git.libre-soc.org Git - buildroot.git/log

package/runc: add upstream security fix for CVE-2019-5736

The vulnerability allows a malicious container to (with minimal user
interaction) overwrite the host runc binary and thus gain root-level
code execution on the host. The level of user interaction is being able
to run any command (it doesn't matter if the command is not
attacker-controlled) as root within a container in either of these
contexts:

  * Creating a new container using an attacker-controlled image.
  * Attaching (docker exec) into an existing container which the
    attacker had previous write access to.

For more details, see the advisory:

https://www.openwall.com/lists/oss-security/2019/02/11/2

The fix for this issue uses fexecve(3), which isn't available on uClibc, so
add a dependency on !uclibc to runc and propagate to the reverse
dependencies (containerd/docker-engine).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/testing: build a glibc toolchain for docker / docker-compose tests

runc (which is a reverse dependency of docker-engine) is about to gain a
!uclibc dependency, so move to a glibc toolchain instead.

There are currently no prebuilt x86_64 / core2 / glibc toolchains available,
so instead use the internal toolchain backend to build one.

While we are at it, drop the infra.basetest.BASIC_TOOLCHAIN_CONFIG
reference, as that ARM toolchain configuration doesn't make any sense for
this x86-64 based test.

add docker / docker-compose tests

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ghostscript: add upstream security fixes

CVE-2019-6116: Remote code execution.

https://www.openwall.com/lists/oss-security/2019/01/23/5

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libarchive: add upstream security fixes

CVE-2019-1000019: Crash when parsing some 7zip archives.

CVE-2019-1000020: A corrupted or malicious ISO9660 image can cause
read_CE() to loop forever.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/pc: fix typo in board/pc/post-build.sh

Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sqlcipher: force libopenssl

v3.2.0 has a bug in the configure step which causes it to fail when being
built against libressl. As libopenssl is selected as the default, the
autobuilders have not uncovered this failure. The issue has been confirmed
in LTS 2018.02.10 (probably broken prior to that as well) and is not
related to the Openssl bump to 1.1.x.

Thread with more details
http://lists.busybox.net/pipermail/buildroot/2019-February/243133.html

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/jpeg-turbo: add upstream security fixes

CVE-2018-20330: Integer overflow causing segfault occurred when
attempting to load a BMP file with more than 1 billion pixels using the
`tjLoadImage()` function.

CVE-2018-19664: Buffer overrun occurred when attempting to decompress a
specially-crafted malformed JPEG image to a 256-color BMP using djpeg.

Cc: Murat Demirten <mdemirten@yh.com.tr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

openssh: add upstream security fixes

CVE-2019-6109: Due to missing character encoding in the progress
display, a malicious server (or Man-in-The-Middle attacker) can employ
crafted object names to manipulate the client output, e.g., by using
ANSI control codes to hide additional files being transferred. This
affects refresh_progress_meter() in progressmeter.c.

CVE-2019-6111: Due to the scp implementation being derived from 1983
rcp, the server chooses which files/directories are sent to the client.
However, the scp client only performs cursory validation of the object
name returned (only directory traversal attacks are prevented). A
malicious scp server (or Man-in-The-Middle attacker) can overwrite
arbitrary files in the scp client target directory. If recursive
operation (-r) is performed, the server can manipulate subdirectories as
well (for example, to overwrite the .ssh/authorized_keys file).

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

CHANGES: add recent changes

In preparation for 2019.02-rc1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva-utils: fix build failure when x11 support is disabled

Fixes
http://autobuild.buildroot.net/results/2f8/2f89e41f79e8bec1c0561b486ae5750fc87a6320/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sg3_utils: ensure to build against librt when needed

The sg3_utils has provisions to build against librt when needed, but
forgot to use that mechanism for the sg_turs program. This commit
fixes that. The patch has been submitted upstream to the sg3_utils
author.

Fixes:

http://autobuild.buildroot.net/results/67b890a41d05497820ea4f44e187257dd6818b0b/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libupnp18: fix static linking with mpd

- Add a call to PKG_CHECK_MODULES in configure.ac to get openssl
libraries and its dependencies if openssl support is enabled
- Add OPENSSL_LIBS to libupnp.pc.in so that applications linking with
pupnp (such as mpd) will be able to retrieve openssl libraries

Fixes:
- http://autobuild.buildroot.org/results/a4148e516070b79816769f3443fc24d6d8192073

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sqlcipher: add OpenSSL 1.1.x compatibility

Fixes
http://autobuild.buildroot.net/results/5e2/5e2c3178d8a6e11b1af1c37144737097730ba222/

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/opentracing-cpp: needs dynamic library support

opentracing-cpp requires dlfcn.h from src/dynamic_load_unix.cpp.
This file is compiled unconditionally.

Disable opentracing-cpp on BR2_STATIC_LIBS configurations.

Fixes: http://autobuild.buildroot.net/results/454173aef9ff7c808294a974088d7682cad240a8/
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/brcm-patchram-plus: bump to version 95b7b6916d661a4da3f9c0adf52d5e1f4f8ab042

- Remove patch (already in version)
- Use COPYING as license file as COPYING has been fixed by:
https://github.com/AsteroidOS/brcm-patchram-plus/commit/95b7b6916d661a4da3f9c0adf52d5e1f4f8ab042

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/googlefontdirectory: better solution to avoid check-package warning

Rather than tell check-package to ignore a false-positive issue, just
avoid the issue to begin with, by using an intermediate variable to
construct the list of licenses.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/brcm-patchram-plus: fix license file hash

Commit 684bcc45e52a8300a2115799e96017b180695a14
("package/brcm-patchram-plus: fix build on sparc") added a patch that
modifies the src/main.c file, without paying attention to the fact
that this file is used as the license file for the package, and
therefore the .hash had to be updated at the same time. This commit
updates the license file hash as needed. There are obviously no
licensing related changes in the SPARC build fixes.

Fixes:

http://autobuild.buildroot.net/results/083ce1c3100b10e40480e6330ce0c29dde51f5e0/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: add optional bash-completion dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: add optional cryptsetup dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: add optional valgrind dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/clamav: needs wchar

Fixes
http://autobuild.buildroot.net/results/77c/77cd536a0fab78eabe27e055d28db2da354008d7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 18.3.3

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libva-utils: bump version to 2.4.0

Removed patch 0002, applied upstream.
Follow upstream switch of release tarball to bz2 and new location.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gst1-shark: select BR2_PACKAGE_GSTREAMER1_GST_DEBUG

gst-shark needs gstreamer to be compiled with debugging support enabled.
Make this selection automatically when the gst-shark package is
selected.

Fixes:
- http://autobuild.buildroot.net/results/09b894b0775df2dd87d8fb2d53c6a243d8668aba/
- and many more

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/webkitgtk: security bump to version 2.22.6

This is a maintenance release of the current stable WebKitGTK+ version,
which contains security fixes for CVE identifiers: CVE-2019-6212,
CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226,
CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, and CVE-2019-6234.
Additionally, it contains a few minor fixes.

Release notes can be found in the announcement:

https://webkitgtk.org/2019/02/09/webkitgtk2.22.6-released.html

More details on the issues covered by securit fixes can be found
in the corresponding security advisory:

https://webkitgtk.org/security/WSA-2019-0001.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libopenssl: add runtime fixes for tor

For details see https://bugs.archlinux.org/task/61623

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mosquitto: security bump to version 1.5.6

Fixes the following security issues:

CVE-2018-12551: If Mosquitto is configured to use a password file for
authentication, any malformed data in the password file will be treated as
valid. This typically means that the malformed data becomes a username and
no password.  If this occurs, clients can circumvent authentication and get
access to the broker by using the malformed username.  In particular, a
blank line will be treated as a valid empty username.  Other security
measures are unaffected.  Users who have only used the mosquitto_passwd
utility to create and modify their password files are unaffected by this
vulnerability.  Affects version 1.0 to 1.5.5 inclusive.

CVE-2018-12550: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined, which
means that no topic access is denied.  Although denying access to all topics
is not a useful configuration, this behaviour is unexpected and could lead
to access being incorrectly granted in some circumstances.  Affects versions
1.0 to 1.5.5 inclusive.

CVE-2018-12546: If a client publishes a retained message to a topic that
they have access to, and then their access to that topic is revoked, the
retained message will still be delivered to future subscribers.  This
behaviour may be undesirable in some applications, so a configuration option
check_retain_source has been introduced to enforce checking of the retained
message source on publish.

Add two upstream post-1.5.6 patches to fix a build error in the bridge code
when ADNS is enabled and when building with older toolchains not defaulting
to C99 mode.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/php: security bump to version 7.3.2

Rebased patch 0004.

This bump fixes https://bugs.php.net/bug.php?id=77369,
status of CVE-ID: needed

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xenomai: move arch restriction to Cobalt core, no restriction for Mercury

Xenomai has two mutually exclusive cores:
- Cobalt: dual-kernel approach: patched kernel + userland
- Mercury: only userland

In the Cobalt core, not all architectures are supported. This is the source
of the existing ARCH_SUPPORTS variable.

In the Mercury core, there is no imposed architecture restriction.

Rename the XENOMAI_ARCH_SUPPORTS flag to XENOMAI_COBALT_ARCH_SUPPORTS and
move its check from the Xenomai package to the Cobalt core.

Nevertheless, even for Mercury, there are some restrictions:
- pthread_atfork is used, which requires an MMU
- sync functions like __sync_sub_and_fetch and __sync_add_and_fetch are
expected.

As the corresponding 'linux extension' selects Xenomai, we add the
MMU and sync dependencies there too. They may or may not already be covered
by XENOMAI_COBALT_ARCH_SUPPORTS flag.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libopenssl: renumber patches

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/brcm-patchram-plus: fix build on sparc

On SPARC, the definitions of B2500000, B3000000, B3500000 and B4000000
are not necessarily available, so use those values only if defined in
the kernel headers.

It fixes SPARC build failures such as:
main.c:382:13: error: 'B2500000' undeclared here (not in a function)
  { 2500000, B2500000 },
             ^~~~~~~~
main.c:383:13: error: 'B3000000' undeclared here (not in a function)
  { 3000000, B3000000 },
             ^~~~~~~~
main.c:385:13: error: 'B3500000' undeclared here (not in a function)
  { 3500000, B3500000 },
             ^~~~~~~~
main.c:386:13: error: 'B4000000' undeclared here (not in a function)
  { 4000000, B4000000 }

Fixes:
- http://autobuild.buildroot.org/results/f7012c08c935c3a6ccae50b84170190af5cd5cba

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libopenssl: m68x use SMALL_FOOTPRINT mode

OPENSSL_SMALL_FOOTPRINT mode selects alternate paths in the sha512 and
blake2 algorithms which resolves a assembler issue like the following.

/tmp/ccfnLhKQ.s: Assembler messages:
/tmp/ccfnLhKQ.s:11167: Error: value -32790 out of range
make[2]: *** [crypto/blake2/blake2b.o] Error 1

This issue was found after the OpenSSL1.1.x bump.

Fixes
http://autobuild.buildroot.net/results/533e817695cde321b725145112cfd83c092d9d75

Upstream ticket
https://github.com/openssl/openssl/issues/8190

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mosquitto: fix comments

The toplevel mosquitto comment should go after the sub options to ensure
they get indented, and the broker comment should be hidden if mosquitto
isn't enabled.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: correct association e-mail address

It is buildroot-association@buildroot.org, not @lists.buildroot.org.

Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/rock64: needs U-Boot pylibfdt

The build currently fails with:

*** dtoc needs the Python libfdt library. Either
*** install it on your system, or try:
***
*** sudo apt-get install swig libpython-dev
***
*** to have U-Boot build its own version.

Adding BR2_TARGET_UBOOT_NEEDS_PYLIBFDT should fix this build issue,
which was reported at:

https://gitlab.com/buildroot.org/buildroot/-/jobs/158295223

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/orangepi_lite2: fix kernel headers option

Contrary to what the comment in the defconfig says, the
orangepi_lite2_defconfig was not using the "same as kernel" option for
kernel headers, but really selecting explicitly Linux 4.18 headers,
independently from the kernel version.

Except that in the mean time, BR2_KERNEL_HEADERS_4_18 has been
removed, causing a build failure due to the legacy checking:

Makefile.legacy:9: *** "You have legacy configuration in your .config! Please check your configuration.". Stop.

This commit fixes that by using the proper
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_18 option.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/158295163

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/intel-gmmlib: fix license file and add hash

The license file is not named COPYING, but LICENSE.md. While we're at
it, we add the hash of the license file.

Fixes:

http://autobuild.buildroot.net/results/09e4c14effe58ec2bc6f3deede7cc17ae6590767/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

packages: update sysv S* scripts to 644

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: fix Paypal account address

As noticed by Yann E. Morin, the address of the Paypal account is
@buildroot.org, not @lists.buildroot.org.

Reported-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

core/pkg-infra: restore completeness of packages files lists

In commit 7fb6e782542f (core/instrumentation: shave minutes off the
build time), the built stampfile is used as a reference to detect files
installed by a package.

However, packages may install files keeping their mtime intact, and we
end up not detecting this. For example, the internal skeleton package
will install (e.g.) /etc/passwd with an mtime of when the file was
created in $(TOP_DIR), which could be the time the git repository was
checked out; that mtime is always older than the build stamp file, so
files installed by the skeleton package are never accounted for to that
package, or to any other package for that matters.

We switch to an alternate solution, which consists of storing some extra
metadata per file, so that we can more reasily detect modifications to
the files. Then we compare the state before the package is installed (by
reusing the existing list) and after the package is installed, compare
that to list any new file or modified files (in reality, ignoring
untouched and removed files). Finally, we store the file->package
association in the global list and store the new stat list as the global
list.

The format used for the .stat file is:

mtime:inode:perms:filetype:size,filename

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Cc: Trent Piepho <tpiepho@impinj.com>
[Peter: rename files, reformat, only look for files and symlinks and pass
LC_ALL=C to comm as pointed out by Thomas De Schampheleire]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: add page for the Buildroot Association

For about two years, a legal entity called "Buildroot Association" was
created in France to support the Buildroot project. Until fall 2018,
this legal entity has not been used. In fall 2018, we started using it
in order to receive donations from companies in order to organize the
Buildroot Developers Meeting that took place before the Embedded Linux
Conference Europe 2018 in Edinburgh.

This commit creates a new page on our web site that documents the
existence of this Buildroot Association, and details how to become a
member. Both individuals and companies can become members.

It is worth stating that the Buildroot Association does not control
the Buildroot project: it remains a fully open-source and
community-driven project. The Buildroot Association only serves as a
legal entity to handle donations and money needed to organize the
Buildroot Developers Meeting, and pay for a few expenses related to
the project (such as domain names).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: small improvements]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gnuradio: disable xml document generation

Fixes
http://autobuild.buildroot.net/results/f94/f941d84c781b524530770f5b9360863a821e8ba1/

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/pc: fix grub-efi.cfg permissions

It does not need the execute bits.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tss: fix build with gcc <= 4.8

Fixes:
- http://autobuild.buildroot.org/results/8d7b6dad6602fe67338abc696bc4752dda8e9717

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/scripts/pkg-stats: fix flake8 errors

Fixes the following flake8 warnings:

support/scripts/pkg-stats:34:2: W605 invalid escape sequence '\$'
support/scripts/pkg-stats:34:4: W605 invalid escape sequence '$'
support/scripts/pkg-stats:34:11: W605 invalid escape sequence '\$'
support/scripts/pkg-stats:34:13: W605 invalid escape sequence '\('
support/scripts/pkg-stats:34:32: W605 invalid escape sequence '$'
support/scripts/pkg-stats:34:34: W605 invalid escape sequence '\)'
support/scripts/pkg-stats:35:2: W605 invalid escape sequence '\s'
support/scripts/pkg-stats:35:14: W605 invalid escape sequence '\S'
support/scripts/pkg-stats:35:17: W605 invalid escape sequence '\s'
support/scripts/pkg-stats:42:1: E302 expected 2 blank lines, found 1
support/scripts/pkg-stats:587:133: E501 line too long (157 > 132 characters)

Note that the "invalid escape sequence" errors work because Python
leaves the \ in place if it doesn't recognise the escape sequence. But
it's better practice to use a raw string for regular expressions.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/mongodb: remove package

Fixes:
http://autobuild.buildroot.net/results/dd4/dd412fae45a84e44e7e6a49f8cdb124d0851c1df/

The mongodb version used (3.3.4) is no longer supported by upstream and
fails to build with openssl 1.1.1x. On top of that it uses internal copies
of boost, pcre and zlib instead of the system ones.

Bumping the version to 3.4.19 (which is still supported until September
2019) has been tried, but it:

- No longer builds for 32bit ARM

- Doesn't build without extra patches, E.G.:
https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-support/mongodb/mongodb/0002-d_state.cpp-Add-missing-dependenncy-on-local_shardin.patch?h=rocko

- Doesn't build with the system version of boost (1.69.0)

- Also fails to build with openssl-1.1.1x

So it looks like mongodb needs to be bumped to the 3.6.x series (which
changes the license to the SSPL) - Or simply dropped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/googlefontdirectory: silence false positive check-package warning

check-package OverriddenVariable check believes we are overriding the
value of GOOGLEFONTDIRECTORY_LICENSE, but in fact we are not. Let's
tell check-package not to complain about this.

Fixes:

package/googlefontdirectory/googlefontdirectory.mk:28: unconditional override of variable GOOGLEFONTDIRECTORY_LICENSE previously conditionally set

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openocd: fix indentation of Config.in help text

Fixes the following check-package warnings:

package/openocd/Config.in:20: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)
package/openocd/Config.in:21: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/uboot: fix order of Config.in properties

Fixes the following check-package warning:

boot/uboot/Config.in:185: attributes order: type, default, depends on, select, help (http://nightly.buildroot.org/#_config_files)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/rock64: new defconfig

Configuration contains:
  - building tpl, spl and u-boot (forked u-boot repository)
  - booting from SD card and network via PXE
  - working ethernet, usb and uart
  - minimal rootfs with busybox
  - ready to flash SD card image

Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcurl: security bump to version 7.64.0

Fixes the following security issues:

CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
https://curl.haxx.se/docs/CVE-2018-16890.html

CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
https://curl.haxx.se/docs/CVE-2019-3822.html

CVE-2019-3823: SMTP end-of-response out-of-bounds read
https://curl.haxx.se/docs/CVE-2019-3823.html

The copyright year changed in the COPYING file, so update the hash.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gerbera: bump to version 1.3.0

- Remove patch (already in version)
- Add a dependency to gcc >= 7 for C++17 optional feature:
https://github.com/gerbera/gerbera/commit/ae8192ddf37cec2c78ec578a5d627b2d89fa90f5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openssh: Add sysusers.d snippet

Whether using the new sysusers.d snippet, or adding an entry to
/etc/password, set the service's home directory to /var/empty.
See README.privsep included as part of the openssh distribution.

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

weston: add weston-imx variant when using imx-gpu-viv

This variant contains various optimizations for i.MX processors.

For instance, on i.MX6/7 devices with GPU, the gl-renderer needs to be
enabled for the fbdev-backend which was removed from upstream weston
long time ago.

Also, weston-imx adds support for G2D which is enabled by default, this
patch makes sure to disable it when imx-gpu-g2d isn't selected.

The tag version rel_imx_4.9.51_8mq_ga proved to work fine on both
i.MX6Q/DL and i.MX8MQ processors.

Here are the commands used to start weston on i.MX6Q:
- Using 3D GPU (gl-renderer):
# weston --tty=1 --device=/dev/fb0
- Using 2D GPU (G2D):
# weston --tty=1 --device=/dev/fb0 --use-g2d=1

Upstream repository:
https://source.codeaurora.org/external/imx/weston-imx/

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: add comment why no --enable option is passed]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

configs/pc_x86_64_efi: use a GPT partition table

Since all EFI-based systems support GPT, this commit changes
pc_x86_64_efi to use a GPT partition table. It shows an example of how
to craft a disk image with GPT partitioning instead of MBR. This is
achieved by means of a post-image script which uses
mkdosfs+mcopy+sfdisk, since genimage is unable to deal with GPT. Long
term, it would be ideal if genimage had GPT support, but until then,
this script shows how to achieve creating a GPT-based disk image.

The script was kept as simple as possible to make it easy to understand
and adapt for other purposes.

The root filesystem location is passed to the kernel by a partition
UUID, so it is possible to boot on QEMU, directly from the disk image,
or dump the image to a physical device.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-cmake: <pkg>_SUBDIR cleanup

No functional change is brought by this modification.

This patch removes redundant <pkg>_SRCDIR declaration
(already defined in pkg-generic.mk)

Signed-off-by: Lionel Orry <lionel.orry@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-python: <pkg>_SUBDIR cleanup

No functional change is brought by this modification.

This patch:
* removes redundant <pkg>_SRCDIR and <pkg>_BUILDDIR declarations
(already defined in pkg-generic.mk)
* documents the usage of <pkg>_SUBDIR in the python-specific section of
the manual.

Signed-off-by: Lionel Orry <lionel.orry@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-meson: <pkg>_SUBDIR cleanup

No functional change is brought by this modification.

This patch:
* removes a redundant <pkg>_SRCDIR declaration (already defined in
pkg-generic.mk)
* documents the usage of <pkg>_SUBDIR in the meson-specific section of
the manual.

Signed-off-by: Lionel Orry <lionel.orry@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-waf: add support for <pkg>_SUBDIR

In the Buildroot manual, it is specified that the Waf-based
infrastructure supports the <pkg>_SUBDIR variable, which was not true.

This patch:
* makes use of this variable by changing to the given sub-directory
before executing waf commands,
* documents the usage of <pkg>_SUBDIR in the waf-specific section of
the manual.

Signed-off-by: Lionel Orry <lionel.orry@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pyzmq: enable draft APIs when supported by ZeroMQ

This doesn't introduce a new config flag, instead it just automatically enables
draft support if it's configured in the zeromq package itself.

Signed-off-by: Lionel Flandrin <lionel@svkt.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/zeromq: allow building with draft APIs enabled

Signed-off-by: Lionel Flandrin <lionel@svkt.org>
[Thomas: add explicit --disable-drafts]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

system: allow selecting merged /usr along with custom rootfs skeleton

If the user is brave enough to use a custom rootfs skeleton then we must
not prevent using merged /usr too. Actually it is already possible to do
this, although indirectly, by selecting BR2_INIT_SYSTEMD.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Makefile: allow rootfs overlays to override symbolic links

Since commit 0db34529f48 we use rsync with the --keep-dirlinks option to
prevent overlays from accidentally overwriding /{usr,bin,sbin,lib} links
when BR2_ROOTFS_MERGED_USR option is enabled. Unfortunately this also
prevents replacing a symlink by a directory on purpose (e.g. /var/log,
to persist system logs).

Steps to reproduce:

- enable BR2_ROOTFS_MERGED_USR and BR2_PACKAGE_SKELETON_INIT_SYSV
- mkdir some_path/rootfs-overlay/var/log
- enable BR2_ROOTFS_OVERLAY="some_path/rootfs-overlay"
- run 'make'
- 'target/var/log' is still a symlink to '../tmp', not a directory

The --keep-dirlinks option can be dropped, since we run sanity checks
on overlays. Now the rsync invocation is identical to the SYSTEM_RSYNC
logic we have in system/system.mk, so use that variable.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Makefile: check rootfs overlays with BR2_ROOTFS_MERGED_USR enabled

Add a step to target-finalize that checks each rootfs overlay, following
the criteria established for custom skeletons and using the same script
uesd by skeleton-custom.mk.

Add a paragraph to the documentation clarifying that rootfs overlays
don't need to contain /bin, /lib or /sbin and must not contain them when
BR2_ROOTFS_MERGED_USR is enabled.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

skeleton-custom: install /bin, /lib, and /sbin

skeleton-custom does not install the required /bin, /lib and /sbin
directories (or symlinks), which may result in an imcomplete tree, The
user could add the required directories/symlinks to the skeleton but
they may be invalid, depending on the state of BR2_ROOTFS_MERGED_USR.

Steps to reproduce:

- Enable BR2_ROOTFS_MERGED_USR and BR2_INIT_SYSTEMD
- Set BR2_ROOTFS_SKELETON_CUSTOM_PATH to "system/skeleton"
- Run "make skeleton"
- target/{bin.lib,sbin} will not exist

Add calls to SYSTEM_USR_SYMLINKS_OR_DIRS to INSTALL_TARGET_CMDS and
INSTALL_STAGING_CMDS, so the required directories or symlinks are
created.

Add a paragraph to the documentation clarifying that custom skeletons
don't need to contain /bin, /lib or /sbin and must not contain them when
BR2_ROOTFS_MERGED_USR is enabled.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

skeleton-custom: use a script to check merged usr structure

Introduce support/scripts/check-merged-usr.sh, a script that check if a
given path complies to the merged /usr requirements:

    /
    /bin -> usr/bin
    /lib -> usr/lib
    /sbin -> usr/sbin
    /usr/bin/
    /usr/lib/
    /usr/sbin/

Use this script in skeleton-custom.mk instead of a bunch of variables
filled by $(shell ...) macros. The same script will be used to check
rootfs overlays, in a forthcoming change.

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

boot/uboot: add support for bundling ATF BL31 in ELF format into U-Boot

Rockchip's rk3328 encapsulates the BL31 part of ATP but it needs
image in ELF format. This is extension to
2c4809e6088660dc71de9de8cee0bba312aafbe4

This commit introduces a BR2_TARGET_UBOOT_NEEDS_ATF_BL31_ELF variable
to achieve this.

Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/arm-trusted-firmware: add option to choose custom version

Allow user to choose specific, stable version from official ATF
repository

Signed-off-by: Michał Łyszczek <michal.lyszczek@bofc.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: remove qt support

Now that Qt4 is removed, the support in libv4l can be removed as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gpsd: remove qt support

Now that Qt4 is removed, the support in gpsd can be removed as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

utils/genrandconfig: drop qt4 fixups

Now that Qt4 is removed, these fixups can be removed as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

core/sdk: don't mangle symlinks with '.' or '..' at start

The current transform changes any '.' at the start of a filename to
$(BR2_SDK_PREFIX). This also applies to the target of a symlink, when
it is relative.

We thus might end up with something like:
    $(BR2_SDK_PREFIX)/bin/aarch64-linux-gnu-ar ->
    $(BR2_SDK_PREFIX)./opt/ext-toolchain/bin/aarch64-linux-gnu-ar

when it should be:
    $(BR2_SDK_PREFIX)/bin/aarch64-linux-gnu-ar ->
    ../opt/ext-toolchain/bin/aarch64-linux-gnu-ar

We fix that by making sure we always remove a known prefix, i.e. we
remove the path to host dir. The obvious solution would be to cd into
$(HOST_DIR)/.. , then tar ./host/ and finally use a --transfrom pattern
as 's,^\./$(notdir $(HOST_DIR)),$(BR2_SDK_PREFIX)'.

Since $(HOST_DIR) can point to a user-supplied location, we don't know
very well how the pattern may patch.

Instead, we cd into / and tar the full path to $(HOST_DIR).

Since tar removes any leading '/', it would spurr a warning message,
which is annoying. So we explicitly remove the leading '/' from
$(HOST_DIR) when we tar it.

Finally, we transform all filenames to replace a leading $(HOST_DIR)
(without a leading /) to the prefix to use.

Signed-off-by: Joel Carlson <JoelsonCarl@gmail.com>
[yann.morin.1998@free.fr:
  - use a single transform pattern
  - use full HOST_DIR path as pattern to replace
  - update commit log accordingly
]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libb64: fix integer overflow and uninitialized C++ objects

Fixes a runtime bug on compilers where unsigned char is the default.
Fixes a runtime bug where _state variable in the encoder and decoder
c++ objects where not initialized by the constructors.

Signed-off-by: Mikael Eliasson <mikael@robomagi.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/pkg-stats: add latest upstream version information

This commit adds fetching the latest upstream version of each package
from release-monitoring.org.

The fetching process first tries to use the package mappings of the
"Buildroot" distribution [1]. This mapping mechanism allows to tell
release-monitoring.org what is the name of a package in a given
distribution/build-system. For example, the package xutil_util-macros
in Buildroot is named xorg-util-macros on release-monitoring.org. This
mapping can be seen in the section "Mappings" of
https://release-monitoring.org/project/15037/.

If there is no mapping, then it does a regular search, and within the
search results, looks for a package whose name matches the Buildroot
name.

Even though fetching from release-monitoring.org is a bit slow, using
multiprocessing.Pool has proven to not be reliable, with some requests
ending up with an exception. So we keep a serialized approach, but
with a single HTTPSConnectionPool() for all queries. Long term, we
hope to be able to use a database dump of release-monitoring.org
instead.

From an output point of view, the latest version column:

- Is green when the version in Buildroot matches the latest upstream
   version

- Is orange when the latest upstream version is unknown because the
   package was not found on release-monitoring.org

- Is red when the version in Buildroot doesn't match the latest
   upstream version. Note that we are not doing anything smart here:
   we are just testing if the strings are equal or not.

- The cell contains the link to the project on release-monitoring.org
   if found.

- The cell indicates if the match was done using a distro mapping, or
   through a regular search.

[1] https://release-monitoring.org/distro/Buildroot/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dhcpcd: systemv and systemd services conflict with NetworkManager

When NetworkManager and dhcpcd packages are both enabled, dhcpcd
services and NetworkManager both spawn dhcpcd. This causes the network
port to retrieve an IP address and later lose it a few seconds after
startup.

This patch prevents dhcpcd services from launching dhcpcd if
NetworkManager is enabled.

Signed-off-by: Jim Brennan <jbrennan@impinj.com>
[Thomas: add a comment in the code to explain the seemingly strange
condition.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/brcm-patchram-plus: new package

Add tool which allows to setup broadcom bluetooth
device via UART.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: add hash for license file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qt: remove package

Qt4 has been marked obsolete for close to 1 year, since commit 3538b5fb10
(qt: mark as obsolete) and is no longer supported upstream since December
2015:

https://blog.qt.io/blog/2015/05/26/qt-4-8-7-released/

So now finally remove it as the in tree users have been removed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qwt: remove qt4 support

Qt4 support is about to be dropped, so remove the support from qwt as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/quazip: remove qt4 support

Qt4 support is about to be dropped, so remove the support from quazip as
well.

Also add an explicit depends on for qt5 for consistency with other packages.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qjson: remove qt4 support

Qt4 support is about to be dropped, so remove the support from qjson as
well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: also remove redundant BR2_STATIC_LIBS dependency/comment]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qextserialport: remove qt4 support

Qt4 support is about to be dropped, so remove the support from
qextserialport as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libmediaart: remove qt4 support

Qt4 support is about to be dropped, so remove the support from libmediaart
as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qtuio: remove package

The qtuio package uses the obsolete qt4 package, which we are about to
remove, so remove qtuio as well.

CC: Stephan Hoffmann <sho@relinux.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pinentry: remove qt4 option

The qt4 option uses the obsolete qt4 package, which we are about to remove,
so remove the pinentry-qt4 option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/poppler: remove qt option

The qt option uses the obsolete qt4 package, which we are about to remove,
so remove the poppler qt option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/opencv3: remove qt backend option

The qt backend option uses the obsolete qt4 package, which we are about to
remove, so remove the qt backend option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/opencv: remove qt backend option

The qt backend option uses the obsolete qt4 package, which we are about to
remove, so remove the qt backend option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/amd-catalyst: remove control center option

The control center option uses the obsolete qt4 package, which we are about
to remove, so remote the cccle option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/sdl: remove qtopia video driver option

The qtopia option uses the obsolete qt4 package, which we are about to
remove, to remove the qtopia option as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: move the enable-qtopia=no option to the beginning]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-sip: remove qt4 support

python-pyqt has been removed and qt4 support is about to be dropped, so
remove the support from python-sip as well.

The comments and dependencies are not how we normally do things: the
dependency on Qt5 is obvious for a package which is essentially python
bindings for Qt5, and the other dependencies are implied by Qt5. So
remove all that and limit to a single dependency on Qt5.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Arnout: further simplify dependencies and comments]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/python-pyqt: remove package

The python-pyqt package uses the obsolete qt4 package, which we are about to
remove, so remove python-pyqt as well.

CC: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gnuradio: remove qtgui option

The gr-qtgui option uses python-pyqt/Qt4, which we are about to remove, so
remove the option.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/kodi: Add windowing support for Raspberry Pi & AMLogic

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/kodi: Rework windowing support options

To prepare the bump to the next Kodi version 18.0-Leia we rework the
options to control the windowing platform Kodi is built for. An
automatic choice will no longer be suitable after addition of support
for wayland and gbm, the former also providing a choice to use either
OpenGL or OpenGL ES.

This patch introduces a new choice option by converting the current
X11-based OpenGL support to the new scheme. Other windowing platforms
will be added by subsequent patches.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/kodi: remove X11-based OpenGL ES support

To prepare the bump to the next Kodi version 18.0-Leia we remove the
current OpenGL ES support options. Kodi 18.0 will bring a major
overhaul of the supported windowing platforms, x11-based gles support
was removed, see upstream PR 12196.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/meson: fix RPATH patch

The re-added ([1]) patch missed to remove two lines of the original
unconditional code.

[1] https://git.buildroot.net/buildroot/commit/?id=5c939246a802c0ad9704dac1505105037542a1d3

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: set vconsole support option to default y

Without support for vconsole, systemd will abruptly kill anything
spawned on the console, thus preventing users from loging in from
the console, effectively locking them out if the target does not
have another mean of logging in (no sshd, no serial line...)

We fix that by making support for vconsole default to y, since
logging in from the console if more frequent than not. Users can
still de-activate it when they know they don't need it.

Note that logging from a serial line is not impacted, and still
works whether vconsole is enabled or not.

Signed-off-by: David Fogle <david.j.fogle@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wine: add gettext dependency for host-wine only with NLS enabled

Checked that host-wine compiles ok without host-gettext, so no needs
to specify this dependency.

libgettextpo is required by tools/wrc
(https://linux.die.net/man/1/wrc) which allows to convert windows
resources also to *.po format, which is not needed if NLS is disabled.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/googlefontdirectory: change to Google Fonts repo

The current repository doesn't include new fonts, so this commit
changes the package to use the new official google github repository
which contains a lot of new available fonts.

The fonts are now organized in sub-folders per license, so we have to
take into this into account, and the
BR2_PACKAGE_GOOGLEFONTDIRECTORY_FONTS should now contain values such
as ufl/ubuntu or ofl/marvel.

Because the different fonts have different license files, we really
need to use each per-font license file, which explains why we have so
many hashes in the .hash file.

The list of licenses and license files is automatically derived from
the list of fonts in BR2_PACKAGE_GOOGLEFONTDIRECTORY_FONTS. Note that
a very small set of fonts (~15 among 1000+ fonts) lack a license file,
so if those fonts are used, legal-info will fail because the expected
license file doesn't exist. We consider this as a bug that should be
reported upstream, because each font should have a license file.

While we're at it, we use a foreach loop to install the fonts.

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luarocks: refactor buildroot addon without patch

addon commands are actually implemented in luarocks 3.0.4,
and they must be located in luarocks/cmd/external.

so, it is useless to patch luarocks.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>