buildroot.git
6 years agoktap: bump version for linux-4.8 support
Peter Korsgaard [Sat, 31 Mar 2018 10:27:11 +0000 (12:27 +0200)]
ktap: bump version for linux-4.8 support

Fixes #10776

The upstream git repo contains a number of fixes for building against newer
kernel versions, so bump the version.

git shortlog eb66d40310c93dc82bc8eac889744c1ed1f01f7b..
Alain Kalker (2):
      uprobe: Print the symbol, not the matching pattern
      uprobe: Blacklist uretprobes on _start

Aleksa Sarai (2):
      runtime: update GFP_WAIT to GFP_RECLAIM
      userspace: fix up argument parsing NULL dereference

Alexey Makhalov (1):
      Fix building for v4.8 kernel

Azat Khuzhin (12):
      Use get_unused_fd_flags(0) instead of get_unused_fd()
      Support trace_seq::seq
      Ignore separate debug files (*.dwo)
      Use trace_seq_has_overflowed()
      makefile: split vim plugins installing into separate target
      makefile: use DESTDIR for install (allow to change install dir)
      makefile: install: create dirs
      makefile: use ldflags for linking ktap
      makefile: add CPPFLAGS to KTAPC_CFLAGS, to allow change default flags
      ignore: exclude /debian
      Support compilation for 4.2 (ftrace_events cleanup)
      runtime: fix building on 4.3

Jovi Zhangwei (11):
      Merge pull request #84 from azat/linux-3.19-fixes-v3
      Merge pull request #85 from azat/debian-preparations-v2
      Merge pull request #88 from NanXiao/master
      Merge pull request #89 from NanXiao/patch-1
      Merge pull request #91 from NanXiao/patch-1
      Merge pull request #90 from azat/linux-4.2-compilation-fixes
      Merge pull request #99 from cyphar/fix-null-deref
      Merge pull request #98 from cyphar/fix-gfp-reclaim
      Merge pull request #97 from azat/fix-building-4.3-__GFP_RECLAIM
      Merge pull request #103 from ackalker/blacklist
      Merge pull request #104 from YustasSwamp/master

Nan Xiao (3):
      Update tutorial.md
      Update Makefile
      Fix memory leak issue in main function.

WEI ZHANG (1):
      ktap: Change the copyright to Huawei Technologies

While we are at it, also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoDEVELOPERS: add myself for a number of unmaintained boards
Peter Korsgaard [Sat, 31 Mar 2018 07:22:51 +0000 (09:22 +0200)]
DEVELOPERS: add myself for a number of unmaintained boards

These boards I own and currently have no entries in DEVELOPERS, so add them.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: remove intermediate artefacts
Yann E. MORIN [Sat, 31 Mar 2018 09:06:01 +0000 (11:06 +0200)]
fs: remove intermediate artefacts

Each of the intermediate, per-rootfs target directories, as well as the
intermediate tarball, can take quite some place, and is mostly a
duplication of what's already in target/. The only delta, if any, would
be the tweaks made by the filesystem image generations, but those tweaks
are most probably only meaningful when seen as root.

We normally do not remove intermediate files, but those can be quite
large, and are not directly usable by, nor accessible to the user.
So, get rid of them once the filesystem has been generated.

This does not need to be done in fakeroot.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: get rid of package-provided post-fs hooks
Yann E. MORIN [Sat, 31 Mar 2018 09:06:00 +0000 (11:06 +0200)]
fs: get rid of package-provided post-fs hooks

Now that the pre-fs ones are run on a transient copy of target/, the
post-fs hooks are no longer needed because we no longer need to restore
the target/ directory as it is only a internal copy.

Remove support for the post-fs hooks, and update the sole package using
them.

We do not add a legacy check because this was mostly a purely-internal
detail that was never really exposed nor documented.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: run packages' filesystem hooks in a copy of target/
Yann E. MORIN [Sat, 31 Mar 2018 09:05:59 +0000 (11:05 +0200)]
fs: run packages' filesystem hooks in a copy of target/

Currently, some packages may register hooks to be run just before and
just after the generic tarball image is generated, because they need to
prepare the filesystem for read-only or read-write operation.

However, this means that, if any of the hooks or the image generation
fails, the target directory is left in a dangling, inconsistent state.

We fix that by doing a copy of target/, run the hooks on that copy,
generate the generic tarball image out of that, and get rid of the copy.

This way, we can guarantee consistency of the target directory, and we
can even ditch support for post-fs hooks (those that restore target/).

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: use a common tarball as base for the other filesystems
Yann E. MORIN [Sat, 31 Mar 2018 09:05:58 +0000 (11:05 +0200)]
fs: use a common tarball as base for the other filesystems

Currently, some filesystems may want to tweak the content of the target
directory, create special device nodes etc... This all means that:

  - the content of the target directory for a specific filesystems may
    depend on whether another filesystem is enabled or not; for example,
    cpio will create a /init script or symlink and a /dev/console node;

  - the filesystems can not be built in parallel, because they may change
    the content of the target directory while another is being assembled.

Furthermore, the same fakeroot script is executed over-and-over-again
for each filesystem, to create the device nodes, the users and their
homes and files, and setting permissions...

We introduce an intermediate tarball, for which we do the full fakeroot
shebang.

That tarball then serves as the base for the other filesystems, with a
very simple fakeroot script that untars the common tarball, and calls
the actual filesystem image generator on that.

Note that we use a very simple tar command to generate the intermediate
tarball, because we are not concerned with reproducibility of the
archive itself (only of the archived files).

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: introduce a macro for reproducible command
Yann E. MORIN [Sat, 31 Mar 2018 09:05:57 +0000 (11:05 +0200)]
fs: introduce a macro for reproducible command

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: new intermediate rootfs-common to gather common dependencies
Yann E. MORIN [Sat, 31 Mar 2018 09:05:56 +0000 (11:05 +0200)]
fs: new intermediate rootfs-common to gather common dependencies

Before we can create an intermediate tarball for all filesystems, we
nedd to move the common dependencies needed to generate that
intermediate tarball, rather than leave those dependencies to each
filesystem.

So, we introduce rootfs-common, which gathers all those common
dependencies.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: introduce per-rootfs TARGET_DIR variable
Yann E. MORIN [Sat, 31 Mar 2018 09:05:55 +0000 (11:05 +0200)]
fs: introduce per-rootfs TARGET_DIR variable

... which for now still points to the base target directory, but this is
a step forward.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: split per-rootfs dependency line
Yann E. MORIN [Sat, 31 Mar 2018 09:05:54 +0000 (11:05 +0200)]
fs: split per-rootfs dependency line

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: use a per-rootfs fakeroot script
Yann E. MORIN [Sat, 31 Mar 2018 09:05:53 +0000 (11:05 +0200)]
fs: use a per-rootfs fakeroot script

... and locate that script in a per-rootfs directory.

Just like for ROOTFS, this variable will leak down the dependency tree to
target-finalize and packages - But it doesn't matter as it isn't used
outside fs/.

[Peter: extend commit message]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: define per-rootfs directory
Yann E. MORIN [Sat, 31 Mar 2018 09:05:52 +0000 (11:05 +0200)]
fs: define per-rootfs directory

This will serve in future commits to store pre-rootfs files, like
fakeroot script...

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: set per-rootfs variable name
Yann E. MORIN [Sat, 31 Mar 2018 09:05:51 +0000 (11:05 +0200)]
fs: set per-rootfs variable name

Like we do for packages with the PKG variable, set ROOTFS to contain the
upper-case name of the rootfs currently being generated.

This will be useful in later patches, when we need more per-rootfs
variables, like a per-rootfs TARGET_DIR for example.

In Makefiles, per-rule variables trickle down the dependency chain, to
all dependencies of that rule, so we have to stop ROOTFS as soon as
we're not in a rootfs. This means we have to stop it at target-finalize
(which is a dependency of all filesystems), and for each package
individually, since some packages (host or target) can be direct
dependencies of filesystems as well.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agocore: introduce intermediate BASE_TARGET_DIR variable
Yann E. MORIN [Sat, 31 Mar 2018 09:05:50 +0000 (11:05 +0200)]
core: introduce intermediate BASE_TARGET_DIR variable

This new BASE_TARGET_DIR variable is set in stone to point to the real
location where packages will be installed. Its name is modelled after
its definition: it is located in $(BASE_DIR), and it is named 'target/',
hence BASE_TARGET_DIR.

The already-existing TARGET_DIR variable now simply points to the same
location, except that it is recursively expanded, so that we can later
change it depending on the context.

All locations that really need to reference the existing target/
directory, are changed to use BASE_TARGET_DIR; surprinsigly enough, they
all seem to be located in the main Makefile. :-) The rest is left with
using good-old TARGET_DIR.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs/iso9660: rename internal variable
Yann E. MORIN [Sat, 31 Mar 2018 09:05:49 +0000 (11:05 +0200)]
fs/iso9660: rename internal variable

We're soon to introduce a generic variable with that name, i.e.
$(FS_NAME)_TARGET_DIR, so our internal, temporary variable would
clash with it.

Just rename it.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs/cpio: don't extend packages' permissions table
Yann E. MORIN [Sat, 31 Mar 2018 09:05:48 +0000 (11:05 +0200)]
fs/cpio: don't extend packages' permissions table

Currently, when we build a cpio filesystem without static devices, we
shoehorn the /dev/console node as if it were specified by a package.

This means that this device is added for all filesystems as well, not
just the cpio. But if we disable cpio, that device is not created for
other filesystems.

This is not very clean, and may break expectations.

Instead, use an explicit mknod as part of the _CMD, as we know it's
going to run under fakeroot.

This is still visible to all filesystems built after cpio, and not to
those built before it, though.

[Peter: ensure /dev exists, simplify comment]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agofs: run filesystem hooks under fakeroot
Yann E. MORIN [Sat, 31 Mar 2018 09:05:47 +0000 (11:05 +0200)]
fs: run filesystem hooks under fakeroot

Currently, the pre-gen hooks of the various filesystems are run before
we enter the fakeroot.

However, this precludes those hooks from doing actions that require
root, like creating a pseudo-device or the likes.

So, move those pre-gen hooks under fakeroot.

This has currently no side-effect, as they are still called before
everything else in the fakeroot script, even the system-wide chown call.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/dovecot: add optional support for libsodium
Bernd Kuhls [Sat, 31 Mar 2018 16:34:58 +0000 (18:34 +0200)]
package/dovecot: add optional support for libsodium

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolinux-headers: bump 4.{4, 9, 14, 15}.x series
Fabio Estevam [Sat, 31 Mar 2018 18:34:58 +0000 (15:34 -0300)]
linux-headers: bump 4.{4, 9, 14, 15}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolinux: bump default to version 4.15.15
Fabio Estevam [Sat, 31 Mar 2018 18:34:57 +0000 (15:34 -0300)]
linux: bump default to version 4.15.15

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/docker-engine: convert to golang infrastructure
Angelo Compagnucci [Wed, 7 Mar 2018 22:19:38 +0000 (23:19 +0100)]
package/docker-engine: convert to golang infrastructure

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas:
 - adapt to the changes in the golang-package infrastructure
 - keep the logic to support BR2_PACKAGE_DOCKER_ENGINE_STATIC_CLIENT]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/apache: add optional support for lua
Bernd Kuhls [Fri, 30 Mar 2018 16:50:36 +0000 (18:50 +0200)]
package/apache: add optional support for lua

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/docker-proxy: convert to golang infrastructure
Thomas Petazzoni [Sat, 31 Mar 2018 13:27:36 +0000 (15:27 +0200)]
package/docker-proxy: convert to golang infrastructure

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: remove automatically added host-go dependency]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agopackage/docker-containerd: convert to golang infrastructure
Angelo Compagnucci [Sat, 31 Mar 2018 13:27:34 +0000 (15:27 +0200)]
package/docker-containerd: convert to golang infrastructure

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agopackage/runc: convert to golang infrastructure
Angelo Compagnucci [Sat, 31 Mar 2018 13:27:33 +0000 (15:27 +0200)]
package/runc: convert to golang infrastructure

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agopackage/flannel: convert to golang infrastructure
Angelo Compagnucci [Sat, 31 Mar 2018 13:27:32 +0000 (15:27 +0200)]
package/flannel: convert to golang infrastructure

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agodocs/manual: add documentation for the golang infrastructure
Angelo Compagnucci [Sat, 31 Mar 2018 13:27:31 +0000 (15:27 +0200)]
docs/manual: add documentation for the golang infrastructure

This patch adds the documentation for the golang infrastructure.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agopackage/pkg-golang: new package infrastructure
Angelo Compagnucci [Sat, 31 Mar 2018 13:27:30 +0000 (15:27 +0200)]
package/pkg-golang: new package infrastructure

This patch adds a new infrastructure for golang based packages.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout:
 - Rewrap comments to 80 columns.
 - Create a global definition of GO_TARGET_ENV.
 - <PKG>_GO_ENV is appended to the default env instead of replacing it.
 - Add a note to inner-golang-package that only target is supported.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agodocker-containerd: remove symlink to $(RUNC_SRCDIR)
Thomas Petazzoni [Sat, 31 Mar 2018 13:27:29 +0000 (15:27 +0200)]
docker-containerd: remove symlink to $(RUNC_SRCDIR)

The DOCKER_CONTAINERD_CONFIGURE_CMDS creates a symlink to runc's
source directory, but it does not build depend on runc, which means
that the runc package may not have been extracted/built before
docker-containerd.

Therefore, when doing a build with "make docker-containerd", this
symbolic link is broken, but it doesn't prevent docker-containerd from
building.

Therefore, this symlink is not necessary and can be dropped.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agoMakefile: create symlink to non-default HOST_DIR
Arnout Vandecappelle (Essensium/Mind) [Fri, 4 Aug 2017 16:31:30 +0000 (18:31 +0200)]
Makefile: create symlink to non-default HOST_DIR

If BR2_HOST_DIR is not the default, it can be difficult to find the
host directory (i.e., HOST_DIR always has to be passed explicitly in
addition to the output directory). For example, the Eclipse plugin
assumes that HOST_DIR=BASE_DIR/host.

Create a symlink from $(BASE_DIR)/host to $(HOST_DIR) if it is not the
default. Also remove it in the clean target.

When BR2_HOST_DIR is the default, HOST_DIR_SYMLINK will be empty so
there will be no additional dependency to dirs and nothing to remove
in clean.

Fixes https://bugs.busybox.net/show_bug.cgi?id=10151

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoMakefile: move mkdir rule to after HOST_DIR is defined
Arnout Vandecappelle (Essensium/Mind) [Fri, 4 Aug 2017 16:31:29 +0000 (18:31 +0200)]
Makefile: move mkdir rule to after HOST_DIR is defined

HOST_DIR is defined twice: once to its default value before .config is
included, and once more to BR2_HOST_DIR after .config is included.
However, the rule that defines the mkdir for HOST_DIR comes between
these two, so it will always use the default definition. Therefore,
if a non-default BR2_HOST_DIR is used, there will be no rule to create
that directory, while the dirs target depends on it.

This happens to work at the moment, because in the dirs target,
$(STAGING_DIR) comes before $(HOST_DIR), so $(HOST_DIR) will be created
implicitly. However, this will fail in top-level parallel builds where
both will be created in parallel.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopython-libusb1: new package
Jaap Crezee [Mon, 4 Sep 2017 15:19:54 +0000 (17:19 +0200)]
python-libusb1: new package

License info from PyPI is wrong: it is LGPL-2.1+, not GPL-2.0. The
package includes a COPYING file with GPL-2.0, but since it is really
LGPL-2.1+ only the COPYING.LESSER file is relevant.

Signed-off-by: Jaap Crezee <jaap@jcz.nl>
[Arnout: regenerate with scanpypi, fix legal info]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agoutils/genrandconfig: use --no-check-certificate in wget by default
Thomas Petazzoni [Sat, 2 Sep 2017 21:29:38 +0000 (23:29 +0200)]
utils/genrandconfig: use --no-check-certificate in wget by default

A number of autobuilder failures are due to the fact that autobuilder
instances use old distributions, with old SSL certificates, and
therefore wget aborts with an error "The certificate of `xyz.org' is
not trusted.".

In order to avoid such failures that are not very interesting in the
context of the autobuilders, we pass --no-check-certificate to
wget. The integrity of the downloaded files is anyway verified by the
hashes, and this is only meant to be used in the context of
testing/CI, not in production.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agonodejs: security bump to version 8.11.1
Peter Korsgaard [Sat, 31 Mar 2018 06:11:55 +0000 (08:11 +0200)]
nodejs: security bump to version 8.11.1

Fixes the following security issues:

- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A malicious
  website could use a DNS rebinding attack to trick a web browser to bypass
  same-origin-policy checks and allow HTTP connections to localhost or to
  hosts on the local network, potentially to an open inspector port as a
  debugger, therefore gaining full code execution access.  The inspector now
  only allows connections that have a browser Host value of localhost or
  localhost6.

- Fix for 'path' module regular expression denial of service
  (CVE-2018-7158): A regular expression used for parsing POSIX paths could
  be used to cause a denial of service if an attacker were able to have a
  specially crafted path string passed through one of the impacted 'path'
  module functions.

- Reject spaces in HTTP Content-Length header values (CVE-2018-7159): The
  Node.js HTTP parser allowed for spaces inside Content-Length header
  values.  Such values now lead to rejected connections in the same way as
  non-numeric values.

While we are at it, also add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/zsh: remove busybox show others dependency
Romain Naour [Sat, 31 Mar 2018 10:55:30 +0000 (12:55 +0200)]
package/zsh: remove busybox show others dependency

Back in 2013, zsh was added to Buildroot [1] with the dependency on
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS. This dependency was keept with the
refactoring [2].
But Busybox doesn't provide a zsh shell in the firt place.
This dependency can be removed.

[1] 3d19b7ef598f3534b46cf0746a81bc437579127c
[2] 1dbd7b991025a8bf39ab5d25c2fd97f47f084bac

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Phil Eichinger <phil.eichinger@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosquid: add optional dependency on libkrb5
André Hentschel [Wed, 7 Mar 2018 20:15:58 +0000 (21:15 +0100)]
squid: add optional dependency on libkrb5

Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibkrb5: new package
André Hentschel [Wed, 7 Mar 2018 20:15:57 +0000 (21:15 +0100)]
libkrb5: new package

Signed-off-by: André Hentschel <nerv@dawncrow.de>
[Thomas:
 - remove LIBKRB5_VERSION_MAJOR
 - minor tweaks to commit title and Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoboard: add support for ARC HS Development Kit (HSDK)
Evgeniy Didin [Tue, 19 Dec 2017 14:55:54 +0000 (17:55 +0300)]
board: add support for ARC HS Development Kit (HSDK)

Synopsys DesignWare HSDK (which stands for ARC HS
Development Kit) is the latest and greatest development
platform that sports quad-core ARC HS38 in real silicon.

Most noticeable features of the board are:
 * Quad-core ARC HS38 CPU running at 1GHz
 * 4Gb of DDR
 * Built-in Vivante GPU (well supported via open source
   Etnaviv drivers)
 * Built-in Wi-Fi/Bluetooth module (RedPine RS-9113)

And as usual we have:
 * [micro] SD-card slot
 * 2 USB 2.0 ports
 * 1Gbit Ethernet port
 * Built-in Digilent JTAG probe
 * Serial port accessible via micro-USB port

Writing sdcard.img on SDcard creates two partitions:
 * FAT32 with uImage and uboot.env
 * EXT4 with root filesystem

We modify kernel config because in default hsdk kernel config
CONFIG_INITRAMFS_SOURCE parameter is set and when we build
rootfs separately (BR2_TARGET_ROOTFS_INITRAMFS is not set)
error appears. Also we set up CONFIG_ARC_UBOOT_SUPPORT which
enables usage of uboot variables in the boot process.

[Peter: Fix comments and rename defconfig to snps_archs38_hsdk_defconfig,
Add defconfig to DEVELOPERS and fixup board/synopsys entry,
Drop postimage script, rename env file in genimage.cfg and drop size
setting for rootfs partition,
Add "" for CONFIG_INITRAMFS_SOURCE in linux fragment]
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/x11r7/xserver_xorg-server: add sysv init script
Bernd Kuhls [Sat, 29 Apr 2017 20:56:43 +0000 (22:56 +0200)]
package/x11r7/xserver_xorg-server: add sysv init script

We need ":0.0 vt01" to make sure Xorg finds the correct terminal.

Quoting https://www.x.org/archive/X11R6.8.0/doc/Xorg.1.html

-allowMouseOpenFail
    Allow the server to start up even if the mouse device can't be
    opened or initialised.

We need this option in case BR2_PACKAGE_XDRIVER_XF86_INPUT_MOUSE was
not enabled.

-noreset
    prevents a server reset when the last client connection is closed.

We need this option to prevent auto-close of Xorg.

Tested with a qemu image and Kodi.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: copy an abbreviate version of the explanation above to the
         script.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agosupport/check-uniq-files: support weird locales and filenames
Yann E. MORIN [Sat, 31 Mar 2018 12:52:50 +0000 (14:52 +0200)]
support/check-uniq-files: support weird locales and filenames

Currently, when a filename contains characters not representable in the
user's locale, we fail hard, especially when the host python is python3.

This is because python2 and python3 handle encoding/decoding strings
differently, with python3 presumable doing the right thing, but it
breaks on some systems, while python2 presumable does the wrong thing,
but it works everywhere. (Just joking, obviously...)

Part of the issue being that the csv reader in python2 is broken with
UTF8.

We fix the issue by ditching the csv reader, and simply read the file in
binary mode, manually partitioning the lines on the first comma.

Then, we use the binary-encoded (really, un-encoded) package names and
filenames as values and keys, respectively.

Finally, for each filename or package we need to print, we try to decode
them with the defaults for the user settings, but catch any decoding
exception and fall back to dumping the raw, binary values. Which codec
is used by default differs between Python version, but in all cases
something sane is printed at least.

Thanks a lot to Arnout for the live help doing this patch. :-)

Reported-by: Jaap Crezee <jaap@jcz.nl>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Jaap Crezee <jaap@jcz.nl>
[Arnout: commit log improvement]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agoconfigs/raspberrypi0w_defconfig: new defconfig for Raspberry Pi Zero W
Yves Deweerdt [Wed, 21 Jun 2017 20:39:44 +0000 (22:39 +0200)]
configs/raspberrypi0w_defconfig: new defconfig for Raspberry Pi Zero W

Up to now, Raspberry Pi Zero W (rpi0w) could be built with the normal
raspberrypi0_defconfig. However, then you don't have support for the
Bluetooth out-of-the-box, which makes using a W a bit pointless.

Therefore, create a separate defconfig for the W. It is a copy of
raspberrypi0_defconfig with the following changes:
 - Add DT overlays (from rpi-firmware) to support Bluetooth.
 - Pass --add-pi3-miniuart-bt-overlay to post-image.sh.

Since there is now a separate raspberrypi0w_defconfig, the W support
can be removed from raspberrypi0_defconfig.

Signed-off-by: Yves Deweerdt <yves.deweerdt.linux@gmail.com>
[Arnout:
 - Bump to same kernel version as raspberrypi0.
 - Remove redundant comment.
 - Remove redundant default BR2_PACKAGE_RPI_FIRMWARE_INSTALL_DTB_OVERLAYS=y.
 - Improve commit log.
 - Refresh .gitlab-ci.yml.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
6 years agopackage/openocd: fix fallout after no-C++ fixups
Yann E. MORIN [Sat, 31 Mar 2018 07:20:20 +0000 (09:20 +0200)]
package/openocd: fix fallout after no-C++ fixups

Commit 4cd1ab158 (core: alternate solution to disable C++) made use of a
non-existent 'no' binary when C++ is not available in the toolchain.

However, some packages, like jimtcl as bundled in opeocd, really want to
find the binary that $CXX contains.

Revert openocd to use 'false' instead of 'no'.

Fixes:
    http://autobuild.buildroot.org/results/cbd/cbd5ab97fb0659968ff628461130627cf1745955/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/jimtcl: fix fallout after no-C++ fixups
Yann E. MORIN [Sat, 31 Mar 2018 07:20:19 +0000 (09:20 +0200)]
package/jimtcl: fix fallout after no-C++ fixups

Commit 4cd1ab158 (core: alternate solution to disable C++) made use of a
non-existent 'no' binary when C++ is not available in the toolchain.

However, some packages, like jimtcl, really want to find the binary that
$CXX contains.

Revert jimtcl to use 'false' instead of 'no'.

Fixes:
    http://autobuild.buildroot.org/results/54f/54f3df03551fbdf293d33dc1e3f08005faa15321/

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopicocom: bump to version 3.1
Baruch Siach [Tue, 27 Mar 2018 17:50:13 +0000 (20:50 +0300)]
picocom: bump to version 3.1

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agowoff2: fix static builds
Adrian Perez de Castro [Tue, 27 Mar 2018 20:05:55 +0000 (23:05 +0300)]
woff2: fix static builds

Include a patch to make CMake correctly find the Brotli libraries when
they have been built as static libraries.

Fixes:
- http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/
- http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobrotli: fix building of static libraries
Adrian Perez de Castro [Tue, 27 Mar 2018 20:05:54 +0000 (23:05 +0300)]
brotli: fix building of static libraries

Include a patch to make CMake honor the BUILD_SHARED_LIBS which
Buildroot sets to choose the kind of libraries to build.

Fixes:
- http://autobuild.buildroot.net/results/f1c4b5aeb12af7b7a3e8ae01c219004ecd9befd6/
- http://autobuild.buildroot.net/results/74d20ff38766466623cc4a9eb18afcda831bc20b/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosupport/config-fragments/autobuild: fix SSP in br-nios2-glibc
Thomas Petazzoni [Sat, 31 Mar 2018 06:47:09 +0000 (08:47 +0200)]
support/config-fragments/autobuild: fix SSP in br-nios2-glibc

Commit c8680956819fae8776d7bd6d1f0e67a7b6436672 ("toolchain: fix
detection of SSP support") fixed the SSP check so that it does the
correct thing for nios2 toolchains. While this commit fixed the
description of the Sourcery NIOSII toolchain, it didn't fix the
description for the autobuilders of the br-nios2-glibc toolchain,
causing some build failures. This commit adjusts br-nios2-glibc.config
to indicate that the toolchain doesn't have SSP support.

Fixes:

  http://autobuild.buildroot.net/results/6c44e328b7bffd8474d29d5bdf1ea109ec15f4ad/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoncmpc: bump to version 0.29
Fabrice Fontaine [Thu, 8 Mar 2018 16:42:52 +0000 (17:42 +0100)]
ncmpc: bump to version 0.29

Since version 0.28 ncmpc only supports the meson build.
Therefore, adapt to package infrastructure according to the user manual.

Add a hash for the license file.

Add a nmpc entry for myself in DEVELOPERS

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agodocker-compose: bump version to 1.20.1
Peter Korsgaard [Fri, 30 Mar 2018 12:03:44 +0000 (14:03 +0200)]
docker-compose: bump version to 1.20.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-docker: bump version to 3.1.4
Peter Korsgaard [Fri, 30 Mar 2018 12:03:43 +0000 (14:03 +0200)]
python-docker: bump version to 3.1.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agozstd: fix legal info
Rahul Bedarkar [Fri, 30 Mar 2018 19:32:08 +0000 (01:02 +0530)]
zstd: fix legal info

zstd is dual licensed under BSD-3-Clause or GPL-2.0 as per README.md
and source files license header.

Cc: Andrey Smirnov <andrew.smirnov@gmail.com>
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoutils/genrandconfig: adjust to core-dependencies removal
Thomas Petazzoni [Fri, 30 Mar 2018 19:28:03 +0000 (21:28 +0200)]
utils/genrandconfig: adjust to core-dependencies removal

In commit ea9669fffae7d807ccb3810eb6c662cbb9e8f96f ("core: kill
DEPENDENCIES_HOST_PREREQ"), the core-dependencies make target was
removed, and is now named just "dependencies".

This broke the utils/genrandconfig script, and this commit intends to
fix that.

Since this script is part of the Buildroot tree, it is provided
together with Buildroot, so we don't need to support the legacy
core-dependencies target. Someone checking out an older Buildroot will
have a working setup, with support/dependencies exposing
core-dependencies and utils/genrandconfig using core-dependencies. The
only broken situation will be between
ea9669fffae7d807ccb3810eb6c662cbb9e8f96f and this commit, but that's
not a sufficient reason to add some backward compatibility code.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoopus-tools: update license
Rahul Bedarkar [Fri, 30 Mar 2018 18:59:15 +0000 (00:29 +0530)]
opus-tools: update license

As per COPYING file, opusinfo is licensed under GPL version 2.

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoopus-tools: add hash for license file
Rahul Bedarkar [Fri, 30 Mar 2018 18:59:14 +0000 (00:29 +0530)]
opus-tools: add hash for license file

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoopusfile: add hash for license file
Rahul Bedarkar [Fri, 30 Mar 2018 18:59:13 +0000 (00:29 +0530)]
opusfile: add hash for license file

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoopus: add hash for license file
Rahul Bedarkar [Fri, 30 Mar 2018 18:59:12 +0000 (00:29 +0530)]
opus: add hash for license file

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibnss: bump version to 3.35
Peter Korsgaard [Fri, 30 Mar 2018 08:47:09 +0000 (10:47 +0200)]
libnss: bump version to 3.35

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibnspr: bump version to 4.19
Peter Korsgaard [Fri, 30 Mar 2018 08:47:08 +0000 (10:47 +0200)]
libnspr: bump version to 4.19

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agocore: alternate solution to disable C++
Yann E. MORIN [Tue, 27 Mar 2018 11:00:22 +0000 (13:00 +0200)]
core: alternate solution to disable C++

Some packages that use libtool really need some love to be able to
disable C++ support.

This is because libtool will want to call AC_PROG_CXXCPP as soon as CXX
is set non-empty to something different from 'no'. Then, AC_PROG_CXXCPP
will want a C++ preprocessor that works on valid input *and* fail on
invalid input.

So, providing 'false' as the C++ compiler will then require that we do
have a working C++ preprocessor. Which is totally counter-productive
since we do not have a C++ compiler to start with...

bd39d11d2e (core/infra: fix build on toolchain without C++) was a
previous attempt at fixing this, by using the host's C++ preprocessor.

However, that is very incorrect (that's my code, I can say so!) because
the set of defines will most probably be different for the host and the
target, thus causing all sorts of trouble. For example, on ARM we'd have
to include different headers for soft-float vs hard-float, which is
decided based on a macro, which is not defined for x86, and thus may
redirect to the wrong (and missing) header.

Instead, we notice that libtool uses the magic value 'no' to decide that
a C++ compiler is not available, in which case it skips the call to
AC_PROG_CXXCPP.

Given that 'no' is not provided by any package in Debian and
derivatives, as well as in Fedora, we can assume that no system will
have an executable called 'no'. Hence, we use that as a magic value to
disable C++ detection altogether.

Fixes: #10846 (again)
Reported-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Damien Riegel <damien.riegel@savoirfairelinux.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/dovecot-pigeonhole: bump version to 0.5.1
Bernd Kuhls [Fri, 30 Mar 2018 09:17:39 +0000 (11:17 +0200)]
package/dovecot-pigeonhole: bump version to 0.5.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/dovecot: bump version to 2.3.1
Bernd Kuhls [Fri, 30 Mar 2018 09:17:38 +0000 (11:17 +0200)]
package/dovecot: bump version to 2.3.1

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibunistring: bump to version 0.9.9
Baruch Siach [Fri, 30 Mar 2018 07:57:14 +0000 (10:57 +0300)]
libunistring: bump to version 0.9.9

Drop --{enable,disable}-threads; threading support is detected
automatically.

Add GPLv3 license file.

Add license files hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobusybox: bump version to 1.28.2
Peter Korsgaard [Thu, 29 Mar 2018 16:22:51 +0000 (18:22 +0200)]
busybox: bump version to 1.28.2

Drop 0003-tar-unzip-postpone-creation-of-symlinks-with-suspici.patch now upstream.

>From the release notes:

Bug fix release.  1.28.2 has fixes for tcpsvd (fixed fallout from
opt_complementary removal), udhcpd (do not ignore SIGTERM), tar and unzip
(reverted to previous, more permissive symlink handling), ssl_client (fixed
option parsing).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibsigsegv: bump to version 2.12
Baruch Siach [Fri, 30 Mar 2018 05:44:42 +0000 (08:44 +0300)]
libsigsegv: bump to version 2.12

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobash: bump to version 4.4.18
Jörg Krause [Thu, 29 Mar 2018 19:15:50 +0000 (21:15 +0200)]
bash: bump to version 4.4.18

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoconfigs/atmel: bump to linux4sam_5.8
Joshua Henderson [Thu, 29 Mar 2018 18:15:06 +0000 (11:15 -0700)]
configs/atmel: bump to linux4sam_5.8

Bump at91sam9x5ek, atmel_sama5d27_som1_ek, atmel_sama5d2_xplained,
atmel_sama5d3_xplained, and atmel_sama5d4_xplained all variants to
linux4sam_5.8. The 3 foundation components have their tags changed
(AT91Bootstrap, U-Boot, Linux kernel).

at91bootstrap 3.8.10 is required to support gcc7.

Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibopenssl: security bump to version 1.0.2o
Peter Korsgaard [Thu, 29 Mar 2018 14:52:09 +0000 (16:52 +0200)]
libopenssl: security bump to version 1.0.2o

Fixes the following security issues:

Constructed ASN.1 types with a recursive definition could exceed the stack
(CVE-2018-0739)

Constructed ASN.1 types with a recursive definition (such as can be found in
PKCS7) could eventually exceed the stack given malicious input with
excessive recursion.  This could result in a Denial Of Service attack.
There are no such structures used within SSL/TLS that come from untrusted
sources so this is considered safe.

Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733)

Because of an implementation bug the PA-RISC CRYPTO_memcmp function is
effectively reduced to only comparing the least significant bit of each
byte.  This allows an attacker to forge messages that would be considered as
authenticated in an amount of tries lower than that guaranteed by the
security claims of the scheme.  The module can only be compiled by the HP-UX
assembler, so that only HP-UX PA-RISC targets are affected.

rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)

This issue has been reported in a previous OpenSSL security advisory and a
fix was provided for OpenSSL 1.0.2.  Due to the low severity no fix was
released at that time for OpenSSL 1.1.0.  The fix is now available in
OpenSSL 1.1.0h.

There is an overflow bug in the AVX2 Montgomery multiplication procedure
used in exponentiation with 1024-bit moduli.  No EC algorithms are affected.
Analysis suggests that attacks against RSA and DSA as a result of this
defect would be very difficult to perform and are not believed likely.
Attacks against DH1024 are considered just feasible, because most of the
work necessary to deduce information about a private key may be performed
offline.  The amount of resources required for such an attack would be
significant.  However, for an attack on TLS to be meaningful, the server
would have to share the DH1024 private key among multiple clients, which is
no longer an option since CVE-2016-0701.

This only affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).

For more details, see https://www.openssl.org/news/secadv/20180327.txt

The copyright year changed in LICENSE, so adjust the hash to match.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoe2fsprogs: bump to version 1.44.1
Peter Korsgaard [Thu, 29 Mar 2018 14:15:15 +0000 (16:15 +0200)]
e2fsprogs: bump to version 1.44.1

From the release notes (https://lwn.net/Articles/750103/):

E2fsprogs 1.44.0 introduced a regression introduced which caused e2fsck
to fail to support HTree directories on big-endian systems.  Fix how we
read block numbers for internal htree nodes.

Removed a potential memory leak from fsck.

E2image now correctly creates e2image files for bigalloc file systems.

Dumpe2fs and debugfs now correctly support e2image files for file
systems that have the meta_bg option enabled.

E2fsck and debugfs now correctly handle delete inodes (including
processing the orphaned inode list in the case of e2fsck) for bigalloc
file systems.  (Addresses Google Bug: #73795618)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agosngrep: fix libgcrypt handling
Peter Korsgaard [Thu, 29 Mar 2018 13:58:14 +0000 (15:58 +0200)]
sngrep: fix libgcrypt handling

Fixes:
http://autobuild.buildroot.net/results/f1c6494133806b9fc26ae3ce9e9c6a22fa2eda6f/

Commit 6205b75873c (sngrep: gnutls support also needs libgcrypt) ensured
that --with-gnutls is only used when both gnutls and libgcrypt are enabled,
but it didn't ensure libgcrypt gets built before sngrep or told the
configure script where to find libgcrypt-config, breaking the build.

Fix both issues.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agogawk: bump to version 4.2.1
Baruch Siach [Wed, 28 Mar 2018 22:12:01 +0000 (01:12 +0300)]
gawk: bump to version 4.2.1

Enable static build. gawk builds statically just fine. The shared
library check has been removed in 4.1.1.

Remove the symlink force hunk from the no-versioned patch. The only user
of LN is in the part that this patch disables.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/php: security bump to version 7.2.4
Bernd Kuhls [Thu, 29 Mar 2018 15:27:05 +0000 (17:27 +0200)]
package/php: security bump to version 7.2.4

Fixes https://bugs.php.net/bug.php?id=75605, no CVE-ID yet.

Removed patch 0008, applied upstream. Re-numbered patch 0009.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agotime: bump to version 1.9
Baruch Siach [Wed, 28 Mar 2018 21:14:01 +0000 (00:14 +0300)]
time: bump to version 1.9

Fix seed variable name for the wait3 system call AC_TRY_RUN test.

Remove manual installation; not needed anymore.

Cc: Will Newton <will.newton@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agocjson: bump to version 1.7.5
Fabrice Fontaine [Tue, 27 Mar 2018 21:37:50 +0000 (23:37 +0200)]
cjson: bump to version 1.7.5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/{mesa3d, mesa3d-headers}: bump version to 18.0.0
Bernd Kuhls [Wed, 28 Mar 2018 18:16:43 +0000 (20:16 +0200)]
package/{mesa3d, mesa3d-headers}: bump version to 18.0.0

Rebased 0002-Fix-endianess-detection-with-musl-based-toolchains.patch

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux-headers: bump 4.{1, 4, 9, 14, 15}.x series
Fabio Estevam [Thu, 29 Mar 2018 11:31:00 +0000 (08:31 -0300)]
linux-headers: bump 4.{1, 4, 9, 14, 15}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolinux: bump default to version 4.15.14
Fabio Estevam [Thu, 29 Mar 2018 11:30:59 +0000 (08:30 -0300)]
linux: bump default to version 4.15.14

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agomodem-manager: remove wrong gnutls dependency comment
Peter Seiderer [Wed, 21 Mar 2018 20:23:12 +0000 (21:23 +0100)]
modem-manager: remove wrong gnutls dependency comment

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoxerces: add upstream security fix
Baruch Siach [Mon, 26 Mar 2018 20:23:02 +0000 (23:23 +0300)]
xerces: add upstream security fix

CVE-2017-12627: dereference of a NULL pointer while processing the path
to the DTD.

xerces 3.2.1 includes this patch. But this version also added
AC_RUN_IFELSE to its configure script, making cross compilation harder.

Switching to cmake is also problematic since the minimum required cmake
version is 3.2.0. The host dependencies check currently allows minimum
cmake version 3.1.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoympd: add optional openssl dependency
Fabrice Fontaine [Sun, 11 Mar 2018 09:09:33 +0000 (10:09 +0100)]
ympd: add optional openssl dependency

Fixes:
 - http://autobuild.buildroot.net/results/d9b1375f5f8ecde8fef027344a5d5b288f7cee7c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibcdio: bump to version 2.0.0
Fabrice Fontaine [Fri, 9 Mar 2018 18:05:51 +0000 (19:05 +0100)]
libcdio: bump to version 2.0.0

Add license hash

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolshw: use data files provided by hwdata
Carlos Santos [Sun, 28 Jan 2018 04:43:58 +0000 (02:43 -0200)]
lshw: use data files provided by hwdata

lshw is seldomly released, so its data files become easily
outdated. Instead, this commit makes use of the data files provided by
hwdata. This is easily possible because lshw looks for the files in
several directories, including /usr/share/hwdata, where the hwdata
collection is installed.

We remove the entire /usr/share/lshw directory, where the not very
up-to-date data files where installed. Four files were installed
there: pci.ids, usb.ids (which are now provided by hwdata), manuf.txt
and oui.txt (which are not used at run time).

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
[Thomas:
 - rework commit log
 - replace patch by a simple removal of the /usr/share/lshw directory
 - add "runtime" comment in Config.in for the BR2_PACKAGE_LSHW
   dependency]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/avahi: Add sysusers.d snippet
Chris Lesiak [Tue, 23 Jan 2018 23:20:05 +0000 (17:20 -0600)]
package/avahi: Add sysusers.d snippet

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/avahi: Set the path to D-Bus system.d directory
Chris Lesiak [Tue, 23 Jan 2018 23:17:23 +0000 (17:17 -0600)]
package/avahi: Set the path to D-Bus system.d directory

Since D-Bus 1.9.18, the recommended location for the system and
session busses configuration files is /usr/share instead of /etc. From
the D-Bus NEWS file:

D-Bus 1.9.18 (2015-07-21)
==

The “Pirate Elite” release.

Configuration changes:

• The basic setup for the well-known system and session buses is now done
   in read-only files in ${datadir}, moving a step closer to systems
   that can operate with an empty /etc directory. In increasing order
   of precedence:

   · ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
     the default message policies.
   · ${sysconfdir}/dbus-1/s*.conf are now optional. By default
     dbus still installs a trivial version of each, for documentation
     purposes; putting configuration directives in these files is
     deprecated.
   · ${datadir}/dbus-1/s*.d/ are now available for third-party software
     to install "drop-in" configuration snippets (any packages
     using those directories should explicitly depend on at least this
     version of dbus).
   · ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
     or third-party software to install "drop-in" configuration snippets
   · ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
     overrides

   ${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
   and "s*" refers to either system or session as appropriate.

Therefore, this commit adjusts the Avahi package to install the D-Bus
related files to /usr/share/dbus-1/system.d.

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Reviewed-by: Samuel Martin <s.martin49@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoconfigs/arcturus_ucls1012a: new defconfig
Oleksandr Zhadan [Thu, 15 Mar 2018 21:07:49 +0000 (17:07 -0400)]
configs/arcturus_ucls1012a: new defconfig

The uCLS1012A-SOM product family (ucls1012a) is an Arcturus Networks Inc.
64bit ARM Cortex-A53 class System on Module powered by a NXP QorIQ LS1012A
Low Power Communication Processor.  This 314 pin MXM3.0/SMARC module card
contains DDR3, QSPI NOR Flash, eMMC NAND Flash, optional Audio CODEC and is
available with 1 or 2 Gig-Ethernet PHYs.

Signed-off-by: Oleksandr Zhadan <oleks@arcturusnetworks.com>
Signed-off-by: Michael Durrant <mdurrant@arcturusnetworks.com>
Changes v1 -> v2:
    - updated kernel and u-boot source repositories to github

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoConfig.in: Document BR2_CCACHE_DIR override
Trent Piepho [Thu, 15 Mar 2018 21:47:33 +0000 (14:47 -0700)]
Config.in: Document BR2_CCACHE_DIR override

This variable, like BR2_DL_DIR, is designed to be overridable from the
environment.  Unlike BR2_DL_DIR, it is not documented as such in the
Config.in help text.  Do so now.

Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agorpi-bt-firmware: remove compatibility symlink
Ryan Coe [Sat, 17 Mar 2018 16:11:17 +0000 (09:11 -0700)]
rpi-bt-firmware: remove compatibility symlink

Commit 361d1b969ecdba1a8a62613626f90fc025b94660 defines FIRMWARE_DIR for
bluez5_utils. The compatibility symlink for the firmware is no longer
needed.

Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoConfig.in: add -Ofast option
Joshua Henderson [Mon, 26 Mar 2018 19:34:05 +0000 (12:34 -0700)]
Config.in: add -Ofast option

-Ofast (introduced in GCC 4.6) It combines the existing optimization level -O3
with options that can affect standards compliance but result in better optimized
code. For example, -Ofast enables -ffast-math.

Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopackage/systemd: add upstream build fix
Stefan Becker [Mon, 26 Mar 2018 17:19:33 +0000 (20:19 +0300)]
package/systemd: add upstream build fix

Fixes:

  http://autobuild.buildroot.org/results/4c439ee000354f90b4e59ee4006530f77263db47/

Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoprosody: replace tweaked configuration by patches
Francois Perrad [Sun, 18 Mar 2018 12:28:07 +0000 (13:28 +0100)]
prosody: replace tweaked configuration by patches

Upgrading a tweaked configuration is painful, so stay with the
upstream configuration which is already installed, and just apply a
few patches.

Everybody could do its own configuration in its root filesystem
overlay.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: squash patches.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoprosody: bump to version 0.10.0
Francois Perrad [Sun, 18 Mar 2018 12:28:06 +0000 (13:28 +0100)]
prosody: bump to version 0.10.0

this version is not restricted to Lua 5.1

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agoqemu: remove support for some PowerPC processors in host qemu
Adam Duskett [Sun, 18 Mar 2018 19:01:27 +0000 (15:01 -0400)]
qemu: remove support for some PowerPC processors in host qemu

The 620, 630, and 970 are not supported at this time by qemu.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agolibgpg-error: bump to version 1.28
Baruch Siach [Mon, 26 Mar 2018 19:46:14 +0000 (22:46 +0300)]
libgpg-error: bump to version 1.28

Add upstream patch fixing arm/arm64 targets build failure.

Use the smaller bz2 compressed tarball.

Switch _SITE to https for better security and corporate firewall
compatibility.

Add license files hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agopkg-cmake: enable toolchain install staging phase
Stefan Becker [Mon, 26 Mar 2018 12:00:43 +0000 (15:00 +0300)]
pkg-cmake: enable toolchain install staging phase

Really fix commit 6729050f3a49dba42d2d881d31dbefd6b82b8dad

That commit added a script to "toolchain" post install staging hooks.
This will only be executed if TOOLCHAIN_INSTALL_STAGING is set to YES.

Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobusybox: disable PAM in the config if linux-pam is not selected
Arnout Vandecappelle (Essensium/Mind) [Mon, 26 Mar 2018 12:00:06 +0000 (14:00 +0200)]
busybox: disable PAM in the config if linux-pam is not selected

Currently there is only logic to enable PAM when linux-pam is selected.
However, busybox will fail to build with PAM enabled if the linux-pam
package has not been built before. So we should forcibly disable PAM in
busybox in that case.

Normally this is not an issue since our default busybox config doesn't
have PAM enabled. However, if you enable linux-pam, then save the
busybox config to a custom configuration file, then disable linux-pam
again, and then do a "make clean; make", the build will fail. A more
practical situation where this can occur is when the same custom
busybox config is used in a Buildroot config with and without
linux-pam.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopackage/eudev: don't forcibly link with -lrt
Yann E. MORIN [Sun, 25 Mar 2018 19:48:05 +0000 (21:48 +0200)]
package/eudev: don't forcibly link with -lrt

This was carried over from udev back when it were an separate package,
but was not even needed by eudev 1.3 when we introduced it back in 2014
(937a95449ec: eudev: new package).

Drop it now.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agobrotli: disable unneeded check for C++ compiler
Adrian Perez de Castro [Mon, 26 Mar 2018 11:39:18 +0000 (12:39 +0100)]
brotli: disable unneeded check for C++ compiler

This adds a local patch, also submitted upstream, which modifies
CMakeLists.txt to avoid the check for the unneeded C++ compiler.

Fixes:
- http://autobuild.buildroot.net/results/68e05c634e62ba4b6f6eb8dc95eeb16faa58fd60

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agolibfcgi: Use SPDX license identifier
Alexander Dahl [Mon, 26 Mar 2018 07:18:44 +0000 (09:18 +0200)]
libfcgi: Use SPDX license identifier

The fcgi license is covered by SPDX, the identifier however is not
obvious.

For details, see https://spdx.org/licenses/OML.html

[Peter: add spdx.org link]
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agoMakefile: fix build break in sdk target
Stefan Becker [Mon, 26 Mar 2018 07:23:32 +0000 (10:23 +0300)]
Makefile: fix build break in sdk target

After commit 6729050f3a49dba42d2d881d31dbefd6b82b8dad nothing creates
$(HOST_DIR)/share/buildroot anymore, causing sdk to fail with:

 /bin/bash: .../output/host/share/buildroot/sdk-location: No such file or directory

Add creation of that directory to the "sdk" build steps itself.

Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
6 years agopython-pymodbus: new package
Falco Hyfing [Wed, 14 Mar 2018 13:17:50 +0000 (14:17 +0100)]
python-pymodbus: new package

Signed-off-by: Falco Hyfing <hyfinglists@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
6 years agosafeclib: fix build without wchar and host-doxygen
Fabrice Fontaine [Thu, 15 Mar 2018 19:37:11 +0000 (20:37 +0100)]
safeclib: fix build without wchar and host-doxygen

Add a patch (sent upstream) to add a --disable-doc option

Fixes:
 - http://autobuild.buildroot.net/results/e597843f2bb528da01d1e617929c818613b56cec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>