Commit 30c4b5843f (ebtables: enable for musl) enabled musl build, but
forgot to remove the comment text. Fix that.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ca2a6f04ed)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently this target fails to build:
./scripts/dtc-version.sh: line 17: dtc: command not found
./scripts/dtc-version.sh: line 18: dtc: command not found
*** Your dtc is too old, please upgrade to dtc 1.4 or newer
Even though the fix for this build failure is easy, I prefer to
maintain only imx6ulevk_defconfig, which is a target for the
same board, but uses mainline kernel and U-Boot versions instead.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/66561695
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f24f0ca777)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently this target fails to build:
arch/arm/mach-imx/built-in.o: In function `init_mmdc_lpddr2_settings':
platform-spi_imx.c:(.text+0x8f18): undefined reference to `imx6sll_lpddr2_freq_change'
arch/arm/mach-imx/built-in.o: In function `imx6ul_cpuidle_init':
platform-spi_imx.c:(.init.text+0x195c): undefined reference to `mx6ull_lpm_wfi_end'
platform-spi_imx.c:(.init.text+0x1960): undefined reference to `mx6ull_lpm_wfi_start'
platform-spi_imx.c:(.init.text+0x1964): undefined reference to `imx6ull_low_power_idle'
arch/arm/mach-imx/built-in.o: In function `imx6sl_init_late':
platform-spi_imx.c:(.init.text+0x56f0): undefined reference to `imx6sll_cpuidle_init'
Makefile:969: recipe for target 'vmlinux' failed
NXP 4.9 kernel does not properly support mx31, so better remove this target.
mx31_3stack board is currently supported in U-Boot and kernel mainline,
so if someone is interested on this board, then a target can be introduced
later which uses these mainline components.
Currently I do not have access to this board, so remove it its defconfig
for now.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/66561688
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ed947dce16)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently this target fails to build:
Error: No BOOT_FROM tag in board/freescale/mx6slevk/imximage.cfg.cfgtmp
arch/arm/imx-common/Makefile:91: recipe for target 'u-boot-dtb.imx' failed
This problem has been already solved in upstream U-Boot, but not
on NXP version of U-Boot.
To avoid the maintainance burden of keeping two defconfigs for the
same board, remove freescale_imx6sololiteevk_defconfig in favor
of imx6slevk_defconfig, which uses U-Boot and kernel mainline.
Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/66561693
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c41576cad1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-nasm fails to compile with GCC 8:
In file included from ./include/nasm.h:46,
from asm/nasm.c:47:
./include/nasmlib.h:194:1: error: ‘pure’ attribute on function returning ‘void’ [-Werror=attributes]
void pure_func seg_init(void);
^~~~
Pull a patch from upstream that removes the stale declaration of
seg_init, which was eliminated a long time ago.
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3aa64a0e82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update several of the licenses annotated in the gst1-plugins-bad.mk file.
1. Specify GPL-2.0 in license info.
* All of the *.[ch] that specify GPL also specify version 2 or later.
2. Remove GPL from audiovisualizers.
* Changlog notes move from GPL to LGPL. (2015-04-25)
* docs/plugins/inspect/plugin-audiovisualizers.xml claims "LGPL".
* All *.[ch] files under ./gst/audiovisualizers say "GNU Library General Public License".
3. Add GPL to yadif.
* Changelog notes that yadif is "GPL". (2013-02-07)
* docs/plugins/inspect/plugin-yadif.xml claims "GPL".
* All *.[ch] files under ./gst/yadif say "GNU General Public License" except for one "GNU Library General Public License".
4. Remove UNKNOWN from fdk_aac.
* docs/plugins/inspect/plugin-fdkaac.xml claims "LGPL".
* All *.[ch] files under ./ext/fdkaac say "GNU Lesser" or "GNU Library General Public License".
5. Add BSD-2c to dtls.
* docs/plugins/inspect/plugin-dtls.xml claims "BSD".
* All *.[ch] files under ./gst/dtls have BSD-2c text.
6. Add BSD-2c to openh264.
* Changelog notes that openh264 is "BSD-2". (2014-10-03)
* docs/plugins/inspect/plugin-openh264.xml claims "BSD".
* All *.[ch] files under ./ext/openh264 have BSD-2c text.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 34f256a9da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Use "GST1_PLUGINS_BAD_LICENSE := $(GST1_PLUGINS_BAD_LICENSE), xxxx" construct
so that the list of licenses is presented as a comma-separated list.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 782deb7a4d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, GST1_PLUGINS_BAD_LICENSE_FILES starts out set to
both the GPL COPYING file and the LGPL COPYING.LIB file, but
the GST1_PLUGINS_BAD_LICENSE handling only claims LGPL, and
then intelligently adds GPL if needed. This change moves the
GPL file addition to the same conditional clause so that the
GPL file is included in the legal-info location only if GPL
code is actually used.
Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2bbb6b8001)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Bump the docker image to the latest tag to have flake8 pre-installed.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 12b08c2be6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The systemd ConditionNeedsUpdate option is useful when offline updates
of the vendor operating system resources in /usr require updating of
/etc or /var on the next following boot.
Two examples of services making use of this option are
systemd-hwdb-update.service and systemd-sysusers.service.
ConditionNeedsUpdate=/etc will be true if the mtime of /etc/.updated
is older than the mtime of /usr. After services conditional on
ConditionNeedsUpdate have run, systemd-update-done.service will
synch the mtime of /usr to /etc/.updated so that the condition will
be false on subsequent boots.
For systems with writable /usr partitions where updates are done to
the running system, the update program will touch /usr as a final step.
But with Buildroot, where updates are often done by dumping a new
image onto the device, and where /usr is on a filesystem mounted
read-only, touching /usr as part of the update process is not practical.
Instead, it should be done a build time.
For testers, please note that systemd-update-done in v234 added a
regression where the mtime of /etc/.updated is set to the current time
instead of the mtime or /usr. This will be fixed in v239.
For more details, see:
http://0pointer.de/public/systemd-man/systemd.unit.htmlhttp://0pointer.de/public/systemd-man/systemd-update-done.service.html
Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbe5c6dad4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
crypt() is an optional glibc feature. Some distros, like Fedora 28, are
phasing it out to be replaced with libxcrypt [1]. Unfortunately this
change is only ABI compatible, not source code compatible, i.e. the code
will compile with warnings about undefined crypt(), but the resulting
binary will crash.
Follow the guidance in the Fedora bug and include crypt.h when
_XOPEN_CRYPT is not defined.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1566464
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3c514c2dc5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fedora 28 switched to GCC8.
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
[Thomas: fixup location of SoB in the patch.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit a1b7f5e64d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fedora 28 switched to GCC 8.x.
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e13ab2e04a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When rebuilding a package, simply appending the package's file list to
the global list means that the package list grows for every rebuild, as
does the time taken to check for files installed by multiple packages.
Furthermore, we get false positives where a file is reported as being
installed by multiple copies of the same package.
With this approach we may end up with orphaned files in the target
filesystem if a package that has been updated and rebuilt no longer
installs the same set of files, but we know that only a clean build will
produce reliable results. In fact it may be helpful to identify these
orphaned files as evidence that the build is not clean.
Signed-off-by: John Keeping <john@metanate.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d3dca1e993)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since bluez5_utils 5.48, some code using readline was compiled even if
readline was not available. After this issue was reported upstream, a
patch was proposed by an upstream developer to address the issue. This
commit integrates this patch (under review upstream), which fixes the
problem.
Fixes:
http://autobuild.buildroot.net/results/3e266a79acab8b8eb33360f7afbc1cd6db46f7cb/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d4158df6c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-12122: An exploitable code execution vulnerability exists in the
ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted
ILBM image can cause a heap overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14440: An exploitable code execution vulnerability exists in the
ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted
ILBM image can cause a stack overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14441: An exploitable code execution vulnerability exists in the
ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted
ICO image can cause an integer overflow, cascading to a heap overflow
resulting in code execution. An attacker can display a specially crafted
image to trigger this vulnerability.
CVE-2017-14442: An exploitable code execution vulnerability exists in the
BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted
BMP image can cause a stack overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14448: An exploitable code execution vulnerability exists in the
XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted
XCF image can cause a heap overflow resulting in code execution. An
attacker can display a specially crafted image to trigger this
vulnerability.
CVE-2017-14449: A double-Free vulnerability exists in the XCF image
rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image
can cause a Double-Free situation to occur. An attacker can display a
specially crafted image to trigger this vulnerability.
CVE-2017-14450: A buffer overflow vulnerability exists in the GIF image
parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image
can lead to a buffer overflow on a global section. An attacker can display
an image to trigger this vulnerability.
For details, see the announcement:
https://discourse.libsdl.org/t/sdl-image-2-0-3-released/23958
Also add a hash for the license file while we're at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5fb8fbbb3e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop now upstreamed patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f26654596e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Requests need hashlib to run with Python 2. Otherwise it is not possible to
import, due to missing e.g. md5.
[Peter: tweak commit message]
Signed-off-by: Sven Haardiek <sven.haardiek@iotec-gmbh.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2c2f6f6630)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the run-time tests to build rust and rust-bin packages are run via Docker,
the $USER environment variable is not set, which makes cargo fail when
initializing the test project.
So add it to make cargo happy.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 09a5eb427a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If one wants to use GDB with python support on the target, you need the support
files installed by GDB. These get usually deleted to save some space, so I just
wrapped the Makefile code deleting them in a conditional block depending on if
python support is active or not.
Signed-off-by: Jonas Zaddach <jzaddach@cisco.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas:
- use positive logic "if python is disabled"
- put the comment inside the condition, as suggested by Arnout]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fa5ca6974d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
CMake < 3.11 doesn't support add_library() without any source file
(i.e add_library(foo SHARED)). But flann CMake use a trick that use
an empty string "" as source list (i.e add_library(foo SHARED "")).
This look like a bug in CMake < 3.11.
With CMake >= 3.11, the new behaviour of add_library() break the
existing flann CMake code.
>From CMake Changelog [1]:
"add_library() and add_executable() commands can now be called without
any sources and will not complain as long as sources are added later
via the target_sources() command."
Note: flann CMake code doesn't use target_sources() since no source file
are provided intentionally since the flann shared library is created by
linking with the flann_cpp_s static library with this line:
target_link_libraries(flann_cpp -Wl,-whole-archive flann_cpp_s -Wl,-no-whole-archive)
If you try to use "add_library(flann_cpp SHARED ${CPP_SOURCES})" (as it should
be normally done), the link fail due to already defined symbol.
They are building the shared version using the static library "to speedup the
build time" [3]
This issue is already reported upstream [2] with a proposed solution.
Fixes:
http://autobuild.buildroot.net/results/b2f/b2febfaf8c44ce477b3e4a5b9b976fd25e8d7454
[1] https://cmake.org/cmake/help/v3.11/release/3.11.html
[2] https://github.com/mariusmuja/flann/issues/369
[3] 0fd62b43be
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Davide Viti <zinosat@tiscali.it>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0c469478f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 062dcceed0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4a92ee34da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-9234: Unenforced configuration allows for apparently
valid certifications actually signed by signing subkeys.
Remove --disable-doc from configure options. We pass this options to all
autotools packages.
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3db93884a4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The version of the ARM Trusted Firmware from Marvell was a Git branch,
not a Git commit, leading to unreproducible results. So let's use a
Git commit instead, which is the latest available from the branch that
was previously used.
More specifically, this branch has recently seen a fix that is needed
for ATF to build properly with recent gcc versions:
c96ec59f8b
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ac260a2ace)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The version of the ARM Trusted Firmware from Marvell was a Git branch,
not a Git commit, leading to unreproducible results. So let's use a
Git commit instead, which is the latest available from the branch that
was previously used.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c0f8d16621)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This test case currently fails to build with:
./build/juno/release/bl1/context_mgmt.o: In function `cm_prepare_el3_exit':
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): undefined reference to `cm_set_next_context'
context_mgmt.c:(.text.cm_prepare_el3_exit+0x54): relocation truncated to fit: R_AARCH64_JUMP26 against undefined symbol `cm_set_next_context'
This issue has been fixed upstream in commit
10c252c14b7f446c0b49ef1aafbd5d37804577dd, available since v1.3. So
while we bump, let's bump to the latest version of ATF, v1.5.
Fixes:
https://gitlab.com/buildroot.org/buildroot/-/jobs/64360659
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e74a7cd1e0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The release announcement mentions these security fixes:
Defend against Bellcore glitch attacks by verifying the results of RSA
private key operations.
Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the HMAC
key of a single, uninterrupted connection (with no resumption of the
session).
Reject CRLs containing unsupported critical extensions.
Fix a buffer overread in ssl_parse_server_key_exchange() that could
cause a crash on invalid input. (CVE-2018-9988)
Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
a crash on invalid input. (CVE-2018-9989)
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit babc94e9dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2c82d7c605)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8fa4e97929)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
