Thomas Petazzoni [Thu, 12 Apr 2018 11:50:09 +0000 (13:50 +0200)]
support/scripts/fix-rpath: exclude /lib/firmware in the target
The /lib/firmware directory contains random firmware for various
devices. It happens that some of them might be or appear to be ELF
files, but they shouldn't be checked by fix-rpath. For example, one of
the Qualcomm VPU firmware file appears to be an ELF file, but patchelf
isn't happy about it:
Even though patchelf definitely shouldn't crash, it anyway doesn't
make sense to check ELF files in /lib/firmware, so let's exclude this
directory from our check.
AddLLVM.cmake adds $ORIGIN/../lib to the RPATH of llvm binaries. This
causes a problem when llvm-config built for the host, installed in
STAGING_DIR, is executed under the following conditions:
* Target architecture same as host architecture (normally x86_64)
* Target's libc different from host's libc (normally glibc)
llvm-config will try to link with the target's libc, resulting in:
./llvm-config: error while loading shared libraries: libc.so.0: cannot open shared object file: No such file or directory.
To avoid this, we simply add pass
-DCMAKE_INSTALL_RPATH="$(HOST_DIR)/lib" in HOST_LLVM_CONF_OPTS.
Removed DTV_SCAN_TABLES_FIX_NONASCII_FILENAMES, not needed anymore
after upstream commit
https://git.linuxtv.org/dtv-scan-tables.git/commit/?id=9481e7c283d3bad69a0440b26a75ab0d16ccdf68
In case the git backend gets killed right in-between it finished
initialising the repository, but before it could add the remote,
we'd end up with a repository without the 'origin' remote, so we
would not be able to change its URL.
Another case that may happen (like in the build failure, below),
is that the repository was initialised with a previous version
of Buildroot, before the commit e17719264b (download/git: don't
require too-recent git) was applied, and that trepository was
still lying around...
output/build/llvm-5.0.1/include/llvm/Support/ConvertUTF.h:203:53:
error: ‘std::wstring’ has not been declared
bool ConvertUTF8toWide(llvm::StringRef Source, std::wstring &Result);
James Byrne [Mon, 9 Apr 2018 16:08:01 +0000 (17:08 +0100)]
Makefile: avoid executing 'git log' each time SOURCE_DATE_EPOCH is used
If SOURCE_DATE_EPOCH is not defined it was given a definition that
caused 'git log' to be executed each time the variable is referenced,
which is not very efficient given that the answer cannot change.
This commit moves the definition of BR2_VERSION_GIT_EPOCH after the
inclusion of Makefile.in (so that GIT is defined) and makes it a
simply expanded variable so that it is only evaluated once.
Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.
Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.
Chris Brandt [Sat, 7 Apr 2018 13:35:42 +0000 (08:35 -0500)]
package/cramfs: change to new site location
As of Linux-4.15, cramfs now has a official maintainer again.
Additionally, that person is hosting and maintaining a new version of
cramfs-tools.
Patches 0001-endian.patch and 0003-fix-missing-types.patch are no longer
needed because they have been upstreamed.
However, since patch 0002-cygwin_IO.patch is so old, it is being
removed until someone that needs it can reapply and test it. At
that point, they should submit the changes to the new cramfs-tools
maintainer instead of adding the patches back here.
Please note that cross-endian support for cramfsck is not supported
at this time.
Passing the Buildroot make variable UCLIBC_EXTRA_CFLAGS into the
UCLIBC_EXTRA_CFLAGS fed into uClibc's make environment therefore no
longer makes sense. Therefore, just pass $(TARGET_ABI).
The HOST_GCC_COMMON_WRAPPER_TARGET_FLOAT_ABI variable was incorrectly
used as HOST_GCC_COMMON_WRAPPER_TARGET_FLOATABI_, which would always
be empty.
In practice, this block of code is only used on Blackfin (which has
BR2_GCC_ARCH_HAS_CONFIGURABLE_DEFAULTS unset) and Blackfin doesn't use
float-abi, so this block of code is in fact useless. But even if it's
useless, it's better to have it without typos.
This variable was added as part of an EGL i.MX6 workaround in commit
(7e9f459adf), but appears to currently be abandonded and unused. Remove the use
of the variable.
libbsd: add upstream patch to fix musl build issue
Commit d879be3049598f35d7b959784e1a6c2811ba2036 enabled the build for non-glibc
toolchains and added a patch from upstream to fix one remaining build issue
with musl.
The upstream patch defines the glibc specific macro `__GLIBC_PREREQ` in
`include/bsd/sys/cdefs.h`, but the patch does not include this header
file in `include/bsd/stdlib.h` which uses the macro.
Upstream did committed an earlier patch which adds this header inclusion
to `include/bsd/stdlib.h`. So, add this upstream patch as well to fix a
build error when building the hcitop tool from the not yet added package
bluez-alsa.
Note, that the upstream patch address the issue that `<sys/cdefs.h>` is
a non-portable header. However, this is not the issue which needs to be
fixed by this patch, but solely the needed inclusion of the
`include/bsd/stdlib.h` header file, to see the definition of
`__GLIBC_PREREQ`.
Where _estrdup is the actual function implemented by the PHP core. If
this header file is not included, and some code uses estrdup, one ends
up with an undefined reference. This happens when libexpat support is
enabled. This commit adds a PHP patch that fixes this issue. The patch
has been submitted upstream through a Github pull request.
Commit 2759ba03979 (liblo: disable werror to fix build issues) tried to
fix the issue by passing --disable-werror, but this is not a recognised
option.
André Hentschel [Sat, 7 Apr 2018 12:59:03 +0000 (14:59 +0200)]
wireshark: bump version to 2.2.14 (security)
Security fixes since 2.2.12:
- wnpa-sec-2018-15
The MP4 dissector could crash. (Bug 13777)
- wnpa-sec-2018-16
The ADB dissector could crash. (Bug 14460)
- wnpa-sec-2018-17
The IEEE 802.15.4 dissector could crash. (Bug 14468)
- wnpa-sec-2018-18
The NBAP dissector could crash. (Bug 14471)
- wnpa-sec-2018-19
The VLAN dissector could crash. (Bug 14469)
- wnpa-sec-2018-20
The LWAPP dissector could crash. (Bug 14467)
- wnpa-sec-2018-23
The Kerberos dissector could crash. (Bug 14576)
- wnpa-sec-2018-05
The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335
- wnpa-sec-2018-06
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.
- wnpa-sec-2018-07
The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334
- wnpa-sec-2018-09
The FCP dissector could crash. Bug 14374, CVE-2018-7336
- wnpa-sec-2018-10
The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320
- wnpa-sec-2018-11
The pcapng file parser could crash. Bug 14403, CVE-2018-7420
- wnpa-sec-2018-12
The IPMI dissector could crash. Bug 14409, CVE-2018-7417
- wnpa-sec-2018-13
The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418
- wnpa-sec-2018-14
The NBAP disssector could crash. Bug 14443, CVE-2018-7419
When a package contains a relative symlink which first component is '..'
(thus pointing one directory higher), for example package 'meh' contains
this symlink:
foo/bar -> ../buz
then it would be stored as 'meh-version./buz' because of the
transform-name pattern replacement.
Update the ZEROMQ_SITE with the active repository.
Remove the two patches because they were both applied on zeromq.
As a result, the ZEROMQ_AUTORECONF was removed.
Since the bump of libglib2 to 2.56.0, it fails to build on uClibc with:
gthreadedresolver.c: In function 'do_lookup_records':
gthreadedresolver.c:875:16: error: 'res' undeclared (first use in this function); did you mean '_res'?
res_nclose (&res);
^~~
_res
This commit adds an upstream patch that fixes this problem.
This is a required component to complete the configuration. It also makes sense
to add ubifs so that this board can be flashed with the board/atmel/flasher.sh
script.
Signed-off-by: Romain Naour <[email protected]>
[Thomas: mention the libunwind dependency as being needed for 'strace
-k' in the Config.in help text, as suggested by Thomas De
Schampheleire.] Signed-off-by: Thomas Petazzoni <[email protected]>
Martin Bark [Sat, 24 Mar 2018 14:10:15 +0000 (14:10 +0000)]
package/rpi-bt-firmware: change to LibreELEC github repo
Include BCM4345C0.hcd for the rpi3 b+
Signed-off-by: Martin Bark <[email protected]>
[Thomas: rebase on master, use make foreach loop instead of shell for
loop.] Signed-off-by: Thomas Petazzoni <[email protected]>
Martin Bark [Sat, 24 Mar 2018 14:10:14 +0000 (14:10 +0000)]
package/rpi-firmware: improve installation of dtb files
Don't list specific dtb files, instead install all dtb files in the same
way as dtbo files are currently done.
Signed-off-by: Martin Bark <[email protected]>
[Thomas: use make foreach loop instead of shell for loop.] Signed-off-by: Thomas Petazzoni <[email protected]>
Martin Bark [Sat, 24 Mar 2018 14:10:12 +0000 (14:10 +0000)]
configs/raspberrypi*: bump kernel version
Now based on 4.14.29 (from 4.9.79)
Signed-off-by: Martin Bark <[email protected]>
[Thomas: adjusted on top of Yann E. Morin changes to use a tarball
instead of a git clone.] Signed-off-by: Thomas Petazzoni <[email protected]>
This package contains a kernel module from Intel, which could only be
used together with Intel userspace tools provided under NDA, which
also come with the same kernel module. The copy of the kernel module
available on SourceForge is only provided to comply with the GPLv2
requirement. Intel engineers were even surprised it even built and
were not willing to make any effort to fix their tarball naming to
contain a version number. Therefore, it does not make sense for
Buildroot to provide such a package.
See https://sourceforge.net/p/e1000/bugs/589/ for the discussion.
Signed-off-by: Thomas Petazzoni <[email protected]> Acked-by: Carlos Santos <[email protected]> Acked-by: Romain Naour <[email protected]>
[Thomas:
- remove double "only" noticed by Carlos
- fix typo packaged -> package noticed by Romain
- fix check-package warning noticed by Ricardo] Signed-off-by: Thomas Petazzoni <[email protected]>
board/atmel: use correct sam-ba binary in flasher.sh script
Instead of using the install of sam-ba under host/opt directly, use the symlink
created in host/bin. The side effect of doing this instead allows the correct
sam-ba binary to be used based on the host arch being 32 bit or 64 bit.
Bump sama5d3xek to linux4sam_5.8. The 3 foundation components have their tags
changed (AT91Bootstrap, U-Boot, Linux kernel). This requires bumping the kernel
header version and u-boot dtc as well.
mesa3d: properly propagate the dependencies of BR2_PACKAGE_LLVM
We cannot simply select BR2_PACKAGE_LLVM, we need to take into account
all its dependencies. BR2_PACKAGE_LLVM_ARCH_SUPPORTS was already taken
into account, but not the other dependencies.
llvm: add dependency on !BR2_TOOLCHAIN_HAS_GCC_BUG_64735
LLVM uses std::shared_future, which until gcc 7.x isn't available on
architectures that don't provide lock-free atomics, see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64735.
Buildroot already has a BR2_TOOLCHAIN_HAS_GCC_BUG_64735 option to
handle such a case, so simply add this new dependency to LLVM. It will
make sure LLVM doesn't get built on ARMv5 platforms using a gcc older
than 7.x.
When the internal PCRE library of PHP is used, it tries to use a JIT
engine, which is only available on some architectures.
However, the mechanism used to disable JIT has changed in recent PHP
versions, and it now has a proper --without-pcre-jit option. Switch
over to that to properly disable JIT on unsupported platforms.
It has been tested to fix the build of PHP on ARC and Microblaze.
Since c8ef0c03b0b (download: put most of the infra in dl-wrapper), the
backend for local files is now named after the scheme, which is 'file'
for a local file.
>From the same commit on, the directory part and the basename are now
passed separately, to let the backend reconstruct the full path when it
needs to do so, which is the case for the 'file' backend too.
Finaly, ff559846fdc1 (support/download: Add support to pass options
directly to downloaders) introduced a nasty error, as it made use of
"${@}" when calling its internal function. Revert that mess now...
PIE breaks the build on m68k and Microblaze, so let's add a patch that
disables using PIE by default in keepalived. Obviously, when we start
seriously testing the BR2_RELRO_FULL option, we will realize that it
is broken on some architectures, and will probably disable it on m68k
and Microblaze.
We can drop 0001-Fix-build-with-Linux-kernel-headers-v4.15.patch as it
has been merged upstream, as of commit
https://github.com/acassen/keepalived/commit/a5457d3a1f579fef5825ffe841f1613b0014ff19.
projects / buildroot-mgba.git / log