Fixes the following security issue:
- CVE-2021-41092: Ensure default auth config has address field set, to
prevent credentials being sent to the default registry.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure raised since commit
21a56f9edb which wrongly removed
the select on BR2_PACKAGE_BZIP2 from BR2_PACKAGE_PYTHON3_BZIP2:
Makefile:587: *** bzip2 is in the dependency chain of python3 that has added it to its _DEPENDENCIES variable without selecting it or depending on it from Config.in. Stop.
Fixes:
- http://autobuild.buildroot.org/results/041a2f9c536fce1a1acf6da0464855e4f1e1604f
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Drop backported patch for GCC 10 build problem, part of release
- Use upstream sha256 instead of locally computed
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On Linux version >= 4.20 in order to have mali working we need to pass
drm_kms_helper.drm_leak_fbdev_smem=1 and at least
drm_kms_helper.drm_fbdev_overalloc=200 to have a double buffer fbdev.
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
webkitgtk builds without issue using host-python3.
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Acked-By: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with convolution raised since bump of
automake to version 1.16.5 in commit
446d9f5102 and
https://git.savannah.gnu.org/cgit/automake.git/commit/?id=f4a3a70f69e1dbccb6578f39ef47835098a04624:
configure.ac:305: error: AM_INIT_AUTOMAKE expanded multiple times
/home/giuliobenetti/autobuild/run/instance-1/output-1/host/share/aclocal-1.16/init.m4:29: AM_INIT_AUTOMAKE is expanded from...
configure.ac:6: the top level
/home/giuliobenetti/autobuild/run/instance-1/output-1/host/share/aclocal-1.16/init.m4:29: AM_INIT_AUTOMAKE is expanded from...
configure.ac:305: the top level
Fixes:
- http://autobuild.buildroot.org/results/464148bdccb705d8992dc860262bfdeb01b7e2a1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- 15346de client: Always close connection with request body in case of error
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- 2537be0 cmake: add a possibility to set library version
- 4becbd6 ubusd: convert tx_queue to linked list
- c736e47 ubusd: add per-client tx queue limit
- a8cf678 ubusd: protect against too-short messages
- 4fc532c ubusd: fix tx_queue linked list usage
- b743a33 ubusd: log ACL init errors
- 2099bb3 libubus: use list_empty/list_first_entry in ubus_process_pending_msg
- ef03848 libubus: process pending messages in data handler if stack depth is 0
- a72457b libubus: increase stack depth for processing obj msgs
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog:
- 4b3db11 cli: add option for changing save path
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
There's a new feature to offload L2TP to the Linux kernel, which depends
on libmnl. A new menu option was introduced for that.
It's possible to link an internal version of libmnl
statically for smaller binary size on constraint targets, but this was
not added to the buildroot package for complexity reasons (both build
and licensing).
The COPYING file gained an additional paragraph for internal libmnl
which does not apply, because internal libmnl is not used in the
package.
Link: https://fastd.readthedocs.io/en/latest/releases/v22.html
Signed-off-by: Alexander Dahl <post@lespocky.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix CVE-2021-32765: Hiredis is a minimalistic C client library for the
Redis database. In affected versions Hiredis is vulnurable to integer
overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk`
protocol data. When parsing `multi-bulk` (array-like) replies, hiredis
fails to check if `count * sizeof(redisReply*)` can be represented in
`SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make
this check, it would result in a short allocation and subsequent buffer
overflow.
https://github.com/redis/hiredis/blob/v1.0.2/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog (since 1.68):
- 1.69, 2021-03-30 Added link to Ada bindings by Tama McGlinn.
Fixed problem with undefined off_t on some compilers.
- 1.70, Patch to ensure compilation with gcc -std=c99, as reported by
John Blaiklock. Fix some inconsistencies in version numbers.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit b36c4e594c forgot to remove
board/qemu/csky abd configs/qemu_csky* from DEVELOPERS file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Provide convenience links for BCM43455/CYW43455 based RPi3A+, RPi3B+
and RPi4B WIFI firmware configuration files to avoid runtime firmware
loading warning in the kernel logs, e.g. (RPi3B+):
brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt failed with error -2
or (RP4B):
brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt failed with error -2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[me: slight rewording/rewrapping in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add option for the debug set of start/fixup boot files.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Try to be less smart (focused on the one target/one use-case),
instead reduce the rpi-firmware package to a selectable list
of (verbatim) installed firmware files.
- change rpi-firmware config handling from rpi-variant/rpi-flavour
choices to bootcode.bin, pi-default/-extended/-cut-down and
pi4-/default/-extended/-cut-down selection
- add BR2_PACKAGE_RPI_FIRMWARE_CONFIG_FILE option to select installable
config.txt file
- remove config.txt modify code/handling from raspberry post-image.sh
script
- add different customized config.txt files to the raspberry board
section
- change dtoverlay krnbt from 'dtoverlay=miniuart-bt,krnbt=on' to extra line
with explanation comment
- change raspberry defconfigs to select appropiate rpi-firmware
and config.txt files
- change genimage-raspberrypi4.cfg/genimage-raspberrypi4-64.cfg to
use start4.elf and fixup4.dat
- update board/raspberrypi/readme.txt (add optional files fixup4.dat,
start4.elf and zImage)
With this changes a better support for custom use-cases should
be possible, specially multi-target SD cards as suggested by
Stefan Agner ([1]).
[1] http://lists.busybox.net/pipermail/buildroot/2021-February/303318.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: fix case of no config.txt provided]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the ubi/ubifs test has been introduced, it's not possible to
boot the same ubi image twice [1]:
"TODO: if you boot Qemu twice on the same UBI image, it fails to
attach the image the second time, with "ubi0 error:
ubi_read_volume_table: the layout volume was not found"."
For some reason, the kernel corrupt the ubi image if the ubifs
rootfs is mounted with write access. Use a custom config file
to mount the rootfs readonly (vol_type=static). Doing so requires
to add the flash size (vol_size=64MiB).
At least it allows to boot several times the same ubi image.
[1] bf4a6490e4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current ubi/ubifs test (test_ubi.py) rely on a Qemu bug present in
2.8.0 that was fixed in Qemu 2.9.0 [1]. The ubi/ubifs settings is
updated to run with Qemu >= 2.9.0 using the new multiple chip handling.
If needed, the old behavior can be enabled using the pflash01 property
"old-multiple-chip-handling" [2].
The issue was not detected until now since we are sill using an old
qemu (2.8 from Debian stretch) for testing in gitlab (using the
Buildroot Docker image used by gitlab-ci.yml).
First the logical eraseblock size (LEB) must be updated to the value
0x3ff80 reported by the kernel when using qemu >= 2.9.0.
UBIFS (ubi0:0): Mounting in unauthenticated mode
UBIFS error (ubi0:0 pid 1): ubifs_read_superblock: LEB size mismatch: 524160 in superblock, 262016 real
UBIFS error (ubi0:0 pid 1): ubifs_read_superblock: bad superblock, error 1
But the system is still failing to boot:
UBIFS error (ubi0:0 pid 1): ubifs_scan: garbage
UBIFS error (ubi0:0 pid 1): ubifs_recover_master_node: failed to recover master node
ubifs is reading garbage since Qemu >= 2.9.0 report a sector
length per device divided by the number of devices (see commit [1]).
The kernel detect two flash devices (dmesg):
Concatenating MTD devices:
(0): "40000000.flash"
(1): "40000000.flash"
into device "40000000.flash"
Divide the physical eraseblock (PEB) size by two.
Tested with qemu 2.9.0, 5.1.0.
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1543100932
[1] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=feb0b1aa11f14ee71660aba46b46387d1f923c9e
[2] http://lists.busybox.net/pipermail/buildroot/2021-September/622069.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adding the Image format on the Qemu command line avoid this warning:
"WARNING: Image format was not specified for 'output/TestUbi/images/rootfs.ubi' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions."
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 71b8322712 updated the Dockerfile
to be used in CI tests. In order to actually use this new docker image,
update .gitlab-ci.yml to point to the docker image that was created with
the updated Dockerfile.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Binutils is the last part of the csky toolchain fork.
The csky support has been merged in binutils 2.32 [1].
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=9d24df82ece4e87a0328173d6bd31cb9ff558bb4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We are going to remove the gcc fork for csky, first disable
the internal toolchain backend.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We are going to remove the gcc fork for csky since it doesn't build
with the latest compilers (gcc 8, 10, 11 tested) [1].
Removing theses defconfigs and the csky gcc fork has become unavoidable
since the Buildroot Docker image used by the gitlab CI will switch soon
to Debian bullseye soon [2].
The cksy gcc fork based on gcc 6 has not been updated since it has been
added to Buildroot [3]. Since then, csky has been added to binutils and
gcc but using the latest upstream version (binutils 2.37 and gcc 11) is
not yet possible due to build issue with glibc 2.34 [4].
Moreover, qemu_csky defconfigs was to be used with the csky qemu fork
(based on Qemu 3.x) added by commit [5] and removed by commit [6].
Since then it's not possible to do a runtime test with theses
defconfigs.
Theses defconfigs can be added back later if the csky toolchain support
is fixed and csky supported by upstream Qemu.
[1] http://lists.busybox.net/pipermail/buildroot/2021-August/621504.html
[2] 71b8322712
[3] 7873a5bd5e
[4] http://lists.busybox.net/pipermail/buildroot/2021-October/624596.html
[5] f816e5b276
[6] 58af9a70cc
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot CI has been failing due to 404 error on older U-Boot. Updating
the U-Boot version should fix it and it doesn't hurt to use the latest
U-Boot anyway.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a comment when kernel is not enabled (missing since the addition of
the package in commit 5b13fc05b3)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a comment when kernel is not enabled (missing since the addition of
the package in commit de591c5c3a)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>