One per line, and alphabetical (was already the case for host).
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[yann.morin.1998@free.fr: all host dependencies first]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit fb5aad3024)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Forgotten in commit e6f8c403fe which
removed 0001-configure-define-HAVE_LIBBSD-when-libbsd-was-found.patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 6a3379ad31)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Includes security fixes to the syscall package, as well as bug fixes to the
compiler, runtime, and the crypto/x509 and net/http/httptest packages.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Minor bug fixes, including upstream fix for meson iconv handling, which makes
0002-src-lib-icu-fix-iconv-detection-when-libiconv-is-ins.patch redundant.
Introduces version dependencies for libshout and libupnp, which are met since
01/2021 (commit 118648d161).
Full change log:
https://raw.githubusercontent.com/MusicPlayerDaemon/MPD/v0.23.7/NEWS
Signed-off-by: Andreas Ziegler <br015@umbiko.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4c22b1650d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/a6c7dd171529e2a7b7a26af8d99bec53117a7a02/
Commit fd5842a1dd (boot/shim: add
BR2_PACKAGE_SHIM_ARCH_SUPPORTS) added explicit support for big/little endian
arm/aarch64, but the shim code is hard coded for little endian:
head -n 1 elf_{arm,aarch64}_efi.lds
==> elf_arm_efi.lds <==
OUTPUT_FORMAT("elf32-littlearm", "elf32-littlearm", "elf32-littlearm")
==> elf_aarch64_efi.lds <==
OUTPUT_FORMAT("elf64-littleaarch64", "elf64-littleaarch64", "elf64-littleaarch64")
So drop the support for the big endian variants.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0ebbf0b280)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5.
This issue leads to a segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3ef096786a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch fixes the DP audio and video PLL configurations for the
zynqmp-zcu106-revA evaluation board.
The Linux DP driver expects the DP to be using the following PLL config:
- DP video PLL should use the VPLL (0x0)
- DP audio PLL should use the RPLL (0x3)
Register 0xFD1A0070 configures the DP video PLL.
Register 0xFD1A0074 configures the DP audio PLL.
This patch was build and run tested on a zynqmp-zcu106-revA target board.
Upstream-Status: submitted (https://lore.kernel.org/all/62538b4a04dee28a6fc8ac5b85f8c845a5a76aa4.1651740988.git.michal.simek@amd.com/)
This patch will be removed from buildroot in a future release when no longer necessary.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8125300088)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since SDMA firmwares for imx[6,7,8] are now provided only by
firmware-imx package and not linux-firmware package [1]. If
CONFIG_EXTRA_FIRMWARE is set in the kernel config, the build will fail
if the imx firmware is not available.
[1] http://lists.busybox.net/pipermail/buildroot/2021-January/603807.html
Signed-off-by: Leger Charlie <c.leger@borea-dental.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 666084f494)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Recent changes in libusb have exposed a bug in OpenOCD which now crash when trying
to use the ST-Link driver.
Upstream has a fix as commit cff0e417da58adef1ceef9a63a99412c2cc87ff3. This add the commit
as a stand alone patch. The crash also happen on Linux, which was not mentionned in that
commit message.
Should be removed when OpenOCD is updated to a release newer than 0.11
Signed-off-by: Yannick Brosseau <yannick.brosseau@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4239958963)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For golang- or cargo-based packages, we apply a vendoring pass after the
package's "main" download is done. Whether to vendor or not is based on
the heuristic that a specific directory exists or not; for golang
packages, we look for '/vendor', while for cargo, we look for '/VENDOR'.
This is fine for the "main" (by lack of a better term) download, but
this falls flat on its face for extra downloads. Indeed, some packages
may need to download data sets, or assets, as _EXTRA_DOWNLOADS. Those
are usually just data blobs, and are not actual golang or cargo packages;
as such they do not need to be vendored, but worse, if we try to
actually vendor them, this fails because the required files for
vendoring are missing from the archives in such data sets.
We fix that by decoupling the download for the extra download, from the
download for the main archive. We pass the post-processing option only
to the main download.
This makes the hard assumption that extra downloads will never need to
be post-processed for vendoring, of course; we hope this will always be
correct in practice. If not, we can fix it later.
Signed-off-by: Yann E. MORIN <yann.morin@orange.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout:
- no loop needed for MAIN_DOWNLOAD, it can have only one;
- remove superfluous backslash in the definition of MAIN_DOWNLOAD;
- introduce _ADDITIONAL_DOWNLOADS to avoid filter-out.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit f0c7cb01a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This was already disabled for target packages in:
12ba356365
We need to disable wrap downloads for host meson packages as well.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 5c2f0c698c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add mappings for new cpu families based on the reference table:
https://mesonbuild.com/Reference-tables.html#cpu-families
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 0a91f37c48)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps configs/zynqmp_zcu106_defconfig pmufw to 2022.1.
The pm_cfg_obj.c has not changed between 2021.2 and 2022.1.
The pmufw_v2022.1.bin has been tested on a zcu106 board.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 27c672e53a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps configs/zynqmp_zcu102_defconfig pmufw to 2022.1.
The pm_cfg_obj.c has not changed between 2021.2 and 2022.1.
The pmufw_v2022.1.bin has been tested on a zcu102 board.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b044be10f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- The c_rehash script allows command injection (CVE-2022-1292)
The c_rehash script does not properly sanitise shell metacharacters to
prevent command injection. This script is distributed by some operating
systems in a manner where it is automatically executed. On such operating
systems, an attacker could execute arbitrary commands with the privileges of
the script.
Use of the c_rehash script is considered obsolete and should be replaced by
the OpenSSL rehash command line tool.
https://www.openssl.org/news/secadv/20220503.txt
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 96a4aee289)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch migrates configs/zynqmp_zcu106_defconfig to tarballs for TF-A, u-boot and Linux.
This patch has zero change in code running on the device.
The goal is to improve build speed and align with the zynq_xxx_defconfigs.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ac05c0d68d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch migrates configs/zynqmp_zcu102_defconfig to tarballs for TF-A, u-boot and Linux.
This patch has zero change in code running on the device.
The goal is to improve build speed and align with the zynq_xxx_defconfigs.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 56539c5c93)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We can't enable lua and luajit at the same time as they both provide
the virtual luainterpreter package.
Fixes:
package/luajit/luajit.mk:80: *** Configuration error: both "luajit" and "lua" are selected as providers for virtual package "luainterpreter". Only one provider can be selected at a time. Please fix your configuration. Stop.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit e11431dd61)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
- CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
- Fix potential double-free in xmlXPtrStringRangeFunction
- Fix memory leak in xmlFindCharEncodingHandler
- Normalize XPath strings in-place
- Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() (David Kilzer)
- Fix leak of xmlElementContent (David Kilzer)
For more details, see the release notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.9.14
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4dd01598c2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently pillow doesn't correctly search pkg-config system paths
for some libraries which can prevent some libraries from being
properly detected/enabled in pillow.
This is due to pillow implementing custom header validation
checks which need system paths present to function correctly:
https://github.com/python-pillow/Pillow/blob/9.0.1/setup.py#L633
Removed custom BUILD_CMDS and INSTALL_TARGET_CMDS which were
causing python-pillow to be installed for the host, they are
not required, we just need to set build_ext at the start
of PYTHON_PILLOW_BUILD_OPTS instead.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 10664068b9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps configs/zynqmp_zcu106_defconfig to Xilinx software release 2022.1
which includes the following updates:
- TF-A release version 2.6
- U-Boot release version 2022.01
- Linux kernel release version 5.15.19
It is better to use a Xilinx official release version than sha tags.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Reviewed-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit df0a0ae9d9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps configs/zynqmp_zcu102_defconfig to Xilinx software release 2022.1
which includes the following updates:
- TF-A release version 2.6
- U-Boot release version 2022.01
- Linux kernel release version 5.15.19
It is better to use a Xilinx official release version than sha tags.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b935f46a9b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix build failure raised on uclibc and musl since the addition of
libexecinfo package in commit:
eea8ba446c
Fixes:
- http://autobuild.buildroot.net/results/9591ffe5968fe5f20b29799d1c234426cacd549a
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 99113727d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Github rockchip-linux doesn't provide libmali repository anymore and the
only up-to-date and maintained repository I've found is JeffyCN/mirrors
branch libmali that provide the identical situtation we were at with
previous repository, so let's switch to JeffyCN repository. This fixes
a build failure while trying to install rockchip-mali.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8c25838b53)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CONFIG_CRYPTO_AEAD2=y.
CONFIG_CRYPTO_AEAD2 and CONFIG_CRYPTO_SKCIPHER2 are needed to fix the
following build failure:
ERROR: modpost: "crypto_alloc_skcipher" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "scatterwalk_map_and_copy" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_ahash_final" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_aead_encrypt" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_aead_setkey" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_skcipher_decrypt" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_destroy_tfm" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_skcipher_setkey" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_aead_decrypt" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
ERROR: modpost: "crypto_aead_setauthsize" [/home/autobuild/autobuild/instance-2/output-1/build/cryptodev-linux-1.12/./cryptodev.ko] undefined!
However, those options are not user-selectable. They are enabled by the
appropriate consumers of those cyphers. Since cryptodev is anyway meant
to give userspace access to kernel crypto (hardware), it makes sense to
enable CONFIG_CRYPTO. The easiest way to also get AEAD2 and SKCIPHER2 is
to enable CONFIG_CRYPTO_USER_API_AEAD as well.
Fixes:
- http://autobuild.buildroot.org/results/a06708369c233f6e60a1a3ffd7a77a4edd932c9a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 4b12336d1f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some files in kvm-unit-tests are licensed under the GPL v2 nowadays:
https://gitlab.com/kvm-unit-tests/kvm-unit-tests/-/commit/b29b222beb424a00
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
[yann.morin.1998@free.fr: do not replace LGPLGv2, add to the list]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8c05e5a069)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog: https://curl.se/changes.html#7_83_0
Release notes: https://curl.se/news.html
Fixes the following CVEs:
CVE-2022-22576: OAUTH2 bearer bypass in connection re-use
CVE-2022-27774: Credential leak on redirect
CVE-2022-27775: Bad local IPv6 connection reuse
CVE-2022-27776: Auth/cookie leak on redirect
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b0b25f1454)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changelog: https://curl.se/changes.html
Updated license hash due to copyright year bump:
0409192b1f
The NSS crypto backend requires a special option now, without it
configure errors out with:
configure: error: NSS use must be confirmed using --with-nss-deprecated. NSS support will be dropped from curl in August 2022. See docs/DEPRECATE.md
Since it will be removed entirely soon anyway, and since this version
doesn't fix any CVEs so doesn't need to be backported to stable
branches, drop the NSS option entirely.
Since NSS is going to be removed soon, drop the --without-nss as well.
It is never going to be enabled automatically.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Arnout: drop NSS option entirely, as suggested by Baruch Siach.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 8afb945bf0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This reverts commit 8e91385a2c.
This commit is incorrect, as it is perfectly valid for
BR2_TOOLCHAIN_EXTERNAL_PATH to be empty. The help text of
BR2_TOOLCHAIN_EXTERNAL_PATH even documents it as a supported case:
If empty, the compiler will be searched in $PATH.
Commit 392b0a26f5 ("toolchain-external:
default BR2_TOOLCHAIN_EXTERNAL_PATH to empty") even made that the
default saying "In addition, it in fact works correctly when it is
empty. In that case, the toolchain will be searched in PATH."
A user has reported that commit
8945ba4948 (the backport of 8e91385a2c to
the 2022.02.x LTS branch) breaks his use-case:
https://lore.kernel.org/buildroot/CADBnMvhgaozAgZgy3njckjL1i0U6bZ0fLrq-kdFF-qpGhFWgmw@mail.gmail.com/
Reported-by: Kristof Havasi <havasiefr@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: reference 8e91385a2c on master]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 77fc458025)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Thanks to the bump of elf2flt to version 2021.08, the issue with
recent versions of binutils has been fixed, so we can re-enable using
the recent binutils versions.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 44b9361a2e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It contains several fixes and improvements compared to our current
version, and two of our patches have been accepted upstream. Most
notably, it fixes the issue we had in using elf2flt with recent
versions of binutils (upstream commit
ba379d08bb78c9300e84351c11080c26ddcc36b3).
Patch 0001-ld-elf2flt-behave-properly-when-called-with-a-name-d.patch
is upstream as of commit 1c9b454336eaf38f7d037917a3120fae04193fbe
Patch 0002-elf2flt.c-add-new-relocation-types-for-xtensa.patch is
upstream as of commit d7eb73163bcea31168c438fc132a0967ac172e3d
The other two patches are refreshed to apply properly on 2021.08.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 65d78dcfeb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The afboot-stm32 build system was initially linking with gcc, but that
was changed upstream following a Buildroot contribution to use ld
instead.
However, the build system was still passing -nostartfiles, which is a
gcc option. By luck, this option was simply ignored by older versions
of ld (such as binutils 2.32), but newer versions of ld (2.36 and
newer, at least) no longer accept/ignore this option.
This commit adds a patch that drops the use of this option, since it
is useless for ld.
The first patch is slightly updated because the upstream pull request
has been updated to contain both build fixes.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit cf5206ea98)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable builtin harfbuzz which is enabled by default since bump to
version 2.0.18 in commit f4da031a77 and
834ec54127
resulting in the following build failure without threads:
In file included from external/harfbuzz-2.8.0/src/hb.hh:470,
from external/harfbuzz-2.8.0/src/hb-aat-layout.cc:28:
external/harfbuzz-2.8.0/src/hb-mutex.hh:53:10: fatal error: pthread.h: No such file or directory
53 | #include <pthread.h>
| ^~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/ac8b366558bec61ada84ec15cf27652fde2b63b2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2449d9c9dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Explicitely set the openssl path so that python3 doesn't search host
header paths for target openssl headers.
Fixes:
- http://autobuild.buildroot.net/results/c27/c27fe795e079350dd1c9af45be417d41b55e57c3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit fbf78c2a73)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
