/autobuild/make/make -f Makefile cmTC_bfb29/fast && make[1]: Entering directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
/home/autobuild/make/make -f CMakeFiles/cmTC_bfb29.dir/build.make CMakeFiles/cmTC_bfb29.dir/build
make[2]: Entering directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
Building CXX object CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o
/usr/bin/c++ --sysroot=/home/autobuild/autobuild/instance-15/output-1/per-package/fluent-bit/host/xtensa-buildroot-linux-uclibc/sysroot -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -mlongcalls -mauto-litpools -O2 -g0 -fcommon -U_FILE_OFFSET_BITS -g -fPIE -o CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o -c /home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp/testCXXCompiler.cxx
c++: error: unrecognized command-line option '-mlongcalls'
c++: error: unrecognized command-line option '-mauto-litpools'
make[2]: *** [CMakeFiles/cmTC_bfb29.dir/build.make:78: CMakeFiles/cmTC_bfb29.dir/testCXXCompiler.cxx.o] Error 1
make[2]: Leaving directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
make[1]: *** [Makefile:127: cmTC_bfb29/fast] Error 2
make[1]: Leaving directory '/home/autobuild/autobuild/instance-15/output-1/build/fluent-bit-2.0.9/CMakeFiles/CMakeTmp'
CMake will not be able to correctly generate this project.
Call Stack (most recent call first):
lib/msgpack-c/CMakeLists.txt:2 (project)
While at it, add missing comment about C++ dependency for wasm
Fixes:
- http://autobuild.buildroot.org/results/4b0f90d79d6dbbf976acf1da839260b0ee94ddda
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 9fc652a373 was incomplete as
mbedtls can be pulled in libcurl through libssh2 resulting in the
following build failure:
/home/autobuild/autobuild/instance-4/output-1/host/lib/gcc/powerpc64le-buildroot-linux-musl/11.3.0/../../../../powerpc64le-buildroot-linux-musl/bin/ld: /home/autobuild/autobuild/instance-4/output-1/host/powerpc64le-buildroot-linux-musl/sysroot/usr/lib//libmbedcrypto.a(md5.c.o): in function `mbedtls_md5_init':
md5.c:(.text+0x0): multiple definition of `mbedtls_md5_init'; ../../src/.libs/libmodsecurity.a(libmbedtls_la-md5.o):md5.c:(.text+0x0): first defined here
Fixes:
- http://autobuild.buildroot.org/results/4c235e46188f23d1a48297f4e5942cec7b25959a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Let's also reorder BR2_UBOOT_ options by moving
BR2_TARGET_UBOOT_FORMAT_DTB_IMX after BR2_TARGET_UBOOT_NEEDS_OPENSSL since
this reflects the order in boot/uboot/Config.in file.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
PostgreSQL has optional compression support (LZ4 and Zstandard).
So enable it if libraries are available.
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building network-manager in cross-compile environment pkg-config returns
the wrong path to the mobile-broadband-provider-info database.
By adding the option 'mobile_broadband_provider_info_database' to set the
correct path to the datafile this can be solved.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
tmux uses custom --enable-static option to drive whether a static link
should be attempted, which is not what the standard libtool directive
is about and that we pass in our autotools-package infra.
This results in the following build failure with systemd or utf8proc
raised since commits 1f618aa388 and
e279599d25:
checking for utf8proc.h... yes
checking for library containing utf8proc_charwidth... no
configure: error: "utf8proc not found"
In file included from tmux.h:34,
from alerts.c:23:
compat.h:379:18: error: conflicting types for 'forkpty'; have 'pid_t(int *, char *, struct termios *, struct winsize *)' {aka 'int(int *, char *, struct termios *, struct winsize *)'}
379 | pid_t forkpty(int *, char *, struct termios *, struct winsize *);
| ^~~~~~~
Link to (closed) upstream issue:
https://github.com/tmux/tmux/issues/3290
Fixes:
- http://autobuild.buildroot.org/results/6e8523d8d514bf6d8fc3377d05e5edbe7fc2d5bb
- http://autobuild.buildroot.org/results/cba06f3bb6d9be25e91f56c390a70ddf9904832e
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since bump of nginx to version
1.22.1 in commit 722b84eafa:
/home/buildroot/autobuild/run/instance-2/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c: In function 'ngx_http_process_basic_rule_buffer':
/home/buildroot/autobuild/run/instance-2/output-1/build/nginx-naxsi-1.3/naxsi_src/naxsi_runtime.c:205:61: error: invalid use of incomplete typedef 'ngx_regex_t' {aka 'struct pcre2_real_code_8'}
205 | (tmp_idx < len && (match = pcre_exec(rl->br->rx->regex->code,
| ^~
Fixes:
- http://autobuild.buildroot.org/results/7fff888bd36710e2d2f5bb39a38597e8c04305ce
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Building with libjpeg will raise the following build failure on some
architectures since the addition of the package in commit
e648d399d8:
/tmp/instance-14/output-1/build/libjxl-0.7.0/lib/extras/enc/jpg.cc: In function 'jxl::Status jxl::extras::{anonymous}::EncodeWithLibJpeg(const jxl::extras::PackedImage&, const JxlBasicInfo&, const std::vector<unsigned char>&, std::vector<unsigned char>, size_t, const string&, std::vector<unsigned char>*)':
/tmp/instance-14/output-1/build/libjxl-0.7.0/lib/extras/enc/jpg.cc:126:34: error: invalid conversion from 'long unsigned int*' to 'size_t*' {aka 'unsigned int*'} [-fpermissive]
126 | jpeg_mem_dest(&cinfo, &buffer, &size);
| ^~~~~
| |
| long unsigned int*
Upstream advocates to use jpeg-turbo:
https://github.com/libjxl/libjxl/issues/1802
Fixes:
- http://autobuild.buildroot.org/results/9a2a7c6072876f2562609bf98f32a1ce93631a75
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replace patch added by commit 9525bc7e64
as current patch is not correct, build failures are still raised by
uclibc-ng with libiconv on fwup/gvfs/...:
configure: error: Requires libarchive. Libarchive must be built with zlib support.
[...]
Run-time dependency libarchive found: NO (tried cmake)
../output-1/build/gvfs-1.48.1/meson.build:405:2: ERROR: Dependency lookup for libarchive with method 'pkgconfig' failed: Could not generate cargs for libarchive:
Package iconv was not found in the pkg-config search path.
Perhaps you should add the directory containing `iconv.pc'
to the PKG_CONFIG_PATH environment variable
Package 'iconv', required by 'libarchive', not found
Fixes:
- http://autobuild.buildroot.org/results/05a5496495e51da2c9caf7570695cc95e1745e30
- http://autobuild.buildroot.org/results/98dc4b415115cca65b53e4cd986144ef85bf17ad
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
rockchip-mali pre-built libraries needs C++ since the addition of the
package in commit 97c74a73e5:
readelf -a output/build/rockchip-mali-721653b5b3b525a4f80d15aa7e2f9df7b7e60427/lib/aarch64-linux-gnu/libmali-bifrost-g31-rxp0-gbm.so|grep NEEDED
0x0000000000000001 (NEEDED) Shared library: [libpthread.so.0]
0x0000000000000001 (NEEDED) Shared library: [libdl.so.2]
0x0000000000000001 (NEEDED) Shared library: [librt.so.1]
0x0000000000000001 (NEEDED) Shared library: [libdrm.so.2]
0x0000000000000001 (NEEDED) Shared library: [libm.so.6]
0x0000000000000001 (NEEDED) Shared library: [libstdc++.so.6]
0x0000000000000001 (NEEDED) Shared library: [libgcc_s.so.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
While at it, add a comment when dependencies are not met
Fixes:
- No autobuilder failures (yet), found when debugging an issue with
rockchip-mali and glslsandbox-player
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
wayland-protocols is an optional dependency which is enabled by default
resulting in the following wayland build failure since the addition of
the package in commit f201ca9d0d:
checking for wayland_client... yes
checking for wayland_egl... yes
configure: Wayland EGL support enabled
checking for wayland_protocols... no
configure: error: Package requirements (wayland-protocols >= 1.12) were not met:
Package 'wayland-protocols', required by 'virtual:world', not found
Consider adjusting the PKG_CONFIG_PATH environment variable if you
installed software in a non-standard prefix.
Alternatively, you may set the environment variables wayland_protocols_CFLAGS
and wayland_protocols_LIBS to avoid the need to call pkg-config.
Fixes:
- http://autobuild.buildroot.org/results/865af860f9e52fe5311bb0c6a246ff871ae5a989
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix CVE-2023-23931: cryptography is a package designed to expose
cryptographic primitives and recipes to Python developers. In affected
versions `Cipher.update_into` would accept Python objects which
implement the buffer protocol, but provide only immutable buffers. This
would allow immutable objects (such as `bytes`) to be mutated, thus
violating fundamental rules of Python and resulting in corrupted output.
This now correctly raises an exception. This issue has been present
since `update_into` was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6rhttps://cryptography.io/en/latest/changelog/#v39-0-1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In GNU Less before 609, crafted data can result in "less -R" not
filtering ANSI escape sequences sent to the terminal.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Shyam's email address at Savoir Faire Linux is bouncing, so drop they
from the DEVELOPERS file.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
gnupg2 uses the libgpg-error library. The libgpg-error library has a
long plan to be renamed to "gpgrt" (see [1]). For the transition, it
provides two configuration scripts "gpg-error-config" (the old,
original one, kept for compatibility) and "gpgrt-config" (which is
meant to be the replacement). When both are detected, "gpgrt-config"
should be preferred.
gnupg2 configure script searches for "gpg-error-config" in the path
provided to --with-libgpg-error-prefix=PFX (more specifically, in
"PFX/bin").
The logic to find "gpgrt-config" is different: it is searched in
paths "$prefix/bin:$PATH". See [2]. On Buildroot, autotools target
packages are configured with "--prefix=/usr", which makes the
configure script to search in the host "/usr/bin".
In some host environment providing such a "/usr/bin/gpgrt-config"
script of an older version, host compilation flags are incorrectly
added for the target, which leads to compilation failures.
The issue can be reproduced in a Buildroot Docker image from [3] in
which the libgpg-error-dev package is added. When tested, the
libgpg-error-dev package was at version 1.38.
In that configuration, gnupg2 configure will output the message:
checking for gpgrt-config... /usr/bin/gpgrt-config
and the compilation fails with a message:
aarch64-buildroot-linux-gnu-gcc: ERROR: unsafe header/library path used in cross-compilation: '-I/usr/include'
Note: it was observed that in some other configurations in which the
host /usr/bin/gpgrt-config was from libgpg-error version 1.46, the
host script was redirecting correctly in the buildroot sysroot.
Since gnupg2 searches for "gpgrt-config" with a
"AC_PATH_PROG(GPGRT_CONFIG, ...)" macro, this patch fixes this
issue by simply forcing the script path in the GPGRT_CONFIG
environment variable.
See also [4] which discussed the "gpgrt-config" search logic.
Fixes:
- http://autobuild.buildroot.net/results/423c3ce7317c181e9f2e4a49b76ee9d26167375c/
(and many others)
[1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=blob;f=README;h=e0b9f16445a96942af0839bcdb9a0b0f8cf31380;hb=885a287a57cf060b4c5b441822c09d23b8dee2bd#l29
[2] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=m4/gpg-error.m4;h=a975e53d07d1b743f51d8aa1767cd8e0d71b4071;hb=c0556edb80518720b0d884251685fe008c8f0429#l68
[3] https://git.buildroot.org/buildroot/tree/support/docker/Dockerfile?id=b6085c00d0feece6f3ba635e7847ea653bc5fac3
[4] https://dev.gnupg.org/T5365
Reported-by: Bagas Sanjaya <bagasdotme@gmail.com>
Tested-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The new option enables the XWayland support, so X11 application can be
running on a wlroots based compositor. Also, do not enable the XWayland
support if the X11 backend is active, as it is unrelated to it.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If the XWayland support is enabled then build the corresponding XServer.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
XServer to run X clients under wayland
This XServer is required to run the X clients under Wayland compositor,
for example weston or wlroots based compositors.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with libexecinfo raised since commit
d649bcd380:
/home/autobuild/autobuild/instance-9/output-1/host/lib/gcc/mips-buildroot-linux-musl/10.4.0/../../../../mips-buildroot-linux-musl/bin/ld: ../lib/monkey/library/libmonkey.a(mk_utils.c.o): in function `mk_utils_stacktrace':
mk_utils.c:(.text+0x1578): undefined reference to `backtrace'
Fixes:
- http://autobuild.buildroot.org/results/63a6ba9104dfddbd7f6a7debadc0c6ef6e3a21f5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add libexecinfo optional dependency as upstream rejected the patch to
add --with-execinfo=no
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
dmalloc directly calls into $(LD) to generate a shared library our of
the static one.
To detect what command it should run, ./configure tries various
incantations of ld with various command line options until one does not
fail. One of those is (basically):
$(LD) --whole-archive -o contest.o.t contest.a
This makes ./configure conclude what the command to link a shared
library in the Makefile should be, and thus stores that in a variable:
shlinkargs='$(LD) --whole-archive -o $@'
... which is then AC_SUBST()ed into Makefile.in with a rule like:
$(SHLIB): $(LIBRARY)
@shlinkargs@ $(LIRARY)
which once substiuted, gives:
$(SHLIB): $(LIBRARY)
$(LD) --whole-archive -o $@ $(LIRARY)
However, when SSP is enabled, the __stack_chk_fail_local and co symbols
are provided by additional libraries or object files, and that is the
responsibility of gcc to pass those when linking. But as dmalloc
directly calls ld, it misses those.
Changing dmalloc to use $(CC) is not trivial, however.
First, we can't pass LD=$(TARGET_CC), otherwise the whole package
explodes [0]: indeed --whole-archive is unknown to gcc, so it must be
passed as -Wl,--whole archive instead. So we'd need to add a new test
that uses $(CC), like so:
$(CC) -Wl,--whole-archive -o contest.o.t contest.a
However, in that case, gcc does pass additional libs/objs (like, for
eample, the SSP ones) to the linker. But then those are also included
in the whole-archive section. This causes the linker to add all the
symbols form those libs/objs, even those not needed for SSP; on some
archs, like PPC, that may require floating point symbols (__muldiv3 et
al.) which are in another library, and thus the linker can't find them.
The proper solution wouild be to add -Wl,--no-whole-archive, but that
would have to be added _after_ the library we want to link, i.e.e we
should be able to evntually run:
$(CC) -Wl,--whole-archive -o $@ $(LIRARY) -Wl,--no-whole-archive
That would require that we introduce a new variable that is added
_after_ the $(LIBRARY), e.g. @shlinkargs_post@ or so...
This is a bigger endeavour than we want to pursue...
Since dmalloc is a debugging utility, it is not supposed to go into
production builds, and during debugging, it would not be surprising that
it needs to poke around arrays to debug them.
So, we go the easier route: disable SSP altogether.
[0] with lots of nice colors, but that's not the point, is it?
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Our dmalloc packaging is very old and carries historical baggage and
idiosyncracies that we have long stopped doing in the rest ofthe code
base.
Drop our post-patch hooks that seds the configure and Makefile.in files,
and add patches (that could be upstreamed one day).
We provide the results in the environment, like would be done with
actual autoconf cache variables (ac_cv_*).
Note: those are the result of cleaning up for further patches that did
not manifest because it was too complex to add proper SSP support to
dmalloc (instead, we're going to forcibly disable it in the following
commit).
Note-2: those patches have not been submitted upstream, as it's mostly
dead: even though there's been some commit activities recently-ish, there
has been no review or comments or the many PR pending for many years
now.
Note-3: we patch both configure and configure.ac, rather than
autoreconf, for two reasons: 1. the both are in the upstream git tree,
so submitting these patches would require patching both, and 2. dmalloc
does not autoreconf nicely out of the box, and it was deemed too much
hassle to fix that in addition.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- stm32mp1: support for STM32 TAMP_BKP21R bootcount register
- tab formatting
- gitignore: added autoscan files
- updated documentation
- i2c_eeprom: bootcount does not use two uint16s
- am33xx: declare registers as 'volatile'
- src/am33xx: do not close fd, it seems to prevent reliably writing register
- configure.ac: update version, homepage
- Added EEPROM read/write for non-TI AM335x platforms
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, flannel uses an ad-hoc github URL and a version-only tarball
name, even though we already had the github helper (introduced in 2013)
when flannel was introduced (in 2016).
Switch to the github helper, which allows us to get a properly named
tarball.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Geoff Levand <geoff@infradead.org>
Acked-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If the examples given for launching an out-of-tree build are executed
as-is, this will result in the error message
Please configure Buildroot first (e.g. "make menuconfig")
Even if "make menuconfig" was run before, it's still not going to work
because the out-of-tree build doesn't use the in-tree .config.
Therefore, the example really should start with some config option.
Since "make menuconfig" is used in most other examples of creating a
config, use that here as well. Extend both examples with "menuconfig".
Reported-by: AndreiCherniaev <dungeonlords789@yandex.ru>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
By default go tries to include version control (VCS) information in
binaries. Since Buildroot separates version control from the build
process it is sensible to disable this behavior.
This avoids build errors when building with a git repository higher
up in the tree owned by root. In this case the go build system
calls `git status --porcelain` which returns with an error:
fatal: detected dubious ownership in repository at '/build'
Signed-off-by: Stefan Agner <stefan@agner.ch>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Since the commit [1], the utils/genrandconfig script improved the
configuration randomization used by autobuilders. Since then it can
generate a configuration that is not suitable for an external toolchain
such the "Codescape IMG GNU Linux Toolchain".
Indeed this toolchain can be selected for mips32r5 or mips64r5 while only
mips32r2 or mips64r2 are really supported. The toolchain issue will be
fixed in a followup change.
We want to catch such issue in check_unusable_toolchain function otherwise
it is detected late during the sysroot import into staging and trigger
a weird error message:
ln: failed to create symbolic link 'output/host/mips64el-buildroot-linux-gnu/sysroot//nvmedata/autobuild/instance-25/buildroot/libc.a': No such file or directory
ln: failed to create symbolic link 'output/host/mips64el-buildroot-linux-gnu/sysroot/usr//nvmedata/autobuild/instance-25/buildroot/libc.a': No such file or directory
This is similar test than for the main sysroot check but this time we have
to use the toolchain cflags to check the architecture sysroot.
If the architecture sysroot doesn't exist, the toolchain will reply with
"libc.a".
Either the toolchain is really broken or we used a wrong target
architecture variant. In the later case, the toolchain infrastructure will
print a meaningful error message.
Note: We also may get a similar issue using the toolchain-external-custom package
if a toolchain is used with a wrong target architecture variant.
Fixes:
http://autobuild.buildroot.org/results/701/701e8a5f713f7bdd1f32a4c549cdaac580e2522a/
[1] aeee90ec10
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
I do constantly get mails that fluent-bit fails to build for s390x.
So added this to ensure that the s390x architecture is checked as well
if I manually do:
$ ./utils/test-pkg -p fluent-bit -a
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- require threads and dynamic library support
- require sync_4 support
- provide fts.h through musl-fts
static_assert is not available if no C++ toolchain or no glibc
is used, so add two patches to fix this
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
go1.19.6 (released 2023-02-14) includes security fixes to the crypto/tls,
mime/multipart, net/http, and path/filepath packages, as well as bug fixes to
the go command, the linker, the runtime, and the crypto/x509, net/http, and time
packages. See the Go 1.19.6 milestone on the Go issue tracker for details.
CVE-2022-41725: net/http, mime/multipart: denial of service from excessive resource consumption
CVE-2022-41724: crypto/tls: large handshake records may cause panics
CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding
https://go.dev/doc/devel/release#go1.19.minor
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is stable bugfix release of libmdbx,
in memory of Sergey Kapitsa (Russian physicist and demographer) on his 95th birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot,
at least this release fixes build for sh4 arch.
Release notes for v0.11.14
--------------------------
Fixes:
- backport: Refined the `__cold`/`__hot` macros to avoid the
`error: inlining failed in call to ‘always_inline FOO(...)’: target specific option mismatch`
issue during build using GCC >10.x for SH4 arch.
Actually this is GCC' SH4-backend bug which triggered by the `__attribute__((__optimize__("Os")))`
used in conjunction with the `__attribute__((__cold__))`.
- backport: Fixed `SIGSEGV` or an erroneous call to `free()` in case where
errors occur when reopening by `mdbx_env_open()` of a previously used
environment.
- backport: Fixed `cursor_put_nochecklen()` internals for case when dupsort'ed named subDb
contains a single key with multiple values (aka duplicates), which are replaced
with a single value by put-operation with the `MDBX_UPSERT+MDBX_ALLDUPS` flags.
In this case, the database becomes completely empty, without any pages.
However exactly this condition was not considered and thus wasn't handled correctly.
See [issue#8](https://gitflic.ru/project/erthink/libmdbx/issue/8) for more information.
- backport: Fixed extra assertion inside `override_meta()`, which could
lead to false-positive failing of the assertion in a debug builds during
DB recovery and/or auto-rollback.
Minors:
- backport: Fixed typos.
- backport: Refined `const` and `noexcept` for few C++ API methods.
- backport: Resolve false-posirive `used uninitialized` warning from GCC >10.x
while build for SH4 arch.
- backport: Fixed insignificant typo of `||` inside `#if` byte-order condition.
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update the license hash because of a change in copyright year:
- Copyright (C) 1997-2022 Sam Lantinga <slouken@libsdl.org>
+ Copyright (C) 1997-2023 Sam Lantinga <slouken@libsdl.org>
Signed-off-by: Michael Fischer <mf@go-sys.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 6.0.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The 4.9.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a link to RVspace Documentation Center, which did not exist
when readme.txt was first submitted. It provides datasheet, quick
start, schematics, and so on.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A COPYING file has been added to rtl8723ds as of the most recent commit.
Update the version of the package and add the license file hash.
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported by Yann in [1], Kconfig warns about an unmet dependency.
The issue can be reproduced on master branch at commit 451672e,
with the command:
KCONFIG_SEED=0x1D15B9D4 make randconfig
The patch adds the missing dependency.
Fixes:
WARNING: unmet direct dependencies detected for BR2_PACKAGE_PYTHON_AUTOBAHN
Depends on [n]: BR2_PACKAGE_PYTHON3 [=y] && BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS [=n]
Selected by [y]:
- BR2_PACKAGE_PYTHON_MAGIC_WORMHOLE_MAILBOX_SERVER [=y] && BR2_PACKAGE_PYTHON3 [=y]
[1] https://lists.buildroot.org/pipermail/buildroot/2023-February/661898.html
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
zabbix uses custom --enable-{static,shared} options, instead of standard
libtool directives resulting in the following build failure with openssl
or libcurl:
configure:13132: /home/autobuild/autobuild/instance-6/output-1/host/bin/or1k-buildroot-linux-gnu-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Ofast -g0 -I/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/include -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -rdynamic -static -L/home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib conftest.c -lssl -lcrypto -lm >&5
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(dso_dlfcn.o): in function `dlfcn_globallookup':
dso_dlfcn.c:(.text+0x2c): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_addr.o): in function `BIO_lookup_ex':
b_addr.c:(.text+0x1128): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /home/autobuild/autobuild/instance-6/output-1/host/or1k-buildroot-linux-gnu/sysroot/usr/lib/libcrypto.a(b_sock.o): in function `BIO_gethostbyname':
b_sock.c:(.text+0x90): warning: Using 'gethostbyname' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/or1k-buildroot-linux-gnu/10.3.0/../../../../or1k-buildroot-linux-gnu/bin/ld: /tmp/cceWHjDi.o: in function `main':
conftest.c:(.text.startup+0x8): undefined reference to `SSL_connect'
[...]
configure: error: OpenSSL library libssl or libcrypto not found
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without C++ raised since the addition ot
the package in commit 93ce3c1be0:
CMake Error at CMakeLists.txt:1 (PROJECT):
No CMAKE_CXX_COMPILER could be found.
Tell CMake where to find the compiler by setting either the environment
variable "CXX" or the CMake cache entry CMAKE_CXX_COMPILER to the full path
to the compiler, or to the compiler name if it is in the PATH.
Fixes:
- http://autobuild.buildroot.org/results/a7f2176d40f156c319754ef5d3b7fd0decfe754f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop unrecognized variables:
CMake Warning:
Manually-specified variables were not used by the project:
BUILD_DOC
BUILD_DOCS
BUILD_EXAMPLE
BUILD_EXAMPLES
BUILD_TEST
BUILD_TESTING
BUILD_TESTS
CMAKE_CXX_COMPILER_FORCED
DISABLE_STATIC
ENABLE_SHARED
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
wchar is mandatory since switch to an active fork in commit
456a739831:
In file included from /home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/Result.h:12,
from /home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/GTIN.cpp:9:
/home/autobuild/autobuild/instance-13/output-1/build/zxing-cpp-1.4.0/core/src/Content.h:40:14: error: 'wstring' in namespace 'std' does not name a type
40 | std::wstring render(bool withECI) const;
| ^~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/4f97f1b291a99218f4706fce8b2934bd845755e1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Entries for "gnupg2" and "test_python_hkdf.py" were not at the right
position.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
In commit 04154a6517 (support/download/cargo-post-process: cargo
output for vendor config), we switched away from our hand-crafted
cargo.toml mangling, to use cargo itself to update that file.
In doing so, we enabled the shell pipefail option, so that we could
catch cargo failures, while redirecting its output through tee to the
cargo.toml.
However, pipefail is overzealous, and will hit us even for pipes we do
not want to globally fail, like the one that actually checks whether an
archive is already vendored or not:
if tar tf "${output}" | grep -q "^[^/]*/VENDOR" ; then
...
with pipefail, the above may always fail:
- if the tarball is already vendored, grep will exit on the first
match because of -q (it only needs a single match to decide that its
return code will be zero), so the | will get closed, and tar may
get -EPIPE before it had a chance to finish listing the archive, and
thus would terminate in error;
- if the tarball is not vendored, grep will exit in error.
It turns out that the tee was only added so that we could see the
messages emitted by cargo, and still fill the cargo.tom with the output
of cargo.
But that's a bit overkill: the cargo messages are going to stderr, and
the blurb to add to cargo.toml to stdout, so we just need to redirect
stdout.
Yes, we do not see what cargo added to cargo.toml, but that is not so
interesting.
Still, cargo ends its messages with a suggestion for the user to modify
cargo.toml, with:
To use vendored sources, add this to your .cargo/config.toml for this project:
But since we've already redirected that to cargo.toml, there is nothing
for the user to edit, so the above can get confusing. Emit a little
blurb that states that everything is under control.
And then we can drop pipefail.
Note: the go-post-process initially had pipefail too, but it was dropped
in bfd1a31d0e (support/download/go-post-process: drop -o pipefail) as
it was causing spurious breakage when extracting the archive before
vendoring, so it is only reasonable that we also remove it from the
cargo-post-process.
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Simon Richter <simon.richter@ptwdosimetry.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/12a/12a63ae177fe3ed0c9a1ef2fa01870f334f36b0f/
Currently, when the post-process helper fails while downloading from
upstream, there is no fallback to the backup mirror.
In case the post-process helper fails, we must consider that to be a
download failure, so we must bail out as if the download backend itself
did fail, but we fail to do so.
Duplicate the logic we have for the download helper: if the post-process
helper fails, remove the downloaded stuff, and continue on to the next
URI, which will ultimately hit the backup mirror (if one has been
configured).
Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/820/820e98b1c126469b1f180f078d102ded43b9c40e/
scripts/Makefile.am of mosh-1.4.0 needs the perl diagnostics module on the host:
make[3]: Entering directory '/home/buildroot/autobuild/instance-2/output-1/build/mosh-1.4.0/scripts'
perl -Mdiagnostics -c ./mosh.pl
Can't locate diagnostics.pm in @INC (you may need to install the diagnostics module) (@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl /usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5).
BEGIN failed--compilation aborted.
So add a check for it in dependencies.sh similar to the other perl modules.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are three ways to run chronyd:
- start as root, and continue running as root;
- start as root, then setuid() to a non-root user via either a command
line option or a configuration directive;
- start as root, and setuid() to a build-time specified non-root user.
Currently, the first situation is used by Buildroot, which does not
follow security best practices of dropping elevated privileges for
daemon at runtime when that is possible.
We switch to the third situation, where a compile-time default non-root
user is then used at runtime to drop privileges, with libcap used to
keep the capabilities required to call the appropriate syscalls to
adjust the system time (typically, CAP_SYS_TIME to call adjtimex() or
clock_settime() et al.).
This means that libcap is now a mandatory dependency.
To be noted: users who previously had configured their systems to run
chronyd as non root, would have done so with either the command-line
option (`-u`), or the configuration directive (`user`). Those take
precedence over the compile-time default, so this should not break their
systems (presumably, they also run as the `chrony` user). They would
also have taken care to run chronyc as the appropriate user to
manipulate chronyd at runtime via the UNIX socket.
For those who were running chronyd as root, this does not change either:
the functionality is unchanged, and they were running chronyc as root,
which should still be capable of manipulating chronyd via its UNIX
socket.
Take that opportunity to brine chrony's Config.in to current coding
style: enclose sub-option in an if-endif block.
Signed-off-by: James Kent <james.kent@orchestrated-technology.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The size of xipImage has grown by 84KB but there are still 278KB left
before running out of 2MB of flash memory.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Further fix on top on 9d1b223b91 (package/pkg-waf: add missing $).
Repeat after me: all variables in an inner-package macro must be
expanded, except for: parameters, pkgdir, and pkgname.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit adds two new test cases:
- TestNodeJSBasic which builds a target configuration with just
NodeJS enabled, and which runs a very simple NodeJS script on the
target.
- TestNodeJSModule, which builds a target configuration with NodeJS
enabled + the installation of one extra module, which means npm on
the host (from host-nodejs) is used, and which runs a very simple
NodeJS script on the target that uses this extra module.
Having both tests separately allows to validate that both nodejs-only
and nodejs+host-nodejs configurations behave correctly, at least in
minimal scenarios.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default, NodeJS searches global modules in /usr/lib/node, but NPM
installs them in /usr/lib/node_modules/. Therefore by default, if one
installs modules with BR2_PACKAGE_NODEJS_MODULES_ADDITIONAL, they are
not accessible by NodeJS, unless by passing a
NODE_PATH=/usr/lib/node_modules/ variable. Since this is not obvious,
and it's nicer when things work out of the box, we simply patch NodeJS
to look for modules at the right place.
See
https://stackoverflow.com/questions/15636367/nodejs-require-a-global-module-package
for some discussions on this topic.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
During the last U-boot version bump it's not been noted that the TPL
was not prepended to SPL anymore preventing the board to boot, so
let's copy TPL to the image folder, prepend it to u-boot-spl-dtb.bin
and place it at offset 32KB, where RK3288 bootrom expects to find
it. Let's also place u-boot-dtb separated from SPL at offset 8M, where
the SPL expects it to find it.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Elixir was a dependency of rabbitmq-server which got dropped in
89815bad0a. It is a host package with no other
users, hence it is no longer required. Additionally, newer versions require
Erlang 23+.
Signed-off-by: Frank Vanbever <frank.vanbever@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When generating legal info with a configuration enabling a package which uses
flit as setup type, we get a warning about python-flit-core license:
WARNING: python-flit-core-3.8.0: cannot save license (HOST_PYTHON_FLIT_CORE_LICENSE_FILES not defined)
Add missing variable to point to python-flit-core license file
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
[Peter: add sha256sum to .hash file]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Wpewebkit needs cmake >= 3.20 when building with the make backend since
wpewebkit 3.8.0.
Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.
https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Webkitgtk needs cmake >= 3.20 when building with the make backend since
webkitgtk 3.8.0.
Cmake 3.20 is above our minimal version in
support/dependencies/check-host-cmake.mk, so this breaks builds on hosts
with cmake >= 3.18 < 3.20 - So use the ninja backend instead.
https://github.com/WebKit/WebKit/commit/6cd89696b5d406c1a3d9a7a9bbb18fda9284fa1f
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Waf requires that the version of the waf script matches the version of
waflib, so drop any bundled waf/waflib if _NEEDS_EXTERNAL_WAF is used, as
otherwise waf errors out with errors like:
Waf script '2.0.24' and library '1.9.3' do not match
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
[Peter: Run as a post-patch hook as suggested by Yann]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explicitly set installed_tests to disabled.
Drop patch which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Instead of undefining endiannes CFLAGS let's change the approach.
Let's disable the CONFIG_PLATFORM_I386_PC that is set to y by default
involving the endianness to be set to little. This way we can set the
CFLAGS according to architecture with some default define like:
-DCONFIG_IOCTL_CFG80211
-DRTW_USE_CFG80211_STA_EVENT
-Wno-error
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog (for details see [1] and [2]):
Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
*) Fixed X.400 address type confusion in X.509 GeneralName.
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
vulnerability may allow an attacker who can provide a certificate chain and
CRL (neither of which need have a valid signature) to pass arbitrary
pointers to a memcmp call, creating a possible read primitive, subject to
some constraints. Refer to the advisory for more information. Thanks to
David Benjamin for discovering this issue. (CVE-2023-0286)
This issue has been fixed by changing the public header file definition of
GENERAL_NAME so that x400Address reflects the implementation. It was not
possible for any existing application to successfully use the existing
definition; however, if any application references the x400Address field
(e.g. in dead code), note that the type of this field has changed. There is
no ABI change.
[Hugo Landau]
*) Fixed Use-after-free following BIO_new_NDEF.
The public API function BIO_new_NDEF is a helper function used for
streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
be called directly by end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1
filter BIO onto the front of it to form a BIO chain, and then returns
the new head of the BIO chain to the caller. Under certain conditions,
for example if a CMS recipient public key is invalid, the new filter BIO
is freed and the function returns a NULL result indicating a failure.
However, in this case, the BIO chain is not properly cleaned up and the
BIO passed by the caller still retains internal pointers to the previously
freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
then a use-after-free will occur. This will most likely result in a crash.
(CVE-2023-0215)
[Viktor Dukhovni, Matt Caswell]
*) Fixed Double free after calling PEM_read_bio_ex.
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
data. If the function succeeds then the "name_out", "header" and "data"
arguments are populated with pointers to buffers containing the relevant
decoded data. The caller is responsible for freeing those buffers. It is
possible to construct a PEM file that results in 0 bytes of payload data.
In this case PEM_read_bio_ex() will return a failure code but will populate
the header argument with a pointer to a buffer that has already been freed.
If the caller also frees this buffer then a double free will occur. This
will most likely lead to a crash.
The functions PEM_read_bio() and PEM_read() are simple wrappers around
PEM_read_bio_ex() and therefore these functions are also directly affected.
These functions are also called indirectly by a number of other OpenSSL
functions including PEM_X509_INFO_read_bio_ex() and
SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
internal uses of these functions are not vulnerable because the caller does
not free the header argument if PEM_read_bio_ex() returns a failure code.
(CVE-2022-4450)
[Kurt Roeckx, Matt Caswell]
*) Fixed Timing Oracle in RSA Decryption.
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA padding
modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
(CVE-2022-4304)
[Dmitry Belyavsky, Hubert Kario]
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
[1] https://www.openssl.org/news/cl111.txt
[2] https://www.openssl.org/news/vulnerabilities.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit bed21bb9b added a patch to change configure.ac but failed to
update configure which caused build failures due to the timestamp
difference between configure and configure.ac and the makefile attempting
to run aclocal.
XZ_AUTORECONF = YES creates a circular dependency where the host autotools
need host-xz which also gets patched. Because of this, we need to patch
xz's configure script manually and NOT patch configure.ac so its timestamp
stays older than Makefile.in.
While we're doing this, correct the language in the commit body of the
patch, remove a stray whitespace, and fix the offset for configure.ac
Fixes: bed21bb9b ("package/xz: fix microblaze compiles")
Fixes: http://autobuild.buildroot.net/results/958/9586f21e447ef9923606b1385ff333138406b685/
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
[Peter: Only patch configure]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
All the errors in existing scripts in utils/ have been fixed, so nothing
needs to be added to .checkpackageignore.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/test-pkg line 8:
if [ ! -z "${TEMP_CONF}" ]; then
^-- SC2236: Use -n instead of ! -z.
In utils/test-pkg line 75:
TEMP_CONF=$(mktemp /tmp/test-${pkg}-config.XXXXXX)
^----^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
TEMP_CONF=$(mktemp /tmp/test-"${pkg}"-config.XXXXXX)
In utils/test-pkg line 76:
echo "${pkg_br_name}=y" > ${TEMP_CONF}
^----------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
echo "${pkg_br_name}=y" > "${TEMP_CONF}"
In utils/test-pkg line 86:
if [ ${random} -gt 0 ]; then
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${random}" -gt 0 ]; then
In utils/test-pkg line 90:
if [ ${number} -gt 0 ]; then
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${number}" -gt 0 ]; then
In utils/test-pkg line 109:
toolchains=($(sed -r -e 's/,.*//; /internal/d; /^#/d; /^$/d;' "${toolchains_csv}" \
^-- SC2207: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
In utils/test-pkg line 110:
|if [ ${random} -gt 0 ]; then \
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
|if [ "${random}" -gt 0 ]; then \
In utils/test-pkg line 111:
sort -R |head -n ${random}
^-------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
sort -R |head -n "${random}"
In utils/test-pkg line 121:
if [ ${nb_tc} -eq 0 ]; then
^------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${nb_tc}" -eq 0 ]; then
In utils/test-pkg line 134:
printf "%40s [%*d/%d]: " "${toolchain}" ${#nb_tc} ${nb} ${nb_tc}
^---^ SC2086: Double quote to prevent globbing and word splitting.
^------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
printf "%40s [%*d/%d]: " "${toolchain}" ${#nb_tc} "${nb}" "${nb_tc}"
In utils/test-pkg line 146:
${nb} ${nb_skip} ${nb_fail} ${nb_legal} ${nb_show}
^---^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
^---------^ SC2086: Double quote to prevent globbing and word splitting.
^--------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
"${nb}" "${nb_skip}" "${nb_fail}" "${nb_legal}" "${nb_show}"
In utils/test-pkg line 160:
CONFIG_= support/kconfig/merge_config.sh -O "${dir}" \
^-- SC1007: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
In utils/test-pkg line 181:
if [ ${prepare_only} -eq 1 ]; then
^-------------^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
if [ "${prepare_only}" -eq 1 ]; then
For more information:
https://www.shellcheck.net/wiki/SC1007 -- Remove space after = if trying to...
https://www.shellcheck.net/wiki/SC2207 -- Prefer mapfile or read -a to spli...
https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
The suggestions from shellcheck can be applied.
This script already uses bash so we can rely on mapfile.
The warning about CONFIG_= assignment misinterpreted the intention: we
don't want to assign to CONFIG_, we want to clear it from the
environment. Spell this as CONFIG_="".
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/docker-run line 10:
--user $(id -u):$(id -g) \
^------^ SC2046: Quote this to prevent word splitting.
^------^ SC2046: Quote this to prevent word splitting.
The suggestions from shellcheck can be applied.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/config line 54:
ARG="`echo $ARG | tr a-z- A-Z_`"
^------------------------^ SC2006: Use $(...) notation instead of legacy backticked `...`.
^--^ SC2086: Double quote to prevent globbing and word splitting.
Did you mean:
ARG="$(echo "$ARG" | tr a-z- A-Z_)"
In utils/config line 87:
local tmpfile="$infile.swp"
^-----^ SC2034: tmpfile appears unused. Verify use (or export if used externally).
In utils/config line 182:
if [ $? != 0 ] ; then
^-- SC2181: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?.
For more information:
https://www.shellcheck.net/wiki/SC2034 -- tmpfile appears unused. Verify us...
https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ...
https://www.shellcheck.net/wiki/SC2006 -- Use $(...) notation instead of le...
The suggestions from shellcheck can be applied.
The unused variable tmpfile in fact occurs in several functions, all of
them can be removed.
For the check exit code, the condition is swapped to avoid negative
logic.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
In utils/brmake line 6:
local found ret start d h m mf
^---^ SC2034: found appears unused. Verify use (or export if used externally).
In utils/brmake line 16:
> >( while read line; do
^--^ SC2162: read without -r will mangle backslashes.
For both, the suggestions from shellcheck can be applied.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
i3-compatible Wayland compositor
This Wayland compositor can be used as a kiosk compositor like cage, but
with the advantage of better configuration of multiple monitor and
windows. For example, move a window by title to the output X or set the
resolution of Y to Z.
Signed-off-by: Raphael Pavlidis <raphael.pavlidis@gmail.com>
[Peter: Fix white space, add gdk-pixbuf to _DEPENDENCIES]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Even though it works, overriding --prefix at installation time is a
bit weird. In order to be more consistent with what is done with other
build systems, use DESTDIR instead at installation time.
Note that $(DESTDIR) comes in addition to the
-DCMAKE_INSTALL_PREFIX=/usr that is passed at configure time, so with
this commit, the files continue to be installed in $(STAGING_DIR)/usr
and $(TARGET_DIR)/usr as they should be.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even though it works, overriding --prefix at installation time is a
bit weird. In order to be more consistent with what is done with other
build systems, use DESTDIR instead at installation time.
Note that $(DESTDIR) comes in addition to the
-DCMAKE_INSTALL_PREFIX=/usr that is passed at configure time, so with
this commit, the files continue to be installed in $(STAGING_DIR)/usr
and $(TARGET_DIR)/usr as they should be.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently only SysV init scripts are checked using shellcheck and a few
other rules (e.g. variable naming, file naming).
Extend the check using shellcheck to all shell scripts in the tree.
This is actually limited to the list of directories that check-package
knows that can check, but that list can be expanded later.
In order to apply the check to all shell scripts, use python3-magic to
determine the file type. Unfortunately, there are two different python
modules called "magic". Support both by detecting which one is installed
and defining get_filetype accordingly.
Keep testing first for name pattern, and only in the case there is no
match, check the file type. This ensures, for instance, that SysV
init scripts follow specific rules.
Apply these checks for shell scripts:
- shellcheck;
- trailing space;
- consecutive empty lines;
- empty last line on file;
- newline at end of file.
Update the list of ignored warnings.
Do not add unit tests since no function was added, they were just
reused.
But expand the runtime test for check-package using as fixture a file
that generates a shellcheck warning.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Arnout: support both variants of the "magic" module]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 4a6f9d2516 removed
package/urandom-scripts/S20urandom but didn't remove it from
.checkpackageignore. Do so now.
The commit actually renamed it to S20seedrng, but it also fixed the
Variables errors so it no longer needs to be ignored.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop patches which are no longer required.
Verified license remains Apache-2.0 after hash change.
Rework config options for 1.4.0.
Add new host-pkgconf and stb build dependency.
Drop optional libiconv dependency which is no longer used.
Add optional python module support.
Add optional qt5 support.
Add optional opencv4 support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This will be needed for upcoming pipewire compress offload support.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
security fix:
A malicious certificate revocation list or timestamp response token
would allow an attacker to read arbitrary memory.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The time between version 2.17.0 being tagged and the release of its
tarball version containing autoconf scripts was three weeks now.
With the switch to meson we can directly use the github-generated
tarball while not needing to run autoreconf.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When building with BR2_REPRODUCIBLE the toolchain wrapper passes
-fdebug-prefix-map for all packages that are built. But this doesn't
affect the target libraries (like libgcc) built by GCC's build system.
GCC 4.3 added a configure option to set the debug prefix map for these
libraries, which is used here to avoid encoding potentially
non-reproducible build paths into the debug data.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The go vendoring fails on CentOS 7 (which uses git 1.8.3.1) with errors
related to shallow clones:
make docker-compose-source
..
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
github.com/docker/compose/v2/pkg/mocks imports
github.com/theupdateframework/notary/client imports
github.com/docker/go/canonical/json: github.com/docker/go@v1.5.1-1.0.20160303222718-d30aec9fd63c: invalid pseudo-version: git fetch --unshallow -f origin in /home/jacmet/source/buildroot-mirror/output/host/share/go-path/pkg/mod/cache/vcs/48fbd2dfabec81f4c93170677bfc89087d4bec07a2d08f6ca5ce3d17962677ee: exit status 128:
fatal: git fetch-pack: expected shallow list
make[1]: *** [/home/jacmet/source/buildroot-mirror/output/build/docker-compose-2.15.1/.stamp_downloaded] Error 1
It works with git 2.0.0 (released May 2014, included in Debian 8), so check
for >= 2.0.0 with logic similar to the GNU patch version check.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The vendoring done for cargo / go packages (may) need git, so ensure we
check for it in dependencies, similar to how it is done for packages
directly using git.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When gitlab prepares a job to run, it checks out the repository with a
non-root user, and spawns a container that runs as root, with some UID
mapping that makes the files be owned by root in the container. However,
our pipelines run as a nont-root user.
Commit bde165f7ad (.gitlab-ci.yml: update Docker image to use) updated
the docker image that is used to run in our pipelines.
That new image includes a git version that is stricter about the
ownership of the git tree it is acting in: git aborts in error when the
user running it does not own the repository.
We use `git ls-tree` quite a lot in our check-{flake8,package,symbols}
rules, so they all fail (in various ways).
To fix this, we either need to fix the ownership or tell git to ignore
the situation.
It is most probably impossible to change the ownership of the files: we
run as non-root,and the files belong to root (in the container). So
we're stuck.
The alternative, is to do as git suggest, and tell it to ignore the
situation. In a local setup, this would be very insecure, but in the
pipelines, this is in a throw-away container, where a single user exists
and is running, so we don't care much (if at all).
Add a global before_script that registers the git config to ignore
ownership issues in the buildroot repository; see [0] for the definition
of the CI_PROJECT_DIR variable. Note: unlike what is said in there, and
in [1], the value actually seen in CI_PROJECT_DIR is already prefixed
with CI_BUILDS_DIR (the documentation is unclear about that point).
[0] https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
[1] https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When gitlab prepares a job to run, it checks out the repository with a
non-root user, and spawns a container that runs as root, with some UID
mapping that makes the files be owned by root in the
container. However, our pipelines run as a nont-root user.
Commit bde165f7ad (.gitlab-ci.yml: update Docker image to use) updated
the docker image that is used to run in our pipelines.
That new image includes a git version that is stricter about the
ownership of the git tree it is acting in: git aborts in error when the
user running it does not own the repository.
We use `git ls-tree` quite a lot in our check-{flake8,package,symbols}
rules, so they all fail (in various ways).
To fix this, we either need to fix the ownership or tell git to ignore
the situation. In either case, we'll need to run a scriptlet before all
our jobs.
Gitlab-ci allows to provide a global before_script, that is inherited by
all jobs. However, some of our jobs already declare a before_script, and
that would shadow the global before_script.
There is no technical reason to do our before_script separately from
the actual script, so we move the code from the before_scripts to the
corresponding scripts.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To quote the README:
> Kernel versions below 4.15 have significant gaps in functionality and
> are not recommended for use with this version of systemd. Taint flag
> 'old-kernel' will be set. Systemd will most likely still function, but
> upstream support and testing are limited.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Set -Ddefault-dnssec=allow-downgrade if openssl is available as both
openssl and gcrypt are now supported for dnssec. Move this out of the
gcrypt condition into a joint openssl/gcrypt condition. So the
dependency and the openssl/gcrypt config is set in the individual
openssl and gcrypt conditions, while the default-dnssec option is set in
a joint openssl or gcrypt condition.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Following files changed *license* from CC0-1.0 to MIT-0:
- src/systemctl/systemd-sysv-install.SKELETON
- config files
- examples under /network
The file LICENSES/MIT-0.txt has been added for this reason,
hashes added, corrected for LICENSES/README.md.
Kernel version 3.15 is now the bare minimum, but only
version 4.15 and higher are fully supported and tested:
- bump kernel header dependencies
- correct kconfig description
- improvements to make the kconfig description better reflect
the information from the README
Set new options to their default, remove -Defi-cc option.
Set -Ddbus=false to ensure dbus dependency is runtime only.
Set -Ddbus-interfaces-dir=no as interface XML file generation is
not supported when cross compiling.
Set -Ddefault-user-shell=/bin/sh to the always available shell.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
wolfssl contains some assembly code and its configure.ac script
enables the assembly code depending on the CPU architecture. However,
the detection logic is not sufficient and leads to using the assembly
code in situation where it should not.
Here are two examples:
- As soon as the architecture is mips64/mips64el, it uses assembly
code, but that assembly code is not mips64r6 compatible.
- As soon as the architecture is RISC-V, it uses assembly code, but
that assembly code uses multiplication instructions, without paying
attention that the "M" extension may not be available in the RISC-V
CPU instruction set.
In order to avoid this, we introduce a
BR2_PACKAGE_WOLFSSL_ASM_SUPPORTS hidden boolean to decide when to
enable/disable assembly code. We set an initial value with the
supported CPU architectures, with the exclusion of the problematic
cases described above.
It is pretty likely that this variable will need tuning progressively,
as it is difficult to determine which CPU variants exactly are
supported by the assembly code in wolfssl.
Fixes:
- MIPS64 case: http://autobuild.buildroot.net/results/43e/43ee1a457cbeb986d958c9a70cac0676377661c0/
- RISC-V case: http://autobuild.buildroot.net/results/f05/f056ebe7749a69994afba39a9d4967e2774c45ea/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default on ARM32, wolfssl uses assembly instructions that are not
supported on Thumb (original Thumb, not Thumb 2), causing a build
failure:
/tmp/ccgn33X7.s:299: Error: selected processor does not support `umlal r4,r5,r10,ip' in Thumb mode
/tmp/ccgn33X7.s:386: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'
/tmp/ccgn33X7.s:387: Error: unshifted register required -- `adc r3,r3,#0'
/tmp/ccgn33X7.s:395: Error: instruction not supported in Thumb16 mode -- `adds r4,r4,r6'
Fix that by passing --with-arm-target=thumb, which tells wolfssl to
use a different set of assembly routines.
Fixes:
http://autobuild.buildroot.net/results/907/907a5967439c3157c426023b0be1e613092d7bfe/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
wolfSSL has ARMv8-A assembly implementations of some functions for
both A64 and A32 ISAs. However, some of the A32 versions use r11,
which is usually not allowed:
wolfcrypt/src/port/arm/armv8-aes.c: In function 'wc_AesCbcEncrypt':
wolfcrypt/src/port/arm/armv8-aes.c:3303:5: error: fp cannot be used in 'asm' here
3303 | }
| ^
That can be fixed by adding the compiler flag -fomit-frame-pointer,
but then there is another failure:
/tmp/ccV19DQV.s: Assembler messages:
/tmp/ccV19DQV.s:248: Error: first transfer register must be even -- `ldrd r11,r10,[r14,#4*14]'
make[3]: *** [Makefile:5858: wolfcrypt/src/port/arm/src_libwolfssl_la-armv8-chacha.lo] Error 1
This is definitely not a valid instruction in A32, which suggests that
this code isn't being tested at all upstream. So disable it here.
Fixes:
http://autobuild.buildroot.net/results/502/502a2b217845eb290c1961d4740b032462f8ae53/
Signed-off-by: Ben Hutchings <ben.hutchings@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The gcc plugin test was not using the -q option to grep causing it to print
the line to stdout, so fix that.
While we're at it, adjust the locale check to use grep -q instead of
redirecting to /dev/null for consistency with the other checks.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We have a new Docker image, updated with the new requirements from
bcd15aa08a ("support/docker: add
python3-magic"), but also with an updated Debian Bullseye
installation. Let's use it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
snapshot.debian.org is notoriously slow, and quite often leads to
timeouts when downloading packages. To give us a better chance of
succeeding, let's retry 3 times before failing.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The DODEBUG=y option of uClibc causes uClibc to be built with -O0 and
-DDEBUG, which has a significant runtime performance
impact. Currently, DODEBUG=y is passed when BR2_ENABLE_DEBUG=y, but
BR2_ENABLE_DEBUG is only about enabling debugging symbols, not about
runtime debugging additions. The more recently added
BR2_ENABLE_RUNTIME_DEBUG option is precisely designed for that, so we
changed the logic to pass DODEBUG=y when BR2_ENABLE_RUNTIME_DEBUG=y,
and not BR2_ENABLE_DEBUG=y.
This allows to build uClibc with debugging symbols when
BR2_ENABLE_DEBUG=y, without disabling optimizations and adding more
debugging features that have a runtime performance impact.
Signed-off-by: Ben Wolsieffer <Ben.Wolsieffer@hefring.com>
[Thomas: extracted from
https://patchwork.ozlabs.org/project/buildroot/patch/20220803200629.3172370-1-Ben.Wolsieffer@hefring.com/
and split into its own independent patch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On host without jq installed, test-pkg's output is as following:
$ ./utils/test-pkg -p mmc-utils
bootlin-armv5-uclibc [1/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
bootlin-armv7-glibc [2/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
JQ IS
OK
bootlin-armv7m-uclibc [3/6]: which: no jq in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/lib/llvm/14/bin:/usr/lib/llvm/13/bin:/usr/lib64/opencascade/bin)
...
Since test-pkg handles this case we can hide this error message and have
proper output:
$ ./utils/test-pkg -p mmc-utils
bootlin-armv5-uclibc [1/6]: OK
bootlin-armv7-glibc [2/6]: OK
bootlin-armv7m-uclibc [3/6]: OK
Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
host-python3 currently does not build if util-linux-uuid option is not
enabled, failing with the following error messages:
"""
/usr/lib64/ccache/gcc -fPIC -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -O2 -I/home/qschulz/work/upstream/buildroot/output/host/include -std=c11 -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wstrict-prototypes -Werror=implicit-function-declaration -fvisibility=hidden -I./Include/internal -I./Include -I. -I/home/qschulz/work/upstream/buildroot/output/host/include -I/usr/local/include -I/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Include -I/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1 -c /home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c -o build/temp.linux-x86_64-3.11/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.o
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c: In function ‘py_uuid_generate_time_safe’:
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:27:12: error: storage size of ‘uui ’ isn’t known
27 | uuid_t uuid;
| ^~~~
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:31:11: error: implicit declaration of function ‘uuid_generate_time_safe’; did you mean ‘py_uuid_generate_time_safe’? [-Werror=implicit-function-declaration]
31 | res = uuid_generate_time_safe(uuid);
| ^~~~~~~~~~~~~~~~~~~~~~~
| py_uuid_generate_time_safe
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:27:12: warning: unused variable ‘uuid’ [-Wunused-variable]
27 | uuid_t uuid;
| ^~~~
/home/qschulz/work/upstream/buildroot/output/build/host-python3-3.11.1/Modules/_uuidmodule.c:47:1: warning: control reaches end of non-void function [-Wreturn-type]
47 | }
| ^
cc1: some warnings being treated as errors
The necessary bits to build these optional modules were not found:
_dbm _gdbm _tkinter
nis readline
To find the necessary bits, look in setup.py in detect_modules() for the module's name.
The following modules found by detect_modules() in setup.py have not
been built, they are *disabled* by configure:
_ctypes_test _sqlite3 _testbuffer
_testcapi _testimportmultiple _testinternalcapi
_testmultiphase _xxtestfuzz
Failed to build these modules:
_uuid
"""
Therefore, let's disable building the _uuid extension the same way it's
done for the target package since commit 0b68713aae ("python3: use
pure python UUID backend").
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Required by micromamba.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
[Thomas:
- rework shared/static lib handling
- don't pass ENABLE_CONDA=ON based on BR2_PACKAGE_MICROMAMBA=y as
it's weird that a dependency does something different depending on
which of its reverse dependencies is enabled]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The RNG can't actually be seeded from a shell script, due to the
reliance on ioctls. For this reason, Busybox 1.36.0 contains SeedRNG, a
tiny program meant to be called at startup and shutdown (and at
arbitrary other points in between if desired). Note that initially,
the way seedrng was included in busybox broke things quite severely, but
now it's been reverted to a reasonably acceptable version.
This is a significant improvement over the current init script, which
doesn't credit entropy and whose hashing in shell scripts is sort of
fragile.
Because seedrng is part of busybox, urandom-scripts now depends on
BR2_PACKAGE_BUSYBOX. This can be removed again if later we add a
standalone seedrng package.
Add a decent explanation to the init script about the need for a
persistent directory to make this actually work.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
[Arnout:
- Remove busybox patch, it's now part of busybox 1.36.0.
- Depend on busybox.
- Fix shellcheck errors.
- Use DAEMON and SEEDRNG_ARGS.
- Don't bother with "seed_dir" and "skip_credit" variables.
- Rename to S20seedrng.
]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configuration checks should only be done when building so that
make allyespackageconfig && make source works.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following build failure with kernel >= 6.1
In file included from ./include/linux/string.h:20,
from ./include/linux/bitmap.h:11,
from ./include/linux/cpumask.h:12,
from ./include/linux/mm_types_task.h:14,
from ./include/linux/mm_types.h:5,
from ./include/linux/buildid.h:5,
from ./include/linux/module.h:14,
from /home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:24:
./arch/powerpc/include/asm/string.h:27:22: note: expected ‘void *’ but argument is of type ‘const unsigned char *’
27 | extern void * memcpy(void *,const void *,__kernel_size_t);
| ^~~~~~
/home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:661:9: error: too many arguments to function ‘netif_napi_add’
661 | netif_napi_add(netdev, &wc->napi, &wctc4xxp_poll, 64);
| ^~~~~~~~~~~~~~
In file included from ./include/net/inet_sock.h:19,
from ./include/linux/udp.h:16,
from /home/autobuild/autobuild/instance-11/output-1/build/dahdi-linux-3.2.0/drivers/dahdi/wctc4xxp/base.c:38:
./include/linux/netdevice.h:2562:1: note: declared here
2562 | netif_napi_add(struct net_device *dev, struct napi_struct *napi,
| ^~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/d7ce103a886329c68c04ebe05571be8f95a873ce
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove upstream patch 0003-awk-fix-use-after-free-CVE-2022-30065.patch
and update _IGNORE_CVES accordingly.
The two other CVE fixes are still not applied upstream. Renumber the
patches and update the comment in the .mk file.
Refresh busybox.config. All configs are set to the new defaults, except
for CONFIG_UDHCPC_DEFAULT_SCRIPT: for this one, reuse the script we also
use for DHCPv4. This is matches the behaviour previous to the bump,
where we had a single script handling both.
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Transit Relay server for Magic-Wormhole.
This repository implements the Magic-Wormhole "Transit Relay",
a server that helps clients establish bulk-data transit connections
even when both are behind NAT boxes. Each side makes a TCP connection
to this server and presents a handshake. Two connections with
identical handshakes are glued together, allowing them to pretend they
have a direct connection.
https://github.com/magic-wormhole/magic-wormhole-transit-relay
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Securely transfer data between computers.
This package provides a library and a command-line tool named
"wormhole", which makes it possible to get arbitrary-sized files
and directories (or short pieces of text) from one computer to
another. The two endpoints are identified by using identical
"wormhole codes": in general, the sending machine generates and
displays the code, which must then be typed into the receiving
machine.
https://github.com/magic-wormhole/magic-wormhole
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SPAKE2 password-authenticated key exchange (in pure python).
This library implements the SPAKE2 password-authenticated key
exchange ("PAKE") algorithm. This allows two parties, who share a
weak password, to safely derive a strong shared secret (and
therefore build an encrypted+authenticated channel).
https://github.com/warner/python-spake2
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 4cdd99190e (support/dependencies/dependencies.sh: require open perl
package for libxcrypt) added a check for the "open" perl module for
libxcrypt, but it does not work as "open" cannot be directly used with
"require" as an argument is needed:
perl -e "require open"
Not enough arguments for open at -e line 1, at EOF
Execution of -e aborted due to compilation errors.
So special case the check to instead check with "use open ':std'".
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Python idna package switched to pyproject.toml in commit:
https://github.com/kjd/idna/commit/2a00e518efe55d2eeb62cd3f88ace7db41338603
which is included in idna v3.4.
When using the old setuptools infra, the package is incorrectly
installed as v0.0, which is then incorrectly detected by other
packages when using setuptools pkg_resources.
The issue can be reproduced with the command:
python3 <<EOF
__requires__ = ["idna >= 2.5"]
import pkg_resources
EOF
which will fail with output:
pkg_resources.ContextualVersionConflict: (idna 0.0.0 (/usr/lib/python3.11/site-packages), Requirement.parse('idna>=2.5'), {'hyperlink'})
pkg_resources.DistributionNotFound: The 'idna>=2.5' distribution was not found and is required by hyperlink
This commit changes _SETUP_TYPE to "flit" to fix this issue.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit modifies the toolchain-wrapper to make sure that the
CCACHE_COMPILERCHECK and CCACHE_BASEDIR are only set if ccache support
is enabled. Indeed, when BR2_USE_CCACHE is not set (or to a value
different than 1), we don't call the compiler with ccache, so there is
no reason to set those ccache environment variables, and they could
potentially conflict with a separate usage of ccache, outside of
Buildroot, for example when using the Buildroot SDK.
In particular, the value of CCACHE_BASEDIR doesn't not make any sense
when the Buildroot toolchain is not used during the Buildroot build,
as it points to the output directory $(BASE_DIR).
We pay attention to also not show those variables as being set in the
BR2_DEBUG_WRAPPER dump.
To help a little bit with this, a ccache_enabled boolean is introduced
to indicate when ccache is being used.
There is still quite a bit of #ifdef-ery involved, but it's not easy
to find a simpler way to organize the code.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-By: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Like docker-engine and docker-cli, balena-engine uses a non-standard
vendor/ directory structure, so we use the same fixes as we introduced
for docker-engine ((see commit: package/docker-engine: bump version to
v23.0.0):
- remove the problematic vendor/modules.txt
- create a go.mod
Also remove the vendor/archive/ sub-tree (fixes a build error) because
Go no longer allows having duplicate packages in GOPATH and GOROOT.
vendor/archive/tar cannot be in vendor/ because it exists in the
standard library. Since we remove the full vendor/archive/, that is
also fixed.
https://github.com/balena-os/balena-engine/releases/tag/v20.10.26
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate versal-firmware package from nealfrager github to Xilinx github.
The images are identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Fixed android super.img loop download 52byte after some block
- Use login header as in curl
- Skip sleep in usb_add
- Add empty line after input password
- linux prompt ask user name and password for http(s) download
- fix linux build failure
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
copy_toolchain_lib_root was not handling the case of "readlink"
returning nothing, which will happen if the symlink it is trying to
resolve does not point to a valid file on the build host. This
shouldn't happen, but it can.
The end result of this situation would be an endless loop of error
messages that would only end if aborted manually.
[...]
cp: missing destination file operand after
'/local/users/mmayer/buildroot/output/arm64/target//'
Try 'cp --help' for more information.
readlink: missing operand
Try 'readlink --help' for more information.
basename: missing operand
Try 'basename --help' for more information.
dirname: missing operand
Try 'dirname --help' for more information.
^C
make[1]: *** [package/pkg-generic.mk:384:
Instead of looping endlessly without explanation, let's abort and
inform the user that something seems amiss with their setup.
Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Like docker-engine, docker-cli uses a non-standard vendor/ directory
structure, so we use the same fixes as we introduced for docker-engine
(see commit: package/docker-engine: bump version to v23.0.0):
- remove the problematic vendor/modules.txt
- create a go.mod
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- use post-extract hook
- simplify commit message to refer to docker-engine
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This update requires a few workaround for the non-standard vendor/
structure in the docker-engine repository.
First, as the vendor/ directory exists, our go-post-process script does
not do the vendoring, and exits early, which is exactly what we need.
Second, docker-engine does not use the "new" go.mod mechanism, so it
does not ship any go.mod file, so our go-post-proces, exiting early,
does not check that the go.mod file exists, and thus does not fail,
which is again exactly what we need.
Third, docker-engine has an invalid vendor/modules.txt file that we need
to remove or go would fail to build. Since our go-post-process exits
early, there is no vendoring, and thus it does not break at download,
which once more is exactly what we need.
However, the missing go.mod and the problematic vendor/modules.txt cause
go to fail at build time, which this time is not really, even really not,
what we want...
So, we fix it up in two ways.
First, the easy part: we just remove the problematic vendor/modules.txt
file.
Second, we create a go.mod to tell the Go compiler the root import path
prefix for the module and the language version. Note that the language
version in go.mod is not required to be equal the version of the Go
compiler.
Reference: https://github.com/moby/moby/issues/44618#issuecomment-1343565705
Note that as of v23.0.0 docker-engine expects containerd to be started
by systemd if --containerd= flag is set in dockerd.service, whereas in
previous versions containerd was started by the docker daemon as a
sub-process.
There is no sysv unit for containerd, but this is OK: in the Docker sysv
init file S60dockerd, we do not set the --containerd flag. The docker
daemon will start containerd as a sub-process automatically due to the
absence of this flag.
Signed-off-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr:
- run fixups in post-extract hook
- rework commit log for (hopefully) better explanations
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes:
http://autobuild.buildroot.net/results/16c/16cba783be11cc5024f9c56bb0a7abb0acf13ef8/
The configure script of libxcrypt needs the open perl module on the host:
Can't locate open.pm in @INC (you may need to install the open module) (@INC
contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./build-aux/scripts/expand-selected-hashes line 20.
So add a check for it in dependencies.sh similar to how it is done for mpv.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Starting from version 2021.10 only distro booting is supported, as
reported by commit ff8f277e9121 ("ti: am335x_evm: Switch to DISTRO_BOOT only").
The patch allows to update U-Boot to versions later than 2021.10.
Tested on beaglebone black.
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes http://autobuild.buildroot.net/results/166/1667b4ebd8e16e7d8b47bc3ca128a76daf27b4d9/
The configure script of host-libxml-parser-perl needs the English perl
module on the host:
ERROR from evaluation of
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/Expat/Makefile.PL:
Can't locate English.pm in @INC (you may need to install the English module)
(@INC contains:
/home/buildroot/autobuild/instance-1/output-1/build/host-libxml-parser-perl-2.46/inc
/home/buildroot/autobuild/instance-1/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5 .) at ./Makefile.PL line 3.
So add a check for it in dependencies.sh similar to the existing check for
ExtUtils::MakeMaker.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Running tests with top-level parallel builds can speed up running some
tests, expecially those that have a lot of packages like the systemd
init tests.
Trigger TLPB when the configuration enables per-package directories.
We're using the jlevel argument, which normally is used for BR2_JLEVEL
as the value for calling make -j<N> at the top-level. In fact,
BR2_JLEVEL is "unused" when using TLPB, because the top-level make
acts as the job server that distributes tokens to sub-makes (except
for the few build systems like waf or scons that don't support this),
so it's really the top-level make -j<N> that determines the level of
parallelism, and BR2_JLEVEL doesn't really have an effect.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: extend explanation a bit]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Start counting the line numbers in 1 instead of 0, in case an error
must be printed.
Both the error about a developer entry with no file entry and the error
about a file entry with no developer entry actually belong to the
non-empty line previous the one being analysed, so in these cases print
the line number from the line before.
Also count empty and comment lines, so a developer fixing the file can
jump to the correct line (or the nearest one).
At same time standardize the messages, printing the line number
also in the case of a warning for a file that is not in the tree
anymore.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently 4 types of parsing errors/warnings can be found:
- entry for a file that is not in the tree anymore (warning)
- developer entry with no file entry (error)
- file entry with no developer (error)
- entry that is not a developer, a file or a comment (hard error)
Currently only the last one ends the script with -v with error code.
Make all 3 error types into hard errors and bail out at the first error
found, because the rest of the state machine is not designed to handle
malformed input.
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dracut modules can only be looked for in HOST_DIR/lib/dracut/modules.d/
as dracut does not offer the possibility to look elsewhere.
Installing files in HOST_DIR/ can do done either from a host-package, or
via a post-built script; there is no overlay like there is for target/.
This is a bit cumbersome.
Additional modules are most probably developped in a relatively tight
loop with the configuration files, so it makes sense to expose both
close together.
Add an option to the fs/cpio filesystem, so users can point to a list
of modules to install.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thierry Bultel <thierry.bultel@linatsea.fr>
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes:
http://autobuild.buildroot.net/results/5d1/5d10f4f545dccf126e3f5b5efce777a393c5e7bc/http://autobuild.buildroot.net/results/7c2/7c2df31c6eb34b68e460e092d8c262bdc6c8f25a/
The configure script of (host-)libopenssl needs the FindBin perl module on the host:
Can't locate FindBin.pm in @INC (you may need to install the FindBin module)
(@INC contains: /home/buildroot/autobuild/instance-2/output-1/host/lib/perl
/usr/local/lib64/perl5/5.36 /usr/local/share/perl5/5.36
/usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5
/usr/share/perl5) at ./Configure line 15. BEGIN failed--compilation aborted
at ./Configure line 15.
As this is needed for both libopenssl and host-libopenssl (which does not
have a corresponding config symbol in the .config), we have to require it
unconditionally.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is the result of running
support/scripts/gen-bootlin-toolchains now that 2022.08 toolchains
have been made available.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
It will be needed by check-package to run checks according to the file
type (the same determined by the command 'file').
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
... just like check-flake8 already does.
When a new check_function is added to check-package, often there are
files in the tree that would generate warnings.
An example is the Sob check_function for patch files:
| $ ./utils/check-package --i Sob $(git ls-files) >/dev/null
| 369301 lines processed
| 46 warnings generated
Currently these warnings are listed when calling check-package directly,
and also at the output of pkg-stats, but the check_function does not run
on 'make check-package' (that is used to catch regressions on GitLab CI
'check-package' job) until all warnings in the tree are fixed.
This (theoretically) allows new .patch files be added without SoB,
without the GitLab CI catching it.
Since now check-package has an ignore file to list all warnings in the
tree, that will eventually be fixed, there is no need to filter the
files passed to check-package.
So test all files in the tree when 'make check-package' is called.
It brings following advantages;
- any new check_function added to check-package takes place immediately
for new files;
- adding new check_functions is less traumatic to the developer doing
this, since he/she does not need anymore to fix all warnings in the
tree before the new check_function takes effect;
- prevent regressions, e.g. ANY new .patch file must have SoB;
- as a side-effect, print a single statistics line as output of
'make ckeck-package'.
But just enabling the check would generate many warnings when
'make check-package' is called, so update the ignore file by using:
$ ./utils/docker-run make .checkpackageignore
Notice: in order to ensure reproducible results, one should run 'make
check-package' and 'make .checkpackageignore' inside the docker image,
otherwise a variation in shellcheck version (installed in the host) can
produce different results.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When a developer fixes an ignored warning from check-package, he/she
needs to update .checkpackageignore
By running './utils/docker-run make check-package' the developer
receives a warning about this.
Make that change easier to make, by adding a helper target on Makefile.
Add an option --failed-only to check-package that generates output in
the format:
<filename> <check_function> [<check_function> ...]
This is the very same format used by check-package ignore file.
Add the phony target .checkpackageignore
So one can update the ignore file using:
$ ./utils/docker-run make .checkpackageignore
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Extend test_check_package to also check the ignore list functionality.
Check:
- the entries in the ignore list use relative path;
- an entry in the ignore list actually ignores the warning;
- an outdated entry in the ignore list generates a warning by its own,
preventing the ignoring list to grow indefinitely.
For this to work, add 3 test fixtures, listing entries for an
pre-existing file in the br2-external used in the test.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When a new check_function is added to check-package, often there are
files in the tree that would generate warnings.
An example is the Sob check_function for patch files:
| $ ./utils/check-package --i Sob $(git ls-files) >/dev/null
| 369301 lines processed
| 46 warnings generated
Currently these warnings are listed when calling check-package directly,
and also at the output of pkg-stats, but the check_function does not run
on 'make check-package' (that is used to catch regressions on GitLab CI
'check-package' job) until all warnings in the tree are fixed.
This (theoretically) allows new .patch files be added without SoB,
without the GitLab CI catching it.
So add a way to check-package itself ignore current warnings, while
still catching new files that do not follow that new check_function.
Add a file named .checkpackageignore to the buildroot topdir.
It contains the list of check_functions that are expected to fail for
each given intree file tested by check-package.
Each entries is in the format:
<filename> <check_function> [<check_function> ...]
These are 2 examples of possible entries:
package/initscripts/init.d/rcK ConsecutiveEmptyLines EmptyLastLine Shellcheck
utils/test-pkg Shellcheck
Keeping such a list allows us to have fine-grained control over which
warning to ignore.
In order to avoid this list to grow indefinitely, containing entries for
files that are already fixed, make each entry an 'expected to fail'
instead of just an 'ignore', and generate a warning if a check_function
that was expect to fail for a given files does not generate that
warning.
Unfortunately one case that do not generate warning is an entry for a
file that is deleted in a later commit.
By default, all checks are applied. The --ignore-list option allows to
specify a file that contains the list of warnings that should be
ignored.
The paths in the ignore file must be relative to the location of the
ignore file itself, which means:
- in the main Buildroot tree, the paths in the ignore file are
relative to the root of the main Buildroot tree
- in a BR2_EXTERNAL tree, if the ignore file is at the root of the
BR2_EXTERNAL, the paths it contains must be relative to that root
of the BR2_EXTERNAL
This is one more step towards standardizing the use of just 'make
check-package' before submitting patches to the list.
Cc: Sen Hastings <sen@phobosdpl.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This script checks for inconsistencies on symbols declared in Config.in
and used in .mk files.
Currently it checks only symbols following the pattern BR2_\w+ .
The script first gets the list of all files in the repository (using git
ls-files like 'make check-flake8' already do).
Then it parses all relevant files, searching for symbol definitions and
usages, and add entries into a database.
At the end, the database is searched for inconsistencies:
- symbol that is part of "choice" and is referenced with "select";
- legacy symbol being referenced in packages;
- legacy symbol being redefined in packages;
- symbol referenced but not defined;
- symbol defined but not referenced;
- legacy symbol that has a Note stating it is referenced by a package
(for legacy handling) but is referenced in the package without a
comment "# legacy";
- legacy symbol that has a Note stating it is referenced by a package
but it is not actually referenced.
There is also a debug parameter --search that dumps any filename or
symbol entries from the database that matches a regexp.
Sample usages:
$ utils/check-symbols
$ utils/docker-run utils/check-symbols
$ utils/check-symbols --search 'GETTEXT\b|\/openssl'
At same time the script is created:
- add unit tests for it, they can be run using:
utils/docker-run python3 -m pytest -v utils/checksymbolslib/
- add two more GitLab CI jobs: check-symbols (to check current tree
using the script) and check-check-symbols (to check the script against
its unit tests)
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
[Peter: print warnings to stderr, rename change_current_dir() to
change_to_top_dir()]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
BR2_PACKAGE_LIBCURL_OPENSSL is part of a "choice" option so it cannot be
selected. What seems to be really be needed is HTTPS support in curl, so
use the blind LIBCURL_FORCE_TLS option instead (openssl is already
selected).
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 424f53ac07 (package/freescale-imx/imx-gpu-viv: drop X11 output)
dropped BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_X11 which xdriver_xf86-video-imx-viv
depends on, so the package is no longer selectable.
So drop the package and add a legacy symbol for it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since genrandconfig no longer appears to support python2 we can
migrate the subprocess calls to use asyncio variants.
This has the advantage of allowing for runners like autobuild-run to
integrate directly into genrandconfig by calling the asyncio
gen_config using importlib instead of having to run genrandconfig as
a subprocess.
Using asyncio is advantageous here as it eliminates the requirement
for the runner to deal with blocking subprocess calls(by having to
use threading for example).
Also cleanup some unused functions/python2 compatibility shims.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Commit 1100ead7b3 (package/x11r7/xdriver_xf86-input-keyboard: remove
package) added a legacy symbol for BR2_PACKAGE_XDRIVER_XF86_INPUT_KEYBOARD,
but forgot to select BR2_LEGACY. Fix that.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "6a7a652b14 package/sunxi-mali-utgard: rename from
sunxi-mali-mainline" tried to add legacy handling but the new symbols
are part of a choice, and Kconfig does not enforce the select of a
option from a choice.
Update the legacy entry for 2022.02, following the example described in
the beginning of the file.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "a610bf9967 package/openjdk{-bin}: bump version to 17.0.1+12"
tried to add legacy handling but the new symbols are part of a choice,
and Kconfig does not enforce the select of a option from a choice.
Update the legacy entry for 2021.11, following the example described in
the beginning of the file.
Cc: Tudor Holton <buildroot@tudorholton.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "c38b5566fe package/ti-sgx-{km, um, demos}: bump to latest TI
version", added in release 2020.02, removed some options that were
previously renamed in release 2018.05.
Update the legacy entry for 2018.05 and add the corresponding legacy
entries for 2020.02.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "297613f1c7 package/lua: remove 5.2.x version" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.
Update the legacy entry for 2019.02, following the example described in
the beginning of the file.
Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "50332a530b gcc: rename option for ARC gcc" tried to add legacy
handling but the new symbol is part of a choice, and Kconfig does not
enforce the select of a option from a choice.
Update the legacy entry for 2016.11, following the example described in
the beginning of the file.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "b1063a0136 package/openpowerlink: bump to v2.2.2" tried to add
legacy handling but the new symbols are part of a choice, and Kconfig
does not enforce the select of a option from a choice.
Update the legacy entry for 2016.02, following the example described in
the beginning of the file.
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The package host-linux-headers does not exist and there were never
references to this symbol in the tree, do drop it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "bf3626002f system cfg: remove mkpasswd MD5 format option", from
release 2019.02, moved the symbol to legacy handling, but the symbol is
still referenced.
Remove the reference to it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "070b183d0c boot/xloader: remove package", from release 2018.11,
removed the package, but the symbol is still referenced.
Remove the reference to it.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "9a8ec9195c toolchain/toolchain-buildroot: migrate to virtual
package infrastructure" made the packages toolchain and
toolchain-buildroot to use the virtual package infra even they being
generic packages.
This works because on package/pkg-virtual.mk when a package do not
define neither _PROVIDES_ or _HAS_ symbols, only _IS_VIRTUAL is set to
YES and _VERSION and _SOURCE are set to empty before relaying the call
to inner-generic-package.
Add a comment explaining why the virtual package infra is used in these
cases.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
There are two legitimate cases to prefer ifdef over ifeq in package
recipes: command-line overrides are allowed for busybox and uclibc
configs.
Except for that, all package in tree already use ifeq, so warn the
developer adding/changing a package to use ifeq instead of ifdef, in
order to keep consistence across packages.
file.mk:2: use ifeq ($(SYMBOL),y) instead of ifdef SYMBOL
file.mk:5: use ifneq ($(SYMBOL),y) instead of ifndef SYMBOL
The difference between ifeq and ifdef is that ifdef doesn't expand
recursively.
Add comments to busybox and uclibc packages to avoid a warning in such
special cases.
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The same comment already exists for UCLIBC_CONFIG_FILE.
Both variables can be override from command-line, as described in the
manual, at section 'Environment variables'.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit upstream 986b7ffd01aedcd4f2aa16e78e4cad9313b6d7b2
"Add Cmake options for pugiconfig.hpp" added feature toogles to release
v1.12, including PUGIXML_NO_XPATH and PUGIXML_COMPACT.
Commit upstream 5f49f2c6575cc2b7d343f8d41581fe92d69d7b52
"Mark advanced options and removed redundant ones" removed CMake
specific support for PUGIXML_HEADER_ONLY and PUGIXML_HAS_LONG_LONG, but
they can still be provided using PUGIXML_BUILD_DEFINES, starting from
release v1.12.
So use the explicit build options PUGIXML_NO_XPATH and PUGIXML_COMPACT,
but keep using PUGIXML_BUILD_DEFINES to set PUGIXML_HEADER_ONLY and
PUGIXML_HAS_LONG_LONG.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit upstream 1c5a0bb32583fd294022e68e66b541bf6ff71a67
"✨ Update CMake to modern approach" removed all feature
toogles, so starting from release v1.11 any flag passed in BUILD_DEFINES
was completely ignored during the build.
Version 1.11.4 was in use in buildroot since February 2021.
Commit upstream 0f1e75a902ef1751dd63a67fe223b5e8daf4c7f1
"Re-introduced the custom build defines" added PUGIXML_BUILD_DEFINES to
release v1.12, but BUILD_DEFINES is still completely ignored during the
build.
Version 1.12.1 is in use in buildroot since March 2022.
So switch the config options to use PUGIXML_BUILD_DEFINES instead of
BUILD_DEFINES.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The ifdef construct intended to avoid passing -DBUILD_DEFINES="" was
never needed, because even upstream version v1.9 used in 2019 when the
configuration options were added, can handle an empty string for
BUILD_DEFINES.
In fact an empty string is the default for v1.9 if it is not passed
during configure.
Also, the host variant already sets BUILD_DEFINES unconditionally.
So remove the unneeded conditional.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Theo Debrouwere <t.debrouwere@televic.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Using current conditional code, added in 2014:
ifndef ($(BR2_ENABLE_LOCALE),y)
LIVE555_CFLAGS += -DLOCALE_NOT_USED
endif
the define LOCALE_NOT_USED is always passed on CFLAGS, because there is
no symbol with following names defined:
"(y,y)" -> not defined when BR2_ENABLE_LOCALE=y
"(,y)" -> not defined when BR2_ENABLE_LOCALE is not set
So fix the typo, switching ifndef to ifneq.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The conditional code using ifdef was added in 2018 and works as
expected.
But there is no reason to use ifdef instead of ifeq.
For consistence, switch to use ifeq like almost all packages already do.
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Erico Nunes <nunes.erico@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Following the example of test-pkg config described in commit
"12c7a05da1 utils/test-pkg: add gitlab-ci support" to test a defconfig
fragment that contains a disabled option is currently possible, but
it do requires one to change the git config core.commentChart so the
lines starting with "#" are not discarded by git when creating/editing
the commit message.
For instance, without the indentation the 3rd line below would be
excluded from the commit message when the editor is closed:
test-pkg config:
SOME_OPTION=y
# OTHER_OPTION is not set
SOME_VARIABLE="some value"
Requiring to change git configs is not very nice.
So make the developer's life easier by changing the sed expression to
remove indentation with spaces from a defconfig fragment found on a
commit message.
For instance these lines become valid and generate a defconfig fragment
without the indentation of one space to be tested in GitLab CI:
test-pkg config:
SOME_OPTION=y
# OTHER_OPTION is not set
SOME_VARIABLE="some value"
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit e6195c5304 (Makefile: fix use of many br2-external trees) fixed
a slowdown with many br2-external trees. In doing so, it changed the
type of the %_defconfig rule: the stem is no longer present in the
prerequisites, so it changes from a pattern rule to an implicit pattern
rule [0].
It is not unusual to name the build directory after the defconfig that
is being built, so we may end up with a build directory named
meh_defconfig. Before e6195c5304, the pattern rule would not match
[1], but now it does, which causes somewhat-cryptic build failures:
Makefile:1015: *** "Can't find /some/path/meh_defconfig". Stop.
The issue is that we have this set of rules and assignments (elided and
reordered for legibility):
all: world
world: target-post-image
target-post-image: staging-finalize
staging-finalize: $(STAGING_DIR_SYMLINK)
$(STAGING_DIR_SYMLINK): | $(BASE_DIR)
BASE_DIR := $(CANONICAL_O)
CANONICAL_O := $(shell mkdir -p $(O) >/dev/null 2>&1)$(realpath $(O))
So, there is a rule that (eventually) has a dependency on $(O), but we
have no rule that provides it explicitly, so the %_defconfig rule kicks
in, with the stem as "/some/path/meh". When the loop searches all the
".../configs/" directories for a file named ".../configs/%_defconfig",
it actually looks for a file named ".../configs//some/path/meh_defconfig"
and that indeed never matches anything.
The solution is to provide an actual rule for $(BASE_DIR), so that the
implicit rule does not kick in.
[0] Terminology and behaviour in make is hard, so the terms we used here
may be wrong or incorrectly used, and/or the explanations for the
behaviour be wrong or incomplete... Still, the reasoning stands, and
the root cause is the removal of the stem in the RHS of the rule
(adding one back does fix the issue).
[1] not sure how the prerequisite was solved before e6195c5304,
though...
Fixes: e6195c5304
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Nevo Hed <nhed+buildroot@starry.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Sebastian Weyer <sebastian.weyer@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- The netopeer server forks to background by default, no need for '-b'
- The path to the daemon is /usr/sbin, not /usr/bin
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Acked-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Similarly to U-Boot, this patch adds the ability to copy in and build
out-of-source device tree sources during an OPTEE-OS build. To build
the external device tree source file, the OP-TEE OS configuration must
refer to it with the CFG_EMBED_DTB_SOURCE_FILE option and no platform
flavor needs to be specified.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Make the host variant of crudini package. This can be useful in
post-{build,image} scripts.
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr: select python3, don't depend on it]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Make the host variant of python-iniparse as host-crudini dependency.
Note: usually, we would not have needed to add a Config.in.host,
because it is jsut a library, but since there is an Config.in.host
for python-six, we need to select it, so we need an host entry.
Signed-off-by: Konstantin Menyaev <KAMenyaev@sberdevices.ru>
Reviewed-by: Heiko Thiery <heiko.thiery@gmail.com>
[yann.morin.1998@free.fr:
- add the note
- reorder alphabetically
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Removing the "[Buildroot]" and the "Re:" from messages title to have a
cleaner look on the "news" boxes.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This adjusts the code added in commit
c90bd74ebb ("boot/barebox: pass required
environment variables for reproducible build") to explicitly set the
timezone when calculating KBUILD_BUILD_TIMESTAMP, like is already done
in linux/linux.mk.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit c90bd74ebb ("boot/barebox: pass
required environment variables for reproducible build") caused the
build to generate a spurious error message due to the $(shell
... date -d @$(SOURCE_DATE_EPOCH)) command being executed even when
BR2_REPRODUCIBLE was disabled.
This is due to the fact that variable references must be done using $$
within macros. This commit fixes that for the two variables that we
are referencing in the code added in commit
c90bd74ebb.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Warn the developer in the case the same config is declared more than
once in the same Config.in file.
But take into account the conditional code that lets the config be
visible and warn only when it is declared more than once in the same
conditions.
For instance, do not warn for:
if BR2_PACKAGE_BUSYBOX
config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
endif
if !BR2_PACKAGE_BUSYBOX # kconfig doesn't support else
config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
endif
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently using this minimal .config:
BR2_PACKAGE_MEDIAART_BACKEND_GDK_PIXBUF=y
triggers:
*** Legacy options removed in 2018.05 ***
[ ] libmediaart none backend option renamed (NEW)
[*] libmediaart gdk-pixbuf backend option renamed
[*] libmediaart qt backend option renamed
Commit "8553b39887 libmediaart: rename options to have proper prefix",
part of the 2018.05 release had a copy&paste error.
As stated in the beginning of the file:
The oldest symbols will be removed again after about two years.
But while we carry these legacy symbols, let's fix the typo.
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
deamon -> daemon
At same time, in Config.in.legacy fix other typos in the same help text:
spae -> space
monolitic -> monolithic
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
seperate is a common misspelling of separate
Fix all the typos in the tree that are not related to patch files.
CHANGES
seperate -> separate, in the list of changes
Config.in.legacy
seperate -> separate, in option name and help texts
package/leafnode2/leafnode2.mk
seperate -> separate, in a comment
system/Config.in
seperated -> separated, in a help text
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
README.txt states only these changes:
- Static analysis fixes
- Missing init, which causes skipping of conditions in a Dell system
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The yajl repository has both a branch and a tag names 2.1.0. Because of
this, when we use the usual github URL [1], github doesn't return a
tarball but rather an ASCII string:
the given path has multiple possibilities: #<Git::Ref:0x00007f193bebe4d8>, #<Git::Ref:0x00007f193bebd858>
This obviously (and fortunately) leads to a hash check failure.
To make sure we get the tag and not the branch, we should use a URL that
explicitly asks for refs/tags/2.1.0 [2]. We can't change VERSION to
include refs/tags, because that also affects the _SOURCE default, the
contents of the tarball, the CPE ID and the release-monitoring access.
Therefore, add the refs/tags/ prefix to the github helper call.
[1] https://github.com/lloyd/yajl/archive/2.1.0/yajl-2.1.0.tar.gz
[1] https://github.com/lloyd/yajl/archive/refs/tags/2.1.0/yajl-2.1.0.tar.gz
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Fix the following build failure with gcc 4.8 raised since bump to
version 7.8 in commit f9e51e1150:
/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c: In function 'mg_iotest':
/home/buildroot/autobuild/run/instance-2/output-1/build/mongoose-7.8/mongoose.c:4484:3: error: 'for' loop initial declarations are only allowed in C99 mode
for (struct mg_connection *c = mgr->conns; c != NULL; c = c->next) {
^
Fixes:
- http://autobuild.buildroot.org/results/c538c6d8e87e4e24097c9878ee15083802276505
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Feed source is moved to a local atom file available on the web server to
remove further problems with unreliable feed sources.
Moving the feed required a bit of refactor of the load_activity function
so it won't download two times te same url.
This change requires a cron job like this enabled on the website:
* * * * * wget -O new.atom https://lore.kernel.org/buildroot/new.atom
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Barebox makes use of the same variables as the linux kernel does for
handling reproducible build -- KBUILD_BUILD_HOST,
KBUILD_BUILD_TIMESTAMP, KBUILD_BUILD_USER. This patch sets the proper
variables based on linux/linux.mk, and passes them to the make
invocation when building, to ensure a reproducible build is possible
when BR2_REPRODUCIBLE is enabled.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Set MOREFLAGS instead of overriding CFLAGS to avoid the following build
failure raised since commit 94b66fb49c:
/home/autobuild/autobuild/instance-6/output-1/host/lib/gcc/x86_64-buildroot-linux-uclibc/11.3.0/../../../../x86_64-buildroot-linux-uclibc/bin/ld: /tmp/ccabb8cF.o: relocation R_X86_64_32S against `.rodata' can not be used when making a shared object; recompile with -fPIC
Fixes:
- http://autobuild.buildroot.org/results/953133575d8c13266f1450fa545e70e4a518508d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2023-23456: A heap-based buffer overflow issue was discovered in
UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to
cause a denial of service (abort) via a crafted file.
Fix CVE-2023-23457: A Segmentation fault was found in UPX in
PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a
crafted input file allows invalid memory address access that could lead
to a denial of service.
https://github.com/upx/upx/blob/v4.0.2/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A null pointer dereference issue was discovered in functions op_get_data
and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows
attackers to cause denial of service or other unspecified impacts.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Thomas reported that m68k fails to build when enabling BR2_PACKAGE_GDB.
It fails when building gdb for the target with the following error:
elf2flt: ERROR: text=0x3c826 overlaps data=0x256e0 ?
It turns out that the gdb binary has another problematic input section
(.gcc_except_table), which causes elf2flt to try to append to the .text
output section, after it has already moved on with appending sections
to the .data output section.
elf2flt cannot append to a previous output section once it has moved on
to another output section.
Update the existing elf2flt patch to also add an exception for
.gcc_except_table.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When we introduced support for the paranoid check of unsafe libraries
and headers path with commit 4ac8f78d37 (Add option for paranoid
unsafe path checking) back in 2014, we made it optional, as we expected
that would break quite a few packages.
Now, almost 8 years later, we only have three packages that explicitly
reference the option (dillo, gnuradio, and libtalloc), either in a patch
or in their .mk.
The option has been enabled by default since 2016, with 61c8854cef
(toolchain: enable paranoid unsafe path check by default), and that has
not triggered many build failures in a while.
The minimal defconfig used by test-pkg has also had it enabled as of
b6c98b3549 (minimal.config: add BR2_COMPILER_PARANOID_UNSAFE_PATH=y)
in 2017.
It is time to make that globally unconditional now.
There is still a remnant, in our binutils patches. As our toolchain may
get used outside of Buildroot, people may got the expectation that path
poisoning is only a warning, so we keep the current behaviour.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Romain Naour <romain.naour@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Open Fabrics Performance Tests.
This is a collection of tests written over uverbs intended
for use as a performance micro-benchmark. The tests may be
used for HW or SW tuning as well as for functional testing.
https://github.com/linux-rdma/perftest
Tested-by: Shamraiz Ashraf <shamraizashraf092@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr
- move all arch-related dependencies to _ARCH_SUPPORTS
- include musl condition in comment and its dependnecies
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is the userspace components for the Linux Kernel's
drivers/infiniband subsystem.
https://github.com/linux-rdma/rdma-core
Tested-by: Shamraiz Ashraf <shamraizashraf092@gmail.com>
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- select iproute2 as it provides the 'rdma' utility
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If using BR2_LINUX_KERNEL_CUSTOM_DTS_PATH to copy .dts files from
buildroot into the linux tree, these .dts files are copied to
arch/arm64/boot. Unfortunately, the post-image.sh script expects to find
them in arch/arm64/boot/xilinx.
This patch does not require the xilinx/ prefix to be present when
symlinking the device-tree to system.dtb where u-boot expects to find
it.
It is effectively applying the below patch for zynqmp to versal as well:
https://patchwork.ozlabs.org/project/buildroot/patch/20230201195956.1758827-1-gsmecher@threespeedlogic.com/
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If using BR2_LINUX_KERNEL_CUSTOM_DTS_PATH to copy .dts files from
buildroot into the linux tree, these .dts files are copied to
arch/arm64/boot. Unfortunately, the post-image.sh script expects to find
them in arch/arm64/boot/xilinx.
This patch does not require the xilinx/ prefix to be present when
symlinking the device-tree to system.dtb where u-boot expects to find
it.
Signed-off-by: Graeme Smecher <gsmecher@threespeedlogic.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Reviewed-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Linux 6.1.9 installs more modules and this makes rootfs size to increase
and the default 60M size is not enough. So let's expand rootfs size to
120M.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The x11 feature needs libx11 and libxrandr support.
Select and depend on these when x11 is enabled.
Fixes:
gst1-vaapi-1.22.0/meson.build:96:0: ERROR: Dependency "xrandr" not found, tried pkgconfig and cmake
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Switch to github helper due to lack of upstream-provided tarball.
Needed for upcoming bump of freeswitch to version 1.10.9.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a patch fixing an incorrect gstreamer-validate-1.0 dependency
name.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove xingmux config option which has been moved to the
gst1-plugins-good package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The videoconvert and videoscale plugins have been combined into
the new videoconvertscale plugin.
Rework config options using videoconvert/videoscale to use the new
videoconvertscale option.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The -e switch makes the script terminate on error from
start-stop-daemon, rendering unreachable the code that checks the exit
status.
There is no need in the -e switch in the first place either, as the
script takes care of errors handling.
Signed-off-by: Sergey Organov <sorganov@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
/home/thomas/br-test-pkg/bootlin-nios2-glibc/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/10.3.0/../../../../nios2-buildroot-linux-gnu/bin/ld: /tmp/fluent-bit.6F9rEA.ltrans28.ltrans.o: undefined reference to symbol '__atomic_compare_exchange_8@@LIBATOMIC_1.0'
/home/thomas/br-test-pkg/bootlin-nios2-glibc/host/opt/ext-toolchain/bin/../lib/gcc/nios2-buildroot-linux-gnu/10.3.0/../../../../nios2-buildroot-linux-gnu/bin/ld: /home/thomas/br-test-pkg/bootlin-nios2-glibc/host/nios2-buildroot-linux-gnu/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a defconfig to build a 32b ARMv7-A U-Boot based firmware implementing
the subset of UEFI defined by EBBR[1], as well as a Linux OS disk image
booting with UEFI, to run on Qemu.
The generated firmware binary can also be used to install or run another OS
supporting the EBBR specification.
[1]: https://github.com/ARM-software/ebbr
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit adds support for the BeagleBone Green Wireless to the
existing beaglebone_defconfig, by making sure the relevant Device Tree
is built and installed.
Signed-off-by: Ramon Crichlow <rcrichlow9000@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A host dependency to xxd is required if the U-Boot board
configuration has CONFIG_USE_DEFAULT_ENV_FILE enabled. So
introduce a new BR U-Boot config option BR2_TARGET_UBOOT_NEEDS_XXD
to solve this problem. xxd is provided by host-vim.
Signed-off-by: Jerry Kooyman <jerry.kooyman@entrust.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The upcoming tensorflow-lite package requires flatbuffers to be
built with position independent code.
Fixes:
/home/buildroot/buildroot/output/per-package/tensorflow-lite/host/bin/../lib/gcc/aarch64-buildroot-linux-gnu/11.3.0/../../../../aarch64-buildroot-linux-gnu/bin/ld: /home/buildroot/buildroot/output/per-package/tensorflow-lite/host/aarch64-buildroot-linux-gnu/sysroot/usr/lib/libflatbuffers.a(util.cpp.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `_ZN11flatbuffers11CharToUpperEc' which may bind externally can not be used when making a shared object; recompile with -fPIC
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the location where the hashes are retrieved from.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[yann.morin.1998@free.fr: hashes location changed]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
A new kvm-unit-tests version has recently been tagged, so let's
update to that version now.
This new version now features a --disable-werror parameter for
the configure script, so we can drop the patch for disabling
this manually now.
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes build error not yet found by autobuilders
-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
Unknown CPU: riscv32
using this defconfig:
BR2_riscv=y
BR2_RISCV_32=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes build error not yet found by autobuilders
-- System type: Linux
CMake Error at cmake/scripts/linux/ArchSetup.cmake:42 (message):
Unknown CPU: or1k
with this defconfig:
BR2_or1k=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_OPENRISC_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Disable neon support when not available.
Fixes build error not yet found by autobuilders
/tmp/cc8LvPwi.s: Assembler messages:
/tmp/cc8LvPwi.s:28: Error: selected processor does not support `vldmia r1,{ q4-q7 }' in ARM mode
/tmp/cc8LvPwi.s:29: Error: selected processor does not support `vldmia r0,{ q8-q11 }' in ARM mode
/tmp/cc8LvPwi.s:30: Error: selected processor does not support `vmul.f32 q0,q8,d8[0]' in ARM mode
/tmp/cc8LvPwi.s:31: Error: selected processor does not support `vmul.f32 q1,q8,d10[0]' in ARM mode
/tmp/cc8LvPwi.s:32: Error: selected processor does not support `vmul.f32 q2,q8,d12[0]' in ARM mode
/tmp/cc8LvPwi.s:33: Error: selected processor does not support `vmul.f32 q3,q8,d14[0]' in ARM mode
/tmp/cc8LvPwi.s:34: Error: selected processor does not support `vmla.f32 q0,q9,d8[1]' in ARM mode
/tmp/cc8LvPwi.s:35: Error: selected processor does not support `vmla.f32 q1,q9,d10[1]' in ARM mode
/tmp/cc8LvPwi.s:36: Error: selected processor does not support `vmla.f32 q2,q9,d12[1]' in ARM mode
/tmp/cc8LvPwi.s:37: Error: selected processor does not support `vmla.f32 q3,q9,d14[1]' in ARM mode
/tmp/cc8LvPwi.s:38: Error: selected processor does not support `vmla.f32 q0,q10,d9[0]' in ARM mode
/tmp/cc8LvPwi.s:39: Error: selected processor does not support `vmla.f32 q1,q10,d11[0]' in ARM mode
/tmp/cc8LvPwi.s:40: Error: selected processor does not support `vmla.f32 q2,q10,d13[0]' in ARM mode
/tmp/cc8LvPwi.s:41: Error: selected processor does not support `vmla.f32 q3,q10,d15[0]' in ARM mode
/tmp/cc8LvPwi.s:42: Error: selected processor does not support `vmla.f32 q0,q11,d9[1]' in ARM mode
/tmp/cc8LvPwi.s:43: Error: selected processor does not support `vmla.f32 q1,q11,d11[1]' in ARM mode
/tmp/cc8LvPwi.s:44: Error: selected processor does not support `vmla.f32 q2,q11,d13[1]' in ARM mode
/tmp/cc8LvPwi.s:45: Error: selected processor does not support `vmla.f32 q3,q11,d15[1]' in ARM mode
/tmp/cc8LvPwi.s:46: Error: selected processor does not support `vstmia r0,{ q0-q3 }' in ARM mode
with this defconfig:
BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y
BR2_TOOLCHAIN_EXTERNAL_BOOTLIN_ARMV5_EABI_UCLIBC_STABLE=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_KODI=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_SWRAST=y
BR2_PACKAGE_MESA3D_OPENGL_EGL=y
BR2_PACKAGE_MESA3D_OPENGL_ES=y
BR2_PACKAGE_PYTHON3=y
BR2_PACKAGE_PYTHON3_PY_ONLY=y
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
GDAL autoconf has wrong libgeotiff detection. It uses host's
library if installed instead of buildroot one.
Modern versions of gdal have no autoconf build scripts, just cmake only.
So move to cmake build variant.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15281
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
diff LICENCE:
-Copyright (c) 2021 Calvin Rose and contributors
+Copyright (c) 2023 Calvin Rose and contributors
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with libressl raised since bump to
version 3.5.2 in commit 8b216927db:
In file included from /tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c:18:
/tmp/instance-10/output-1/build/mariadb-10.3.36/vio/viosslfactories.c: In function 'get_dh2048':
/tmp/instance-10/output-1/build/mariadb-10.3.36/include/ssl_compat.h:68:45: error: invalid use of incomplete typedef 'DH' {aka 'struct dh_st'}
68 | #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G))
| ^~
Fixes:
- http://autobuild.buildroot.org/results/524198344aafca58d214537af64c5961c407b0f8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fluent Bit is a super fast, lightweight, and highly
scalable logging and metrics processor and forwarder.
Signed-off-by: Thomas Devoogdt <thomas.devoogdt@barco.com>
[Peter: add DEVELOPERS entry, drop STATIC_LIBS dependency]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Libcamera recently started to tag releases, so use the version tag instead
of raw commit hash.
Signed-off-by: Daniel Semkowicz <dse@thaumatec.com>
Reviewed-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu106_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate zcu102_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Migrate kv260_pmufw.elf location from nealfrager github to Xilinx github.
The image is identical, so this patch has zero impact on functionality.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reduce the configs in the kria/uboot.fragment to only what is necessary.
These 4 configs are already included in the xilinx_zynqmp_virt_defconfig, so
it is redundant to include them in the kria/uboot.fragment file. Applying
this patch has zero impact on the u-boot binaries that are built.
This patch has been build and run tested on a kria kv260 starter kit.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Fix CVE-2022-47952: lxc-user-nic in lxc through 5.0.1 is installed
setuid root, and may allow local users to infer whether any file
exists, even within a protected directory tree, because "Failed to
open" often indicates that a file does not exist, whereas "does not
refer to a network namespace path" often indicates that a file exists.
NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556
fix design was based on the premise that "we will report back to the
user that the open() failed but the user has no way of knowing why it
failed"; however, in many realistic cases, there are no plausible
reasons for failing except that the file does not exist.
- Drop patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch provides a way to enable utmp support when using systemd,
with it disabled by default, as some security concerns may apply. Still,
there are cases where having utmp is desirable, even though it is rare,
so let's make this configurable.
See commit 32f53bdfb4.
Signed-off-by: Casey Reeves <casey@xogium.me>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default, the IANA PEN registry used by ipmitool is large (4 MiB+)
and changes at the whim of IANA, meaning reproducible builds may not be
possible by using the default package.
Add a configuration option to specify the source of the registry file.
Remote and local files are supported. If no source is specified, no
registry file will be installed to the target.
Backport upstream patches to allow this to add requisite support:
Make a missing registry file non-fatal
Make downloading/installing the registry optional
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Co-Developed-by: Yann E. MORIN <yann.morin.1998@free.fr>
[yann.morin.1998@free.fr:
- use https for the default URL
- use simple assignment for first _CONF_OPTS
- squeeze empty lines, comment closing endif
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The default behavior of Lua 5.3/5.4 interperter (and the only way with
Lua 5.1) is the automatic coercion. This default behavior could change
in future version (ie. Lua 5.5).
Disabling automatic coercion increases the performance of the interpreter.
Currently, using automatic coercion is not a good/recommended practice,
but there are no way (expect testing) to say if a Lua module relies on it.
We add two options to drive coercion in either way, and we make those
options default to y, as this was the de-facto situation until now; lua
5.1 forces those options: this will help when/if we have packages that
actually requires them, but has otherwise no requirement on the lua
version.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[yann.morin.1998@free.fr:
- don't limit options to lua 5.3||5.4
- force those options for lua 5.1
- extend commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
sftp doesn't build with libressl >= 3.5.0 resulting in the following
build failure since commit 8b216927db:
mac.c: In function 'init_mac':
mac.c:189:3: warning: implicit declaration of function 'HMAC_CTX_init'; did you mean 'HMAC_CTX_new'? [-Wimplicit-function-declaration]
189 | HMAC_CTX_init(hmac_ctx);
| ^~~~~~~~~~~~~
| HMAC_CTX_new
mac.c: In function 'set_mac_key':
mac.c:435:14: error: storage size of 'ctx' isn't known
435 | EVP_MD_CTX ctx;
| ^~~
So force use of openssl for sftpd, as no feedback was received on
https://github.com/proftpd/proftpd/pull/1481
Fixes:
- http://autobuild.buildroot.org/results/a16ccd7cc78eb63de06a6d738fccc6b947da13e7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Set XXH_NO_INLINE_HINTS to marks all internal functions as static,
giving the compiler full control on whether to inline or not. This will
fix the following build failure raised since bump to version 0.8.1 in
commit 5dbdb2535c:
In file included from xxhash.c:43:
In function 'XXH3_accumulate',
inlined from 'XXH3_hashLong_internal_loop' at xxhash.h:4390:9,
inlined from 'XXH3_hashLong_64b_internal' at xxhash.h:4453:5,
inlined from 'XXH3_hashLong_64b_withSecret' at xxhash.h:4473:12,
inlined from 'XXH3_64bits_internal' at xxhash.h:4554:12,
inlined from 'XXH3_64bits_withSecret' at xxhash.h:4570:12:
xxhash.h:4196:1: error: inlining failed in call to 'always_inline' 'XXH3_accumulate_512_scalar': function not considered for inlining
4196 | XXH3_accumulate_512_scalar(void* XXH_RESTRICT acc,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/f2c52238df97cc4c13117d8dc1423235231a094c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Backport the upstream fix for the IANA Private Enterprise Numbers
registry URL so the correct file gets downloaded and installed.
Signed-off-by: Vincent Fazio <vfazio@gmail.com>
Signed-off-by: Vincent Fazio <vfazio@xes-inc.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
By default, mkfs.erofs will sue the current date to set some metadata
in the filesystem it generates, and will also use generate a random UUID
for that filesystem. This is not reproducible.
When BR2_REPRODUCIBLE is selected, set the filesystem timestamps to
$SOURCE_DATE_EPOCH, and the filesystem UUID to the nil uuid (as good
as any other arbitrary one).
Signed-off-by: Casey Reeves <casey@xogium.me>
[yann.morin.1998@free.fr:
- one multi-line assignment, not two
- slightly rephrase the commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
go mod vendor caches downloaded modules to the Go module cache, which
defaults to $GOPATH/pkg/mod - But can be overridden with the GOMODCACHE
environment variable:
https://go.dev/ref/mod#module-cache
So explicitly set GOMODCACHE= for reproducibility.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The go mod vendor call in support/download/go-post-process accesses the go
cache, so pass GOCACHE= in the environment to ensure our cache directory is
used.
The go cache defaults to ~/.cache/go-build if not set, so this fixes builds
where that location (or GOCACHE if set in the environment) is not writable:
rm -rf ~/.cache/go-build
chmod -w ~/.cache
make docker-compose-source
..
failed to initialize build cache at /home/peko/.cache/go-build: mkdir /home/peko/.cache/go-build: permission denied
make[1]: *** [package/pkg-generic.mk:189: /home/peko/source/buildroot/output/build/docker-compose-2.14.0/.stamp_downloaded] Error 1
We use two different cache directories for target and host builds, but the
download/vendoring should be independent of the architecture, so use the
target variant even for host-only packages for simplicity.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Apply the patch to fix the following build failure raised since the
addition of the package in commit
72fa60dc10:
uclibc/sysroot/usr/lib/libc.a(getopt.os): in function `__GI_getopt':
getopt.c:(.text+0x598): multiple definition of `getopt'; src/getopt.o:getopt.c:(.text+0x0): first defined here
The patch has been submitted and accepted upstream to address this issue.
Fixes:
- http://autobuild.buildroot.net/results/844c7dd79f69ef2ea8f293bb73a2d4b7533aa97c
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
[yann.morin.1998@free.fr: do an actual bacport]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Enable des in openssl to fix the following build failure raised
since the addition of the package in commit
72fa60dc10:
src/sscep.c: In function 'get_cipher_alg':
src/sscep.c:119:32: warning: implicit declaration of function 'EVP_des_ede3_cbc'; did you mean 'NID_des_ede3_cbc'? [-Wimplicit-function-declaration]
119 | return EVP_des_ede3_cbc();
| ^~~~~~~~~~~~~~~~
| NID_des_ede3_cbc
Fixes:
- http://autobuild.buildroot.net/results/34bd76e8e5e7df0db31918d610a0dadf531f369d
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since e8df0f7 (package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p4.4)
the archive contains platform specific drivers that need to be copied
and included.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since e8df0f7 (package/freescale-imx/imx-gpu-viv: bump to version 6.4.3.p4.4)
the X11 folder is no longer included in the archive.
Signed-off-by: Daniel Lang <d.lang@abatec.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use install-bin for installation instead of install as we don't
want bash-completion files to be installed.
Set empty host installation prefix so that we install to:
$(HOST_DIR)/sbin/bpftool
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The lpeg.html file declares the licensing terms at its bottom, so it
should work as a license file.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
[yann.morin.1998@free.fr: use LPEG_SUBDIR]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Packages making use of OVERRIDE_SRC_DIR or of the local SITE_METHOD,
will trigger a warning when the legal-info target is built, for example:
WARNING: foo: sources not saved (local packages not handled)
But in the situation where the packages has explicitly defined
FOO_REDISTRIBUTE = NO
in its .mk file, it makes no sense since the sources wouldn't be saved
anyway.
This patch swap the conditions on the type of package and on the
REDISTRIBUTE value, so that the warnings get issued only if
REDISTRIBUTE equals YES.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Historically we have been (more-or-less consistently, sometimes forgetting
some files) updating the end year of the copyright statements at the
beginning of a new year.
We're naturally not alone in that. Recently this was discussed in curl, and
it turns out that copyright years are not really required:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
So drop the years and simplify the copyright statements. While we're at it,
also ensure the same syntax (capital C, email address) is used everywhere.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following libcurl build failure raised since bump to version
1.1.1 in commit 01518e5660:
In file included from /home/autobuild/autobuild/instance-11/output-1/host/sparc64-buildroot-linux-gnu/sysroot/usr/include/curl/curl.h:3195,
from turnrest.c:21:
turnrest.c: In function 'janus_turnrest_request':
turnrest.c:168:2: error: void value not ignored as it ought to be
168 | curl_easy_setopt(curl, api_http_get ? CURLOPT_HTTPGET : CURLOPT_POST, 1);
| ^
Fixes:
- http://autobuild.buildroot.org/results/11bb0079f5a7d06d3494a61b411f0af2e8c4d342
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit 8450b76918 (package/pkg-cargo: move CARGO_HOME into DL_DIR)
allowed for a shared cargo cache of crates. Internally, cargo is
supposed to lock themselves when accessing that cache, and that commit
even had some research in that area, pointing at [0] for complaints
about too-coarse the lock, so it was deemed safe to have a shared cargo
home.
However, in practice, the locking as implemented by cargo, fails to
properly protect the concurrent accesses to the crates cache, with random
failures that manifest themselves like so:
Blocking waiting for file lock on package cache
Blocking waiting for file lock on package cache
Downloading crates ...
error: failed to sync
Caused by:
failed to download packages
Caused by:
failed to download `autocfg v1.1.0`
Caused by:
unable to get packages from source
Caused by:
failed to unpack package `autocfg v1.1.0`
Caused by:
failed to unpack entry at `autocfg-1.1.0/src/tests.rs`
Caused by:
No such file or directory (os error 2) while canonicalizing [...]
with the last few errors sometime being:
Caused by:
failed to parse manifest at `[...]/aho-corasick-0.7.18/Cargo.toml`
Caused by:
can't find library `aho_corasick`, rename file to `src/lib.rs` or specify lib.path
So, as we do not systematically use our own cargo build (we can use a
pre-built one with host-rust-bin), we can't patch cargo (even if we knew
what to do!).
Instead, we implement a lock ourselves, by wrapping the call to "cargo
vendor" with a flock(1) on cargo home.
Note: the download wrapper is already flock-ed, but it is a per-package
lock, so it does not prevent different packages from being downloaded in
parallel; if those packages need cargo vendoring, that will not be
protected by the flock on the dl wrapper. So we really do need a flock
on cargo home.
[0] https://github.com/rust-lang/cargo/issues/6930
Fixes: 8450b76918
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Moritz Bitsch <moritz@h6t.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2022-46176: Cargo did not perform SSH host key verification when
cloning indexes and dependencies via SSH
https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html
Link to Rust 1.66.1 announcement: https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.66.1:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.66.1,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes
(https://github.com/redis/redis/blob/7.0.7/00-RELEASENOTES)
================================================================================
Redis 7.0.7 Released Fri Dec 16 12:00:00 IST 2022
================================================================================
Upgrade urgency: MODERATE, Contains fix for a regression in Geo commands.
================================================================================
Redis 7.0.6 Released Mon Dec 12 12:00:00 IST 2022
================================================================================
Upgrade urgency: MODERATE, Contains fixes for a few non-critical or unlikely bugs,
and some dramatic optimizations to Geo, EVAL, and Sorted sets commands.
Signed-off-by: Titouan Christophe <titouanchristophe@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Follow changes to other OrangePi boards, most importantly
orangepi-zero-plus2, which this board support is based on. This includes
switching to extlinux as boot mechanism and dropping custom U-Boot boot
script.
Rootfs image no longer fits into default 60M (mostly due to Linux
modules), so increase it to 120M.
While at it, bump Linux to 6.1.4 and U-Boot to 2023.01.
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Updated license hash due to typo/whitespace-only fixes in license file.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The Linux DTS name has changed for the zynqmp_kria_kv260 with Xilinx 2022.2.
smk-k26-revA-sck-kv-g-revB has become zynqmp-smk-k26-revA-sck-kv-g-revB.
This DTS corresponds to generating the zynqmp-smk-k26-revA.dtb for the k26 som
and applying the zynqmp-sck-kv-g-revB.dtbo for the kv260 carrier board.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/3477506541
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It's been a while since I've even used buildroot at all and I don't
really have any spare cycles to spend on maintaining its packages.
Let's face reality and drop me from the DEVELOPERS file.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Thank Smile for sponsoring the Buildroot Developers Meeting of
February 2023 by providing the meeting room
- Thank Armadeus and Logilin for their financial sponsoring in 2022
- Move older sponsors to the "Past sponsors" section
- Remove section about the Buildroot.org domain sponsor, as that
sponsoring ended in 2019.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit de4cf25375 (package/{rust, rust-bin}: bump to version 1.66.0)
forgot, despite the big comment above the version strings, to confirm
that the vendoring was still working.
Previously, we were adding the vendoring equivalence manually, but in
commit 04154a6517 (support/download/cargo-post-process: cargo output
for vendor config), we switched to using the output of "cargo vendor"
(on stdout) to support cases were the vendoring equivalence would be
more complex (e.g. when using crates not hosted on crates.io).
With rust until and including 1.65.0, "cargo vendor" would output (for
crates.io crates) the same output as our manual fixups, except it was
preceded by an empty line. So, to avoid recompting all our hashes, we
added a tweak to strip away the leading empty line in 04154a6517.
But rust 1.66.0 includes [0] which changes the output (on stdout) of
"cargo vendor", where the first empty line is no longer emitted.
This means that our tweak for rust 1.65.0 now strips out an important
part of the cargo vendor output, which renders the archives invalid, and
thus generates different archives, which fail to validate against our
hashes.
Fix this by doing what the comment in the post-process helper states,
and just keep the whole output of "cargo vendor", by just removing the
"tail --lines=+2". Since that comment is no longer meaningful, we drop
it too.
Now, all our 6 cargo-based packages, as well as our 5 python packages
that have rust code, can be vendored again, without changing our hashes,
but most importantly, with valid archives.
Still, we keep the comment above the versions strings, in the hope that
a future bumper will notice and be more careful at validating the
vendoring.
[0] https://github.com/rust-lang/cargo/pull/11273
Fixes:
http://autobuild.buildroot.org/results/bea/beac7674bbc9fd2f8777b5861f65afee9c485753/ (bat)
http://autobuild.buildroot.org/results/d1e/d1ec1ebbde115628a4b8b9099544347242a97c1c/ (dust)
http://autobuild.buildroot.org/results/f96/f968be895be9ca98b314fdd688ef8d3bdf4e5dfb/ (hyerfine)
http://autobuild.buildroot.org/results/a0c/a0cdb6cc9493f5248d98f98b13da854e12adc2be/ (ripgrep)
... and so many others...
Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: James Hilliard <james.hilliard1@gmail.com>
Cc: Simon Richter <simon.richter@ptwdosimetry.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Tested-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Now that we made those three package never use ccache to build, we don't
need to add the dependency to host-ccache for those packages.
So far, this is harmless, but when we eventually bump ccache, those
packages will be actual dependency of host-ccache, so we will then
really want to not have them depend on host-ccache.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: split off into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to disable ccache when building host-pkgconf as the upcoming
ccache update depends on host-pkgconf indirectly due to host-cmake
depending on host-pkgconf which will be required due to host-ccache
migrating from autotools to cmake package infrastructure.
Note: host-pkgconf does not need _AUTORECONF = YES, so it doesnot depend
on any of host-gettext, host-automake, host-autoconf, or host-libtool.
If it ever nees to in the future, then those should also be made to
build without ccache.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: add note]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We need to disable ccache when building host-zstd as the upcoming
ccache update depends on host-zstd.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: introduce HOST_ZSTD_ENV]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The host-hiredis package is needed for the upcoming ccache update.
So, being a dependency of ccache, we can't use ccache, so we must unset
the options set by the cmake infra (this will be true only when we
eventually bump ccache, but hiredis builds very fast even without ccache
so we don't care about ccache even now).
Reorder CONF_OPTS assignments so that comments apply equally to the host
and target variants.
Cc: Dominik Michael Rauh <dmrauh@posteo.de>
Cc: Anders F Björklund <anders.f.bjorklund@gmail.com>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- add Dominik and Anders in Cc to ack they provided inspiration
- use -Ufoo instead of -Dfoo="" (as per Dominik & Anders)
- reorder CONF_OPTS assignments
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun is a drop-in replacement for runc. If crun is enabled, but runc is
not, we already install an impersonation symlink, so we do not need to
force runc if crun is enabled. Still, runc is the default if crun is not
enabled.
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Reviewed-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr: split into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun is a drop-in replacement for runc, so we can use the former to
impersonate the latter when it is not enabled.
To do so, we create a runc symlink pointing to crun, when runc is not
enabled.
See: https://github.com/containerd/containerd/discussions/6162
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
Reviewed-by: Christian Stewart <christian@paral.in>
[yann.morin.1998@free.fr: split into its own patch]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
crun unconditionally uses fexecve since its addition in commit
530d6f661e and
https://github.com/containers/crun/commit/ce4dfbb97a8a05bef125030eaa6c46c07a5f9344:
resulting in the following uclibc build failure:
/tmp/instance-11/output-1/host/opt/ext-toolchain/bin/../lib/gcc/arceb-snps-linux-uclibc/9.2.1/../../../../arceb-snps-linux-uclibc/bin/ld: src/libcrun/crun-cloned_binary.o: in function `ensure_cloned_binary':
cloned_binary.c:(.text+0x1006): undefined reference to `fexecve'
In 6e3f7fbc07 (package/runc: add upstream security fix for
CVE-2019-5736), we made runc unavailable for uclibc toolchains, and crun
uses fexecve for that same reason, to fix CVE-2019-5736.
So, also make crun unavailable for uclibc toolchains.
Fixes:
- http://autobuild.buildroot.org/results/e1f4ef2b392c0e7161390ba0f97d6eef3bd12e9c
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The top level Makefile in buildroot has a recursive rule which causes
the appearance of a hang as the number of directories in BR2_EXTERNAL
increases. When the number of directories in BR2_EXTERNAL is small, the
recursion occurs, but make detects the recursion and determines the
target does not have to be remade. This allows make to progress.
This is the failing rule:
define percent_defconfig
# Override the BR2_DEFCONFIG from COMMON_CONFIG_ENV with the new defconfig
%_defconfig: $(BUILD_DIR)/buildroot-config/conf $(1)/configs/%_defconfig outputmakefile
@$$(COMMON_CONFIG_ENV) BR2_DEFCONFIG=$(1)/configs/$$@ \
$$< --defconfig=$(1)/configs/$$@ $$(CONFIG_CONFIG_IN)
endef
$(eval $(foreach d,$(call reverse,$(TOPDIR) $(BR2_EXTERNAL_DIRS)),$(call percent_defconfig,$(d))$(sep)))
The rule for %defconfig is created for each directory in BR2_EXTERNAL.
When the rule is matched, the stem is 'defconfig_name'. The second
prerequisite is expanded to $(1)/configs/defconfig_name_defconfig. The
rule, and all of the other rules defined by this macro, are invoked
again, but the stem is now $(1)/configs/defconfig_name_defconfig. The
second prerequisite is now expanded to
$(1)/configs/($1)/configs/defconfig_name_defconfig. This expansion
continues until make detects the infinite recursion.
With up to 5 br2-external trees, the time is very small, so that it is
not noticeable. But starting with 6 br2-external trees, the time is
insanely big (so much so that we did not even let it finish after it ran
for hours); see timings toward the end of the commit log.
We fix that by adding a single %_defconfig rule, which is now rsponsible
to find the actual defconfig file that triggered the rule, by iterating
on the reverse list of br2-external trees and then in main tree.
Of course, now, there is no way for make to warn that there is no such
defconfig, as it is no longer part of the prerequisites of the rule. So,
we delegate to the recipe the responsibility to check for that.
Timing (seconds) of `make pc_x86_64_bios_defconfig` with 1..1000
external trees, with make 4.2.1 (* with make 4.3), on a Core i7-7700HQ:
#trees Before After
1 0.312 0.319
2 0.319 0.323
3 0.325 0.327
4 0.353 0.339
5 0.993 0.349
6 1.26* 0.347
7 9.10* 0.362
8 85.93* 0.360
9 n/a 0.373
10 n/a 0.374
50 n/a 0.738
100 n/a 1.228
500 n/a 7.483
1000 n/a 16.076
How to reproduce:
#!/usr/bin/env bash
N="${1:-1000}"
for i in $(seq 1 1000); do
[ -d "br2-external/${i}/configs" ] && break
mkdir -p br2-external/${i}/configs
touch br2-external/${i}/{Config.in,external.mk}
echo "name: BR_TEST_${i}" >br2-external/${i}/external.desc
touch br2-external/${i}/configs/foo{,_${i}}_defconfig
done
time make \
BR2_EXTERNAL="$(
for i in $(seq 1 ${N}); do
printf '%s\n' "$(pwd)/br2-external/${i}"
done
)" \
foo_1_defconfig
Notes: the timings are very dependent on how much the CPU is otherwise
loaded, but having a multi-core CPU slightly loaded helps maintain a
high frequency on the siblings, and that can reduce the above timings
in half! Best to try on an otherwise-idle system.
Fixes: #14996
Reported-by: David Lawson <david.lawson1@tx.rr.com>
Signed-off-by: Nevo Hed <nhed+buildroot@starry.com>
[yann.morin.1998@free.fr:
- split long foreach
- drastically extend the commit log
- provide reproducer script and redo timings
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When we initially introduced the target qemu in 98e1a6b961
(package/qemu: build for the target (i386 or x86_64 only)), we
unconditionally enabled all the system and user emulation without
distinction, so pixman was made a mandatory dependency.
However, soon afterwards, in 68ec49acc7 (package/qemu: add basic
target selection), we added an option to enable/disable the system
emulation, but the dependency on pixman was not moved to that new
option.
Fix that now, and only depend on pixman when system emulation is
enabled.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable webp and zstd on host package to avoid the following build
failure with host-gdk-pixbuf raised since bump to version 4.5.0 in
commit 5b62ea0136:
Run-time dependency libtiff-4 found: NO (tried cmake)
../output-1/build/host-gdk-pixbuf-2.42.10/meson.build:330:2: ERROR: Dependency lookup for libtiff-4 with method 'pkgconfig' failed: Could not generate cargs for libtiff-4:
Package libwebp was not found in the pkg-config search path.
Perhaps you should add the directory containing `libwebp.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libwebp', required by 'libtiff-4', not found
[...]
Run-time dependency libtiff-4 found: NO (tried cmake)
../output-1/build/host-gdk-pixbuf-2.42.10/meson.build:330:2: ERROR: Dependency lookup for libtiff-4 with method 'pkgconfig' failed: Could not generate cargs for libtiff-4:
Package libzstd was not found in the pkg-config search path.
Perhaps you should add the directory containing `libzstd.pc'
to the PKG_CONFIG_PATH environment variable
Package 'libzstd', required by 'libtiff-4', not found
While at it, also disable libdeflate even if no build failures are
raised by autobuilders
Fixes:
- http://autobuild.buildroot.org/results/320083dfec4d126043b036cbaec7c7b85069a50a
- http://autobuild.buildroot.org/results/8ff1cfa254920749a43e235c4084b8524d0edf6f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "abc110e362 package/gobject-introspection: bump to version
1.68.0" renamed the define that makes sure g-ir-tool-template uses the
host python, but forgot to update its call on pre-configure hooks.
Update it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes a regression in XTestSwapFakeInput() introduced in the fix for
CVE-2022-46340 in 21.1.5.
Removed patches included in upstream release.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mention regression fix]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "b06110621d checkpolicy: allow compiling for target" contains a
typo that prevents installing to staging. It also forgot to enable
CHECKPOLICY_INSTALL_STAGING.
But the package does not install headers or libraries, only ELF and
manual files.
So instead of fixing the install to staging, drop the bogus
CHECKPOLICY_STAGING_CMDS.
Cc: Clayton Shotwell <clayton.shotwell@collins.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "0340b45da0 wpa_supplicant: bump to version 1.0" from 2012
converted the package to use the generic infra, but added a bogus
WPA_SUPPLICANT_LDFLAGS end left a dangling WPA_SUPPLICANT_MAKE_ENV.
Drop the symbols that are not used since 2012.
Cc: Matt Weber <matthew.weber@collins.com>
Cc: Sergey Matyukevich <geomatsi@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
"6c63e4de4a boot/swupdate: don't specify .config to munge" dropped all
usages of this define but the define itself was left dangling.
Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "ead2afda13 package/rhash: bump version to 1.4.0" dropped the
only usage of this define but the define itself was left dangling.
Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "cb328f77f8 policycoreutils: new package" added a define that is
never called: POLICYCOREUTILS_INSTALL_TARGET_LINUX_PAM_CONFS.
The build system from the package already install these files to target.
So just drop the bogus define.
Cc: Clayton Shotwell <clayton.shotwell@collins.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "4f3f291a3b lrzsz: convert to autotools infrastructure" converted
the package to use autotools infra but added a define that is never
called.
Drop the bogus define.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "f0d37e275a package/libtalloc: new package" added these symbols
but they are not used in the package and also not recognized by the waf
package infra.
So drop the ignored symbols.
Cc: David GOUARIN <dgouarin@gmail.com>
Cc: Matt Weber <matthew.weber@collins.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "7687a396e8 package/gobject-introspection: new package" added the
package using the meson infra for both target and host variants.
Meson infra does not support <pkg>_AUTORECONF.
So drop the bogus symbol.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 2015, commit "3fe434bf35 glib-networking: specify GIO_MODULE_DIR for
target" correctly used <pkg>_INSTALL_TARGET_OPTS with an autotools
package.
But later on, in 2018, commit "928a72c49f package/glib-networking: bump
version to 2.56.1" changed the package to use the meson infra, that does
not support <pkg>_INSTALL_TARGET_OPTS.
So this symbol is bogus since 2018. Drop it now.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "a15e35c4eb falcosecurity-libs: add new package" uses the infras
kernel-module and generic-package. Neither of them support
<pkg>_SUPPORTS_IN_SOURCE_BUILD, only the CMake infra does.
So drop the bogus symbol.
Cc: Francis Laniel <flaniel@linux.microsoft.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "98538bb0a2 exfat: bump to version 1.2.1" changed the package
infra from generic to autotools, but dropped all usages of EXFAT_CFLAGS.
This config is ignored by autotools package infra.
So drop the dangling symbol.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2022-46908: SQLite through 3.40.0, when relying on --safe for execution
of an untrusted CLI script, does not properly implement the
azProhibitedFunctions protection mechanism, and instead allows UDF functions
such as WRITEFILE.
Release notes: https://sqlite.org/releaselog/3_40_1.html
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "0189bcb47c boot/ti-k3-r5-loader: new package" added an unused
define.
The define value is calculated from an inexistent option
BR2_TARGET_TI_K3_R5_LOADER_BOARD, so drop the line.
Cc: Anand Gadiyar <gadiyar@ti.com>
Cc: Xuanhao Shi <X15000177@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit c5b5b5ccab.
Commit "c5b5b5ccab package/zip: install to staging" contains a typo that
prevents installing to staging.
ZIP_INSTALLING_STAGING_CMDS -> ZIP_INSTALL_STAGING_CMDS
But the package does not install headers or libraries, only ELF and
manual files.
So instead of fixing the install to staging, revert the bogus commit.
Cc: Jan Pedersen <jp@jp-embedded.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit ffc4afe084.
Commit from 2012 "ffc4afe084 pptp-linux: fix build with high BR2_JLEVEL
settings" added <pkg>_MAKE to a generic package, but the generic infra
does not take this symbol into account.
The build issue was fixed in 2013 with commit "a5b8081b89 pptp-linux:
fix parallel build" by adding a patch file.
So drop the bogus PPTP_LINUX_MAKE.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "170777f342 package/qt5/qt5virtualkeyboard: convert to qmake
infrastructure" changed most but not all <pkg>_QMAKEFLAGS to
<pkg>_CONF_OPTS.
As a consequence, BR2_PACKAGE_QT5VIRTUALKEYBOARD_LANGUAGE_LAYOUTS is
ignored and all layouts are compiled in.
Some layouts have different licenses (e.g. pinying), so the license
information for a build that is configured to not include such layouts
is wrong.
Change the remaining _QMAKEFLAGS entry, fixing the config for which
language layouts are compiled and installed.
Cc: Giulio Benetti <giulio.benetti@benettiengineering.com>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit "8229196d41 package/ima-evm-utils: new package" added
IMA_EVM_UTILS_INSTALL_STAGING_CMDS without enabling
IMA_EVM_UTILS_INSTALL_STAGING, so currently the package is not installed
to staging.
Enable installing to staging.
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
"0ce9b533e3 libmng: new package" introduced a typo that makes the
optional dependency to lcms2 ineffective.
Fix the typo LIBMNG_DEPDENDENCIES -> LIBMNG_DEPENDENCIES.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to a new major release which brings in improvements and a few
new features. Release notes:
https://wpewebkit.org/release/wpewebkit-2.38.0.html
This release also includes security fixes for CVE-2022-32886,
CVE-2022-32891, and CVE-2022-32912. Accompanying security advisory:
https://wpewebkit.org/security/WSA-2022-0009.html
Both building documentation and support for gobject-introspection have
been added in this release. Version 2.38.0 also introduces a new WebRTC
implementation based on GstWebRTC. Options for them are explicitly left
disabled to keep the configuration as it was, and may be enabled in
follow-up patches. Lastly, the SILENCE_CROSS_COMPILATION_NOTICES option
removed because it no longer exists.
The patch that fixes the build on 32-bit ARM targets is also updated
for the 2.38 release series.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This version is the first stable release with support for gamepad
input events and configuring target frame rates. These will be used
by a follow-up update of the wpewebkit package. Release notes:
https://wpewebkit.org/release/libwpe-1.14.0.html
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Switch to https download for firewall compatibility and security.
The https URL is also the one advertised on the package download page:
https://gnupg.org/download/index.html
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
ncurses does not release dot-versions, but the fixes are released as a
set of cumulative patches against the latest version.
So far, we carry the list of the patches against 6.3, and this is a
tedious task to maintain that list (especially as we have a hash for
each of them).
Thomas E. Dickey (the ncurses maintainer, so we can trust him) hosts the
ncurses snapshots on Github, with patches already applied.
So, we switch to using that. This avoids needing to list all incremental
patches, and will make future bumping easier.
Signed-off-by: Dennis Van Hoorick <dennis.vanhoorick@barco.com>
[yann.morin.1998@free.fr:
- don't use 'v' in filename
- rework the version string for when there's no snapshot
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Reviewed-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- select host-cython in Config.in
- introduce obj_path in test sample
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 44be514b21 (package/qemu: refactor target emulator selection)
mistakenly forced to always build at least user or system emulation but
it should be possible to choose only the tools (e.g. for a guest VM
image).
Still, we don't want to configure qemu with neither system nor user
emulation, nor the tools enabled; at least one lust be enabled.
So, change the selection to force the tools to be enabled if neither the
system nor the user emulations are enabled.
Reinstate the the machine selection guard behind a dependency on whether
at lesat system or user emulation is enabled.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- ensure at least one of system, user, or tools
- guard the machine selection
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
z3 package was initially added with a depends on !BR2_nios2. This was
detected by testing with "./utils/test-pkg -a -p z3". It turned out that
few other architectures are also not supported. The actual z3
requirement is to have a libc that provides <fenv.h> AND also provides
all the four macros: FE_DOWNWARD, FE_TONEAREST, FE_TOWARDZERO,
FE_UPWARD.
Quoting glibc manual, or "man fenv":
https://www.gnu.org/software/libc/manual/html_node/Rounding.html
"fenv.h defines constants which you can use to refer to the various
rounding modes. Each one will be defined if and only if the FPU
supports the corresponding rounding mode."
This patch introduces _ARCH_SUPPORTS to limit only to the architectures
with a FPU that has those rounding modes.
Fixes:
- http://autobuild.buildroot.net/results/2809dd1ae2f3ada8ee7b3f3e388341c7cfb633fb
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates only the ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates only the ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel, U-Boot and ATF download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: this commit updates the Kernel and U-Boot download urls.
The method is also changed from _CUSTOM_GIT to _CUSTOM_TARBALL.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Reviewed-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
mfgtools was removed from the github codeauroraforum organization.
It is now redirecting to NXPmicro. This patch updates the link to
directly point to the correct place.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
imx-m4fwloader was removed from the github codeauroraforum
organization. It is now redirecting to NXPmicro. This patch
updates the link to directly point to the correct place.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
The commit also:
- removes the comment in Config.in that the package does not have
an upstream,
- adds the new github.com url as the package url
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
imx-kobs was removed from the github codeauroraforum organization.
It is now redirecting to NXPmicro. This patch updates the link to
directly point to the correct place.
The commit also replaces the Config.in comment saying the package does
not have an upstream by the github.com project page.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Note 3: this commit also adds the github as project homepage in
Config.in.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same. The version fsl-sdk-v2.0 is an old tag from 2016. It was not
migrated to github. This commit use instead the commit id
corresponding to this tag.
See:
https://source.codeaurora.org/external/qoriq/qoriq-yocto-sdk/fmlib/commit/?h=fsl-sdk-v2.0&id=43fa98fdbf0c697167e415c3f060896d5b482791
The commit id exists on github:
https://github.com/nxp-qoriq/fmlib/commit/43fa98fdbf0c697167e415c3f060896d5b482791
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
This commit also:
- changes the _SITE_METHOD from "git" to the default "wget",
- updates an old and broken freescale.com app note link,
- adds the github project page as project url.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same. The version "fsl-sdk-v2.0" is an old tag from 2015. It was not
migrated to github. This commit use instead the commit id
corresponding to this tag.
See:
https://source.codeaurora.org/external/qoriq/qoriq-yocto-sdk/fmc/commit/?h=fsl-sdk-v2.0&id=a079d2c844edd85dff85a317a63198e7988bcd09
The commit id exists on github:
https://github.com/nxp-qoriq/fmc/commit/a079d2c844edd85dff85a317a63198e7988bcd09
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
NXP moved all its open source code repositories from Code Aurora Forum
to github. See for example:
https://github.com/nxp-imx/meta-imx/commit/39bc4d81969a40e0da660519cf4ed083b9c53097
Software packages are now grouped in several NXP github
projects/organizations (nxp-imx, nxp-qoriq, ...). See:
https://www.nxp.com/design/software/embedded-software/nxp-github:NXP-GITHUB
The NXP code published on Code Aurora is still present (at the time of
this commit) but is no longer receiving updates. It is also expected
to be shut down on 2023-03-31. The Code Aurora website
https://source.codeaurora.org/ currently show the following message:
"""
Note: Qualcomm Innovation Center Inc. maintained repositories have
migrated to git.codelinaro.org. QUIC repositories on this site will
not receive any updates after March 31, 2022, and will be deleted on
March 31, 2023. If your project depends on these repositories, please
adjust your tooling configuration to use the new, up-to-date project
location.
"""
For this reason, the NXP recipes using codeaurora.org urls need to be
updated to the correct github.com replacement.
Note: this commit does not change the component version. Only the
download URL is updated. The archive content is expected to be the
same.
Note 2: the _SITE_METHOD is also changed from "git" to the default
"wget", for faster downloads. This is why the package hash has
changed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the link is not broken in the sense of a 404 http error, the
pointed resource is not found.
This commit updates the old freescale link to the correct nxp.com
location.
Note: the link now requires a free registration to be accessed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the links are not broken in the sense of a 404 http error, the
pointed resources are not found.
This commit updates the old freescale links to the correct nxp.com
locations.
Note: the link to the SABRE for Automotive Infotainment Quick Start
Guide now requires a free registration to be accessed.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
http://freescale.com/ urls are all redirected to the NXP homepage
https://www.nxp.com/
Even if the link is not broken in the sense of a 404 http error, the
pointed resource is not found.
This commit updates the old Freescale link to the correct nxp.com
location.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current mechanism to select emulation targets works this way:
- BR2_PACKAGE_QEMU_SYSTEM selects the "system" (softmmu) targets. It
selects FDT and creates a dependency on the "dtc" package but this is
not always necessary. Only 14 system targets, out of 31, actually
require FDT.
- BR2_PACKAGE_QEMU_LINUX_USER selects the "linux-user" targets. It does
not select FDT, which is not required by linux-user emulators.
- Alternatively, we fill BR2_PACKAGE_QEMU_CUSTOM_TARGETS with a list of
emulators (e.g. "x86_64-softmmu x86_64-linux-user"). Then we pass
"--enable-system --enable-linux-user --target-list="..." to the
configure script, so QEMU builds its list of default targets, from
which it checks if the specified subset is valid.
Since CUSTOM_TARGETS does not select FDT, we can get build errors like
this:
../meson.build:2778:2: ERROR: Problem encountered: fdt not available but required by targets x86_64-softmmu
We could select FDT when CUSTOM_TARGETS is set, but this would force an
unnecessary dependency on dtc, as BR2_PACKAGE_QEMU_SYSTEM does.
In order to fix these problems, refactor the package configuration:
- Keep BR2_PACKAGE_QEMU_SYSTEM and BR2_PACKAGE_QEMU_LINUX_USER, which by
default build all corresponding target emulators.
- Add a BR2_PACKAGE_QEMU_CHOOSE_TARGETS config, to permit choosing the
desired emulators.
- Add configs for each supported target. They select FDT, when needed.
- Move QEMU to a separate menu, since the number of configuration itens
became too large.
- Select BR2_LEGACY if BR2_PACKAGE_QEMU_CUSTOM_TARGETS is set, because
this situation requires user intervention to reconfigure the package.
- Reorganize the make file accordingly. Selecting CHOOSE_TARGETS without
choosing at least one emulator is considered an error.
Notes about the list of enabled targets:
- when the user enables both system and user emulation, we provide no
way to be able to build all system bt only parts of user (or the other
way around), because the qemu build system does not allow that: when a
list of target is passed, it applies to both system and user
emulation;
- as a consequence and in the same spirit, we also do not sanity-check
that at least one system, resp. user, target is enabled when system,
resp. user, emulation is enabled; we only require that one target is
enabled, so that the list is not empty.
Signed-off-by: Carlos Santos <unixmania@gmail.com>
[yann.morin.1998@free.fr:
- always build at least user or system
- add help text to BR2_PACKAGE_QEMU_CHOOSE_TARGETS
- simplify prompt for BR2_PACKAGE_QEMU_CHOOSE_TARGETS
- simplify list of targets with unique QEMU_TARGET_LIST_y
- extend the commit log with "Notes about the list of enabled targets"
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate from distutils to flit package infrastructure.
Add a patch fixing incorrect flit requires/build-backend in
pyproject.toml.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The libmodplug release has not been updated for over 5 years.
The git version contains many bug fixes, including for OOB
accesses, unaligned reads and writes, etc.
This git repository is the official home of libmodplug (by the original
author), however a new release does not seem likely anytime soon:
there are multiple open issues in the repository asking the author to
tag a release, all without a response.
Update buildroot to the current version of libmodplug from the official
git repository. The build system changed from autotools to cmake since
the last version.
We add a _CPE_ID_VERSION variable pointing to the latest stable
version, so that we don't get notified about all older CVEs that we
are not affected by.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 0.10 line offers minor improvements and bug fixes.
The previous security bump from 0.9.1 to 0.9.2 fixed CVE-2022-46149,
which was also present in 0.10.2, but is fixed within 0.10.3.
Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Mutt 2.2.9 was released on November 12, 2022. This is a bug-fix release,
fixing a build issue with recent GPGME releases.
Mutt 2.2.8 was released on November 5, 2022. This is a bug-fix release,
fixing a possible crash when using GPGME to view an application/pgp key
block. It also makes some changes to resizing and window size logic, and
enables batch-mode IMAP Fcc'ing.
https://gitlab.com/muttmua/mutt/-/blob/mutt-2-2-9-rel/ChangeLog
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised with python >= 3.11 by
backporting a patch and adding libbsd dependency as suggested by
upstream in https://github.com/ofalk/libdnet/issues/74:
./dnet.c: In function '__Pyx_AddTraceback':
./dnet.c:456:62: error: invalid use of incomplete typedef 'PyFrameObject' {aka 'struct _frame'}
456 | #define __Pyx_PyFrame_SetLineNumber(frame, lineno) (frame)->f_lineno = (lineno)
| ^~
./dnet.c:25190:5: note: in expansion of macro '__Pyx_PyFrame_SetLineNumber'
25190 | __Pyx_PyFrame_SetLineNumber(py_frame, py_line);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/78dff4b514fb7c510f5a745ee6cbbc049ceb2794
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Switch package type to meson as the primary supported build system
from now on is meson and the autotools support as deprecated. The
package tarball is no longer supported, thus the MODEM_MANAGER_SOURCE
is changed to the gitlab archive URL.
All previously supported options are converted to the meson
configuraiton options and support for new ones is added. The new
options are: bash_completion, polkit, systemd, qrtr.
The dbus build dependency is needed since the meson build system uses
dbus pkg-config to determine install locations. The 'udevdir' has to
be specified also in case dbus is not installed. Modem-manager will
use its own built-in udev rule parser to determine modem specific
values.
For building with libqmi support version 1.32.2 is required and for
libmbim version 1.28.2 is required.
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The make targets in bearssl are missing the $(OBJDIR) target which
causes build failures when using make with shuffle mode.
Add a patch which adds the missing $(OBJDIR) targets.
Fixes:
Assembler messages:
Fatal error: can't create build/obj/x509_minimal_full.o: No such file or directory
make[2]: *** [mk/Rules.mk:1190: build/obj/x509_minimal_full.o] Error 1 shuffle=reverse
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Hostapd has 802.11ax support, however it is currently disabled by
default, so let's enable it as it adds only 2 KB to the overall size
of the hostapd package.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes log:
https://wiki.qemu.org/ChangeLog/7.2
Add host-slirp dependency to provide the network backend 'user' that
was included in previous Qemu release by a submodule in Qemu sources [1].
This network backend is currently used by several defconfig that would
fail to boot with:
"-net user: network backend 'user' is not compiled into this binary"
board/mender/x86_64/readme.txt
board/pc/readme.txt
board/pc/readme.txt
board/qemu/arm-versatile/readme.txt
board/qemu/arm-vexpress/readme.txt
board/qemu/mips32r2-malta/readme.txt
board/qemu/mips32r2el-malta/readme.txt
board/qemu/mips32r6el-malta/readme.txt
board/qemu/ppc-bamboo/readme.txt
board/qemu/ppc-e500mc/readme.txt
board/qemu/ppc-g3beige/readme.txt
board/qemu/ppc-mac99/readme.txt
board/qemu/ppc-mpc8544ds/readme.txt
board/qemu/ppc64-e5500/readme.txt
board/qemu/s390x/readme.txt
board/qemu/sh4-r2d/readme.txt
board/qemu/sh4eb-r2d/readme.txt
board/qemu/sparc-ss10/readme.txt
board/qemu/sparc64-sun4u/readme.txt
board/qemu/x86/readme.txt
board/qemu/x86_64/readme.txt
Update the slirp configure option following the slirp submodule removal
[2].
Runtime tested in gitlab:
https://gitlab.com/kubu93/buildroot/-/pipelines/725509959
Add a backport from upstream, to fix sh4 stability [3].
[1] https://wiki.qemu.org/ChangeLog/7.2#Removal_of_the_.22slirp.22_submodule_.28affects_.22-netdev_user.22.29
[2] https://gitlab.com/qemu-project/qemu/-/commit/5890258aeeba303704ec1adca415e46067800777
[3] https://gitlab.com/kubu93/buildroot/-/jobs/3490258272
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: backport fix rather than revert faulty commit]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Split the list of dependencies to ease further addition.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: move first item also on its own line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The S-lang shell is currently installed by default but most packages are
typically interested in the shared libraries only. Add a configuration
option to disable the slsh program and its supporting files.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following static openssl build failure raised since commit
7967755fbf:
/home/autobuild/autobuild/instance-13/output-1/host/lib/gcc/sparc-buildroot-linux-uclibc/10.4.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /home/autobuild/autobuild/instance-13/output-1/host/sparc-buildroot-linux-uclibc/sysroot/usr/lib/libssl.a(ssl_cert.o): in function `ssl_cert_free':
ssl_cert.c:(.text+0x384): undefined reference to `__atomic_fetch_sub_4'
Fixes:
- http://autobuild.buildroot.org/results/417c86963ffe038aa052ea3cf19fd52c3e9b7396
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.66.0 annoucement: https://blog.rust-lang.org/2022/12/15/Rust-1.66.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.66.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.66.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Currently, when asserting that a command succeeded, we just capture the
return code of the command. If that is not zero, the assertion fails,
but the error message is not very splicit:
AssertionError: 1 != 0
Replace the error message with an explicit message that dumps the failed
command, the error code, and the resulting output.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add patch to fix build error.
Removed sha1 hash.
Add configure option to disable searching for qt6 as of now due to
incomplete implementation of qt6 modules, like gui, in buildroot.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When BR2_powerpc_e500mc=y, fmlib package compilation fails with output:
make[2]: *** No rule to make target 'libfm-e500mc.a'. Stop.
The fmlib package "make help" command shows:
The available make libfm-<arch>.a targets are:
libfm-ppce500mc.a (P2, P3, P4)
...
The package Config.in incorrectly sets BR2_PACKAGE_FMLIB_ARCHTYPE
to "e500mc", which is then passed as the package make target.
The correct value should be "ppce500mc".
The commit fixes this build issue.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with arm soft float raised since bump to
version 1.15 in commit c31087182f and
https://github.com/ebiggers/libdeflate/commit/84c76f6f2cf5e5ac4deca0b1c25faebb42469f58:
In file included from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:256,
from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-3/output-1/host/lib/gcc/arm-buildroot-linux-gnueabi/11.3.0/include/arm_neon.h:31:2: error: #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
31 | #error "NEON intrinsics not available with the soft-float ABI. Please use -mfloat-abi=softfp or -mfloat-abi=hard"
| ^~~~~
In file included from /home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h: In function 'clmul_u32':
/home/autobuild/autobuild/instance-3/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:262:9: error: unknown type name 'uint64x2_t'; did you mean 'uint16x2_t'?
262 | uint64x2_t res = vreinterpretq_u64_p128(
| ^~~~~~~~~~
| uint16x2_t
Fixes:
- http://autobuild.buildroot.org/results/1445dcbf676893133f311a92ac21b29237fb75df
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following aarch64 build failure raised since the addition of the
package in commit 4231e7b10b:
In file included from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:256,
from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h: In function 'clmul_u32':
/home/autobuild/autobuild/instance-22/output-1/host/lib/gcc/aarch64-buildroot-linux-gnu/10.4.0/include/arm_neon.h:26723:1: error: inlining failed in call to 'always_inline' 'vmull_p64': target specific option mismatch
26723 | vmull_p64 (poly64_t __a, poly64_t __b)
| ^~~~~~~~~
In file included from /home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/crc32.c:227:
/home/autobuild/autobuild/instance-22/output-1/build/libdeflate-1.15/lib/arm/crc32_impl.h:262:19: note: called from here
262 | uint64x2_t res = vreinterpretq_u64_p128(
| ^~~~~~~~~~~~~~~~~~~~~~~
263 | compat_vmull_p64((poly64_t)a, (poly64_t)b));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/9aee8dafea614db77209818b913a571534466506
- http://autobuild.buildroot.org/results/951d5a1a2959a0cc65ca7e52967ec07bc1cc00f1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 255acdc143 (package/qemu: needs gcc >= 8) added a comment that
explains that host-qemu would not be available for gcc < 4.8.
However, it interspersed that comment between the main symbol and the
conditional block with the sub-options. This breaks the indentation of
the sub-options in menuconfig, where they appear at the same level as
the main symbol, rather than indented below it.
Fix that by moving the comment before the main symbol.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following static build failure raised since bump to version 1.15
in commit c31087182f:
[ 79%] Linking C shared library libdeflate.so
/home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/12.2.0/../../../../arc-buildroot-linux-uclibc/bin/ld: /home/buildroot/autobuild/instance-2/output-1/host/lib/gcc/arc-buildroot-linux-uclibc/12.2.0/crtbeginT.o: relocation R_ARC_32_ME against `__TMC_END__' can not be used when making a shared object; recompile with -fPIC
Fixes:
- http://autobuild.buildroot.org/results/25489e5c6f0da642136e099ab35b091624f53a2b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 8cbfbe487a (package/skeleton-systemd: systemd-ify mounting /var
tmpfs with ro rootfs) removed the fstab handling of /var, and left the
macro deal solely about keeping / read-only.
However, the code about how the var factory is handled was left above
the macro, which is now misleading and confusing.
Move the comment closer to the actual rootfs-pre-cmd hook which actually
deals with handling the var factory.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 86d32208b6 (support/testing/tests/init/test_systemd.py: use
downloaded kernel) stopped building a custom kernel for the systemd
tests, but forgot to drop the associated kernel config fragment.
That fragment is now not used in any test case, so we can drop it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, when one does not enable remounting the rootfs read-write,
i.e. keep it read-only, for example because the filesystem is actually
read-only by design, like squashfs, then two things happen:
- we create a factory from the content of /var at build time, register
tmpfiles entries for it, and mount a tmpfs on /var at runtime, so
that systemd-tmpfiles does populate /var from the factory; this is
only done when the rootfs is not remounted r/w;
- we trigger systemd-tmpfiles at build time, which uses the tmpfiles
db, of which our /var entries, to pre-populate the filesystem; this
is always done, whether the rootfs is remounted r/w or not.
Note that Buildroot mounts a tmpfs on /var, and leaves to the integrator
to care for providing an actual filesystem, as there are too many
variants and is very specific to each use-case.
These two mechanisms are conflicting, semantically, but also
technically: the files from the factory will be duplicated, but that
may help in some situations when the actual /var filesystem is not
mountable.
In some cases, it might be preferable to have none, either, or both
mechanisms enabled; it highly depends on the ultimate integration scheme
chosen for a device.
For example, some people will be very happy with a /var that is actually
on a tmpfs and that it gets reseeded form scratch at every boot, while
others may want to ensure that their system continue to work even when
they can't mount something that makes /var writable.
YMMV, as they used to say back in the day...
So, we introduce two new options, in the system sub-menu, each to drive
each mechanism. We default those options to y, to keep the previous
behaviour by default, except the var factory is only available when the
rootfs is not remounted r/w, as it were so far.
We still hint in the help text that there might be some conflict between
the two mechanisms, but since it has been that way for some time, it
does not look too broken for most people.
Since that introduces more options related to systemd being chosen as an
init system, we gather those two options and the existing one inside a
if-endif block, rather than adding more 'depends on' on each options.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 0d9b84b7a8 (package/systemd: invoke systemd-tmpfilesd on final
image) forcefully introduced a call to systemd-tmpfiles as a per-rootfs
hook, on the premise that would help with read-only rootfs.
However, that did not account for the then-pre-existing handling of /var
as a factory when the user opted not to remount / read-write (by not
setting BR2_TARGET_GENERIC_REMOUNT_ROOTFS_RW).
This means that, for users who want to use a factory for /var, the
generated filesystem contains the factory files twice: once as stored in
the factory, and once as populated by systemd-tmpfilesd.
In the hope to reconcile the two solutions, we move the handling of
calling systemd-tmpfilesd to the skeleton-init-systemd package, where we
already handle the /var factory. Having the two in the same package will
make it easier, in the future, to provide the user with a choice whether
to use one of the other.
Note that it is very important to keep the order of the hooks as they
are.
Indeed, skeleton-init-systemd sorts before systemd, so its hooks were
registered before systemd's hooks; now that we move the CREATE_TMPFILES
hook, we must ensure it is called after the PRE_ROOTFS_VAR one, so that
the behaviour of acting on the var factory remains.
As a final note: we chose the move this way, rather than move the var
factory into the systemd package, because it is more related to the
system integration on the Buildroot side, rather than the integration
of the systemd package in Buildroot.
Similarly, the other four rootfs hooks, SYSTEMD_LOCALE_PURGE_CATALOGS,
SYSTEMD_UPDATE_CATALOGS, SYSTEMD_RM_CATALOG_UPDATE_SERVICE, and
specially SYSTEMD_PRESET_ALL, should also be moved out of the systemd
package, because they too are more related to the Buildroot system,
rather than to the systemd package itself; but the frontier is very
porous in either way, for such a package as special as systemd.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
Cc: Yann E. MORIN <yann.morin@orange.com>
Acked-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
To mount our /var tmpfs when the rootfs is mounted read-only (really,
not remounted read-write), we use an entry in fstab.
However, /etc could also be a tmpfs (for full state-less systems, or
easy factory-reset, see [0]). It also prevents easily ordering other
systemd units until after /var is mounted (not impossible, but less
easy).
So, we register /var as a systemd mount unit, so that we can also have
the /var factory populated and functional even when /etc is empty. The
var.mount unit is heavily modelled after systemd's own tmp.mount one, so
we carry the same license for that file (in case that may apply).
This has two side effects:
- as hinted previously, it simplifies writing other systemd units to
order them after /var is mounted
- user can easily replace it with their own, which mounts an actual
filesystem
[0] http://0pointer.de/blog/projects/stateless.html
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split original patch in two
- this one only handles converting /var mounting into a systemd unit
- adapt commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Reviewed-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr (as suggested by Norbert):
- fix Before= dependencies
- drop [Install] section
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When the rootfs is not remounted read-write (thus assuming a read-only
rootfs like squashfs), we create a tmpfiles.d factory for /var.
However, we register those in /etc/tmpfiles.d/, but /etc could also be
a tmpfs (for full state-less systems, or easy factory-reset, see [0]).
So, we move our var factory to /usr/lib/tmpfiles.d/, which is also the
location where systemd itself places its own tmpfiles, and where we
already put all our other tmpfiles (see audit, avahi, cryptsetup, dhcp,
lighttpd, nfs-utils, quagga, samba4, swupdate) and our handling of
systemd's catalog files too. We also rename the file to a better name,
so that it is obvious it is generated by us (systemd already installs a
var.conf of its own, so we want to avoid name clashing).
Last little detail: there is no need or reason to create .../tmpfiles.d/
at install time; it is only needed in the rootfs-pre-cmd hook, so we
only create it just before we need it.
[0] http://0pointer.de/blog/projects/stateless.html
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Romain Naour <romain.naour@smile.fr>
Cc: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split original patch in two
- this one only moves out of /etc and into /usr/lib
- adapt commit log accordingly
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr:
- rename to 00-buildroot-var.conf as suggested by Norbert
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The http site automatically redirects to the https variant, so let's
just use that as the default.
The mirror list URL http://search.cpan.org/mirror seems outdated
(re-directed to https://metacpan.org/mirrors aka 'Not Found - The
resource you requested could not be found.').
The closest matching URLs we found were:
https://www.cpan.org/SITES.htmlhttp://mirrors.cpan.org/map.htmlhttp://mirrors.cpan.org/
That last one has all the list, so we use that; the second is a world
map, so we also include it.
Sadly, neither of the mirrors list (table or map) are served as https;
they are only available as http...
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr:
- add a little blurb to explain http->https redirect
- update the mirror list URL, and...
- extend commit message with original explanations from Peter, and..
- notice that they are not served via https...
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As the comment in package/perl/perl.mk instructs, bumping the perl
version must be propagated to utils/scancpan as well.
However, commit 7c1ef8129f (package/perl: bump to version 5.34.0)
forgot to do so.
Fixes: 7c1ef8129f
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The only other language supported is CL (Common Lisp) which buildroot
does not package yet. This saves 52KB in the final root filesystem.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
[yann.morin.1998@free.fr: reformat for one-option per-line]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Let's disable the CONFIG_PLATFORM_I386_PC that is set to y by default
involving the endianness to be set to little. This way we can set the
CFLAGS according to architecture with some default define like:
-DCONFIG_IOCTL_CFG80211
-DRTW_USE_CFG80211_STA_EVENT
-Wno-error
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to the upstream release notes of version 2.0.0:
https://lists.x.org/archives/xorg-announce/2022-July/003180.html
"This keyboard driver is primarily used with BSD, GNU Hurd, illumos, &
Solaris systems. Linux systems should instead use either xf86-input-
libinput or xf86-input-evdev.
While versions 1.9.0 and earlier had rudimentary support for Linux as
well, that has been removed in this release."
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: Reword help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update to the latest version of the gcnano-binaries blobs, which are
compatible with the last v5.15-stm32mp-r2 kernel from the
STMicroelectronics BSP.
The management of libraries links have now changed. We moved on from
a version with several links present but few of them missing to no links
at all. Now, all the links are made by the build system. The loop
mechanism to make them are imported from the ST Yocto layer.
The packageconfig have also changed, no need to update prefix and version
value anymore.
Signed-off-by: Kory Maincent <kory.maincent@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kernel used is based on 6.1-rc3, so use the recently introduced 6.1
kernel headers version to fix a build issue:
Incorrect selection of kernel headers: expected 6.0.x, got 6.1.x
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a defconfig for the Starfive VisionFive2 board, a board built around the
Starfive JH7110 RISC-V 64bit SoC.
This board comes with functional lowlevel and U-Boot bootloaders in SPI
flash. The defconfig reuses these and only builds a (5.15 based) kernel and
rootfs.
The factory shipped U-Boot is hard coded to look at MMC partition 3.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[Peter: add to DEVELOPERS]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package install the required firmware for enabling the
Bluetooth device embedded in the RTL8723DS chip.
The driver is included in Linux main tree and can be enabled
with the BT_HCIUART_RTL symbol.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Tested-by: Indrek Kruusa <indrek.kruusa@gmail.com>
[Peter: use install -D]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Notable changes in this new version include support for the Apple
Aarch64 ABI, and compare-and-swap atomic instructions.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[Peter: drop _AUTORECONF]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The git package in Buildroot is quite lagging behind (v2.31.4, released
on July 12, 2022 while the baseline v2.31.0 was released on March 15,
2021). Bump the package to v2.39.0 (released December 12, 2022).
While at it, also replace patch fixing uclibc no threads build with two
patches cherry-picked from upstream next branch, which fixes the same
issue by fixing the handling of flockfile(), funlockfile(), and
getc_unlocked() declarations. These patches missed the release but
planned for next maintenance release (v2.39.1).
The reason for replacing the patch is when original fix patch was
upstreamed [1], Jeff King noted that the build failure root cause
was flockfile() is defined regardless of whether uclibc is configured with
threads support or not [2].
Release notes for v2.39.0 is available on release announcement on Git
mailing list at [3].
[1]: https://lore.kernel.org/git/20221125092339.29433-1-bagasdotme@gmail.com/
[2]: https://lore.kernel.org/git/Y4RAr04vS%2FTOM5uh@coredump.intra.peff.net/
[3]: https://lore.kernel.org/git/xmqqlencspnl.fsf@gitster.g/
Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix the following security issues:
- Fix potential heap buffer overread and overwrite in DTLS if
MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
- An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) could recover an RSA private key after observing the victim
performing a single private-key operation if the window size used for
the exponentiation was 3 or smaller.
Drop patch (already in version:
https://github.com/Mbed-TLS/mbedtls/commit/9d9d45c6b2aeaedfdfdadfec3d05d168db685968)
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
remove merged patch
diff LICENSE.md
- Copyright (C) 1995-2017 Jean-loup Gailly and Mark Adler
+ Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
- Copyright (c) 2008-2018, Dave Benson and the protobuf-c authors.
+ Copyright (c) 2008-2022, Dave Benson and the protobuf-c authors.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When creating a filesystem, mkfs.ext will chose the inode size depending
on the size of the filesystem. Small filesystem get 128-bytes inodes,
while bigger filesystems use 256-byte inodes (inode must be a power of 2
larger or equal to 128, and smaller or equal to the blocksize).
However, 128-byte inodes can't store timestamps past the dreaded
2038-01-19 03:14:07Z deadline, while inodes larger than or equal to 256
do not have the issue.
It turns out that the tipping point to decide whether a filesystem is
small or big, is about around the size of the filesystems we generate
for our runtime tests. This causes the kernel to emit warning like:
ext2 filesystem being remounted at / supports timestamps until 2038 (0x7fffffff)
We add a new option to our ext2 filesystem, so that user can specify the
size of the inode. That new option defaults to 256 to be resilient to
the Y2K38 problem.
Note: it was already possible for users to explicitly pass the -I
option, through BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS. We could have
chosen to extend the existing value with a -I 256, but that is not
satisfactory. Indeed, we do want to ensure that the default is now
Y2K38-OK, even for existing configurations that did not have explicit
setting.
We also pass that new option before the user-specified arbitrary ones,
so that BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS still wins (in case -I was
set there).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Peter: tweak help text]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2020-35492:
A flaw was found in cairo's image-compositor.c in all versions prior to
1.17.4. This flaw allows an attacker who can provide a crafted input
file to cairo's image-compositor (for example, by convincing a user to
open a file in an application using cairo, or if an application uses
cairo on untrusted input) to cause a stack buffer overflow ->
out-of-bounds WRITE. The highest impact from this vulnerability is to
confidentiality, integrity, as well as system availability.
Important note: this is not the exact upstream patch. Indeed, the
upstream patch[1] contains a png file which appears as a binary diff
inside the patch. The `patch` tool which is used by Buildroot to apply
patches does not handle that kind of diff. Since it is just a test, it
shouldn't impact the quality of the CVE fix and all changes related to
the test are removed from the patch.
[1] https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch to fix CVE-2019-6462:
An issue was discovered in cairo 1.16.0. There is an infinite loop in
the function _arc_error_normalized in the file cairo-arc.c, related to
_arc_max_angle_for_tolerance_normalized.
Cc: Quentin Schulz <foss+buildroot@0leil.net>
Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on Linux 6.1-rc3. We don't have an option for 6.1 yes, so
mark it as 6.0 headers.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The D1 support is now upstream, so we can use the upstream 1.1 release
instead of a custom version.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is now based on U-Boot 2022.10 and has gained SPL support, so use that
instead of sun20-d1-spl. With this we can also drop the u-boot patch and
patch directory.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Release notes:
https://github.com/ebiggers/libdeflate/blob/master/NEWS.md
Switch to cmake.
Added CFLAGS to fix uClibc build:
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:10:
error: 'const struct stat' has no member named 'st_atim'; did you mean 'st_atime'?
/home/bernd/buildroot/output/build/libdeflate-1.15/programs/gzip.c:367:26:
error: 'const struct stat' has no member named 'st_mtim'; did you mean 'st_mtime'?
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since version 22.10.0, used since Buildroot commit
12c430f880, python-automat no longer
needs host-python-m2r, so let's drop this dependency.
This is needed as host-python-m2r is about to be removed from
Buildroot, due to incompatibility with its dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As tomli is no longer required for bootstrapping our pep517 toolchain
we no longer need to use flit-bootstrap for the host package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Bernd:
- switched to actively maintained fork
- package/Config.in: moved to "Hardware handling" (Peter)
- added toolchain dependencies (Thomas)
- added license hash
- fixed build errors related to iconv and execinfo (Peter)
- removed hook HDDTEMP_REMOVE_MAN (Thomas)
- install hddtemp.db to target
- added build/install _CMDS due to
https://github.com/vitlav/hddtemp/issues/5]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
- use GETTEXTIZE=YES, drop host-gettext from _DEPENDENCIES
- drop custom build and install commands now that we gettextize
- explicitly specify the DB path, introduce HDDTEMP_DB_PATH
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch fixes a problem in the vck190 boot.bin generation as it should be
using the u-boot.dtb as the u-boot device tree and not the Linux system.dtb.
While both dtbs are basically the same, it is better not to mix this up.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
5bbc20154e ("configs/zynqmp_kria_kv260_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 5bbc20154e ("configs/zynqmp_kria_kv260_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit
3c997c457a ("configs/zynqmp_zcu106_defconfig:
bump to Xilinx 2022.2"), we're using U-Boot version Xilinx 2022.2,
which already carries the psu_init_gpl.c, causing the build to fail as
our patch doesn't apply.
Fix this by dropping the no longer needed patch.
Fixes: 3c997c457a ("configs/zynqmp_zcu106_defconfig: bump to Xilinx 2022.2")
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch moves the board/zynqmp/kria/kv260/uboot.fragment file
to the board/zynqmp/kria directory. The reason is that this file
is the same for any kria starter kit and is not specific to the kv260.
By moving the file, it can be logically re-used with the kr260 when
support for this starter kit is added to buildroot.
KR260 Starter Kit:
https://www.xilinx.com/products/som/kria/kr260-robotics-starter-kit.html
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit d590003e31 (package/pcsc-lite: needs gcc >= 4.9) propagated
that new dependency to a bunch of packages that select pcsc-lite.
Then commit 8aaa7ecbce (package/opensc: new package) introduced
opensc, which selects pcsc-lite. However, the package was submitted
before the dependency to gcc 4.8+ was added to pcsc-lite, and that was
missed during the review.
Add it now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When applying 917a961d9c (package/optee-client: bump to version
3.19.0), a last-minute change was made in Config.in to change the
dependency to util-linux instead of util-linux-libs, but the
counterpart to that change in the .mk was omitted.
Fix that now.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit eb2f2886b2 ("package/swupdate:
add staging install") has introduced some commands indented with
spaces, which check-package doesn't like.
Fix that by using tabs instead, and while we're at it, wrap the line
that is a bit too long.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SWupdate provides API for external programs, so some headers and
libraries must be install to staging.
This patch installs headers and libs to STAGING_DIR, to prevent a
header name collision a subdirectory /usr/include/swupdate creates.
Signed-off-by: Andrey Grafin <conquistador@yandex-team.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2022-46149: Cap'n Proto is a data interchange format and remote
procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1,
0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust
implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to
out-of-bounds read due to logic error handling list-of-list. This issue
may lead someone to remotely segfault a peer by sending it a malicious
message, if the victim performs certain actions on a list-of-pointer
type. Exfiltration of memory is possible if the victim performs
additional certain actions on a list-of-pointer type. To be vulnerable,
an application must perform a specific sequence of actions, described in
the GitHub Security Advisory. The bug is present in inlined code,
therefore the fix will require rebuilding dependent applications. Cap'n
Proto has C++ fixes available in versions 0.7.1, 0.8.1, 0.9.2, and
0.10.3.
https://github.com/capnproto/capnproto/security/advisories/GHSA-qqff-4vw4-f6hxhttps://dwrensha.github.io/capnproto-rust/2022/11/30/out_of_bounds_memory_access_bug.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues:
- CVE-2022-3550: A vulnerability classified as critical was found in X.org
Server. Affected by this vulnerability is the function _GetCountedString
of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is
recommended to apply a patch to fix this issue. The associated identifier
of this vulnerability is VDB-211051.
- CVE-2022-3551: A vulnerability, which was classified as problematic, has
been found in X.org Server. Affected by this issue is the function
ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to
memory leak. It is recommended to apply a patch to fix this issue. The
identifier of this vulnerability is VDB-211052.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The 5.19.x series is now EOL upstream, so drop the linux-headers option and
add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop no longer required pyaes runtime dependency.
Add new bitstring, cryptography and reedsolo runtime dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop setuptools runtime dependency.
Update description as python 2 is no longer supported.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop spurious setuptools runtime dependency.
Add new msgpack runtime dependency.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
https://github.com/troglobit/smcroute/releases/tag/2.5.6
Most important news from the ChangeLog:
- Batch mode supoprt for smcroutectl
- Fix strange behavior when joining/leaving the same group
- Minor spelling checks of documentation
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Joachim Wiberg <troglobit@gmail.com>
[yann.morin.1998@free.fr: added news by Joachim]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: squash the two bumps together]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
With gnuradio 3.10 boost/filesystem was replaced by std::filesystem.
This feature was introduced with gcc 8 (requirering -lstdc++fs (with
gcc 9 explicit -lstdc++fs is no more explicitely required)).
With gcc < 8 build fails with error:
In file included from /home/br-user/work/instance-0/output-1/host/aarch64_be-buildroot-linux-gnu/sysroot/usr/include/boost/dll/runtime_symbol_info.hpp:11:0,
from /home/br-user/work/instance-0/output-1/build/gnuradio-3.10.4.0/buildroot-build/gnuradio-runtime/lib/constants.cc:16:
/home/br-user/work/instance-0/output-1/host/aarch64_be-buildroot-linux-gnu/sysroot/usr/include/boost/dll/config.hpp:42:10: fatal error: filesystem: No such file or directory
#include <filesystem>
^~~~~~~~~~~~
compilation terminated.
Add a dependency to gcc >= 8.
BR2_TOOLCHAIN_HAS_GCC_BUG_64735 only affects gcc <7, so we drop it.
Adding this restriction on gcc >= 8 also covers the dependency for volk,
which requires gcc >= 7, which was not propagated to gnuradio so far.
Tested with bootlin toolchain 2020.02-2 (gcc 8.3.0)
Fixes:
- http://autobuild.buildroot.net/results/6a82605c58f9ef9eb6c14603777dd8523dd00aa5/
- http://autobuild.buildroot.net/results/c7c4ae76954e388ab639b39fd521d90acfe4edc9/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The permissions are now in sync with meson_post_install.py,
and debian.
Most importantly, polkit-agent-helper-1 is now setuid root,
but also the rules.d directories rather than their parents
are owned by polkitd.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Bumps OP-TEE client package version to OP-TEE release 3.19.0.
This package introduces a mandatory dependency on util-linux and
pk-config packages that were made optional in commit [1], following
3.19.0 release tag. The dependency is related to new library teeacl
for access control list based login identification. This change picks
that commit and defines the dependency only when TEEACL library is
to be embedded. The patch will be removed once we dump to the next
OP-TEE release tag, as state by new BR2 boolean config switch
BR2_PACKAGE_OPTEE_CLIENT_TEEACL.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[yann.morin.1998@free.fr:
- actually backport upstream commit
- don't default y for BR2_PACKAGE_OPTEE_CLIENT_TEEACL
- select util-linux instead of depending on it
- don't select util-linux-libs, there's no circular deps
- squash both conditions together in .mk
- fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Use pkg-config to retrieve libusb dependencies such as -latomic and
avoid the following static build failure raised since bump of libusb to
version 1.0.25 in commit aad609936f:
/nvmedata/autobuild/instance-29/output-1/per-package/libftdi1/host/bin/../lib/gcc/sparc-buildroot-linux-uclibc/10.3.0/../../../../sparc-buildroot-linux-uclibc/bin/ld: /nvmedata/autobuild/instance-29/output-1/per-package/libftdi1/host/sparc-buildroot-linux-uclibc/sysroot/lib/libusb-1.0.a(core.o): in function `libusb_unref_device':
/nvmedata/autobuild/instance-29/output-1/build/libusb-1.0.25/libusb/core.c:1186: undefined reference to `__atomic_fetch_add_4'
Fixes:
- http://autobuild.buildroot.org/results/1ca7cd85ae60ad4797a6d8a83b2fb51d7eab96d9
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
libuwsc needs BR2_PACKAGE_WOLFSSL_ALL (which enables openssl compat
layer) to avoid the following wolfssl build failure raised since the
addition of the package in commit
120c04775d:
/home/br-user/work/instance-1/output-1/build/libuwsc-3.3.5/src/ssl.c:62:5: error: unknown type name 'SSL_CTX'
62 | SSL_CTX *ctx;
| ^~~~~~~
Note that we do not select _ALL when wolfssl is enabled, because wolfssl
is neither the only nor the preferred choice, so the condition would
have to be a bit more complex:
select BR2_PACKAGE_WOLFSSL_ALL if BR2_PACKAGE_WOLFSSL \
&& !BR2_STATIC_LIBS && !BR2_PACKAGE_OPENSSL
It is not overly complicated, but it is no longer trivial or obvious,
and would easily break if the ordering of preferences were to change in
the .mk fie in the future.
Fixes:
- http://autobuild.buildroot.org/results/6c2a6ed6fca1f92aab299f6ed9cd900b20e8d512
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: explain why we don't select _ALL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix CVE-2022-32292: In ConnMan through 1.41, remote attackers able to
send HTTP requests to the gweb component are able to exploit a
heap-based buffer overflow in received_data to execute code.
Fix CVE-2022-32293: In ConnMan through 1.41, a man-in-the-middle attack
against a WISPR HTTP query could be used to trigger a use-after-free in
WISPR handling, leading to crashes or code execution.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This reverts commit 3ddca0ccb9.
With the merge of next, we are now using mupdf 1.20.3, so this fix is no
longer needed.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 93d8b71371 (package/sdl2_ttf: bump version to 2.20.1) dropped the
hash for COPYING.txt and added a hash for LICENSE.txt but forgot to adjust
SDL2_TTF_LICENSE_FILES, breaking legal-info:
>>> sdl2_ttf 2.20.1 Collecting legal info
ERROR: No hash found for COPYING.txt
cp: cannot stat '/path/to/output/build/sdl2_ttf-2.20.1/COPYING.txt': No such file or directory
make[1]: *** [package/sdl2_ttf/sdl2_ttf.mk:38: sdl2_ttf-legal-info] Error 1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently package secific go env is used only during package build step.
Go vendering is done during the download step and it's sometimes required
to specify package secific go env also for this step.
For example, when importing custom go modules who are hosted on a private
host, it’s required to set GOPRIVATE to avoid public sum checking.
Of all the environment variables driving the behaviour of the go command
[0], there is none that obviously have an impact on the behaviour of
go-mod, unless they are explicitly listed as such [1], so it seems
pretty safe to include the generic environment variables for the
download step.
[0] https://pkg.go.dev/cmd/go#hdr-Environment_variables
[1] https://go.dev/ref/mod#environment-variables
Signed-off-by: Patrick Gerber <pge@ik.me>
[yann.morin.1998@free.fr: add [0] and [1] and corresponding blurb]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 235636409f (package/mender-artifact: do not download modules
during the build process) introduced the use of GOFLAGS="-mod=vendor",
in 2020-08-13, before we had the go download post-process...
... which was introduced with ommit 24ac316ff5 (package/pkg-golang.mk:
implement Go vendoring support), in 2022-01-08, which added $(2)_DL_ENV
which contains $(HOST_GO_COMMON_ENV).
HOST_GO_COMMON_ENV, set in go/go.mk@23,i already contains
GOFLAGS="-mod=vendor".
Signed-off-by: Patrick Gerber <pge@ik.me>
[yann.morin.1998@free.fr: extend commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The Marvell Armada Devicetree files have been moved out of edk2-platforms
by commit 4b53da6b12a8 ("Marvell/Armada7k8k: Remove device tree sources
from edk2-platforms") and they are now in edk2-non-osi.
Therefore update the MACCHIATObin recipe to depend on the new edk2-non-osi
package and rework a bit the packages path to support that.
Also, drop the backported patch as it is not necessary anymore.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a package to install the additional edk2 platforms files, not
compatible with the normal licensing requirements and held in the
edk2-non-osi repository.
Only the Marvell Armada files are copied at this point, to support building
edk2 for the MACCHIATObin platform.
The referenced commit corresponds to version edk2-stable202208 of edk2,
based on the timestamps.
This package is heavily inspired from package/edk2-platforms.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump the edk2-platforms commit to the one corresponding to version
edk2-stable202208 of edk2, based on the timestamps.
Note: the Marvell Armada Devicetree files have been moved out of
edk2-platforms by commit 4b53da6b12a8 ("Marvell/Armada7k8k: Remove device
tree sources from edk2-platforms") and they are now in edk2-non-osi.
Signed-off-by: Vincent Stehlé <vincent.stehle@arm.com>
Cc: Dick Olsson <hi@senzilla.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This firmware is loaded by U-Boot, so when U-Boot is loading the Linux
kernel from the root filesystem, it is very likely that it will also
want to load this firmware from the root filesystem.
Therefore, this patch makes sure that that Cadence DP firmware is
installed alongside the kernel image in /boot in the root filesystem
when the kernel is installed
there (BR2_LINUX_KERNEL_INSTALL_TARGET=y).
We keep installing the firmware in $(BINARIES_DIR) in any case.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds support for Xilinx Versal VCK190 evaluation board.
VCK190 features can be found here:
https://www.xilinx.com/products/boards-and-kits/vck190.html
The VCK190 is based on the Xilinx Versal family:
https://www.xilinx.com/products/silicon-devices/acap/versal.html
The VC1902 included with the VCK190 evaluation board has Xilinx
AI Engine acclerators designed for accelerating machine learning
applications. Also included is an upgrade from prior Zynq and
ZynqMP families to ARM Cortex-A72 cores.
While the Linux kernel for Versal is quite similar to ZynqMP,
the boot process has significantly changed.
Triple-redundant MicroBlaze cores are used to boot and setup
Versal devices. For this reason, current buildroot support
will download pre-built firmware images and use Xilinx bootgen
to generate the boot.bin for the vck190.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds support for downloading versal microblaze firmware binaries.
These are necessary for booting Xilinx versal devices.
The location of these binaries is temporary, and will soon be added to the
Xilinx firmware repository. The temporary location is using the same free
distribution license as the Xilinx firmware repository.
Once these files are available on the Xilinx repository, this package will
be updated to the new location.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps following packages to the newer version:
- OpenSBI v1.1
- U-boot v2022.10
- Linux 6.0
Linux kernel is hosted on AndesTech Github which includes ethernet,
SD card, DMAC, RTC, WDT drivers support. OpenSBI is based on v1.1
with andes platfrom fdt driver.
Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Same version as NXP release 5.15.52_2.1.0
- EULA/COPYING: update to LA_OPT_NXP_Software_License v39
- No official changelog but the main addition is the support of skipped
h.264 frames
- Add patch to fix kernel version test from the package
- Yocto doesn't need that workaround as it installs the kernel headers
- This is needed for NXP 5.15+ kernels (using DMABUF)
Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
DROPBEAR_DSS is now disabled by default. Enable only when
BR2_PACKAGE_DROPBEAR_LEGACY_CRYPTO is enabled.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If BR2_PER_PACKAGE_DIRECTORIES is enabled and Buildroot is using
HOST_MAKE for a Kconfig package. The $(1)_KCONFIG_RULES does not work
correctly, and kconfig-package-regen-dot-config will always run the
'oldconfig' target.
This is because $(1)_KCONFIG_RULES expands before the first recipe line
of .stamp_dotconfig. $(1)_KCONFIG_RULES attempts to call $(HOST_MAKE),
which requires that the per-package/<pkg>/host directory has been setup.
But that directory is not setup until a later recipe line. This results
in $(1)_KCONFIG_RULES silently failing, and so always configuring with
'oldconfig'.
Fix the issue by calling the command as part of the recipe, so
$(HOST_MAKE) will be ready in time. As the comment on $(1)_KCONFIG_RULES
describes, we should not use backticks. Use an intermediary file to
store the output of the command, so that backticks are not needed.
Signed-off-by: Brandon Maier <brandon.maier@collins.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This patch adds an option that allows to install the u-boot.elf file
produced when CONFIG_REMAKE_ELF=y in the U-Boot configuration.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- i.MX Hantro V4L2 Daemon. Provides the vsidaemon, which is needed for
V4L2 nodes to work.
- To match NXP 5.15.52-2.1.0 release.
Signed-off-by: Chris Dimich <chris.dimich@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Highligts include support for MbedTLS and a serious memory leak fix to
the GnuTLS backend.
Changes:
- Add support for MbedTLS
- Add support for per-provider interface to bind to
- Use HTTP-only for api.ipify.org, default (fallback) checkip service
Fixes:
- serious memory leak in GnuTLS backend
- ca-trust-file has no effect for GnuTLS
- handle easyDNS "no update required" as OK status
- use configured server:port, don't force port 443 for HTTPS
(From https://github.com/troglobit/inadyn/releases/tag/v2.10.0)
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
If a custom os_prefix directory is specified then the Raspberry Pi
firmware probes for the README file in overlays directory. If
this is not found then firmware will use the top-level overlays
directory which can be confusing if os_prefix is used in conjunction
with other filters to implement alternate boot behaviour.
In Raspberry Pi OS the README file is always included to ensure
that the relevant documentation is in sync with the overlays. Rather
that including the entire file let's just include an empty file so
that overlays directory is consistent with the Raspberry Pi OS
APT package.
From
https://www.raspberrypi.com/documentation/computers/config_txt.html#overlay_prefix
Unless ${os_prefix}${overlay_prefix}README exists, overlays are shared
with the main OS (i.e. os_prefix is ignored).
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Enable aarch64 support for rpi-userland to provide
vcmailbox and vcgencmd in 64bit builds. The are useful
for programming OTP and system debug.
The ARM64=ON parameter restricts the make targets
to only include those supported on 64-bit i.e. it
excludes the legacy Broadcom EGL drivers.
Signed-off-by: Tim Gover <tim.gover@raspberrypi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
SSCEP is a client-only implementation of the SCEP (Cisco System's Simple
Certificate Enrollment Protocol).
The goal of SCEP is to support the secure issuance of certificates to
network devices in a scalable manner, using existing technology whenever
possible. The protocol supports the following operations:
* CA and RA public key distribution
* Certificate enrollment
* Certificate and CRL query
Certificate and CRL access can be achieved by using the LDAP protocol,
or by using the query messages defined in SCEP.
CC: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Summary of changes:
- Fix use of $DAEMON, found by check-package
- Expects DAEMON to be name of daemon controlled by script, this
causes ripple efects in rest of script
- Recommend `chmod a-x`, .mk file installs with `-m 0755`
- Fix shellcheck warnings:
- Use "$VAR" in case of spaces in filenames
- recommend not using $? in if stmt, should use `if start-stop ...`
- mismatch in indentation in case-esac
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Thompson <peter.macleod.thompson@gmail.com>
[yann.morin.1998@free.fr: fix spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Z3, also known as the Z3 Theorem Prover, is a cross-platform
satisfiability modulo theories (SMT) solver.
https://github.com/Z3Prover/z3
Signed-off-by: Julien Olivain <ju.o@free.fr>
[yann.morin.1998@free.fr:
- python bindings 'depends on' python, not 'select' it
- fix check-package in test_z3.py
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This adds a separate opencv4_contrib package to manage
downloading/unpacking that repository. These extra modules
are useful for a lot of applications, but not necessary
for minimal installs, so they are all given dedicated Kconfig
options
It's important to note that the opencv4-contrib package
downloads extra source that is compiled as a part of
the opencv4 package. This is why it is a dependency
of opencv4, and not the other way around
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
commit e37c110 ("package/gnuradio: bump version to 3.10.4.0")
included two numbered patches. Those are generating
"make check-package" warnings.
Fixes:
make check-package
package/gnuradio/0001-blocks-Including-missing-vector-in-blockinterleaver.patch:4: generate your patches with 'git format-patch -N'
package/gnuradio/0002-blocks-blockinterleaving.h-add-missing-cstddef-heade.patch:4: generate your patches with 'git format-patch -N'
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This is a header only library which is required by the latest version
of zxing-cpp.
Include paths and pc file are based off of debian libstb package.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Current python-automat version 20.2.0 no longer work with Python 3.11
updated in commit 738500c296.
Running package runtime test with command:
support/testing/run-tests \
-d dl \
-o output_folder \
tests.package.test_python_automat.TestPythonPy3Automat
Fails with output:
Traceback (most recent call last):
File "/root/sample_python_automat.py", line 27, in <module>
led.turn_on()
^^^^^^^^^^^
File "/usr/lib/python3.11/site-packages/automat/_methodical.py", line 232, in __get__
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 43, in decorator
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 35, in copyfunction
File "/usr/lib/python3.11/site-packages/automat/_introspection.py", line 23, in copycode
TypeError: code() argument 13 must be str, not int
This commit fixes this issue by updating the package to the latest
version.
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- remove all no more required patches
- backport 2 patches to fix failures induces by missing headers
- add dependency to SPDLOG
- add pybind dependency where python is set
Note:
- Since gnuradio 3.10 swig was replaced by pybind. Now python libraries,
bindings and python wrappers are produces using pybind: this
why python-pybind is a buildtime dependency. As mentionned in [1], this one
is a stagging only package: headers must be into staging directory, so it
can't be host and at the same time since this package provides only headers
and .cmake files nothing has to be installed into the target directory. A
select is required because it's not an host package and
GNURADIO_DEPENDENCIES is updated with python-pybind to have pybind present
before gnuradio's build.
- host-python-numpy is now required since some cpp bindings uses numpy's
functions directly. python-numpy (target package) is left required because
python blocks and wrappers needs this library at runtime.
[1] http://lists.busybox.net/pipermail/buildroot/2022-October/653030.html
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
libsndfile is only needed by the sbctester utility and the library can
be built without this dependency.
Add a config option to cover not just sbctester but the command-line
utilities as well. While the utilities may be useful for debugging,
normal usage will only need libsbc and these applications can be
omitted.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The build of lttng-modules will fail if the kernel does not have
CONFIG_TRACEPOINTS enabled. However, CONFIG_TRACEPOINTS is a
prompt-less option, and the most generic option that does enable
CONFIG_TRACEPOINTS is CONFIG_FTRACE.
In addition, CONFIG_FTRACE will also enable CONFIG_STACKTRACE, which
is needed on CPU architectures that don't provide the STACKWALK
mechanism in the kernel, as is the case on ARM 32-bit for example.
Therefore, let's enable CONFIG_FTRACE when building lttng-modules.
Cc: Clément Léger <clement.leger@bootlin.com>
Reported-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is stable bugfix release of libmdbx, in Family Glory and
in memory of Boris Yuriev (the inventor of Helicopter and
Swashplate in 1911) on his 133rd birthday.
It is reasonable to backport this patch to all applicable releases/branches of Buildroot.
Release notes for v0.11.13
--------------------------
Fixes:
- Fixed builds with older libc versions after using `fcntl64()` (backport).
- Fixed builds with older `stdatomic.h` versions,
where the `ATOMIC_*_LOCK_FREE` macros mistakenly redefined using functions (backport).
- Added workaround for `mremap()` defect to avoid assertion failure (backport).
- Workaround for `encryptfs` bug(s) in the `copy_file_range` implementation (backport).
- Fixed unexpected `MDBX_BUSY` from `mdbx_env_set_option()`, `mdbx_env_set_syncbytes()`
and `mdbx_env_set_syncperiod()` (backport).
- CMake requirements lowered to version 3.0.2 (backport).
- Added admonition of insecure for RISC-V (backport).
Minors:
- Minor clarification output of `--help` for `mdbx_test` (backport).
- Added admonition of insecure for RISC-V (backport).
- Stochastic scripts and CMake files synchronized with the `devel` branch.
- Use `--dont-check-ram-size` for small-tests make-targets (backport).
The complete ChangeLog: https://gitflic.ru/project/erthink/libmdbx/blob?file=ChangeLog.md
Signed-off-by: Леонид Юрьев (Leonid Yuriev) <leo@yuriev.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Support mounting in /media instead of /run/media for compatibility
with the Filesystem Hierarchy Standard (FHS). This is also required
for backward compatibility with udisks1.
Signed-off-by: Wolfgang Grandegger <wg@grandegger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove inaccurate comment that claims twisted and treq version/site
variables are shared. They are not shared and the packages aren't
always updated at the same time.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
socat's configure script does not take the zlib dependency into
account when linking with libssl, and therefore fails at detecting
libssl in BR2_STATIC_LIBS=y configurations.
Since there is no easy way to add the zlib dependency, just disable
openssl support for static builds.
This is not fixing a build failure: libssl was not detected in
BR2_STATIC_LIBS=y configurations, so what this commit does is make it
explicit.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the zed to Xilinx release 2022.2.
Xilinx 2022.2 includes:
- U-Boot 2022.01 bug fixes
- Linux bump to Linux 5.15.36 with bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps the microzed to Xilinx release 2022.2.
Xilinx 2022.2 includes:
- U-Boot 2022.01 bug fixes
- Linux bump to Linux 5.15.36 with bug fixes
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch migrates the u-boot device tree definition
from uboot.fragment files to use BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS
instead for the zynqmp_kria_kv260_defconfig.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch migrates the u-boot device tree definition
from uboot.fragment files to use BR2_TARGET_UBOOT_CUSTOM_MAKEOPTS
instead for the zynq_zc706, zynq_zed and zynq_microzed defconfigs.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Compilation of Perl-related packages fails if `PERL_MM_OPT` is defined.
We previously issued an error in this case.
Instead, simply `unexport` the variable.
Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CARGO_HOME is where Cargo stores its downloaded artefacts. See
https://doc.rust-lang.org/cargo/reference/environment-variables.html:
CARGO_HOME — Cargo maintains a local cache of the registry index and
of git checkouts of crates. By default these are stored under
$HOME/.cargo (%USERPROFILE%\.cargo on Windows), but this variable
overrides the location of this directory. Once a crate is cached it
is not removed by the clean command. For more details refer to the
guide.
We currently make it point to $(HOST_DIR)/share/cargo, but this has a
number of drawbacks:
(1) It is not shared between Buildroot builds. Each Buildroot build
will re-download the crates index, and the crates themselves,
unless of course the final vendored tarball is already there.
(2) With BR2_PER_PACKAGE_DIRECTORIES=y, it is even worse: CARGO_HOME
is not even shared between packages, as $(HOST_DIR)/share/cargo
is per package. So each package in the build that needs vendoring
of Cargo crates will download the crates index and the crates in
its own CARGO_HOME location.
To solve this, this commit moves CARGO_HOME into $(DL_DIR), so that it
is shared between builds and packages.
Even though not the best/most authoritative source,
https://github.com/rust-lang/cargo/issues/6930 indicates that there is
a lock when accessing CARGO_HOME, because a user even complains that
this lock has even become more coarse-grained than it used to be
(which for us is fine, it just means that two Cargo fetch operations
from two different packages will be serialized, not a big deal).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Moritz Bitsch <moritz@h6t.eu>
[yann.morin.1998@free.fr: rename directory: s/\.cargo/br-cargo-home/]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Instead of replicating $(HOST_DIR)/share/cargo in several place,
define BR_CARGO_HOME. This will help when we'll want to change this
location.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop upstream patch.
Update README hash for changes not related to licensing.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Link to Rust 1.65.0 annoucement: https://blog.rust-lang.org/2022/11/03/Rust-1.65.0.html
Newest version of the source archives have been retrieved with their hash values,
and the signature of the .asc files have been verified as follows:
$ curl -fsSL https://static.rust-lang.org/rust-key.gpg.ascii | gpg --import
$ gpg --verify <filename.asc> <filename>
There is no typographical error in the packages according to the check-pakage utility:
$ ./utils/check-package package/rust-bin/*
$ ./utils/check-package package/rust/*
The testsuite tool were successfully run for rust and rust-bin packages to test
the Rust toolchain under 1.65.0:
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRustBin
$ ./support/testing/run-tests -k -d dl/ -o testsuite tests.package.test_rust.TestRust
In order to verify the compatibility of packages depending on Rust 1.65.0,
tests using `./utils/test-pkg` were run.
You may want to execute the test-pkg command after creating a `.config` file
enabling the corresponding BR2_PACKAGE, for example:
Create a file `buildroot/ripgrep.config` containing "BR2_PACKAGE_RIPGREP=y"
Then execute:
$ ./utils/test-pkg -d test-pkg -c ripgrep.config -p ripgrep
Results:
librsvg OK
ripgrep OK
suricata OK
bat OK
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add new async timeout runtime dependency.
Verified license is still LGPL-2.1+ after hash changed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changes:
- New command line options to ssdp-scan
- Update copyright years (affects LICENSE file hash)
Fixes:
- Workaround for OpenVPN /32 default server setup
- Time-of-check vs time-of-use issue with caching of UUID,
found by Coverity Scan, fixed by Raul Porancea
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Acked-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
License file moved per changelog:
the license file is packaged as LICENSE
License hash changed due to formatting changes.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replace cffi based backend with pyo3 setuptools-rust based backend.
Propagate rust reverse dependency comment.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
From 2618a0dae09ef37728dab89ff60418cbe25ae6bd Mon Sep 17 00:00:00 2001
From: Kees Cook <keescook@chromium.org>
Date: Sat, 12 Feb 2022 09:14:49 -0800
Subject: etherdevice: Adjust ether_addr* prototypes to silence
-Wstringop-overead
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
With GCC 12, -Wstringop-overread was warning about an implicit cast from
char[6] to char[8]. However, the extra 2 bytes are always thrown away,
alignment doesn't matter, and the risk of hitting the edge of unallocated
memory has been accepted, so this prototype can just be converted to a
regular char *. Silences:
net/core/dev.c: In function ‘bpf_prog_run_generic_xdp’: net/core/dev.c:4618:21: warning: ‘ether_addr_equal_64bits’ reading 8 bytes from a region of size 6 [-Wstringop-overread]
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.