Thomas Petazzoni [Fri, 4 Sep 2020 15:18:43 +0000 (17:18 +0200)]
DEVELOPERS: fix path to board/hardkernel/odroidc2/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 17 May 2020 09:05:28 +0000 (11:05 +0200)]
package/usb_modeswitch: fix parallel install
Extract from bug report:
"In usb_modeswitch Makefile dispatcher-script, dispatcher-dynlink and
dispatcher-statlink are .PHONY targets. The result is that sources are
compiled also when install targets are called.
USB_MODESWITCH_INSTALL_TARGET_CMDS calls $(MAKE) which is a call to
parallel make eg. make -j9. So the install phase can install empty
usb_modeswitch binary (happened once) if the compiler have just cleared
the binary and install command installs it before compiler writes the
binary. USB_MODESWITCH_INSTALL_TARGET_CMDS should call $(MAKE1)."
Instead of disabling parellel install, use install-common target instead
of install-{dyn,stat}link targets. Indeed, the dynamic or static
usb_modeswitch_dispatcher binary will be built by
all-with-{dyn,stat}link-dispatcher targets, there is no need to rebuild
it during the install step
Fixes:
- https://bugs.buildroot.org/show_bug.cgi?id=12911
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sun, 17 May 2020 08:40:52 +0000 (10:40 +0200)]
package/acsccid: bump to version 1.1.8
- update indentation of hash file (two spaces)
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sun, 17 May 2020 08:38:32 +0000 (10:38 +0200)]
package/tinyhttpd: remove package
tinyhttpd is affected by CVE-2002-1819 and is not maintained anymore
(no release since 2001) so remove it
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:41:00 +0000 (13:41 -0700)]
package/libselinux: enable kernel selinux support for ubifs images
If BR2_TARGET_ROOTFS_UBIFS is selected, enable the following kernel options:
- CONFIG_UBIFS_FS_XATTR
- CONFIG_UBIFS_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:59 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for squashfs images
If BR2_TARGET_ROOTFS_SQUASHFS is selected, enable the following kernel options:
- CONFIG_SQUASHFS_XATTR
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:58 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for jffs2 images
If BR2_TARGET_ROOTFS_JFFS2 is selected, enable the following kernel options:
- CONFIG_JFS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:57 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for f2fs images
If BR2_TARGET_ROOTFS_F2FS is selected, enable the following kernel options:
- CONFIG_F2FS_FS_XATTR
- CONFIG_F2FS_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:56 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for ext4 images
If BR2_TARGET_ROOTFS_EXT2_4 is selected, enable the following kernel options:
- CONFIG_EXT4_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:55 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for ext3 images
If BR2_TARGET_ROOTFS_EXT2_3 is selected, enable the following kernel options:
- CONFIG_EXT3_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:54 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for ext2 images
If BR2_TARGET_ROOTFS_EXT2 is selected, enable the following kernel options:
- CONFIG_EXT2_FS_XATTR
- CONFIG_EXT2_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:53 +0000 (13:40 -0700)]
package/libselinux: enable kernel selinux support for erofs images
If BR2_TARGET_ROOTFS_EROFS is selected, enable the following kernel options:
- CONFIG_EROFS_FS_XATTR
- CONFIG_EROFS_FS_SECURITY
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Adam Duskett [Fri, 31 Jul 2020 20:40:52 +0000 (13:40 -0700)]
package/libselinux: set the config_lsm kernel config option to selinux
Currently, the libselinux package sets the CONFIG_DEFAULT_SECURITY_SELINUX
kernel option. However, as of kernels >= 5.1, this option is superseded in
favor of the CONFIG_LSM option, a comma-separated list of LSMs the kernel
should initialize in order.
As the previous behavior of this package sets the kernel's default and only
LSM to initialize to SELinux, it is safe to set this string to just selinux.
If the user wants additional LSM's, they may do so with a custom kernel config.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:40 +0000 (12:10 +0200)]
docs/manual: add a section about SELinux
Add documentation about how to use SELinux in Buildroot, and what are
the available mechanisms to extend and customize the SELinux policy.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
[Thomas: misc improvements.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:39 +0000 (12:10 +0200)]
package/refpolicy: fix the configure, build and install steps
The refpolicy configure and build step were not correctly defined. The
configuration was split between the configure and build step, while
both the compilation and the installation were done in the install
step. Fix this by moving all the configuration within the
configuration step and by adding a call to make in the build step to
compile the policy.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:38 +0000 (12:10 +0200)]
package/refpolicy: allow packages to provide their own SELinux modules
Allow packages to have an 'selinux' subfolder containing SELinux modules
(sources) to be synced and compiled within the refpolicy, if the package
is selected.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:37 +0000 (12:10 +0200)]
package/refpolicy: allow to provide a custom refpolicy
Add support for the user to provide a fully custom refpolicy. When
this is used, modules aren't disabled anymore and packages do not
select refpolicy available modules either. The custom refpolicy must
define the full policy explicitly, and must be a fork of the original
refpolicy, to have the same build system.
This is added to allow users to fully control an SELinux policy, by
providing a complete custom policy.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:36 +0000 (12:10 +0200)]
package/refpolicy: allow selecting additional modules
Allow users to select additional modules available in the refpolicy, to
be built in the binary policy. This will allow non-base modules to be
selected based on the user use-case and to select extra module
dependencies when providing out-of-tree modules.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:35 +0000 (12:10 +0200)]
package/refpolicy: allow providing user defined modules
Allow users to provide custom SELinux modules to be part of the final
policy. A new configuration variable is added, pointing to list of
directories containing the custom modules.
SELinux modules do require a metadata.xml file to be well integrated
in the refpolicy build. If this file isn't provided, it will be
automatically created.
For now, this option requires the extra modules to be directly into
the BR2_REFPOLICY_EXTRA_MODULES directory, and subfolders aren't
supported. They may never be, as having subfolders could introduce
issues when two different modules have the same name (which isn't
supported by the refpolicy).
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:34 +0000 (12:10 +0200)]
package/e2fsprogs: select SELinux module
Select the fstools SELinux module when e2fsprogs binaries are compiled
and installed in the target filesystem, so that they'll be supported by
the SELinux policy.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:33 +0000 (12:10 +0200)]
package/util-linux: select SELinux module
Select the fstools SELinux module to be compiled in the policy for the
relevant binaries of util-linux.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:32 +0000 (12:10 +0200)]
package/dbus: select SELinux module
Select the dbus SElinux module so that it will be compiled in the
refpolicy. This way, if an SELinux policy is generated, dbus will be
supported.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:31 +0000 (12:10 +0200)]
package/systemd: select SELinux modules
Select the systemd and udev SELinux modules so that they will be
compiled in the refpolicy. This way, if an SELinux policy is generated,
Systemd will be supported.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:30 +0000 (12:10 +0200)]
package/refpolicy: allow packages to select SELinux modules
Add support for packages to enable SELinux modules already supported by
the refpolicy, but not selected by default in its policy.
With this commit, packages will be able to do something like:
SYSTEMD_SELINUX_MODULES = systemd udev
to enable additional SELinux modules.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:29 +0000 (12:10 +0200)]
package/refpolicy: smaller monolithic policy
The refpolicy is configured to use a monolithic build, compiling all the
available modules (whether they're 'base' or 'modules' ones) in the
binary policy. The result is a quite big SELinux policy, with a lot more
rules than what would be needed in a Buildroot image.
Refactor the refpolicy build configuration to enable less modules by
default. To achieve this, all the modules marked as being part of the
'base' policy are kept but all the modules marked as being only
'modules' are disabled. Then a static list of modules (in addition to
the already selected 'base' ones) are enabled. The result is a much
smaller refpolicy: tests showed a reduction of the binary policy from
2.4M to 249K (~90% smaller).
This minimal set of SELinux modules should allow to boot a system in
enforcing mode in the future. It currently does not work, not because
extra modules are needed, but because of required changes within the
selected modules.
This patch would break backward compatibility as the refpolicy will no
longer have all the modules provided by the project, but only those
selected. This should not be an issue as this configuration was not
suitable directly for a real system. Modifications had to be done. If we
still find out later that this is an issue for someone, we'll have the
ability to mimic what was done previously thanks to other mechanisms
(such as providing the upstream policy as a "custom" policy location).
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:28 +0000 (12:10 +0200)]
fs/common.mk: move down ROOTFS_REPRODUCIBLE for consistency
This patch is cosmetic and moves down ROOTFS_REPRODUCIBLE for
consistency.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:27 +0000 (12:10 +0200)]
fs/common.mk: set SELinux file security contexts
Set the SELinux file security contexts using setfiles when generating
root filesystem images.
Without such security contexts created at build time, they need to be
setup at first boot by running the restorecon utility on the target.
This has two drawbacks:
- You have to special case the first boot, which cannot be done in
enforcing mode, and will have to run restorecon, then reboot.
- You cannot support read-only filesystems.
By setting up the security contexts at build time, we can have a
filesystem image that is immediately ready to boot an SELinux system
in enforcing mode, including if the root filesystem is read-only.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Antoine Tenart [Fri, 31 Jul 2020 10:10:26 +0000 (12:10 +0200)]
package/e2fsprogs: set xattrs for the root dir as well
The mke2fs binary copies the xattrs of the source directory when
creating an image, but this logic did not include the root directory of
the resulting image. A patch was sent upstream to fix this. Include the
patch in Buildroot to allow creating SELinux ready images at build time.
Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Sun, 30 Aug 2020 18:23:18 +0000 (20:23 +0200)]
package/ethtool: bump version to 5.8
Release notes: https://lwn.net/Articles/828044/
- remove patch that is in new version
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Joachim Wiberg [Tue, 1 Sep 2020 05:38:59 +0000 (07:38 +0200)]
package/mg: new package
Mg is a small Emacs-like editor with no external dependencies except a
standard C library. It weighs in at 130 kiB and is one of a select few
completely free (public domain) text editors suitable for small and
embedded systems.
This version is based on the OpenBSD Mg, but with more features, one of
which being the no-ncurses/termcap support, which heavily reduces the
impact on a resource constrained system.
Upstream: https://github.com/troglobit/mg/
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:36 +0000 (17:08 +0200)]
package/perl-net-dns: bump to version 1.26
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fabrice Fontaine [Tue, 1 Sep 2020 21:00:17 +0000 (23:00 +0200)]
package/minidlna: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
8754bb4f7d749f999d5f8ddfec587470ceec4476
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Thu, 3 Sep 2020 22:15:57 +0000 (01:15 +0300)]
package/spdlog: bump to version 1.8.0
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Thu, 3 Sep 2020 22:15:56 +0000 (01:15 +0300)]
package/python-scapy: bump to version 2.4.4
And use two space for hash file indentation.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asaf Kahlon [Thu, 3 Sep 2020 22:15:55 +0000 (01:15 +0300)]
package/collectd: bump to version 5.12.0
And drop patch (already in version).
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Thu, 3 Sep 2020 19:34:07 +0000 (21:34 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 20.1.7
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:18 +0000 (17:08 +0200)]
package/lua-utf8:bump to version 0.1.3
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:17 +0000 (17:08 +0200)]
package/lua-testmore: bump to version 0.3.5
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:16 +0000 (17:08 +0200)]
package/lua-std-normalize: bump to version 2.0.3
diff LICENSE.md:
- Copyright (C) 2002-2018 normalize authors
+ Copyright (C) 2002-2020 normalize authors
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:15 +0000 (17:08 +0200)]
package/lua-compat53: bump to version 0.8
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:14 +0000 (17:08 +0200)]
package/lua-bit32: bump to version 5.3.5
diff LICENSE:
- Copyright (c) 2013 Hisham Muhammad
+ Copyright (c) 2015 Kepler Project.
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:13 +0000 (17:08 +0200)]
package/argparse: bump to version 0.7.1
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Petr Vorel [Thu, 3 Sep 2020 15:57:27 +0000 (17:57 +0200)]
package/uclibc: bump version to 1.0.35
Drop patch from this release.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Grzegorz Blach [Mon, 31 Aug 2020 20:15:31 +0000 (22:15 +0200)]
package/graphicsmagick: new package
GraphicsMagick is the swiss army knife of image processing.
It provides a robust and efficient collection of tools
and libraries which support reading, writing,
and manipulating an image in over 89 major formats
including important formats like DPX, GIF, JPEG, JPEG-2000,
PNG, PDF, PNM, TIFF, and WebP.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alistair Francis [Mon, 31 Aug 2020 23:20:51 +0000 (16:20 -0700)]
configs/qemu_riscv32_virt: use Linux 5.4 kernel
Now that RISC-V 32-bit (RV32) support has been merged into mainline
glibc, we can use the Linux 5.4 kernel.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alistair Francis [Thu, 3 Sep 2020 21:45:05 +0000 (23:45 +0200)]
package/glibc: use upstream glibc for RISC-V 32-bit
Until glibc 2.33 gets released, we use the current 2.32 master branch.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Paul Cercueil [Tue, 1 Sep 2020 13:48:49 +0000 (15:48 +0200)]
linux: add support for ZSTD compression
Add support for creating self-extractible kernels compressed with ZSTD.
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Claveirole [Thu, 3 Sep 2020 11:01:12 +0000 (13:01 +0200)]
package/bison: bump to 3.7.1
Release notes:
https://lists.gnu.org/archive/html/info-gnu/2020-08/msg00000.html
Tested using utils/test-pkg with toolchain br-arm-full on the
following reverse-dependencies: bash at dtc host-dtc. Also tested
using a custom toolchain and configuration on: conntrack-tools
iproute2 libnl libpcap libtasn1.
Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Nicolas Carrier [Fri, 25 Oct 2019 18:22:49 +0000 (18:22 +0000)]
package/php-xdebug: new package
Extension for PHP to assist with debugging and development.
Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Thomas Petazzoni [Thu, 3 Sep 2020 19:48:27 +0000 (21:48 +0200)]
package/iputils: use relative symlink for ping6
This was initially commit
84d471a0b150bc2ff1d08755d36be86d9380c2c5,
but it got mistakenly reverted by
95b0078cc089b48be8973b9507599cc836397869, so let's restore it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Alejandro González [Sun, 15 Sep 2019 10:05:46 +0000 (12:05 +0200)]
package/iputils: add config options to select which binaries to build/install
By default, the iputils build script might build binaries which are
useless for certain applications, like tftpd or ninfod. Those binaries
will add to the target filesystem size unless a post-build script removes
them manually, which is cumbersome and doesn't shorten build times.
In particular, in a certain aarch64 Buildroot project with musl selected
as a C library, this patch allowed to shrink the full iputils package from
219 KiB (if every option is selected) to 63 KiB (with only the ping
binary selected) - a 71.2% relative size decrease.
Moreover, upstream recently introduced a commit that disabled tftpd from
building by default, like rarpd. In the current state of things, this change
will introduce inconveniences for Buildroot users which prefer to use the
tftpd implementation provided by this package. With this patch, however, that
decision and similar future ones won't be a concern, because they will
have complete control of what binaries are built.
These changes add Kconfig options which let the user select what
binaries are built with ease.
Signed-off-by: Alejandro González <alejandro.gonzalez.correo@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Francois Perrad [Wed, 2 Sep 2020 15:08:38 +0000 (17:08 +0200)]
package/perl-type-tiny: bump to version 1.010005
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Wed, 2 Sep 2020 15:08:37 +0000 (17:08 +0200)]
package/perl-posix-strftime-compiler: bump to version 0.44
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Wed, 2 Sep 2020 15:08:35 +0000 (17:08 +0200)]
package/perl-mail-dkim: bump to version 1.
20200824
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Wed, 2 Sep 2020 15:08:34 +0000 (17:08 +0200)]
package/perl-libwww-perl: bump to version 6.47
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Wed, 2 Sep 2020 15:08:33 +0000 (17:08 +0200)]
package/perl-http-entity-parser: bump to version 0.24
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Francois Perrad [Wed, 2 Sep 2020 15:08:32 +0000 (17:08 +0200)]
package/perl-html-parser: bump to version 3.75
now, license has its own file
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Danilo Bargen [Sat, 5 Oct 2019 00:40:23 +0000 (02:40 +0200)]
configs/pcengines_apu2: new defconfig
The apu2 by PC Engines is a 64 bit single board computer with coreboot
BIOS. It only has serial output, but no graphics chip. With its 2–4
ethernet ports, it is often used to build a firewall or router.
The provided defconfig configures busybox and isolinux. It will output
a hybrid ISO image that can be written to a USB stick or burned to a
CD.
Configuration based on a blogpost by Tony Arkles:
http://www.better-bsp.com/blog/2017/03/02/buildrooting-for-apu2/
Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bernd Kuhls [Thu, 3 Sep 2020 05:32:48 +0000 (07:32 +0200)]
package/spandsp: needs jpeg support in tiff package
Since upstream commit https://github.com/freeswitch/spandsp/commit/
be0bce3dbc4b33f92e8da985900104b857259d02#diff-67e997bcfdac55191033d57a16d1408aR550,
jpeg support is needed in the fiff package.
This issue appeared with the bump of spandsp to 3.0 in commit
36c983bfa543de89ab8c9374a860d2fdf8a2fb87.
Fixes:
http://autobuild.buildroot.net/results/f5e/
f5efa4aeef661670403111074b9397da47167d07/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 2 Sep 2020 20:43:10 +0000 (22:43 +0200)]
package/wolfssl: disable examples and tests
Examples and tests are not needed especially because of them fails on
some architectures because it wrongly tries to use wc_Sha256FinalRaw:
CCLD tests/unit.test
/tmp/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-none-linux-gnu/9.2.1/../../../../aarch64-none-linux-gnu/bin/ld: tests/tests_unit_test-api.o: in function `test_wc_Sha256FinalRaw':
/tmp/instance-0/output-1/build/wolfssl-4.5.0-stable/tests/api.c:6504: undefined reference to `wc_Sha256FinalRaw'
Fixes:
- http://autobuild.buildroot.org/results/
d5b6f97f7510874fe28c675e599be08cb8a78c7b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
John Keeping [Thu, 3 Sep 2020 13:35:33 +0000 (14:35 +0100)]
package/alsa-utils: fix install if directories exist
"mkdir" (without "-p") fails if the target directory exists, which means
that if alsa-utils is being reinstalled or if other files have
previously been installed in the alsa-state.d or alsa-restore.d
directories the installation will fail.
Switch to "$(INSTALL) -d" which allows us to be explicit about the
permissions and handles the case of a pre-existing directory correctly.
Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Simon Rowe [Tue, 5 Nov 2019 12:24:11 +0000 (12:24 +0000)]
package/ntp: base sysv script on current template
Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 29 Aug 2020 21:39:16 +0000 (23:39 +0200)]
package/hiredis: bump to version 1.0.0
- Use cmake which is available since version 1.0.0 and
https://github.com/redis/hiredis/commit/
ead586a2cb7de8a17073a96704a4200d63a380e5
- Disable tests
- Add openssl optional dependency
https://github.com/redis/hiredis/blob/v1.0.0/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Sat, 29 Aug 2020 23:03:26 +0000 (01:03 +0200)]
package/subversion: bump to version 1.14.0
https://subversion.apache.org/docs/release-notes/1.14.html
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Heiko Thiery [Thu, 3 Sep 2020 08:49:55 +0000 (10:49 +0200)]
package/netopeer2: fix patch
Patch cannot be applied to bumped version anymore. So recreate on top of
current version.
Also change the patch numbering from 0003 -> 0001 since the others are
dropped due to version bump.
Fixes:
http://autobuild.buildroot.net/results/
ec58bc318e0e2fd46c16814a4011a4847090e696/
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Yann E. MORIN [Wed, 2 Sep 2020 21:21:57 +0000 (23:21 +0200)]
support/scripts: fix flake8 errors in cve-checker and pkg-stats
Note that one is silenced, rather than fixed: we indeed need to import
after we add the local directory to the modules search path.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fabrice Fontaine [Wed, 2 Sep 2020 20:09:26 +0000 (22:09 +0200)]
package/stress-ng: drop patch
Patch is already in version 0.11.17
Fixes:
- http://autobuild.buildroot.org/results/
3741e47ec8bfc594aa37ac33b7927e5b73183daf
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dagg Stompler [Fri, 17 Jul 2020 16:46:42 +0000 (19:46 +0300)]
configs/odroidc2: new defconfig
Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Dagg Stompler [Fri, 17 Jul 2020 16:46:41 +0000 (19:46 +0300)]
package/odroidc2-firmware: new package
The AmLogic Odroid C2 boards use an ATF version for which the source
code is not available. The mainline U-Boot documentation at
doc/board/amlogic/odroid-c2.rst details how to build a bootable U-Boot
image for this platform: it requires fetching the ATF binary files
from https://github.com/hardkernel/u-boot.git as well as a tool called
fip_create from the same repository.
This commit therefore implements a simple Buildroot package that
retrieves this repository, installs the firmware files, and
builds/installs the host fip_create utility.
This package really installs target images (firmware files) and one
host utility, so we had to take an arbitrary decision on whether it
should be a target package or a host package, and we've chosen to make
it a target package.
Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Arnout Vandecappelle (Essensium/Mind) [Wed, 2 Sep 2020 21:32:55 +0000 (23:32 +0200)]
manual: board support: add more of our expectations
The manual has a section on adding board support to upstream buildroot,
but it fails to mention some of the things we expect. Add more of them.
- Internal toolchain.
- Beautify defconfig file.
- Fixed versions for components.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
- use +monospace+ for the variables
- use _italic_ for sections in defconfig
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Angelo Compagnucci [Wed, 24 Jun 2020 20:43:46 +0000 (22:43 +0200)]
package/cups: Add udev rules to assign usb printers group to lp
This patch is based on patch from the rockchip tree:
commit
c8a337593660f27379c30248a11bf08dc8712113
Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date: Tue Nov 13 18:59:43 2018 +0800
package: cups: Add udev rules to assign usb printers' group to lp
Change-Id: Ieae17deaa7d3623e1f0e1cc826871f1719d98d88
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
but removes a hardcoded device usb vendor/id and keps only the usb
printer class.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Angelo Compagnucci [Wed, 24 Jun 2020 20:43:45 +0000 (22:43 +0200)]
package/cups: Add lp user as default cups user
This patch is a backport from the rockchip tree.
Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date: Tue Nov 13 18:25:34 2018 +0800
package: cups: Add lp user as default cups user
Change-Id: Ic7434fe0a7b41b86b5b8b097fa29dd9718e29aa5
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
User lp is necessary for running the cups spooler.
Groups lpadmin grants administrative privileges to users.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Suniel Mahesh [Sat, 29 Aug 2020 09:35:06 +0000 (15:05 +0530)]
configs/nanopc_t4: new defconfig
A defconfig for the friendlyarm nanopc-t4 was added in
c23895f06e0988319a1959764a402b57bc21ffaf, but then removed
in
8efd4463f78fd68c85b45cc0da347dfb805abb7e because an ARM32
compiler was needed to build ATF, and this was not supported
back then.
Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.
Following new changes are introduced in comparision with the
older changeset:
- updated readme
- GPT partition layout is being used
- update defconfig to build ATF
- bump u-boot to 2020.07
- bump linux to 5.8.2
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]
Suniel Mahesh [Sat, 29 Aug 2020 09:35:05 +0000 (15:05 +0530)]
configs/nanopi_m4: new defconfig
A defconfig for the friendlyarm nanopi-m4 was added in
493c3979a4def978a1137cf8543bf0de50d2615e, but then removed
in
a24bd8936f57a590f810e14d7828cf1bddce580e because an ARM32
compiler was needed to build ATF, and this was not supported
back then.
Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.
Following new changes are introduced in comparision with the
older changeset:
- readme updated
- GPT partition layout
- update defconfig to build ATF
- bump u-boot to 2020.07
- bump linux to 5.8.2
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]
Suniel Mahesh [Sat, 29 Aug 2020 09:35:04 +0000 (15:05 +0530)]
configs/orangepi_rk3399: new defconfig
Add initial support for Orangepi RK3399 target with below features:
- U-Boot 2020.07
- Linux 5.8.2
- Default packages from buildroot
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]
Suniel Mahesh [Sat, 29 Aug 2020 09:35:03 +0000 (15:05 +0530)]
configs/rockpro64: new defconfig
A defconfig for the rockpro64 was added in
59e1077b4ebe79622a454b0a8a840e4349a0440d, but then removed
in
10f49213b7e2837ae6ed63fc16fbdaa954ecd87f because an ARM32
compiler was needed to build ATF, and this was not supported
back then.
Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.
Following new changes are introduced in comparision with the
older changeset:
- renamed defconfig from pine64_rockpro64 to rockpro64
- updated readme
- using a GPT partition layout
- update defconfig to build ATF
- bump u-boot to 2020.07
- bump linux to 5.8.2
Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]
Peter Korsgaard [Wed, 2 Sep 2020 16:07:52 +0000 (18:07 +0200)]
Merge branch 'next'
A number of merge conflicts, but hopefully they are all sorted out now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 1 Sep 2020 21:05:41 +0000 (23:05 +0200)]
Kickoff 2020.11 cycle
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 1 Sep 2020 21:04:48 +0000 (23:04 +0200)]
docs/website/news.html: add 2020.08 announcement link
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 1 Sep 2020 20:38:36 +0000 (22:38 +0200)]
Update for 2020.08
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Yann E. MORIN [Sun, 30 Aug 2020 22:12:15 +0000 (00:12 +0200)]
core: make it possible to check flake8 like we check package
Move the code to run check-flake8 into the Makefile, like we have for
check-package, so that it is easy to run locally (and not wait for
someone to report a failure from their Gitlab pipelines).
Compared to the existing check from gitlab-ci.yml, the Makefile check
differs in this respect:
- don't explicitly find *.py files: they are supposed to also be found
as a result of running 'file' on them;
- use git ls-tree instead of find: this is supopsedly faster as it
uses the index rather than readdir();
- don't output the count of warnings or errors: the output is a single
integer, which is confusing when there are errors, and even more so
when there are no, when it is simply '0';
- don't sort: the output is already stable and independent from the
locale;
- don't report the number of processed files: this information is
rather useless, and getting a hold of it would be more challenging
in this new code.
Note: ideally, we would want to use --null, --zero, or similar options,
with utilities that generates or parses a files listing. While git
ls-tree and xargs do support it, it becomes a little bit tricky to use
the --print0 option of file, and then grep in that output (it is not
undoable, but would requires replacing grep+cut with some sed trickery).
Since we do not expect our scripts names to contain funky chars (like
\n or a colon), we just hand-wave away that issue (and the old code was
doing the same assumption too).
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Christian Stewart [Mon, 31 Aug 2020 01:07:54 +0000 (18:07 -0700)]
package/docker-cli: fix version ldflags
The variables for the "docker version" output are located at
$(DOCKER_CLI_GOMOD)/cli/version - correct the path to these in the ldflags to
fix the following "unknown" lines in "docker version" output:
Client:
Version: unknown-version
Git commit: unknown-commit
Built: unknown-buildtime
Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Sat, 29 Aug 2020 11:34:03 +0000 (13:34 +0200)]
package/x11r7/xserver_xorg-server: remove unmaintained versions 1.14.7 & 1.17.4
Upstream does not maintain these older versions anymore. Due to security
fixes not being backported to these versions anymore we remove these old
X server versions.
Move current patches from version-specific directory to package directory.
No legacy handling is added for the old versions, since it's simply a
version bump. THe old packages and features (AIGLX) that depend on the
old versions do have legacy handling.
Remove legacy handling for 1.19.*
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Sat, 29 Aug 2020 11:34:02 +0000 (13:34 +0200)]
package/amd-catalyst: remove package
Current X.org X server is incompatible with this driver.
We no longer support unmaintainted versions of X.org X server.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Bernd Kuhls [Sat, 29 Aug 2020 11:34:01 +0000 (13:34 +0200)]
package/nvidia-tegra23: remove package
Current X.org X server is incompatible with this driver.
We no longer support unmaintainted versions of X.org X server.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Gwenhael Goavec-Merou [Tue, 1 Sep 2020 09:37:28 +0000 (11:37 +0200)]
package/uhd: propagate toolchain bug 64735 dependency from boost-thread
boost-thread needs std::current_exception since version 1.71.0 and
https://github.com/boostorg/exception/commit/
386f5507cb8ec99c03ca535bea4f8bd61e0de910
std::current_exception depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 as a
result, uhd fails to build on:
In file included from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/error.h:74:0,
from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/types/metadata.h:12,
from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/lib/types/metadata_c.cpp:8:
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::__cxx11::string boost::current_exception_diagnostic_information(bool)':
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:54:26: error: 'current_exception' is not a member of 'std'
else if (auto* p=std::current_exception().__cxa_exception_type())
^
In file included from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/error.h:74:0,
from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/types/ranges.h:12,
from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/lib/types/ranges_c.cpp:8:
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::__cxx11::string boost::current_exception_diagnostic_information(bool)':
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:54:26: error: 'current_exception' is not a member of 'std'
else if (auto* p=std::current_exception().__cxa_exception_type())
So add a dependency to !BR2_TOOLCHAIN_HAS_GCC_BUG_64735
Fix:
- http://autobuild.buildroot.net/results/
0cdbf01df174648cf0dfb34d9506eb80570e99c0/
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Yann E. MORIN [Tue, 1 Sep 2020 07:19:03 +0000 (09:19 +0200)]
support/runttime-tests: fix openssh test
When it was applied, commit
243d500f8d3 (support/testing: add openssh
runtime test) was amended to not provide a NIC to the emulated machine,
as the test did not require access to the outer world: it only uses the
lo interface. Also, there was a discrepancy between the NIC name in the
Buildroot configuration, and the drivers available in our default kernel
image, making the boot hang for a while whaiting for a NIC that would
never come.
However, that tweak was tested locally with a qmeu version more recent
than the one available in our buidroot/base Docker image. As a
consequence, that test fails to run in gitlab-ci.
Revert to using the old way of specifying no network: it works on
gitlab-ci, and qemu versions in standard distros still support it.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Peter Korsgaard [Tue, 1 Sep 2020 19:06:20 +0000 (21:06 +0200)]
package/gobject-introspection: disable for riscv32
Fixes:
http://autobuild.buildroot.net/results/e32/
e323f43952b3863cedfdae765b3fb10ec6b8d889/
http://autobuild.buildroot.net/results/53e/
53e7b82baa9edb342cd110717d6b8ac82d5d933c/
And many more.
qemu-user 5.0.0 for riscv32 segfaults when running the g-i qemu wrapper, so
disable gobject-introspection. There are no autobuilder failures for next,
so it looks to be fixed in qemu 5.1.0.
As python-gobject and gst1-python select gobject-introspection, add a
BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS symbol they can depend on
rather than having to propagate the dependencies.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fabrice Fontaine [Tue, 1 Sep 2020 18:15:03 +0000 (20:15 +0200)]
package/mbedtls: security bump to version 2.16.8
Fix a "Local side channel attack on classical CBC decryption in (D)TLS"
a.k.a. CVE-2020-16150:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
as well as a "Local side channel attack on RSA and static
Diffie-Hellman" (no CVE):
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2
Also change MBEDTLS_SITE and retrieve hash provided by upstream
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Tue, 1 Sep 2020 14:22:22 +0000 (16:22 +0200)]
package/python-django: security bump to version 3.0.10
Fixes the following security issues:
CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+
On Python 3.7+, FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to
intermediate-level directories created in the process of uploading files and
to intermediate-level collected static directories when using the
collectstatic management command.
You should review and manually fix permissions on existing
intermediate-level directories.
CVE-2020-24584: Permission escalation in intermediate-level directories of
the file system cache on Python 3.7+
On Python 3.7+, the intermediate-level directories of the file system cache
had the system’s standard umask rather than 0o077 (no group or others
permissions).
https://docs.djangoproject.com/en/dev/releases/3.0.10/
In addition, 3.0.8..10 contains a number of bugfixes.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 31 Aug 2020 20:15:39 +0000 (22:15 +0200)]
package/ibm-sw-tpm2: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
8533d202fb29bf2a1677de37fc71f1a0fbd54722
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 31 Aug 2020 19:22:15 +0000 (21:22 +0200)]
package/graphite2: fix static install
Don't install an incorrect libtool file when building a static library
to fix the following build failure with harfbuzz:
arm-linux-g++.br_real: error: /home/buildroot/autobuild/run/instance-3/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgraphite2.so: No such file or directory
make[5]: *** [main] Error 1
Fixes:
- http://autobuild.buildroot.org/results/
9ebe1d11e80755d59190ef2aae82bbba5cc45e44
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Tue, 1 Sep 2020 06:47:56 +0000 (08:47 +0200)]
package/dhcp: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
82df44b20ba4ecfb8cf7d077247b3262647a572d
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 31 Aug 2020 20:07:27 +0000 (22:07 +0200)]
package/trousers: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
701e82a8f63e8b78c2db12bdeff9086d6e121b36
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Mon, 31 Aug 2020 19:57:44 +0000 (21:57 +0200)]
package/pixz: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
0c61743d4a022215317e57e35a00f0fa3d16ad62
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Lukasz Tekieli [Thu, 23 Jul 2020 17:19:17 +0000 (19:19 +0200)]
package/busybox: fix avahi-autoipd error message
When using a combination of udhcpc and avahi-autoipd in case of receiving IP
from a DHCP server, the following message can be seen:
"Failed to kill daemon: No such file or directory".
Add a check for a running avahi-autoipd to fix this issue.
Signed-off-by: Lukasz Tekieli <tekieli.lukasz@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 31 Aug 2020 14:00:35 +0000 (16:00 +0200)]
package/avahi: disable introspection
Fixes:
http://autobuild.buildroot.net/results/
b9bf7cea8be9231552a10e8ea828bf24394402ba/
Building with introspection (together with D-Bus) support currently fails.
Fixing it is not trivial, so explicitly disable introspection for now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 30 Aug 2020 21:40:42 +0000 (23:40 +0200)]
package/rtty: fix build with mbedtls but without zlib
zlib is not mandatory with mbedtls, only optional, however as mbedtls
does not provide a pkg-config file, we assume that if zlib is
available, we must link with it to avoid a build failure when linking
statically with a zlib-enabled mbedtls.
This change was pushed upstream with
https://github.com/zhaojh329/rtty/commit/
7b8efe11dbafce97971dc130bf6cc1756f34ce07
and is in buildroot since the bump to version 7.1.4 with commit
0c80245ddbe78c8e443f98b9bbccac56331cdb26.
However, this change will raise a build failure if ZLIB_LIBRARIES is
used when zlib is not found. This patch is fixing this build failure.
However, it should be noted that the compression support in mbedtls is
only enabled if BR2_PACKAGE_MBEDTLS_COMPRESSION=y. So we can have a
situation where mbedtls is enabled, zlib is enabled, but mbedtls is not
using zlib and as a result, since version 7.1.4, rttyt will needlessly
link with zlib in such a situation.
The only sane way to fix this is to use pkg-config, but as mbedtls
apparently doesn't provide any .pc file, we leave it as it is.
Fixes:
- http://autobuild.buildroot.org/results/
a0ebffe58bbf14cab74b7d2111d4d88a9c725273
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fabrice Fontaine [Sun, 30 Aug 2020 19:07:25 +0000 (21:07 +0200)]
package/am33x-cm3: fix build with gcc 10
Fixes:
- http://autobuild.buildroot.org/results/
a991e6efa012df518ff1bb35017ad2c96c8feedc
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard [Mon, 31 Aug 2020 06:58:41 +0000 (08:58 +0200)]
package/docker-cli: fix version info since move to 19.03.x
Upstream changed the variables used when outputting version / git commit
info in docker version since:
commit
04b5f44230162de40741acaa0f94c7af6f2fa1d5
Author: Ian Campbell <ijc@docker.com>
Date: Tue Jan 8 15:03:51 2019 +0000
Move versioning variables to a separate package.
This helps to avoid circular includes, by separating the pure data out from the
actual functionality in the cli subpackage, allowing other code which is
imported to access the data.
Signed-off-by: Ian Campbell <ijc@docker.com>
Upstream-commit:
20c19830a95455e8562551aad52c715ad0807cc6
Component: cli
Which is included in docker-cli 19.3.x - So adjust the _CLI_LDFLAGS to match
to get proper docker version output:
Client:
Version: 19.03.11
API version: 1.40
Go version: go1.13.14
Git commit: 19.03.11
vs:
Client:
Version: unknown-version
API version: 1.40
Go version: go1.13.14
Git commit: unknown-commit
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>