While building I noticed:
>>> host-ccache 3.3.4 Building
conf.c: In function 'conf_create':
conf.c:314:2: warning: too many arguments for format [-Wformat-extra-args]
conf->cache_dir = format("/home/peko/.buildroot-ccache", get_home_directory());
^
As host-ccache gets installed into $(HOST_DIR) and is part of the SDK,
hardcoding the build user homedir isn't really nice for the relocatable
SDK feature (or simply for a SDK used by multiple users).
As the warning shows, CCache replaces "%s" with the current user home
directory, so rewrite BR_CACHE_DIR to use this feature if it begins with
$HOME.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit bdca0d0581)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Changing setup type to setuptools avoids installing as zipped .egg
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 37cb6e971c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The XVISOR_ARCH check added in commit
117fd5dfbc ("xvisor: fix build on
AArch64") broke Buildroot entirely on all architectures except ARM,
AArch64 and x86-64, because the $(error ...) test was not enclosed
inside a condition that made sure the xvisor package was enabled.
This commit fixes that, and allows Buildroot to be usable again on all
architectures.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 27ce235cdb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Xvisor was failing to build on AArch64 with:
package/xvisor/xvisor.mk:60: *** No Xvisor defconfig name specified, check your BR2_PACKAGE_XVISOR_DEFCONFIG setting. Stop.
The first problem is that the Config.in file had a typo: it was using
BR2_AARCH64 instead of BR2_aarch64, and therefore the
BR2_PACKAGE_XVISOR_DEFCONFIG variable had no value.
Once this is fixed, another problem occurs: the ARCH variable needs to
be specified as "arm" for XVisor, for both ARM and AArch64. Therefore,
a XVISOR_ARCH variable is introduced, which is calculated according to
the Buildroot configuration options. Only x86-64, arm and aarch64 are
supported by Xvisor currently, so it remains simple.
Fixes:
http://autobuild.buildroot.net/results/1719a63ff257f13634a06a14327abfb327984101/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 117fd5dfbc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
FEATURE_CLEAN_UP is a configuration feature to get busybox to explicitly
call free() on dynamic allocated memory just before exiting so memory leak
detectors like valgrind don't get confused. Upstream explicitly recommends
to NOT enable this option:
config FEATURE_CLEAN_UP
bool "Clean up all memory before exiting (usually not needed)"
default n
help
As a size optimization, busybox normally exits without explicitly
freeing dynamically allocated memory or closing files. This saves
space since the OS will clean up for us, but it can confuse debuggers
like valgrind, which report tons of memory and resource leaks.
Don't enable this unless you have a really good reason to clean
things up manually.
Having this option enabled adds a bit of bloat, but more significantly these
cleanup code paths don't get tested very often so some times get out of sync
with the allocation code which can lead to crashes (or security issues from
double frees), so it is safer to disable the option.
For people wanting to debug memory leak issues with busybox, the option can
still be enabled with a configuration fragment (or a custom config).
The size difference isn't huge (br-arm-full-static):
-rwxr-xr-x 1 peko peko 886K Jul 5 10:56 output-busybox1/target/bin/busybox
-rwxr-xr-x 1 peko peko 882K Jul 5 10:53 output-busybox2/target/bin/busybox
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 15e8e721f6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default, libglib enables some fairly aggressive warnings, treated
as errors. In particular, the -Wformat=2 warning triggers a warning
due to the return value of the ngettext() macro from uClibc libintl
stub not being understood as being potentially a format string.
So, before we enable the stub libintl in uClibc, we disable such
warnings. A bug will be reported to upstream uClibc to get the actual
bug fixed, but disabling compiler warnings treated as errors is anyway
a good thing in the context of Buildroot.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit f2800ac57c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The size parameter from sock_recvmsg() was removed from Linux kernel
API since 4.7. This commit adjusts the existing
0004-Port-one-one_udp.c-to-Linux-4.1.patch to fix the build with Linux
>= 4.7.
Signed-off-by: Matthew Shyu <matthew.shyu@amlogic.com>
[Thomas: improved commit title/log.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 0ae2cab416)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
systemd does not like being booted without any timezone info (especially
on a R/O filesystem), so we forcibly enable that.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
[Thomas: fix alphabetic ordering.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 81597b82e2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Patches downloaded from Github are not stable, so bring them in the
tree.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7ced54845c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since [1] syslinux is built with the target toolchain in order to
properly build with gnu-efi package. But toolchains built with
binutils 2.26 break the syslinux legacy-BIOS build as reported at [2],
due to binutils bug #19615.
Thanks to Benoît Allard for the investigation and the link to the
binutils bug [3].
[1] 6e432d5ecb
[2] http://lists.busybox.net/pipermail/buildroot/2017-July/196253.html
[3] https://sourceware.org/bugzilla/show_bug.cgi?id=19615
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Benoît Allard <benoit.allard@greenbone.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 42638a1d12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
If util-linux is not installed system-wide on the host, the build
fails with:
/usr/bin/gcc -Wp,-MT,isohybrid.o,-MMD,./.isohybrid.o.d -O2 -I/home/thomas/projets/buildroot/output/host/usr/include -W -Wall -Wstrict-prototypes -Os -fomit-frame-pointer -D_FILE_OFFSET_BITS=64 -I/home/thomas/projets/buildroot/output/build/syslinux-6.03/utils -c -o isohybrid.o /home/thomas/projets/buildroot/output/build/syslinux-6.03/utils/isohybrid.c
/home/thomas/projets/buildroot/output/build/syslinux-6.03/utils/isohybrid.c:40:23: fatal error: uuid/uuid.h: No such file or directory
#include <uuid/uuid.h>
^
compilation terminated.
Therefore, this commit adds a dependency on host-util-linux, which
will ensure that libuuid is available. The resulting isohybrid tool is
really installed, and linked with libuuid:
$ readelf -d output/host/usr/bin/isohybrid
Dynamic section at offset 0x3e00 contains 26 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libuuid.so.1]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x000000000000000f (RPATH) Library rpath: [/home/thomas/projets/buildroot/output/host/usr/lib]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d98d7d660e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 435b4cce0f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Upstream removed the src/daemon/pulseaudio-kde.desktop.in since the
version 6.0 [1].
[1] f46799579f
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 90536c3dfc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
CVE-2017-8372 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted
audio file.
CVE-2017-8373 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted audio file.
CVE-2017-8374 - The mad_bit_skip function in bit.c in Underbit MAD libmad
0.15.1b allows remote attackers to cause a denial of service (heap-based
buffer over-read and application crash) via a crafted audio file.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6369a06150)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the WebRTC plugin option was introduced in commit
ee267886bc ("gst1-plugins-bad: enable
webrtc plugin"), it was incorrect added as "webrtc", while the actual
name of the plugin and corresponding configure option is "webrtcdsp".
This commit therefore fixes the .mk file to use the correct name. And
also, since we want to keep Buildroot option consistent with the name
of the GStreamer plugins, it renames the Config.in option as well, and
introduces the necessary Config.in.legacy handling.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4c06d2490a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
pngquant's homegrown configure script doesn't understand CC with a
space, so we can't use ccache with it. Only the host variant is
affected: for the target, we call ccache from the toolchain-wrapper so
it's transparent to the configure script.
This wasn't seen in the autobuilders since they never enable
BR2_CCACHE.
To test, use any configuration and do
make BR2_CCACHE=y host-pngquant
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a6168db97)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the release notes:
- Avoid memset(NULL, 0, 0) to calm down the paranoid.
- Fix bug 252, invalid read of size 1 in ID3v2 parser due to forgotten
offset from the frame flag bytes (unnoticed in practice for a long time).
Fuzzers are in the house again. This one got CVE-2017-10683.
https://sourceforge.net/p/mpg123/bugs/252/
- Avoid a mostly harmless conditional jump depending on uninitialised
fr->lay in compute_bpf() (mpg123_position()) when track is not ready yet.
- Fix undefined shifts on signed long mask in layer3.c (worked in practice,
never right in theory). Code might be a bit faster now, even. Thanks to
Agostino Sarubbo for reporting.
dlopen() is now directly used to load output modules (and the
--with-modules-suffix option has been removed), so adjust the modules logic
to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b3a0afd47f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
avcodec 2.2.x, as used in VideoLAN VLC media player 2.2.7-x before
2017-06-29, allows out-of-bounds heap memory write due to calling memcpy()
with a wrong size, leading to a denial of service (application crash) or
possibly code execution.
https://trac.videolan.org/vlc/ticket/18467
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b9153ed954)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Peter: License is GPL-2.0+ / LGPL-2.1+]
Signed-off-by: Martin Kepplinger <martink@posteo.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 56ed4a1ef2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
By default, cut prints the entire line if the specified delimiter is not
present at all:
$ printf "foo bar" | cut -d' ' -f2
bar
$ printf "foobar" | cut -d' ' -f2
foobar
In setlocalversion, cut is presented with the output of 'hg id' which has
the format:
"<revision> <tags-if-any>"
If the current revision is not tagged, the output of 'hg id' does not
contain the delimiter (space), cut prints the entire string, and
setlocalversion thinks the version is the tag.
As setlocalversion does not print anything for tagged versions, there is no
output overall, and no correct indication of the mercurial revision.
Fix by passing the extra cut option '--only-delimited', which suppresses
output if no delimiter is found.
This problem likely went unnoticed for so long, because the tag 'tip' (i.e.
most recent revision of the branch) is treated specially: in this case the
mercurial revision _is_ printed, i.e. the situation is treated as
'untagged'.
The problem is only seen when you are _not_ at the most recent revision in
your branch.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ec019bcf64)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone
transfers
An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name may be able to
circumvent TSIG authentication of AXFR requests via a carefully constructed
request packet. A server that relies solely on TSIG keys for protection with
no other ACL protection could be manipulated into:
* providing an AXFR of a zone to an unauthorized recipient
* accepting bogus NOTIFY packets
https://kb.isc.org/article/AA-01504/74/CVE-2017-3142
CVE-2017-3041: An error in TSIG authentication can permit unauthorized dynamic
updates
An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name for the zone and service
being targeted may be able to manipulate BIND into accepting an unauthorized
dynamic update.
https://kb.isc.org/article/AA-01503/74/CVE-2017-3143
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit a0c53973f8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The curl license is a MIT/X derivative license, but
has a distinct identifier in SPDX, so use that:
https://spdx.org/licenses/curl.html
[Peter: reword commit message]
Signed-off-by: Naoki Matsumoto <n-matsumoto@melcoinc.co.jp>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d80110a635)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
0001 patch already included in this release:
b218117cad
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit f4a3853423)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-8312: Heap out-of-bound read in ParseJSS in VideoLAN VLC due
to missing check of string length allows attackers to read heap
uninitialized data via a crafted subtitles file.
[Peter: add CVE info]
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit b2f2f92887)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Static build with external musl toolchain leaves a dangling symlink to
libc.so. Don't create that symlink on static build.
Cc: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7cfd40f2d9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Qt5Multimedia builds the alsa plugin if it detects libasound in the
system. Add alsa-lib to dependencies if BR2_PACKAGE_ALSA_LIB is
selected.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 8d7dd837e5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Qt5Multimedia includes support for pulseaudio if it detects libpulse
and libpulse-mainloop-glib in the system at build-time. We need to
depend on pulseaudio and libglib2 if it is selected.
Signed-off-by: Bartosz Golaszewski <brgl@bgdev.pl>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit ac8044fc32)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In some cases, passing STRIP=true is not sufficient to disable striping
altogether, as some (incorrectly generated?) configure scripts will
ignore a ${STRIP} that is not a full path.
This is the case, for example, for nmap, which ends up using the host
strip command when we pass STRIP=true:
checking for arm-buildroot-linux-gnueabihf-strip... no
checking for strip... /usr/bin/strip
configure: WARNING: using cross tools not prefixed with host triplet
[--SNIP--]
/usr/bin/install -c -c -m 755 nping /home/ymorin/dev/buildroot/O/target/usr/bin/nping
/usr/bin/strip -x /home/ymorin/dev/buildroot/O/target/usr/bin/nping
/usr/bin/strip: Unable to recognise the format of the input file `/home/ymorin/dev/buildroot/O/target/usr/bin/nping'
We fix that by forcing a full path to the strip sommand when it is
disabled: STRIP=/bin/true
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit d5dcc76d9e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an upstream patch that fixes segfaults when executed on MIPS due to
incorrect handling of system call numbers on MIPS platforms.
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 981c39ea72)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fix a "duplicate 'const' declaration specifier" error that occurs when
building Xen. As the issue has already been fixed in upstream Xen let's
just backport the fix to apply here.
Fixes:
http://autobuild.buildroot.net/results/3a0/3a03c328bc6a6c30cc4f619925608d735632211f/
Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 7289d2729d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the NEWS file:
- Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 10ce9c6f8d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH
values to manipulate the heap/stack, causing them to alias, potentially
resulting in arbitrary code execution. Please note that additional
hardening changes have been made to glibc to prevent manipulation of stack
and heap memory but these issues are not directly exploitable, as such they
have not been given a CVE.
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Patches are identical to upstream, except that the ChangeLog modifications
have been stripped.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c87fdfb605)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2017-9868: In Mosquitto through 1.4.12, mosquitto.db (aka the
persistence file) is world readable, which allows local users to obtain
sensitive MQTT topic information.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e51d69a3b1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add a fix for CVE-2017-9445: In systemd through 233, certain sizes passed to
dns_packet_new in systemd-resolved can cause it to allocate a buffer that's
too small. A malicious DNS server can exploit this via a response with a
specially crafted TCP payload to trick systemd-resolved into allocating a
buffer that's too small, and subsequently write arbitrary data beyond the
end of it.
The other patch fixes an issue with the security fix.
[Peter: use CVE description from MITRE]
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6da327adb2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#9976.
Reported-by: Nick Wright <nwright98@gmail.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 54778b7d7e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
tmpfile support is optional in systemd but the dhcp server install it's
config file in $(TARGET_DIR)/usr/lib/tmpfiles.d directory when systemd
is used as init system.
So it seems that dhcp server require tmpfile support for systemd based
system.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 51a24f8d71)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
