The meson script includes the full path to the python interpreter. In
deep build trees, this path can be more than 128 characters long, which
is the limit for how long a shebang may be.
Notice that this has been bumped to 256 since kerel 5.1, but the issue still
persists:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eb3c3d0a52dca337e327ae8868ca1f44a712e02
In older kernels, this limit was silently ignored, leading to potential
bugs, but newer kernels enforce that limit, and refuse to execve() the
script, returning with NOEXEC. Since the script is +x, the shell (any
bourne shell, as well as the C shell) will conclude from that situation that
they should interpret it as a shell script, which it obviously is not.
Fix the problem by replacing the shebang with a call to /usr/bin/env
which will redirect to the correct python3 interpreter found in the
PATH.
Note however that this means our meson installation can no longer be
called from outside of the meson-package infrastructure anymore (not
that we ever supported it before, but who knows what people may have
done in their br2-external), unless one does set the PATH to include
$(HOST_DIR)/bin/ earlier than a system-provided python3 would be found.
Fixes: #12331#12461
Reported-by: Jean-pierre Cartal <jpcartal@free.fr>
Reported-by: Matthias Weißer <m.weisser.m@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Kodi 18.0-Leia implements stand-alone gbm support alongside x11 &
wayland. To enable building gbm support in mesa3d without x11 &
wayland we need to add a specific configure option for it.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For details see upstream PR 12664.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
- add BR2_PACKAGE_HAS_LIBGL dependency to
BR2_PACKAGE_KODI_PLATFORM_SUPPORTS_WAYLAND_GL
- don't select BR2_PACKAGE_WAYLANDPP from the blind options, but
instead from the visible options]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
With the upcoming bump to weston 8, the meaning for the "native backend"
has been removed, and replaced by a new option to set the "default
backend". However, the way we handle the "native backend" option
nowadays is very semantically similar to the upcoming "default backend"
option.
However, as of today, when more than one backend are enabled, the last
one defined in the .mk wins, which is not obvious when looking at the
menuconfig order...
So, we introduce a choice to select the default backend. That enforces
the backend is enabed, leaving the others as additional backends.
It is to be noted that the RDP backend can't be selected as the native
(soon default) backend, so it does not get an entry in the choice.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- write a commit log
- merge short lines
- rename optons (no _BACKEND)
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Upstream commit
99bb0ee7cb
removed the dependency on locale support provided by the toolchain.
Removed reverse dependencies as well.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
collectd has sub-options for all its different plugins and features,
so let's do the same for the lua functionality, instead of using
automatic dependencies.
Signed-off-by: Tom Marcuzzi <tom.marcuzzi@orolia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the kernel is built for the target, the build may need various host
libraries depending on config (and kernel version), so use HOST_MAKE_ENV
instead of TARGET_MAKE_ENV.
In particular, this ensures that our host-pkgconf will look for host
libraries and not target ones.
Fixes building scripts/dtc for Buildroot configurations enabling libyaml and
host-pkgconf for kernels after commit 067c650c45 (dtc: Use pkg-config to
locate libyaml).
With this enabled, we can drop the PKG_CONFIG_* variables for the
_NEEDS_HOST_LIBELF conditional, as those are included in HOST_MAKE_ENV.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
At this point Buildroot doesn't allow to use mbedTLS crypto
backend even though libssh supports it. In case of fully statically
linked ELF executables the size difference between OpenSSL and mbedTLS
is significant: it matters for embedded targets with very limited
storage.
This patch adds support for compiling libssh with mbedTLS as a crypto
backend. It also allows the selection of the crypto backend libssh will use
through a choice in the package config, similar to libssh2.
Currently, the selection of the backend is based on a priority order,
which is not always desirable, as in some cases multiple backends
can exists at the same time for various reasons.
Signed-off-by: Mircea Gliga <gliga.mircea@gmail.com>
[Peter: use depends on rather can select for consistency with libssh2]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop patch #2. Upstream commit d8a5d49c2d8359 includes stddef.h in a
higher level header.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
A trailing whitespace was added by commit
26c16e9d5b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This version brings bug fixes, enhancements and a new script utility,
scriptlive. For detailed information see the release notes:
http://www.kernel.org/pub/linux/utils/util-linux/v2.35/v2.35-ReleaseNotes
Pull some fixed applied after the release.
Disable the use of code under GPLv3 included in hwclock since v2.30. The
subject was discussed upstream[1] and it was decided that hwclock will
be made GPLv2-only again in v2.36, so do it in advance in Buildroot.
Meanwhile, be warned that all OS images selecting hwclock built with
Buildroot since commit 74235a6854 (util-linux: bump to version 2.30)
contain code under GPLv3, which imposes some technical difficulties to
include in embedded systems. For more information see GPLv3, Section 6,
"Conveying Non-Source Forms", and the definitions of User Product and
Installation Information[2].
1. https://lore.kernel.org/util-linux/20200127202152.4jh2w4chch37wgee@ws.net.home/T/#t
2. https://www.gnu.org/licenses/gpl-3.0.html
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This will ensure the downloads have nicer filenames in the download
directory, e.g.:
4.0.4-Leia-18.4.tar.gz --> kodi-ffmpeg-4.0.4-Leia-18.4.tar.gz
Update the hashes list accordingly.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: expand comit log with additional explanations]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Lots of changes with this big leap:
- autotools is deprecated and replaced with meson
- demo clients now need pango
---------------------------
The dbus option in autotools is replaced with launcher-logind in meson.
Replaced WESTON_NATIVE_BACKEND with backend-default in meson.
Added optional pipewire dependency.
Added patch fixing missing include in os-compatibility.c.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Stock weston has been migrated to meson, now the only buildsystem
starting with version 8, but the IMX fork is still stuck With the
older version 6, which only has the autotools buildsystem.
As a consequence, either we make weston a hybrid package that calls
to the appropriate package macro infra, or we split the IMX fork off
to its own package.
meson and autotools have two different ways to express passing options,
so we can't factorise the code paths to support both buildsystems:
we'd need to duplicate those depending on the variant used.
So, it's much more sensible to spin he IMX variant away. Besides, that
will make it easier to drop it, should it eventually gets merged
upstream (or the fork just dies off).
We ensure that the two variants, vanilla and IMX, can't get selected at
the same time, by making weston-imx depend on !weston, and hiding it
behind IMX conditionals.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
- drop !BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_WL dependency from stock weston
- make weston-imx depends on !weston
- rework commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
python script is compatible with python3 since 2.1.10 and
532a8cc301
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
openssl is an optional dependency since version 1.4.1 and
789cf4a852
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Retrieve official tarball instead of using github as specified in
https://github.com/bitcoin/bitcoin/releases/tag/v0.19.0.1
- Remove patch (already in version)
- Update hash of COPYING (update in year:
ae5594d51b)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
At the moment there are 2 patches with the same id(0001-xxx.patch) so
let's rename one of them to 0002-xxx.patch.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The oldest toolchain we test in the autobuilders is the Sourcery ARM
toolchain which is GCC 4.8 and kernel headers 3.13. Therefore, it is
likely that we're missing the required _AT_LEAST dependencies to exclude
packages that don't build with older GCC/headers.
Add a comment to the custom external toolchain that warns when an
untested GCC or kernel headers version is selected.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This patch bump fail2ban to verison 0.11.1.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libcap-ng is an optional dependency since a very long time (2010) and
24882d3672
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Notice that 1.8.31 fixes a security issue with the non-default pwfeedback
option, but according to the advisory this is not exploitable in 1.8.28:
versions 1.8.26 through 1.8.30 it is not exploitable due to a change in EOF
handling introduced in sudo 1.8.26
https://www.sudo.ws/alerts/pwfeedback.html
Adjust license hash as the copyright year was changed:
- Copyright (c) 1994-1996, 1998-2019
+ Copyright (c) 1994-1996, 1998-2020
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixed the following security issue:
- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
search for certain plugins first on the current working directory of the
application, which allows an attacker that can place files in the file
system and influence the working directory of Qt-based applications to
load and execute malicious code. This issue was verified on macOS and
Linux and probably affects all other Unix operating systems. This issue
does not affect Windows.
- CVE-2020-0570: QLibrary in Qt versions 5.12.0 through 5.14.0, on certain
x86 machines, would search for certain libraries and plugins relative to
current working directory of the application, which allows an attacker
that can place files in the file system and influence the working
directory of Qt-based applications to load and execute malicious code.
This issue was verified on Linux and probably affects all Unix operating
systems, other than macOS (Darwin). This issue does not affect Windows.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed the following security issue:
- CVE-2020-0569: QPluginLoader in Qt versions 5.0.0 through 5.13.2 would
search for certain plugins first on the current working directory of the
application, which allows an attacker that can place files in the file
system and influence the working directory of Qt-based applications to
load and execute malicious code. This issue was verified on macOS and
Linux and probably affects all other Unix operating systems. This issue
does not affect Windows.
For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/01/30/1
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Peter: extend commit message]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Removed patch which was applied upstream:
69b4230c36
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Allow specifying additional build targets for ATF.
This might be more useful when using a custom git repository.
For example, when using with the ATF repository from NXP QorIQ,
there is a new build target 'pbl' which is used to build the
pbl binary image. Note that in the specific case of the 'pbl'
target, additional build variables also need to be specified
through BR2_TARGET_ARM_TRUSTED_FIRMWARE_ADDITIONAL_VARIABLES.
Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
patch 0005 has been sourced from upstream, and can be dropped when
7.4.3 is released.
The mbstrings module used to use a bundled oniguruma library, but now
uses an external one, hence the new dependency on this package for the
mbstrings module.
The hash of the license file has changed due to this change in the
copyright year:
-Copyright (c) 1999 - 2018 The PHP Group. All rights reserved.
+Copyright (c) 1999 - 2019 The PHP Group. All rights reserved.
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>