The version of the ARM Trusted Firmware from Marvell was a Git branch,
not a Git commit, leading to unreproducible results. So let's use a
Git commit instead, which is the latest available from the branch that
was previously used.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This test case currently fails to build with:
./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'
This issue has been fixed upstream in commit
10c252c14b7f446c0b49ef1aafbd5d37804577dd, available since v1.3. So
while we bump, let's bump to the latest version of ATF, v1.5.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/64360659
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump kernel to version 4.16.3 and U-Boot to 2018.03.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 5563a1c6a4
("support/check-uniq-files: support weird locales and filenames"), the
'csv' Python module is no longer used by the check-uniq-files.
Due to this, flake8 complains with:
support/scripts/check-uniq-files:4:1: F401 'csv' imported but unused
Fix this by dropping the useless csv import.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The release announcement mentions these security fixes:
Defend against Bellcore glitch attacks by verifying the results of RSA
private key operations.
Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the HMAC
key of a single, uninterrupted connection (with no resumption of the
session).
Reject CRLs containing unsupported critical extensions.
Fix a buffer overread in ssl_parse_server_key_exchange() that could
cause a crash on invalid input. (CVE-2018-9988)
Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
a crash on invalid input. (CVE-2018-9989)
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Don't build the static library when BR2_SHARED_LIBS=y, to reduce build
time.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Sometimes it is useful to pass some parameters to ModemManager when it
starts (e.g. --log-level). Allow the user add a file with such flags in
a MODEMMANAGER_ARGS variable. This is simpler than overriding the whole
startup script (e.g. by means of a rootfs overlay).
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit e93fec6673 (lz4: bump to version 1.8.1.2) we use two make
targets, 'lib' and 'lz4'. Both targets depend on the static library.
When these targets run in parallel the two make instances that build the
static library race against each other. Split these targets to ensure
build order.
Should fix:
http://autobuild.buildroot.net/results/a8d/a8d956ff420f6a265c5c00b33646dbbc24ce2d48/
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add host-openssl to those configs, which need it for the Linux kernel build.
Signed-off-by: Vincent Stehlé <vincent.stehle@laposte.net>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Marcin Niestroj <m.niestroj@grinn-global.com>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Reviewed-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream moved to https://ccid.apdu.fr/ according to
http://pcsclite.alioth.debian.org/ccid.html, updated _SITE and
Config.in.
Added license hash.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream moved to https://muscle.apdu.fr/ according to
http://pcsclite.alioth.debian.org/, updated _SITE and Config.in.
Added license hash.
Added optional systemd support available since upstream commit
30e10951f8 (diff-67e997bcfdac55191033d57a16d1408a)
We need to add systemd support in this patch because omitting it will
cause an error during configure:
checking for LIBSYSTEMD... no
configure: error: install libsystemd-dev or use --disable-libsystemd
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since bluez5_utils 5.49, some code using readline was compiled even if
readline was not available. After this issue was reported upstream, a
patch was proposed by an upstream developer to address the issue. This
commit integrates this patch (under review upstream), which fixes the
problem.
Fixes:
http://autobuild.buildroot.net/results/3e266a79acab8b8eb33360f7afbc1cd6db46f7cb/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
A number of fcntl.h definitions were missing on OpenRISC in uClibc-ng,
causing build failures such as:
gfile.c: In function 'splice_stream_with_progress':
gfile.c:3017:35: error: 'F_SETPIPE_SZ' undeclared (first use in this function)
buffer_size = fcntl (buffer[1], F_SETPIPE_SZ, 1024 * 1024);
This comit backports a patch that was merged in upstream uClibc-ng,
which addresses this problem.
Fixes:
http://autobuild.buildroot.net/results/182ebbba6c7466b07e965e5120d919cbcf5e9da6/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit updates all the pre-built Buildroot toolchains, which have
all been rebuilt with Buildroot as of commit 046c5e2. The initial
motivation for this update is that an upcoming bump of procps-ng uses
fopencookie(), which has only been introduced in musl 1.1.19, which
itself started being used in Buildroot after the 2018.02 release.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also install bootstrap.min.css.map as it is referenced from
bootstrap.min.css.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use the same version as tcl package.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Older versions of tar (e.g. 1.27.1) incorrectly interpret the escaping
of the regexp separator, and generate broken tarballs.
For example, given the following transform expression:
--transform="s/^\.\//squashfs-e38956b92f738518c29734399629e7cdb33072d3\//"
the resulting paths in the generated tarball would be:
squashfs-e38956b92f738518c29734399629e7cdb33072d3\/
i.e. a directory which last character is indeed a '\'.
We fix that by using a separator which is very unlikely to occur in a
filename.
Fixes:
http://autobuild.buildroot.org/results/742/7427f34e5c9f6d043b0fe6ad2c66cc0f31d2b24f/
and probably a slew of others as well...
Take this opportunity to fix indentation on the following line
(leading spaces, not TABs).
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current method of supporting static only build, removal of all lines
that match the SHARED regex from lib/Makefile, is crude and fragile.
Instead, patch lib/Makefile to allow disable of shared libraries.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The email address of Philipp Claves bounces.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In commit 2a27294e9a ("grub2: force
-fno-stack-protector in CFLAGS"), a fix was made to the grub2 package
to make it build properly even when SSP support is enabled.
However, commit 20a4583ebf ("security
hardening: add RELFO, FORTIFY options") reworked how SSP options are
passed, and they are now passed in CPPFLAGS instead of CFLAGS, making
the fix introduced by 2a27294e9a no
longer operating.
This commit will force no-stack-protector in CPPFLAGS instead of
CFLAGS.
Fixes bug #10961.
Signed-off-by: Tarek El-Sherbiny <tarek_el-sherbiny@waters.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Check:
- the daemon is started;
- a message is collected;
- the daemon does not issue a warning message on startup.
When the .conf file version does not match the package version a warning
message shows up on serial on every boot. This message is generated by
syslog-ng before it is running, so it is not logged to
/var/log/messages. So in order to test the message is generated, restart
the server. It makes the message appears on /var/log/messages (since the
server is already running) where its existence can be easily tested
using grep.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove a runtime warning message about configuration file being too old.
Do the same as commit 3dad25466d "syslog-ng: Bump version header in conf
file to 3.9". Package version of syslog-ng is 3.10.1, so bump version
number in syslog-ng.conf to 3.10.
Also add a comment to avoid the same warning message reappears when the
package is bumped.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The different versions of git will behave in different ways when
fetching remote references, as summarised by the table below:
| ancient git | new git
--------------------------------------------------------------------
git fetch | fetch all refs but tags | fetches all refs but tags
git fetch -t | fetches only tags | fetch all refs and tags
(git-fetch may still fetch tags, but only if reachable from a branch)
So, to cover all the bases, we do a simple fetch, to be sure we have
branches, followed by the existing fetch -t, to get extra tags.
Fixes:
http://autobuild.buildroot.net/results/0a2/0a238a7f55ea56c33b639ad03ed5796143426889/build-end.log
Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There are cases where a downloaded toolchain doesn't have its binaries
placed directly in a "bin" subfolder (where BuildRoot currently looks
for them).
A common example is the official Raspberry Pi Toolchain
(https://github.com/raspberrypi/tools), which has its binaries in
"arm-bcm2708/arm-linux-gnueabihf/bin".
This commit introduces BR2_TOOLCHAIN_EXTERNAL_REL_BIN_PATH that defaults
to "bin" and can be changed as needed.
Signed-off-by: Calin Crisan <ccrisan@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Thomas: rework a bit how TOOLCHAIN_EXTERNAL_REL_BIN_PATH is defined.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use lib and lz4 make targets to avoid build of the manual generator, and
the examples. Both of them use the target compiler to build host tools.
Add license files hashes.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Drop upstream patches.
Add upstream patch fixing build with musl libc.
Add license file hash.
Set LDLIBS to TARGET_LDFLAGS for TARGET_LDFLAGS to be added to the link
commands. Makefile does not use the LDFLAGS environment variable. This
fixes static linking.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use sha256 checksum from *.distinfo.asc file.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For those who wonder what happend, as usual, there's a changelog summary:
https://github.com/kergoth/tslib/releases
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There are cases where a repository might be broken, e.g. when a previous
operation was killed or otherwise failed unexpectedly.
We fix that by always initialising the repository, as suggested by
Ricardo. git-init is safe on an otherwise-healthy repository:
Running git init in an existing repository is safe. It will not
overwrite things that are already there. [...]
Using git-init will just ensure that we have the strictly required files
to form a sane tree. Any blob that is still missing would get fetched
later on.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Tested-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
git always look directories up until it finds a repository. In case
the git cache is broken, it may no longer be identified as a repository,
and git will look higher in the directories until it finds one.
In the default conditions, this would be Buildroot's own git tree
(because DL_DIR is a subdir of Buildroot), but in some situations may
very well be any repository the user has Buildroot in, like a
br2-external tree...
So, we force git to use our git cache and never look elsewhere, as
Suggested by Ricardo.
Use GIT_DIR, as it has been there for ages now, while --git-dir was
only introduced later (even if most distros ship an later version),
as suggested by Arnout.
Also fix the one call to git that was not using the wrapper.
Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Tested-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
