This patch adds a new defconfig for the Star64 board made by
Pine64. This board is based on the Starfive JH7110 RISC-V 64 bits
SoC. See: https://wiki.pine64.org/wiki/STAR64.
This patch uses a custom Kernel and U-Boot made for this board. The
SPL has to be signed with the Starfive SPL-Tool which is a software
provided by the vendor to get the necessary headers on the SPL.
The image configuration is based on the work done by Ivan Velickovic
<i.velickovic@unsw.edu.au>.
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch adds a new package for the Starfive SPL tool. It is used to
add a header to the Secondary Program Loader for platforms based on
the Starfive JH7110 SoC.
Signed-off-by: Thomas Bonnefille <thomas.bonnefille@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We unconditionally configure asterisk with --with-crypt, so the build
currently fails under glibc since it removed crypt in 2.39, and we
explicitly remove it from external toolchains as well, whatever the
version, causing build failures such as:
checking for mandatory modules: OPENSSL BKTR CRYPT ILBC JANSSON LIBEDIT LIBJWT LIBXML2 PJPROJECT SQLITE3 ZLIB... fail
configure: ***
configure: *** The CRYPT installation appears to be missing or broken.
configure: *** Either correct the installation, or run configure
configure: *** including --without-crypt.
Fixing this could be done in two ways: either make libxcrypt a mandatory
dependency under glibc, and continue unconditionally enabling crypt
support, or only enable crypt support when libxcrypt is available or
this was a non-glibc toolchain.
We chose the first option, to keep the existing behaviour (crypt support
is always enabled), to be aligned with other packages (libxcrypt is
selected under glibc toolchains), and because it is also the simplest.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following uclibc-ng build failure raised since bump to version
20.7.0 in commit 0e6d4d2171 and
2694792e13:
stasis/control.c: In function 'exec_command_on_condition':
stasis/control.c:313:3: warning: implicit declaration of function 'pthread_kill'; did you mean 'pthread_yield'? [-Wimplicit-function-declaration]
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~~~~~~~
| pthread_yield
stasis/control.c:313:41: error: 'SIGURG' undeclared (first use in this function)
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~
Fixes: 0e6d4d2171
- http://autobuild.buildroot.org/results/d16e4ca4bd26234f84d17da24c04a8c19faba6c5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix a compile issue when libyuv and libjpeg is enabled.
Detection of following function fails:
checking for pjsip_dlg_create_uas_and_inc_lock in -lpjsip... no
In config.log you see that libjpeg is missing.
Fixes:
http://autobuild.buildroot.net/results/7bed9fc68fc9331ad12942c3eab9742ee8a7a4c4
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the switch to binutils 2.41 as default version [1], the arm Linux
kernel build is broken with:
arch/arm/mm/proc-v7.S: Assembler messages:
arch/arm/mm/proc-v7.S:640: Error: junk at end of line, first unrecognized character is `#'
A similar issue has already be fixed for qemu m68k [2].
Bump to the latest kernel 5.10 that already include the backport
of 790756c7e022 ("ARM: 8933/1: replace Sun/Solaris style flag on section directive")
Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to fix the following
build error:
scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
#include <openssl/bio.h>
[1] e88225ed88
[2] a1ce9474e4
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6655119386
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
[Romain:
- improve commit log
- Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Since the switch to binutils 2.41 as default version [1], the arm Linux
kernel build is broken with:
arch/arm/mm/proc-v7.S: Assembler messages:
arch/arm/mm/proc-v7.S:640: Error: junk at end of line, first unrecognized character is `#'
A similar issue has already be fixed for qemu m68k [2].
Bump to the latest kernel 5.10 that already include the backport
of 790756c7e022 ("ARM: 8933/1: replace Sun/Solaris style flag on section directive")
Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to fix the following
build error:
scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
#include <openssl/bio.h>
[1] e88225ed88
[2] a1ce9474e4
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6655119389
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
[Romain:
- improve commit log
- Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Since the switch to binutils 2.41 as default version [1], the arm Linux
kernel build is broken with:
arch/arm/mm/proc-v7.S: Assembler messages:
arch/arm/mm/proc-v7.S:640: Error: junk at end of line, first unrecognized character is `#'
A similar issue has already be fixed for qemu m68k [2].
Bump to the latest kernel 5.10 that already include the backport
of 790756c7e022 ("ARM: 8933/1: replace Sun/Solaris style flag on section directive")
Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y to fix the following
build error:
scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
#include <openssl/bio.h>
[1] e88225ed88
[2] a1ce9474e4
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/6655119384
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
[Romain:
- improve commit log
- Select BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL
]
Signed-off-by: Romain Naour <romain.naour@smile.fr>
When glibc was bumped to version 2.39 in commit
b5680f53d6 it removed the deprecated
libcrypt support.
As glibc's libcrypt was providing sshd's libcrypt dependency this broke
the sshd password authentification at runtime using glibc version 2.39.
# sshpass -p testpwd ssh -oStrictHostKeyChecking=no localhost /bin/true
Permission denied, please try again.
Without libcrypt, OpenSSH >= 6.2 fall back to using openssl's DES_crypt
function on platorms that don't have a native crypt() function [1].
Note that DES_crypt is deprecated since openssl 3.0 [2] [3].
"Use of the low level DES functions has been informally discouraged for a
long time. We now formally deprecate them.
Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex,
EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt
functions."
Also DES_crypt is provided by openssl only if
BR2_PACKAGE_LIBOPENSSL_ENABLE_DES is enabled. Otherwise crypt() is
never defined:
sd-compat.a(xcrypt.o): in function `xcrypt':
xcrypt.c:(.text+0x48): undefined reference to `crypt'
It's not clear why the password authentification fail with openssl's
DES_crypt but since it's deprecated we use libxcrypt to provide
a working crypt() function for glibc based toolchains.
[1] https://github.com/openssh/openssh-portable/blob/V_9_7/openbsd-compat/xcrypt.c#L57
[2] c6fec81b88
[3] https://www.openssl.org/docs/man3.2/man3/DES_crypt.html
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6623402147
Signed-off-by: Romain Naour <romain.naour@smile.fr>
When glibc was bumped to version 2.39 in commit
b5680f53d6 it removed the deprecated
libcrypt support.
But compiler-rt package still use crypt.h header and crypt() function
in the sanitizer code.
Use libxcrypt unconditionally since compiler-rt itself already depends
on glibc based toolchain.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6703222513
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Since the toolchain Bootlin update to 2023.11-1 [1], the arm Linux
kernel build is broken with binutils >= 2.41 with:
arch/arm/mm/proc-v7.S: Assembler messages:
arch/arm/mm/proc-v7.S:640: Error: junk at end of line, first unrecognized character is `#'
A similar issue has already be fixed for qemu m68k [2].
Bump to the latest kernel 4.19 that already include the backport
of 790756c7e022 ("ARM: 8933/1: replace Sun/Solaris style flag on section directive")
[1] 7e0e6e3b86
[2] a1ce9474e4
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6703222383
Signed-off-by: Romain Naour <romain.naour@smile.fr>
GCC14 now treats implicit int types as error so when check() from
check-lxdialog.sh is called to check whether we can link against ncurses
it will fail silently and the help text indicating to install ncurses is
printed.
However, this is not due to missing ncurses but once the stderr redirect
to /dev/null is removed we can see the root cause:
<stdin>:2:1: error: return type defaults to ‘int’ [-Wimplicit-int]
So, in order for menuconfig to work with GCC14 lets just specify the
return type of main() as int.
Npte that the upstream kconfig in the linux kernel source tree no longer
carries or uses the check-lxdialog.sh script since commit 1c5af5cf9308
(kconfig: refactor ncurses package checks for building mconf and nconf),
so there is no commit we can backport to our kconfig copy.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Tested-by: Petr Vorel <petr.vorel@gmail.com>
[yann.morin.1998@free.fr: add note about upstream kernel]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
CVE-2024-32473: Ensure IPv6 is disabled on interfaces only allocated an IPv4
address by the engine
https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Builds the spi-nor.img together with the sdcard.img.
Readme is extended with SPI NOR flash writing instructions
and recovery.
The spi-nor.img layout is based on the following document:
https://doc-en.rvspace.org/VisionFive2/Boot_UG/JH7110_SDK/boot_address_allocation.html
Signed-off-by: Lukasz Tekieli <tekieli.lukasz@gmail.com>
[Arnout: extend readme.txt with paragraph that either boot mode works.]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The configuration is based on defconfig from starfive's kernel fork [1].
[1] 076ede06c0/arch/riscv/configs/starfive_visionfive2_defconfig
Signed-off-by: Lukasz Tekieli <tekieli.lukasz@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The 6.7.x series is now EOL upstream, so drop the linux-headers option
and add legacy handling for it.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Remove ac_cv_prog_cc_c99; axel has been updated to autoconf 2.72, whose C99
test is compatible with BR2_USE_WCHAR=n.
Signed-off-by: Ismael Luceno <ismael@iodev.co.uk>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Adjust DTS_NAME to current kernel source tree location of DTs in
per-vendor directories.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/6665749909
Cc: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2021-3575: A heap-based buffer overflow was found in openjpeg in
color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An
attacker could use this to execute arbitrary code with the permissions of
the application compiled against openjpeg.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because
strcpy is used instead of strncpy.
Signed-off-by: Angelo Compagnucci <angelo.compagnucci@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Devoogdt <thomas@devoogdt.com>
Reviewed-by: J. Neuschäfer <j.neuschaefer@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Note that, although not explicitly specified in the changelog, version
3.7 renamed the file COPYING to LICENSE, requiring corresponding changes
in Bildroot related to the license file (specifically, the name and hash).
Release notes:
- bmap-tools 3.7:
* Use GitHub Actions for CI (#109)
* Add `poetry` for dependency management and `black` for code
formatting (#104)
* Add functionality for copying from standard input (#99)
* Switch from gpg to gpgme module (#103)
- bmaptool 3.8.0:
* use 'df -P' for POSIX portable output
* bmaptool has new maintainers
* bmaptool has a new home
* bmaptool is now only called 'bmaptool' and not one of a dozen such
variations
* switch to use an X.Y.Z versioning number scheme
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Historically, the package was named bmap-tools, and that's the name
under which it was introduced in Buildroot. Since then, it has moved to
a new home (i. e. to https://github.com/yoctoproject/bmaptool) under the
Yocto Project umbrella, and got renamed to bmaptool. To avoid useless
churn, we keep the old symbols, and just refer to bmaptool in the
prompt.
Link: https://patchwork.ozlabs.org/project/buildroot/patch/20240413131757.3627575-2-dario.binacchi@amarulasolutions.com
Suggested-by: Yann E. Morin <yann.morin.1998@free.fr>
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
As reported in the README file of the old GitHub URL (i.e.
https://github.com/intel/bmap-tools), "The code at this location is no
longer maintained and will likely be removed in the future. This project
has moved to https://github.com/yoctoproject/bmaptool".
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>