As reported in the bug report [1], gcc < 6 doesn't build when
FORTIFY_SOURCE is set to 1 or 2. The issue is related to the
upstream bug report [2] but the patch fixing the issue for gcc 6
has not been backported to earlier gcc versions.
Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1
and BR2_FORTIFY_SOURCE_2.
[1] https://bugs.busybox.net/show_bug.cgi?id=11476
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
[3] 55f12fce4c
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Peter: only limit for internal toolchain as suggested by Matthew]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
For the default (BR2_SYSTEM_DHCP) /etc/network/interfaces handling.
Both the "big" and busybox ifupdown variants pass the hostname argument to
the DHCP client through the shell, so we can use $() to expand to the
current hostname value.
Notice that this may not be handled by all DHCP clients.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Enable tcpkill based on libnet availability
- Add BSD-3-Clause for tcpkill, added in version 1.46 and
f2a1f8b091
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Switch site from sourceforge to github as there is no new releases on
sourceforge and http://ngrep.sourceforge.net/ is redirected to
https://github.com/jpr5/ngrep/
- Remove first patch, not needed since version 1.46 and
997c9d81d3
as this commit added the support for system pcre
- Remove second patch, not needed since version 1.46 and
2d8fd9ac7e
- Remove third patch and LIBS=-lpcap -lpcre, not needed since 1.46 and
cca6e3121f
- LICENSE.txt has been renamed to LICENSE since version 1.47 and
3cb4c580a9
- Add an upstream patch to fix --enable-pcre: keep pcre as a mandatory
dependency as this is the current behavior in version 1.45. PCRE will
made optional in an other patch
- Remove --with-pcre which is not recognized anymore
- Add two other patches to fix --disable-tcpkill
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
curl can be statically linked with mbedtls, in this case build will fail
on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'
This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z
even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz
This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by -lmbedcrypto
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This reverts commit 48218732a3 because
LTLIBMBEDCRYPTO will return "-lmbedcrypto
-R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib"
On some compilers, -R option won't be recognized and this will prevent
the detection of libz:
configure:17809: /accts/mlweber1/scripts/instance-3/output/host/bin/i586-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -Os -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/include conftest.c /accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib/libz.so -Wl,-rpath -Wl,/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -L/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -lmbedcrypto -R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib >&5
i586-linux-gcc.br_real: error: unrecognized command line option '-R'; did you mean '-R'?
Fixes:
- http://autobuild.buildroot.org/results/68623f22b49473177c889fe7b12625d779cbd1ed
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.
In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.
So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.
BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)
With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.
When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"
The test is doing the following command line:
echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]
When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?
When we look at the gcc-initial log file (config.log) we can see an
error with 'as':
configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
.text
.cfi_startproc
.cfi_offset 0, 0
.cfi_same_value 1
.cfi_def_cfa 1, 2
.cfi_escape 1, 2, 3, 4, 5
.cfi_endproc
This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).
"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).
The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.
The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.
This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option
Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.
Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389
[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Needed for example for phppgadmin.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add missing BR2_USE_WCHAR dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix a segfault in auditd when dns resolution isn't available. Additional
changes since 2.8.2 can be seen at
http://people.redhat.com/sgrubb/audit/ChangeLog
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We already turn on kernel features for several packages, so let's do it
for audit too, since the daemon is useless and fails to load otherwise.
Notice that we also turn NET on, since AUDIT depends on NET, like we do
for the wireguard package.
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
audispd is installed at /usr/sbin but the configuration file pointed
to /sbin, causing auditd to fail on startup.
This patch cannot be sent upstream because audispd does not exist
anymore on the master branch (it was merged to auditd).
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
curl can be statically linked with mbedtls, in this case build will
fail on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'
This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z
even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz
This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by $LTLIBMBEDCRYPTO as suggested by Thomas
during review of https://patchwork.ozlabs.org/patch/989339
Fixes:
- http://autobuild.buildroot.org/results/dc7810d5d5c62658837cdd2faae6fe3390f968a2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Specify the path to found libkrb5 as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
For the time being, disable clang that is used to build BPF (in-kernel
bytecode machine) protocols.
Indeed, if an old version of clang is found on the host, it could be
used to build object files with a "None" architecture which will be
rejected by support/scripts/check-bin-arch
Fixes:
- http://autobuild.buildroot.org/results/c18fb7f1ac81496db9c3a4e91ea028a26ca600b0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the following check-package warning:
fs/f2fs/Config.in:51: consecutive empty lines
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz, reworded
Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch makes possible to create rootfs image using f2fs
filesystem.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas:
- keep only the minimal functionality, as suggested by Yann E. Morin
- use truncate -s instead of dd to create the initial empty image
file, as suggested by Yann E. Morin]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Having a host variant of this package is useful to create f2fs
filesystem images.
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: add explicit --without-blkid and --without-selinux options,
following the review from Yann E. Morin.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since commit 4e1dbd063d ("package/bdwgc:
bump to version 8.0.0"), we no longer have any patch that requires
autoreconf. In addition, the libtool shipped with the package seems to
no longer be bogus, because it builds perfectly fine without
autoreconf. Therefore, let's drop this autoreconf.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes [1] (for older toolchains not providing this header):
CC keytable.o
In file included from bpf.h:26:0,
from keytable.c:37:
../../include/linux/bpf.h:12:10: fatal error: linux/bpf_common.h: No such file or directory
#include <linux/bpf_common.h>
^~~~~~~~~~~~~~~~~~~~
[1] http://autobuild.buildroot.org/results/d22c0939eed4bc949f7eaeae7595d01ec45cc2cd
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
We used to exclude GCC's test-suite for quite some time now
mostly for the sake of space reduction.
But:
1. On each GCC version bump we need to revise that functionality
as we need to accommodate changes in GCC sources and this
couldn't be automated
2. The space reduction is significant, but not huge. The two test
suites together take up 290MB, out of 660MB total for GCC (each of
them times two because there is the -initial and -final copy).
However, whenever we build GCC, we also have kernel headers (about
900MB) and a libc (e.g. glibc is 250MB). So at best, it saves less
than 20%.
3. It doesn't really save on build time either.
Below are timings of 2 runs on my laptop:
a) Vanilla master:
--------------------->8---------------------
time make host-gcc-final
real 7m15.114s
user 19m36.611s
sys 2m26.927s
--------------------->8---------------------
b) master + testsuite:
--------------------->8---------------------
time make host-gcc-final
real 7m59.860s
user 20m21.668s
sys 2m36.618s
--------------------->8---------------------
From figures above it's seen that difference is ~45 seconds
or ~10%. On both host-gcc-initial and -final we may save ~1.5
minutes... but these are not the only components we build and
compared to a total toolchain build time IMHO it is not that
much time to care especially traded for maintenance costs
on GCC version bumps.
Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
[Arnout: add explanation about size impact.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This patch adds davici which is an alternative implementation of the
VICI client protocal used by Strongswan. It targets better integration
with software stacks and uses a asynchronous, non-blocking API that can
be integrated in third-party main dispatching loops without the use of
threads.
Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
[Thomas: fix license, it's LGPL-2.1+, add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- lua 5.3 or luajit is not supported
- Don't specify the path to find lua as pkgconfig is used for lua
(this is not the case for the other options)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Optional dependency to libssh has been added with version 2.2.1 and
d6da95231e
- Specify the path to found libssh as this is done for other options
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some packages have archive name that is different from package name.
For example websocket-client's archive name is websocket_client-*.tar.gz.
scanpypi expects the temporary extract folder to be:
/tmp-folder/BR-package-name/PyPI-packagename-and-version
In the case of websocket-client package the real extraction folder
will be different from the expected one because of the '_' in the
archive file name.
Use archive file name instead of package name to specify the extraction
folder. As the version is already part of this file, we don't need to
specify it.
Bonus: remove obsolete "return None, None" as the function doesn't return
anything. OSError class doesn't provide "message" member, so replace it
with "strerror".
Fixes:
https://bugs.busybox.net/show_bug.cgi?id=11251
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove first patch (already in version):
7c13fb8fcc
- Remove second patch (already in version)
- Update license hash: Update header copyright (add Ivan Maidanski), see
3bd265a64b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
external.desc must be present when using a br2-external tree. The
documentation notes this later in the text, but the file is missing
from the initial overview of files.
Fixes bug #11481.
Signed-off-by: Philipp Wagner <mail@philipp-wagner.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Suppose we use Makefile wrapper and build some project out of
buildroot tree (O=...). A command like "make
busybox-all-external-deps" will output the string "uname 022 && make
..." to stdout before the usefull information. It pollutes stdout. At
the same time if we use the same command in the buildroot source-tree
then we don't get the additional output. This patch makes wrapper
silent by default. People who prefer to see more verbose output can
use V=1.
Signed-off-by: Serj Kalichev <serj.kalichev@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add hash for the license file.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The django-admin cli tool is loaded as entry point with pkg_resources,
which is provided by setuptools.
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Use CFLAGS_EXTRA to pass C and C++ flags in a single variable
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Upstream removed support for non-wchar toolchains:
85feb77aa0
Propagate the new dependency to other packages.
Fixes
http://autobuild.buildroot.net/results/b73/b73342a39167ed7f293224d4e3b23dde691b9abf/
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: also propagate to the php, qt and qt5base packages.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
