buildroot.git
5 years agopackage/refpolicy: smaller monolithic policy
Antoine Tenart [Fri, 31 Jul 2020 10:10:29 +0000 (12:10 +0200)]
package/refpolicy: smaller monolithic policy

The refpolicy is configured to use a monolithic build, compiling all the
available modules (whether they're 'base' or 'modules' ones) in the
binary policy. The result is a quite big SELinux policy, with a lot more
rules than what would be needed in a Buildroot image.

Refactor the refpolicy build configuration to enable less modules by
default. To achieve this, all the modules marked as being part of the
'base' policy are kept but all the modules marked as being only
'modules' are disabled. Then a static list of modules (in addition to
the already selected 'base' ones) are enabled. The result is a much
smaller refpolicy: tests showed a reduction of the binary policy from
2.4M to 249K (~90% smaller).

This minimal set of SELinux modules should allow to boot a system in
enforcing mode in the future. It currently does not work, not because
extra modules are needed, but because of required changes within the
selected modules.

This patch would break backward compatibility as the refpolicy will no
longer have all the modules provided by the project, but only those
selected. This should not be an issue as this configuration was not
suitable directly for a real system. Modifications had to be done. If we
still find out later that this is an issue for someone, we'll have the
ability to mimic what was done previously thanks to other mechanisms
(such as providing the upstream policy as a "custom" policy location).

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agofs/common.mk: move down ROOTFS_REPRODUCIBLE for consistency
Antoine Tenart [Fri, 31 Jul 2020 10:10:28 +0000 (12:10 +0200)]
fs/common.mk: move down ROOTFS_REPRODUCIBLE for consistency

This patch is cosmetic and moves down ROOTFS_REPRODUCIBLE for
consistency.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agofs/common.mk: set SELinux file security contexts
Antoine Tenart [Fri, 31 Jul 2020 10:10:27 +0000 (12:10 +0200)]
fs/common.mk: set SELinux file security contexts

Set the SELinux file security contexts using setfiles when generating
root filesystem images.

Without such security contexts created at build time, they need to be
setup at first boot by running the restorecon utility on the target.
This has two drawbacks:

 - You have to special case the first boot, which cannot be done in
   enforcing mode, and will have to run restorecon, then reboot.

 - You cannot support read-only filesystems.

By setting up the security contexts at build time, we can have a
filesystem image that is immediately ready to boot an SELinux system
in enforcing mode, including if the root filesystem is read-only.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/e2fsprogs: set xattrs for the root dir as well
Antoine Tenart [Fri, 31 Jul 2020 10:10:26 +0000 (12:10 +0200)]
package/e2fsprogs: set xattrs for the root dir as well

The mke2fs binary copies the xattrs of the source directory when
creating an image, but this logic did not include the root directory of
the resulting image. A patch was sent upstream to fix this. Include the
patch in Buildroot to allow creating SELinux ready images at build time.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ethtool: bump version to 5.8
Heiko Thiery [Sun, 30 Aug 2020 18:23:18 +0000 (20:23 +0200)]
package/ethtool: bump version to 5.8

Release notes: https://lwn.net/Articles/828044/

- remove patch that is in new version

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/mg: new package
Joachim Wiberg [Tue, 1 Sep 2020 05:38:59 +0000 (07:38 +0200)]
package/mg: new package

Mg is a small Emacs-like editor with no external dependencies except a
standard C library.  It weighs in at 130 kiB and is one of a select few
completely free (public domain) text editors suitable for small and
embedded systems.

This version is based on the OpenBSD Mg, but with more features, one of
which being the no-ncurses/termcap support, which heavily reduces the
impact on a resource constrained system.

Upstream: https://github.com/troglobit/mg/

Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/perl-net-dns: bump to version 1.26
Francois Perrad [Wed, 2 Sep 2020 15:08:36 +0000 (17:08 +0200)]
package/perl-net-dns: bump to version 1.26

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/minidlna: fix build with gcc 10
Fabrice Fontaine [Tue, 1 Sep 2020 21:00:17 +0000 (23:00 +0200)]
package/minidlna: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/8754bb4f7d749f999d5f8ddfec587470ceec4476

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/spdlog: bump to version 1.8.0
Asaf Kahlon [Thu, 3 Sep 2020 22:15:57 +0000 (01:15 +0300)]
package/spdlog: bump to version 1.8.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/python-scapy: bump to version 2.4.4
Asaf Kahlon [Thu, 3 Sep 2020 22:15:56 +0000 (01:15 +0300)]
package/python-scapy: bump to version 2.4.4

And use two space for hash file indentation.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/collectd: bump to version 5.12.0
Asaf Kahlon [Thu, 3 Sep 2020 22:15:55 +0000 (01:15 +0300)]
package/collectd: bump to version 5.12.0

And drop patch (already in version).

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/{mesa3d, mesa3d-headers}: bump version to 20.1.7
Bernd Kuhls [Thu, 3 Sep 2020 19:34:07 +0000 (21:34 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 20.1.7

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lua-utf8:bump to version 0.1.3
Francois Perrad [Wed, 2 Sep 2020 15:08:18 +0000 (17:08 +0200)]
package/lua-utf8:bump to version 0.1.3

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lua-testmore: bump to version 0.3.5
Francois Perrad [Wed, 2 Sep 2020 15:08:17 +0000 (17:08 +0200)]
package/lua-testmore: bump to version 0.3.5

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lua-std-normalize: bump to version 2.0.3
Francois Perrad [Wed, 2 Sep 2020 15:08:16 +0000 (17:08 +0200)]
package/lua-std-normalize: bump to version 2.0.3

diff LICENSE.md:
- Copyright (C) 2002-2018 normalize authors
+ Copyright (C) 2002-2020 normalize authors

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lua-compat53: bump to version 0.8
Francois Perrad [Wed, 2 Sep 2020 15:08:15 +0000 (17:08 +0200)]
package/lua-compat53: bump to version 0.8

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/lua-bit32: bump to version 5.3.5
Francois Perrad [Wed, 2 Sep 2020 15:08:14 +0000 (17:08 +0200)]
package/lua-bit32: bump to version 5.3.5

diff LICENSE:
- Copyright (c) 2013 Hisham Muhammad
+ Copyright (c) 2015 Kepler Project.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/argparse: bump to version 0.7.1
Francois Perrad [Wed, 2 Sep 2020 15:08:13 +0000 (17:08 +0200)]
package/argparse: bump to version 0.7.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/uclibc: bump version to 1.0.35
Petr Vorel [Thu, 3 Sep 2020 15:57:27 +0000 (17:57 +0200)]
package/uclibc: bump version to 1.0.35

Drop patch from this release.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/graphicsmagick: new package
Grzegorz Blach [Mon, 31 Aug 2020 20:15:31 +0000 (22:15 +0200)]
package/graphicsmagick: new package

GraphicsMagick is the swiss army knife of image processing.
It provides a robust and efficient collection of tools
and libraries which support reading, writing,
and manipulating an image in over 89 major formats
including important formats like DPX, GIF, JPEG, JPEG-2000,
PNG, PDF, PNM, TIFF, and WebP.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/qemu_riscv32_virt: use Linux 5.4 kernel
Alistair Francis [Mon, 31 Aug 2020 23:20:51 +0000 (16:20 -0700)]
configs/qemu_riscv32_virt: use Linux 5.4 kernel

Now that RISC-V 32-bit (RV32) support has been merged into mainline
glibc, we can use the Linux 5.4 kernel.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/glibc: use upstream glibc for RISC-V 32-bit
Alistair Francis [Thu, 3 Sep 2020 21:45:05 +0000 (23:45 +0200)]
package/glibc: use upstream glibc for RISC-V 32-bit

Until glibc 2.33 gets released, we use the current 2.32 master branch.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agolinux: add support for ZSTD compression
Paul Cercueil [Tue, 1 Sep 2020 13:48:49 +0000 (15:48 +0200)]
linux: add support for ZSTD compression

Add support for creating self-extractible kernels compressed with ZSTD.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/bison: bump to 3.7.1
Thomas Claveirole [Thu, 3 Sep 2020 11:01:12 +0000 (13:01 +0200)]
package/bison: bump to 3.7.1

Release notes:
https://lists.gnu.org/archive/html/info-gnu/2020-08/msg00000.html

Tested using utils/test-pkg with toolchain br-arm-full on the
following reverse-dependencies: bash at dtc host-dtc.  Also tested
using a custom toolchain and configuration on: conntrack-tools
iproute2 libnl libpcap libtasn1.

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/php-xdebug: new package
Nicolas Carrier [Fri, 25 Oct 2019 18:22:49 +0000 (18:22 +0000)]
package/php-xdebug: new package

Extension for PHP to assist with debugging and development.

Signed-off-by: Nicolas Carrier <nicolas.carrier@orolia.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/iputils: use relative symlink for ping6
Thomas Petazzoni [Thu, 3 Sep 2020 19:48:27 +0000 (21:48 +0200)]
package/iputils: use relative symlink for ping6

This was initially commit 84d471a0b150bc2ff1d08755d36be86d9380c2c5,
but it got mistakenly reverted by
95b0078cc089b48be8973b9507599cc836397869, so let's restore it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/iputils: add config options to select which binaries to build/install
Alejandro González [Sun, 15 Sep 2019 10:05:46 +0000 (12:05 +0200)]
package/iputils: add config options to select which binaries to build/install

By default, the iputils build script might build binaries which are
useless for certain applications, like tftpd or ninfod. Those binaries
will add to the target filesystem size unless a post-build script removes
them manually, which is cumbersome and doesn't shorten build times.

In particular, in a certain aarch64 Buildroot project with musl selected
as a C library, this patch allowed to shrink the full iputils package from
219 KiB (if every option is selected) to 63 KiB (with only the ping
binary selected) - a 71.2% relative size decrease.

Moreover, upstream recently introduced a commit that disabled tftpd from
building by default, like rarpd. In the current state of things, this change
will introduce inconveniences for Buildroot users which prefer to use the
tftpd implementation provided by this package. With this patch, however, that
decision and similar future ones won't be a concern, because they will
have complete control of what binaries are built.

These changes add Kconfig options which let the user select what
binaries are built with ease.

Signed-off-by: Alejandro González <alejandro.gonzalez.correo@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/perl-type-tiny: bump to version 1.010005
Francois Perrad [Wed, 2 Sep 2020 15:08:38 +0000 (17:08 +0200)]
package/perl-type-tiny: bump to version 1.010005

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl-posix-strftime-compiler: bump to version 0.44
Francois Perrad [Wed, 2 Sep 2020 15:08:37 +0000 (17:08 +0200)]
package/perl-posix-strftime-compiler: bump to version 0.44

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl-mail-dkim: bump to version 1.20200824
Francois Perrad [Wed, 2 Sep 2020 15:08:35 +0000 (17:08 +0200)]
package/perl-mail-dkim: bump to version 1.20200824

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl-libwww-perl: bump to version 6.47
Francois Perrad [Wed, 2 Sep 2020 15:08:34 +0000 (17:08 +0200)]
package/perl-libwww-perl: bump to version 6.47

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl-http-entity-parser: bump to version 0.24
Francois Perrad [Wed, 2 Sep 2020 15:08:33 +0000 (17:08 +0200)]
package/perl-http-entity-parser: bump to version 0.24

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/perl-html-parser: bump to version 3.75
Francois Perrad [Wed, 2 Sep 2020 15:08:32 +0000 (17:08 +0200)]
package/perl-html-parser: bump to version 3.75

now, license has its own file

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agoconfigs/pcengines_apu2: new defconfig
Danilo Bargen [Sat, 5 Oct 2019 00:40:23 +0000 (02:40 +0200)]
configs/pcengines_apu2: new defconfig

The apu2 by PC Engines is a 64 bit single board computer with coreboot
BIOS. It only has serial output, but no graphics chip. With its 2–4
ethernet ports, it is often used to build a firewall or router.

The provided defconfig configures busybox and isolinux. It will output
a hybrid ISO image that can be written to a USB stick or burned to a
CD.

Configuration based on a blogpost by Tony Arkles:

http://www.better-bsp.com/blog/2017/03/02/buildrooting-for-apu2/

Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/spandsp: needs jpeg support in tiff package
Bernd Kuhls [Thu, 3 Sep 2020 05:32:48 +0000 (07:32 +0200)]
package/spandsp: needs jpeg support in tiff package

Since upstream commit https://github.com/freeswitch/spandsp/commit/
be0bce3dbc4b33f92e8da985900104b857259d02#diff-67e997bcfdac55191033d57a16d1408aR550,
jpeg support is needed in the fiff package.

This issue appeared with the bump of spandsp to 3.0 in commit
36c983bfa543de89ab8c9374a860d2fdf8a2fb87.

Fixes:
http://autobuild.buildroot.net/results/f5e/f5efa4aeef661670403111074b9397da47167d07/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/wolfssl: disable examples and tests
Fabrice Fontaine [Wed, 2 Sep 2020 20:43:10 +0000 (22:43 +0200)]
package/wolfssl: disable examples and tests

Examples and tests are not needed especially because of them fails on
some architectures because it wrongly tries to use wc_Sha256FinalRaw:

  CCLD     tests/unit.test
/tmp/instance-0/output-1/host/opt/ext-toolchain/bin/../lib/gcc/aarch64-none-linux-gnu/9.2.1/../../../../aarch64-none-linux-gnu/bin/ld: tests/tests_unit_test-api.o: in function `test_wc_Sha256FinalRaw':
/tmp/instance-0/output-1/build/wolfssl-4.5.0-stable/tests/api.c:6504: undefined reference to `wc_Sha256FinalRaw'

Fixes:
 - http://autobuild.buildroot.org/results/d5b6f97f7510874fe28c675e599be08cb8a78c7b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/alsa-utils: fix install if directories exist
John Keeping [Thu, 3 Sep 2020 13:35:33 +0000 (14:35 +0100)]
package/alsa-utils: fix install if directories exist

"mkdir" (without "-p") fails if the target directory exists, which means
that if alsa-utils is being reinstalled or if other files have
previously been installed in the alsa-state.d or alsa-restore.d
directories the installation will fail.

Switch to "$(INSTALL) -d" which allows us to be explicit about the
permissions and handles the case of a pre-existing directory correctly.

Signed-off-by: John Keeping <john@metanate.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ntp: base sysv script on current template
Simon Rowe [Tue, 5 Nov 2019 12:24:11 +0000 (12:24 +0000)]
package/ntp: base sysv script on current template

Signed-off-by: Simon Rowe <simon.rowe@citrix.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/hiredis: bump to version 1.0.0
Fabrice Fontaine [Sat, 29 Aug 2020 21:39:16 +0000 (23:39 +0200)]
package/hiredis: bump to version 1.0.0

- Use cmake which is available since version 1.0.0 and
  https://github.com/redis/hiredis/commit/ead586a2cb7de8a17073a96704a4200d63a380e5
- Disable tests
- Add openssl optional dependency

https://github.com/redis/hiredis/blob/v1.0.0/CHANGELOG.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/subversion: bump to version 1.14.0
Fabrice Fontaine [Sat, 29 Aug 2020 23:03:26 +0000 (01:03 +0200)]
package/subversion: bump to version 1.14.0

https://subversion.apache.org/docs/release-notes/1.14.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/netopeer2: fix patch
Heiko Thiery [Thu, 3 Sep 2020 08:49:55 +0000 (10:49 +0200)]
package/netopeer2: fix patch

Patch cannot be applied to bumped version anymore. So recreate on top of
current version.

Also change the patch numbering from 0003 -> 0001 since the others are
dropped due to version bump.

Fixes:
http://autobuild.buildroot.net/results/ec58bc318e0e2fd46c16814a4011a4847090e696/

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agosupport/scripts: fix flake8 errors in cve-checker and pkg-stats
Yann E. MORIN [Wed, 2 Sep 2020 21:21:57 +0000 (23:21 +0200)]
support/scripts: fix flake8 errors in cve-checker and pkg-stats

Note that one is silenced, rather than fixed: we indeed need to import
after we add the local directory to the modules search path.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/stress-ng: drop patch
Fabrice Fontaine [Wed, 2 Sep 2020 20:09:26 +0000 (22:09 +0200)]
package/stress-ng: drop patch

Patch is already in version 0.11.17

Fixes:
 - http://autobuild.buildroot.org/results/3741e47ec8bfc594aa37ac33b7927e5b73183daf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agoconfigs/odroidc2: new defconfig
Dagg Stompler [Fri, 17 Jul 2020 16:46:42 +0000 (19:46 +0300)]
configs/odroidc2: new defconfig

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/odroidc2-firmware: new package
Dagg Stompler [Fri, 17 Jul 2020 16:46:41 +0000 (19:46 +0300)]
package/odroidc2-firmware: new package

The AmLogic Odroid C2 boards use an ATF version for which the source
code is not available. The mainline U-Boot documentation at
doc/board/amlogic/odroid-c2.rst details how to build a bootable U-Boot
image for this platform: it requires fetching the ATF binary files
from https://github.com/hardkernel/u-boot.git as well as a tool called
fip_create from the same repository.

This commit therefore implements a simple Buildroot package that
retrieves this repository, installs the firmware files, and
builds/installs the host fip_create utility.

This package really installs target images (firmware files) and one
host utility, so we had to take an arbitrary decision on whether it
should be a target package or a host package, and we've chosen to make
it a target package.

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agomanual: board support: add more of our expectations
Arnout Vandecappelle (Essensium/Mind) [Wed, 2 Sep 2020 21:32:55 +0000 (23:32 +0200)]
manual: board support: add more of our expectations

The manual has a section on adding board support to upstream buildroot,
but it fails to mention some of the things we expect. Add more of them.

- Internal toolchain.
- Beautify defconfig file.
- Fixed versions for components.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Adam Duskett <Aduskett@gmail.com>
Reviewed-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - use +monospace+ for the variables
  - use _italic_ for sections in defconfig
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/cups: Add udev rules to assign usb printers group to lp
Angelo Compagnucci [Wed, 24 Jun 2020 20:43:46 +0000 (22:43 +0200)]
package/cups: Add udev rules to assign usb printers group to lp

This patch is based on patch from the rockchip tree:

commit c8a337593660f27379c30248a11bf08dc8712113
Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date:   Tue Nov 13 18:59:43 2018 +0800

    package: cups: Add udev rules to assign usb printers' group to lp

    Change-Id: Ieae17deaa7d3623e1f0e1cc826871f1719d98d88
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
but removes a hardcoded device usb vendor/id and keps only the usb
printer class.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Michael Trimarchi <michael@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/cups: Add lp user as default cups user
Angelo Compagnucci [Wed, 24 Jun 2020 20:43:45 +0000 (22:43 +0200)]
package/cups: Add lp user as default cups user

This patch is a backport from the rockchip tree.

Author: Jeffy Chen <jeffy.chen@rock-chips.com>
Date:   Tue Nov 13 18:25:34 2018 +0800

    package: cups: Add lp user as default cups user

    Change-Id: Ic7434fe0a7b41b86b5b8b097fa29dd9718e29aa5
Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
User lp is necessary for running the cups spooler.
Groups lpadmin grants administrative privileges to users.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agoconfigs/nanopc_t4: new defconfig
Suniel Mahesh [Sat, 29 Aug 2020 09:35:06 +0000 (15:05 +0530)]
configs/nanopc_t4: new defconfig

A defconfig for the friendlyarm nanopc-t4 was added in
c23895f06e0988319a1959764a402b57bc21ffaf, but then removed
in 8efd4463f78fd68c85b45cc0da347dfb805abb7e because an ARM32
compiler was needed to build ATF, and this was not supported
back then.

Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.

Following new changes are introduced in comparision with the
older changeset:

- updated readme
- GPT partition layout is being used
- update defconfig to build ATF
- bump u-boot to 2020.07
- bump linux to 5.8.2

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]

5 years agoconfigs/nanopi_m4: new defconfig
Suniel Mahesh [Sat, 29 Aug 2020 09:35:05 +0000 (15:05 +0530)]
configs/nanopi_m4: new defconfig

A defconfig for the friendlyarm nanopi-m4 was added in
493c3979a4def978a1137cf8543bf0de50d2615e, but then removed
in a24bd8936f57a590f810e14d7828cf1bddce580e because an ARM32
compiler was needed to build ATF, and this was not supported
back then.

Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.

Following new changes are introduced in comparision with the
older changeset:
        - readme updated
        - GPT partition layout
        - update defconfig to build ATF
        - bump u-boot to 2020.07
        - bump linux to 5.8.2

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]

5 years agoconfigs/orangepi_rk3399: new defconfig
Suniel Mahesh [Sat, 29 Aug 2020 09:35:04 +0000 (15:05 +0530)]
configs/orangepi_rk3399: new defconfig

Add initial support for Orangepi RK3399 target with below features:

  - U-Boot 2020.07
  - Linux 5.8.2
  - Default packages from buildroot

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]

5 years agoconfigs/rockpro64: new defconfig
Suniel Mahesh [Sat, 29 Aug 2020 09:35:03 +0000 (15:05 +0530)]
configs/rockpro64: new defconfig

A defconfig for the rockpro64 was added in
59e1077b4ebe79622a454b0a8a840e4349a0440d, but then removed
in 10f49213b7e2837ae6ed63fc16fbdaa954ecd87f because an ARM32
compiler was needed to build ATF, and this was not supported
back then.

Now, since package/arm-gnu-a-toolchain/ has been added, this
defconfig can be re-introduced.

Following new changes are introduced in comparision with the
older changeset:

    - renamed defconfig from pine64_rockpro64 to rockpro64
    - updated readme
    - using a GPT partition layout
    - update defconfig to build ATF
    - bump u-boot to 2020.07
    - bump linux to 5.8.2

Signed-off-by: Suniel Mahesh <sunil@amarulasolutions.com>
Reviewed-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: fixate U-Boot version; remove blind BR2_TARGET_UBOOT_NEEDS_PYTHON]

5 years agoMerge branch 'next'
Peter Korsgaard [Wed, 2 Sep 2020 16:07:52 +0000 (18:07 +0200)]
Merge branch 'next'

A number of merge conflicts, but hopefully they are all sorted out now.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoKickoff 2020.11 cycle
Peter Korsgaard [Tue, 1 Sep 2020 21:05:41 +0000 (23:05 +0200)]
Kickoff 2020.11 cycle

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agodocs/website/news.html: add 2020.08 announcement link
Peter Korsgaard [Tue, 1 Sep 2020 21:04:48 +0000 (23:04 +0200)]
docs/website/news.html: add 2020.08 announcement link

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agoUpdate for 2020.08
Peter Korsgaard [Tue, 1 Sep 2020 20:38:36 +0000 (22:38 +0200)]
Update for 2020.08

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agocore: make it possible to check flake8 like we check package
Yann E. MORIN [Sun, 30 Aug 2020 22:12:15 +0000 (00:12 +0200)]
core: make it possible to check flake8 like we check package

Move the code to run check-flake8 into the Makefile, like we have for
check-package, so that it is easy to run locally (and not wait for
someone to report a failure from their Gitlab pipelines).

Compared to the existing check from gitlab-ci.yml, the Makefile check
differs in this respect:

  - don't explicitly find *.py files: they are supposed to also be found
    as a result of running 'file' on them;

  - use git ls-tree instead of find: this is supopsedly faster as it
    uses the index rather than readdir();

  - don't output the count of warnings or errors: the output is a single
    integer, which is confusing when there are errors, and even more so
    when there are no, when it is simply '0';

  - don't sort: the output is already stable and independent from the
    locale;

  - don't report the number of processed files: this information is
    rather useless, and getting a hold of it would be more challenging
    in this new code.

Note: ideally, we would want to use --null, --zero, or similar options,
with utilities that generates or parses a files listing.  While git
ls-tree and xargs do support it, it becomes a little bit tricky to use
the --print0 option of file, and then grep in that output (it is not
undoable, but would requires replacing grep+cut with some sed trickery).
Since we do not expect our scripts names to contain funky chars (like
\n or a colon), we just hand-wave away that issue (and the old code was
doing the same assumption too).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/docker-cli: fix version ldflags
Christian Stewart [Mon, 31 Aug 2020 01:07:54 +0000 (18:07 -0700)]
package/docker-cli: fix version ldflags

The variables for the "docker version" output are located at
$(DOCKER_CLI_GOMOD)/cli/version - correct the path to these in the ldflags to
fix the following "unknown" lines in "docker version" output:

Client:
 Version:           unknown-version
 Git commit:        unknown-commit
 Built:             unknown-buildtime

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/x11r7/xserver_xorg-server: remove unmaintained versions 1.14.7 & 1.17.4
Bernd Kuhls [Sat, 29 Aug 2020 11:34:03 +0000 (13:34 +0200)]
package/x11r7/xserver_xorg-server: remove unmaintained versions 1.14.7 & 1.17.4

Upstream does not maintain these older versions anymore. Due to security
fixes not being backported to these versions anymore we remove these old
X server versions.

Move current patches from version-specific directory to package directory.

No legacy handling is added for the old versions, since it's simply a
version bump. THe old packages and features (AIGLX) that depend on the
old versions do have legacy handling.

Remove legacy handling for 1.19.*

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/amd-catalyst: remove package
Bernd Kuhls [Sat, 29 Aug 2020 11:34:02 +0000 (13:34 +0200)]
package/amd-catalyst: remove package

Current X.org X server is incompatible with this driver.

We no longer support unmaintainted versions of X.org X server.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/nvidia-tegra23: remove package
Bernd Kuhls [Sat, 29 Aug 2020 11:34:01 +0000 (13:34 +0200)]
package/nvidia-tegra23: remove package

Current X.org X server is incompatible with this driver.

We no longer support unmaintainted versions of X.org X server.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/uhd: propagate toolchain bug 64735 dependency from boost-thread
Gwenhael Goavec-Merou [Tue, 1 Sep 2020 09:37:28 +0000 (11:37 +0200)]
package/uhd: propagate toolchain bug 64735 dependency from boost-thread

boost-thread needs std::current_exception since version 1.71.0 and
https://github.com/boostorg/exception/commit/386f5507cb8ec99c03ca535bea4f8bd61e0de910

std::current_exception depends on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735 as a
result, uhd fails to build on:
In file included from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/error.h:74:0,
                 from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/types/metadata.h:12,
                 from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/lib/types/metadata_c.cpp:8:
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::__cxx11::string boost::current_exception_diagnostic_information(bool)':
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:54:26: error: 'current_exception' is not a member of 'std'
         else if (auto* p=std::current_exception().__cxa_exception_type())
                          ^
In file included from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/error.h:74:0,
                 from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/include/uhd/types/ranges.h:12,
                 from /home/buildroot/autobuild/run/instance-2/output-1/build/uhd-3.15.0.0/host/lib/types/ranges_c.cpp:8:
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp: In function 'std::__cxx11::string boost::current_exception_diagnostic_information(bool)':
/home/buildroot/autobuild/run/instance-2/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/include/boost/exception/diagnostic_information.hpp:54:26: error: 'current_exception' is not a member of 'std'
         else if (auto* p=std::current_exception().__cxa_exception_type())

So add a dependency to !BR2_TOOLCHAIN_HAS_GCC_BUG_64735

Fix:
 - http://autobuild.buildroot.net/results/0cdbf01df174648cf0dfb34d9506eb80570e99c0/

Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agosupport/runttime-tests: fix openssh test
Yann E. MORIN [Tue, 1 Sep 2020 07:19:03 +0000 (09:19 +0200)]
support/runttime-tests: fix openssh test

When it was applied, commit 243d500f8d3 (support/testing: add openssh
runtime test) was amended to not provide a NIC to the emulated machine,
as the test did not require access to the outer world: it only uses the
lo interface. Also, there was a discrepancy between the NIC name in the
Buildroot configuration, and the drivers available in our default kernel
image, making the boot hang for a while whaiting for a NIC that would
never come.

However, that tweak was tested locally with a qmeu version more recent
than the one available in our buidroot/base Docker image. As a
consequence, that test fails to run in gitlab-ci.

Revert to using the old way of specifying no network: it works on
gitlab-ci, and qemu versions in standard distros still support it.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/gobject-introspection: disable for riscv32
Peter Korsgaard [Tue, 1 Sep 2020 19:06:20 +0000 (21:06 +0200)]
package/gobject-introspection: disable for riscv32

Fixes:
http://autobuild.buildroot.net/results/e32/e323f43952b3863cedfdae765b3fb10ec6b8d889/
http://autobuild.buildroot.net/results/53e/53e7b82baa9edb342cd110717d6b8ac82d5d933c/

And many more.

qemu-user 5.0.0 for riscv32 segfaults when running the g-i qemu wrapper, so
disable gobject-introspection.  There are no autobuilder failures for next,
so it looks to be fixed in qemu 5.1.0.

As python-gobject and gst1-python select gobject-introspection, add a
BR2_PACKAGE_GOBJECT_INTROSPECTION_ARCH_SUPPORTS symbol they can depend on
rather than having to propagate the dependencies.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/mbedtls: security bump to version 2.16.8
Fabrice Fontaine [Tue, 1 Sep 2020 18:15:03 +0000 (20:15 +0200)]
package/mbedtls: security bump to version 2.16.8

Fix a "Local side channel attack on classical CBC decryption in (D)TLS"
a.k.a. CVE-2020-16150:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1

as well as a "Local side channel attack on RSA and static
Diffie-Hellman" (no CVE):
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2

Also change MBEDTLS_SITE and retrieve hash provided by upstream

https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/python-django: security bump to version 3.0.10
Peter Korsgaard [Tue, 1 Sep 2020 14:22:22 +0000 (16:22 +0200)]
package/python-django: security bump to version 3.0.10

Fixes the following security issues:

CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+
On Python 3.7+, FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to
intermediate-level directories created in the process of uploading files and
to intermediate-level collected static directories when using the
collectstatic management command.

You should review and manually fix permissions on existing
intermediate-level directories.

CVE-2020-24584: Permission escalation in intermediate-level directories of
the file system cache on Python 3.7+
On Python 3.7+, the intermediate-level directories of the file system cache
had the system’s standard umask rather than 0o077 (no group or others
permissions).

https://docs.djangoproject.com/en/dev/releases/3.0.10/

In addition, 3.0.8..10 contains a number of bugfixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/ibm-sw-tpm2: fix build with gcc 10
Fabrice Fontaine [Mon, 31 Aug 2020 20:15:39 +0000 (22:15 +0200)]
package/ibm-sw-tpm2: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/8533d202fb29bf2a1677de37fc71f1a0fbd54722

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/graphite2: fix static install
Fabrice Fontaine [Mon, 31 Aug 2020 19:22:15 +0000 (21:22 +0200)]
package/graphite2: fix static install

Don't install an incorrect libtool file when building a static library
to fix the following build failure with harfbuzz:

arm-linux-g++.br_real: error: /home/buildroot/autobuild/run/instance-3/output-1/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libgraphite2.so: No such file or directory
make[5]: *** [main] Error 1

Fixes:
 - http://autobuild.buildroot.org/results/9ebe1d11e80755d59190ef2aae82bbba5cc45e44

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/dhcp: fix build with gcc 10
Fabrice Fontaine [Tue, 1 Sep 2020 06:47:56 +0000 (08:47 +0200)]
package/dhcp: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/82df44b20ba4ecfb8cf7d077247b3262647a572d

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/trousers: fix build with gcc 10
Fabrice Fontaine [Mon, 31 Aug 2020 20:07:27 +0000 (22:07 +0200)]
package/trousers: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/701e82a8f63e8b78c2db12bdeff9086d6e121b36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/pixz: fix build with gcc 10
Fabrice Fontaine [Mon, 31 Aug 2020 19:57:44 +0000 (21:57 +0200)]
package/pixz: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/0c61743d4a022215317e57e35a00f0fa3d16ad62

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/busybox: fix avahi-autoipd error message
Lukasz Tekieli [Thu, 23 Jul 2020 17:19:17 +0000 (19:19 +0200)]
package/busybox: fix avahi-autoipd error message

When using a combination of udhcpc and avahi-autoipd in case of receiving IP
from a DHCP server, the following message can be seen:
"Failed to kill daemon: No such file or directory".
Add a check for a running avahi-autoipd to fix this issue.

Signed-off-by: Lukasz Tekieli <tekieli.lukasz@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/avahi: disable introspection
Peter Korsgaard [Mon, 31 Aug 2020 14:00:35 +0000 (16:00 +0200)]
package/avahi: disable introspection

Fixes:
http://autobuild.buildroot.net/results/b9bf7cea8be9231552a10e8ea828bf24394402ba/

Building with introspection (together with D-Bus) support currently fails.
Fixing it is not trivial, so explicitly disable introspection for now.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/rtty: fix build with mbedtls but without zlib
Fabrice Fontaine [Sun, 30 Aug 2020 21:40:42 +0000 (23:40 +0200)]
package/rtty: fix build with mbedtls but without zlib

zlib is not mandatory with mbedtls, only optional, however as mbedtls
does not provide a pkg-config file, we assume that if zlib is
available, we must link with it to avoid a build failure when linking
statically with a zlib-enabled mbedtls.

This change was pushed upstream with
https://github.com/zhaojh329/rtty/commit/7b8efe11dbafce97971dc130bf6cc1756f34ce07
and is in buildroot since the bump to version 7.1.4 with commit
0c80245ddbe78c8e443f98b9bbccac56331cdb26.
However, this change will raise a build failure if ZLIB_LIBRARIES is
used when zlib is not found. This patch is fixing this build failure.

However, it should be noted that the compression support in mbedtls is
only enabled if BR2_PACKAGE_MBEDTLS_COMPRESSION=y. So we can have a
situation where mbedtls is enabled, zlib is enabled, but mbedtls is not
using zlib and as a result, since version 7.1.4, rttyt will needlessly
link with zlib in such a situation.

The only sane way to fix this is to use pkg-config, but as mbedtls
apparently doesn't provide any .pc file, we leave it as it is.

Fixes:
 - http://autobuild.buildroot.org/results/a0ebffe58bbf14cab74b7d2111d4d88a9c725273

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/am33x-cm3: fix build with gcc 10
Fabrice Fontaine [Sun, 30 Aug 2020 19:07:25 +0000 (21:07 +0200)]
package/am33x-cm3: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/a991e6efa012df518ff1bb35017ad2c96c8feedc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/docker-cli: fix version info since move to 19.03.x
Peter Korsgaard [Mon, 31 Aug 2020 06:58:41 +0000 (08:58 +0200)]
package/docker-cli: fix version info since move to 19.03.x

Upstream changed the variables used when outputting version / git commit
info in docker version since:

 commit 04b5f44230162de40741acaa0f94c7af6f2fa1d5
 Author: Ian Campbell <ijc@docker.com>
 Date:   Tue Jan 8 15:03:51 2019 +0000

    Move versioning variables to a separate package.

    This helps to avoid circular includes, by separating the pure data out from the
    actual functionality in the cli subpackage, allowing other code which is
    imported to access the data.

Signed-off-by: Ian Campbell <ijc@docker.com>
    Upstream-commit: 20c19830a95455e8562551aad52c715ad0807cc6
    Component: cli

Which is included in docker-cli 19.3.x - So adjust the _CLI_LDFLAGS to match
to get proper docker version output:

Client:
 Version:           19.03.11
 API version:       1.40
 Go version:        go1.13.14
 Git commit:        19.03.11

vs:

Client:
 Version:           unknown-version
 API version:       1.40
 Go version:        go1.13.14
 Git commit:        unknown-commit

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/paho-mqtt-c: bump to version 1.3.5
Julien Grossholtz [Mon, 31 Aug 2020 07:25:11 +0000 (09:25 +0200)]
package/paho-mqtt-c: bump to version 1.3.5

This is a paho-mqtt-c maintainace release. It fixes some memory leaks as
well as a potential deadlock:

https://github.com/eclipse/paho.mqtt.c/milestone/8?closed=1

Signed-off-by: Julien Grossholtz <julien.grossholtz@openest.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/libeXosip2: fix typos in help text
Iulian Onofrei [Sun, 30 Aug 2020 21:26:37 +0000 (00:26 +0300)]
package/libeXosip2: fix typos in help text

Signed-off-by: Iulian Onofrei <iulian.onofrei@yahoo.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
5 years agopackage/nvidia-driver: fix typos in comments
Iulian Onofrei [Sun, 30 Aug 2020 21:26:38 +0000 (00:26 +0300)]
package/nvidia-driver: fix typos in comments

Signed-off-by: Iulian Onofrei <iulian.onofrei@yahoo.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/stress-ng: add upstream patch to fix build failure for getresuid32
Bernd Kuhls [Sat, 29 Aug 2020 19:32:07 +0000 (21:32 +0200)]
package/stress-ng: add upstream patch to fix build failure for getresuid32

Fixes:
http://autobuild.buildroot.net/results/f13/f13d85dfec371c38229bca988cd4bffa4cb97ae5/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/imagemagick: (security) bump to version 7.0.10-28
Fabrice Fontaine [Sun, 30 Aug 2020 11:58:13 +0000 (13:58 +0200)]
package/imagemagick: (security) bump to version 7.0.10-28

- Fix CVE-2019-17547: In ImageMagick before 7.0.8-62, TraceBezier in
  MagickCore/draw.c has a use-after-free.
- Fix CVE-2019-18853: ImageMagick before 7.0.9-0 allows remote attackers
  to cause a denial of service because XML_PARSE_HUGE is not properly
  restricted in coders/svg.c, related to SVG and libxml2.
- Update hash of LICENSE file (update in year with
  https://github.com/ImageMagick/ImageMagick/commit/f775a5cf27a95c42bb6d19b50f4869db265fdaa9)
- Update indentation in hash file (two spaces)
- Switch to github helper - it has always been an autogenerated archive.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: use github helper]

5 years agopackage/pkg-kconfig: quote HOSTCC_NOCCACHE
Yann E. MORIN [Sat, 29 Aug 2020 20:42:52 +0000 (22:42 +0200)]
package/pkg-kconfig: quote HOSTCC_NOCCACHE

HOSTCC may contain spaces, so needs to be quoted.

Most of the places where it is already quoted use double-quotes, so we
use that.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/menu-cache: fix build with gcc 10
Fabrice Fontaine [Sun, 30 Aug 2020 08:08:56 +0000 (10:08 +0200)]
package/menu-cache: fix build with gcc 10

Fixes:
 - http://autobuild.buildroot.org/results/a97825f3c3e6245f8d1c2eb0cdb079f5dd6f1b47

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/graphite2: security bump to version 1.3.14
Fabrice Fontaine [Sat, 29 Aug 2020 17:25:41 +0000 (19:25 +0200)]
package/graphite2: security bump to version 1.3.14

- Switch site to github, here is an extract of
  https://sourceforge.net/projects/silgraphite:
  "This project has been deprecated. Graphite2, a new version of the
  Graphite engine, is available at: https://github.com/silnrsi/graphite
  with its own bug tracker."
- graphite2 can be built statically since version 1.3.11 and
  https://github.com/silnrsi/graphite/commit/2f143c04da5caa43ddf4dba437b2f2bc26bf4238
- Update indentation in hash file (two spaces)

Extract from ChangeLog:

1.3.14
    . Bug fixes
    . Allow features to be hidden (for aliases)
    . Move to python3
    . Rename doc files from .txt to .asc

1.3.13
    . Resolve minor spacing issue in rtl non-overlap kerning
    . python3 for graphite.py
    . Better fuzzing
    . Better building on windows

1.3.12
    . Graphite no longer does dumb rendering for fonts with no smarts
    . Segment caching code removed. Anything attempting to use the segment cache gets given a regular face instead
    . Add libfuzzer support
    . Builds now require C++11
    . Improvements to Windows 64 bit builds
    . Support different versions of python including 32 bit and python 3
    . Various minor bug fixes

1.3.11
    . Fixes due to security review
    . Minor collision avoidance fixes
    . Fix LZ4 decompressor against high compression

The fixes due to security review are a little bit vague, a quick search
on github seems to indicate that those issues could be related to
segcache which has been removed since version 1.3.12:
https://github.com/silnrsi/graphite/search?q=security&type=Issues
https://github.com/silnrsi/graphite/commit/b0f77e4a9dc50a888f74e904000a2486b2fc5527

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackages/{eudev, systemd}: move common users to package/udev
Carlos Santos [Wed, 30 Oct 2019 13:27:59 +0000 (10:27 -0300)]
packages/{eudev, systemd}: move common users to package/udev

Use UDEV_USERS, now that it's suported by virtual packages.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackages/luainterpreter: remove target-finalize hack
Carlos Santos [Wed, 30 Oct 2019 13:27:58 +0000 (10:27 -0300)]
packages/luainterpreter: remove target-finalize hack

Use LUAINTERPRETER_TARGET_FINALIZE_HOOKS, now that it's suported by
virtual packages.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: don't remove relevant comment]

5 years agopackage/pkg-generic.mk: support hooks and tables in virtual packages
Carlos Santos [Wed, 30 Oct 2019 13:27:57 +0000 (10:27 -0300)]
package/pkg-generic.mk: support hooks and tables in virtual packages

Virtual packages are not built but it's useful to allow them to have
permission/device/user tables and target-finalize/rootfs-pre-cmd hooks.

With this change we don't need to duplicate data as currently done in
eudev and systemd user tables, or test if the package is selected to add
a target-finalize hook as in luainterpreter.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agouredir: remove default value of _SOURCE variable
Arnout Vandecappelle (Essensium/Mind) [Sun, 30 Aug 2020 15:17:53 +0000 (17:17 +0200)]
uredir: remove default value of _SOURCE variable

As reported by check-package.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agoutil-linux: organize libcap-ng dependency like the others
Arnout Vandecappelle (Essensium/Mind) [Sun, 30 Aug 2020 14:07:03 +0000 (16:07 +0200)]
util-linux: organize libcap-ng dependency like the others

Reformat the dependency on libcap-ng same as other dependencies: in one
line, preceded by a comment that it is used only by setpriv.

This also makes it clear why it's not included in util-linux-libs.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agoutil-linux: rename UTIL_LINUX_LIBS -> UTIL_LINUX_LINK_LIBS
Arnout Vandecappelle (Essensium/Mind) [Sun, 30 Aug 2020 14:00:41 +0000 (16:00 +0200)]
util-linux: rename UTIL_LINUX_LIBS -> UTIL_LINUX_LINK_LIBS

There was a private variable UTIL_LINUX_LIBS that is used by the
util-linux package. With the addition of the util-linux-libs package,
this is a bit confusing. Therefore, rename the variable to
UTIL_LINUX_LINK_LIBS.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/util-linux: build programs and libraries in separate packages
Carlos Santos [Sun, 29 Sep 2019 14:01:35 +0000 (11:01 -0300)]
package/util-linux: build programs and libraries in separate packages

The different tools and libraries in util-linux have a lot of optional
dependencies. When we want to support those optional dependencies, we
can easily generate dependency cycles. For instance, findmount and lsblk
need udev to work correctly, but eudev and systemd both depend libblkid,
which comes from util-linux.

Normal distros (e.g. Debian) solve this by first building a minimal
package that has no dependencies at all, then build the packages that
depend on util-linux, and finally rebuild util-linux with all bells and
whistles. Solve it in Buildroot by means of the following changes:

- Split util-linux into two packages:
  - util-linux-libs, providing lib{blkid,fdisk,mount,smartcols,uuid}.
  - util-linux, providing both the aforementioned libs and the programs.
- Add a blind selection for util-linux-libs, i.e. it is indirectly
  selected according to the util-linux options.
- Make host and target util-linux have a build dependencies on the -libs
  packages.
- Make eudev and systemd have build dependencies on util-linux-libs.
  This can be extended to other packages in the future but is not needed
  right now because the configuration options are backward-compatible.
- Make util-linux have an optional build dependency on the package that
  provides libudev (either eudev or systemd), if it is selected.

Installing util-linux overrides files installed by util-linux-libs but
this is not a problem: it's allowed for a package to overwrite files
from another package, as long as there is a dependency between the two.

util-linux-libs has a Config.in symbol for the package as a whole, but
not for the individual libraries: it simply reuses the symbols of the
full package.

The build dependency of util-linux on util-linux-libs ensures that
util-linux overwrites the files installed by util-linux-libs and not
vice versa. In practice this dependency shouldn't be needed: the only
reason for util-linux-libs to be built is to break a circular
dependency. In that case, there is already a transitive dependency of
util-linux on util-linux-libs, so adding it explicitly is redundant.
Still, better safe than sorry.

host-util-linux-libs is not needed at the moment. It can be added if we
have a dependency cycle problem later.

With this approach we don't need to patch configuration files neither
change packages other than eudev and systemd.

Other packages that require util-linux libraries and whose libraries may
be used by util-linux programs can be updated later. We also don't need
to change any existing defconfig, since all configuration options are
kept in the util-linux package.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=11811
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
5 years agopackage/meson-tools: new package
Dagg Stompler [Fri, 17 Jul 2020 16:46:40 +0000 (19:46 +0300)]
package/meson-tools: new package

Add meson-tools for handling of amlogic boards boot firmware
signature.

Signed-off-by: Dagg Stompler <daggs@gmx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/udisks/udisks.mk: fix alphabetic ordering of dependencies
Adam Duskett [Sat, 25 Jul 2020 23:06:17 +0000 (16:06 -0700)]
package/udisks/udisks.mk: fix alphabetic ordering of dependencies

This patch makes the upcoming udisks2 version bump patch easier to
read, and also fixes the udisks.mk, so it follows Buildroot's package
guidelines.

Host packages are placed on top of the dependency list, followed by
target dependencies.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/udisks/Config.in: fix alphabetic ordering of selects
Adam Duskett [Sat, 25 Jul 2020 23:06:16 +0000 (16:06 -0700)]
package/udisks/Config.in: fix alphabetic ordering of selects

This patch makes the upcoming udisks2 version bump patch easier to
read, and also fixes the Config.in, so it follows Buildroot's package
guidelines.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/ncmpc: bump to version 0.39
Fabrice Fontaine [Sat, 29 Aug 2020 21:10:53 +0000 (23:10 +0200)]
package/ncmpc: bump to version 0.39

https://raw.githubusercontent.com/MusicPlayerDaemon/ncmpc/v0.39/NEWS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/uclibc: use HOSTCC_NOCCACHE as kconfig HOSTCC
Yann E. MORIN [Sat, 29 Aug 2020 20:37:20 +0000 (22:37 +0200)]
package/uclibc: use HOSTCC_NOCCACHE as kconfig HOSTCC

uclibc is part of the toolchain, and as such does not have a dependency
on it. As a consequence, it does not have a dependency on host-ccache,
when this is needed.

Usually, host-ccache is built before uclibc, as part of the dependency
of gcc-initial, host-binutils, and a few other host packages that are
built before uclibc.

However, during top-level parallel builds, this ordering is only ever
guaranteed at the beginning of the configure step, and not before.

But for kconfig-packages, the moment we apply the configuration to
prepare the .config file is a pseudo step that happens somewhere in
limbo between the patch step and the configure step. As such, the
build ordering that is otherwise guaranteed by the _DEPENDENCIES is not
applicable yet.

And so, with top-level parallel builds with ccache enabled, there is
nothing that guarantees host-ccache to be built and installed by the
time we are trying to generate uclibc's .config file, which can be quite
early in the build process, and thus the build fails:

    /home/raphael/github/ftcommunity-TXT/buildroot-rootfs/output/per-package/uclibc/host/bin/ccache /usr/bin/gcc /home/raphael/github/ftcommunity-TXT/buildroot-rootfs/output/build/uclibc-1.0.34/extra/config/conf.c  -c -o ../../extra/config/conf.o -Os -I/usr/include/ncursesw -DCURSES_LOC="<curses.h>"  -DNCURSES_WIDECHAR=1 -DLOCALE -DKBUILD_NO_NLS -DCONFIG_='""'   -I/usr/include/ncursesw -DCURSES_LOC="<curses.h>"  -DNCURSES_WIDECHAR=1 -DLOCALE -DKBUILD_NO_NLS -DCONFIG_='""'
    /bin/sh: 1: /home/raphael/github/ftcommunity-TXT/buildroot-rootfs/output/per-package/uclibc/host/bin/ccache: not found
    make[2]: *** [Makefile:64: ../../extra/config/conf.o] Error 127
    make[1]: *** [Makefile.in:475: extra/config/conf] Error 2
    make[1]: Leaving directory '/home/raphael/github/ftcommunity-TXT/buildroot-rootfs/output/build/uclibc-1.0.34'
    make: *** [package/uclibc/uclibc.mk:458: /home/raphael/github/ftcommunity-TXT/buildroot-rootfs/output/build/uclibc-1.0.34/.stamp_dotconfig] Error 2
    make: *** Waiting for unfinished jobs....

The root cause is that uclibc sets;

    UCLIBC_KCONFIG_OPTS = $(UCLIBC_MAKE_FLAGS) [...]

with:

    UCLIBC_MAKE_FLAGS = [...] HOSTCC="$(HOSTCC)"

And then the kconfig-package infra calls to the configurators,
menuconfig, xconfig et al, but also olddefconfig et al.. with:

    [...] $($(1)_MAKE) [...] $(PKG_KCONFIG_COMMON_OPTS) $($(1)_KCONFIG_OPTS) [...]

with (note a latent bug in there, will be fixed in another patch):

    PKG_KCONFIG_COMMON_OPTS = HOSTCC=$(HOSTCC_NOCCACHE)

So, a HOSTCC as set by a package will always win onver the one set by
the infra, which is exactly what we want.

But in this case, uclibc sets HOSTCC so that it can build its host tools
needed during the build, and in doing so uses the ccache-enabled host c
compiler. Which might not yet be available for the kconfig-package infra
to generate the .config file.

We had a similar (non-)issue for the linux package, which was fixed in
commit 71a31b2357 (linux: use HOSTCC_NOCCACHE as kconfig HOSTCC).

But here, uclibc does not have the toolchain in its dependencies (as said
earlier, uclibc *is* part of the toolchain).

Since the host compiler is only used to build very few files to generate
the simple executable needed to generate the .config file, doing without
the ccache-enabled host compiler will be amply enough.

So, we override HOSTCC in UCLIBC_KCONFIG_OPTS, to use the non-cached
host compiler.

Note that, in a first approximation, one would be tempted to change the
ordering in the kconfig-package infra:

        $($(1)_KCONFIG_OPTS) $(PKG_KCONFIG_COMMON_OPTS)

so that the non-cached HOSTCC always wins over the cached one. But this
would be incorrect, in cases where the package really needs to override
HOSTCC; indeed we want the package-provided values to always win over
the default ones providing by the infra.

Reported-by: Raphael Jacob <r.jacob2002@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
5 years agopackage/libcap: bump to version 2.42
Fabrice Fontaine [Sat, 29 Aug 2020 20:57:31 +0000 (22:57 +0200)]
package/libcap: bump to version 2.42

- Drop first patch (already in version:
  https://git.kernel.org/pub/scm/linux/kernel/git/morgan/libcap.git/commit/?id=22f2e207f7824d231aab4de973e547f006e3ea3c)
- Drop second patch (already in version:
  https://git.kernel.org/pub/scm/linux/kernel/git/morgan/libcap.git/commit/?id=786b64b72b5ba3d4b6195f40c0096932d2c72b57)
- Drop third patch (not needed since
  https://git.kernel.org/pub/scm/linux/kernel/git/morgan/libcap.git/commit?id=f1c3ac995d02d4f17b9d15656ab6d58f4c87435a)
- Update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/oprofile: bump to version 1.4.0
Fabrice Fontaine [Sat, 29 Aug 2020 20:29:05 +0000 (22:29 +0200)]
package/oprofile: bump to version 1.4.0

- Drop third patch (already in version) and so drop second patch and
  autoreconf
- Update indentation in hash file (two spaces)

https://oprofile.sourceforge.io/release-notes/oprofile-1.4.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libmatroska: bump to version 1.6.2
Fabrice Fontaine [Sat, 29 Aug 2020 20:24:48 +0000 (22:24 +0200)]
package/libmatroska: bump to version 1.6.2

Extract from ChangeLog:
 - In release 1.6.1 the version number in CMakeLists.txt wasn't
   updated, affecting the installed cmake and pkgconfig files. The
   version number has been bumped to 1.6.2 in all relevant files now.
 - "KaxBlockAddIDValue" class: this class is no longer marked as
   "mandatory" in order to coincide with the latest specification.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 years agopackage/libidn: bump to version 1.36
Fabrice Fontaine [Sat, 29 Aug 2020 20:17:54 +0000 (22:17 +0200)]
package/libidn: bump to version 1.36

Update indentation in hash file (two spaces)

Extract from NEWS:
 - Fix unlikely memory leak in idna_to_unicode_4z4z().
 - Check codepoint validity in punycode_decode() and punycode_decode().
 - tld: Add U+00EF to .nl TLD table.
 - Indent code.
 - Translation fixes.
 - Update gnulib files.
 - API and ABI is backwards compatible with the previous version.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>