git.libre-soc.org Git - buildroot.git/log

support/scripts/check-host-rpath: document existing functions

As suggested by Arnout Vandecappelle, let's document the
elf_needs_rpath() and check_elf_has_rpath() functions, before we make
them a bit more complicated with per-package directory support.

Suggested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

zbar: bump to version b3b4e32b55f570372fc3af473e51f0a13ee57869

- Add hash for license file
- Fix build with kernel headers >= 4.4 with:
https://git.linuxtv.org/zbar.git/commit/?id=b3b4e32b55f570372fc3af473e51f0a13ee57869

Fixes:
- http://autobuild.buildroot.org/results/630204315eac6e2800bc13c1486a5a525bf9ab37

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

apr: fix runtime tests for cross compile

- epoll supported since linux-2.5.44/glibc-2.3.2 (see [1])
- dup3 supported since linux-2.6.27/glibc-2.9 (see [2])
- SOCK_CLOEXEC supported on linux (see [3])
- accept4 suppported since linux-2.6.28/glibc-2.10 (see [4])

Fixes [5] apache runtime failure (#11576)

  [mpm_event:crit] [pid 173:tid 1996214272] (70023)This function has not been
      implemented on this platform: AH00495: Couldn't create a Thread Safe Pollset.
      Is it supported on your platform?Also check system or user limits!
  [:emerg] [pid 173:tid 1996214272] AH00017: Pre-configuration failed, exiting

[1] http://man7.org/linux/man-pages/man7/epoll.7.html
[2] https://linux.die.net/man/2/dup3
[4] https://linux.die.net/man/2/accept4
[5] https://bugs.busybox.net/show_bug.cgi?id=11576

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

nettle: fix build with gcc 4.7

Fixes:
- http://autobuild.buildroot.org/results/69226d42e9a483aaff44fb3f468b4724415e71f6

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wavemon: bump to version 0.9.0

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gst1-plugins-bad: fix build with fdk-aac 2.0

Fixes:
http://autobuild.buildroot.net/results/343/343249ab34ab77be3b8077f544b9d1e2d4852796/
http://autobuild.buildroot.net/results/edc/edca961f2c4d1946385ac86a756308caaf22d79d/

Fdk-aac 2.0 dropped some legacy APIs, breaking the build of the fdk-aac
plugin. Add two upstream upstream patches to fix building against fdk-aac
2.0.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/llvm: set the path to llvm-config

While building llvm for the target (x86_64), the build failed due to
path poisoning (-I/usr/include/libxml2) while building NATIVE tools
(i.e for the host). The llvm package tries to build a tool for the host
with the cross-compiler which doesn't work when the paranoid toolchain
wrapper (BR2_COMPILER_PARANOID_UNSAFE_PATH) is enabled.

We know that llvm (target) needs llvm-tablegen and llvm-config built by
host-llvm, but only LLVM_TABLEGEN is provided by llvm.mk. Adding
LLVM_CONFIG_PATH=$(HOST_DIR)/bin/llvm-config for llvm (target)
fixes the path poisoining issue since llvm doesn't build the NATIVE
variant.

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Valentin Korenblit <valentinkorenblit@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva-utils: drop _SOURCE variable which has the default value

Since commit b0907949261ef5e8179c027c086903f30417dd66
("package/libva-utils: bump to version 2.3.0"), the LIBVA_UTILS_SOURCE
variable has the default value of the <pkg>_SOURCE variable, so
check-package complains:

package/libva-utils/libva-utils.mk:8: remove default value of _SOURCE variable (http://nightly.buildroot.org/#generic-package-reference)

Let's fix this by dropping the now unneeded variable assignment.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: use HOSTCC_NOCCACHE as kconfig HOSTCC

linux is a bit different than other kconfig-package, because it has
"toolchain" in KCONFIG_DEPENDENCIES. Thanks to this, host-ccache *is*
ready by the time kconfig invocations are made, so we could use
$(HOSTCC) as the host compiler for kconfig related operations.

However, for consistency with other kconfig-package packages, we chose
to use $(HOSTCC_NOCCACHE) as well.

We cannot rely on the default value of HOSTCC passed by the
kconfig-package infrastructure, because $(LINUX_MAKE_FLAGS) also
contains a HOSTCC definition that would override the one passed by the
kconfig-package infrastructure.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

boot/uboot: use HOSTCC_NOCCACHE as kconfig HOSTCC

At kconfig time, dependencies are not built, and therefore host-ccache
is not ready. Due to this, using $(HOSTCC) as the host compiler in
KCONFIG_OPTS does not work: a "make uboot-menuconfig" invocation from
a clean tree with ccache enabled fails.

This commit fixes this by using $(HOSTCC_NOCCACHE). We cannot rely on
the default value of HOSTCC passed by the kconfig-package
infrastructure, because $(UBOOT_MAKE_OPTS) also contains a HOSTCC
definition that would override the one passed by the kconfig-package
infrastructure.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pkg-kconfig: pass HOSTCC during kconfig steps

The kconfig build logic uses the HOSTCC variable to find the host
compiler. It makes sense to explicitly pass a value to this variable,
pointing to the host compiler used by Buildroot.

During the kconfig step, host-ccache is not ready (host-ccache is only
a dependency to the configure step of packages), so we use
$(HOSTCC_NOCCACHE).

Packages currently using the kconfig-package fell into two categories:

- Those not passing any HOSTCC value. For such packages, it was the
   default host compiler detected by the kconfig build logic that was
   used. ccache was therefore never used. With this commit, those
   packages will now be using the host compiler detected by
   Buildroot. Packages in this situation: at91bootstrap3, barebox,
   busybox, swupdate, uclibc, xvisor.

- Those passing a HOSTCC value. Such packages were passing $(HOSTCC),
   which doesn't work as host-ccache will not be ready. This commit
   does not fix them, as they still override HOSTCC. It will be fixed
   in followup commits. Packages in this situation: uboot and
   linux. Note that linux was a bit special, because it has a
   KCONFIG_DEPENDENCIES on the toolchain package, so in fact
   host-ccache was ready.

So practically speaking, this commit does not fix anything, as the two
only problematic packages that use $(HOSTCC) are not fixed. However,
it makes things more correct by explicitly telling kconfig which
compiler to use.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

infra/pkg-cmake: use an obviously-invalid value for CMAKE_SYSTEM_VERSION

In 36568732e4, we expanded toolchain.cmake to also define the value for
CMAKE_SYSTEM_VERSION, as the cmake documentation states that it must be
manually defined when doing cross-compilation [0]:

    When the CMAKE_SYSTEM_NAME variable is set explicitly to enable
    cross compiling then the value of CMAKE_SYSTEM_VERSION must also
    be set explicitly to specify the target system version.

However, the fix in 36568732e4 uses the version of the kernel headers,
assuming that would be the oldest kernel we could run on. Yet, this is
not the case, because glibc (for example) has fallbacks to support
running on kernels older than the headers it was built against.

The cmake official wiki [1] additionally states:

  * CMAKE_SYSTEM_VERSION : optional, version of your target system, not
    used very much.

Folllowed a little bit below, by:

  * CMAKE_TOOLCHAIN_FILE : absolute or relative path to a cmake script
    which sets up all the toolchain related variables mentioned above

    For instance for crosscompiling from Linux to Embedded Linux on PowerPC
    this file could look like this:

        # this one is important
        SET(CMAKE_SYSTEM_NAME Linux)
        #this one not so much
        SET(CMAKE_SYSTEM_VERSION 1)

    [...]

Furthermore, using the kernel headers version can be a bit misleading (as
it really looks like is is the correct version to use when it is not),
while it is obvious that 1 is not really the output of `uname -r` and
thus is definitely not misleading.

Finally, random searches [2] about CMAKE_SYSTEM_VERSION, mostly only
turns up issues related with Windows, Mac-OS, and to a lesser extent,
Android (where it is forcibly set to 1), with issues realted to running
under just Linux (as opposed to Adnroid) mostly non-existent.

Consequently, we revert to using the value that is suggested in the
cmake WiKi, i.e. 1, and which is basically what we also used as a
workaround in the azure-iot-sdk-c paclkage up until d300b1d3b1.

A case were we will need to have a real kernel version, is if we one day
have a cmake-based pacakge that builds and installs a kernel module [3],
because it will need the _running_ kernel version to install it in
/lib/modules/VERSION/, but in that case it will anyway most probably
not be the headers version.

[0] https://cmake.org/cmake/help/v3.8/variable/CMAKE_SYSTEM_VERSION.html
[1] https://gitlab.kitware.com/cmake/community/wikis/doc/cmake/CrossCompiling
[2] https://duckduckgo.com/?q=CMAKE_SYSTEM_VERSION
[3] https://stackoverflow.com/questions/38205745/cmake-system-version-not-updated-for-new-kernel

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

check-package: fix Python3 support

This script currently uses "/usr/bin/env python" as shebang but it does
not really support Python3. Instead of limiting the script to Python2,
fix it to support both versions.

So change all imports to absolute imports because Python3 follows PEP328
and dropped implicit relative imports.

In order to avoid errors when decoding files with the default 'utf-8'
codec, use errors="surrogateescape" when opening files, the docs for
open() states: "This is useful for processing files in an unknown
encoding.". This argument is not compatible with Python2 open() so
import 'six' to use it only when running in Python3.
As a consequence the file handler becomes explicit, so use it to close()
the file after it got processed.

This "surrogateescape" is a simple alternative to the complete solution
of opening files with "rb" and changing all functions in the lib*.py
files to use bytes objects instead of strings. The only case we can have
non-ascii/non-utf-8 files being checked by the script are for patch
files when the upstream file to be patched is not ascii or utf-8. There
is currently one case in the tree:
package/urg/0002-urg-gcc6-fix-narrowing-conversion.patch.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/supertux: needs gcc >= 6

The initial build issue [1] has been fixed upstream but the supertux
fail to link with boost libraries when using gcc 5 (which use C++11 by default):

libsupertux2_lib.a(main.cpp.o): In function `boost::system::error_category::std_category::equivalent(std::error_code const&, int) const':
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x32): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x47): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x99): undefined reference to `boost::system::detail::generic_category_instance'
libsupertux2_lib.a(main.cpp.o): In function `boost::system::error_category::std_category::equivalent(int, std::error_condition const&) const':
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition[_ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition]+0x33): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition[_ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition]+0x48): undefined reference to `boost::system::detail::generic_category_instance'
collect2: error: ld returned 1 exit status

This is a similar issue as the one reported by [2].

With gcc 5, boost libraries are compiled using C++11 but
supertux2_lib.a is using C++14 standard.

To fix the issue, boost libraries should be build using C++14
standard but we currently don't have an option to "force" the
default C++ standard used by the compiler.

So bump the minimum gcc version to gcc 6 since the C++14 is
used by default.

[1] https://github.com/SuperTux/supertux/issues/1014
[2] https://github.com/boostorg/system/issues/26

Fixes:
http://autobuild.buildroot.net/results/5b4/5b452c155917d783b3d8167fde48c2c938a74b95

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva-utils: bump to version 2.3.0

Have to add a workaround since upstream didn't package this release
properly.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva-intel-driver: bump to version 2.3.0

Remove patch to fix build without stack-protector support which is upstream.
Add backported patch to fix libva-intel-driver when using wayland.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libva: backport Add pointer to struct wl_interface for driver to use

This is needed by libva-intel-driver when using wayland.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/linux-firmware : Install binary blobs for e100 ethernet driver

Add an option in the menuconfig submenu of linux-firmware package. Install
the firmware binary files to the target directory if the option is selected.

Signed-off-by: David Picard <dplamp@gmx.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/cryptsetup: bump to version 2.0.6

Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gnutls: bump to version 3.6.5

- libidn1 support removed since version 3.6.0 and
https://github.com/gnutls/gnutls/commit/abe6a12b9766219163f99d7807a0b07fbe5f590c
- libz support has been removed since version 3.6.0 and
https://github.com/gnutls/gnutls/commit/1b3ece44acaa25c149659a6878d2be807a282f02

This bump also fix build issues of gnutls tests and applications such
as ffmpeg or cups due to the fact that _idn2_punycode_* functions are
not exposed anymore since libidn2 bump to version 2.1.0 and:
https://github.com/libidn/libidn2/commit/1d1f2e5babe6032eb0fe4d451afee2e277b8419f

Fixes:
- http://autobuild.buildroot.org/results/f8c38ea6ebbb78269d620d19d760a0566f742640
- http://autobuild.buildroot.org/results/8dc5b4212b1d8d0bf5bd5e8a27eb02753dc678e4
- http://autobuild.buildroot.org/results/53f5bcd9010c841838f51d65427d9a97ef35e08c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

nettle: bump to version 3.4.1

nettle 3.4.1 is a requirement for gnutls 3.6.5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gnutls: remove unrecognized --with-libnettle-prefix

configure: WARNING: unrecognized options: --disable-docs, --disable-documentation, --with-xmlto, --with-fop, --enable-ipv6, --with-libnettle-prefix

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

minizip: depends on wchar

minizip depends on wchar since version 2.7.0 and
https://github.com/nmoinvaz/minizip/commit/21a3102db475e662aabedc7b191e5732734847ec

Fixes:
- http://autobuild.buildroot.org/results/2e83b694b91fe96e1a044385d327d7abd2183e24

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lz4: bump to version 1.8.3

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wolfssl: security bump to version 3.5.17

From the release notes:

This release of wolfSSL includes a fix for 1 security vulnerability.

Medium level fix for potential cache attack with a variant of
Bleichenbacher’s attack.  Earlier versions of wolfSSL leaked PKCS #1 v1.5
padding information during private key decryption that could lead to a
potential padding oracle attack.  It is recommended that users update to the
latest version of wolfSSL if they have RSA cipher suites enabled and have
the potential for malicious software to be ran on the same system that is
performing RSA operations.  Users that have only ECC cipher suites enabled
and are not performing RSA PKCS #1 v1.5 Decryption operations are not
vulnerable.  Also users with TLS 1.3 only connections are not vulnerable to
this attack.  Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham
(University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir
(Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of
Adelaide and Data61) for the report.

The paper for further reading on the attack details can be found at
http://cat.eyalro.net/cat.pdf

Drop now upstreamed patch.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

minizip: bump to version 2.8.2

- libbsd is now an optional dependency as HAVE_ARC4RANDOM_BUF is not
  always defined since version 2.7.1 and:
  https://github.com/nmoinvaz/minizip/commit/c73ef6e69b320349604c620bc429c461de8659af
- openssl is an optional dependency since version 2.7.0 and:
  https://github.com/nmoinvaz/minizip/commit/e5a5617a7c765858c1ed6fb0d40b6a750ff10131
- libiconv is an optional dependency since version 2.7.1 and:
  https://github.com/nmoinvaz/minizip/commit/6209991d6be5b070fb92d2aca6ed668c3db0829f

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libserial: fix build on sparc

On certain architectures (namely Sparc), the maximum baud rate exposed
by the kernel headers is B2000000. Therefore, the current libserial
code doesn't build for the Sparc and Sparc64 architectures due to
this.

In order to address this problem, this patch tests the value of
__MAX_BAUD. If it's higher than B2000000 then we assume we're on an
architecture that supports all baud rates up to B4000000. Otherwise,
we simply don't support the baud rates above B2000000.

Fixes build failures such as:

SerialPort.cpp: In member function 'int LibSerial::SerialPort::Implementation::GetBitRate(const LibSerial::BaudRate&) const':
SerialPort.cpp:1226:14: error: 'BAUD_2000000' is not a member of 'LibSerial::BaudRate'
case BaudRate::BAUD_2000000:

Fixes:
- http://autobuild.buildroot.org/results/63ba95b6786464fa8e75af64593010df84530079

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-abrmd: S80tpm2-abrmd: create pid file at startup

The start-stop-daemon invocation to start abrmd was missing the -m (make
pidfile) option, causing stop to fail.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-abrmd: fix build with BR2_FORTIFY_SOURCE_1

The configure script passes -U FORTIFY_SOURCE -D FORTIFY_SOURCE=2 by
default, which conflicts with BR2_FORTIFY_SOURCE_1 as -Werror is used:

<cross>-gcc .. -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 .. -D_FORTIFY_SOURCE=1
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]

Disable this so the FORTIFY_SOURCE flags in TARGET_CFLAGS (if any) is used
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-abrmd: do not enforce -fstack-protector-all

Stack protection is now controlled Buildroot wide with the BR2_SSP_*
options, so disable the explicit -fstack-protector-all so the SSP logic in
the toolchain wrapper is used instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-tools: always disable hardening options

Building with --enable-hardening (the default), forces -fstack-protector-all
/ FORTIFY_SOURCE=2. These options are now controlled Buildroot wide with
the BR2_SSP_* / BR2_FORTIFY_SOURCE_* options. Disable hardening so the
ssp/fortify settings in the toolchain wrapper / CFLAGS is used instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-tss: fix build with BR2_FORTIFY_SOURCE_1

The configure script passes -U FORTIFY_SOURCE -D FORTIFY_SOURCE=2 by
default, which conflicts with BR2_FORTIFY_SOURCE_1 as -Werror is used:

<cross>-gcc .. -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 .. -D_FORTIFY_SOURCE=1
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]

Disable this so the FORTIFY_SOURCE flags in TARGET_CFLAGS (if any) is used
instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

tpm2-tss: do not enforce -fstack-protector-all

Stack protection is now controlled buildroot wide with the BR2_SSP_*
options, so disable the explicit -fstack-protector-all so the SSP logic in
the toolchain wrapper is used instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/systemd: add upstream fix for CVE-2018-16865

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/systemd: add upstream fix for CVE-2018-16864

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/glib-networking: bump to 2.58.0

In 2.56.1 (when tested in a namespace sandbox that restricted what
the build could see on the host system), it was discovered that the
glib-networking build would check in /etc for the Certificate Authority
files. The newer version of this package no longer tests the build time
location of the Certificate Authority and resolves these build failures.

Fixes:
http://autobuild.buildroot.net/results/8f8/8f83be0c21c21c07d5a7330f3626b739b1970625
(and others http://autobuild.buildroot.net/?reason=glib-networking-2.56.1)

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dash: Create $(TARGET_DIR)/bin before install

The build fails because $(TARGET_DIR)/bin folder may not exist if for
example to use the following defconfig:

BR2_x86_64=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_16=y
BR2_SYSTEM_BIN_SH_DASH=y
BR2_TARGET_GENERIC_GETTY_PORT="tty1"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.16.7"
BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="board/qemu/x86_64/linux.config"
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_S6_LINUX_INIT=y
BR2_TARGET_ROOTFS_EXT2=y

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[Peter: use install -D]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

sunxi-cedarx: needs -fPIC

Fixes:
- http://autobuild.buildroot.org/results/c17062e1558f26c2db837883a0c33ef39dd031a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rtc-tools: new package

This package contains a set of tools to manipulate RTC devices. They
are written and maintained by the RTC subsystem Linux kernel
maintainer, Alexandre Belloni.

Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-setuptools: add comment about python3-setuptools

As suggested by Arnout, add a comment to indicate that the version of
python-setuptools must be kept in sync with python3-setuptools.

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/manual: standardize a bit more the formatting of commit titles

Currently, our commit titles are not very well standardized, and it
would be great to standardize them a little bit more. A number of
people use "<pkg>: " as prefix, others use "package/<pkg>: ". Some
people start the rest of the commit title (after the prefix) with an
upper-case letter, some with a lower-case letter.

In an attempt to standardize this, this commit updates the manual with
some examples of good commit titles.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Carlos Santos <casantos@datacom.com.br>
Acked-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gnupg2: security bump to version 2.2.12

Fixes CVE-2018-1000858: Cross Site Request Forgery with arbitrary HTTPS
GET requests via HTTP redirect.

https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libassuan: bump to version 2.5.2

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgpg-error: bump to version 1.33

The syscfg header name is now based on the target triplet, with the
vendor part set to "unknown". The symlink approach no longer works since
we use "buildroot" for the vendor part. Override the target host
configure parameter to match the build system expectation.

The x86 header vendor part has been renamed to "unknown" as well.
Account for that in BR2_PACKAGE_LIBGPG_ERROR_SYSCFG.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

whois: bump to version 5.4.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libidn2: bump to version 2.1.0

Update hash for COPYING because a typo was fixed:
https://gitlab.com/libidn/libidn2/commit/de46ee648a56a87904ff42590064289c1f984e23

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ccache: bump to version 3.6

License update - a year bump.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openpowerlink: bump to version 2.7.1

Remove upstream patch.
While at it, switch to https.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ltp-testsuite: drop AUTORECONF = YES

Patch 0002-statx-fix-compile-errors.patch has been dropped, so autoreconf is
no longer needed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ltp: Bump version 20190115

Drop statx patch as it's included in this release.

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/grep: bump to version 3.3

Update license file hash; URLs changed from http to https.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

syslog-ng: fix build on m68k with uclibc

uclibc on m68k defines pthread_spinlock_t but does not define
pthread_spin_trylock so check for this function before using it

Fixes:
- http://autobuild.buildroot.org/results/0a6de11c030a4f39e402917809fc6d33fb463d1b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libinput: drop C++ dependency

The meson C++ dependency is only used for a build-time header
inclusion test, add patch dropping hard meson C++ dependency
and build the header inclusion test only in case C++ compiler
is available.

Fixes [1]:

  The Meson build system
  Version: 0.49.0
  Source dir: .../build/libinput-1.12.5
  Build dir: .../build/libinput-1.12.5/build
  Build type: cross build
  Project name: libinput
  Project version: 1.12.5
  Native C compiler: cc (gcc 4.8.4 "cc (Ubuntu 4.8.4-2ubuntu1~14.04.4) 4.8.4")
  Cross C compiler: .../host/bin/riscv64-buildroot-linux-gnu-gcc (gcc 7.4.0)

  meson.build:1:0: ERROR:  Unknown compiler(s): [['.../host/bin/riscv64-buildroot-linux-gnu-g++']]
  The follow exceptions were encountered:
  Running ".../host/bin/riscv64-buildroot-linux-gnu-g++ --version" gave "[Errno 2] No such file or directory: '.../host/bin/riscv64-buildroot-linux-gnu-g++': '.../host/bin/riscv64-buildroot-linux-gnu-g++'"

[1] http://autobuild.buildroot.net/results/bf4d3d360f635c3524a52b84a72d558770596ed0

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openssh: add upstream security fix

Fixes CVE-2018-20685: The scp client allows server to modify permissions
of the target directory by using empty ("D0777 0 \n") or dot ("D0777 0
.\n") directory name.

The bug reporter lists a number of related vulnerabilities that are not
fixed yet:

https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mesa3d: override dri path

Since the bump to 1.5.3, the behavior of pkg-config has slightly
changed. Like it used to behave before this bump, a few paths (libdir,
includedir, etc.) are prefixed by the sysroot, and other paths are
not. However, the behavior changes when a path, such as dridriverdir,
is defined in terms of ${libdir}.

With the older pkg-config, dridriverdir was not sysroot-prefixed.

With the new pkg-config, it will be sysroot-prefixed, because
pkg-config really resolved the value of libdir, which is
sysroot-prefixed. dridriverdir is used on the target and not at build
time, so we don't want it to be sysroot-prefixed.

As reported by #11591, the xerver fail to load dri modules (r600_dri.so):

>From Xorg.0.log:
(EE) AIGLX error: dlopen of /full/path/to/sysroot/usr/lib/dri/r600_dri.so failed (/full/path/to/sysroot/usr/lib/dri/r600_dri.so: cannot open shared object file: No such file or directory)
(II) GLX: no usable GL providers found for screen 0

That's because the xserver hardcode the dri divers directory path in
DRI_DRIVER_PATH which come from
dridriverdir=`$PKG_CONFIG --variable=dridriverdir dri`

We can see in dri.pc that dridriverdir use libdir which is now prefixed
by the sysroot by pkgconf 1.5.3:

prefix=/usr
exec_prefix=/usr
libdir=${exec_prefix}/lib
includedir=${prefix}/include
dridriverdir=${libdir}/dri

Since we can't rely on pkgconf anymore, use
--with-dri-driverdir="/usr/lib/dri" to use explicitly "/usr/lib/dri"
instead of relying on dri.pc.

Tested using TestGlxinfo test from:
http://patchwork.ozlabs.org/patch/1021669/

Fixes:
https://bugs.buildroot.org/show_bug.cgi?id=11591

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: drop double quotes in path, rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libserial: bump to version 1.0.0

- Move site to github
- Add gcc >= 5 dependency for C++14:
  https://github.com/crayzeewulf/libserial/commit/cafeffaa60f23012675d908b1e13b89aad3b56b2
- Remove first patch and use --without-python instead
- Remove second patch (patch has been merged in 2015:
  https://github.com/crayzeewulf/libserial/commit/47ca0621ccd2100e4ba0d7f4e2a861d14f05f63c)
- Add a new patch to fix build when size_t is an unsigned int
- Use new --disable-tests option
- Update license to BSD-3-Clause and replace COPYING by LICENSE.txt:
  https://github.com/crayzeewulf/libserial/commit/3f12abc045aae34a40a6fc9a9b5ed0a1bc6b2049
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tesseract-ocr: bump to version 4.0.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xapian: bump to version 1.4.9

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/webp: bump to version 1.0.1

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/leptonica: bump to version 1.77.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mutt: bump to version 1.11.2

Remove patch (rejected upstream:
https://gitlab.com/muttmua/mutt/merge_requests/25), an other solution
has been preferred:
https://gitlab.com/muttmua/mutt/commit/78db40f25c6479b14da5a73adf7207bfbec5ccc5). This
other solution doesn't require pkg-config, so we can drop the
host-pkgconf dependency.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-numpy: fix fenv build failure on ARC with glibc

Building python-numpy on ARC with glibc fails due to missing FE_*
definitions in <fenv.h>. These exceptions are not supported by
ARC architecture. Let's add patch, which disables compilation
of a part of the code in which FE_* errors occur for ARC.

ARCompact toolchain issues are already fixed in the latest toolchain.
Also since commit "311af5e8c2db887800639bc803c8201b6b70e9ce"
("toolchain/toolchain-buildroot: enable glibc for all little-endian
ARCs with atomic ops") glibc is available for ARCompact.
That is why in Config.in we are leaving only "BR_arc" and
removing comments, which are not actual.

Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/iozone: bump to version 3_483

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/zbar: switch to linuxtv zbar fork

The zbar upstream previously used has been abandoned since 2012.
The linuxtv fork appears to be the most actively maintained fork.
Removed all patches which are merged upstream or fixed upstream.
Changed configure flags to match new upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/hiredis: bump to version 0.14.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/i2pd: bump to version 2.22.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/fdk-aac: bump to version 2.0.0

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

packag/fdk-aac: enable for aarch64

Support for this architecture was added in upstream commit
1d686c3a23f3ae286ef964ab62199be96e4ad1dc.

Take this opportunity to reformat how the
BR2_PACKAGE_FDK_AAC_ARCH_SUPPORTS option is described.

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
[Thomas: reformat BR2_PACKAGE_FDK_AAC_ARCH_SUPPORTS option.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cryptopp: bump to version 8.0.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/fwts: add optional bash-completion dependency

fwts uses the completionsdir variable from bash-completion.pc to decide
where to install things.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/haproxy: bump to version 1.9.1

Remove patch and tweak haproxy.mk to adapt pcre-config/pcre2-config
workaround with upstream solution.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/boinc: bump to version 7.14.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lxc: bump to version 3.1.0

Remove both patches (already in version) and so drop
LXC_AUTORECONF = YES.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/boost: bump to version 1.69.0

- Remove fifth patch (already in version)
- Remove BR2_PACKAGE_BOOST_SIGNALS as signals is now removed. Its
removal was announced in 1.68 and its deprecation was announced in
1.54. Users are encouraged to use Signals2 instead.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cc-tool: drop BR2_PACKAGE_BOOST_SIGNALS select

cc-tool depends on signals2 not signals, indeed only signals2 is used
in src/data/progress_watcher.h and BOOST_SIGNALS defined in
m4/boost.m4 is never used in configure.ac.

There is no need to select any sort of BR2_PACKAGE_BOOST_SIGNALS2
option, as signals2 is a header-only boost library, and such
header-only boost libraries do not have any Config.in options, as they
are all always installed with the base boost library.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: tweak commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/syslog-ng: depend on !BR2_STATIC_LIBS

Upstream now unconditionally requires dlfcn.h:
- https://github.com/balabit/syslog-ng/commit/01258e56abc5804f8ea977ff9ab98cc8e2fd4702

Fixes:
- http://autobuild.buildroot.net/results/c0bca852e053cd0e021205b3a949e750ae602333

Signed-off-by: Chris Packham <judge.packham@gmail.com>
Reviewed-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lxc: add optional dependency to bash-completion

lxc uses the completionsdir variable from bash-completions.pc to decide
where to install things.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/geoip: bump to version 1.6.12

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/Makefile.in: set -fno-dwarf2-cfi-asm for m68k_cf

Another package (libsquish) is affected by the
"Internal error in emit_expr_encoded at dw2gencfi.c:215".

This error already affects 5 packages and is due to binutils, see:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79509

No report has been made to binutils yet however as suggested by Yann
during review of woff2 workaround
(https://patchwork.ozlabs.org/patch/911344/), remove the workarounds
from all these packages and put it in package/Makefile.in

Fixes:

http://autobuild.buildroot.org/results/77e06c092f4e7804dc166e259b25e779e5f1e83a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/zeromq: bump to version 4.3.1

Remove the patches as they're already on upstream.
As a consequence, no need to autoreconf anymore.
Also added license hashes.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aiohttp: bump to version 3.5.4

License change - a year bump.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cjson: bump to version 1.7.10

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pyyaml: security bump to 4.2b4

Fixes CVE-2017-18342: In PyYAML before 4.1, the yaml.load() API
could execute arbitrary code.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-engineio: bump to version 3.2.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-crossbar: bump to version 19.1.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-autobahn: bump to version 19.1.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/keepalived: fix if.h namespace collision

Fixes:
- http://autobuild.buildroot.org/results/d229602f2e477499c86567e0e8a3535513d322e8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/website/sponsors.html: Zillabit webserver does not support HTTPS

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website/sponsors.html: add Zillabit as sponsor of the buildroot.org domain

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/asterisk: needs threads

Fixes:
- http://autobuild.buildroot.org/results/85d30a4f94efa868a9155f7dda593ba8079063b5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/systemd: fix build with older kernels

Fixes:
- http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rauc: version bump to 1.0

For details see [1].

This bump also deleted the two patch files for the RAUC package. These
were related to eMMC support being made optional, and workaround for
olde kernel. Both of these patch sets have been merged into upsteam in
the rauc git repos.

Older kernel workaound:
https://github.com/rauc/rauc/commit/993b698c48789baea51f8b7c47b1e057ba328033#diff-b3a0044e6a3b6a8b16933e72f416c8f1

Make eMMC selectable:
https://github.com/rauc/rauc/commit/f85d1cab07376c7680ef4d9e45a6baf345e24e37#diff-365367c8cde56aafd5cbad767e1c9738

[1] https://github.com/rauc/rauc/releases/tag/v1.0

Signed-off-by: David J Fogle <dave@exitstrategytech.com>
[Thomas: drop AUTORECONF = YES, no longer needed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

{linux, linux-headers}: default to 4.19.x

4.20.x is not a long term support kernel, but 4.19.x is (supported until end
2020):
https://www.kernel.org/category/releases.html

With the upcoming Buildroot 2019.02 release being a LTS release, default to
4.19.x instead.

Notice: The userspace API breakage in net_stamp.h causing build failures has
now been fixed in 4.19.14 by commit e4a2ffe9029fd (net: Use
__kernel_clockid_t in uapi net_stamp.h)

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas: add comment in linux/Config.in and
package/linux-headers/Config.in.host so that we don't mistakenly bump
to 4.20+.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/atk: fix static build

Use library instead of shared_library to allow the user to build a
static libatk library

Fixes:
- http://autobuild.buildroot.org/results/347a37dd2585974bdbf3bf99158e8ee9127d1202

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php-ssh2: fix build with php 7.3.0

Retrieve upstream patches to fix build with php 7.3.0

Fixes:
- http://autobuild.buildroot.org/results/e3b2a72e1f7f776c30a52bb98bb47c04d0b4919b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/motion: bump to version 4.2.1

Remove patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gnuchess: bump to version 6.2.5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/shim: new package

This commit adds a package for 'shim', an EFI bootloader for secure
boot chain loading.

While gnu-efi supports 32bit ARM, this is currently broken in shim.

Patches to fix this have been submitted upstream but are not included
here for now.

https://github.com/rhboot/shim/pull/162

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Thomas: use BR2_PACKAGE_GNU_EFI_ARCH_SUPPORTS, add separate depends
on to exclude ARM32 build.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gnu-efi: introduce BR2_PACKAGE_GNU_EFI_ARCH_SUPPORTS option

This will be used in packages that depend on gnu-efi, and we take this
opportunity to propagate this dependency where it was missing in
gummiboot and syslinux. In practice, it was not a problem because
gummiboot and syslinux are only available on i386 and x86-64, which is
a subset of the architectures supported by gnu-efi.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>