Commit Graph

50808 Commits

Author SHA1 Message Date
Bernd Kuhls
fef10aee3d package/kodi-visualisation-fishbmc: remove opengl dependency
The addon can also be used with OpenGLES:
https://github.com/xbmc/visualization.fishbmc/blob/Leia/CMakeLists.txt

Updated project URL forgotten in
https://git.buildroot.net/buildroot/commit/?id=4726e93c63d51fe287c62628a9c71c04517d727c

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-23 22:22:28 +01:00
Francois Gervais
78a9eab661 package/rcw: allow not having custom rcwi files
A project could quite possibly have a custom rcw file
that does not rely on any custom rcw include files (rcwi).

Allow the build to succeed if this is the case.

Signed-off-by: Francois Gervais <fgervais@distech-controls.com>
[yann.morin.1998@free.fr: install includes in a separate hook]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 22:16:19 +01:00
Peter Seiderer
7bd10f6d7e package/qt5/qt5webengine: fix translations target install path
Through the evolution of the qt5webengine package patch ([1], [2])
until the initial commit ([3]) the translations target install
path got mangled resulting in a double trailing qtwebengine_locales
path:
  /usr/translations/qtwebengine_locales/qtwebengine_locales
Instead of:
  /usr/translations/qtwebengine_locales

Fixes the translations runtime access failure resulting in the
following warning:

  WARNING:resource_bundle_qt.cpp(116): locale_file_path.empty() for locale

[1] http://lists.busybox.net/pipermail/buildroot/2015-July/132010.html
[2] https://patchwork.ozlabs.org/patch/640633
[3] https://git.buildroot.net/buildroot/commit/?id=89080bac9bc47946a09c1e74f2f872363bf6785b

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-23 22:10:55 +01:00
Peter Seiderer
efec7980f7 package/libinput: bump version to 1.15.2
For details see [1].

[1] https://lists.freedesktop.org/archives/wayland-devel/2020-February/041227.html

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-23 22:07:51 +01:00
Fabrice Fontaine
6b4581e7b3 package/openvmtools: fix build with NLS
Fixes:
 - http://autobuild.buildroot.org/results/e0e7ed448df8bdd6cb13a0989d7a6c7dbaa5bc4e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-23 21:46:22 +01:00
Fabrice Fontaine
d71bae7af7 package/sispmctl: bump to version 4.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-02-23 21:44:16 +01:00
Yann E. MORIN
4a81bc26c9 package/gobject-introspection: add missing newline at end of wrappers
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 21:22:52 +01:00
Fabrice Fontaine
1a75bb9089 package/smartmontools: fix build without stack-protector
Fixes:
 - http://autobuild.buildroot.org/results/0de9f2a69fa2a39164211299f8a429d2fec6935a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 19:25:09 +01:00
Yann E. MORIN
fa8877fb02 Revert "package/smartmontools: fix build without stack-protector"
This reverts commit dc171f123c, which was
aimed at the next branch, not master.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 19:21:39 +01:00
Fabrice Fontaine
dc171f123c package/smartmontools: fix build without stack-protector
Fixes:
 - http://autobuild.buildroot.org/results/0de9f2a69fa2a39164211299f8a429d2fec6935a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 17:48:47 +01:00
Bernd Kuhls
346fda84eb package/{mesa3d, mesa3d-headers}: bump version to 20.0.0
Added optional dependency to zstd present due to upstream commit:
https://cgit.freedesktop.org/mesa/mesa/commit/?id=a8d941091f72923561a6c58b46ccb264b6a0e205

Replaced MESA_EGL_NO_X11_HEADERS define with EGL_NO_X11 due to upstream
commit:
https://cgit.freedesktop.org/mesa/mesa/commit/?id=6202a13b71e18dc31ba7e2f4ea915b67eacc1ddb

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 14:16:01 +01:00
Carlos Santos
3da205b274 package/busybox: fix individual binaries installation
Call BUSYBOX_INSTALL_INDIVIDUAL_BINARIES in BUSYBOX_INSTALL_TARGET_CMDS,
not in BUSYBOX_INSTALL_INIT_SYSV. This should have been done in commit
b1e07d6d79 but was somehow lost during the
review/aply process.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 13:04:26 +01:00
Yegor Yefremov
593bba41ab support/testing: add libftdi1 test case
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 11:12:09 +01:00
Yegor Yefremov
135cc97eef package/libftdi1: fix unresolved symbol issue
GCC later than 5.x produce _fdti1.so file with an undefined
symbol str2charp_size due to C99 inline semantics change. So
remove this keyword.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[yann.morin.1998@free.fr: add upstream status]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 11:11:50 +01:00
Giulio Benetti
ed50e44224 package/at: fix parallel build failure
Add a patch to finally fix parallel build failure. Patch is pending
upstream:
https://salsa.debian.org/debian/at/merge_requests/14

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 09:45:10 +01:00
Peter Korsgaard
950e81fd17 package/tpm2-tss: bump to version 2.3.3
Bugfix release, fixing a number of issues:

- Fixed mixing salted and unsalted sessions in the same ESAPI context
- Removed use of VLAs from TPML marshal code
- Added check for object node before calling compute_session_value function
- Fixed auth calculation in Esys_StartAuthSession called with optional parameters
- Fixed compute_encrypted_salt error handling in Esys_StartAuthSession
- Fixed exported symbols map for libtss2-mu

The 2.3.3 tarball accidently contains a Makefile-fuzz-generated.am with
content from a fuzz testing run (rather than an empty file as in earlier
releases), confusing autoreconf together with our
0001-configure-Only-use-CXX-when-fuzzing.patch.

Work around that by adding a post-patch hook to truncate the file.  The
issue has been reported upstream and the release logic has been changed to
ensure this does not happen again for future releases:

d163041e3b

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 09:38:06 +01:00
Baruch Siach
d01e808bfe docs/manual: clarify the <PKG>_PATCH_DEPENDENCIES guarantee
Unlike <PKG>_DEPENDENCIES, <PKG>_PATCH_DEPENDENCIES only guarantees
extract and patch of listed dependencies, not build. Make this subtlety
more explicit in the documentation.

Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
[yann.morin.1998@free.fr: slight fix]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 09:30:27 +01:00
Fabrice Fontaine
07fd2da595 package/mbedtls: security bump to version 2.16.5
- Fix potential memory overread when performing an ECDSA signature
   operation. The overread only happens with cryptographically low
   probability (of the order of 2^-n where n is the bitsize of the
   curve) unless the RNG is broken, and could result in information
   disclosure or denial of service (application crash or extra resource
   consumption).
 - To avoid a side channel vulnerability when parsing an RSA private
   key, read all the CRT parameters from the DER structure rather than
   reconstructing them.
 - Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 09:27:49 +01:00
Fabrice Fontaine
62e65fd50d package/luv: fix build with gcc 4.8
Fixes:
 - http://autobuild.buildroot.org/results/83b34e606b128546da8a70836d039090e334a1ec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: mark patch accepted upstream]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 09:26:10 +01:00
Fabrice Fontaine
0910230231 package/smartmontools: bump to version 7.1
- systemd optional dependency has been added in version 7.0
- Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 08:50:26 +01:00
Giulio Benetti
f36c045e7b package/libsvgtiny: fix parallel build
Fix previous commit[1] which purpose was to fix parallel build. It
didn't work since it assigned $(MAKE1) to LIBSVGTINY_MAKE, but this is a
generic-package and building is done using $(MAKE), then LIBSVGTINY_MAKE
was ignored. Let's substitute instead $(MAKE) with $(MAKE1) in
LIBSVGTINY_BUILD_CMDS.

[1]:
https://git.buildroot.net/buildroot/commit/?id=26d67a2599d6c88facd5178de853fa355244e7c2

Fixes:
http://autobuild.buildroot.net/results/67d/67d341c0cc272323d6e231a20796a6848c21d760/

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
  - use $(MAKE1) in all three step
  - move comment out of the define
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-23 08:48:01 +01:00
Adam Duskett
6da6cb2c31 package/gobject-introspection: depend on python3
Currently, the Config.in file has the line:
select BR2_PACKAGE_PYTHON3 if !BR2_PACKAGE_PYTHON

This line is incorrect as gobject-introspection does not support python2.
Instead, remove the select line and make python3 a dependency with a new
message that explains that gobject-introspection requires python3.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - move the explanations from the commit log to the code
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 22:40:32 +01:00
Yann E. MORIN
ea8dd081aa infra: don't be verbose when calling the instrumentation steps
Commit 509db3b88a added calls to (parts of) the instrumentation steps.
However, those calls are echoed, unlike the other places where we call
them (in the package infra).

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Acked-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
2020-02-22 22:29:34 +01:00
Romain Naour
73835f5766 package/mesa3d: gbm needs a DRI driver or a Gallium driver w/ EGL
src/gbm/cd6bfad@@gbm at sha/main_backend.c.o: In function `_gbm_create_device':
backend.c:(.text+0x38): undefined reference to `gbm_dri_backend'
backend.c:(.text+0x40): undefined reference to `gbm_dri_backend'
backend.c:(.text+0x74): undefined reference to `gbm_dri_backend'
backend.c:(.text+0x78): undefined reference to `gbm_dri_backend'
collect2: error: ld returned 1 exit status

This issue has been trigged since [1]:
"package/mesa3d: add option to configure gbm support"

Before the patch, the gbm support was autodetected by meson and enabled
only when at least one dri driver was enabled [2].

On the Buildroot side, the gbm support was explicitely enabled only when
BR2_PACKAGE_MESA3D_OPENGL_EGL was set.

We have two cases:
- At least one DRI driver.
- No DRI driver but one Gallium w/ EGL enable (EGL selected or not by the
  Gallium driver). In this case the meson build system set with_dri to true
  (even if no DRI driver is enabled) to use the builtin:egl_dri2 [3].

The gbm's meson build system seems to handle the case where no dri driver is
enabled [4] but it still use main/backend.c source file [6] that use
gbm_dri_backend [7]. So with_dri2 must always be set.

Probably a missing check in meson.build:

 if with_gbm and not with_dri
   error('GBM backend needs a dri driver or a gallium driver w/ EGL support.')
 endif

Add a dependency on GBM option:

 depends on BR2_PACKAGE_MESA3D_DRI_DRIVER \
         || (BR2_PACKAGE_MESA3D_GALLIUM_DRIVER && BR2_PACKAGE_MESA3D_OPENGL_EGL)

Fixes:
http://autobuild.buildroot.net/results/b9b6281983388dc22d929887d653da3db60f1f2c

[1] b6c051acf7
[2] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/meson.build#L348
[3] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/meson.build#L212
[4] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/src/gbm/meson.build#L37
[5] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/src/gbm/meson.build#L24
[6] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/src/gbm/main/backend.c#L38
[7] http://lists.busybox.net/pipermail/buildroot/2020-February/274425.html

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr: fix dependency of comment]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 20:00:07 +01:00
Fabrice Fontaine
03ec10a70f package/bash: fix build on uclibc
Fixes:
 - http://autobuild.buildroot.org/results/2ae2eca969e6d1febcacb8b0423ced3aad7505a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:39:50 +01:00
Fabrice Fontaine
bbee4b884d package/bash: add upstream patches
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:37:37 +01:00
Romain Naour
59dfa879fb package/mesa3d: select gbm if no glx, no egl and no osmesa-classic
This issue has been trigged since [1]:
"package/mesa3d: add option to configure gbm support"

Before the patch, the gbm support was autodetected by meson and enabled
only when at least one dri driver was enabled [2].

On the Buildroot side, the gbm support was explicitely enabled only when
BR2_PACKAGE_MESA3D_OPENGL_EGL was set.

Now, the gbm support is explicitely disabled but the meson build system
check if at least one option OpenGL GLX or OpenGL EGL or GBM or
OSMesa (classic) library is enabled [3].

The previous behavious was to enable GBM when GLX, EGL and OSMesa are
disabled. So select GBM symbol for this case.

Fixes:
http://autobuild.buildroot.net/results/a14f329560f8022f7ba8ec43ad8eed84e005d226

[1] b6c051acf7
[2] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/meson.build#L348
[3] https://gitlab.freedesktop.org/mesa/mesa/blob/19.3/meson.build#L449

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Tested-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:34:48 +01:00
Romain Naour
37f3d09d46 package/jpeg-turbo: force fPIC for shared libraries
When BR2_SSP_ALL is set, there is a link issue due to missing -fPIC in CFLAGS.
Set CMAKE_POSITION_INDEPENDENT_CODE=ON to add it.

This is a similar fix as for gtest package [1]

[1] https://git.buildroot.net/buildroot/commit/?id=2026621f3c60167aa8ba48e658be1b214d1347d7

Fixes:
http://autobuild.buildroot.net/results/e1f/e1f164cee16b037c0232fdda40fc16caf8f0c0af

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Murat Demirten <mdemirten@yh.com.tr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:31:45 +01:00
Gilles Talis
1e035d765f package/libeXosip2: bump to version 5.1.1
- Removed patch that was applied upstream
- Removed AUTORECONF request that came with patch
- Updated library's download name

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:16:00 +01:00
Gilles Talis
cf2317dacf package/libosip2: bump to version 5.1.1
Removed patch that was applied upstream

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:15:57 +01:00
Gilles Talis
1ce85392d0 DEVELOPERS: add Gilles Talis for libosip2 and libeXosip2
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:13:34 +01:00
Carlos Santos
a3ff0caefc package/radvd: disable by default in systemd preset-all
We don't provide a configuration file, so disable radvd by default.

Update the help message with instructions on how to enable radvd at
build time with systemd.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-22 19:11:40 +01:00
Bernd Kuhls
b467d58063 package/php: security bump version to 7.4.3
Changelog: https://www.php.net/ChangeLog-7.php#7.4.3

Fixes CVE-2020-7061, CVE-2020-7062 & CVE-2020-7063.

Removed patch applied upstream:
f0f5c415a6

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-21 09:41:49 +01:00
Yann E. MORIN
bd99af3742 toolchain/external: fix SSP help texts for custom toolchains
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 23:11:12 +01:00
Thomas Petazzoni
058dc9aa0b Config.in: ensure BR2_SSP_STRONG can only be selected if supported
This commit ensures that BR2_SSP_STRONG cannot be chosen if the
toolchain doesn't support strong SSP.

Fixes:

  http://autobuild.buildroot.net/results/cba93a681d10692c4e4c5584e4c962bd18a608d4/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:58:03 +01:00
Thomas Petazzoni
522a851be7 toolchain/toolchain-external/toolchain-external-custom: add option to indicate SSP_STRONG support
This commit adds a user-visible option
BR2_TOOLCHAIN_EXTERNAL_HAS_SSP_STRONG, which will allow the user to
indicate if the custom external toolchain does or does not have
SSP_STRONG support. Depending on this, the user will be able to use
(or not) the BR2_SSP_STRONG option.

Checking if what the user said is true or not about this is already
done in toolchain/toolchain-external/pkg-toolchain-external.mk:

        $$(Q)$$(call check_toolchain_ssp,$$(TOOLCHAIN_EXTERNAL_CC),$(BR2_SSP_OPTION))

If the user selects BR2_SSP_STRONG, this will check if
-fstack-protector-strong is really supported.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:58:03 +01:00
Thomas Petazzoni
2b75114392 toolchain: add hidden BR2_TOOLCHAIN_HAS_SSP_STRONG boolean
This will allow toolchain to indicate if they support
-fstack-protector-strong or not.

Whenever the gcc version is >= 4.9, we always have SSP_STRONG support
if we have SSP support. However, some toolchains older than gcc 4.9
might have backported SSP_STRONG support, which is why we cannot rely
just on BR2_TOOLCHAIN_GCC_AT_LEAST_4_9.

Having this "default" value allows to avoid adding a "select
BR2_TOOLCHAIN_HAS_SSP_STRONG" in the internal toolchain logic plus in
almost external toolchains. But it allows custom external toolchains
that are pre-4.9 to potentially declare that they support strong SSP.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:58:02 +01:00
Yann E. MORIN
2bb9b7c56b package/sdbusplus: fix indentation
Fix a check-package error introduce by 6bf74ce3db (package/sdbusplus:
create m4 directory before autoreconf):

    package/sdbusplus/sdbusplus.mk:29: expected indent with tabs

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: John Faith <jfaith@impinj.com>
Cc: Michael Walle <michael@walle.cc>
2020-02-20 22:54:53 +01:00
Adam Duskett
7687a396e8 package/gobject-introspection: new package
GObject introspection is a middleware layer between C
libraries (using GObject) and language bindings. The C library
can be scanned at compile time and generate a metadata file,
in addition to the actual native C library. Then at runtime,
language bindings can read this metadata and automatically
provide bindings to call into the C library.

There's an XML format called GIR used by GObject-Introspection.
The purpose of it is to provide a standard structure to access the complete
available API that a library or other unit of code exports. It's
language-agnostic using namespaces to separate core, language, or
library-specific functionality.

Cross-compiling gobject-introspection is not an easy task. The main issue is
that in the process of creating the XML files, gobject-introspection must first
run and scan the binary, which, if the binary is cross-compiled, would not
typically be possible from the host system.

Because of this limitation, we use several wrappers to call instead first out
qemu, which runs the native scanner to create the binaries.

There are seven total patches and four different wrapper files needed to
successfully cross-compile and run this package, many of them are from
open-embedded, but one of them is of my own doing.

1) Revert a previous, incomplete attempt at adding cross-compiling support.

2) Add support for cross-compiling with meson.

3) Disable tests.

4) Add an option to use a binary wrapper; this patch will force giscanner to
   use a wrapper executable to run binaries it's producing, instead of
   attempting to run them from the host.

5) Add an option to use an LDD wrapper, again, useful for cross-compiled
   environments.

6) Add a --lib-dirs-envar option to pass to giscanner. (See patch for details.)

7) Add rpath-links to ccompiler: when passing the PACKAGE_GIR_EXTRA_LIBS_PATH
   to the ccompiler.py script, ccompiler.py needs to add -Wl,-rpath-link to the
   environment for the package to correctly link against the passed on paths.

8) Ignore error return codes from ldd-wrapper because prelink-rtld returns 127
   when it can't find a library, which breaks subprocess.check_output().

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
  - host-prelink-cross has no Kconfig entry
  - reorder dependencies for arch deps first
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:16:30 +01:00
Adam Duskett
0157b6032d package/pkgconf: prepend sysroot paths to common gobject-introspection utils
Many autotools packages call pkg-conf to inquire as to where the following
utilities are:

g_ir_scanner
g_ir_compiler
g_ir_generate

Because gobject uses wrappers to call qemu, prepending the sysroot to the paths
of these compilers is necessary.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:11:16 +01:00
Adam Duskett
8af40358e3 package/prelink-cross: new package
Prelink-cross emulates a runtime linker for a given sysroot. This is
necessary to allow gobject-introspection to build its typelib files
during cross-compiling.

We're using a sha1 on the cross_prelink branch, as we need the
RTLD-enabled variant of prelink-cross.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - drop HOST_ prefix for inherited variables
  - fix licensing info to "or-later"
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:10:19 +01:00
Adam Duskett
f0a583ddc4 package/gdb: depend on libiberty
If present, GDB may use a system installed libiberty. As such, we must ensure
that host-libiberty is installed first.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:07:17 +01:00
Adam Duskett
9c2126c963 package/libiberty: new package
Some packages, like prelink-cross, want to use libiberty but do not bundle
their own instance (which is good!).

However, libiberty is made for being bundled in packages: all GNU
packages that use libiberty (gcc, Binutils, gdb, et al...) all have their own
bundled variant. This common practice means that there is no official upstream
for libiberty, the closest being as part of the combined Binutils-gdb tree.

So we introduce a new host-only package, that installs just libiberty from a
Binutils released tarball.

Again, as packages usually bundle libiberty, it usually only installs a static
version. Furthermore, it does not obey the usual --enable-shared and
--disable-static flags; it only ever builds a static version.

Furthermore, -fPIC is not used with this library, but some packages may pick it
to build shared objects. This behavior is the case for host-gdb, for example,
which accidentally picks that library instead of its internal one.

So, rather than fix the various gdb versions and variants we can use, we ensure
that the libiberty we install is usable in shared objects, and we always build
before host-gdb.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
  - fix DL_SUBDIR for a host-only package
  - add licensing info
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-02-20 22:06:39 +01:00
Arnout Vandecappelle (Essensium/Mind)
4d84b08507 docs/website: add commercial support section
Add a section to the support page for commercial support.

Add Mind, Bootlin and Smile in that section.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 21:32:23 +01:00
Titouan Christophe
712f81c41c support/scripts/pkg-stats: iterate over CVEs in streaming
The NVD files that are used to build the list of CVEs affecting
Buildroot packages are quite large (a few hundreds MB of json),
and cause the pkg-stats scripts to have a huge memory footprint
(a few GB with Python 2.7).

However, because we only need to iterate on CVE items one by one,
we can process them in streaming (ie decoding one CVE at a time
from the JSON representation). Because the json module from the
python standard library does not support such a mode of operation,
we switch to the third-party package ijson, which is compatible
with both Python 2 and Python3.

To run the script with these modifications, one should install
the ijson python package. This can be done with pip:
`pip install ijson`. On Debian based distributions, this can
also be done with the apt package manager:
`apt install python-ijson`.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 21:31:05 +01:00
Peter Korsgaard
dde8aa05b9 package/ipsec-tools: annotate _IGNORE_CVES for the included security patches
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 13:16:58 +01:00
Peter Korsgaard
ca9700cd62 package/vorbis-tools: annotate _IGNORE_CVES for the included security patches
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 13:16:52 +01:00
Peter Korsgaard
f80814a6a4 package/libtomcrypt: annotate _IGNORE_CVES for the included security patches
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 13:16:50 +01:00
Peter Korsgaard
91126d8863 package/libsndfile: annotate _IGNORE_CVES for the included security patches
Also mark CVE-2018-13419 as disputed.

[Peter: add dispute link as suggested by Thomas]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 13:15:22 +01:00
Peter Korsgaard
ab7f5a8d39 package/audiofile: annotate _IGNORE_CVES for the included security patches
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-20 13:13:23 +01:00