This test invokes "crossbar version" command, that checks all
dependencies found in setup.py files and prints some system related
information.
Add haveged to the target to generate enough entropy so crossbar ->
pynacl -> libsodium don't hang waiting for /dev/random.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
[Ricardo: move test script to a separate file, remove Python 2 variant,
add haveged to target to add entropy and avoid hanging]
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test script to be run on the target from inline in the test
case to a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test scripts to be run on the target from inline in the test
case to a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test script to be run on the target from inline in the test
case to a separate file.
Get the base defconfig fragment from the immediate parent class and not
directly from TestPythonBase because it is the correct way of doing
this. This way the base class TestPythonTwisted could even be placed in
a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test script to be run on the target from inline in the test
case to a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test script to be run on the target from inline in the test
case to a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Move the test script to be run on the target from inline in the test
case to a separate file.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Test cases for python packages are very similar among each other: run a
simple script in the target that minimally tests the package.
So create a new helper class named TestPythonPackageBase that holds all
the logic to run a script on the target.
TestPythonPackageBase adds in build time one or more sample scripts to
be run on the target. The test case for the python package must
explicitly list them in the "sample_scripts" property. The test case
then automatically logins to the target, checks the scripts are really
in the rootfs (it calls "md5sum" instead of "ls" or "test" in an attempt
to make the logfile more friendly, since someone analysing a failure can
easily check the expected script was executed) and then calls the python
interpreter passing the sample script as parameter.
An optional property "timeout" exists for the case the sample script
needs more time to run than the default timeout from the test infra
(currently 5 seconds).
A simple test case for a package that only supports Python 2 will look
like this:
|from tests.package.test_python import TestPythonPackageBase
|
|
|class TestPythonPy2<Package>(TestPythonPackageBase):
| __test__ = True
| config = TestPythonPackageBase.config + \
| """
| BR2_PACKAGE_PYTHON=y
| BR2_PACKAGE_PYTHON_<PACKAGE>=y
| """
| sample_scripts = ["tests/package/sample_python_<package>.py"]
| timeout = 15
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Asaf Kahlon <asafka7@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The xlib_libfontenc configure.ac uses PKG_CHECK_MODULES(), but the
Buildroot package does not have a dependency on host-pkgconf. This
causes a build failure with per-package host/target folders, or if one
builds just with "make xlib_libfontenc", which is why it was never
detected by the autobuilders.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Simple DNS resolver for asyncio.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16062: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils
before 2018-08-18 allows remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted file.
CVE-2018-16402: libelf/elf_end.c in elfutils 0.173 allows remote attackers
to cause a denial of service (double free and application crash) or possibly
have unspecified other impact because it tries to decompress twice.
CVE-2018-16403: libdw in elfutils 0.173 checks the end of the attributes
list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr
in dwarf_hasattr.c, leading to a heap-based buffer over-read and an
application crash.
For more details, see the announcement:
https://sourceware.org/ml/elfutils-devel/2018-q3/msg00116.html
0.172 and 0.173 also included fixes for crashes and hangs found by afl-fuzz
(no CVEs assigned):
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00272.htmlhttps://sourceware.org/ml/elfutils-devel/2018-q2/msg00209.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issue:
CVE-2018-12384: NSS responded to an SSLv2-compatible ClientHello with a
ServerHello that had an all-zero random.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit c9e3d5b6c5 (libnspr: bump to version 4.20) did not refresh the
hunks touching the _linux.cfg file. As a result, these hunk were applied
to the wrong (x86 specific) place in that file, rendering them
ineffective. Refresh the patches to fix that.
Fixes:
http://autobuild.buildroot.net/results/2d1/2d1288e98a6459d84c2599c99b5617a2fde81f62/
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove the --without-* options from the yes side of the TLS libraries
selection checks.
Since the --without-* option is now specified when the corresponding TLS
library is not being used, it's no longer necessary when enabling a TLS
library to explicity list all the other TLS libs that curl should not
use.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since 118534fe54 (fs: use a common tarball as base for the other
filesystems), the filesystem creation is split in two steps, using an
intermediate tarball to carry the generic, common finalisations to the
per-filesystem finalisation and image creation.
However, this intermediate tarball causes an issue with capabilities:
they are entirely missing in the generated filesystems.
Capabilities are stored in the extended attribute security.capability,
which tar by default will not store/restore, unless explicitly told to,
e.g. with --xattrs-include='*', which we don't pass.
Now, passing this option when creating and extracting the intermediate
tarball, both done under fakeroot, will cause fakeroot to report an
invalid filetype for files with capabilities. mksquashfs would report
such unknown files as a warning, while mkfs.ext2 would fail (with a
similar error message), e.g.:
File [...]/usr/sbin/getcap has unrecognised filetype 0, ignoring
This is due to a poor interaction between tar and fakeroot; running as
root the exact same commands we run under fakeroot, works as expected.
Unfortunately, short of fixing fakeroot (which would first require
understanding the problem in there), we don't have much options.
The intermediate tarball was made to avoid redoing the same actions over
and over again for each filesystem to build. However, most of the time,
only one or two such filesystems would be enabled [0], and those actions
are usually pretty lightweight. So, using an intermediate tarball does
not provide a big optimisation.
The main reason to introduce the intermediate tarball, however, is that
it allows to postpone per-filesystem finalisations to be applied only
for the corresponding filesystem, not for all of them.
So, we get rid of the intermediate tarball, and simply move all of the
code to run under fakeroot to the per-filesystem fakeroot script.
Instead of extracting the intermediate tarball, we just rsync the
original target/ directory, and apply the filesystem finalisations on
that copy. The only thing still done in the rootfs-common step is to
generate the intermediate files (users file, devices file) that are used
in the fakeroot script.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=11216
Note: an alternate solution would have been to keep the intermediate
tarball to keep most of the common finalisations, and move only the
permissions to each filesystem, but that was getting a bit more complex
and changed the ordering of permissions and post-fakeroot scripts. Once
we bite the bullet of having some common finalisation done in each
filesystem, it's easier to just move all of them.
[0] Most probsably, users would enable the real filesystem to put on
their device, plus the 'tar' filesystem, to be able to easily inspect
the content on their development machine.
Reported-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
- Indent with tabs.
- Use a function for start.
- Pass "-q" to iucode_tool to inhibit usual output that would otherwise
interfere with the operation status report.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
[Peter: drop dummy function with sed invocation not compatible with busybox]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Brings several fixes and enhancements. Check the change log at
https://gitlab.com/iucode-tool/iucode-tool/raw/v2.3.1/ChangeLog
Tested on an equipment with Intel C3000 processor.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The big "intel-microcode.dat" text file is gone. Only binary files are
provided, in the "intel-ucode" directory. Install it at /lib/firmware/,
like linux-firmware does, and update the iucode-tool init script to use
that path.
We don't install the microcode under "intel-ucode-with-caveats", since
it needs special commits in the Linux kernel (see "relnotes" for more
information).
Tested on an equipment with Intel C3000 processor.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We already turn on kernel features for several packages, so let's do it
for intel-microcode too, otherwise it's impossible to load the microcode
(by means of iucode-tools).
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Instead of defaulting to OpenSSL, allow selection of package to use
through a choice in libcurl's config. The default will be to select the
first enabled TLS provider in the same preference order as is used now,
i.e. no change from current behavior.
Some of the alternative libraries have advantages over OpenSSL in
certain areas.
For example, gnutls has vastly superior PKCS11 support. One can use
client TLS private keys by supplying a PKCS11 URI instead of a private
key file name. The TLS server cert trust store can be a PKCS11 URI,
e.g. configure libcurl with a ca-bundle of "pkcs11:model=p11-kit-trust".
Now server certs can be stored in a software and/or hardware HSM(s).
This doesn't work with OpenSSL.
However, some software only supports OpenSSL for TLS or other crypto
functions. So it might be necessary to enable OpenSSL for that reason.
Signed-off-by: Trent Piepho <tpiepho@impinj.com>
[Peter: add BR2_PACKAGE_LIBCURL_TLS_SUPPORT and use it to hide choice &
comment, explitly pass --without-foo if option is not enabled,
only do .pc fixup if BR2_PACKAGE_LIBCURL_OPENSSL is enabled]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
meson-based build of systemd runs a couple of checks on the structure
of the *host* system which will incorrectly configure systemd if build
host configuration doesn't match Buildroot target.
One can also find the following in the NEWS file:
* A new -Dsplit-bin= build configuration switch may be used to specify
whether bin and sbin directories are merged, or if they should be
included separately in $PATH and various listings of executable
directories. The build configuration scripts will try to autodetect
the proper values of -Dsplit-usr= and -Dsplit-bin= based on build
system, but distributions are encouraged to configure this
explicitly.
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Don't give a path in --with-pcap option otherwise PCAP_CONFIG won't be
used (see AC_WIRESHARK_PCAP_CHECK in acinclude.m4) to retrieve pcap
static dependencies such as -lnl-3 and as a result pcap detection will
fail
Fixes:
- http://autobuild.buildroot.org/results/084354a33825cf4e723e0a9f1e9656ad2a212a15
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Replace $(BR2_KERNEL_MIRROR) by https://git.kernel.org/pub, which
fixes the download of this package:
>>> trace-cmd trace-cmd-v2.6.1 Downloading
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
Removing it and starting afresh.
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
This is the second time in a row; bailing out
--2018-11-11 21:08:00-- http://sources.buildroot.net/trace-cmd/trace-cmd-trace-cmd-v2.6.1.tar.gz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.210.19, 104.25.211.19, 2606:4700:20::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.210.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1859835 (1.8M) [application/x-gtar-compressed]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Replace $(BR2_KERNEL_MIRROR) by https://git.kernel.org/pub, which
fixes the download of this package:
>>> trace-cmd trace-cmd-v2.6.1 Downloading
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
Removing it and starting afresh.
Initialized empty Git repository in /home/thomas/dl/trace-cmd/git/.git/
Fetching all references
fatal: repository 'https://cdn.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git/' not found
Detected a corrupted git cache.
This is the second time in a row; bailing out
--2018-11-11 21:08:00-- http://sources.buildroot.net/trace-cmd/trace-cmd-trace-cmd-v2.6.1.tar.gz
Resolving sources.buildroot.net (sources.buildroot.net)... 104.25.210.19, 104.25.211.19, 2606:4700:20::6819:d313, ...
Connecting to sources.buildroot.net (sources.buildroot.net)|104.25.210.19|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1859835 (1.8M) [application/x-gtar-compressed]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since version 0.15.0, qemu has an optional dependency to opengl:
20ff075bb3
Since version 2.4, libepoxy is also needed to enable opengl:
dcf30025c3
As a result if libepoxy is built before qemu, opengl support will be
detected (see config.log):
OpenGL support yes
OpenGL dmabufs yes
This will raise the failures in milkymist-tmu2:
hw/display/milkymist-tmu2.c:35:22: fatal error: X11/Xlib.h: No such file or directory
or in sdl2:
CC /home/peko/autobuild/instance-0/output/targetui/sdl2-2d.o
In file included from /home/peko/autobuild/instance-0/output/build/qemu-2.12.1/include/ui/egl-context.h:5:0,
from ui/egl-context.c:3:
/home/peko/autobuild/instance-0/output/build/qemu-2.12.1/include/ui/egl-helpers.h:45:55: error: unknown type name 'Window'; did you mean 'minor'?
or in translate-a64:
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/target/arm/translate-a64.c: In function 'handle_shri_with_rndacc':
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/target/arm/translate-a64.c:7000:28: warning: 'tcg_src_hi' may be used uninitialized in this function [-Wmaybe-uninitialized]
tcg_gen_mov_i64(tcg_src, tcg_src_hi);
^
../ui/gtk-egl.o: In function `gd_egl_init':
/accts/mlweber1/scripts/instance-3/output/build/qemu-2.12.1/ui/gtk-egl.c:52: undefined reference to `gdk_x11_window_get_xid'
So, for the time being, disable opengl as done in xen since commit
13c6754f3c.
Fixes:
- http://autobuild.buildroot.org/results/656e45721c72197834462eb2bd8c762e520725a4
- http://autobuild.buildroot.org/results/d4736a930144fc5e25b377bc1c0baf44fbf8718d
- http://autobuild.buildroot.org/results/50e0d7d1b4f5c2b827b50bb82d8fbc066bf31118
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Retrieve two upstream patches to fix build failures due to warnings
Fixes:
- http://autobuild.buildroot.org/results/7ec1e1cc060bbdaaf758c0d55a053247b731e792
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Update "basic set" help to include the new "choom" utility.
- Re-generate checksums for license files, whose names now follow the
SPDX License List.
- Pull a patch already applied upstream that make rtcwake use poweroff
if shutdown is not found (e.g. Busybox, which the default init system
on Buldroot).
- Pull a patch already submitted upstream to fix the output of escaped
characters by agetty.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Note, that there is already a patch [1] to bump the version to 0.48.1.
However, the bump to version 0.48.x has some unresolved issues.
In the meantime, until the issue with 0.48 is resolved, bump to latest
version of the 0.47 branch.
[1] http://patchwork.ozlabs.org/patch/986260/
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes [1]:
/tmp/ccBAUqbI.s: Assembler messages:
/tmp/ccBAUqbI.s:622: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'
/tmp/ccBAUqbI.s:2607: Error: opcode not supported on this processor: mips64r6 (mips64r6) `movn $2,$4,$7'
[1] http://autobuild.buildroot.net/results/dc52088222e9fbedcebffc1c39be6d2fecfffe5d
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
