git.libre-soc.org Git - buildroot.git/log

support/testing: use TestPythonPackageBase for python-twisted

Move the test script to be run on the target from inline in the test
case to a separate file.

Get the base defconfig fragment from the immediate parent class and not
directly from TestPythonBase because it is the correct way of doing
this. This way the base class TestPythonTwisted could even be placed in
a separate file.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: use TestPythonPackageBase for python-incremental

Move the test script to be run on the target from inline in the test
case to a separate file.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: use TestPythonPackageBase for python-cryptography

Move the test script to be run on the target from inline in the test
case to a separate file.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: use TestPythonPackageBase for python-autobahn

Move the test script to be run on the target from inline in the test
case to a separate file.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: create default test case for python packages

Test cases for python packages are very similar among each other: run a
simple script in the target that minimally tests the package.
So create a new helper class named TestPythonPackageBase that holds all
the logic to run a script on the target.

TestPythonPackageBase adds in build time one or more sample scripts to
be run on the target. The test case for the python package must
explicitly list them in the "sample_scripts" property. The test case
then automatically logins to the target, checks the scripts are really
in the rootfs (it calls "md5sum" instead of "ls" or "test" in an attempt
to make the logfile more friendly, since someone analysing a failure can
easily check the expected script was executed) and then calls the python
interpreter passing the sample script as parameter.
An optional property "timeout" exists for the case the sample script
needs more time to run than the default timeout from the test infra
(currently 5 seconds).

A simple test case for a package that only supports Python 2 will look
like this:

|from tests.package.test_python import TestPythonPackageBase
|
|
|class TestPythonPy2<Package>(TestPythonPackageBase):
|    __test__ = True
|    config = TestPythonPackageBase.config + \
|        """
|        BR2_PACKAGE_PYTHON=y
|        BR2_PACKAGE_PYTHON_<PACKAGE>=y
|        """
|    sample_scripts = ["tests/package/sample_python_<package>.py"]
|    timeout = 15

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-aiodns: new package

Simple DNS resolver for asyncio.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-pycares: new package

Python interface for c-ares.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libcurl: Don't need --without-(ssl/gnutls/nss/mbedtls) twice

Remove the --without-* options from the yes side of the TLS libraries
selection checks.

Since the --without-* option is now specified when the corresponding TLS
library is not being used, it's no longer necessary when enabling a TLS
library to explicity list all the other TLS libs that curl should not
use.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ipset: bump to version 7.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ethtool: bump to version 4.19

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

iucode-tool: rewrite init script

- Indent with tabs.
- Use a function for start.
- Pass "-q" to iucode_tool to inhibit usual output that would otherwise
interfere with the operation status report.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
[Peter: drop dummy function with sed invocation not compatible with busybox]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

iucode-tool: bump to version 2.3.1

Brings several fixes and enhancements. Check the change log at

https://gitlab.com/iucode-tool/iucode-tool/raw/v2.3.1/ChangeLog

Tested on an equipment with Intel C3000 processor.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

intel-microcode: bump to version 20180807a

The big "intel-microcode.dat" text file is gone. Only binary files are
provided, in the "intel-ucode" directory. Install it at /lib/firmware/,
like linux-firmware does, and update the iucode-tool init script to use
that path.

We don't install the microcode under "intel-ucode-with-caveats", since
it needs special commits in the Linux kernel (see "relnotes" for more
information).

Tested on an equipment with Intel C3000 processor.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: enable MICROCODE_INTEL if intel-microcode is selected

We already turn on kernel features for several packages, so let's do it
for intel-microcode too, otherwise it's impossible to load the microcode
(by means of iucode-tools).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libcurl: Allow selection of TLS package libcurl will use

Instead of defaulting to OpenSSL, allow selection of package to use
through a choice in libcurl's config.  The default will be to select the
first enabled TLS provider in the same preference order as is used now,
i.e. no change from current behavior.

Some of the alternative libraries have advantages over OpenSSL in
certain areas.

For example, gnutls has vastly superior PKCS11 support.  One can use
client TLS private keys by supplying a PKCS11 URI instead of a private
key file name.  The TLS server cert trust store can be a PKCS11 URI,
e.g. configure libcurl with a ca-bundle of "pkcs11:model=p11-kit-trust".
Now server certs can be stored in a software and/or hardware HSM(s).
This doesn't work with OpenSSL.

However, some software only supports OpenSSL for TLS or other crypto
functions.  So it might be necessary to enable OpenSSL for that reason.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
[Peter: add BR2_PACKAGE_LIBCURL_TLS_SUPPORT and use it to hide choice &
comment, explitly pass --without-foo if option is not enabled,
only do .pc fixup if BR2_PACKAGE_LIBCURL_OPENSSL is enabled]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libmicrohttpd: bump to version 0.9.60

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libkrb5: bump to version 1.16.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

trace-cmd: bump to version 2.7

Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

trace-cmd: fix site

Replace $(BR2_KERNEL_MIRROR) by https://git.kernel.org/pub, which
fixes the download of this package:

>>> trace-cmd trace-cmd-v2.6.1 Downloading
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
Removing it and starting afresh.
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
This is the second time in a row; bailing out
--2018-11-11 21:08:00-- http://sources.buildroot.net/trace-cmd/trace-cmd-trace-cmd-v2.6.1.tar.gz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.210.19, 104.25.211.19, 2606:4700:20::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.210.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1859835 (1.8M) [application/x-gtar-compressed]

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

util-linux: bump to version 2.33

- Update "basic set" help to include the new "choom" utility.
- Re-generate checksums for license files, whose names now follow the
  SPDX License List.
- Pull a patch already applied upstream that make rtcwake use poweroff
  if shutdown is not found (e.g. Busybox, which the default init system
  on Buldroot).
- Pull a patch already submitted upstream to fix the output of escaped
  characters by agetty.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2018.11-rc1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES: add additional resolved issues since 2018.08

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES: add recent changes

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libmpdclient: bump to version 2.16

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mpd-mpc: bump to version 0.31

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mpd: bump to version 0.20.23

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/meson: bump to version 0.47.2

Note, that there is already a patch [1] to bump the version to 0.48.1.
However, the bump to version 0.48.x has some unresolved issues.

In the meantime, until the issue with 0.48 is resolved, bump to latest
version of the 0.47 branch.

[1] http://patchwork.ozlabs.org/patch/986260/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

valgrind: disable for mips64r6/mips64elr6

Fixes [1]:

  /tmp/ccBAUqbI.s: Assembler messages:
  /tmp/ccBAUqbI.s:622: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'
  /tmp/ccBAUqbI.s:2607: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'

[1] http://autobuild.buildroot.net/results/dc52088222e9fbedcebffc1c39be6d2fecfffe5d

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-mwclient: bump version to 0.9.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libffi: bump to version 3.3-rc0

- Update site to github (for the time being, as 3.3-rc0 is a release
  candidate, it is not published on the official ftp)
- Update third patch
- Remove fourth and fifth patches (already in version)
- Remove uneeded hooks, as public headers are now installed in the
  standard path since
  https://github.com/libffi/libffi/commit/982b89c01aca99c7bc229914fc1521f96930919b
- New risc-v support:
  https://github.com/libffi/libffi/commit/3840d49aaa831d649b1597518a2903dfed0d57f3

Fixes:
- http://autobuild.buildroot.org/results/3edf66362ea5a83291f19373e4b6f2e5cce98d7b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sconeserver: bump version

https://github.com/sconemad/sconeserver/commit/6b932d7d8dbb700b830205e7111e469cefff490c
adds support for OpenSSL 1.1

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain/toolchain-buildroot: enable glibc for all little-endian ARCs with atomic ops

Initially we had a port only for ARCv2 cores but then with a simple
change ARCompact cores got supported as well.

So we generalize from BR2_archs to BR2_arcle as we haven't tried to
get glibc working on big-endian ARCs yet.

Also we never bothered to check avaialbility of atomic instructions in
the core but in case of Glibc for ARC this is really a must, so we add
this check here.

Note in case of uClibc we may have system w/o HW atomics but:

1. Only single-core systems are allowed
2. Atomic instructions are emulated via arc_usr_cmpxchg syscall

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpiod: bump version to v1.2

Release notes:
https://git.kernel.org/pub/scm/libs/libgpiod/libgpiod.git/tree/NEWS?h=v1.2.x

Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

squid: security bump to version 4.4

Fixes SQUID-2018_4:

Due to incorrect input handling, Squid is vulnerable to a Cross-Site
Scripting vulnerability when generating HTTPS response messages about TLS
errors.

For more details, see the advisory:

http://www.squid-cache.org/Advisories/SQUID-2018_4.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libnfs: add patch to fix musl build issue

Add a patch to fix build issues with the musl C library.

This patch fixes an autobuild issue when linking the mpd package
against libnfs. The header file libnfs.h uses `struct timeval` which is
defined in `<sys/time.h>` for POSIX systems. Unfortunately, upstream
only includes it conditionally, based on the system. Therefore, we
remove the check in the first patch.

Reported upstream:
https://github.com/sahlberg/libnfs/issues/272

Fixes:
http://autobuild.buildroot.org/results/452/4522014698b9fe50720a71b663e47a75805bcf54
http://autobuild.buildroot.org/results/b0a/b0a0c20ad1705e9fa7ba4a12eb9c182e8077ab0c
http://autobuild.buildroot.org/results/53c/53c87361923cc177de7889523b3d16ba6b1d3d0f
.. and more.

Previous patch: Changes requested
http://patchwork.ozlabs.org/patch/973605/

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gcc: fix xtensa uclinux code generation

xtensa-uclinux uses bFLT executable file format that cannot relocate
fields representing offsets from data to code. C++ objects built as PIC
use offsets to encode FDE structures. As a result C++ exception handling
doesn't work correctly on xtensa-uclinux. Don't use PIC by default on
xtensa-uclinux.

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

attr: Add a patch to fix an unconditional infinite recursion

The bump to 2.4.48 introduced a bug that, according to the author,
only happen in certain cases on glibc. But under uclibc-ng, it happens
every time.

The bug essentially cause any program calling any libattr.so function
to enter an infinite recursion, because of a symbol conflict between
uclibc-ng and libattr wrappers, that causes the libattr wrappers to
call themselves.

This infinite recursion does not consume the stack, so programs
basically behave like they enter an infinite loop.

It is easy to reproduce with qemu_arm_versatile_defconfig +
BR2_PACKAGE_ATTR: "getfattr ." never returns and takes 100% CPU.

Upstream fixed it, but the patch is not part of a release yet,
so take the patch.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

nginx: security bump to 1.15.6

Fixes the following security issues:

CVE-2018-16843: Excessive memory usage in HTTP/2

CVE-2018-16844: Excessive CPU usage in HTTP/2

CVE-2018-16845: Memory disclosure in the ngx_http_mp4_module

Refreshed patch 0004 + 0007 as they no longer applied cleanly.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mosquitto: security bump to version 1.5.4

>From the announcement:

When using a TLS enabled websockets listener with require_certificate
enabled, the mosquitto broker does not correctly verify client certificates.
This is now fixed. All other security measures operate as expected, and in
particular non-websockets listeners are not affected by this.

https://mosquitto.org/blog/2018/11/version-154-released/

Drop patch 0001, now applied upstream:
https://github.com/eclipse/mosquitto/pull/933

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/testing/tests/fs/test_f2fs: fix flake8 warning

This commit fixes the following flake8 warnings:

support/testing/tests/fs/test_f2fs.py:6:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:12:1: E302 expected 2 blank lines, found 1
support/testing/tests/fs/test_f2fs.py:38:23: E225 missing whitespace around operator

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

.gitlab-ci.yml: update after addition of TestF2FS test case

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

twolame: fix static linking with libmagic

libmagic (from file package) already provides the buffer_init function
so to avoid a build failure for applications wanting to statically link
with twolame and libmagic (for example sox), rename buffer_init into
bitbuffer_init (also rename buffer_deinit into bitbuffer_deinit and
buffer_sstell into bitbuffer_sstell for consistency)

Fixes:
- http://autobuild.buildroot.org/results/b3fc62e7f372fe595966e84091c11ccdb4cfa77c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/php: bump version to 7.2.12

Changelog: http://www.php.net/ChangeLog-7.php#7.2.12

Rebased patch 0004 and updated license hash after white space removal:
https://github.com/php/php-src/commit/902d39a3a79c6efe93c8879575fdd5a759cf03de

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: bump version to 4.9.2

Release notes: https://www.samba.org/samba/history/samba-4.9.2.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

wireshark: disable build of user guide

--disable-guides has been added since version 2.5.0:
https://github.com/wireshark/wireshark/commit/aa04d2355effb1cf611831b0a260cf1aff199b9a

Fixes:
- http://autobuild.buildroot.org/results/5ae6d46573942713687f4e659b3eaf0b768ebc71

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ell: new package

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: fix Config.in comment dependencies, add DEVELOPERS entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: add test for the f2fs filesystem support

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: simplify overprovision option handling

Setting overprovision to 0 and omitting this option has exactly
the same effect.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of hot file extensions

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: clarify help messages

For BR2_TARGET_ROOTFS_F2FS_COLD_FILES clarify that extension list must
be a coma separated.

For BR2_TARGET_ROOTFS_F2FS_OVERPROVISION clarify that the default
overprovision ratio is autocalculated according to the partition size.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-crossbar: bump to version 18.11.1

Adjust patch to fit the new version.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-autobahn: bump to version 18.11.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/v4l2loopback: bump version to 0.12.0

Add license hash for COPYING file.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

go: bump to v1.11.2

Bumps Golang host-go compiler to 1.11.2 release.

Add hash for LICENSE.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add Christian Stewart for go

I am now maintaining / submitting regular patches for the Go toolchain as well.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

qt: disable static build for qt-zlib

Static build of applications using qt-zlib and zlib (such as mpv) will
fail because zlib and qt-zlib defines the same functions (inflateReset,
inflatePrime ...)

So add a dependency on !BR2_STATIC_LIBS on BR2_PACKAGE_QT_QTZLIB

Fixes:
- http://autobuild.buildroot.org/results/0be6e359d46a8a701006305c32b514687854b035

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

postgresql: security bump to version 11.1

Fixes the following security issue:

CVE-2018-16850: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER
... REFERENCING

For more details, see the advisory:

https://www.postgresql.org/about/news/1905/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-requests: bump to version 2.20.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/alsa-lib: update upstream status of patches

The remaining two patches have been submitted upstream for inclusion,
so let's update their upstream status.

While at it, I update @free-electrons.com to @bootlin.com in the first
patch.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/alsa-lib: drop patch 0002-alsa-lib-provide-dummy-definitions-of-RTLD_-if-neces.patch

The description of this patch was no longer correct: it no longer
provided dummy definitions of RTLD_* macros since commit
ccad7db515fa79d2331e4e949aafb32eca0b5214 ("alsa-lib: bump to version
1.1.6"). All it did is make two <dlfcn.h> inclusions optional.

However, this is no longer needed, since the alsa-lib code base
contains four inclusions of <dlfcn.h>, which are all properly handled:

- include/local.h, the include is guarded by #ifdef HAVE_LIBDL

- modules/mixer/simple/sbasedl.c, modules are only built if
   BUILD_MODULES is enabled, and BUILD_MODULES is only enabled if
   HAVE_LIBDL is enabled

- src/mixer/simple_abst.c, this file is only built if BUILD_MODULES
   is enabled, which itself is only enabled if HAVE_LIBDL is enabled

- src/pcm/pcm_meter.c, this file is only built if
   BUILD_PCM_PLUGIN_METER is enabled, and this is not enabled if
   HAVE_LIBDL is not enabled.

Conclusion: the patch can be dropped. The third patch is renumbered as
appropriate.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/alsa-utils: re-enable in BR2_STATIC_LIBS configuration

In commit 4707383c5d501a9ad7698579e5d0a4e2ab758c7e ("alsa-utils: needs
dynamic library support"), we added a !BR2_STATIC_LIBS dependency
because topology/topology.c was including <dlfcn.h>.

However, it turns out that this include is not needed/used at all, so
we can instead drop it, and re-enable the package in BR2_STATIC_LIBS
configuration.

This was discovered when analyzing why we have
package/alsa-lib/0003-alsa-lib-conditionally-enable-libdl-in-AM_PATH_ALSA-.patch. This
patch fixes the AM_PATH_ALSA autoconf macro, used by alsa-utils, so
that ALSA_LIBS doesn't carry the -ldl option, fixing static-linking
scenarios. This patch had become useless since alsa-utils was no
longer available in BR2_STATIC_LIBS configuration.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

fwts: Enable optional efi_runtime kernel module build

Firmware test suite does provides efi_runtime kernel module required
to run UEFI tests. So optionally enable this module build.

[Peter: fix -/_ in comment as suggested by Erico]
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-posix-ipc: enable also for python3

The python-posix-ipc package can be used both with python2 and python3.

Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

bdwgc: update bdw-gc.pc to fix link with guile

When bdw-gc is linked with libatomic_ops, bdw-gc.pc must contain the
needed libraries (such as -latomic_ops) otherwise build of applications
such as guile will fail on link stage:

.libs/libguile_2.0_la-posix.o: In function `scm_tmpnam':
posix.c:(.text+0x2080): warning: the use of `tmpnam' is dangerous, better use `mkstemp'
CCLD guile
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_fetch_compare_and_swap_emulation'
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_store_full_emulation'

So set ATOMIC_OPS_LIBS to -latomic_ops when a system atomic_ops library
is used and use ATOMIC_OPS_LIBS in bdw-gc.pc.in

Fixes:
- http://autobuild.buildroot.org/results/2b23d445e57a5e0f417f5cb9417b0a668bb7bf1c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

bind: security bump to version 9.11.5

Fixes the following security issues:

- CVE-2018-5738: Some versions of BIND can improperly permit recursive query
service to unauthorized clients

- CVE-2018-5740: A flaw in the "deny-answer-aliases" feature can cause an
INSIST assertion failure in named

For more details, see the release notes:

https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html

Drop patch 0003-Rename-ptrsize-to-ptr_size.patch as the uClibc-ng issue was
fixed upstream in commit 931fd627f6195 (mips: fix clashing symbols), which
is included in uclibc-1.0.12 (January 2016).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

DEVELOPERS: take aer-inject

Tiago is leaving the company and is unlikely to have access to the hardware
required to test the package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mmc-utils: add patch to fix build failure

Patch taken from:
- https://patchwork.kernel.org/patch/10654531/

Fixes:
- http://autobuild.buildroot.net/results/404bfbd095a7b80273391ea36ea81ba496164b80
- http://autobuild.buildroot.net/results/233ef5c00951b5be10a59408f4a8781ecc658d74
- http://autobuild.buildroot.net/results/eba3cf4ac21095bca5af2d5d1d69aca0c9098f9b

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

traceroute: fix 'no rule to make target -lm' error

Fix the following build error:

make[3]: *** No rule to make target '-lm', needed by 'traceroute'.

Fixes:
http://autobuild.buildroot.org/results/dde63672e1de1d4ba036331ab127ccc8ff044444
http://autobuild.buildroot.org/results/4efb67e6a29c3dd784676d30a1051f9f0c2a6c80
http://autobuild.buildroot.org/results/7ac23a3959aec22297695899c0f76dbbc4e114d3
And many more...

As explained by Arnout, this happens when host-make is built (E.G.  when
glibc is built on a machine with an old make version) because the traceroute
Makefiles have a target with a dependency on -lm, and make automatically will
look in make's $prefix/lib directory for libm.so / libm.a to satisfy this
dependency.  From the make info pages:

   When a prerequisite's name has the form '-lNAME', 'make' handles it
specially by searching for the file 'libNAME.so', and, if it is not
found, for the file 'libNAME.a' in the current directory, in directories
specified by matching 'vpath' search paths and the 'VPATH' search path,
and then in the directories '/lib', '/usr/lib', and 'PREFIX/lib'
(normally '/usr/local/lib', but MS-DOS/MS-Windows versions of 'make'
behave as if PREFIX is defined to be the root of the DJGPP installation
tree).

Our host-make is configured with prefix=$(HOST_DIR), and $(HOST_DIR)/lib
does not contain libm.so / libm.a, causing make to error out.

Work around it by pointing VPATH to $(STAGING_DIR)/usr/lib, so make will
find the (target) libm.so / libm.a.

[Peter: extend description based on Arnouts investigation]
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

wireshark: add snappy optional dependency

- Optional dependency to snappy has been added with version 2.4.0 and
https://github.com/wireshark/wireshark/commit/47649d1c7fb6ba48b805e19268a711404eb6908b
- Specify the path to found libssh as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: add lz4 optional dependency

- Optional dependency to lz4 has been added with version 2.4.0 and
https://github.com/wireshark/wireshark/commit/47649d1c7fb6ba48b805e19268a711404eb6908b
- Specify the path to found lz4 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: add bcg729 optional dependency

- Optional dependency to bcg729 has been added with version 2.5.0 and
https://github.com/wireshark/wireshark/commit/3e54cabf8193e6a8cd607b1671defb8b6800b53d
- Specify the path to found bcg729 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: add nghttp2 optional dependency

- Embedded nghttp2 code has been removed and an optional dependency to
nghttp2 has been added with version 2.4.0 and
https://github.com/wireshark/wireshark/commit/b1cc056b12702435f6ebdc6ba0a8e17a41e159a0
- Specify the path to found nghttp2 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: add libxml2 optional dependency

Optional dependency to libxml2 has been added with version 2.4.0 and
https://github.com/wireshark/wireshark/commit/cfab5ef035db7be8502623af203ab3494a9200e3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: bump to version 2.6.4

- Remove first patch (inet_pton test removed since version 2.5.0 and
  https://github.com/wireshark/wireshark/commit/12d63c428f973b1f7e04ad58d432d778e2035a9a)
- Remove second patch (already in version, since
  https://github.com/wireshark/wireshark/commit/3761ef378537f6a9e0424f7cbded7e7403ba425c)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
  https://github.com/wireshark/wireshark/commit/6b84ddee83e70aff944da084129624226b7a32fa
- geoip support has been replaced by maxminddb since version 2.5.0 and
  https://github.com/wireshark/wireshark/commit/a1da75c554881667dd92e11f098630f2d604872b
- Drop includedir "hack", this is not needed anymore and wireshark is
  now installing files in target. With this hack, build fails on:
  wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
  package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
         add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Config.in: security hardening: disable FORTIFY_SOURCE for gcc < 6

As reported in the bug report [1], gcc < 6 doesn't build when
FORTIFY_SOURCE is set to 1 or 2. The issue is related to the
upstream bug report [2] but the patch fixing the issue for gcc 6
has not been backported to earlier gcc versions.

Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1
and BR2_FORTIFY_SOURCE_2.

[1] https://bugs.busybox.net/show_bug.cgi?id=11476
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
[3] https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Peter: only limit for internal toolchain as suggested by Matthew]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ifupdown-script: send current hostname in DHCP request

For the default (BR2_SYSTEM_DHCP) /etc/network/interfaces handling.

Both the "big" and busybox ifupdown variants pass the hostname argument to
the DHCP client through the shell, so we can use $() to expand to the
current hostname value.

Notice that this may not be handled by all DHCP clients.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ngrep: fix static build

Commit 54eeb08d6498e54cc77e212e4f9873b579f76638 wrongly replaced
`$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs` by
"$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs"

Fixes:
- http://autobuild.buildroot.org/results/3dd8c768beef075494d6be7eff4cbb57b5ec8a41

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

webkitgtk: disable JIT usage on MIPS32 R6

Currently JavaScriptCore does not support JIT on MIPS32 R6, so remove
it from the list of supported architectures. Reported upstream:

https://bugs.webkit.org/show_bug.cgi?id=191258

This fixes the following autobuilder failure:

http://autobuild.buildroot.net/results/eeaf3edbf6f5bf468b10adc3d053f703c6ceba96/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ffmpeg: bump version to 3.4.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tor: bump version to 0.3.4.9

Release notes: https://blog.torproject.org/new-release-tor-0349

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ngrep: add optional dependency on libdnet

- Enable tcpkill based on libnet availability
- Add BSD-3-Clause for tcpkill, added in version 1.46 and
https://github.com/jpr5/ngrep/commit/f2a1f8b09194a8ab87787c1fdb60b968f5957c05

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ngrep: bump to version 1.47

- Switch site from sourceforge to github as there is no new releases on
  sourceforge and http://ngrep.sourceforge.net/ is redirected to
  https://github.com/jpr5/ngrep/
- Remove first patch, not needed since version 1.46 and
  https://github.com/jpr5/ngrep/commit/997c9d81d34d3a6646e6c5e363645015e644b3de
  as this commit added the support for system pcre
- Remove second patch, not needed since version 1.46 and
  https://github.com/jpr5/ngrep/commit/2d8fd9ac7ef1ac6947f738f6005e7b533654f331
- Remove third patch and LIBS=-lpcap -lpcre, not needed since 1.46 and
  https://github.com/jpr5/ngrep/commit/cca6e3121f2d80dd32a5a33dead9495fe40eed70
- LICENSE.txt has been renamed to LICENSE since version 1.47 and
  https://github.com/jpr5/ngrep/commit/3cb4c580a9de4afe11c2c17b0f354b59b74ae974
- Add an upstream patch to fix --enable-pcre: keep pcre as a mandatory
  dependency as this is the current behavior in version 1.45. PCRE will
  made optional in an other patch
- Remove --with-pcre which is not recognized anymore
- Add two other patches to fix --disable-tcpkill
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libssh2: fix static linking scenarios involving mbedtls

curl can be statically linked with mbedtls, in this case build will fail
on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by -lmbedcrypto

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "package/libssh2: fix static linking scenarios involving mbedtls"

This reverts commit 48218732a3a7b983825ff3a8cf0767f847ac8d04 because
LTLIBMBEDCRYPTO will return "-lmbedcrypto
-R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib"

On some compilers, -R option won't be recognized and this will prevent
the detection of libz:

configure:17809: /accts/mlweber1/scripts/instance-3/output/host/bin/i586-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/include conftest.c /accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib/libz.so -Wl,-rpath -Wl,/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -L/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -lmbedcrypto -R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib >&5
i586-linux-gcc.br_real: error: unrecognized command line option '-R'; did you mean '-R'?

Fixes:
- http://autobuild.buildroot.org/results/68623f22b49473177c889fe7b12625d779cbd1ed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: disable SSP support if CFI support in binutils is missing

As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.

In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.

So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.

BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y

While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)

With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.

When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"

The test is doing the following command line:

echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]

When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?

When we look at the gcc-initial log file (config.log) we can see an
error with 'as':

configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as    -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
    .text
    .cfi_startproc
    .cfi_offset 0, 0
    .cfi_same_value 1
    .cfi_def_cfa 1, 2
    .cfi_escape 1, 2, 3, 4, 5
    .cfi_endproc

This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).

"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).

The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.

The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.

This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option

Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.

Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389

[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php: add support for PostgreSQL (non-PDO)

Needed for example for phppgadmin.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add missing BR2_USE_WCHAR dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: bump to version 2.8.4

Fix a segfault in auditd when dns resolution isn't available. Additional
changes since 2.8.2 can be seen at

http://people.redhat.com/sgrubb/audit/ChangeLog

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: enable CONFIG_AUDIT if the audit package is selected

We already turn on kernel features for several packages, so let's do it
for audit too, since the daemon is useless and fails to load otherwise.

Notice that we also turn NET on, since AUDIT depends on NET, like we do
for the wireguard package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: ensure that it starts after the logging daemon

audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: fix audispd path in auditd.conf

audispd is installed at /usr/sbin but the configuration file pointed
to /sbin, causing auditd to fail on startup.

This patch cannot be sent upstream because audispd does not exist
anymore on the master branch (it was merged to auditd).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libssh2: fix static linking scenarios involving mbedtls

curl can be statically linked with mbedtls, in this case build will
fail on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by $LTLIBMBEDCRYPTO as suggested by Thomas
during review of https://patchwork.ozlabs.org/patch/989339

Fixes:
- http://autobuild.buildroot.org/results/dc7810d5d5c62658837cdd2faae6fe3390f968a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xdriver_xf86-video-geode: add upstream commits to fix build errors

Fixes
http://autobuild.buildroot.net/results/a9b/a9baf6ecf147f336021edda20bb091b8aa071209/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add libkrb5 optional dependency

Specify the path to found libkrb5 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libv4l: disable clang

For the time being, disable clang that is used to build BPF (in-kernel
bytecode machine) protocols.
Indeed, if an old version of clang is found on the host, it could be
used to build object files with a "None" architecture which will be
rejected by support/scripts/check-bin-arch

Fixes:
- http://autobuild.buildroot.org/results/c18fb7f1ac81496db9c3a4e91ea028a26ca600b0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

uboot: bump to version 2018.09

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs/Config.in: remove consecutive empty lines

This fixes the following check-package warning:

fs/f2fs/Config.in:51: consecutive empty lines

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add entry for fs/f2fs/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of filesystem features

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define discard policy

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define overprovision ratio

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz, reworded
Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>