git.libre-soc.org Git - buildroot.git/log

configs/mx53loco: Bump to 4.17 kernel

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: bump default to version 4.17

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux-headers: bump to 4.17 kernel version

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: add 4.17.x choice for headers

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

shadowsocks-libev: new package

Shadowsocks-libev is a lightweight secured SOCKS5 proxy for
embedded devices and low-end boxes.

https://github.com/shadowsocks/shadowsocks-libev

Signed-off-by: Min Xu <xuminready@gmail.com>
[Thomas:
- drop patch adding license file for libipset
- drop --disable-documentation, it's passed by autotools-package
- add entry in DEVELOPERS file
- pass --disable-ssp because the SSP check uses AC_COMPILE_IFELSE()
   so with some toolchains, it think SSP support is available, while
   it's not. And anyway we want SSP to be controlled by Buildroot
   global options, not on a per-package basis.
- add depends on BR2_USE_MMU, because the code uses fork().]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

dl-wrapper: Fix support for URIs containing '+'

'+' is a valid character in a url. The current dl-wrapper gets the
URI scheme by dropping everything after the last '+' character, with
the intension of finding 'git' from e.g. 'git+https://uri'.

If a uri has a '+' anywhere in it, it ends up using too much of the
string as a scheme, and fails to match the handler properly.

An example of where this form of URI is used is when using deploy tokens
in gitlab. It uses a form like https://<username>:<password>@gitlab.com/<group>/<repo.git>
where username for deploy token is of the form 'gitlab+deploy-token-<number>'.

Use the %% operator to search backwards until the last '+' character when
dropping the rest of the string as we know that the first '+'
in the string should be the scheme.

Signed-off-by: Robert Beckett <bbeckett@netvu.org.uk>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

wireshark: security bump to version 2.2.15

Fixes the following security issues:

CVE-2018-11362: LDSS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-25.html

CVE-2018-11357: Multiple dissectors could consume excessive memory
https://www.wireshark.org/security/wnpa-sec-2018-28.html

CVE-2018-11356: DNS dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-29.html

CVE-2018-11360: GSM A DTAP dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-30.html

CVE-2018-11358: Q.931 dissector crash
https://www.wireshark.org/security/wnpa-sec-2018-31.html

CVE-2018-11359: Multiple dissectors could crash
https://www.wireshark.org/security/wnpa-sec-2018-33.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add myself to some packages

Add my entry to cairo, liboping, libpfm4, libraw, libraw1394, libroxml,
librsvg, librsync, mbedtls and oprofile

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libnss: fix build without int128

Patch retrieved from upstream, more info here:
https://bugzilla.mozilla.org/show_bug.cgi?format=default&id=1459739

Fixes:
- http://autobuild.buildroot.net/results/093113829d7ce19d578a920e76caa10822774139

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

php-amqp: needs openssl support in rabbitmq-c

Since version 1.8.0, php-amqp needs a rabbitmq-c with openssl support:
https://github.com/pdezwart/php-amqp/issues/310

SSL support is disabled in rabbitmq-c if BR2_STATIC_LIBS is set however
don't add an unneeded !BR2_STATIC_LIBS dependency in Config.in as all
PHP External Extensions depends on !BR2_STATIC_LIBS
(see package/Config.in)

Fixes:
- http://autobuild.buildroot.net/results/b7c89bbbd0ca1df08dd7cbfc90c7b45dcf1fad05

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libroxml: bump to version 3.0.1

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libraw1394: bump to version 2.1.2

- Remove patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libraw: bump to version 0.18.11

- Remove all patches (already in version)
- Since version 0.18 (2016-12-07), there is no
  'LibRaw Software License 27032010' licensing anymore (and all signed
  agreements have expired). LibRaw is now dual-licensed: LGPL 2.1 or
  CDDL 1.0
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/docker: run apt-get update and apt-get install in two RUNs

In commit 7517aef4d (support/docker: limit the number of layers),
we reduced the number of layers by coalescing multiple RUN commands
into less commands.

In doing so, we especially coalesced "apt-get update" with "apt-get
install".

However, the distribution we used is a pinned version of stretch, so
we know that running apt-get update will always yield the same apt
database.

If we split the two apt-get commands, then we can re-use any local
intermediate image when we need to update the list of packages to
install; this helps quite a bit when testing the docker files over
and over again, with just slight variants in the packages list.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

librtas: bump to version 2.0.1

- Switch site to github
- Move to autotools infrastructure
- Remove patch (not needed anymore)
- Since version 1.4 (January 2016), license is now LGPL-2.1+
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: update my e-mail address

Signed-off-by: Zoltan Gyarmati <zgyarmati@zgyarmati.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

zmqpp: depends on exception_ptr

Fixes:
- http://autobuild.buildroot.net/results/20475346bfcb0cff019ad2e98a0e0ab432a6e5bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mesa3d: update patents.txt file hash

Google patent url has been updated with 18.1 mesa3d release [1].

Fixes:
http://autobuild.buildroot.net/results/00f/00fd8fbc1e89a29b60ed9c6906035dbe4f0a3eb8

[1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=ac731531a1e43e4fa3e10099380a3bba68d65bfd

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

cifs-utils: disable man page generation

Buildroot does not generate documentation for target.

This fixes the build on hosts where the rst2man command does not support
the --syntax-highlight parameter.

Fixes:
http://autobuild.buildroot.net/results/265/2655c0e1fa3ad0a10b4aed39a17feead94e47bfb/
http://autobuild.buildroot.net/results/92d/92d7c608f717bbfe01ecfb9bc9604cb303d8594c/
http://autobuild.buildroot.net/results/4b9/4b95404a89a595ca9c1e3df912169e9d36ff2bd7/

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

librtlsdr: fix static build

When bumping to version 0.5.4, first patch was wrongly removed.
Put back an enhanced version of this patch (sent upstream)

Fixes:
- http://autobuild.buildroot.net/results/bea78bf580be6fe109b827b72af9587c5324daad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

monit: bump to version 5.25.2

Bump the version and add hash for COPYING

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lxc: bump to version 3.0.1

Remove both patches (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

aircrack-ng: fix build on powerpc64 with libgcrypt

Retrieved patch from upstream:
https://github.com/aircrack-ng/aircrack-ng/issues/1874

Fixes:
- http://autobuild.buildroot.net/results/3d92343342b51e710765866d6dd9383d26ba98e7

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 18.1.1

Rebase the two patches on 18.1.1.
Convert 0001-musl.patch to git patch.

See:
https://lists.freedesktop.org/archives/mesa-dev/2018-June/196523.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mesa3d: fix typo in file hash

Fix typo introduced with the bump to 18.0.4.

Commit f18ca0e7bb0e522846296139cdf0f8039d7dca1c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

qemu: update defconfigs to Linux 4.16.7

All linux configs are renamed to a version neutral filename
to avoid further renaming on kernel bumps.

Defconfig               Kernel  Qemu            Network Status
--------------------------------------------------------------
aarch64_virt            4.16.7   2.12.0           YES     OK
arm_versatile           4.16.7   2.12.0           YES     OK
arm_versatile_nommu     4.16.7   2.12.0           YES     OK (3)
arm_vexpress            4.16.7   2.12.0           YES     OK
m68k_mcf5208            4.16.7   2.12.0           YES     OK
m68k_q800               4.16.7   q800-v2.11.0     NO (2)  OK
microblazebe            4.16.7   2.12.0           YES     OK
microblazeel            4.16.7   2.12.0           YES     OK
mips32r2el_malta        4.16.7   2.12.0           YES     OK
mips32r2_malta          4.16.7   2.12.0           YES     OK
mips32r6el_malta        4.16.7   2.12.0           YES     OK
mips32r6_malta          4.16.7   2.12.0           YES     OK
mips64el_malta          4.16.7   2.12.0           YES     OK
mips64_malta            4.16.7   2.12.0           YES     OK
mips64r6el_malta        4.16.7   2.12.0           YES     OK
mips64r6_malta          4.16.7   2.12.0           YES     OK
nios2-10m50             4.16.7   2.12.0           NO      OK
or1k                    4.16.7   2.12.0           NO      OK
ppc_g3beige             4.16.7   2.12.0           YES     OK
ppc_mpc8544ds           4.16.7   2.12.0           YES     OK
ppc_virtex_ml507        4.16.7   2.12.0           NO      OK
ppc64_pseries           4.16.7   2.12.0           YES     OK
ppc64le_pseries         4.16.7   2.12.0           YES     OK
ppc64_e5500             4.16.7   2.12.0           YES     OK
sh4                     4.16.7   2.12.0           YES     OK
sh4eb                   4.16.7   2.12.0           NO (1)  OK
sparc_ss10              4.16.7   2.12.0           YES     OK
sparc64_sun4u           4.16.7   2.12.0           YES     OK
x86                     4.16.7   2.12.0           YES     OK
x86_64                  4.16.7   2.12.0           YES     OK
xtensa_lx60             4.16.7   2.12.0           YES     OK
xtensa_lx60_nommu       4.16.7   2.12.0           YES     OK

(1) - Probably an endian issue with 8139 emulation/driver
(2) - There's a network interface, but enabling it in qemu fails
(3) - Kernel patch required, switched to devicetree usage

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libnss: remove upstream patch

The merge of the next branch failed to remove an upstream applied patch.

Fixes:
http://autobuild.buildroot.net/results/31f/31fe428584ada680f30d11e5d1abfbc533c0a70e/
http://autobuild.buildroot.net/results/bb2/bb25363497dfd7fd5f8a81c28110fab87d5c2dc8/
http://autobuild.buildroot.net/results/70a/70adacf85154d2a663808cf0db69849b6a490457/

Cc: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

librsync: bump to version 2.0.2

- Remove patch (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

dash: bump to version 0.5.10.2

Drop upstream patch.

Add license file hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ipset: bump to version 6.38

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

sysstat: bump to version 11.6.3

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

cairo: bump to version 1.15.12

- Remove second patch (LTO support removed since 1.14.0 in August 2014:
https://cgit.freedesktop.org/cairo/commit/?id=c7ff9bb32e20679d6da4e8a2856be716e5bd9e12
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

perl-libwww-perl: fix SITE

Fixes:
http://autobuild.buildroot.net/results/6f7745010ca589876a24d522bc0cb4a0dca26768/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Merge branch 'next'

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Kickoff 2018.08 cycle

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website/news.html: add 2018.05 announcement link

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2018.05

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: reword binutils 2.29+ comment

This issue only applies to kernels built with CONFIG_THUMB2=y, so reword the
comment to make that more clear.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: may fail to boot for binutils 2.29+ even without armv7m

Commit f13477b (linux: config.in: add comment for Arm Cortex-M) added a
comment so that the user that the linux kernel may miscompile with
binutils 2.29+, when the target is an armv7m CPU.

However, the real trigger is a compilation in thumb2 mode, which happens
to be the only option for armv7m CPUs.

We can't know whether the kernel will be built in arm or thumb2 mode,
though, because we do not have that information: it is only available in
the Linux' .config file, which we don;t have access to at the time we
run our menuconfig.

So, relax the conditions under which the comment is made, so that it
appears as soon as binutils are >= 2.29 (i.e. not 2.28, which is the
oldest we support) for ARM CPUs.

[Peter: reword comment]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/binutils: extend the 2.28 default to thumb mode

Commit 17f352ac (package/binutils: default to 2.29 for Cortex-M targets)
made the default version 2.28 (and not 2.29!) when the target is an
arm-v7m CPU.

However, the real trigger is compilation in Thumb mode, not the fact
that the target is v7m.

The fact that it was noticed on a v7m target is because Thumb is the
only mode valid on those CPUs.

Tighten the defaults to 2.28 for Thumb and Thumb2 modes.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Laurent GONZALEZ <br22@gezedo.com>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/clang: fix host-clang binaries

This patch fixes the following error when trying to execute clang compiler
(host-variant):

CommandLine Error: Option 'x86-use-base-pointer' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options

The same happens for the other binaries, such as clang-format:

./clang-format
: CommandLine Error: Option 'help-list' registered more than once!
LLVM ERROR: inconsistency in registered CommandLine options

Clang binaries are tools, and given that DLLVM_LINK_LLVM_DYLIB is set,
they are linked against libLLVM.so. The problem is that binaries are
also linking against some LLVM static libraries, resulting in the error
shown above. However, it is not the same case for libclang, which is also
a tool but links only against libLLVM.so.

To fix this problem, add LLVM_DYLIB_COMPONENTS=all.

Signed-off-by: Valentin Korenblit <valentin.korenblit@smile.fr>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/socrates_cyclone5: change over to current upstream releases

Since all cyclone5 development changes are upstream, change over to an
upstream release of the Linux kernel and u-boot for buildroot.

Signed-off-by: Florian La Roche <Florian.LaRoche@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ef94c736ec460e56b82a5a45819f7adce787d488)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Revert "configs/stm32f469: force usage of binutils 2.28.x"

This reverts commit 12049cc8b8972a9d0f1e27f1382cc5752d45312f.

Now that the binutils default has been changed for ARMv7M, this is no longer
needed.

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Revert "configs/stm32f429: force usage of binutils 2.28.x"

This reverts commit cbe43fd417d77f846f1ca47cdacd51a73be1aaec.

Now that the binutils default has been changed for ARMv7M, this is no longer
needed.

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: config.in: add comment for Arm Cortex-M

When binutils > 2.28 are selected on Arm Cortex-M cpu,
linux kernel does not boot due to a new implementation
of 'adr pseudo instruction' on binutils.

Bugzilla thread: https://bugs.busybox.net/show_bug.cgi?id=11051

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/binutils: default to 2.29 for Cortex-M targets

binutils 2.29 changed the implementation of adr pseudo instruction
it breaks linux kernel and impacts Cortex-M targets (eg. stm32)

[Peter: simplify Config.in logic, adjust message to make it clear this is
just a default]
Signed-off-by: Laurent GONZALEZ <br22@gezedo.com>
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

jpeg-turbo: add license details

- jpeg-turbo is covered by 3 licenses: IJG (libjpeg),
BSD-3-Clause (TurboJPEG) and Zlib (SIMD)
- Add README.ijg
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libjpeg: use SPDX short identifier

Use IJG instead of jpeg-license

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/expect: download tarball instead of cvs

More than 3 years after the 5.45.3 release, a tarball for that release
was uploaded to sourceforge.net. The differences between this tarball
and the CVS checkout are minimal:

- There are no CVS directories, of course, but we don't need them.
- File timestamps are different.
- expect.tests is missing, but we don't execute tests anyway.
- configure script is different, but we AUTORECONF anyway.
- 'fixcat' script is missing, but it is not called anywhere.

Since sourceforge.net has broken CVS downloads, now is a good time to
switch away from it.

While we're at it, add a hash file including license.

Fixes:
http://autobuild.buildroot.net/results/db3/db33d4fa507fb3b4132423cd0a7e25a1fe6e4105
http://autobuild.buildroot.net/results/b6d/b6d927dcc73ac8d754422577dacefff4ff918a5c
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78
http://autobuild.buildroot.net/results/127/1272a3aa3077e434c9805ec3034f35e6fcc330d4

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Fabio Porcedda <fabio.porcedda@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

download/cvs: add a 10 minute timeout

Apparently, CVS servers can be deadlocked and in that case clients will
retry connecting to them indefinitely. Cfr.
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78/build-end.log
Apparently, the sf.net CVS server got in such a deadlock on 2018-05-18,
and almost 2 weeks later it is still not fixed.

Instead of just hanging, we should fall back on BR2_SECONDARY_SITE. To
achieve this, it's sufficient to add a timeout to the CVS command.

The timeout value is of course arbitrary. However, we can assume that
nobody will be putting large projects under CVS any more. So if the
download takes more than 5 minutes, it's probably broken. Let's put the
timeout at 10 minutes then.

Fixes:
http://autobuild.buildroot.net/results/db3/db33d4fa507fb3b4132423cd0a7e25a1fe6e4105
http://autobuild.buildroot.net/results/b6d/b6d927dcc73ac8d754422577dacefff4ff918a5c
http://autobuild.buildroot.net/results/23d/23d1034b33d0354de15de2ec4a8ccd0603e8db78
http://autobuild.buildroot.net/results/127/1272a3aa3077e434c9805ec3034f35e6fcc330d4

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux-headers: bump 4.{1, 4, 9, 14, 16}.x series

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

xen: security bump to version 4.10.1

The 4.10.1 version brings a large number of fixes:

https://www.xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4101.html

Including a number of security fixes:

XSA-252: DoS via non-preemptable L3/L4 pagetable freeing (CVE-2018-7540)
XSA-253: x86: memory leak with MSR emulation (CVE-2018-5244)
XSA-254: Information leak via side effects of speculative execution
(CVE-2017-5753 CVE-2017-5715 CVE-2017-5754)
XSA-255: grant table v2 -> v1 transition may crash Xen (CVE-2018-7541)
XSA-256: x86 PVH guest without LAPIC may DoS the host (CVE-2018-7542)
XSA-258: Information leak via crafted user-supplied CDROM (CVE-2018-10472)
XSA-259: x86: PV guest may crash Xen with XPTI (CVE-2018-10471)

Also add a hash for the license file while we are at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openvmtools: depend on host-nfs-utils

host-nfs-utils provides the host rpcgen utility. This fixes the build on
recent Fedora systems that removed rpcgen from the glibc package.

Fixes:
http://autobuild.buildroot.net/results/e21/e219b8bacb52bb661eb6663b82f549ed941f26fe

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump default to version 4.16.13

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pillow: bump to version 5.1.0

This patch bumps python-pillow to version 5.1.0.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-can: bump to version 2.1.0

This patch bumps python-can to version 2.1.0.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: allow disabling packages affected by gcc bug 85180

Works around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85180 which
is an issue where the Microblaze architecture had code that caused a
infinite recursion while optimizing in versions of GCC earlier than
8.x. More BR discussion can be found on this thread.
http://buildroot-busybox.2317881.n4.nabble.com/autobuild-buildroot-net-Build-results-for-2018-04-25-td192721.html

Resolves:
http://autobuild.buildroot.net/results/b42d68c66d8ea035845a28c5530ef0682fd95713 (boost)
http://autobuild.buildroot.net/results/af976a4805fb8b3f0c17a8e3a1f901b2255caa0b (flare-engine)
http://autobuild.buildroot.net/results/d20/d20700bd538ba1e9d45ab8a61ecbbba1a320ef38 (gst-ffmpeg)

CC: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain-external: bump CodeSourcery NIOSII to 2018.05

Re-add BR2_TOOLCHAIN_HAS_SSP since the toolchain support SSP.

Tested with qemu_nios2_10m50_defconfig and Qemu 2.10.1-3.fc27 release.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

enlightenment: convert to pkg-meson infra

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

mpd-mpc: convert to pkg-meson infra

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

ncmpc: convert to pkg-meson infra

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

systemd: convert to pkg-meson infra

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libmpdclient: convert to pkg-meson infra

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

meson: prevent RPATH stripping

By default, Meson strips RPATH from the executable it builds [1,2],
unless explicitly set via install_rpath.

This will make support/scripts/check-host-rpath fail when building the
host variant of a Meson-based package.

So add a patch to prevent RPATH from being stripped if install_rpath is
not set and notify user about it.

[1] https://github.com/mesonbuild/meson/issues/2567
[2] https://github.com/mesonbuild/meson/issues/314#issuecomment-157658562

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/manual: document pkg-meson infra

Update documentation about adding meson-based packages with instructions for
using pkg-meson infrastructure.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

pkg-meson: new infrastructure

Add a new infrastructure to ease the development of packages that use Meson as
their build system.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Thomas:
- move global variables definition outside of the inner-meson-package
macro
- for consistency, remove double quote around value passed to meson
in the host configure step.
- minor formatting fixes.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gcc: switch to gcc 6.x as the default

Even if gcc 6 is still maintained for some time (gcc 6.5 is pending),
switch to gcc 7.x since it has been released since 2017-05-02 and
gcc 8.x is available since 2018-05-02.

We have been having toolchains in the autobuilders with gcc
7.x for a while, so the vast majority of the problems should have
already been solved.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain-external: add gcc 8 entry

This patch allows to use an external toolchain based on gcc 8.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gcc: add support for gcc 8.1.0

Remove 0860-cilk-fix-build-without-wchar.patch since cilk has
been removed from gcc.

Rebase 0900-remove-selftests.patch on gcc 8.1.0

Remove upstream patches 0001-m68k-coldfire-pr68467.patch and
0892-microblaze-Revert.patch.

Use bz2 release tarball only for gcc 4.9 since all other version
now use xz tarball.

Runtime tested on x86_64 with binutils 2.30, gcc 8.1.0,
kernel headers 4.14 and glibc 2.27.

Buildtime tested with glibc with all supported architectures.

Buildtime tested on x86_64 with musl and uClibc-ng

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: add gcc 8 entry

In order to add gcc 8 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_8 symbol.

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

arch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_8

This new symbol will be used by architectures introduced with gcc 8 and
by external toolchains based on gcc 8.

[1] https://gcc.gnu.org/gcc-8/changes.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

aircrack-ng: bump to version 1.2

- Remove patch (already in version)
- Add three patches (first one sent and merged upstream, second and
  third patchs retrieved upstream)
- Move to autotools-package
- Remove workaround for static handling of pthread as it isn't needed
  anymore
- Remove deactivation of libnl in static build as it isn't needed
  anymore
- Set libnl and zlib dependencies as optional and not mandatory
- Add duma and libgcrypt optional dependencies
- Update workaround for static handling of libpcap
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

kexec: bump to version v2.0.17

Also add license hash for "make legal-info".

Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/website/news.html: fix s/2018.05/2018.02/ typos

Reported-by: Andreas Naumann <dev@andin.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mono: bump to version 5.12.0.226

This patch bumps mono to version 5.12.0.226 and it's monolite dependency
to version 1051200002, doing so it removes also a couple of upstreamed
patches.
This new mono version requires also a different option for
managing aot, so this patch refactors also the configure options.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

git: security bump to version 2.16.4

Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:

* Submodule "names" come from the untrusted .gitmodules file, but we
   blindly append them to $GIT_DIR/modules to create our on-disk repo
   paths. This means you can do bad things by putting "../" into the
   name. We now enforce some rules for submodule names which will cause
   Git to ignore these malicious names (CVE-2018-11235).

   Credit for finding this vulnerability and the proof of concept from
   which the test script was adapted goes to Etienne Stalmans.

* It was possible to trick the code that sanity-checks paths on NTFS
   into reading random piece of memory (CVE-2018-11233).

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dash: don't build in paralle

dash has races in its Makefile, but upstream is not too keen in fixing
those, and just suggests that dash not be built in parallel:

    https://www.mail-archive.com/dash@vger.kernel.org/msg01675.html

Fixes:
    http://autobuild.buildroot.org/results/793/7934c815a3009af688c2f1183e67dfe542c9a009/
    http://autobuild.buildroot.org/results/fc4/fc4e4ab47455ac47dd4a3a60083cec2848e74dbb/
    http://autobuild.buildroot.org/results/6bf/6bfdd44ea5d55a6ca3ef92254eab18c7c0416b7b/
    [...]

Reported-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

log4cplus: needs gcc >= 4.8

log4cplus needs std::map::emplace

Fixes:
- http://autobuild.buildroot.net/results/ef0d8d7fae835ff555202f6de320945226ec00bf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

conntrack-tools: bump to version 1.4.5

Drop the musl workaround. musl can handle the suppression of conflicting
kernel headers definitions.

Add license file hash.

This bump fixes compatibility with newer versions of
libnetfilter_conntrack.

Fixes:
http://autobuild.buildroot.net/results/0ae/0aee137c9977e0fb33e7e557b75481780b90edcc/
http://autobuild.buildroot.net/results/9c1/9c178ec5ad84224a385c3184f09ea9b65867a302/
http://autobuild.buildroot.net/results/5e1/5e1ea89e01a9cc13bd384c97903e1726df6d2228/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libqrencode: bump to version 4.0.0

- Use new --with[out]-png option
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libpwquality: bump to version 1.4.0

- Remove both patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

usbutils: lsusb.py is for python 3.x only

usbutils version 010 converted the lsusb.py script to Python 3. Keep the
lsusb.py script on target only when Python 3.x is enabled.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

usbutils: bump to version 010

Add GPL-3.0 license for the lsusb.py script.

Update license file location.

The tar archive does not contain the license files from the git tree.
Add a patch adding the license files. This patch is not git formatted
because it only applies to the tar archive.

Upstream fixed tar archive generation for the next release.

Add license files hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/stm32f469: force usage of binutils 2.28.x

Fixes #11051

Due to runtime issue with the usage of binutils 2.29.x, we need to use the
version 2.28.x

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/stm32f429: force usage of binutils 2.28.x

Fixes #11051

Due to runtime issue with the usage of binutils 2.29.x, we need to use the
version 2.28.x

Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

glibc: security bump to latest 2.27 branch

Fixed issues are listed in the 2.27 branch NEWS file:

  CVE-2017-18269: An SSE2-based memmove implementation for the i386
  architecture could corrupt memory.  Reported by Max Horn.

  CVE-2018-11236: Very long pathname arguments to realpath function could
  result in an integer overflow and buffer overflow.  Reported by Alexey
  Izbyshev.

  CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
  architecture could write beyond the target buffer, resulting in a buffer
  overflow.  Reported by Andreas Schwab.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ethtool: bump to version 4.16

Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ca-certificates: bump version to 20180409

Update Mozilla certificate authority bundle to version 2.22.

The following certificate authorities were added (+):
  + "GDCA TrustAUTH R5 ROOT"
  + "SSL.com EV Root Certification Authority ECC"
  + "SSL.com EV Root Certification Authority RSA R2"
  + "SSL.com Root Certification Authority ECC"
  + "SSL.com Root Certification Authority RSA"
  + "TrustCor ECA-1"
  + "TrustCor RootCert CA-1"
  + "TrustCor RootCert CA-2"

The following certificate authorities were removed (-):
  - "ACEDICOM Root"
  - "AddTrust Low-Value Services Root"
  - "AddTrust Public Services Root"
  - "AddTrust Qualified Certificates Root"
  - "CA Disig Root R1"
  - "CNNIC ROOT"
  - "Camerfirma Chambers of Commerce Root"
  - "Camerfirma Global Chambersign Root"
  - "Certinomis - Autorité Racine"
  - "Certum Root CA"
  - "China Internet Network Information Center EV Certificates Root"
  - "Comodo Secure Services root"
  - "Comodo Trusted Services root"
  - "DST ACES CA X6"
  - "GeoTrust Global CA 2"
  - "PSCProcert"
  - "Security Communication EV RootCA1"
  - "Swisscom Root CA 1"
  - "Swisscom Root CA 2"
  - "Swisscom Root EV CA 2"
  - "TURKTRUST Certificate Services Provider Root 2007"
  - "TUBITAK UEKAE Kok Sertifika Hizmet Saglayicisi - Surum 3"
  - "UTN USERFirst Hardware Root CA"

Signed-off-by: Martin Bark <martin@barkynet.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/corkscrew: new package

Corkscrew is a tool for tunneling SSH through HTTP proxies

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas: add hash for license file, add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Update for 2018.05-rc3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libnice: add gstreamer support

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

arm-trusted-firmware: generate atf-uboot.ub image of bl31.bin

U-Boot SPL for the Xilinx ZynqMP SoCs needs ATF in this format to load
it.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/elf2flt: replace hard-links with copies to fix rpath

Do for elf2flt what we did for binutils: replace the hardlinks (which
break rpath handling) with copies of the individaul tools.

See previous commit (package/binutils: switch from symlinks to copies
and commit f9cffb6af4 (binutils: replace hard-links with soft-links to
fix rpath) for the complete story.

Fixes: #11031.
Reported-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

arm-trusted-firmware: simplify release dir path

The path to the binary images is very long. Since we are about to make
a larger use of it, let's use a variable to make it somewhat shorter.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/binutils: switch from symlinks to copies to fix rpath

Commit f9cffb6af464 (binutils: replace hard-links with soft-links to fix
rpath) has a side effect that when we build for a noMMU target, elf2flt
will in turn replace some of the programs installed by binutils, with
its own wrappers.

For example, it will rename host/TUPLE/bin/ld to ld.real, and add its
own wrapper in place of the original. It does the same for
host/bin/TUPLE-ld and host/bin/TUPLE-ld.real.

However, we had already made ld a symlink to ../../bin/TUPLE-ld, so
host/TUPLE/bin/ld.real will still point to host/bin/TUPLE-ld when we
want it to point to ld.real instead...

This ultimately confuses gcc later on.

Of course, the culprit is also elf2flt, which also installs similar
hardlinks that would ultimately exhibit the same rpath issue as the
one fixed by f9cffb6af464. Note: we haven't had an issue so far with
that, because those tools installed by elf2flt only link with libz,
which is most often present on the host system. So, all seem well,
but is nonetheless broken; this will be fixed in a subsequent commit.

But back on topic. If we were to fix elf2flt with similar symlinks,
gcc still gets confused. The underlying reason for this confusion is
not entirely clear, though... It looks like something is trying to
dereference symlinks and gets confused by the result somehow...

So, in an attempt to restore some sanity in all this mess, we try to
restore the previous behaviour, we no longer use symlinks but just copy
the individual tools.

Fixes: #11031.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/socrates_cyclone5: change over to current upstream releases

Since all cyclone5 development changes are upstream, change over to an
upstream release of the Linux kernel and u-boot for buildroot.

Signed-off-by: Florian La Roche <Florian.LaRoche@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

poppler: link with libatomic when needed

Following errors might occur on architectures required to use gcc libatomics:
sparc-buildroot-linux-uclibc/sysroot/lib/libatomic.so.1: error adding symbols: DSO missing from command line

This is often the case for sparcv8 32 bit toolchains.

See 55a9d6d55888b04ec6c476399e5b98a2412995f5 and 03f6e005e6a9617767b24a9026da9477848020cc.

Fixes:
http://autobuild.buildroot.net/results/64a96663a48ab644bc03c9a3ec2d6a644119dee6
http://autobuild.buildroot.net/results/82e85e12478fc1972b70ad728ed7c1554920c9e3

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump Linux CIP to v4.4.130-cip23

This patch bump the Linux CIP kernel to version v4.4.130-cip23

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

chrony: S49chrony: drop /etc/chrony.conf check

With CHRONY_ARGS in /etc/default/chrony, chrony may asked to use an
alternative configuration file (with the -f option), so drop the explicit
/etc/chrony.conf check.

In case the configuration file isn't present chrony will anyway loudly
complain which is preferable to this silent failure:

chronyd -f /non/existing/file.conf
Could not open configuration file /non/existing/file.conf : No such file or directory

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

chrony: S49chrony: support a defaults file

For specifying custom options to chrony.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>