aespipe-v2.4g October 23 2023
- Added configure script autodetection for -fno-strict-aliasing compile
flag. This option is needed with some compilers that miscompile code
when link-time-optimization is used.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop patches (already in version)
- C++14 is mandatory since version 7.1.0
https://github.com/DOCGroup/ACE_TAO/blob/ACE%2BTAO-7_1_1/ACE/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since the generic package infrastructure removed auto derivation of
host dependencies [1] (2016.08), the host dependencies must be
explicitly set.
While adding the nettle host variant [2] the gmp dependency was not
duplicated and host-nettle was built without host-gmp (or built with
gmp installed on the build machine).
While building host-gnutls required for building mkeficapsule u-boot
tool, the configure script check if Libhogweed (nettle's companion
library) is build with libgmp support.
If internal toolchain is used, luckily host-gmp is built before
building host-nettle (and host-gnutls). But when using prebuilt
external toolchain, following error shows up :
Libhogweed (nettle's companion library) 3.6 was not found. Note that you must compile nettle with gmp support.
[1] 4bdb067e38
[2] dac6e30118
[3] eb24bfa808
Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
nettle uses m4 during its build process. Without it, the build fails
with:
m4 ./m4-utils.m4 ./asm.m4 config.m4 machine.m4 aes-decrypt-internal.asm >aes-decrypt-internal.s
/bin/sh: 1: m4: not found
For the target package this is not visible, as the existing gmp
dependency pulls in host-m4. But technically speaking, nettle needs
host-m4 directly, so it makes sense to have this dependency.
For the host package, it clearly fails to build, but probably isn't
very visible as most systems have m4 installed system-wide: this was
noticed when building inside Buildroot's minimal Docker
container. There are no recorded autobuilder failures for this issue.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Sway to version 1.8.1, which brings a new release series to
Buildroot and can be built with wlroots 0.16.x
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update Cage to version 0.1.5, which is a bug fix release that
supports using wlroots 0.16.x.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update to version 0.16.2, which brings in support for a few new Wayland
protocols, and improved input device and scene graph APIs. Applications
which use wlroots might need to be adapted, and at least rebuilt. The
only packages in Buildroot which use wlroots at the moment are the Cage
and Sway compositors, to be updated in follow-up patches.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with gcc >= 13:
In file included from ./Common/log.h:45,
from LinuxPBA/LinuxPBA.cpp:25:
./Common/DtaOptions.h:33:5: error: 'uint8_t' does not name a type
33 | uint8_t password; /**< password supplied */
| ^~~~~~~
./Common/DtaOptions.h:1:1: note: 'uint8_t' is defined in header '<cstdint>'; did you forget to '#include <cstdint>'?
Fixes:
- http://autobuild.buildroot.org/results/b6feb4fb33d595414b61174deb9867e8c30cd186
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since Qemu 6.0.0, a warning appear in the log if a short-form boolean
option is used. This was fixed by Romain for the main cmdline description
(see 04afe86cd7 ("board/qemu/arm-vexpress-tz: use enable=on")) but was
not updated in the alternate cmdlines for when using a dual console or
a GDB debug setup.
By the way, fix description mentioning qemu-system-arm command line option
-S that is an uppercase S, not a lower case s.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumps OP-TEE test package version to OP-TEE release 4.0.0.
Removes the local patch on OpenSSL support that has been integrated
into mainline repository before release tag 4.0.0.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bumps OP-TEE OS package version to OP-TEE release 4.0.0.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The docker-init is not intended to be a user-facing command, and as such
it is more appropriate for it to be found in /usr/libexec/ than in $PATH.
See:
6caaa8cadc5a998af6f5
Signed-off-by: TIAN Yuanhao <tianyuanhao3@163.com>
[yann.morin.1998@free.fr: use mkdir -p, not install -d]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Medium] A fix was added, but still under review for completeness, for a
Bleichenbacher style attack, leading to being able to decrypt a saved
TLS connection and potentially forge a signature after probing with a
large number of trial connections. This issue is around RSA decryption
and affects static RSA cipher suites on the server side, which are not
recommended to be used and are off by default. Static RSA cipher suites
were also removed from the TLS 1.3 protocol and only present in TLS 1.2
and lower. All padding versions of RSA decrypt are affected since the
code under review is outside of the padding processing. Information
about the private keys is NOT compromised in affected code. It's
recommended to disable static RSA cipher suites and update the version
of wolfSSL used if using RSA private decryption alone outside of TLS.
https://github.com/wolfSSL/wolfssl/releases/tag/v5.6.4-stable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 72c653367d (board/licheepi_zero: move board files to their own
directory) forgot to rename the defconfig file, even though the
readme.txt was updated.
Do the rename now.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add support for the LicheePi Nano with mainline components:
- U-Boot 2023.04
- Linux 6.5.9
Board homepage and more usable WiKi:
- https://wiki.sipeed.com/hardware/en/lichee/Nano/Nano.html
- https://linux-sunxi.org/LicheePi_Nano
linux.fragment is required to disable some features in order to keep the
kernel size small, otherwise the board does not boot due to limited
memory. See note in readme.txt.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr:
- use fixed kernel version
- use manufacturer directory
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Group files for board licheepi_zero under the existing manufacturer
directory, like all the other boards by Sipeed.
Signed-off-by: Francois Dugast <francois.dugast.foss@gmail.com>
[yann.morin.1998@free.fr: use the manufacturer sub-dir]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure with gcc >= 13:
In function 'find_best_lang_match_cached',
inlined from 'find_best_lang_match_cached' at ../pango/pango-language.c:501:1,
inlined from 'pango_language_get_scripts' at ../pango/pango-language.c:661:21:
../pango/pango-language.c:518:12: error: array subscript 0 is outside array bounds of 'const void *[0]' {aka 'const void *[]'} [-Werror=array-bounds=]
518 | *cache = result;
| ~~~~~~~^~~~~~~~
In function 'pango_language_get_scripts':
cc1: note: source object is likely at address zero
cc1: some warnings being treated as errors
Fixes:
- http://autobuild.buildroot.org/results/e8b5a752a62621099942b29c1642747eef2930cb
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
There is no need to define SDBUS_CPP_SOURCE explicitly because the
github helper works perfectly well with the default _SOURCE value.
Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Minor bugfix in docker ps status description.
https://github.com/moby/moby/releases/tag/v24.0.7
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The overlay2 layers metadata are now written atomically. Many other
bugfixes and hardening against security issues around the power capping
framework.
https://github.com/moby/moby/releases/tag/v24.0.7
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
python-pycryptodomex uses C99 features like variable
declaration in for-loop statement, while old compilers
assumes C89 by default.
This patch explicitly specifies C99 standard.
Signed-off-by: Oleg Lyovin <ovlevin@salutedevices.com>
[yann.morin.1998@free.fr: use TARGET/HOST_CFLAGS]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure raised since the addition of the package
in commit 0a01085abe:
CMake Error at CMakeLists.txt:17 (project):
No CMAKE_CXX_COMPILER could be found.
Fixes:
- http://autobuild.buildroot.org/results/aff5b968342bf05f036c8e1e557c404060345d30
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: needs C++ for itself, drop inherited comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
An issue was discovered in the C AMQP client library (aka rabbitmq-c)
through 0.13.0 for RabbitMQ. Credentials can only be entered on the
command line (e.g., for amqp-publish or amqp-consume) and are thus
visible to local attackers by listing a process and its arguments.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
