Commit Graph

366 Commits

Author SHA1 Message Date
Julien Olivain
2f54c2a841 security hardening: add support for glibc _FORTIFY_SOURCE=3
A new _FORTIFY_SOURCE=3 level was introduced in glibc, in commit:
https://sourceware.org/git/?p=glibc.git;a=commit;h=c43c5796121bc5bcc0867f02e5536874aa8196c1

This commit was first included glibc 2.33. At that time, it was only
supported by llvm/clang 9, and not by any released gcc version.

To support _FORTIFY_SOURCE=3, the needed gcc features were introduced
in version 12. The gcc 12 support was added in glibc commit:
https://sourceware.org/git/?p=glibc.git;a=commit;h=86bf0feb0e3ec8e37872f72499d6ae33406561d7
This commit was first included in glibc 2.35.

Buildroot updated to glibc 2.35 in commit:
https://git.buildroot.org/buildroot/commit/?id=68d0aede597d32816c5b2ff32de0ce33cc14eb93

Buildroot introduced gcc 12 support in commit:
https://git.buildroot.org/buildroot/commit/?id=0f1ad4fc93286adaba852c99d6e1c2565b5c4258

Support for _FORTIFY_SOURCE=3 can now be added.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-12-31 18:41:58 +01:00
Thomas Petazzoni
d349d50dac package/Makefile.in: only error out when no C library is configured when building
Commit fda53f0791 ("package/Makefile.in:
add detection for the lack of C library") added an $(error ...)
message when no C library is available for the currently selected
architecture.

However, this error message pops up not just when building, so for
example, the command:

  make BR2_HAVE_DOT_CONFIG=y VARS=%_LICENSE printvars

no longer works (this command is used by the pkg-stats script).

We restore a functional behavior by doing the check only when
BR_BUILDING=y.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-08-21 21:28:44 +02:00
Yann E. MORIN
84fe8e694e package: drop csky support in toolchain-related packages
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-07-27 17:00:30 +02:00
Thomas Petazzoni
fda53f0791 package/Makefile.in: add detection for the lack of C library
We recently had several cases of architecture configurations for which
no C library was available, leading to a build failure during the gcc
build. In order to more easily detect those bogus configurations,
let's bail out very early by detecting the lack of C library
selection.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - move as final else clause in existing conditional block
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-07-27 09:56:15 +02:00
Peter Korsgaard
dd170f0cba Revert "package/Makefile.in: Use 64-bit time_t with glibc toolchains for > year 2038 support"
This reverts commit 6e33e59080.

This unfortunately breaks a number of packages, as glibc errors out if 64bit
time_t is used without 64bit file offsets, and some packages undefine
_FILE_OFFSET_BITS leading to build breakage:

 #  if ! defined (_FILE_OFFSET_BITS) || _FILE_OFFSET_BITS != 64
 #   error "_TIME_BITS=64 is allowed only with _FILE_OFFSET_BITS=64"
..

So revert it for 2022.02.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-08 12:49:49 +01:00
Romain Naour
6e33e59080 package/Makefile.in: Use 64-bit time_t with glibc toolchains for > year 2038 support
To use time_t 64-bit for glibc >= 2.34 toolchains we have to set both
_FILE_OFFSET_BITS=64 and _TIME_BITS=64 for glibc toolchains. Buildroot
already define _FILE_OFFSET_BITS=64 since 2008 [1] before the first
release tag 2009.02.

_TIME_BITS is not needed for musl libc since it already year2038
ready [2].

The uclibc-ng libc only support time_t 32-bit (long int) so it will be
affected by the year2038 issue [3].

Fixes (in French, chapter Buildroot 2022 and GlibC):
https://www.blaess.fr/christophe/2038

Runtime tested with qemu_arm_vexpress_defconfig and the Bootlin glibc
bleeding-edge 2021.11-1 toolchain.

Before:
 # date
 Tue Jan 19 03:14:07 UTC 2038
 # date
 Thu Jan  1 00:00:00 UTC 1970

After:
 # date
 Tue Jan 19 03:14:07 UTC 2038
 # date
 Tue Jan 19 03:14:08 UTC 2038
 # date
 Tue Jan 19 03:14:09 UTC 2038

[1] 60b5eee76e
[2] https://git.musl-libc.org/cgit/musl/tree/include/alltypes.h.in?h=v1.2.2#n3
[3] https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/include/time.h?h=v1.0.40#n75
    https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/libc/sysdeps/linux/common/bits/types.h?h=v1.0.40#n106

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Christophe Blaess <christophe.blaess@logilin.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-07 20:52:04 +01:00
Norbert Lange
c08fa13d36 package/Makefile.in: use gcc wrappers for binutils tools
This will use gcc-ar, gcc-nm and gcc-ranlib instead of the normal
binutils tools. The difference is that with the wrappers, gcc plugins
will be automatically picked up.

gcc 4.7 introduced these wrappers, to detect the prefix and keep gcc
specifics out of Makefile.in, a new variable BR2_TOOLCHAIN_BUTILS_PREFIX
will be used to carry the prefix on supported versions.

Note that binutils added some automatic loading with the 'bfd-plugins'
directory (somewhere around 2.28), but the first implementation had
issues, and generally depends on correctly setup symlinks (often broken,
may point to some other gcc's library). The wrappers always work
painless.

The original motivation (now ~2 years in use) was to add "-flto
-ffat-lto-objects" to both BR2_TARGET_OPTIMIZATION and
BR2_TARGET_LDFLAGS, and have target binaries lto optimized.

Not all packages will compile with this option, further work could
white/blacklist packages (adding -fno-lto to the options).

Signed-off-by: Norbert Lange <nolange79@gmail.com>
[yann.morin.1998@free.fr: don't introduce a Config.in blind option]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-09 16:03:23 +01:00
Patrick Havelange
301a8eae0c package/pkg-cargo.mk: introduce the cargo package infrastructure
In order to be package agnostic, the install phase is now using cargo
instead of install. TARGET_CONFIGURE_OPTS is now also set when running
cargo in order to support cross compiling C code within cargo.

This commit also adds support/download/cargo-post-process to perform
the vendoring on Cargo packages.

The <pkg>_LICENSE variable of cargo packages is expanded with ",
vendored dependencies licenses probably not listed" as currently for
all packages, the licenses of the vendored dependencies are not taken
into account.

Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
[Thomas: add support for host-cargo-package and vendoring]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-08 23:35:40 +01:00
Christoph Hellwig
607a5a3b79 package/Makefile.in: Fix NOMMU RISC-V 64-bits toolchain base name
Using *-uclinux-* seems like an only partially followed convention.
And at least RISC-V 64-bits gcc does not know about uclinux tuples.
So switch back to the normal "linux" one for now.

Signed-off-by: Christoph Hellwig <hch@lst.de>

[Damien]
* Make the change conditional on BR2_RISCV_64 being "y".

Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Acked-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-10-27 14:36:46 +02:00
Damien Le Moal
6d49446ebd package/elf2flt: add RISC-V 64-bits support
Enable selecting elf2flt for RISC-V 64-bits no MMU builds and add
support for it in the form of an additional patch (upstream pull request
https://github.com/uclinux-dev/elf2flt/pull/22).

Also modify the package Makefile.in file to add the -fPIC option to
the target CFLAGS for RISC-V 64-bits no MMU builds.

This patch is based on initial work by Christoph Hellwig <hch@lst.de>.

Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-10-27 14:35:54 +02:00
Damien Le Moal
04d7ea4720 package: Makefile.in: fix elf2flt invocation options
When BR2_BINFMT_FLAT_ONE is selected, elf2flt must be invoked with the
"-r" option to ensure that a single contiguous binary image is created,
regardless of the architecture default image format implemented by
elf2flt.

Signed-off-by: Damien Le Moal <damien.lemoal@wdc.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-10-27 14:24:18 +02:00
Yann E. MORIN
556a0a1104 Revert "make: support: use command -v' instead of which'"
This reverts commit ca6a2907c2.

Switching to using 'command -v' instead of 'which', opened a can of
worms that is hard to fix in a timely manner:

  - recursive call to 'make' from a post-build, post-iamge script, fails
    because of a redefinition of HOSTCC_NOCCACHE (a bug on its own that
    needs a separate fix anyway) [0];

  - 'make' believeing it can call "simple" commands with execve() et al.
    instead of passing them through a shell via system(), and thus
    failing to find 'command' in the PATH [1].

[0] https://lore.kernel.org/buildroot/20211001175329.GA1973888@lbrmn-mmayer.ric.broadcom.net/T/#m95c17eb8374e4e3dd6eee700d397aa12cca0739e
[1] https://lore.kernel.org/buildroot/20211001180304.GV1504958@scaer/T/#m3a8f36bd76ec7d8e5038a6c8932bb6ffe23ea268

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-10-01 20:09:58 +02:00
Petr Vorel
ca6a2907c2 make: support: use command -v' instead of which'
`which' has been discontinued after 2.21 release in 2015 due this (git
repository is empty [1]) and version shipped in Debian produces warning
[2]:

/usr/bin/which: this version of `which' is deprecated; use `command -v' in scripts instead.

`command is POSIX [3] and supported on all common shells (bash, zsh,
dash, busybox sh, mksh).

Patch tested on dash as the default shell.

[1] https://git.savannah.gnu.org/cgit/which.git
[2] 3a8dd10b45
[3] https://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-09-26 23:37:21 +02:00
Yann E. MORIN
a1c7cff1a0 Revert "core: enable 'NDEBUG' unless BR2_ENABLE_RUNTIME_DEBUG is set"
Enabling -DNEBUG, although correct on the paper, causes a lot of
packages to fail to build because they explicitly require not building
with NDEBUG; they use assert() to check actual runtime errors and expect
it to not be elidded away (sometimes with side effects in the arguments
passed to assert().

This reverts commit 5a8c50fe05, as
discussed on the list:
    http://lists.busybox.net/pipermail/buildroot/2021-July/313646.html

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-07-04 21:38:25 +02:00
Thomas De Schampheleire
5a8c50fe05 core: enable 'NDEBUG' unless BR2_ENABLE_RUNTIME_DEBUG is set
The 'assert' statement in glibc honors the 'NDEBUG' preprocessor macro: if
it is set, then the assert statement is compiled away.

Define this 'NDEBUG' macro when BR2_ENABLE_RUNTIME_DEBUG is disabled (the
default case).

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-06-01 22:39:26 +02:00
Thomas De Schampheleire
ebc1ded191 package/Makefile.in: pass '-g0' explicitly if !BR2_ENABLE_DEBUG
If BR2_ENABLE_DEBUG is not set, Buildroot did not pass any flag
to control debug level. This means that the build system of the package
itself would control it.

Instead, provide an explicit '-g0' (no debugging symbols) to get consistent
behavior across packages.

Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-05-25 22:29:44 +02:00
Thomas Petazzoni
efdcd651bf package/Makefile.in: expose CONFIG_DIR to post-build/post-image scripts
Sometimes, post-build or post-image scripts need to reinvoke
Buildroot's make, for example to execute "make printvars".

However, so far post-build/image/fakeroot can't trivially run printvars
in a way that worked for both in-tree and out-of-tree builds. Indeed:

 * "make printvars" would work for in-tree builds, but not out of tree
   builds

 * "make -C ${O} printvars" would work for out-of-tree builds, but not
   in-tree builds

 * "make -C ${BR2_CONFIG%/*} printvars" works in both cases, but it is
   a bit cryptic, and two maintainers did not even immediately think of
   it

In order to solve this, this commit exposes $(CONFIG_DIR) to
post-build/image/fakeroot scripts, through the EXTRA_ENV variable.

The documentation is updated accordingly.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - reference BR2_CONFIG as an exemple
  - slightly reword the commit log accordingly
  - move the doc for CONFIG_DIR next to that of BR2_CONFIG
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-05-06 22:58:54 +02:00
Andreas Naumann
f08a7f3fc5 package/pkg-qmake: new qmake package infrastructure
This provides generic functions for Qt5 qmake based packages. It will
make it possible to remove lots of redefinition of
QT5_xxx_{CONFIGURE|BUILD|INSTALL_STAGING}_CMDS. Additionally it
provides a generic target install method which will make most of the
package specific commands obsolete.

This is done by re-running the install step of the qmake generated
Makefile with the package build directory prepended (to the
staging/host path). Even though this does create lengthy pathes it
allows for easy separation of the staging files from the host destined
files by just omitting the resulting BUILD_DIR+HOST_DIR path from the
following rsync call to the real target folder.  The cleanup of many
files we dont want in target is deferred to the target-finalize
step. In addition to what's being removed already, we also have to
cleanup some Qt5 specific files (prl) and the documentation directory.

This approach was chosen over copying all files recorded in the pkg-files-list
after some discussion which Thomas Petazzoni summed up:
"We don't yet use pkg-files-list really as part of the build
process anywhere, I feel a bit more comfortable at this point with what
Andreas is proposing."

Thanks to this infrastructure, it will be possible to get rid of the
many conditional install commands because qmake already takes care of
this when generating the Makefile install targets with the given or
autodetected configure options of each package.

However, custom install steps may have to remain in cases where a
particular Buildroot option has no corresponding setting in the
packages configuration options.

Signed-off-by: Andreas Naumann <anaumann@ultratronik.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-09 22:26:42 +01:00
Bernd Kuhls
691347e51c package/Makefile.in: remove host-cc-option macro
https://git.buildroot.net/buildroot/commit/?id=91a08ecc998ae232ea6f3525540ed129d8176d18
added a macro solely used by the aespipe package:
https://git.buildroot.net/buildroot/commit/?id=00ecd72c28f103fc7d166f718db81a8b6c4919fa

After the latest version bump of aespipe the package does not need this
macro anymore so we can safely remove it.

Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-10-26 19:17:13 +02:00
Yann E. MORIN
c568b4f37f arch/arc: always needs -matomic with atomic extensions
As reported by Alexey in:
    https://patchwork.ozlabs.org/patch/1087480/
    https://patchwork.ozlabs.org/patch/1087471/

when BR2_ARC_ATOMIC_EXT is enabled, -matomic needs to always be passed
to the compiler to allow atomic instructions to be used. So instead of
passing them through the command-line CFLAGS, we enforce them in the
toolchain wrapper directly.

Reported-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Acked-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-07-18 22:54:36 +02:00
Guo Ren
9f0e3ff8a0 package/Makefile: add C-SKY ABI variable value
In preparation for adding support for the C-SKY architecture in the
internal toolchain backend, we need to make sure that GNU_TARGET_NAME
will contain the appropriate ABI, i.e abiv1 or abiv2 depending on the
selected C-SKY core.

Signed-off-by: Guo Ren <ren_guo@c-sky.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-31 22:59:57 +02:00
Fabrice Fontaine
57ee0f74ec package/Makefile.in: set -fno-dwarf2-cfi-asm for m68k_cf
Another package (libsquish) is affected by the
"Internal error in emit_expr_encoded at dw2gencfi.c:215".

This error already affects 5 packages and is due to binutils, see:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79509

No report has been made to binutils yet however as suggested by Yann
during review of woff2 workaround
(https://patchwork.ozlabs.org/patch/911344/), remove the workarounds
from all these packages and put it in package/Makefile.in

Fixes:

 http://autobuild.buildroot.org/results/77e06c092f4e7804dc166e259b25e779e5f1e83a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-01-13 14:21:52 +01:00
Matt Weber
394bdd11fc BR2_FORTIFY*: toolchain wrapper limitation note
A note is added to tie off the discussion on why moving _FORTIFY_SOURCE
related flags into the toolchain wrapper doesn't currently work.

 - Currently -D_FORTIFY_SOURCE and optimizations are passed through
   CFLAGS

 - Packages like linux-tools ignore CFLAGS entirely and some
   autotools toolchain testing cases dependent on not using
   CFLAGS.

 - If FORTIFY_SOURCE is passed through the wrapper, then linux-tools
   will no longer be able to ignore it, because it's enforced at a
   lower-level and since the optimization -Os/g/1/2/3 are via CFLAGS,
   there is no optimization flag set.  Therefore linux-tools will do
   all its configuration tests with FORTIFY_SOURCE forcefully enabled
   at the wrapper level, but no optimization enabled, and consequently
   tests will fail.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 12:53:03 +02:00
Matt Weber
f10822d151 toolchain/toolchain-wrapper: add BR2_SSP_* support
Migrate the stack protection flag management into the wrapper.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 12:51:21 +02:00
Matt Weber
7484c1c3b8 toolchain/toolchain-wrapper: add BR2_RELRO_
The RELRO/PIE flags are currently passed via CFLAGS/LDFLAGS and this patch
proposes moving them to the toolchain wrapper.

 (1) The flags should _always_ be passed, without leaving the possibility
     for any package to ignore them. I.e, when BR2_RELRO_FULL=y is used
     in a build, all executables should be built PIE. Passing those
     options through the wrapper ensures they are used during the build
     of all packages.

 (2) Some options are incompatible with -fPIE. For example, when
     building object files for a shared libraries, -fPIC is used, and
     -fPIE shouldn't be used in combination with -fPIE. Similarly, -r
     or -static are directly incompatible as they are different link
     time behaviors then the intent of PIE. Passing those options
     through the wrapper allows to add some "smart" logic to only pass
     -fPIE/-pie when relevant.

 (3) Some toolchain, kernel and bootloader packages may want to
     explicitly disable PIE in a build where the rest of the userspace
     has intentionally enabled it. The wrapper provides an option
     to key on the -fno-pie/-no-pie and bypass the appending of RELRO
     flags.
     The current Kernel and U-boot source trees include this option.
     8438ee76b0
     6ace36e19a
     If using PIE with a older Kernel and/or U-boot version, a backport of these
     changes  might be required. However this patchset also uses the
     __KERNEL__ and __UBOOT__ defines as a way to disable PIE.

NOTE: The current implementation via CFLAGS/LDFLAGS has caused some
build time failures as the conditional logic doesn't yet exist in
Buildroot:

https://bugs.busybox.net/show_bug.cgi?id=11206
https://bugs.busybox.net/show_bug.cgi?id=11321

Good summary of the most common build failures related to
enabling pie: https://wiki.ubuntu.com/SecurityTeam/PIE

[Peter: minor cleanups]
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-20 12:50:29 +02:00
Peter Korsgaard
721e4cbb52 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-09-07 13:13:17 +02:00
Yann E. MORIN
a8cea94d5a core: drop useless assignments to BISON and FLEX
They were added back in 5432f26f0 (Adding Central config.cache options),
supposedly to be able to cache the result of configure tests, but they
were never, ever referenced anywhere in our code... Besides, we dropped
the idea of getting a configure cache long ago now (it does not work)...

They are causing spurious error messages on some distros (e.g. Fedora)
which use GNU's which (whatever package that comes from), while it is
silent on other distros (e.g. Ubuntu) which use debianutils' which.

Drop them.

Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-08-19 23:13:03 +02:00
Stefan Sørensen
01d8a0a945 package/Makefile.in: Add missing options to LDFLAGS for full RELRO build
The options for a full RELRO build should also be added to LDFLAGS.

Originally submitted as
http://patchwork.ozlabs.org/patch/904034/

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-10 22:33:17 +02:00
Stefan Sørensen
d4f5801027 package/Makefile.in: Do not use CPPFLAGS for hardening options
The hardening options are compiler flags, not pure pre-processor flags, so
put them in CFLAGS, not CPPFLAGS.

This fixes build errors where -D_FORTIFY_SOURCE=2 whas put in CPPFLAGS and
then applied to configure tests which could fail since the required -O2 is
only in CFLAGS.

Originally submitted as
http://patchwork.ozlabs.org/patch/904057/

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-08-10 22:30:42 +02:00
Joseph Kogut
5d08d34b3d package/Makefile.in: replace invocation of tempfile w/ mktemp in try-run
mktemp is included in GNU Coreutils, and its usage is preferred over
tempfile.

http://lists.gnu.org/archive/html/bug-coreutils/2007-10/msg00134.html

Additionally, some distributions no longer package tempfile, causing
the try-run macro to not work as expected. For example, due to try-run
not behaving as expected, testing for the -no-pie option in the
aespipe package doesn't work, and we build without -no-pie, causing a
build failure.

See also commit 91a08ecc99 (package/Makefile.in: add host-cc-option
macro) which introduced that initial code, explicitly to add -no-pie
when needed.

Fixes:
  http://autobuild.buildroot.net/results/db50f4415d18441f94b641ef6dc5a3672678b8b9/
  http://autobuild.buildroot.net/results/76d73f767d3aab3c97d61188f5666899d72ed82d/
  http://autobuild.buildroot.net/results/6aa9031962603354086b49bc49add92fde496ec2/
  http://autobuild.buildroot.net/results/33d22f4d96fb439be8551355290896ef6d3649df/
  http://autobuild.buildroot.net/results/eeec2ed80e147c172ec2d50958b12cfa38b2cc8d/

Signed-off-by: Joseph Kogut <joseph.kogut@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-06-30 18:21:24 +02:00
Eric Le Bihan
91f7f38106 pkg-meson: new infrastructure
Add a new infrastructure to ease the development of packages that use Meson as
their build system.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Thomas:
 - move global variables definition outside of the inner-meson-package
   macro
 - for consistency, remove double quote around value passed to meson
   in the host configure step.
 - minor formatting fixes.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-05-30 21:58:08 +02:00
Thomas Petazzoni
e2ea4157a9 arch: drop BR2_BINFMT_FLAT_SEP_DATA support
This was only used by Blackfin, so there's no good reason to keep it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-15 22:04:09 +02:00
Angelo Compagnucci
048b06ed3e package/pkg-golang: new package infrastructure
This patch adds a new infrastructure for golang based packages.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout:
 - Rewrap comments to 80 columns.
 - Create a global definition of GO_TARGET_ENV.
 - <PKG>_GO_ENV is appended to the default env instead of replacing it.
 - Add a note to inner-golang-package that only target is supported.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-03-31 19:57:31 +02:00
Yann E. MORIN
4cd1ab1588 core: alternate solution to disable C++
Some packages that use libtool really need some love to be able to
disable C++ support.

This is because libtool will want to call AC_PROG_CXXCPP as soon as CXX
is set non-empty to something different from 'no'. Then, AC_PROG_CXXCPP
will want a C++ preprocessor that works on valid input *and* fail on
invalid input.

So, providing 'false' as the C++ compiler will then require that we do
have a working C++ preprocessor. Which is totally counter-productive
since we do not have a C++ compiler to start with...

bd39d11d2e (core/infra: fix build on toolchain without C++) was a
previous attempt at fixing this, by using the host's C++ preprocessor.

However, that is very incorrect (that's my code, I can say so!) because
the set of defines will most probably be different for the host and the
target, thus causing all sorts of trouble. For example, on ARM we'd have
to include different headers for soft-float vs hard-float, which is
decided based on a macro, which is not defined for x86, and thus may
redirect to the wrong (and missing) header.

Instead, we notice that libtool uses the magic value 'no' to decide that
a C++ compiler is not available, in which case it skips the call to
AC_PROG_CXXCPP.

Given that 'no' is not provided by any package in Debian and
derivatives, as well as in Fedora, we can assume that no system will
have an executable called 'no'. Hence, we use that as a magic value to
disable C++ detection altogether.

Fixes: #10846 (again)

Reported-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Damien Riegel <damien.riegel@savoirfairelinux.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-30 14:22:49 +02:00
Joshua Henderson
ed6a7e18af Config.in: add -Ofast option
-Ofast (introduced in GCC 4.6) It combines the existing optimization level -O3
with options that can affect standards compliance but result in better optimized
code. For example, -Ofast enables -ffast-math.

Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-03-26 22:19:11 +02:00
Matt Weber
20a4583ebf security hardening: add RELFO, FORTIFY options
This enables a user to build a complete system using these
options.  It is important to note that not all packages will
build correctly to start with.

Modeled after OpenWRT approach
https://github.com/openwrt/openwrt/blob/master/config/Config-build.in#L176

A good testing tool to check a target's elf files for compliance
to an array of hardening techniques can be found here:
https://github.com/slimm609/checksec.sh

[Peter: reword fortify help texts, glibc comment]
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-28 15:21:14 +01:00
Yann E. MORIN
bd39d11d2e core/infra: fix build on toolchain without C++
Autotools-based packages that do not need C++ but check for it, and use
libtool, will fail to configure on distros that lack /lib/cpp.

This is the case for example on Arch Linux, where expat fails to build
with:

    configure: error: in `/home/dkc/src/buildroot/build/build/expat-2.2.4':
    configure: error: C++ preprocessor "/lib/cpp" fails sanity check

This is because libtool uses AC_PROC_CXXCPP, which can not be avoided,
and does require a cpp that passes some "sanity" checks (does not choke
on valid input, but does choke on invalid input). So we can use neither
/bin/false nor /bin/true...

We instead need something that can digest some basic C++ preprocessor
input. We can't use the target preprocessor: that does not work, because
it obviously has no C++ cupport:

    arm-linux-cpp.br_real: error: conftest.cpp: C++ compiler not
    installed on this system

We can however consider that the host machine does have a C++ compiler,
so we use the host' cpp, which is gcc's compiler wrapper that ends up
calling the host's C++ preprocessor.

That would give us a valid C++ preprocessor when we don't have one, in
fact. But autotools will then correctly fail anyway, because there is
indeed no C++ compiler at all, as we can see in this excerpt of a
configure log from expat:

    checking whether we are using the GNU C++ compiler... no
    checking whether false accepts -g... no
    checking dependency style of false... none
    checking how to run the C++ preprocessor... cpp
    checking whether the false linker (/home/ymorin/dev/buildroot/O/host/bin/arm-linux-ld) supports shared libraries... yes
    libtool.m4: error: problem compiling CXX test program
    checking for false option to produce PIC...  -DPIC
    checking if false PIC flag  -DPIC works... no
    checking if false static flag  works... no
    checking if false supports -c -o file.o... no
    checking if false supports -c -o file.o... (cached) no
    checking whether the false linker (/home/ymorin/dev/buildroot/O/host/bin/arm-linux-ld) supports shared libraries... yes

So, using the host's C++ preprocessor (by way of gcc's wrapper) leads to
a working situation, where the end result is as expected.

Reported-by: Damien Riegel <damien.riegel@savoirfairelinux.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Damien Riegel <damien.riegel@savoirfairelinux.com>
Cc: Vivien Didelot <vivien.didelot@savoirfairelinux.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-07 15:58:29 +01:00
Arnout Vandecappelle
91a08ecc99 package/Makefile.in: add host-cc-option macro
This macro allows to test if HOSTCC supports a specific option. It is
needed to pass '-no-pie' on recent Debian, Ubuntu and Gentoo hosts.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-22 23:35:02 +02:00
Peter Korsgaard
0e99bef2fb package/Makefile.in: export O= to post-build/image scripts for out-of-tree builds
Sometimes it can be interesting to call back into buildroot from a
post-build/image script (E.G. make printvars or similar). For this to work
correctly with out-of-tree builds we need to pass O= to make, but this is
currently not available in the environment of post-build/image scripts.

In concept, O could be derrived from BUILD_DIR (E.G. by stripping /build),
but directly exporting O is cleaner.

O= cannot be exported globally as it interferes with various build systems,
so instead add it to EXTRA_ENV.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-15 10:10:56 +02:00
Arnout Vandecappelle
3b91bd4791 Globally replace $(HOST_DIR)/usr/share with $(HOST_DIR)/share
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.

This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/share' | xargs sed -i 's%$(HOST_DIR)/usr/share%$(HOST_DIR)/share%g'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 15:21:31 +02:00
Arnout Vandecappelle
24e50620c9 Globally replace $(HOST_DIR)/usr/include with $(HOST_DIR)/include
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.

This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/include' | xargs sed -i 's%$(HOST_DIR)/usr/include%$(HOST_DIR)/include%g'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 15:21:19 +02:00
Arnout Vandecappelle
19ba17ee3b Globally replace $(HOST_DIR)/usr/lib with $(HOST_DIR)/lib
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.

This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/lib' | xargs sed -i 's%$(HOST_DIR)/usr/lib%$(HOST_DIR)/lib%g'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 15:20:05 +02:00
Arnout Vandecappelle
0f9c0bf3d5 Globally replace $(HOST_DIR)/usr/bin with $(HOST_DIR)/bin
Since things are no longer installed in $(HOST_DIR)/usr, the callers
should also not refer to it.

This is a mechanical change with
git grep -l '$(HOST_DIR)/usr/bin' | xargs sed -i 's%$(HOST_DIR)/usr/bin%$(HOST_DIR)/bin%g'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 15:19:29 +02:00
Arnout Vandecappelle
ac4f527d73 package/Makefile.in: remove $(HOST_DIR)/usr part from HOST_LDFLAGS
Now $(HOST_DIR)/lib and $(HOST_DIR)/usr/lib are the same directory, it
doesn't make sense to pass both to LDFLAGS.

Also use $(HOST_DIR)/lib instead of $(HOST_DIR)/usr/lib for the RPATH.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 11:46:26 +02:00
Arnout Vandecappelle
82ec49787d Move $(HOST_DIR)/usr/$(GNU_TARGET_NAME) one level up.
This is a step towards eliminating $(HOST_DIR)/usr. It allows us to
convert all packages installing things into
$(HOST_DIR)/usr/$(GNU_TARGET_NAME) (i.e., binutils and gcc) without
affecting the rest.

To allow compatibility with packages that still use $(HOST_DIR)/usr as
the prefix, create a symlink from usr/$(GNU_TARGET_NAME) to
../$(GNU_TARGET_NAME).

Note that the symlink creation will break when $(HOST_DIR)/usr/lib
already exists as a directory, i.e. when rebuilding in an existing
output directory. This is necessary: if we don't break it now, the
following commits (which remove the usr part from various variables)
_will_ break it.

Effectively, the usr/ part is removed from $(STAGING_SUBDIR) (and
therefore from $(STAGING_DIR)), so update the definition of that
variable right away.

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-05 11:38:23 +02:00
Thomas Petazzoni
88cc312573 package/Makefile.in: fix musl handling
Until now, we had no support for full NLS with the musl C library:
BR2_NEEDS_GETTEXT was only true for uClibc. But the musl C library
provides a stub gettext implementation, which some packages were
failing to recognize as being usable, and therefore we are passing
autoconf cache variables to hint those packages that yes, the C
library has a usable gettext implementation.

However, we are going to enable full NLS support for musl, by giving
the possibility to build gettext libintl with musl. In such a case, we
do not want packages to use the gettext implementation of the C
library, but really the one provided by gettext libintl.

Therefore, we should only pre-seed the
gt_cv_func_gnugettext1_libc*=yes variables if we're on musl but
without gettext libintl. Otherwise packages will fail building because:

 - libintl.h is the one from the full-blown gettext implementation, so
   it assumes the package will link against -lintl

 - the package thinks gettext is provided by the C library, so it
   doesn't link with -lintl

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-04 19:09:58 +02:00
Thomas Petazzoni
a682b02749 package/Makefile.in: introduce TARGET_NLS_{DEPENDENCIES, LIBS}
All packages that can use NLS support will have to depend on
host-gettext, as it provides the tools for generating .mo files from
.po files.

In addition, all packages may need to depend on gettext (and link with
-lintl) if the full-blown gettext implementation is provided by
libintl and not by the C library.

In order to avoid repeating such conditions everywhere, this commit
introduces two variables:

 - TARGET_NLS_DEPENDENCIES, which packages that may use NLS support
   should unconditionally add to their <pkg>_DEPENDENCIES variable.

 - TARGET_NLS_LIBS, which packages can use to pass through LIBS or
   LDFLAGS when the package build system needs help to realize that it
   should link against libintl.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-04 19:09:57 +02:00
Thomas Petazzoni
dc057d2865 system: introduce BR2_SYSTEM_ENABLE_NLS
Until now, the option BR2_ENABLE_LOCALE was more-or-less controlling
whether NLS support was enabled in packages. More precisely, if
BR2_ENABLE_LOCALE=y, we were not doing anything (so some packages
could have NLS support enabled, some not). And only when
BR2_ENABLE_LOCALE was disabled we were explicitly passing
--disable-nls to packages.

This doesn't make much sense, and there is no reason to tie NLS
support to locale support. You may want locale support, but not
necessarily NLS support. Therefore, this commit introduces
BR2_SYSTEM_ENABLE_NLS, which allows to enable/disable NLS support
globally. When this option is enabled, we pass --enable-nls to
packages, otherwise we pass --disable-nls.

In addition, when this option is enabled and the C library doesn't
provide a full-blown implementation of gettext, we select the gettext
package, which will provide the full blown implementation.

It is worth mentioning that this commit has a visible impact for users:

 - Prior to this commit, as soon as BR2_ENABLE_LOCALE=y, packages
   *could* provide NLS support. It was up to each package to decide
   whether they wanted to provide NLS support or not (we were not
   passing --enable-nls nor --disable-nls).

 - After this commit, it's BR2_SYSTEM_ENABLE_NLS that controls whether
   NLS is enabled or disabled, and this option is disabled by default.

Bottom line: with the default of BR2_SYSTEM_ENABLE_NLS disabled, some
packages may lose NLS support that they used to provide. But we
believe it's a reasonable default behavior for Buildroot, where
generally NLS support is not necessary.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-04 19:09:55 +02:00
Thomas Petazzoni
8d603626a8 package: rename DISABLE_NLS to NLS_OPTS
We are going to use DISABLE_NLS not only for disabling NLS support,
but also to explicitly enable it. Therefore, this preparatory commit
renames it to NLS_OPTS, which is consistent with other foo_OPTS
variables defined in package/Makefile.in.

While at it, we replace the := assignments by regular = assignments.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-04 19:09:53 +02:00
Yann E. MORIN
4480d40cc9 core: simplify the condition to set the strip command
Since BR2_STRIP_strip and BR2_STRIP_noine are mutually exclusive (being
part of a choice), we can simplify the logic.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-01 15:01:01 +02:00