Libressl is a fork of openssl from OpenSSL in 2014. Its goal is to
modernize the OpenSSL codebase, improve security, and apply best
practice development processes.
Right now, libressl is API compatible with OpenSSL 1.0.1, but does not
yet include all new APIs from OpenSSL 1.0.2 and later.
Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the advisory:
https://irssi.org/security/irssi_sa_2017_07.txt
Two vulnerabilities have been located in Irssi.
(a) When receiving messages with invalid time stamps, Irssi would try
to dereference a NULL pointer. Found by Brian 'geeknik' Carpenter
of Geeknik Labs. (CWE-690)
CVE-2017-10965 [2] was assigned to this bug
(b) While updating the internal nick list, Irssi may incorrectly use
the GHashTable interface and free the nick while updating it. This
will then result in use-after-free conditions on each access of
the hash table. Found by Brian 'geeknik' Carpenter of Geeknik
Labs. (CWE-416 caused by CWE-227)
CVE-2017-10966 [3] was assigned to this bug
Impact
------
(a) May result in denial of service (remote crash).
(b) Undefined behaviour.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While building I noticed:
>>> host-ccache 3.3.4 Building
conf.c: In function 'conf_create':
conf.c:314:2: warning: too many arguments for format [-Wformat-extra-args]
conf->cache_dir = format("/home/peko/.buildroot-ccache", get_home_directory());
^
As host-ccache gets installed into $(HOST_DIR) and is part of the SDK,
hardcoding the build user homedir isn't really nice for the relocatable
SDK feature (or simply for a SDK used by multiple users).
As the warning shows, CCache replaces "%s" with the current user home
directory, so rewrite BR_CACHE_DIR to use this feature if it begins with
$HOME.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We no longer have automatic derivation of DEPENDENCIES for host
packages, so the comment that we don't want a host-busybox dependency
is no longer valid.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Passing the option --shebangdir=/usr/bin to the configuration script adds the
CPP definition EXECLINE_SHEBANGPREFIX to
execline-x.y.z/src/include/execline/config.h. It is used by `s6-rc-compile` from
the s6-rc package to set the path to the execline interpreter in the scripts it
generates.
So, when building the host variant of execline, this path will be used in the
target service scripts generated by the host variant of `s6-rc-compile`. If not
forced to /usr/bin, the location of the execline interpreter on the target, it
will default to $(HOST_DIR)/bin thus leading to non-working scripts on the
target.
So, restore this option for the host variant.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since mtd was converted to the package infrastructure in commit
de4cf4e913 ("mtd: convert to gentargets,
add host package"), its host variant depended on host-e2fsprogs. At
the time, only a host variant of the mtd package was available.
When a target variant of mtd was introduced in commit
b50e0fa113 ("mtd: add option to build
mkfs.ubifs for target"), it depended on util-linux.
So today, the target variant continues to depend on util-linux, while
the host variant depends on e2fsprogs. What mkfs.ubifs really needs
is libuuid, which is provided by util-linux. It was in fact provided
by the fact that host-e2fsprogs depends on host-util-linux.
But really, host-e2fsprogs is not needed as a dependency, so use
host-util-linux to be consistent with the target variant.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Building the MTD test programs requires the MS_DIRSYNC, which is not
necessarily available on old build machines. But obviously, MTD test
programs are not needed, so we can simply disable them, as they were
prior to the migration to mtd 2.0.
Fixes:
http://autobuild.buildroot.net/results/21e1ad2a4560b6d3ba6490d20ae064246e66d5c1/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The toolchain wrapper, when called through PATH, strips the last three
levels of /proc/self/exe to find HOST_DIR. However, after the host/usr
removal, this should be just two levels.
The toolchain wrapper has different logic for when it is called with a
full path (i.e. $HOST_DIR/usr/bin/arm-linux-gcc) then when it is called
through the PATH (i.e. just arm-linux-gcc). The latter is never used
internally in Buildroot, that's why this wasn't discovered through
testing.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Mark Jackson <mpfj-list@newflow.co.uk>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Libgrcrypt is a direct dependency of WebKitGTK+, and as such it
should be selected.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: add missing dependency on BR2_PACKAGE_LIBGPG_ERROR_ARCH_SUPPORTS.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This is needed for correctly building some CMake-based packages which
use this variable. For example, this is needed for WebKitGTK+ 2.16.x
to build correctly when an ARMv8 target is configured.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This file is not a package per-se, it includes other .mk files that
are packages.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The waf package infrastructure was not known by the pkg-stats script,
so let's add it.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
With 2000+ packages it's not trivial to identify i.e.:
- all packages that don't have a hash file;
- all packages that have patches;
- all packages that have code style warnings;
User experience can be improved by dynamically sorting the resulting
table.
There is an open-source solution that does that in the client-side and
requires minimal changes to our script: sorttable.js. The script is
MIT licensed as stated in its website.
Also add a hint to the user that the table can be sorted.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The needed functionality is already included into Python 3.6.x,
so these files can be now compiled without errors.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Changing setup type to setuptools avoids installing as zipped .egg
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since there is quite some duplication in the variables to be passed in
the make environment and as make options between the build and install
steps, this commit introduces LINUXPTP_MAKE_ENV and LINUXPTP_MAKE_OPTS
to avoid the duplication.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
incdefs.sh try to define some flags with user_flags() and kernel_flags()
functions. The later is looking at the kernel headers installed on the host
when KBUILD_OUTPUT is not set. If no kernel headers are installed on the host,
the grep fail and HAVE_ONESTEP_SYNC is not set on the command line:
see: grep: /usr/include/linux/net_tstamp.h: No such file or directory
So the missing.h define HWTSTAMP_TX_ONESTEP_SYNC which is also present in the
kernel headers installed in STAGING_DIR (toolchain w/ headers >= 3.2).
Indeed KBUILD_OUTPUT is empty because it's reset in the makefile, so move
KBUILD_OUTPUT in the enviroment while calling "make"/
Also set KBUILD_OUTPUT to STAGING_DIR to find net_tstamp.h.
While at it, use the same arguments for BUILD_CMDS and
INSTALL_TARGET_CMDS.
Thanks to Yann for the live review during the Buildroot summer camp.
Fixes:
http://autobuild.buildroot.net/results/364/36470db2c262d2e1fda5144a08cfe221831e093e
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Petr Kulhavy <brain@jikos.cz>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Thanks to Yann for the live review during the Buildroot summer camp.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Petr Kulhavy <brain@jikos.cz>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Change site to https to avoid a redirection.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The XVISOR_ARCH check added in commit
117fd5dfbc ("xvisor: fix build on
AArch64") broke Buildroot entirely on all architectures except ARM,
AArch64 and x86-64, because the $(error ...) test was not enclosed
inside a condition that made sure the xvisor package was enabled.
This commit fixes that, and allows Buildroot to be usable again on all
architectures.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 32bec8ee2f (toolchain-external: copy ld*.so* for all C libraries)
removed the definition of TOOLCHAIN_EXTERNAL_MUSL_LD_LINK. Remove also the
reference to it.
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In commit 32bec8ee2f
("toolchain-external: copy ld*.so* for all C libraries") we changed
how the musl dynamic linker symbolic link was being created. Instead
of having specific logic in Buildroot, we switched to simply copying
the ld*.so.* symbolic link from staging to target, as well as the
target of this symbolic link.
However, it turns out that by default, musl creates its dynamic linker
symbolic link with an absolute path as the target of the link:
/lib/libc.so.
Therefore, external Musl toolchains built with Buildroot look like
this:
lrwxrwxrwx 1 thomas thomas 12 Jul 4 19:46 ld-musl-armhf.so.1 -> /lib/libc.so
The principle of the copy_toolchain_lib_root function, which is used
to copy libraries from staging to target, is to copy symbolic links
and follow their targets. In this case, it means we end up copying
/lib/libc.so (from the host machine) into the target folder. From
there on, there are two cases:
1. /lib/libc.so exists in your host system. It gets copied to the
target. But later on, Buildroot also copies /lib/libc.so from
staging to target, overwriting the bogus libc.so. So everything
works fine, even though it's admittedly ugly.
2. /lib/libc.so doesn't exist in your host system. In this case, the
build fails with no clear error message.
This problem does not happen with Musl toolchains built by
Crosstool-NG, because Crosstool-NG replaces the absolute target of the
dynamic linker symbolic link by a relative path.
However, since we want to support existing Buildroot Musl toolchains
and generally work with the fact that Musl by default installs an
absolute symlink, the following commit improves the
copy_toolchain_sysroot function to replace symbolic links with an
absolute destination to use a relative destination. I.e, in staging,
the ld-musl-armhf.so.1 symbolic link looks like this:
lrwxrwxrwx 1 thomas thomas 14 Jul 5 22:59 output/staging/lib/ld-musl-armhf.so.1 -> ../lib/libc.so
Fixes:
http://autobuild.buildroot.net/results/ce80264575918a8f71d9eab1091c21df85b65b1a/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Xvisor was failing to build on AArch64 with:
package/xvisor/xvisor.mk:60: *** No Xvisor defconfig name specified, check your BR2_PACKAGE_XVISOR_DEFCONFIG setting. Stop.
The first problem is that the Config.in file had a typo: it was using
BR2_AARCH64 instead of BR2_aarch64, and therefore the
BR2_PACKAGE_XVISOR_DEFCONFIG variable had no value.
Once this is fixed, another problem occurs: the ARCH variable needs to
be specified as "arm" for XVisor, for both ARM and AArch64. Therefore,
a XVISOR_ARCH variable is introduced, which is calculated according to
the Buildroot configuration options. Only x86-64, arm and aarch64 are
supported by Xvisor currently, so it remains simple.
Fixes:
http://autobuild.buildroot.net/results/1719a63ff257f13634a06a14327abfb327984101/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Add initial support for nanopi-m1 board
with below features
- U-Boot 2017.07-rc1
- Linux 4.11.5
- Default packages from buildroot
Signed-off-by: Chakra Divi <chakra@openedev.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
In commit b3cc7e65ee, the definition of the DESTDIR variable was moved
down into the loop that follows symlinks in the libraries that are
copied to target. However, the corresponding mkdir was not moved down,
so that no directories are ever created.
In practice, this mkdir is normally redundant since the directories
should already have been created as part of creating STAGING_DIR.
Still, the current situation is clearly wrong, so fix it by moving the
mkdir down to after the assignment to DESTDIR.
While we're at it, also remove a redundant empty line. It's a leftover
from when a lot of variables were declared above.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This simply updates to the latest stable release. WebKitGTK+ versions
in the 2.1x series avoid bumping the dependencies in order to allow
distributions to provide updates, therefore no new dependencies are
needed.
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now all packages have been updated to install things in $(HOST_DIR)/lib
instead of $(HOST_DIR)/usr/lib, there should no longer be any reason
to have $(HOST_DIR)/usr/lib in the RPATH, so we don't allow it any more.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Wolfgang Grandegger <wg@grandegger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>