git.libre-soc.org Git - buildroot.git/log

dtc: bump version to 1.4.1

Patch 0001-separate-lib-install.patch is no longer needed,
original Makefile already contains separate install-lib target
(but build always complete default target).

Remove superfluous CFLAGS setting.

Adjust 0002-extra-cflags.patch.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

dtc: rename patches to new convention

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

dtc: fix project and download url

This fix the error:

fatal: unable to connect to git.jdl.com:
git.jdl.com[0: 208.123.73.151]: errno=Connection refused

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libcli: new package

Libcli provides a shared library for including a Cisco-like command-
line interface into other software. It's a telnet interface which
supports command-line editing, history, authentication and callbacks
for a user-definable function tree.

[Thomas: rewrap Config.in help text.]

Signed-off-by: Steve James <ste@junkomatic.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

squid: create a user/group

Even though squid uses nobody/nogroup it ain't good for security if
every daemon around uses it, specially since squid is used as a caching
proxy most of the time and that would mean other daemons/scripts run as
nobody would have access to potentially sensitive information.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

rsyslog: enable more basic features

Enable all of the basic modules that don't require any dependencies.
Reasoning is simple, if someone wants rsyslog over a smaller busybox
logger or sysklogd it's probably looking for features.

[Thomas: fix indentation.]

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

rsyslog: bump to version 8.7.0

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

rsyslog: doesn't need largefile/wchar

This was added in 9b4696a4 but only partially removed in d89a2610
leading to a comment and the rsyslog option both being present in the
config menu if we're using a non-LFS toolchain.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

rsyslog: clean up sysv initscript

Fix indentation, remove redundant comment, print real start/stop status.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

rsyslog: rename sysv initscript to S01logging

Do it to avoid having duplicate and conflicting functionality with
busybox's S01logging.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

liblogging: bump to version 1.0.5

Also add hash file and drop upstream patch.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libestr: bump to version 0.1.10

Also add hash file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

connman: bump to version 1.27

Also drop PAN profile comment since it now supports GN and PANU profiles
as well to avoid overcrowding.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

geoip: bump to version 1.6.4

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

postgresql: add hash

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

mysql: add hash

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python-django: security bump to version 1.7.3

Fixes:

CVE-2015-0219 - incorrectly handled underscores in WSGI headers. A
remote attacker could possibly use this issue to spoof headers in
certain environments.

CVE-2015-0220 - incorrectly handled user-supplied redirect URLs. A
remote attacker could possibly use this issue to perform a cross-site
scripting attack.

CVE-2015-0221 - incorrectly handled reading files in
django.views.static.serve(). A remote attacker could possibly use this
issue to cause Django to consume resources, resulting in a denial of
service.

CVE-2015-0222 - incorrectly handled forms with ModelMultipleChoiceField.
A remote attacker could possibly use this issue to cause a large number
of SQL queries, resulting in a database denial of service.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux-headers: bump 3.12.x series

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libnetfilter_conntrack: fix static linking

It has a hardcoded -ldl link invocation, so drop it. Fixes:
http://autobuild.buildroot.net/results/66ba5f76694d0738b113463579ce6b2fa49a89d6/

Also add hash file and rename uclinux patch to new naming convention.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

musl: bump to version 1.1.6

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

squid: bump to version 3.4.11

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/libftdi: rename patches to the new naming convention

Signed-off-by: Samuel Martin <s.martin49@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux/linux.mk: fixed downloading kernel patches

Patches located at ftp or http(s) URLs were downloaded using DOWNLOAD
macro. For example, if linux source was located at external git
repository, DOWNLOAD macro uses git scheme as well and buildroot
tried to downlod a path using DOWNLOAD_GIT macro. As a result, nothing
was downloaded and build siletly passes.

Patches located at mentioned URLs is now downloaded directly with
DOWNLOAD_WGET macro.

Signed-off-by: Ivo Slanina <ivo.slanina@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux/linux.mk: added https:// pattern for kernel patches

Patches located at https:// scheme URL were threated as directories,
causing build failures.

Fixed by adding https:// pattern.

Signed-off-by: Ivo Slanina <ivo.slanina@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

bootstrap: install production files only

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

omniorb: remove redundant INSTALL_TARGET

INSTALL_TARGET defaults to YES.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libgtk2: remove redundant INSTALL_TARGET

INSTALL_TARGET defaults to YES.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

botan: remove redundant INSTALL_TARGET

INSTALL_TARGET defaults to YES.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

read-edid: make available for !x86

It is only the get-edid tool that is x86 specific, parse-edid builds and
works fine on other architectures so make it available everywhere.

Also drop the custom install step as 'make install' does the right thing.
This does cause us to install into /usr/sbin instead of /sbin, but as that
is what upstream wants we can consider that a bugfix.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

poppler: fix select of Qt4 GUI module

For some silly reason, the option is named BR2_PACKAGE_QT_GUI_MODULE
and not BR2_PACKAGE_QT_QUI.

Hopefully fixes:

http://autobuild.buildroot.org/results/47d/47dee003b29f156496492757cbaa4208b002ab65/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

start-stop-daemon: new package

We don't use the 1.17.x series because it has issues when
cross-compiling.

[Thomas:
  - change license to GPLv2+, and the license file to COPYING. While
    start-stop-daemon.c itself is under the Public Domain, the compat
    library against which it is linked is GPLv2+.]

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

ifupdown: new package

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

skeleton/S40network: tweak for debian ifupdown

Make the S40network script create the /run/network directory for the
debian variant of ifupdown which uses it as a lock directory.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Karoly Kasza <kaszak@gmail.com>
Reviewed-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

bind: Add systemd unit file and install it to run at startup.

The unit file is taken from debian, but tested working.
We'll call it named.service to match the sysV initscript.

Signed-off-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/glmark2: Fix mesa3d dependency

Compilation fails with this defconfig, provided by Thomas

BR2_arm=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y
BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y
BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/br-arm-full-2014.11.tar.bz2"
BR2_TOOLCHAIN_EXTERNAL_HEADERS_3_17=y
BR2_TOOLCHAIN_EXTERNAL_LARGEFILE=y
BR2_TOOLCHAIN_EXTERNAL_INET_IPV6=y
BR2_TOOLCHAIN_EXTERNAL_LOCALE=y
BR2_TOOLCHAIN_EXTERNAL_INET_RPC=y
BR2_TOOLCHAIN_EXTERNAL_CXX=y
BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y
BR2_PACKAGE_GLMARK2=y
BR2_PACKAGE_MESA3D=y
BR2_PACKAGE_RPI_USERLAND=y

because rpi-userland is used a provider for libegl/gles.
Fix this by depending on the corresponding mesa3d suboptions.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/nodejs: fix hard float error

Add support for building nodejs with hard floating ABI if supported by the
target and remove bogus comment. Buildroot does propose this tuning.

Basically, you have three cases of floating point strategies:

* soft float, i.e 'soft' in nodejs speak. This is enabled in Buildroot
   when BR2_ARM_EABI=y and BR2_SOFT_FLOAT=y.

* hard float using integer registers to pass floating point arguments,
   i.e 'softfp' in nodejs speak. This is enabled in Buildroot when
   BR2_ARM_EABI=y and BR2_SOFT_FLOAT is disabled.

* hard float using floating pointer registers to pass floating point
   arguments, i.e 'hard' in nodejs speak. This is enabled in Buildroot
   when BR2_ARM_EABIHF=y.

This patch fixes "[Buildroot] Float error on SAMA5D3 Xplained using nodejs":
http://lists.busybox.net/pipermail/buildroot/2014-December/114254.html

Tested at run-time by me on a TI Beaglebone Black.

[Thomas: add qstrip call when using the BR2_GCC_TARGET_FLOAT_ABI
variable.]

Signed-off-by: Jörg Krause <jkrause@posteo.de>
Reported-by: Cédric Heyman <c.heyman@til-technologies.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

squid: fix automake breakage

Squid bundles a copy of libltdl (from libtool) which autoreconfigures on
its own.
For some odd reason when automake was bumped to version 1.15 and if the host
system has another automake version, for example 1.14, the ACLOCAL and
AUTOMAKE variables don't expand properly when the internal autoreconf is
triggered hence calling the missing handler which in turn tries to use
an incorrect automake version.
The solution is to pass unexpanded ACLOCAL and AUTOMAKE variables that
defer the evaluation to a later moment and avoid the issue.

Fixes:
http://autobuild.buildroot.net/results/73f/73fcffafbea320f8c64378bbe8a96922b5e7c6b5/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

postgresql: bump version to 9.4.0

Signed-off-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libcurl: drop curl* aliases

They're unused hence not useful.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

samba4: bump to version 4.1.15

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

bandwidthd: Add systemd unit file and install it to run at startup.

Signed-off-by: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

openntpd: needs NPTL

Openntpd in fact needs nptl threads, basic threads aren't enough. Fixes:
http://autobuild.buildroot.net/results/f4d/f4dd964231a5dbbc12a7237127fa9c45d6aa0d06/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

postgresql: add systemd service file

[Thomas: indent using tabs.]

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

xtables-addons: enable necessary kernel options

Enable the required conntrack/netfilter options, otherwise
xtables-addons will fail to build.
The basic iptables options are already covered by the iptables package
which is a required dependency anyway.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

iptables: enable basic kernel options

Enable the basic kernel options for iptables to be useful at least to
filter incoming connections.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

xtables-addons: new package

The geoip "helpers" are basically scripts that download and reformat
the geoip database in a form usable by xt_geoip.

The netfilter (kernel & userland) sides of it are built and installed.
Since there are many considerations to geoip databases (free,
commercial and variants for each) it's left to the user to deal with
that if they plan to use the extension which is only one among many.

[Thomas:
- Take into account the rename of BR2_PREFER_STATIC_LIB to
   BR2_STATIC_LIBS
- Remove "depends on BR2_LINUX_KERNEL" as suggested by Arnout.
- Move XTABLES_ADDONS_CONF_OPTS a bit further down, with newlines
   around it, and adjust the indentation of the first line. Just to
   make it slightly more readable.]

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

qt: split script and webkit supported arches in two different variables

Currently in Buildroot we have a BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT
variable indicating which architectures support Qt Webkit. We also make
Qt Script depending on that variable, so we are assuming that Qt Script
is supported for exactly the same architectures which support Qt Webkit,
and that's not true.

For instance, Qt Webkit is not supported for MIPS64 when
using the n32 ABI, but Qt Script is actually supported. So, if we make
BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT depending on !BR2_MIPS_NABI32 we
will also disable Qt Script, because as I said before, Qt Script depends
on BR2_PACKAGE_QT_ARCH_SUPPORTS_WEBKIT, and we don't want that because
Qt Script works.

We fix this by creating another variable called
BR2_PACKAGE_QT_ARCH_SUPPORTS_SCRIPT to state which architectures support
Qt Script, so now we can differentiate them from the ones supporting Qt
Webkit.

Related:
http://lists.busybox.net/pipermail/buildroot/2014-November/112605.html

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

toolchain-external: split target installation from staging installation

Currently, all the installation work of the toolchain-external package
is done during the install-staging step. However, in order to be able
to properly collect the size added by each package to the target
filesystem, we need to make sure that toolchain-external installs its
files to $(TARGET_DIR) during the install-target step.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Jérôme Pouiller <jezz@sysmic.org>

lzma: repair build

The build of host-lzma is broken since commit 97703978ac870ce2
("support/libtool: make -static behave like -all-static").

Lzma forces '-static' in its LDFLAGS, which contradicts what buildroot tries to
achieve by patching libtool scripts and configuring host packages with
'--disable-static'.

We add a patch to remove lzma's hardcoded LDFLAGS, to fix the build.

Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

ruby: fix verconf.h related build failure

See [1] for failure analysis.

Fixes:
http://autobuild.buildroot.net/results/c94fef5d2cfb00a336905ae3c110d7680f6d5416/
http://autobuild.buildroot.net/results/4375cb1e325a336dbf59f22f975be9165ad0648a/

[1] http://lists.busybox.net/pipermail/buildroot/2014-December/114273.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

nftables: making interactive console optional

This lets you (by default enabled) compile out its readline
dependency.

[Thomas:
  - remove the patch, which is now unneeded, since we've bumped to
    nftables 0.4, which as the patch to make readline optional.
  - remove the new Config.in option, just enable the interactive
    console when the readline package is enabled.]

Signed-off-by: Alexander Clouter <alex+buildroot@digriz.org.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

glmark2: new package

Signed-off-by: Spenser Gilliland <spenser@gillilanding.com>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

system: run getty on boot console by default

We used to specify explicitly serial port with all its settings
for init to instantiate getty.

This limits usecases when the same one rootfs could be used.

For example following cases won't work well with hardcoded
serial console settings:
* On the same board other serial port is expected to be used
* The same rootfs is intended to be used on different boards with
different serial ports (like ttySx vs ttyAMAx or even ttyx)

With this change by default we rely on "console" specified in
kernel's boot command line.

What is important getty will be set on the last console
specified in bootargs.

For example is a kernel comand line:
--->---
bootargs="... console=tty0 console=ttyS3,115200n8..."
--->---

This now will instantiate serial console on ttyS3 but not on tty0.

Tested with both Busybox and SysV init.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

boot/uboot: Remove obsolete CONFIG_NOSOFTFLOAT flag

This flag seems to be obsolete. There is no piece of code in the U-Boot source
tree referencing CONFIG_NOSOFTFLOAT.

Unfortunatly the use of this flag is not documented here. Maybe it's about this
old workaround:
http://lists.denx.de/pipermail/u-boot/2007-March/020282.html

However, this patch has been declined:
http://www.denx.de/wiki/view/U-Boot/PatchStatus?rev=1.27

Since no other configure options are used, remove also UBOOT_CONFIGURE_OPTS.

Signed-off-by: Jörg Krause <jkrause@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/sane-backends: rename patches to the new naming convention

Signed-off-by: Romain Naour <romain.naour@openwide.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python3: make the ossaudiodev module optional

Like was done for the 'python' package, also make the ossaudiodev
module optional for 'python3'. ossaudiodev is always disabled for
host-python3, and a new option is added to enable it for the target
python3.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python: add an option to make the ossaudiodev module optional for the target

Now that we have a configure option in Python to enable/disable the
ossaudiodev module, this commit adds a configuration option to the
target Python to explicitly enable/disable this module.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python: disable building ossaudiodev module for host-python

This module is not needed to build the target Python, and can cause
some build issues on certain systems (when <linux/soundcard.h> does
not contain the OSS related definitions).

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python: add patch to make ossaudiodev module optional

This module causes some build failures in certain setups and is not
very useful.

Signed-off-by: Zoltan Gyarmati <mr.zoltan.gyarmati@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

boards/raspberrypi: update readme with Device Tree instructions

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

configs: add a DT-enabled Raspberry Pi defconfig

This is an example of a Device-Tree-enabled Raspberry Pi defconfig.

We have to use a 3.18-based kernel for that, but there are a few
limitations:

  - we can not use the minimalist RPi defconfig bundled with the kernel,
    namely bcmrpi_quick_defconfig, because it is not DT-enabled, and
    sets CONFIG_ARM_PATCH_PHYS_VIRT to 'n', which prompts a value for
    CONFIG_PHYS_OFFSET, as it as no default for the bcm familly;

  - most importantly, the rpi-3.18.y branch is constantly rebased, so
    there is no guarantee that the sha1 I use today will still be usable
    in the long term. Using the name of hte branch is not better either.

So, we bundle our own DT-enabled linux defconfig that is based on
bcmrpi_quick_defconfig, with just CONFIG_ARM_PATCH_PHYS_VIRT set and the
Device TRee enabled.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/vnstat: New package

[Thomas:
  - Rename the VNSTAT_INSTALL_VNSTATI to VNSTAT_INSTALL_VNSTATI_CMDS,
    and use 'define ... endef'.
  - Use full paths for the destinations when using $(INSTALL)]

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

dillo: remove poisoned paths from configure

Fixes http://autobuild.buildroot.net/results/10f/10f7ba386a13753c942139b8bc13ca74d8932f3a/

Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/gd: Add explicit support for tiff

This ensures reproducible builds.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux: add fbtft kernel extension

Tested with RaspberryPi B+ and PiTFT Mini Kit - 320x240 2.8" TFT
(see [1] and [2]) and the following target configuration changes:
- cmdline.txt: add 'fbcon=map:10 fbcon=font:VGA8x8'
- add /etc/modules-load.d/fbtft.conf with 'fbtft_device'
- add /etc/modprobe.d/00-fbtft.conf with 'options fbtft_device name=adafruit28 rotate=90 gpios=dc:25'

[1] http://h65951.serverkompetenz.net/PeterSeiderer/upload/PiTFT_2_8_ct/Image9893.jpg
[2] http://h65951.serverkompetenz.net/PeterSeiderer/upload/PiTFT_2_8_ct/Image9897.jpg

[Thomas:
  - Rename prompt of the Linux extension to "FB TFT drivers"
  - Remove the full name of the kernel config options in the help
    text. Giving their CONFIG_<foo> name is enough.
  - Remove the mention of CONFIG_SPI_BCM2708, since this makes the
    description RaspberryPi specific, while these drivers can work
    with any SPI controller.
  - Refactor the code in linux-ext-fbtft.mk to avoid duplication
    between the < 3.15 and >= 3.15 cases.
  - Make the fbtft package a promptless package, since there is no
    point in selecting only this package, without the kernel
    extension.
  - Change the license to GPLv2, since it's kernel code.]

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/ffmpeg: bump version

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python-pyftpdlib: new package

[Thomas: remove empty new line at end of .mk file.]

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

openntpd: bump to version 5.7p1

Also:

* Add hash file
* Tweak the initscript to use a pidfile to avoid nasty warnings

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

configs/olimex_imx233_olinuxino: bump kernel to version 3.18.2

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libsvgtiny: update source url

As source url use the git repository instead of the unavaiable svn
repository.

Also because the git repository does not include the netsurf core
buildsystem source that are needed to build this package add as
dependency the netsurf-buildsystem package and use those files through a
symbolink link.

This fix the following error:

svn: E670002: Unable to connect to a repository at URL 'svn://svn.netsurf-browser.org/trunk/libsvgtiny'
svn: E670002: Unknown hostname 'svn.netsurf-browser.org'

Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

netsurf-buildsystem: new package

This is the NetSurf project shared build system, used by various NetSurf
sub-projects like the libsvgtiny project.

[Thomas: use cp -dpfr instead of just cp -r, to match what we do in
other Buildroot packages.]

Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/rpi-firmware: install DTB blobs

Add an option to install all the DTBs:
  - standard DTBs for standalon A/B and A+/B+ models;
  - overlay DTBs for the 'hats' addon boards.

Install the DTBs as per the traditional layout expected by all RPi
users, that is:
  - base DTBs alongside the other boot files;
  - overlay DTBs in a sub-directory.

This requires the user provide a specially configured Linux defconfig
file, as the default ones do not enable USE_OF.

[Thomas: adjust comment explaining why we use a different version when
installing the DTBs is selected.]

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/rpi-firmware: add DT-aware marking script

The Raspberry Pi can boot a kernel with device tree support. But at the
same time, the RPi folks wante to keep the old-fashioned, ATAG-based way
of booting (don't ask...).

So, the bootloader needs to know whether the kernel it is loading has DT
support or not. For that, it looks at the end of the kernel image for a
magic footer. If found, it loads a device tree and sets the registers
appropriately so that the kernel finds the DTB. If not found, it loads
the kernel with the traditional ATAGS.

Where it becomes a bit tricky, is that the DTB is different for models
A/B and A+/B+ (that is A and B use the same DTB, while the A+ and B+ use
a second DTB). The bootloader is capable to load the correct DTB from a
specially named file. That is:
  - on A/B, it loads bcm2708-rpi-b.dtb
  - on A+/B+, it loads bcm2708-rpi-b-plus.dtb

If the DTB is differently named, the bootloader won't find it, will not
load any DTB at all, and revert to booting with ATAGS.

It is possible to specify what DTB to load, by adding an new config
option 'device_tree=file.dtb' in config.txt, but then the firmware on
the SDcard is no longer bootable on both the original models and the
Plus models.

So, add a script that appends the appropriate footer to the kernel
image. The script is vampirised from the RPi's tools repository, but a
new package is *not* added just for that script: the whole repository is
300+ MiB, and a checkout is 600+ MiB; it is not pertinent to add this as
a new package for a script that weights a few KiB...

Install that script as a host utility, too.

Notes: lots of information is available in this thread on the RPi forums:
    http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=93015

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

boards/raspberrypi: don't document non-existent files

Those files were previously installed, but that's no longer the case
since we select in the menuconfig which version of the bootloader we
install.

[Thomas: fix minor typo in commit log.]

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

bootstrap: new package

[Thomas: add 'cp -dpfr' instead of a convuluted use of 'tar c' + 'tar
x' do not a copy.]

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

btrfs-progs: bump to version 3.18.1

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

newt: cleanup patches

This commit slightly cleans up the newt patches: use Git formatted
patches, improve title and description. This was done in preparation
for the upstream submission of those patches.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

newt: bump version to 0.52.18

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

newt: avoid poisoned paths

Fixes http://autobuild.buildroot.net/results/cb908f73b14e1510bea890167b3927afbf708d6f/

Signed-off-by: Alex Suykov <alex.suykov@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

lua: add a upstream patch

[Thomas: fix minor typo in commit title.]

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/xz-utils: does not require threads

Commit 799c12e (xz-utils: needs threads) tried to fix an autobuild
failure by requiring threads. But xz-utils can be configured without
thread support (even though it is one of the most prominent
selling-points of the latest release!).

[Thomas: use --{enable,disable}-threads instead of
--enable-threads={yes,no}, to match what we generally do in most
autotools packages.]

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

jpeg-turbo: bump version

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

xz-utils: needs threads

It's one of the major features of the 5.2.0 release. Fixes:
http://autobuild.buildroot.net/results/e86/e86e97ff7887f1bdc6bf913498392ff50f56ea88/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

xz: fix stray hash

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux: bump default to version 3.18.2

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

linux-headers: bump 3.{18, 17, 14, 10}.x series

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

(e)glibc: add security patches for CVE-2014-9402

Fixes CVE-2014-9402 - denial of service in getnetbyname function.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

(e)glibc: add security patches for CVE-2014-6040

Fixes CVE-2014-6040 - crash in code page decoding functions (IBM933,
IBM935, IBM937, IBM939, IBM1364).

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

checkpolicy: new package

[Thomas:
- Indicate in the Config.in help text that this policy compiler is
SELinux related.
- Rewrap Config.in help text and remove trailing white space.
- Add a comment in the .mk file to indicate why we're passing
DESTDIR= at build time.]

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Clayton Shotwell <clshotwe@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

irqbalance: new package

Irqbalance is a daemon to help balance the cpu load generated by
interrupts across all of a systems cpus.

[Thomas:
- Add upstream URL in Config.in help text.
- Fix indentation of init script.]

Signed-off-by: Karoly Kasza <kaszak@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

python-tornado: bump to 4.0.2

Add a hash file. Also remove obsolete Python dependency statement.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libqmi: bump to 1.10.6

Add locally computed hash file.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libmbim: bump to 1.10.2

Add locally computed hash file.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

package/mke2img: "/bin/bash" => "/usr/bin/env bash" shebang

For portability. All other Buildroot scripts (i.e. scripts that run on
host) already use the "/usr/bin/env bash" shebang.

This change is needed for NixOS, which lacks a global /bin/bash.

Signed-off-by: Bjørn Forsman <bjorn.forsman@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

openssl: security bump to version 1.0.1k

Fixes:
CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
CVE-2015-0206 - DTLS memory leak in dtls1_buffer_record
CVE-2014-3569 - no-ssl3 configuration sets method to NULL
CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client]
CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client]
CVE-2015-0205 - DH client certificates accepted without verification
[Server]
CVE-2014-8275 - Certificate fingerprints can be modified
CVE-2014-3570 - Bignum squaring may produce incorrect results

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

mpfr: security bump to patchlevel 11

Fixes CVE-2014-9474 - buffer overflow in mpfr_strtofr.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

dillo: zlib is a mandatory dependency

Fixes:
http://autobuild.buildroot.net/results/10f/10f7ba386a13753c942139b8bc13ca74d8932f3a/

Also reorder variables a bit and ditch duplicate addition.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libiio: Drop requirement of threading support in the toolchain

The libiio library will compile fine with a toolchain that doesn't
support threads (tested with br-arm-full-nothread.config).
Only the IIOD program requires support for threading.

Signed-off-by: Paul Cercueil <paul.cercueil@analog.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

wireshark: security bump to version 1.12.3

Fixes:
CVE-2015-0559, CVE-2015-0560 - The WCCP dissector could crash.
CVE-2015-0561 - The LPP dissector could crash.
CVE-2015-0562 - The DEC DNA Routing Protocol dissector could crash.
CVE-2015-0563 - The SMTP dissector could crash.
CVE-2015-0564 - Wireshark could crash while decypting TLS/SSL sessions.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

libcurl: security bump to version 7.40.0

Fixes:
CVE-2014-8150 - When libcurl sends a request to a server via a HTTP
proxy, it copies the entire URL into the request and sends if off.
If the given URL contains line feeds and carriage returns those will be
sent along to the proxy too, which allows the program to for example
send a separate HTTP request injected embedded in the URL.

CVE-2014-8151 - libcurl stores TLS Session IDs in its associated Session
ID cache when it connects to TLS servers. In subsequent connects it
re-uses the entry in the cache to resume the TLS connection faster than
when doing a full TLS handshake. The actual implementation for the
Session ID caching varies depending on the underlying TLS backend.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>