Commit Graph

169 Commits

Author SHA1 Message Date
Peter Korsgaard
8a6b0b5696 package/glibc: security bump for additional post-2.32.x fixes
Fixes the following security issue:

- CVE-2021-3326: Assertion failure in ISO-2022-JP-3 gconv module related to
  combining characters

For details, see https://sourceware.org/bugzilla/show_bug.cgi?id=27256 and
https://www.openwall.com/lists/oss-security/2021/01/27/3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-01-29 09:32:24 +01:00
Matt Weber
63332c33aa package: provide CPE ID details for numerous packages
This patch adds CPE ID information for a significant number of
packages.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-04 21:43:54 +01:00
Thomas Petazzoni
40258a3f39 package/glibc: drop ARC-specific version
We're now using 2.32 as the default glibc version, so we no longer
need to use a special version for the ARC architecture.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-12-29 23:28:57 +01:00
Romain Naour
182ea9477b package/glibc: bump to version 2.32-23-g050022910be1d1f5c11cd5168f1685ad4f9580d2
See:
https://sourceware.org/pipermail/libc-announce/2020/000029.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-12-29 23:28:57 +01:00
Thomas Petazzoni
9853983336 package/glibc, toolchain/toolchain-buildroot: disable native RPC in glibc toolchains
Support for obsolete RPC was dropped in glibc 2.14 (2011-05-31), then
reinstated and marked obsolete in glibc 2.16 (2012-06-30), and finally
dropped for good in 2.32 (2020-08-04), which we are about to start
using.

In preparation for that, drop the usage of obsolete RPC support in
glibc.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: add a bit of history]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-12-29 23:28:57 +01:00
Thomas Petazzoni
5ebc935bce package/glibc: add license file hashes for RISC-V specific version
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-19 22:24:38 +02:00
Vineet Gupta
8f91556ccb package/glibc: use upstream 2.32 for the ARC architecture
The ARC glibc port was merged upstream in 2.32, so use that instead of
the one available from Synosys's Github.

Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-19 22:19:35 +02:00
Alistair Francis
a4889545aa package/glibc: use upstream glibc for RISC-V 32-bit
Until glibc 2.33 gets released, we use the current 2.32 master branch.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-09-03 23:45:48 +02:00
Peter Korsgaard
aa70a16caf package/glibc: security bump for additional post-2.31.x fixes
Fixes the following security issue:

  CVE-2016-10228: An infinite loop has been fixed in the iconv program when
  invoked with the -c option and when processing invalid multi-byte input
  sequences.  Reported by Jan Engelhardt.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 22:57:25 +02:00
Romain Naour
5ea05ebd19 package/glibc: fix build on RISC-V with gcc 10.x
Backport upstream commit to use __has_include:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=28dd3939221ab26c6774097e9596e30d9753f758

Otherwise glibc fails to build with gcc 10:

warning: "__has_include__" is not defined, evaluates to 0 [-Wundef]
../sysdeps/unix/sysv/linux/riscv/flush-icache.c:24:21: error: missing binary operator before token "("
   24 | #if __has_include__ (<asm/syscalls.h>)
      |                     ^

Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/655618374

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Alistair Francis <Alistair.Francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-08-05 23:14:39 +02:00
Romain Naour
9f6d4c3a87 package/{glibc, localedef}: bump to version 2.31
For glibc 2.31.x:

  - Update LICENSES file hash due to url change:
    "Prefer https to http for gnu.org and fsf.org URLs"

  - riscv64 does not build with kernel headers < 5.0, but upstream
    has not yet comitted a single fix, neither in master nor in the
    maintenance branch:
       https://sourceware.org/ml/libc-alpha/2020-02/msg00018.html

For localedef 2.31.x:

  - Remove upstream patch for localedef:
    0003-localedef-Use-initializer-for-flexible-array-member-.patch

Note that this version bump required some patches applied on
several packages (already applied):
    [Busybox] 13f2d688a2
    [openssh] bad75bca31
    [gcc] disable libsanitizer with gcc 7.5

See:
https://sourceware.org/legacy-ml/libc-announce/2020/msg00001.html

Tested by toolchain builder:
https://gitlab.com/kubu93/toolchains-builder/pipelines/129551000

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-07-27 15:26:30 +02:00
Romain Naour
6577049128 package/glibc: disable Werror for gcc 10 build
Currently glibc 2.30 is build by default with Werror enabled but it
has only been tested with compiler version available at the time of
the release [1] (gcc 6.2 up to gcc 9.2.1). It's recommended to use
those version with glibc 2.30.

For the same reason why we remove Werror in packages's compiler
flags. Building with Werror is not bulletproof when we start
using a newer compiler that introduce new warnings.
This is the case here with gcc 10, as reported by Yegor Yefremov
[2].

Fixing compiler warnings would require backporting many patches [3]
not even backported by Glibc maintainers to the 2.30 stable
branch. Instead, disable Werror by using --disable-werror.
Most (if not all) gcc 10 warnings will be fixed with Glibc 2.31.

[1] https://sourceware.org/git/?p=glibc.git;a=blob;f=INSTALL;h=62e78725f57080a1cb638cccd28ca3c2ffc5a22c#l466
[2] http://lists.busybox.net/pipermail/buildroot/2020-June/285715.html
[3] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=cba932a5a9e91cffd7f4172d7e91f9b2efb1f84b
    https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=de18a7061c9bdff73d66502c55d6a3ea671fc6d9
    https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=49348beafe9ba150c9bd48595b3f372299bddbb0
    https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=70c6e15654928c603c6d24bd01cf62e7a8e2ce9b
    https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c7bf5ceab6ec776ac7350d3b0190776bf532ac54
    https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e1d559f337de2c8ab68a6749dfe873477c883807

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-29 22:35:10 +02:00
Romain Naour
d58fbd0e13 package/glibc: remove outdated cvs configure option
--without-cvs has been removed from glibc tree since glibc 2.15 [1]

[1] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=92963737c4376bcfd65235d5c325fa7f48302f89

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-06-18 21:32:47 +02:00
Thomas Petazzoni
a6569f2b3d Merge branch 'next'
A few conflicts had to be resolved:

 - Version number and hash for mesa3d-headers/mesa3d
 - Patches added in qemu, and the qemu version number
 - The gnuconfig README.buildroot

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-06-02 21:59:52 +02:00
Evgeniy Didin
b5a1306e1a toolchain: update ARC tools to arc-2020.03-release
This commit bumps ARC toolchain to arc-2020.03-release.

ARC GNU tools of version arc-2020.03-release bring some quite significant
changes like:
* Binutils 2.34 with additional ARC patches
* GCC 9.3 with additional ARC patches
* glibc 2.30 with additional ARC patches
* GDB 10-prerelease with additional ARC patches

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-05-29 23:27:04 +02:00
Peter Korsgaard
6488684e2b package/glibc: bump version for additional post-2.30 security fixes
Fixes the following security vulnerabilities:

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
  corruption when they were passed a pseudo-zero argument.  Reported by Guido
  Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
  out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
  expanding ~user has been fixed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-05-12 12:27:19 +02:00
Romain Naour
76d1629e57 package/glibc/riscv32: update LICENSE file hash
The LICENSE file hash wasn't changed with the last glibc bump for riscv32 [1].
The change is due to upstream LICENSE file update between glibc 2.26 and 2.29
[2] [3].

This issue was discovered by toolchain-builder [4].

[1] a495856728
[2] https://sourceware.org/git/?p=glibc.git;a=commit;h=7f9f1ecb710eac4d65bb02785ddf288cac098323
[3] https://sourceware.org/git/?p=glibc.git;a=commit;h=5a357506659f9a00fcf5bc9c5d8fc676175c89a7
[4] https://gitlab.com/kubu93/toolchains-builder/-/jobs/423826546

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Alistair Francis <alistair@alistair23.me>
Cc: Mark Corbin <mark@dibsco.co.uk>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-02-03 15:49:53 +01:00
Romain Naour
c8cbe97190 package/glibc: add comment about updating localedef in sync
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-01-26 09:07:38 +01:00
Evgeniy Didin
e52073f2f3 package/toolchain: bumb ARC tools to arc-2019.09 release
This commit bumps ARC toolchain to most recent arc-2019.09 release version.

ARC GNU tools of version arc-2019.09 bring some quite significant changes like:
* Binutils v2_33.20191002 with additional ARC patches
* GCC 9.2.1 with additional ARC patches
* glibc 2.30 with additional ARC patches

More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2019.09-release

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-01-17 21:34:05 +01:00
Romain Naour
62c621990b package/glibc: add missing comment
Since [1], glibc package has a new option to install glibc utils to the
target. But this option is displayed below "Kernel Header Options".

As for uClibc package, add a comment line to separate Glibc options
from kernel header options.

[1] c6cd512fe2

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-01-11 15:36:31 +01:00
Arthur Courtel
8d49b9522a package/glibc: hide "glibc utils" if glibc is not selected
BR2_PACKAGE_GLIBC_UTILS config must not exist if we use other libc than glibc

Signed-off-by: Arthur Courtel <arthur.courtel@smile.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2019-12-19 18:16:30 +01:00
Peter Korsgaard
bda95544b9 package/glibc: bump version for post-2.30 security fixes
Fixes the following security vulnerability:

- CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
  environment variable during program execution after a security
  transition, allowing local attackers to restrict the possible mapping
  addresses for loaded libraries and thus bypass ASLR for a setuid
  program.  Reported by Marcin Kościelnicki.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-14 21:55:42 +01:00
Carlos Santos
862cda57e5 package/glibc: drop dependency of utilities on bash
The dependency was added because ldd uses bash-specific syntax to
localize messages. Add a post-patch hook, instead, to replace the
occurrences of $"foo" by "foo", simply, so the code becomes POSIX
sh compliant if bash is not selected.

Also set the configuration environment accordingly to replace the
/bin/bash hashbang by /bin/sh.

Signed-off-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-12-05 23:15:45 +01:00
Peter Korsgaard
7b24bd59c8 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-12-02 09:39:41 +01:00
Pascal de Bruijn
283c5d474e package/glibc: install locale utility only when BR2_PACKAGE_GLIBC_UTILS=y
Fixes: fb1ee93ca4

Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-26 22:36:17 +01:00
Pascal de Bruijn
fb1ee93ca4 package/glibc: install locale utility when NLS is enabled
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-11-26 12:51:59 +01:00
Peter Korsgaard
e487649e2e package/glibc: install utilities into their standard locations
As pointed out by Carlos, ldconfig normally goes into /sbin, and getconf +
ldd into /usr/bin, so do that here as well instead of installing everything
to /bin.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-11-23 13:42:20 +01:00
Nikita Sobolev
c6cd512fe2 glibc: install glibc utils to target
With this patch we introduce an option for glibc, which
installs getconf, ldconfig and ldd utilities on target, that
may be useful in debugging. By default these utilities are
built, but not installed to the target.
ldd is a bash script, so it has bash dependency.

Signed-off-by: Nikita Sobolev <Nikita.Sobolev@synopsys.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2019-11-23 11:53:14 +01:00
Evgeniy Didin
6a1e1ee9bc toolchain: bump ARC tools to arc-2019.09-rc1
This commit bumps ARC toolchain to arc-2019.09-rc1.
We want to test how new toolchain-rc1 builds packages,
so we can make fixes before release of toolcain.

ARC GNU tools of version arc-2019.09-rc1 bring some quite significant changes like:
* Binutils v2_33.20191002 with additional ARC patches
* GCC 9.2.0 with additional ARC patches
* glibc 2.30 with additional ARC patches

Please note that it is a release candidate and it might contain some breakages,
please don't use it for production builds.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-11-06 15:47:34 +01:00
Evgeniy Didin
12ebdfd37c toolchain: bump ARC tools to arc-2019.09-eng002
This commit bumps ARC toolchain to arc-2019.09-eng002.  We want to
test how new toolchain-eng002 builds packages, so we can make fixes
before release of toolcain.

Please note that it is an engineering build and it might have all
kinds of breakages, please don't use it for production builds

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-10-27 20:16:05 +01:00
Romain Naour
a7914499b8 package/glibc: bump to version 2.30
With Glibc 2.30, GCC 6.2 or later is required to build the GNU C
Library. Disable Glibc for GCC 5.x.

CVE-2019-7309, CVE-2019-9169.

See:
https://sourceware.org/ml/libc-alpha/2019-08/msg00029.html

Tested with toolchain-builder:
https://gitlab.com/kubu93/toolchains-builder/pipelines/76423684

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-17 15:05:00 +02:00
Peter Korsgaard
840ecb29f5 package/glibc: bump version for additional post-2.29 fixes
The following additional bugs are fixed:

  [16573] malloc: Set and reset all hooks for tracing
  [18035] Fix pldd hang
  [20568] Fix crash in _IO_wfile_sync
  [24228] old x86 applications that use legacy libio crash on exit
  [24476] dlfcn: Guard __dlerror_main_freeres with __libc_once_get (once)
  [24744] io: Remove the copy_file_range emulation

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-08-04 18:51:25 +02:00
Evgeniy Didin
be0aaaaecd toolchain: bump ARC tools to arc-2019.03 release
This commit finally bumps ARC tools to the most recent arc-2019.03 release version.

ARC GNU tools of version arc-2019.03 bring some quite significant changes like:
 * Binutils v2.32.51.20190308 with additional ARC patches
 * GCC 8.3.1 with additional ARC patches
 * glibc 2.29 with additional ARC patches

More information on this release could be found here:
 https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2019.03-release

Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-06-19 13:49:46 +02:00
Guo Ren
634255f84c package/glibc: add C-SKY specific version
Signed-off-by: Guo Ren <ren_guo@c-sky.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-31 23:00:42 +02:00
Evgeniy Didin
08c330c464 toolchain: bump ARC tools to arc-2019.03-rc1
This commit bumps ARC toolchain to arc-2019.03-rc1.  We want to test
how new toolchain-rc1 builds packages, so we can make fixes before
release of toolcain.

ARC GNU tools of version arc-2019.03-rc1 bring some quite significant
changes like:
* Binutils v2.32.51.20190308 with additional ARC patches
* GCC 8.3.1 with additional ARC patches
* glibc 2.29 with additional ARC patches

Please note that it is a release candidate and it might contain some
breakages, please don't use it for production builds.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-14 19:17:42 +02:00
Peter Korsgaard
de5ca50cf2 package/glibc: bump version for post-2.29 security fixes
Fixes the following security vulnerability:

  CVE-2019-9169: Attempted case-insensitive regular-expression match
  via proceed_next_node in posix/regexec.c leads to heap-based buffer
  over-read.  Reported by Hongxu Chen.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-29 17:03:07 +01:00
Alistair Francis
a495856728 package/glibc: update glibc version for RISC-V 32-bit
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-18 22:55:07 +01:00
Romain Naour
57df4792c3 package/glibc: bump to version 2.29
Changes to build and runtime requirements:

* Python 3.4 or later is required to build the GNU C Library.

* On most architectures, GCC 5 or later is required to build the GNU C
  Library.  (On powerpc64le, GCC 6.2 or later is still required, as
  before.)

While at it, remove the double "glibc-" prefix in the version.

https://www.sourceware.org/ml/libc-alpha/2019-01/msg00723.html

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-03-15 22:27:09 +01:00
Mark Corbin
72723ea80f packages/glibc: Fix mcontext_t error that breaks RISC-V package builds
The riscv-glibc repository version of glibc 2.26 will build for
RISC-V 32bit, but when many packages are built against the resulting
library an 'unknown type name mcontext_t' error is reported. The
definition of mcontext_h in the ucontext.h header file needs to be
moved outside of the '#ifdef __USE_MISC' structure to fix this
issue.

Fixes:
  http://autobuild.buildroot.net/results/5aa9cb29c459f511dc9c4fcf218dc9a842505aa3

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-04 19:20:38 +01:00
Mark Corbin
ae99fa6d64 arch: add support for RISC-V 32-bit (riscv32) architecture
This enables a riscv32 system to be built with a Buildroot generated
toolchain (gcc >= 7.x, binutils >= 2.30, glibc only).

This requires a custom version of glibc 2.26 from the riscv-glibc
repository. Note that there are no tags in this repository, so the
glibc version just consists of the 40 character commit id string.

Thanks to Fabrice Bellard for pointing me towards the 32-bit glibc
repository and for providing the necessary patch to get it to build.

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-01-06 14:09:31 +01:00
Mark Corbin
7ab6281075 package/glibc: bump version for more post-2.28 fixes
This update includes two specific fixes that have been backported
to the glibc 2.28 release branch from the glibc master branch:

1) UAPI header file asm/syscalls.h has been merged into the UAPI
asm/unistd.h header file for the RISC-V architecture in the
4.20 kernel. This causes the glibc 2.28 build to break.

2) sysdeps/ieee754/soft-fp: ignore maybe-uninitialized with -O
[BZ #19444]. The current patch for this issue can now be dropped
from Buildroot.

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-01-03 22:07:55 +01:00
Peter Korsgaard
13c43455a0 Merge branch 'next'
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-12-02 08:16:10 +01:00
Peter Korsgaard
d717ac4320 glibc: bump version for post-2.28 security fixes
Fixes the following security vulnerability:

  CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
  denial of service due to resource exhaustion when processing getaddrinfo
  calls with crafted host names.  Reported by Guido Vranken.

Adhemerval Zanella (2):
      Fix misreported errno on preadv2/pwritev2 (BZ#23579)
      x86: Fix Haswell CPU string flags (BZ#23709)

Alexandra Hájková (1):
      Add an additional test to resolv/tst-resolv-network.c

Andreas Schwab (2):
      Fix stack overflow in tst-setcontext9 (bug 23717)
      libanl: properly cleanup if first helper thread creation failed (bug 22927)

DJ Delorie (2):
      malloc: tcache double free check
      malloc: tcache double free check

Florian Weimer (9):
      conform: XFAIL siginfo_t si_band test on sparc64
      stdlib/test-bz22786: Avoid spurious test failures using alias mappings
      stdlib/test-bz22786: Avoid memory leaks in the test itself
      support_blob_repeat: Call mkstemp directory for the backing file
      stdlib/tst-strtod-overflow: Switch to support_blob_repeat
      nscd: Fix use-after-free in addgetnetgrentX [BZ #23520]
      support: Print timestamps in timeout handler
      Revert "malloc: tcache double free check" [BZ #23907]
      CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

H.J. Lu (2):
      i386: Use _dl_runtime_[resolve|profile]_shstk for SHSTK [BZ #23716]
      Check multiple NT_GNU_PROPERTY_TYPE_0 notes [BZ #23509]

Ilya Yu. Malakhov (1):
      signal: Use correct type for si_band in siginfo_t [BZ #23562]

Istvan Kurucsai (1):
      malloc: Additional checks for unsorted bin integrity I.

Joseph Myers (2):
      Update syscall-names.list for Linux 4.18.
      Update kernel version in syscall-names.list to 4.19.

Moritz Eckert (1):
      malloc: Mitigate null-byte overflow attacks

Paul Eggert (1):
      Fix tzfile low-memory assertion failure

Paul Pluzhnikov (2):
      Fix BZ#23400 (creating temporary files in source tree), and undefined behavior in test.
      [BZ #20271] Add newlines in __libc_fatal calls.

Pochang Chen (1):
      malloc: Verify size of top chunk.

Rafal Luzynski (1):
      kl_GL: Fix spelling of Sunday, should be "sapaat" (bug 20209).

Stefan Liebler (2):
      Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP [BZ #23275]
      Test stdlib/test-bz22786 exits now with unsupported if malloc fails.

Szabolcs Nagy (2):
      i64: fix missing exp2f, log2f and powf symbols in libm.a [BZ #23822]
      Increase timeout of libio/tst-readline

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-30 11:20:22 +01:00
Evgeniy Didin
cd9d58f1fc toolchain: bumb ARC tools to arc-2018.09 release
This commit finally bumps ARC tools to the most recent arc-2018.09 release version.

ARC GNU tools of version arc-2018.09 bring some quite significant changes like:
 * Binutils v2.31.1 with additional ARC patches
 * GCC 8.2.1 with additional ARC patches
 * glibc 2.28 with additional ARC patches

More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2018.09-release

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-29 21:32:51 +01:00
Thomas Petazzoni
0b59a09503 package/glibc: update hash of LICENSES file for ARC version
In commit 5d4f23cbe6 ("toolchain: Bump
ARC tools to arc-2018.09-rc1"), the glibc version for the ARC
architecture was bumped, but the hashes of the license files were not
updated accordingly, causing a build failure during "legal-info":

ERROR: LICENSES has wrong sha256 hash:
ERROR: expected: 61abdd6930c9c599062d89e916b3e7968783879b6be0ee1c6229dd6169def431
ERROR: got     : 35bdb41dc0bcb10702ddacbd51ec4c0fe6fb3129f734e8c85fc02e4d3eb0ce3f

The changes between the previous LICENSES file and the new one are:

 - The text related to libidn has been removed from the LICENSES file,
   following the switch to libidn2:

   https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=7f9f1ecb710eac4d65bb02785ddf288cac098323#patch2

 - The text related to stdio-common/tst-printf.c has been removed from
   the LICENSES file, following the removal of this non-free code from
   glibc:

   https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5a357506659f9a00fcf5bc9c5d8fc676175c89a7#patch2

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-21 10:21:20 +01:00
Evgeniy Didin
c786ca2fcb toolchain: Bump ARC tools to arc-2018.09-rc2
This commit bumps ARC toolchain to arc-2018.09-rc2,
which includes significant changes since arc-2018.09-rc1.
We want to test how new toolchain-rc2 builds packages,
so we can make fixes before release of toolcain.
This makes us closer to toolchain release which will be in a few weeks.

Please note that it is a release candidate and it might
contain some breakages, please don't use it for production builds.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-20 23:13:20 +01:00
Peter Korsgaard
fb80f71d94 glibc: ensure BR2_MAKE is also used for subdirs
The configure script contains logic to figure out what make program to
invoke for subdirectories (trying gnumake, gmake, make).  Explicitly force
it to use our BR2_MAKE to ensure the right make version is used.

As GLIBC_CONF_ENV is only initialized below, move this section below it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-20 08:17:34 +01:00
Evgeniy Didin
5d4f23cbe6 toolchain: Bump ARC tools to arc-2018.09-rc1
This commit bumps ARC toolchain to arc-2018.09-rc1.
We want to test how new toolchain-rc1 builds packages,
so we can make fixes before release of toolcain.

ARC GNU tools of version arc-2018.09-rc1 bring some quite significant changes like:
* Binutils v2.31.1 with additional ARC patches
* GCC 8.2.1 with additional ARC patches
* glibc 2.28 with additional ARC patches

Please note that it is a release candidate and it might contain some
breakages, please don't use it for production builds.

Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-18 20:47:31 +01:00
Romain Naour
435613ef29 toolchain: disable SSP support if CFI support in binutils is missing
As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.

In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.

So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.

BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y

While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)

With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.

When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"

The test is doing the following command line:

echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]

When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?

When we look at the gcc-initial log file (config.log) we can see an
error with 'as':

configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as    -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
    .text
    .cfi_startproc
    .cfi_offset 0, 0
    .cfi_same_value 1
    .cfi_def_cfa 1, 2
    .cfi_escape 1, 2, 3, 4, 5
    .cfi_endproc

This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).

"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).

The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.

The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.

This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option

Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.

Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389

[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 12:49:25 +01:00
Thomas Petazzoni
c4b7949234 package/glibc: fix typo in hash file
Fixes:

package/glibc/arc-2018.03-release/glibc.hash:4: expected three fields (http://nightly.buildroot.org/#adding-packages-hash)
package/glibc/arc-2018.03-release/glibc.hash:4: unexpected type of hash (http://nightly.buildroot.org/#adding-packages-hash)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-10-20 20:27:45 +02:00