git.libre-soc.org Git - buildroot.git/log

package/pipewire: add libva optional dependency

libva is an optional dependency of spa, see:
https://github.com/PipeWire/pipewire/blob/0.2.7/spa/meson.build

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pipewire: fix comment in Config.in

Commit ac92146ebb7627378c0a8c92f6490e55333eb6bb forgot to update
comment with udev dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-multidict: bump to version 4.7.2

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx6-sabresd_qt5: enable gstreamer videotestsrc plugin

The videotestsrc Gstreamer plugin is very useful for testing.

Enable it by default.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-django: security bump to version 3.0.1

Fixes the following security vulnerability:

- CVE-2019-19844: Potential account hijack via password reset form
  By submitting a suitably crafted email address making use of Unicode
  characters, that compared equal to an existing user email when lower-cased
  for comparison, an attacker could be sent a password reset token for the
  matched account

In addition, a number of bugs have been fixed.  For details, see the release
notes:
https://docs.djangoproject.com/en/dev/releases/3.0.1/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libebml: bump to version 1.3.10

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/duktape: bump to version 2.5.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openrc: cleanup sysv-rcs script

Currently, the sysv-rcs script has two issues:
  - The return code of each RCS script is not checked.
  - The output does not match the formatting of the other openrc
    init scripts.

Modify the script in the following ways to fix both issues:
  - Remove the "einfo "Starting sysv rc scripts"" at the top of the
    start function in favor of "einfo "Starting $i" in the loop
    itself.

  - Add a "> /dev/null" to the end of $i start; this suppresses
    stdout while still allowing for stderr messages to print to the
    terminal.

  - add an "eend $? to both the start and stop functions, this
    allows for openrc to show if an RCS script returned 0 or
    not.

The following is the startup output of OpenRC on a minimal system
with S01syslogd modified to exit with a return code 1 for testing
purposes:

Before:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting sysv rc scripts
Starting syslogd: OK
Starting klogd: OK
Running sysctl: OK

After:
* Adding static routes ...
[ ok ]
Starting default runlevel
* Starting /etc/init.d/S01syslogd ...
[ !! ]
* Starting /etc/init.d/S02klogd ...
[ ok ]
* Starting /etc/init.d/S02sysctl ...
[ ok ]

Signed-off-by: Adam Duskett <aduskett@greenlots.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnetconf2: bump to version 1.1.3

Other changes:

- Remove patch (already in upstream version)

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Heiko Thiery <heiko.thiery@kontron.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libyang; bump to version 1.0.109

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Heiko Thiery <heiko.thiery@kontron.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libtirpc: bump to version 1.2.5

Rebased 0001-Disable-parts-of-TIRPC-requiring-NIS-support.patch,
dropped 3 patches accepted upstream.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jq: bump to git version a97638713ad3 (still 1.6-based)

jq 1.6 has a severe performance regression compared to 1.5. The problem is
reported [1] and fixed [2] upstream, but there are different commits and
later subsequent fixes on top of them that make it cumbersome to patch
specifically.

Instead, bump to a recent git version.

[1] https://github.com/stedolan/jq/issues/1826
[2] https://github.com/stedolan/jq/pull/1834

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qt5/qt5webengine: fix build error due to bogus use of -isystem

This commit adds a patch from upstream chromium[1] that allows passing
-I instead of -isystem to CFLAGS.

Fixes:
  In file included from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/bits/stl_algo.h:59:0,
                  from /usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/algorithm:62,
                  from /usr/include/qt5/QtCore/qglobal.h:85,
                  from /usr/include/qt5/QtCore/qalgorithms.h:37,
                  from /usr/include/qt5/QtCore/qlist.h:37,
                  from /usr/include/qt5/QtCore/qstringlist.h:34,
                  from /usr/include/qt5/QtCore/QStringList:1,
                  from base/http/requestparser.cpp:32:
/usr/lib/gcc/x86_64-pc-linux-gnu/6.1.0/include/g++-v6/cstdlib:75:25: fatal error: stdlib.h: No such file or directory
  #include_next <stdlib.h>

[1] https://chromium.googlesource.com/chromium/src/+/a8c8396fd20d98666d517c45b358c63736e345ef

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
[Thomas: improved commit log with comments from Giulio.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/genimage: add patch to support vfat volume-label

Import "0001-image-vfat-Add-label-option-to-set-volume-name.patch" from
the upstream repository. The changes made to the README.rst file had to
be removed from the patch so that the package can be compiled in
buildroot. The patch has been accepted upstream, but no releases have
been made yet which includes the feature.

Signed-off-by: Dario Binacchi <dariobin@libero.it>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libvdpau: bump to version 1.3

- Switch to meson-package
- Drop second patch (not needed anymore)
- Drop third patch (after feedback from upstream:
https://gitlab.freedesktop.org/vdpau/libvdpau/merge_requests/5)
- Disable documentation

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openrc: install sysv-rcs file

package/openrc has the file sysv-rcs which starts sysvinit services
not written for openrc. However, currently it is not installed to
the target.

Install this file to $(TARGET_DIR)/etc/init.d during the
target_install step.

Signed-off-by: Adam Duskett <aduskett@greenlots.com>
[yann.morin.1998@free.fr: use full-path for destination, not just dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xenomai: bump version to 3.0.10

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xenomai: clean up wrappers cleanup

There is no posix.wrappers anymore, but cobalt and modechk. Those only
play a role when building in combination with wrap-link.sh.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/xenomai: smokey's not a skin

That's a testsuite tool.

Rename XENOMAI_REMOVE_SKIN_LIST at this chance as it's cleaning
libraries, not only skins. Ditto, rename the hook accordingly.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
[yann.morin.1998@free.fr: also rename the hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/tcllib: update the upstream URL in Config.in

Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.

Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/libssh: security bump to version 0.9.3

Fixes the following security vulnerabilities:

- CVE-2019-14889: Unsanitized location in scp could lead to unwanted command
execution.

And adds various hardening improvements. For details, see the announcement:

https://www.libssh.org/2019/12/10/libssh-0-9-3-and-libssh-0-8-8-security-release/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

{linux, linux-headers}: bump 4.{14, 19}.x / 5.{3, 4}.x series

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/glibc: hide "glibc utils" if glibc is not selected

BR2_PACKAGE_GLIBC_UTILS config must not exist if we use other libc than glibc

Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/tcping: bump to version 1.3.6

Switched to latest version on GitHub as linuxco.de is no longer
active. The appropriate entry for tcping on release-monitoring.org
has been updated and a new mapping has been added for the Buildroot
project.

Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/systemd: bump to 244.1

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/nodejs: security bump to version 12.14.0

Fixes the following security vulnerabilities (in npm):

- CVE-2019-16775: Versions of the npm CLI prior to 6.13.3 are vulnerable to
  an Arbitrary File Write.  It is possible for packages to create symlinks
  to files outside of thenode_modules folder through the bin field upon
  installation
  https://www.npmjs.com/advisories/1436

- CVE-2019-16776: Versions of the npm CLI prior to 6.13.3 are vulnerable to
  an Arbitrary File Write.  It fails to prevent access to folders outside of
  the intended node_modules folder through the bin field
  https://www.npmjs.com/advisories/1434

- CVE-2019-16777: Versions of the npm CLI prior to 6.13.4 are vulnerable to
  an Arbitrary File Overwrite.  It fails to prevent existing
  globally-installed binaries to be overwritten by other package
  installations
  https://www.npmjs.com/advisories/1437

For further details, see the upstream announcements:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
https://nodejs.org/en/blog/vulnerability/december-2019-security-releases/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wavpack: add openssl optional dependency

wavpack optionally depends on libcrypto since version 5.2.0 and
https://github.com/dbry/WavPack/commit/e158df5353b57ac7002d5cac4b3a040eba4c0c9f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wavpack: security bump to version 5.2.0

- Switch to github to get latest version
- Drop patches (already in version)
- Fix CVE-2018-19840: The function WavpackPackInit in pack_utils.c in
  libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
  denial-of-service (resource exhaustion caused by an infinite loop) via
  a crafted wav audio file because WavpackSetConfiguration64 mishandles
  a sample rate of zero.
- Fix CVE-2018-19841: The function WavpackVerifySingleBlock in
  open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers
  to cause a denial-of-service (out-of-bounds read and application
  crash) via a crafted WavPack Lossless Audio file, as demonstrated by
  wvunpack.
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pipewire: use "config" instead of "menuconfig"

pipewire doesn't have enough sub-options to warrant having its own
menuconfig.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pipewire: add missing dependencies/plugins

Added missing required and optional dependencies.
Provide option to enable gstreamer plugin.

Fixes:

http://autobuild.buildroot.net/results/9671ad63b1ae147a6f660337cb4b3dc38209067c/
http://autobuild.buildroot.net/results/0e80841fe9937d7a5142035c2a41158166bcf8df/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- enclose new option in if ... endif block
- add missing Config.in comment
- add dependency on gstreamer1 in .mk file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx6-sabresd: bump kernel version

Bump the kernel version to 5.4.2.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/meson: bump to version 0.52.1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kf5/kf5-kcoreaddons: don't treat ld warnings as errors

Microblaze ld emits warnings like:
'
FDE encoding in
CMakeFiles/KF5CoreAddons.dir/KF5CoreAddons_autogen/mocs_compilation.cpp.o(.eh_frame)
prevents .eh_frame_hdr table being created
'
Since '-Wl,--fatal-warnings' is passed by default, build fails, so don't
treat warnings as errors by appending "-Wl,--no-fatal-warnings" to
CMAKE_SHARED_LINKER_FLAGS that is previously defined in package
dependency kf5-extra-cmake-modules.

Fixes:
http://autobuild.buildroot.net/results/f19/f198c86930535c50393e17fc7a70fb4f27b096ee/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/polkit: add polkitd user and appropriate permissions

The polkit daemon requires a polkitd user with permission to access the
following directories:
- /etc/polkit-1
- /usr/share/polkit-1

The /usr/bin/pkexec file must be owned by owned by root with the
permissions 4755 or else the error "pkexec must be setuid root" is
thrown when it's ran.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-yieldfrom: bump to version 1.0.5

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lua-msgpack-native: fix build with moonjit

compatibility with Lua 5.0 was removed in LuaJIT/moonjit 2.1.x
(Lua 5.1.x and LuaJIT 2.0.x have this compatibility)

Fixes:

http://autobuild.buildroot.org/results/4e428df01def186cb034a1774f6c00e2e7c9468c/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
[Thomas: add comment on .mk file]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tftpd: add an upstream URL to Config.in

Add an upstream URL to the help text in Config.in. This
addresses the 'Missing' URL status in the package stats
web page output.

Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr:
- use the git tree instead of the 8-year old freshmeat webpage
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/usbmount: update the upstream URL in Config.in

Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.

Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/w_scan: update the upstream URL in Config.in

Update the upstream URL in the help text in Config.in. This
addresses the 'Invalid(Err)' URL status in the package stats
web page output.

Signed-off-by: Mark Corbin <mark@dibsco.co.uk>
[yann.morin.1998@free.fr: use offical (de) homepage]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/freescale-imx/firmware-imx: fix license hashes

License files were updated since the previous version.
This patch update to the new license hashes. It also fixes the
"make legal-info" command failure due to the hash mismatch.

Fixes:
- http://autobuild.buildroot.org/results/d9d/d9d82dd6727b82a643cbb75ca33b88a4636bd5fe

Signed-off-by: Julien Olivain <juju@cotds.org>
[yann.morin.1998@free.fr: add autobuilder reference]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

support/testing: fix python-gitdb2 test

Cthe test-case for python-gitdb2 consists solely in verifying that the
module can indeed be imported.

However, flake8 errors out on unused imports. Furthermore, it also
errors about wildcard imports, as it can detect unused symbols.

Squelch those errors.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/alsa-utils: add a WantedBy section to the systemd unit file

This allows the user to enable/disable manually the unit.
It is enabled by default

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split logn lines
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/rauc: add a WantedBy section to the systemd unit file

upstream-provided service has no WantedBy, which means that rauc won't
be enabled by default

Add a WantedBy instead of manually creating the symlink so the user can
enable/disable the unit properly

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/syslog-ng: implement systemd enablement using DefaultInstance

Instead of using a manual symlink we use add a DefaultInstance= to the
config file

This is how upstream wants us to do it and allows systemctl preset to
correctly restore it if needed

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- split long line
- no need for continued line (no use for ';\' )
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/wpa_supplicant: adapt to systemctl preset-all

All services were installed but not enabled.

This change enables the non-templated service but disables the
templated ones.

Enabling the templates creates weird links which are probably an
upstream bug.

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/network-manager: adapt to systemctl preset-all

NM has three services
* NetworkManger.service : the main daemon
* NetworkManger-dispatcher.service : a daemon handling network callbacks
* NetworkManager-wait-online.service : sync of other services with network-online

Only the first two were activated. We now also enable
wait-online. Not enabling it was probably a bug.

Note that buildroot adds an alias dbus-org.freedesktop.NetworkManager
Adding an alias that is not known upstream is not clean,
but I left it for backward compatibility

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/linuxptp adapt to systemctl preset-all

linuxptp has two services
* linuxptp.service : the actual daemon
* linuxptp-system-clock.service : sync the linux clock to the phc clock

The first was enabled, the second was not, we now enable both

The second has an incorrect (though harmless) WantedBy : there is an
explicit Wants= in linuxptp.service

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/connman: adapt to systemctl preset-all

connman has two services
* connman.service which is the real daemon
* connman-wait-online.service which is a sync point for network-online.target

Only the first one was enabled. This adaptation enables both.

Not enabling connman-wait-online.service is probably a bug

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package: rely on systemctl preset-all for upstream-provided services

All these packages have an upstream-provided service, but buildroot
enabled manually the services in exactly the same way as the [Install]
section.

This is not needed anymore

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr: fix check-package errors]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package: rely on systemctl preset-all for buildroot-provided services

All the packages in this list have the following properties
* units are provided by buildroot in the package directory
* the SYSTEMD_INSTALL_INIT_HOOK is exactly equivalent to what the
[Install] section of the unit does

The fix removes the soflinking in the .mk file

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/systemd: fix tty handling

Handling of tty is a bit tricky, we need to aggressively disable what
systemd does with tty1 then update for what buildroot wants to do

Rework the whole tty generation to work with presets

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
- fold long lines
- drop spurious empty lines removals
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/systemd: use host-systemctl preset all to enable units

since v234 upstream recommands using systemctl preset-all to enable units.
* add a buildroot specific preset file
* use that file to disable getty@tty1
* make systemd depend on host-systemd
* remove all link-creating code that systemd does for us.

Most packages will not be affected by this change, but a few packages
were installing units without manually enabling them. Those packages
will now be automatically enabled.

The fact that those packages were not enabled is almost certainly a bug,
but it is a change of behaviour that needs to be reported

host-systemd also builds udevadm for the host. That means we no longer
need to depend on host-eudev to provide udevadm (that would conflict).

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
  - also remove the hwdb sources on fs generation
  - fix check-package errors
  - few typoes and reformatting in commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/sysrepo: fix install path for systemd units

The relative paths currently used to install the systemd units causes an
incorrect installation, where units are installed in (notice the double
usr in the paths):

    target/usr/usr/lib/systemd/system/sysrepod.service
    staging/usr/usr/lib/systemd/system/sysrepod.service

Fix that by using an absolute path.

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
  - split into its own commit
  - expand commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/systemd: add host variant

Add the infrastructure to build the host version of systemd
* disable all optional features, they can be re-added when needed
* systemd has creative way of dealing with cross compile
  we build a "normal" host systemd, but install it in $HOST_DIR
  we use systemctl --root to correctly act on TARGET_DIR
* we need to adjust RPATH using patchelf because meson can't do it
  correctly by itsel

The first question is: why do we use --prefix=/usr ?

systemd will store its --prefix in all the executables it generates. As
such, systemctl will have a hardcoded 'prefix', where it will manipulate
and create files/symlinks in. When called natively, this is nice and
shinny.

However, for cross-setup, that does not work obviously.

So, systemd has its tools know about the 'root' directory where this
prefix should be related to. We can call systemctl --root=$(TARGET_DIR)
and systemctl wil do the links and such in there.

However, it does so by appending its known prefix to it.

So, if we were to configure host-systemd as we usually do, with
--prefix=$(HOST_DIR), then when we would call host systemctl --root=$(TARGET_DIR)
it would look for files in $(TARGET_DIR)/$(HOST_DIR), which is wrong.

Calling the host systemctl without --root is also wrong, as it would look for
files in $(HOST_DIR)

So, there is no satisfying official support for this case.

The trick then, is to configure systemd with the prefix it would expect
at runtime (on the target!), that is with /usr, but install out-of-tree.

That was it for the first part of the question: why do we use --prefix.

Now, the second question is: why do we need to muck up with the rpath
after installation?

Well, this boils down to meson (and not systemd itself). When it
installs executables, meson will handily insert whatever rpath the
package meson.build would tell it to use. systemd installs libs in
$(prefix)/lib/systemd and has a NEEDED to those libs, so it uses an
RPATH to find those libs, and meson does inject that RPATH into the
installed executables.

However, we Buildroot also want to insert our own RPATH, because systemd
uses util-linux' libs and libcap, installed in $(HOST_DIR), so it needs
our RPATH.

However, meson can not extend the RPATH from the LDFLAGS in the
environment; meson can only set the RPATH from what it knows about from
the package's meson.build.

That, in addition to the --prefix=/usr issue above, means that the
executables installed by host-systemd have an RPATH set to
/usr/lib/systemd. when we would want it to be set to
$(HOST_DIR)/lib:$(HOST_DIR)/lib/systemd

That's what is done in the post-install hook: set the RPATH to the
appropriate values.

Signed-off-by: Jérémy Rosen <jeremy.rosen@smile.fr>
[yann.morin.1998@free.fr:
  - reformatting in commit log
  - declare host variant after target variant
  - simplify comments
  - slight reordering of variable (HOST_SYSTEMD_NINJA_ENV moved)
  - reformatting for mutli-line variable (HOST_SYSTEMD_HOST_TOOLS)
  - don't split HOST_SYSTEMD_CONF_OPTS in two sets
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

linux: bump CIP RT kernel to version 4.19.82-cip14-rt5

This patch bumps Linux CIP RT version to 4.19.82-cip14-rt5.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump CIP kernel to version 4.19.88-cip16

This patch bumps Linux CIP version to 4.19.88-cip16.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/iozone: bump to version 3_488

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lrzip: needs C++

Fixes:
http://autobuild.buildroot.net/results/e40/e40653aa895bb47d20ad237c8a5ae3f6b76f3f67/

libzpaq is written in C++ (and unconditionally built), so depend on C++
support.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wireguard: bump version to 0.0.20191212

For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-December/004764.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pkg-generic.mk: also apply extractor-pkg-dependency to <pkg>_EXTRA_DOWNLOADS

For now, the extractor dependencies were only calculated for
<pkg>_SOURCE, so if the package manually downloads another file using
<pkg>_EXTRA_DOWNLOADS and then extracts it with $(call
suitable-extractor), we are missing the corresponding dependency on
the appropriate extracting tool.

Since the vast majority of <pkg>_EXTRA_DOWNLOADS are compressed files
that will be uncompressed at build time, it makes sense to derive the
corresponding extractor dependencies directly in the common package
infrastructure, rather than having each and every package using
<pkg>_EXTRA_DOWNLOADS making this effort.

On a system without xzcat, before this patch:

$ make printvars VARS=HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES
HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES=host-tar

After this patch:

$ make printvars VARS=HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES
HOST_GETTEXT_TINY_EXTRACT_DEPENDENCIES=host-tar host-xz

This commit most notably fixes the build of host-gettext-tiny on
systems without xzcat, and with per-package support enabled. Indeed,
the main _SOURCE for gettext-tiny is a .gz file, but it has a .xz file
in its _EXTRA_DOWNLOADS, which is then extracted. Except that xzcat
being missing from the dependencies, it is not built.

Fixes:

http://autobuild.buildroot.net/results/83c6d47c06334bef27791a59bdd491b1de124c49/

Suggested-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pkg-generic.mk: use extractor-pkg-dependency macro

Instead of manually calculating the EXTRACT_DEPENDENCIES value based
on the archive extension, let's use the newly introduced
extractor-pkg-dependency macro.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pkg-utils.mk: rework implementation of extractor-system-dependency

Now that we have the EXTRACTOR_PKG_DEPENDENCY.* variables available,
we can use them to implement extractor-system-dependency: if for a
given archive type, the corresponding EXTRACTOR_PKG_DEPENDENCY.<type>
variable is empty, then it means we need the corresponding extractor
tool to be provided by the system.

Following this, EXTRACTOR_DEPENDENCY_PRECHECKED_EXTENSIONS is no
longer used, so we can drop it from support/dependencies/.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/pkg-utils.mk: add extractor-pkg-dependency macro

To extract some archive types, if the extracting tool is not available
on the system where Buildroot runs on, we build it using a Buildroot
host package.

Such dependencies are currently explicitly handled by the
inner-generic-package macro, but in fact we also need to handle them
in all places where the "suitable-extractor" macro is invoked, and
some packages invoke it directly. Otherwise, such packages may be
missing a dependency to the appropriate host Buildroot package
building the extracting tool they need. An example is gettext-tiny,
whose source code is a gzip-compressed tarball, but in addition
manually extracts a xz-compressed tarball.

This extractor-pkg-dependency macro will be used in follow-up commits
to ensure all the packages that use suitable-extractor properly add
the correct dependencies.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

support/testing: add gitdb2 test

Add a simple test case that imports the module.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-gitdb2: new package

GitDB allows you to access bare git repositories for reading and
writing. It aims at allowing full access to loose objects as well as
packs with performance and scalability in mind. It operates
exclusively on streams, allowing to handle large objects with a small
memory footprint.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Thomas: fix license]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: add smmap2 test

Add a simple test case that imports the module and instantiates a new
SlidingWindowMapManager class.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-smmap2: new package

Smmap wraps an interface around mmap and tracks the mapped files as
well as the amount of clients who use it. If the system runs out of
resources, or if a memory limit is reached, it will automatically
unload unused maps to allow continued operation.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-utils.mk: rename extractor-dependency to extractor-system-dependency

The extractor-dependency macro returns which system-provided tools are
needed to be able to extract the archive passed as argument. The
result of this macro is added to DL_TOOLS_DEPENDENCIES so that the
logic in support/dependencies/ verifies that the necessary tools are
provided by the system.

However, we are going to add another macro, extractor-pkg-dependency,
which says which Buildroot packages are needed to extract the archive
passed as argument. Indeed, for those archive types, if the extractor
is not provided system-wide, we build it as a host Buildroot package.

To clarify the distinction between the upcoming
extractor-pkg-dependency and existing extractor-dependency, we rename
the latter to extractor-system-dependency.

We take this opportunity to extend the documentation of this macro.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

package/freescale-imx/firmware-imx: bump version to 8.1.1

This version is aligned with i.MX NXP BSP components version
rel_imx_4.14.98_2.0.0_ga

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freescale-imx: update SITE to use NXP url

NXP BSPs has been using the nxp.com URL for a while:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-freescale/commit/conf/layer.conf?id=d6abbbc1ce0882bdc82e03b1868eeba1a50a7bd3

It's unclear for how long the freescale.com redirect will be
maintained. This patch update the FREESCALE_IMX_SITE variable
to point directly to the NXP site.

Signed-off-by: Julien Olivain <juju@cotds.org>
Reviewed-by: Gary Bisson <bisson.gary@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx8mpico: bump BSP components to 4.14.98_2.0.0

Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.

This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/imx8mmpico: bump BSP components to 4.14.98_2.0.0

Update Kernel, U-Boot and ATF to TechNexion BSP, based on NXP
4.14.98_2.0.0 release.

This patch also remove BR2_TARGET_UBOOT_FORMAT_IMX in defconfig which
is not needed for this platform.

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/solarus: disable tests

Set -DSOLARUS_TESTS=OFF to disable tests (option added in version 1.6.1
with:
https://gitlab.com/solarus-games/solarus/commit/1829189c6050e36086b12c3806932e8657265467)

Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/solarus: allow building with lua 5.1

Build with lua 5.1 has been fixed since version 1.6.1 and
https://gitlab.com/solarus-games/solarus/commit/611f81a90d42692e986c78c67090541ffd1c5973

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: keep a select BR2_PACKAGE_LUAJIT, but make it "if
!BR2_PACKAGE_LUA_5_1"]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/solarus: bump to version 1.6.2

Switch to gitlab to retrieve latest version

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/apitrace: needs wchar

apitrace uses its own version of gtest which depends on wchar since
version 8.0 and
https://github.com/apitrace/apitrace/commit/85cf7c8b86129699246574dfeec846e88a3f88a2

Moreover, apitrace also uses wcslen in trace_writer.cpp since at least
version 8.0 and
https://github.com/apitrace/apitrace/commit/5e9a2b11b248aaa2f6f353bbcf9f600d65bcaf51

Fixes:
- http://autobuild.buildroot.org/results/5f27556ccc9daec578fe1bf2ed516ca9921ed474

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/apitrace: needs host-python3

apitrace needs host-python3 since version 9.0 and
https://github.com/apitrace/apitrace/commit/0b8b019952f2668a5e8786cc2d331062b958f02e

Fixes:
- http://autobuild.buildroot.org/results/5f27556ccc9daec578fe1bf2ed516ca9921ed474

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-validators: bump version to 0.14.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jo: bump version to 1.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pipewire: new package

PipeWire is a server and user space API to deal with multimedia
pipelines.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
- further bump to 0.2.7
- select BR2_PACKAGE_DBUS instead of depending on it]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jimtcl: bump to version 0.79

- Switch site from debian to github official mirror
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-bluezero: Bump to version 0.3.0

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgit2: security bump to version 0.28.4

Fixes the following CVE:

- CVE-2019-1351: Windows provides the ability to substitute
  drive letters with arbitrary letters, including multi-byte
  Unicode letters. To fix any potential issues arising from
  interpreting such paths as relative paths, we have extended
  detection of DOS drive prefixes to accomodate for such cases.

- CVE-2019-1352: by using NTFS-style alternative file streams for
  the ".git" directory, it is possible to overwrite parts of the
  repository. While this has been fixed in the past for Windows,
  the same vulnerability may also exist on other systems that
  write to NTFS filesystems. We now reject any paths starting
  with ".git:" on all systems.

- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
  possible to write to the ".git" directory and thus overwrite
  parts of the repository, leading to possible remote code
  execution. While this problem was already fixed in the past for
  Windows, other systems accessing NTFS filesystems are
  vulnerable to this issue too. We now enable NTFS protecions by
  default on all systems to fix this attack vector.

- CVE-2019-1354: on Windows, backslashes are not a valid part of
  a filename but are instead interpreted as directory separators.
  As other platforms allowed to use such paths, it was possible
  to write such invalid entries into a Git repository and was
  thus an attack vector to write into the ".git" dierctory. We
  now reject any entries starting with ".git" on all systems.

libgit2 is not affected by these git CVE:

- CVE-2019-1348: the fast-import stream command "feature
  export-marks=path" allows writing to arbitrary file paths.

- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
  alternate filesystreams, it is possible to cause submodules to
  be written into pre-existing directories during a recursive
  clone using git.

- CVE-2019-1350: recursive clones may lead to arbitrary remote
  code executing due to improper quoting of command line
  arguments.

- CVE-2019-1387: it is possible to let a submodule's git
  directory point into a sibling's submodule directory, which may
  result in overwriting parts of the Git repository and thus lead
  to arbitrary command execution. As libgit2 doesn't provide any
  way to do submodule clones natively, it is not susceptible to
  this vulnerability. Users of libgit2 that have implemented
  recursive submodule clones manually are encouraged to review
  their implementation for this vulnerability.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/beaglebone: kernel builds needs host-openssl

Fixes:

514 scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
515 #include <openssl/bio.h>

Seen at:

https://gitlab.com/buildroot.org/buildroot/-/jobs/378314247

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libnice: add optional dependency to openssl

Support for OpenSSL was added in version 0.1.15:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html

With the option of using OpenSSL as a crypto provider, we can't keep
GnuTLS as the default, because using:

select BR2_PACKAGE_GNUTLS if !BR2_PACKAGE_OPENSSL

causes a Kconfig circular dependency:

package/openssl/Config.in:4:error: recursive dependency detected!
package/openssl/Config.in:4: symbol BR2_PACKAGE_OPENSSL is selected by BR2_PACKAGE_GNUTLS
package/gnutls/Config.in:1: symbol BR2_PACKAGE_GNUTLS is selected by BR2_PACKAGE_OPENSSL

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: pass --with-crypto-library argument]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnice: bump version to 0.1.16

Release notes:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html
https://lists.freedesktop.org/archives/nice/2019-May/001444.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/harfbuzz: bump version to 2.6.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- drop patch 0001-pool-Fix-alignment-assertion.patch, which is in
upstream commit aade9b70aabd8a97dd8a28cda2cf4d0694dd7350, available
since version 2.6.0
- further bump to 2.6.4]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/coreutils: bump version to 8.31

Added license hash.
Added patch to fix build error with uclibc.

Release notes:
https://lists.gnu.org/archive/html/coreutils/2019-03/msg00042.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/licheepi_zero: U-Boot needs pylibfdt

Like all Allwinner platforms, building the licheepi_zero U-Boot
configuration requires pylibfdt.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/378314331

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/pc/post-build.sh: fix typo in grub boot.img path

Commit 3468ef16fa55610bae3bacefaf816231a20cfab0
("configs/pc_x86_64_efi: use genimage GPT partition table support")
had a small typo on the path to grub boot.img file: i387-pc instead of
i386-pc, which causes a build failure.

Fixes:

https://gitlab.com/buildroot.org/buildroot/-/jobs/378314412

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Alexandre PAYEN <alexandre.payen@smile.fr>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xdg-dbus-proxy: add patch to support building with musl

Import "0001-Fix-musl-compilation-by-adding-TEMP_FAILURE_RETRY.patch"
from the upstream repository, which allows building against the musl
libc (or any other which does not define the TEMP_FAILURE_RETRY macro).
The patch has been accepted upstream, but no releases have been made yet
which include the fix.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpewebkit: add option to enable sandboxing support

Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).

The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solution (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: select libseccomp]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: select libseccomp when sandbox is enabled

Select BR2_PACKAGE_LIBSECCOMP when the sandboxing support is enabled
during configuration.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tools: bump to version 4.1

- Drop patch (already in version)
- Update hash of license file (copyrights retained since version 4.0 and
https://github.com/tpm2-software/tpm2-tools/commit/e4b469724eaa6eff0a1ce3bce9fd2ab9e010cd3b)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: disable man pages build]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-abrmd: bump to version 2.3.0

Drop dbus dependency as it is not needed since version 2.2.0 and
https://github.com/tpm2-software/tpm2-abrmd/commit/c1d42c9ebefbfe36255603aca065944836c14610

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openal: switch to github mirror

Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-totp: explicitly disable optional configure flags

Explicitly disable doxygen, plymouth, initramfstools and mkinitcpio support
as it is not needed / available in Buildroot.

Also use the new --disable-defaultflags option to ensure our compiler flags
are used rather than trying to disable -fstackprotector-all, similar to how
it is done in tpm2-tss.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-totp: bump to version 0.2.0

Add patch to fix build failure with musl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tss: bump to version 2.3.2

- Drop patch (already in version)
- Update hash of license file (SPDX ID has been removed with
https://github.com/tpm2-software/tpm2-tss/commit/0dbc84ee45d0e4cd7eae528f53968f8877455aab)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libkrb5: needs host-pkgconf for libedit

host-pkgconf is needed to find libedit

Fixes:
- http://autobuild.buildroot.org/results/45eee300788f46975d292b21eead97f9e9a8b5d8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>