The host-python-cryptography module is only used by ca-certificates
for a check of the expiration date of certificates, which is only a
warning not even causing the build to abort, i.e something that
Buildroot users are most likely never going to see.
Since the host-python-cryptography dependency would soon require a
dependency on rust, it's a lot simpler to just patch the
certdata2pem.py script to no longer require cryptography, but only
make use of it if available.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The comments were *after* the option they applied to, which was
confusing, so bring back the comments before the option they apply to.
In addition, instead of saying "this option", explicitly name the
option to clear any ambiguity.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There is already a package adding Mali blobs for Sunxi Mali Utgard
GPUs. Many Rockchip SoCs feature a Mali Bifrost GPU and need specific
libraries provided under binary form with a non-GPL compliant license
by Rockchip. Package these libraries.
While the repository at https://github.com/rockchip-linux/libmali
supports many GPU variants, this package for now only supports the
Bifrost GPU blob. Support for other GPU blobs can be added later.
Signed-off-by: Maxime Chevallier <maxime.chevallier@bootlin.com>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
[Thomas:
- Rename to rockchip-mali, because it contains other blobs than
Bifrost ones
- Add missing entry in DEVELOPERS file
- Change BR2_arm to BR2_ARM_EABIHF as only EABIhf blobs are provided
for arm32
- Add BR2_TOOLCHAIN_HAS_THREADS inherited from libdrm.
- Expose as a libgbm provider.
- Drop the patch, which was not necessary.
- Rework the entire installation logic, to be much simpler.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
python-numpy can be built using fortran compiler if available. Pass the
F90 environment variable to setup.py to make sure it picks up the
cross-compiler. Otherwise, use --fcompiler to make sure it doesn't
accidentally pick up the host compiler.
Don't do anything like this for host compilation. We don't care whether
or not it uses fortran.
Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Removed patch which was applied upstream:
2dc5bea906
Updated license hash due to typo fixes:
73eca0a9c9
Updated project URL as recommended in the release notes:
https://github.com/unicode-org/icu/releases/tag/release-70-1
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The PYTHON_NUMPY_FIXUP_NPY_PKG_CONFIG_FILES macro was introduced in
commit
2426002d6f ("package/python-numpy: fixup
npymath.ini for numpy extensions").
However, it turns out that by using $(PYTHON3_PATH), we can simplify
the intermediate variables, to the point where they are no longer
needed. Not having the intermediate variables makes the logic a bit
easier to understand.
Also, the logic is changed to use a single sed expression, which we
pass to $(SED).
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The commit [1] added a sed command used to retreive a pattern
to keep only defconfigs whose name start with the pattern.
"<foo>-defconfigs-<pattern>"
The sed command doesn't work as expected if <foo> contains a
single hyphen [2]:
"qemu-6.2.0-defconfigs-qemu"
Update the sed command to ignore completely the part before
"-defconfigs-".
[1] 65d2f04c01
[2] http://lists.busybox.net/pipermail/buildroot/2022-January/632507.html
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Shortly after MSTPd was added, version 0.1.0 was released. Update to the
latest version.
Signed-off-by: Colin Foster <colin.foster@in-advantage.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Drop first patch (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fix build failure raised since the addition of the libexecinfo package
in commit eea8ba446c
Fixes:
- Not autobuilder failures (yet)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This platform has its own kernel defconfig in Buildroot, but we cannot
get quick idea about how much it diverged from the in-kernel defconfig.
Let's use the upstream arch/arm/config/versatile_defconfig as a base,
and maintain the diff as a merge-config fragment. The same .config is
still generated based on the 5.10.7 kernel.
The diff is quite big, but this is a good start-point for cleanups.
Follow-up works can drop diff lines unless we find a good reason for
divergence.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
[Arnout: rename linux-nommu.config to linux-nommu.fragment]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This platform has its own kernel defconfig in Buildroot, but we cannot
get quick idea about how much it diverged from the in-kernel defconfig.
Let's use the upstream arch/arm/config/versatile_defconfig as a base,
and maintain the diff as a merge-config fragment. The same .config is
still generated (based on the 5.10.7 kernel).
The diff is quite big, but this is a good start-point for cleanups.
Follow-up works can drop diff lines unless we find a good reason for
divergence.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
[Arnout: rename linux.config to linux.fragment]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This defconfig enables sunxi-mali-mainline-driver so we need to disable
Lima in Linux to prevent Mali to not load.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This defconfig enables sunxi-mali-mainline-driver so we need to disable
Lima in Linux to prevent Mali to not load.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This Linux defconfig fragment is needed to disable Lima driver in favour of
Mali(if enabled). This because Lima is enabled by default in Linux's
sunxi_defconfig and if we enable Mali driver in Buildroot it will fail to
load. So let's set CONFIG_DRM_LIMA=n. Of course this fragment is only used
by Buildroot defconfigs that enable Mali driver.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Select BR2_TARGET_UBOOT_NEEDS_OPENSSL to fix the following build
error:
include/image.h:1178:12: fatal error: openssl/evp.h: No such file or directory
1178 | # include <openssl/evp.h>
| ^~~~~~~~~~~~~~~
After the update of u-boot in commit 9a04bbec1c (configs/imx6slevk: bump
U-Boot).
Fixes:
- https://gitlab.com/buildroot.org/buildroot/-/jobs/1946650628
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In GCC6 the compiler was made smarter to omit the flag
-fdebug-prefix-map from the DWARF DW_AT_producer section[1]. That flag
contains the absolute path '$(BASE_DIR)' which breaks reproducibility.
Prior to GCC6 however, the only way to omit the flag is to use
-gno-record-gcc-switches which omits all flags.
[1] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=266cc0c181549c2fb6b50f8f26213cdc89101026
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
[Arnout: invert condition to ifeq (,) instead of ifneq (,y)]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
In GCC8 the flag -ffile-prefix-map handles cleaning up both the __FILE__
macros and the debug info paths. In GCC7 or below we are manually
handling the __FILE__ macros, but not debug info paths. Use
-fdebug-prefix-map to clean them up. This option exists since GCC 4.3.0,
which is our minimal supported GCC version.
See for more detail: https://reproducible-builds.org/docs/build-path/
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
libest is a C implementation of RFC 7030 (Enrollment over
Secure Transport).
It can be used to provision public key certificates from
a certificate authority (CA) or registration authority (RA)
to end-user devices and network infrastructure devices.
https://github.com/cisco/libest
Notes on patches included in this package:
- libest bundles a stubbed version of libsafec, and has no provision
to build against a system-installed full (non-stubbed) libsafec.
We add a patch to make that possible.
- Added a configuration option --{enable,disable}-examples to toggle
examples build by a separate patch.
- There's a configuration option `--enable-jni` which allows to build
a JNI library for binding libest to Java programs. And that library
would be using an outdated version of OpenSSL 1.0.
We fix that by adding support for OpenSSL 1.1 API for that library.
- Fixed a bug when specifying either `--enable-FEATURE` or `--disable-FEATURE`
has always been enabling the feature.
Signed-off-by: Aleksandr Makarov <aleksandr.o.makarov@gmail.com>
[Thomas:
- Added comments about the upstream status in existing patches
- Added a patch fixing an autoreconf issue
- Added a patch adding a missing "extern" on a variable to fix build
with gcc 10
- Removed the glibc dependency by using the new libexecinfo package
- Drastically simplified the complex libcoap disabling and client-only
mode vs. OpenJDK issue. libcoap support is now forcefully disabled,
and client-mode only option is made invisible when OpenJDK is
enabled.
- Fixed the license information;
- Added missing host-pkgconf
]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
GnuTls implements old, unsafe or unused protocols and cyphers
Secure embedded systems shall disable them in order to be certified.
This patch allows to select/deselect SSLv2 protocol and gost cipher.
Signed-off-by: Erwan GAUTRON <erwan.gautron@bertin.fr>
[Peter: default options to 'n', move next to _GNUTLS_TOOLS, explicit
--enable]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Agent is always enabled. Even though a server without agent is a valid
use case, the agent doesn't take much space compared to the server so
making it optional is not worth it.
Optional dependencies (openssl, libcurl, ...) are set globally, even
though they are supposedly only used for the server. However, this is
not so obvious from configure.ac so it's easy to accidentally miss one.
Setting them globally doesn't hurt.
The proxy, agent2 and webservice features are left disabled. agent2
requires go.
zabbix also has support for sqlite3 as database backend, but only for
the proxy, not for the server.
Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
[Arnout:
- BR2_TOOLCHAIN_USES_GLIBC implies the other glibc options.
- Fix wrapping in Config.in help text.
- Add upstream URL.
- Protect comments with "depends on" instead of "if".
- Select postgresl/mysql instead of depends (and propagate
dependencies).
- Remove redundant condition around
BR2_PACKAGE_ZABBIX_SERVER_COPY_DUMPS.
- Select PHP extensions instead of depends.
- Make optional dependencies automatic instead of Config.in.
- Improve some of the help texts.
- Bump to 5.4.9 and update hashes.
- Add COPYING as license file.
- Switch to actual upstream at zabbix.com.
- Explicitly disable all unused features.
- Disable zabbix user login with '*'.
- Don't add user to zabbix group twice.
- Do patch of zabbix_*.conf in post-patch hook and do it for all conf
files in one shot.
- Remove workarounds for pending patches (which were merged).
- Put web ui in /var/www/zabbix and SQL files in /var/lib/zabbix.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
The current behavior for busybox' udhcpc is to terminate if no lease is
obtained at start up. Therefore no address is acquired if the link is
established afterwards.
By setting the -b flag udhcpc will background allowing the link to be
established at any time.
Signed-off-by: Lothar Felten <lothar.felten@gmail.com>
[Peter: drop incompatible -n, also fixup busybox-minimal.config]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit ead2afda13, gettext is
wrongly disabled when BR2_SYSTEM_ENABLE_NLS is set
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
These packages needed to depend on host-python3 because their Scons
machinery was written in python3, but host-scons itself was depending
on host-python. Now that host-scons depends on host-python3, the
packages that use host-scons no longer have to carry a host-python3
dependency.
The other package using scons, mongodb, does not have a direct
dependency on host-python3, but on a number of host Python 3.x modules
which are needed during the build, so no changes is necessary there.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Back in commit
f72be49830 ("package/scons: remove
python from SCONS"), we changed the SCONS variable to not explicitly
invoke the Python interpreter, because some scons-based packages used
python2, some python3.
Now that the 3 remaining packages using scons (gpsd, mongodb and
benejson) all use python3, we can bring back the python3 interpreter
call into the SCONS variable, and slightly simplify those packages.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
All packages using scons are now using Python 3 to run it, so
explicitly set scons as using host-python3. This avoids a
spurious host Python 2 dependency if BR2_PACKAGE_PYTHON3 is not
set (for example, if no Python is packaged for the target).
Signed-off-by: Robert Hancock <hancock@sedsystems.ca>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Updated license hash and location of LICENSE.TXT due to upstream commit:
0606350c2a
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use src/libfakekey.c as the license file because there is no COPYING in
the git tarball
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop second and third patches (already in version)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove upstream patch
Fixes a build issue with toolchains using kernel headers < 5.6,
when the openat2(2) syscall is not available [2].
Add a new patch to fix homework-mount with linux-headers < 5.2.
[1] cd88d010e8
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=fddb5d430ad9fa91b49b1d34d0202ffe2fa0e179
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Norbert Lange <nolange79@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Back in commit e90a4bf4af ("alsa-lib:
don't use versioned symbols") from 2009, symbol versioning was
disabled in alsa-lib, because it was causing problems with C
libraries (such as uClibc) that doesn't support symbol versioning. The
thread at
http://mailman.alsa-project.org/pipermail/alsa-devel/2009-February/014999.html
has some background discussion about this.
Essentially, the issue was that alsa-lib in the new version of a given
symbol calls into an old version of the same symbol. If your C library
has symbol versioning, everything works fine. But if your C library
doesn't support symbol versioning, the call from the new symbol into
the old symbol will in fact end up in the new symbol, causing an
infinite recursion.
That problem was solved back then by unconditionally disabling symbol
versioning in alsa-lib.
However, some libraries such as CEF depend on versioned symbols from
alsa-lib, and the build fails during linking with versioning disabled.
This patch conditionally disables versioned symbols when unsupported
by the toolchain, leaving them enabled otherwise. We assume only glibc
has support for symbol versioning. uClibc has no support, and musl has
some limited support, so we take the safe route of only enabling
symbol versioning for glibc.
Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
