git.libre-soc.org Git - buildroot.git/log

systemd: fix build with gcc <= 4.7

Pass -Werror=shadow in args of cc.compiles in meson.build otherwise test
will always succeed, causing -Werror=shadow to be passed, even on older gcc versions.

GCC 4.8 changed the behaviour of -Werror=shadow to no longer complain about
local variable declariations shadowing functions, which systemd has.  From
the changelog:

  The option -Wshadow no longer warns if a declaration shadows a function
  declaration, unless the former declares a function or pointer to function,
  because this is a common and valid case in real-world code.

https://www.gnu.org/software/gcc/gcc-4.8/changes.html

Fixes:
- http://autobuild.buildroot.org/results/ffd71c473d3b29618c18cd2e04705370266696f2

[Peter: extend commit message, add gcc 4.8 link]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ghostscript: security bump to version 9.26

Fixes the following security vulnerabilities:

- CVE-2018-17961: Artifex Ghostscript 9.25 and earlier allows attackers to
   bypass a sandbox protection mechanism via vectors involving errorhandler
   setup.  NOTE: this issue exists because of an incomplete fix for
   CVE-2018-17183.

- CVE-2018-18284: Artifex Ghostscript 9.25 and earlier allows attackers to
  bypass a sandbox protection mechanism via vectors involving the 1Policy
  operator.

- CVE-2018-19409: An issue was discovered in Artifex Ghostscript before
  9.26.  LockSafetyParams is not checked correctly if another device is
  used.

- CVE-2018-19475: psi/zdevice2.c in Artifex Ghostscript before 9.26 allows
  remote attackers to bypass intended access restrictions because available
  stack space is not checked when the device remains the same.

- CVE-2018-19476: psi/zicc.c in Artifex Ghostscript before 9.26 allows
  remote attackers to bypass intended access restrictions because of a
  setcolorspace type confusion.

- CVE-2018-19477: psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows
  remote attackers to bypass intended access restrictions because of a
  JBIG2Decode type confusion.

For more details, see the release notes:
https://www.ghostscript.com/doc/9.26/History9.htm#Version9.26

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

perl-net-ssleay: fix dependency

this dependency was accidentally removed
by https://git.busybox.net/buildroot/commit/package/perl-net-ssleay?id=da9e06cabc578bf9138e100d1492a2d5f2038415

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

freetype: bump version to 2.9.1

According to [1]:

- fixes CVE-2018-6942: A NULL pointer dereference in the Ins_GETVARIATION()
function within ttinterp.c could lead to DoS via a crafted font file

- needs '--enable-freetype-config' for freetype-config installation

[1] https://git.savannah.gnu.org/cgit/freetype/freetype2.git/tree/docs/CHANGES?id=86bc8a95056c97a810986434a3f268cbe67f2902

[Peter: also pass --enable-freetype-config for host variant]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

domoticz: fix build with python and cmake <= 3.7

domoticz will fail to build with python and older cmake
Indeed, find_package(PythonLibs 3.4) will not recognize python 3.7 until
cmake 3.7 and the following commit:
https://github.com/Kitware/CMake/commit/c31573b9641e0f1bc7a34149506db51f3494323b

To fix this, add a call to find_package(PythonInterp). Indeed, if
FindPythonInterp has already found the major and minor version, that
version will be inserted between the user supplied versions and the
stock version list since cmake in version 3.1 and
https://github.com/Kitware/CMake/commit/3816cd2dc7a7cc220e4f1b1e87fee986545b9cb3

Fixes:
- http://autobuild.buildroot.org/results/8e82501a7b49da628ec026132ffca44c0c813040

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libopenssl: security bump to version 1.0.2q

Fixes the following security vulnerabilities:

  *) Microarchitecture timing vulnerability in ECC scalar multiplication

     OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been
     shown to be vulnerable to a microarchitecture timing side channel attack.
     An attacker with sufficient access to mount local timing attacks during
     ECDSA signature generation could recover the private key.

     This issue was reported to OpenSSL on 26th October 2018 by Alejandro
     Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and
     Nicola Tuveri.
     (CVE-2018-5407)
     [Billy Brumley]

  *) Timing vulnerability in DSA signature generation

     The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
     (CVE-2018-0734)
     [Paul Dale]

For more information, see the changelog:
https://www.openssl.org/news/cl102.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

xfsprogs: Define PLATFORM to linux

PLATFORM is an environment variable used by xfsprogs' configure script
to determine the platform for which the applications are being built. If
we set some incorrect/unsupported value through e.g: export, this will
be picked up by xfsprogs' configure script and used as-is and assigned
to PKG_PLATFORM, which will lead to build failures.

If PLATFORM was empty/unset, then uname on the host building xfsprogs
gets used to determine the build platform, which again could be
incorrect if we e.g: built xfsprogs on a Darwin system.

Since we are obviously building for Linux, let's just make sure we
define it that way which solves both issues.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

samba4: security bump to version 4.9.3

Fixes the following security vulnerabilities:

- CVE-2018-14629:
   All versions of Samba from 4.0.0 onwards are vulnerable to infinite
   query recursion caused by CNAME loops. Any dns record can be added via
   ldap by an unprivileged user using the ldbadd tool, so this is a
   security issue.

- CVE-2018-16841:
   When configured to accept smart-card authentication, Samba's KDC will call
   talloc_free() twice on the same memory if the principal in a validly signed
   certificate does not match the principal in the AS-REQ.

   This is only possible after authentication with a trusted certificate.

   talloc is robust against further corruption from a double-free with
   talloc_free() and directly calls abort(), terminating the KDC process.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

- CVE-2018-16851:
   During the processing of an LDAP search before Samba's AD DC returns
   the LDAP entries to the client, the entries are cached in a single
   memory object with a maximum size of 256MB.  When this size is
   reached, the Samba process providing the LDAP service will follow the
   NULL pointer, terminating the process.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

- CVE-2018-16852:
   During the processing of an DNS zone in the DNS management DCE/RPC server,
   the internal DNS server or the Samba DLZ plugin for BIND9, if the
   DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS
   property is set, the server will follow a NULL pointer and terminate.

   There is no further vulnerability associated with this issue, merely a
   denial of service.

- CVE-2018-16853:
   A user in a Samba AD domain can crash the KDC when Samba is built in the
   non-default MIT Kerberos configuration.

   With this advisory we clarify that the MIT Kerberos build of the Samba
   AD DC is considered experimental.  Therefore the Samba Team will not
   issue security patches for this configuration.

- CVE-2018-16857:
   AD DC Configurations watching for bad passwords (to restrict brute forcing
   of passwords) in a window of more than 3 minutes may not watch for bad
   passwords at all.

For more details, see the release notes:

https://www.samba.org/samba/history/samba-4.9.3.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump CIP to version v4.4.154-cip28

This patch bumps the Linux CIP kernel to version v4.4.154-cip28

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

valgrind: fix mips64 compile

Disable gcc march mips64r2 detection (use compile flags already
set by buildroot only), avoids double setting like '-march=mips64
... -march=mips64r2 -mabi=64'.

Fixes [1]:

error: '-mips64r2' conflicts with the other architecture options, which specify a mips64 processor

[1] http://autobuild.buildroot.net/results/34f6e2352f1559f98c724fe5394db0035b42ddb1

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

popt: add libiconv to popt.pc.in

Add ${LTLIBICONV} to popt.pc.in so applications such as shairport-sync
will know that they must link with -liconv when building statically

Fixes:
- http://autobuild.buildroot.org/results/c5b0d1d2867e49c022a2ad971dd9f358ff0f3865

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

msgpack: disables tests

tests are enabled if gperf and zlib are found and they fail on:
/home/buildroot/autobuild/run/instance-0/output/build/msgpack-2.1.5/include/msgpack/v1/object.hpp:652:34:
error: 'void* memcpy(void*, const void*, size_t)' copying an object of non-trivial type 'struct msgpack::v2::object' from an array of 'const msgpack_object' {aka 'const struct msgpack_object'} [-Werror=class-memaccess]
std::memcpy(&o, &v, sizeof(v));

So disable them.

Fixes:
- http://autobuild.buildroot.org/results/7d7aa9723f02f9bc78dbf6248674be4d402199bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libid3tag: needs autoreconf

libid3tag uses a very old configure script.

When the toolchain lacks C++ and the build machine lacks /lib/cpp, this
old configure script fails because it can't find a C++ preprocessor that
is valid:

    checking for arm-buildroot-linux-uclibcgnueabi-g++... no
    checking whether we are using the GNU C++ compiler... no
    checking whether no accepts -g... no
    checking dependency style of no... none
    checking how to run the C++ preprocessor... /lib/cpp
    configure: error: C++ preprocessor "/lib/cpp" fails sanity check
    See `config.log' for more details.

This is yet another case that was tentatively fixed by bd39d11d2e
(core/infra: fix build on toolchain without C++), further amended by
4cd1ab15886 (core: alternate solution to disable C++).

However, this only works on libtool scripts that are recent enough, and
thus we need to autoreconf to get it.

We also need to patch configure.ac so that it does not fail on the
missing, GNU-specific files: NEWS, AUTHORS, and Changelog.

Fixes:
    http://autobuild.buildroot.org/results/ac3/ac3870208aab6001db6b790b6c5dde64d08f7669/
    http://autobuild.buildroot.org/results/cc1/cc18397f38dfd4f1e6605f7a6f58edab49b396ac/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/dante: needs autoreconf

We have a patch that touches a .m4 file, so we need to regenerate the
configure script. Otherwise, this is done during the build step, and
some environment variables are thus missing and the build may fail when
the host machine does not have the expected autostuff tools.

Fixes:
    http://autobuild.buildroot.org/results/e37/e37e61bae1d81a7956e2843be70fea84b0bbb64b/
    http://autobuild.buildroot.org/results/f96/f969718402cae71446d6280ec1f66d357a155293/
    ...

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/orangepi_zero_plus2: needs host-openssl to build Linux

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/125631911

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/pc_x86_64_efi: needs host-openssl to build Linux

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/125631916

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/pc_x86_64_bios: needs host-openssl to build Linux

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/125631915

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2018.02.8

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2018.02.8

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d047c4032bbbece009d84094dae2092d9582df06)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2018.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2018.08.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0b4ccaef6cc159cb8dfcee482060315c4e8a40b4)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dtc: backport upstream fix solving Assertion Error with some .dts files

The build of U-Boot on Microchip (formerly Atmel) platforms currently
fails to build with an Assertion Error in dtc. This happens since we
bumped dtc from 1.4.4 to 1.4.7, as a regression was introduced in dtc
1.4.6, and fixed post-1.4.7. This commit backports the upstream commit
to resolve this Assertion Error.

The build error was:

dtc: livetree.c:438: propval_cell: Assertion `prop->val.len == sizeof(cell_t)' failed.
dtc: livetree.c:438: propval_cell: Assertion `prop->val.len == sizeof(cell_t)' failed.
Aborted (core dumped)

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/124434438
(and numerous other similar build failures)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dtc: renumber patches correctly

When c7ffd8a75d55e24d793106eabbb80964ab91081f ("package/dtc: fix
include guards for older kernel/u-boot") introduced a new patch to the
dtc package, it used the 0001 number, which was already used by
another patch. Let's fix that.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: bump to version 2.22.4

This is a maintenance release of the current stable WebKitGTK+ version,
which contains security fixes for  CVE-2018-4345, CVE-2018-4372,
CVE-2018-4373, CVE-2018-4375, CVE-2018-4376, CVE-2018-4378,
CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, and CVE-2018-4416.
Additionally, it fixes a few build failures, and a crash when using
certain version of Cairo.

Release notes can be found in the announcement:

  https://webkitgtk.org/2018/11/21/webkitgtk2.22.4-released.html

More details on the issues covered by security fixes can be found
in the corresponding security advisory:

  https://webkitgtk.org/security/WSA-2018-0008.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/samba4: fix install of systemd files

Since version 4.8.0 and
https://github.com/samba-team/samba/commit/080d590de1ff9f8ebc55aeffaea8d41991466549,
the systemd files (nmd.service, ...) are not available in packaging/systemd

Indeed, they are built in bin/default/packaging/systemd

So use the new --systemd-install-services configure option to install
these files

Fixes:
- http://autobuild.buildroot.org/results/a09a065c523931c1892e81a99c57521fbe095d8b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/stress-ng: really remove patch merged upstream

Should have been removed in commit 27bce5fc8e (package/stress-ng: bump
to version 0.09.39) but was left as an empty file.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsoxr: add avutil to soxr.pc

Add ${AVUTIL_LIBRARIES} to soxr.pc.in so applications such as
shairport-sync will know that they must link with -lavutil when
building statically

Fixes:
- http://autobuild.buildroot.org/results/839c0ce6475accc1de7e8a180d4358edb6750c64

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: change patch to use Libs.private instead.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsoxr: add optional ffmpeg dependency

avutil is used if (WITH_AVFFT OR (CMAKE_SYSTEM_PROCESSOR MATCHES "^arm"
AND SIMD32_FOUND AND WITH_CR32))

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/usb_modeswitch: disable parallel build

Build of package will sometime fails because of the following issue:
install-static target has two dependencies: dispatcher-static and
install-common

Because dispatcher-static is not a file but only a target, it will
always be called to build usb_modeswitch_dispatcher.
So, even if install-common depends on usb_modeswitch_dispatcher, in some
rare cases, install-static won't be able to install
usb_modeswitch_dispatcher because it is being rebuild by
dispatcher-static

To fix this issue, disable parallel build

Fixes:
- http://autobuild.buildroot.org/results/8297be35725b816ff5afaf909605ceb41223efb6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/weston: fix build with newer freerdp

Commit a63aad66d3 (package/freerdp: bump version to 2.0.0-rc2)
introduced a FreeRDP that has a different API, and this breaks
weston.

Backport a patch from upstream weston to fix the issue.

Fixes:
http://autobuild.buildroot.org/results/c0b4f7c4cee2c11715ecc2ef0cfb42f80dbf81b0/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libmicrohttpd: defining _REENTRANT on ARC is no longer needed

The ARC gcc compiler now defines _REENTRANT when -pthread is
passed. This issue was fixed upstream in gcc commit
de4c7f60f2891193bf3f5da823b17fa0d7fd4830, which is part of gcc
7.x. Therefore, both the gcc 7.x and 8.x versions, which can be
selected for the ARC architecture, are fixed, making the libmicrohttpd
work around useless.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "libmicrohttpd: fix build on riscv"

This reverts commit 2e57e835bf26a8f554033f8c1998d1a34fce16a5, which is
no longer needed now that the RISC-V gcc has been patched to define
_REENTRANT when -pthread is passed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "libkrb5: fix build on riscv"

This reverts commit e86af4c3961e1f30f2d48a8946a35edd95ab3ec4, which is
no longer needed now that the RISC-V gcc has been patched to define
_REENTRANT when -pthread is passed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "shadowsocks-libev: fix build on riscv"

This reverts commit ebffca8ba483610478f33cdc52a24a165e4da87e, which is
no longer needed now that the RISC-V gcc has been patched to define
_REENTRANT when -pthread is passed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "mtd: fix build on riscv"

This reverts commit 9ea1179eb5eece404a17cf5d313b05f303ae18e2, which is
no longer needed now that the RISC-V gcc has been patched to define
_REENTRANT when -pthread is passed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gcc: define _REENTRANT for RISC-V when -pthread is passed

The detection of pthread support fails on RISC-V unless _REENTRANT is
defined. This commit backports a patch that is already in upstream gcc
8.x to gcc 7.x to define _REENTRANT when -pthread is passed.

This will replace a number of package-specific fixes that have been
introduced to define _REENTRANT.

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
[Thomas: tweak commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

{linux, linux-headers}: bump 4.{4, 9, 14, 18}.x series

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/graph-depends: fix package names starting with a non-alpha

Graphviz' dot utility does not like nodes which names does not start
with an ^[[:alpha:]], i.e. 18xx-ti-utils would cause grievance:

    Warning: syntax ambiguity - badly delimited number '18x' in line 4 [...]/graph-depends.dot splits into two tokens
    Warning: syntax ambiguity - badly delimited number '18x' in line 5 [...]/graph-depends.dot splits into two tokens
    Warning: syntax ambiguity - badly delimited number '18x' in line 6 [...]/graph-depends.dot splits into two tokens
    Warning: syntax ambiguity - badly delimited number '18x' in line 7 [...]/graph-depends.dot splits into two tokens

Prefix nodes with an underscore to fix that.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: Make dtc install step more reliable

Checking for the existence of the dtc binary built by the
non-dependent dtc package may cause instable behaviour when giving more
freedom on the order of how the packages are built (parallelization).

In addidion, when moving to per-package host/target method, the check
would always trigger in the isolated host, leading to linux-dtc always
being installed as dtc.
This in turn may lead to undesired overwriting of the real host-dtc binary
when finally assembling the global host dir.

Thus rework the linux-dtc install condition to be defined by configuration
rather than compile time order.

Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

botan: fix install directory

Using $(STAGING_DIR)/usr and $(TARGET_DIR)/usr as the DESTDIR value
causes Botan to be installed in $(STAGING_DIR)/usr/usr and
$(TARGET_DIR)/usr/usr, which obviously isn't correct. Let's fix that
by passing the appropriate DESTDIR values.

Signed-off-by: DUPONCHEEL Sébastien <sebastien.duponcheel@corp.ovh.com>
[Thomas: extend commit log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

imx-usb-loader: bump version to 4aa9809

Fixes imx-usb-loader usability for i.MX6 QP (failes with the current
version/patch stack).

Changes since e539461:

  9a88413 portable.h: fix build with gcc older than 4.8
  bf25425 add mx6ull_usb_work.conf
  1041959 correct commit "portable.h: fix build with gcc older than 4.8"
  f000130 mx6ull_usb_work.conf: fix copy/paste error in comment
  e99a093 portable: fix typo s/&&/&/ in BE16 fix
  eed0280 portable: use __builtin_bswap16 for BE16 if >= 4.8 GNUC
  95fe112 imx_usb: fix type on imx_usb help
  4aa9809 imx_uart: fix type on help

Remove upstream applied patch ([1]):

- 0001-portable.h-fix-build-with-gcc-older-than-4.8.patch

[1] https://github.com/boundarydevices/imx_usb_loader/commit/9a88413996c6cfa8b903641f2f52b3fe487595cc

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

alsa-utils: add optional systemd dependency

Fixes (reported by Yann E. MORIN, [1]):

/usr/bin/install -D -m 0644 .../build/alsa-utils-1.1.6/alsactl/alsa-restore.service .../target/usr/lib/systemd/system/alsa-restore.service
/usr/bin/install: cannot stat '.../build/alsa-utils-1.1.6/alsactl/alsa-restore.service': No such file or directory

[1] http://lists.busybox.net/pipermail/buildroot/2018-November/236355.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

dante: disable pam

Fixes:
- http://autobuild.buildroot.org/results/5222592f2052e18c184fae42214c112e7f39be6e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/riotboard: add missing dependency on host-openssl

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771135

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

board/pc: use frame pointer unwinder in linux.config

The default ORC unwinder requires libelf to be built. While we could
build libelf using BR2_LINUX_KERNEL_NEEDS_HOST_LIBELF, we probably
don't really need the ORC unwinder in the PC defconfigs, so let's use
the frame pointer unwinder instead.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771107

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/orangepi_zero_plus2: U-Boot needs pylibfdt

When building U-Boot for this platform:

unable to execute 'swig': No such file or directory
error: command 'swig' failed with exit status 1
scripts/dtc/pylibfdt/Makefile:26: recipe for target 'scripts/dtc/pylibfdt/_libfdt.so' failed

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771103

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/olimex_a20_olinuxino_lime_legacy: use gcc 6.x and not the default version

The old 3.4 Linux kernel used by this defconfig doesn't build with gcc 7.x:

include/linux/compiler-gcc.h:106:1: fatal error: linux/compiler-gcc7.h: No such file or directory

So let's use gcc 6.x for the time being.

Long term, we should use a newer or different kernel source for this
defconfig, or get rid of the defconfig entirely if there's no updated
kernel with a fix.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771091

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/armadeus_apf27: fix U-Boot configuration

The U-Boot part of the defconfig was not specifying explicitly any
U-Boot version. Since commit 21e3ae8a18bb77943c0a2492ab9ebf14cab333f9
("boot/uboot: default to kconfig buildsystem for latest version"), we
default to using the kconfig build system when the default U-Boot
version is used. Following this change, the apf27 defconfig therefore
started using kconfig, for which the BR2_TARGET_UBOOT_BOARDNAME
Config.in option is not used. Due to this, the build fails with:

boot/uboot/uboot.mk:411: *** No board defconfig name specified, check your BR2_TARGET_UBOOT_BOARD_DEFCONFIG setting. Stop.

Indeed, when Kconfig is used, the board defconfig must be specified
with BR2_TARGET_UBOOT_BOARD_DEFCONFIG.

As part of fixing this, we also set a fixed U-Boot version for this
defconfig, like we do in all other defconfigs.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771003

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/cubieboard2: U-Boot needs pylibfdt

When building U-Boot for this platform:

unable to execute 'swig': No such file or directory
error: command 'swig' failed with exit status 1
scripts/dtc/pylibfdt/Makefile:27: recipe for target 'scripts/dtc/pylibfdt/_libfdt.so' failed

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771048

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx6-sabresd_qt5: add missing dependency on host-openssl

host-openssl is needed to build the Linux kernel. This is the same
issue that was fixed in commit
5dac3b9b8d72ea2b4aa264bfaa54e41f32595009 ("configs/imx6-sabresd: needs
host-openssl for the Linux kernel build") for the minimal defconfig
for the same board.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/123771070

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx6sabre: Create distinct pre-processed mkimage config files

Commit 0c4bccf9e882 ("configs/imxsabre: Fix U-Boot parallel build issue")
tried to fix the parallel build issue, but the real fix was developed
later by Trent Piepho later, so add such commit to fix Buildroot
build failures on rel_imx_4.9.x_1.0.0_ga NXP branch.

Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/123771053
https://gitlab.com/buildroot.org/buildroot/-/jobs/123771054
https://gitlab.com/buildroot.org/buildroot/-/jobs/123771055

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: needs glibc

Since version v239, systemd-nspawn unconditioanlly uses prlimit(2),
which is not implemented in uClibc-ng. systemd-nspawn can not be
disabled.

This makes systemd glibc-only again.

After a bit of discussion with upstream (om IRC), it looks very
improbable that they accept a patch making systemd-nspawn optional.
They would probably consider a patch that provides that syscall wrapper
if it is missing, though, but that's less trivial...

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

mtd: fix build on riscv

Define _REENTRANT otherwise pthread detection will fail

Fixes:
- http://autobuild.buildroot.org/results/b0e7978a997a2aae383161455b5d898b8c28e2e1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

gauche: fix parallel build

Add a patch to fix parallel build issue on ext/rfc

Fixes:
- http://autobuild.buildroot.org/results/f4935e29ce6aaebdaa47d46c56120b7e97145d1b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

motion: fix static build with webp

Static build with webp fails because webp is put before webpmux

Fixes:
- http://autobuild.buildroot.org/results/4d4e72808300ba1ff79ca794930112b554eb2533

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Update for 2018.11-rc2

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

fs/tar: add support for xattrs (thus capabilties)

By default, tar will not include any extended attribute (xattr) when
creating archives, and thus will not store capabilties either (as they
are stored in the xattr 'security.capability').

Using option --xattrs is enough to create a tarball with all the xattrs
attached to a file. However, extracting all xattrs from a tarball
requires that --xattrs-include='*' be used. This is not symetric (but on
purpose, as per the documentation), and so is confusing to some.

So, we use --xattrs-include='*' to create the archive, so as to be
explicit that we want all xattrs to be stored.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libcorrect: fix debug build

Add a patch to use -fsanitize=address only when available

Fixes:
- http://autobuild.buildroot.net/results/221d6a418e75b39fe645c3a56cee676518d2cff6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

weston: egl support needs egl glesv2

Fixes:
- http://autobuild.buildroot.org/results/95db3f4ad4c7ae866b7db4431293c26faa5c1dfc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/netplug: fix quoting of ${NETWORKING} in init script

Since 4adaa581b27dc27298eb7cc421ee8f530f88e18e, S29netplug looks for
/etc/default/network instead of /etc/sysconfig/network. When this
file exists but does not define $NETWORKING, the script fails on line
29 with something like:

/etc/init.d/S29netplug: 29: [: =: unexpected operator

Fix quoting so this error no longer happens.

Signed-off-by: Thomas Claveirole <thomas.claveirole@green-communications.fr>
[Thomas: keep double quotes around "no", keep curly braces when
referencing the variable.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

make: configure host-make with host- prefix

Fixes:
http://autobuild.buildroot.net/results/e29/e293aadc692d2ed337881ef2172ddf66a60bc05c/

And many more.

Install as 'host-make' rather than just 'make', as that otherwise confuses a
number of packages when they invoke recursive / sub-make. The internal job
control logic of GNU make is version dependant, so mixing versions may lead
to issues like:

make[1]: Entering directory `/home/peko/autobuild/instance-0/output/build/boa-0.94.14rc21'
(cd src && make -w --jobserver-fds=5,6 -j)
make: unrecognized option '--jobserver-fds=5,6'

With this rename, only packages explicitly opting in for our host-make
(using the BR2_MAKE / BR2_MAKE_HOST_DEPENDENCY logic) will use it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

make: drop gnumake/gmake aliases for host-make

Now that glibc no longer checks for gnumake / gmake, these aliases can be
removed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

glibc: ensure BR2_MAKE is also used for subdirs

The configure script contains logic to figure out what make program to
invoke for subdirectories (trying gnumake, gmake, make). Explicitly force
it to use our BR2_MAKE to ensure the right make version is used.

As GLIBC_CONF_ENV is only initialized below, move this section below it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libnftnl: drop useless BR2_PACKAGE_LIBNFTNL_XML

Commit fa0d1ebff99 (libnftnl: bump to version 1.0.9) removed the mxml
dependency. Remove the redundant BR2_PACKAGE_LIBNFTNL_XML config symbol
as well.

Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/syslinux: fix build with glibc 2.28+

When building with glibc 2.28+, the "major", "minor" and "makedev"
functions are defined in "sys/sysmacros.h". This commit backports
upstream commit 1a74985b2a404639b08882c57f3147229605dfd5 to fix the
build with glibc 2.28.

Link: https://www.syslinux.org/wiki/index.php?title=Building
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic.mk: fix show-build-order stdout pollution

The commands like "make show-build-order" or "make
<package>-show-build-order" show the build order and then print
"make[1]: Nothing to be done for 'show-build-order'" to stdout. It
pollutes output. Technically this message is true but it's not true
for user because he gets an information.

The <package>-show-build-order targets use $(info) for package name
printing. The make utility doesn't consider the internal directive as
a command so it think that it's "Nothing to be done". The patch adds
the empty command to <package>-show-build-order to inform make utility
that taget makes some real actions.

Signed-off-by: Serj Kalichev <serj.kalichev@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: invert $(info) and @:, as suggested by Yann.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

vtun: remove reference to start-stop-daemon from package help

None of the other 82 packages that use start-stop-daemon does this.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luvi: add patch to fix build issue

Since bumping luv from version 1.9.1 to 1.22.0, building luvi fails, as
"luv.h" now includes "compat-5.3.h", which is locally shipped as a
dependency to lua-compat-5.3.

Fixing the issue reveals, that luvi is using `luaL_newlib` which is not
available in the Lua 5.1 API. Building luvi with luv 1.9.1 was not an
issue before, because luv 1.9.1 defined `luaL_newlib` in luv.h, which
was removed in 1.22.0 in favour of using lua-compat-5.3.

Therefore, add a patch which defines `luaL_newlib` in luvi.h.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luv: add patch to fix build issue with luvi

Add a patch to fix a build issue with luvi after bumping luv from
version 1.9.1 to 1.22.0.

The problem is that luv now uses lua-compat-5.3 instead of defining the
Lua 5.3 API itself. Unfortunately, luv.h now includes compat-5.3.h in the
header file, which causes the build issue with luvi, as luvi does not
find this local header file. Note, that luv ships lua-compat-5.3 as a
dependency.

Therefore, the patch includes compat-5.3.h in the source file luv.c, so
it isn't exposed to external programs.

Fixes:
http://autobuild.buildroot.net/results/2244cd30986aff29b763fb7183f6fc27a82bd7fa
http://autobuild.buildroot.net/results/01938f7f018dc69d564c22489933647b1daf62f3
http://autobuild.buildroot.net/results/8217e863c2776d299cb90b90f1a2ed8233ec82ba
.. and many more

Note, that fixing this issue reveals another issue in luvi, which is
fixed by the follow up patch.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

ltp-testsuite: update patch filename

The patch 0007-Disable-DES-authentification-support.patch has been
renamed to 0005-Disable-DES-authentification-support.patch.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/webkitgtk: use proper USE_WOFF2 flag instead of ENABLE_WOFF2

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

flare-engine: fix debug build

If BR2_ENABLE_DEBUG is set, use RelWithDebInfo instead of default Debug
as Debug will add -pg (gprof) which is not always available on toolchain

Fixes:
- http://autobuild.buildroot.org/results/a12ae622a44bbe025c3a8b7e8e4c253b52927ae8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

rpm: really take DEPENDENCIES into account

Commit e7af4033c32560594ddbd457b68f6d3713662a26 ("rpm: use the new
gettext logic") introduced a really nasty bug: by adding
$(TARGET_NLS_DEPENDENCIES) to RPM_DEPENDENCIES, it completely
overwrote the existing value of RPM_DEPENDENCIES, entirely masking all
mandatory RPM dependencies.

rpm is fairly towards the end of the alphabet, and most other
mandatory dependencies (berkeleydb, host-pkgconf, file and popt)
appear earlier by alphabetic ordering. Only zlib was afterwards, but
since file depends on zlib, it was always built before. This probably
explains why our autobuilders haven't encountered a single build
failure.

However, a simple "make rpm" clearly exhibits the failure, and
obviously the upcoming per-package folder mechanism makes such bugs
even more obvious.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xen: Bump Xen to 4.11.0 and backport a fix

Bump the Xen package to the latest release and backport a fix from the
Xen master brach.

This fixes autobuilder issue:
http://autobuild.buildroot.net/results/6e0d8e962e861a32f5bf2e5031ef51c25768f1f6/

Signed-off-by: Alistair Francis <alistair@alistair23.me>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

imx-uuc: install ufb

The bump to 79e9798eee9cd972d92ed2b18f170de856d153c9 added the new ufb
daemon through the following commit:
https://github.com/NXPmicro/imx-uuc/commit/ce808f3010ec73ccc07775c6cfd5317807a22415

So install ufb on target

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

imx-uuc: needs headers >= 3.18

The bump to 79e9798eee9cd972d92ed2b18f170de856d153c9 added the following
commit:
https://github.com/NXPmicro/imx-uuc/commit/ce808f3010ec73ccc07775c6cfd5317807a22415

This new ufb daemon uses usb_functionfs_descs_head_v2 which is available
only since 3.18:
https://github.com/torvalds/linux/commit/1df22b4ea9d91b01267fb61c155c31fb65d6b8a0

So add a dependency on headers >= 3.18

Fixes:
- http://autobuild.buildroot.org/results/1081062b1c32c44a9feb5b14288095bc72d15986

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

wireshark: fix static build with snappy

Fixes:
- http://autobuild.buildroot.org/results/9089e74c0f8428d28953ae037a84aa8a08db7ded

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

uclibc: Get rid of stale UCLIBC_INSTALL_LDSO_SYMLINKS

UCLIBC_INSTALL_LDSO_SYMLINKS is not defined anywhere to nuke it.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

uclibc-ng-test: fix build with glibc 2.28

Since glibc 2.28
(https://savannah.gnu.org/forum/forum.php?forum_id=9205), the obsolete
functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt, ecb_crypt,
and des_setparity are no longer available to newly linked binaries, and
the headers <rpc/des_crypt.h> and <rpc/rpc_des.h> are no longer
installed. These functions encrypted and decrypted data with the DES
block cipher, which is no longer considered secure. Software that still
uses these functions should switch to a modern cryptography library,
such as libgcrypt.

So add a NO_CRYPT variable to disable test/crypt

Fixes:
- http://autobuild.buildroot.org/results/158438debb0ce313b012b871e199bed42ba38294

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

core: ensure we use the realpath(3) of DL_DIR

When $(TOPDIR)/dl is a symlink, checking out git submodules can fail,
as reported by Michael in #11086.

To reproduce a similarly-related mis-behaviour:

    $ mkdir -p foo/bar foo/buz
    $ cd foo/bar
    $ ln -s ../buz meh
    $ cd meh
    $ cd ../../foo

The last command should not succeed, because, relative to meh, there is
no ../../foo directory; we would expect it to be ../../../foo, instead.
But since meh is a symlink to a directory, then a relative path from that
symlink is interpreted as relative to the derefrenced directory, i.e.
from buz in this case.

But where this gets even weirder, is that, if the last command is
replaced by:

    $ cd ../../../foo

then it still works, too.

And that is the root of Michael's issue: the dl directory in Buildroot's
TOPDIR is a symlink to a similarly-named directory one directory higher,
which then confuses relative paths, which gets especially and noticeably
bad for git submodules.

Avoid this strangeness, and just use so-called "physical" path, i.e. a
path where all symlinks to directories have been dereferenced.

Fixes: #11086
Reported-by: Michael Nosthoff <posted@heine.so>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Michael Nosthoff <posted@heine.so>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libv4l: v4l2-compliance needs fork

Since bump to 1.16.2, v4l2-compliance uses fork, see:
https://git.linuxtv.org/v4l-utils.git/commit/utils/v4l2-compliance/?id=79d98edd1a27233667a6bc38d3d7f8958c2ec02c

So add a patch to disable v4l2-compliance if fork is unavailable

Fixes:
- http://autobuild.buildroot.org/results/447d792ce21c0e33a36ca9384fee46e099435ed8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

flatcc: fix debug build

flatcc is named flatcc_d if BR2_ENABLE_DEBUG is set because of the
following line in CMakeLists.txt: set(CMAKE_DEBUG_POSTFIX "_d")

So update FLATCC_TARGET_REMOVE_FLATCC_COMPILER hook to replace flatcc
by flatcc*

Fixes:
- http://autobuild.buildroot.org/results/a47f49cd2fdd809257bd7e83dca620f2e6aac85b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

sconeserver: needs zlib

Since bump to 6b932d7d8dbb700b830205e7111e469cefff490c and
https://github.com/sconemad/sconeserver/commit/34b01e9d332f912da82ab1c09529a33969ff6ebb,
sconeserver needs zlib so select it

Fixes:
- http://autobuild.buildroot.org/results/b5e2b8635b37e6f2803a6031b154cf67685a4221

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

prosody: security bump to version 0.10.2

This fixes a cross-host authentication vulnerability, CVE-2018-10847.
The issue affects Prosody instances that have multiple virtual hosts
(including anonymous authenticated hosts):
https://blog.prosody.im/prosody-0-10-2-security-release

A full security advisory is available at
https://prosody.im/security/advisory_20180531

Compute hashes locally as they are no more available on
https://prosody.im/downloads/source/{MD5,SHA1,SHA256,SHA512}SUMS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

fs/common.mk: Fix show-build-order

The command "make show-build-order" doesn't show dependencies of rootfs-common target.

This patch adds $(ROOTFS_COMMON_DEPENDENCIES) to PACKAGES variable.

Signed-off-by: Serj Kalichev <serj.kalichev@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

utils/genrandconfig: add missing new line when creating the configuration

When adding the custom BR2_WGET value in the configuration,
genrandconfig forgets to add a newline. Due to this, the next option
that is added is printed on the same line as BR2_WGET="", which causes
it to be ignored.

Due to this, in all builds, the line right after BR2_WGET was
ignored. It could have been BR2_ENABLE_DEBUG, BR2_INIT_BUSYBOX,
BR2_INIT_SYSTEMD, BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV,
BR2_STATIC_LIBS or BR2_PACKAGE_PYTHON_PY_ONLY depending on the
randomization.

Fix that by adding a proper newline at the end of the BR2_WGET option.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gstreamer: fix build on riscv

RISC-V supports unaligned accesses, but these might run extremely slowly
depending on the implementation so set as_cv_unaligned_access to no on
this architecture, see:
https://gitlab.freedesktop.org/gstreamer/gstreamer/commit/8a156d1725ecd03f2e8cdc8874e081dda2d3b43d

Fixes:
- http://autobuild.buildroot.org/results/dca32c929350311fca1a85e251d318b43c4a3177

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

easydbus: fix build without C++

Specify that easydbus is a C project file otherwise build will fail if
no C++ compiler is found by cmake

Fixes:
- http://autobuild.buildroot.org/results/486c3cd98124e7415dee2fd1463bd5e0fcc9ba91

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openocd: add missing host-pkgconf dependency

The configure.ac script uses PKG_CHECK_MODULES(), and we autoreconf
the package, so host-pkgconf should be listed in the dependencies.

This issue is seen either with per-package folders, or by doing a
clean build with just "make openocd":

>>> openocd 0.10.0 Configuring
>>> openocd 0.10.0 Autoreconfiguring
[...]
configure.ac:12: error: possibly undefined macro: AC_MSG_WARN
If this token and others are legitimate, please use m4_pattern_allow.
See the Autoconf documentation.
configure.ac:201: error: possibly undefined macro: AC_DEFINE
configure.ac:582: error: possibly undefined macro: AC_MSG_NOTICE

Even if the message seems unrelated, it's really the lack of pkg.m4
from host-pkgconf that causes the issue.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libassuan: fixup libassuan-config

The libassuan library installs libassuan-config, but it is not
currently fixed up by our <pkg>_CONFIG_SCRIPTS logic. While this
doesn't cause any problem today, it fails badly with per-package
folders, so let's use <pkg>_CONFIG_SCRIPTS.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libv4l: bump version to 1.16.2

- changes since 1.16.1
  0f68a3f6 configure: build without BPF support in ir-keytable
  5f8bd4e8 keytable: fix compilation warning
  f735bee7 keytable: fix BPF protocol compilation on mips
  c393c3bc Prepare for 1.16.2 release

- use new '--disable-bpf' option instead of ac_cv_prog_CLANG
  to disable BPF support, fixes [1]:

  bpf.c:48:4: error: #error __NR_bpf not defined. libbpf does not support your arch.

- remove upstream denied patch (see [2]) fixing part of the BPF support
  for older toolchains

[1] http://autobuild.buildroot.net/results/32b8f63e84616f91b645230e889eb1518972a398
[2] https://www.spinics.net/lists/linux-media/msg142729.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libsigsegv: add RISC-V support

This commit backports an upstream commit adding RISC-V support to
libsigsegv, and adds a patch that finalizes the RISC-V support to make
it compatible with cross-compilation.

Fixes:

http://autobuild.buildroot.net/results/bd12cb3db3b46860a4ab8fb91052319dce75202a/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

dt-utils: fix hash

Hash has been reported as wrong by autobuilder since August 16th
Perhaps, it was wrong since bump to v2018.05.0 on August 9th

Fixes:
- http://autobuild.buildroot.org/results/c6c8ede30623cc20011916cc95dbdae34dcc0344

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Tested-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

shadowsocks-libev: fix build on riscv

Define _REENTRANT otherwise pthread detection will fail

Fixes:
- http://autobuild.buildroot.org/results/c5406206190b46e15d35d05c5ed026ee7632f5b1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

imx-uuc: bump revision to 79e9798e to fix glibc 2.28 build

Main changes:
- fix build error with glibc 2.28
- re-factor the code
- use unique CPU ID when available
- improve UDC management

Fixes:
http://autobuild.buildroot.net/results/b39d56c1573308c4f947de23363da7c05e2aaf0d/

Also switch back the repository from codeauroraforum to NXPmicro now
that the Qualcomm/NXP merger was denied.

Signed-off-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libsemanage: define installation location of semanage.conf for host

When /etc/selinux/semanage.conf does not exist, libsemanage tries to
overwrite it. For the target package, it works fine because $(DESTDIR)
is taken into account.

However, for the host package, $(DESTDIR) is empty, and the location
used for /etc/selinux/semanage.conf is not affected by $(PREFIX). This
causes host-libsemanage to try to install /etc/selinux/semanage.conf,
which obviously fails with:

  test -f /etc/selinux/semanage.conf || install -m 644 -D semanage.conf /etc/selinux/semanage.conf
  install: cannot create directory '/etc/selinux': Permission denied

To fix this, this commit passes DEFAULT_SEMANAGE_CONF_LOCATION in the
make options when building/installing host-libsemanage, providing a
path to semanage.conf that Buildroot can write to.

Fixes:

  http://autobuild.buildroot.net/results/cd27e3c66274622d0c3dd5a601a36efb1bc45011/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xlib_libfontenc: add missing dependency on host-pkgconf

The xlib_libfontenc configure.ac uses PKG_CHECK_MODULES(), but the
Buildroot package does not have a dependency on host-pkgconf. This
causes a build failure with per-package host/target folders, or if one
builds just with "make xlib_libfontenc", which is why it was never
detected by the autobuilders.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

elfutils: security bump to version 0.174

Fixes the following security issues:

CVE-2018-16062: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils
before 2018-08-18 allows remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted file.

CVE-2018-16402: libelf/elf_end.c in elfutils 0.173 allows remote attackers
to cause a denial of service (double free and application crash) or possibly
have unspecified other impact because it tries to decompress twice.

CVE-2018-16403: libdw in elfutils 0.173 checks the end of the attributes
list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr
in dwarf_hasattr.c, leading to a heap-based buffer over-read and an
application crash.

For more details, see the announcement:
https://sourceware.org/ml/elfutils-devel/2018-q3/msg00116.html

0.172 and 0.173 also included fixes for crashes and hangs found by afl-fuzz
(no CVEs assigned):
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00272.html
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00209.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libnss: security bump to version 3.39

Fixes the following security issue:

CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libnspr: fix nios2 and microblaze support patches

Commit c9e3d5b6c57 (libnspr: bump to version 4.20) did not refresh the
hunks touching the _linux.cfg file. As a result, these hunk were applied
to the wrong (x86 specific) place in that file, rendering them
ineffective. Refresh the patches to fix that.

Fixes:
http://autobuild.buildroot.net/results/2d1/2d1288e98a6459d84c2599c99b5617a2fde81f62/

Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>