The release announcement mentions these security fixes:
Defend against Bellcore glitch attacks by verifying the results of RSA
private key operations.
Fix implementation of the truncated HMAC extension. The previous
implementation allowed an offline 2^80 brute force attack on the HMAC
key of a single, uninterrupted connection (with no resumption of the
session).
Reject CRLs containing unsupported critical extensions.
Fix a buffer overread in ssl_parse_server_key_exchange() that could
cause a crash on invalid input. (CVE-2018-9988)
Fix a buffer overread in ssl_parse_server_psk_hint() that could cause
a crash on invalid input. (CVE-2018-9989)
Drop upstream patch.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit babc94e9dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 2c82d7c605)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While at it add the license file hash.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8fa4e97929)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Build infos can break the build due to missing terminating " character.
Fixes:
http://autobuild.buildroot.net/results/3b1/3b1182783fc958dfed96c6b1c097993662fc7308
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4600c2444d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In commit 2a27294e9a ("grub2: force
-fno-stack-protector in CFLAGS"), a fix was made to the grub2 package
to make it build properly even when SSP support is enabled.
However, commit 20a4583ebf ("security
hardening: add RELFO, FORTIFY options") reworked how SSP options are
passed, and they are now passed in CPPFLAGS instead of CFLAGS, making
the fix introduced by 2a27294e9a no
longer operating.
This commit will force no-stack-protector in CPPFLAGS instead of
CFLAGS.
Fixes bug #10961.
Signed-off-by: Tarek El-Sherbiny <tarek_el-sherbiny@waters.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 523b27afa9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove a runtime warning message about configuration file being too old.
Do the same as commit 3dad25466d "syslog-ng: Bump version header in conf
file to 3.9". Package version of syslog-ng is 3.10.1, so bump version
number in syslog-ng.conf to 3.10.
Also add a comment to avoid the same warning message reappears when the
package is bumped.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Chris Packham <judge.packham@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 905f8d814a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
https://pypi.python.org URL has been changed to https://pypi.org.
Package's JSON object now contains sha256 checksum, so use it
instead of locally computed one. Change comments in the hash
file accordingly.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6766ff9d12)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
set x-includes and x-libraries configure option for cross-compiling.
wmctrl can use poisoned paths if these options are not passed to
configure script.
Fixes:
http://autobuild.buildroot.net/results/7e5/7e5cba8a5650a00e10d1a5528f38cb2bf772aee1
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Jérôme Pouiller <jezz@sysmic.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 046c5e2563)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
QML modules for QtWebSockets are located in /usr/qml/QtWebSockets since
Qt 5.5.
/usr/qml/Qt/WebSockets still exists for compatibility reasons, but
it contains only a qmldir file which points to ../../QtWebSockets/.
see also: http://doc.qt.io/qt-5.6/qtwebsockets-qmlmodule.html
Signed-off-by: Manfred Schlaegl <manfred.schlaegl@ginzinger.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4f726cef4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Some files were missing on the first build of qt53d but added later:
- by qt5base for the plugins because it copies the whole /usr/lib/qt/plugins
directory
- by qt5declarative for the QML modules because it copies the whole
/usr/qml directory
Also, the qt53d examples were not installed if
BR2_PACKAGE_QT5BASE_EXAMPLES was set.
Signed-off-by: Romain Reignier <rom.reignier@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 4fd448c9c1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In addition to the 'halt', 'poweroff', 'reboot' symlinks pointing to
systemctl, add 'shutdown'.
Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 36ed046623)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The /lib/firmware directory contains random firmware for various
devices. It happens that some of them might be or appear to be ELF
files, but they shouldn't be checked by fix-rpath. For example, one of
the Qualcomm VPU firmware file appears to be an ELF file, but patchelf
isn't happy about it:
$ ./output/host/bin/patchelf --print-rpath output/target/lib/firmware/qcom/venus-4.2/venus.b00
patchelf: patchelf.cc:387: void ElfFile<Elf_Ehdr, Elf_Phdr, Elf_Shdr, Elf_Addr, Elf_Off, Elf_Dyn, Elf_Sym>::parse() [with Elf_Ehdr = Elf32_Ehdr; Elf_Phdr = Elf32_Phdr; Elf_Shdr = Elf32_Shdr; Elf_Addr = unsigned int; Elf_Off = unsigned int; Elf_Dyn = Elf32_Dyn; Elf_Sym = Elf32_Sym]: Assertion `shstrtabIndex < shdrs.size()' failed.
Aborted (core dumped)
Even though patchelf definitely shouldn't crash, it anyway doesn't
make sense to check ELF files in /lib/firmware, so let's exclude this
directory from our check.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 184cb52f6d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libglib2 is licensed under LGPL-2.1+ and not LGPL-2.0+ since release
2.53.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fbd809c5f2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Commit 4d279697af added /bin/bash to /etc/shells. In the default
skeleton, however, /etc/shells doesn't exist, so in fact it creates
this file, containing only /bin/bash. Therefore, when bash is selected,
/bin/sh does not appear in /etc/shells and bash is the only shell
allowed. Since /bin/sh is the shell that is used for root in the
default skeleton's /etc/passwd, root is no longer able to log in.
The proper solution is to add all available shells to /etc/shells. For
now, however, just revert commit 4d279697af as a stop-gap measure. That
way, the default situation still works, and only people who update
/etc/passwd with additional logins but don't update /etc/shells will
suffer.
This reverts commit 4d279697af.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=10896
Cc: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Romain Naour <romain.naour@smile.fr>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.
Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f4a4df2084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Custom dts files are still conditionally copied based on non existing
boolean. So it is currently not possible to use custom dts file(s) at all.
List of dts files is now iterated and files are copied into dedicated kernel arch dir.
Signed-off-by: Rafal Susz <rafal.susz@gmail.com>
Tested-by: Jan Kundrát <jan.kundrat@cesnet.cz>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 54157c6c2d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The host directory no longer uses /usr.
This currently works because we still have the legacy /usr
symlink, but for correctness it is better that we just fix it.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Yegor Yefremov <yegorslists@googlemail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit dac25351e6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
zend_alloc.h defines some macros such as:
Where _estrdup is the actual function implemented by the PHP core. If
this header file is not included, and some code uses estrdup, one ends
up with an undefined reference. This happens when libexpat support is
enabled. This commit adds a PHP patch that fixes this issue. The patch
has been submitted upstream through a Github pull request.
Fixes:
http://autobuild.buildroot.net/results/889d2c1f509c035cd506e36061939bfddc8f1500/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fc4b66dbc1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Security fixes since 2.2.12:
- wnpa-sec-2018-15
The MP4 dissector could crash. (Bug 13777)
- wnpa-sec-2018-16
The ADB dissector could crash. (Bug 14460)
- wnpa-sec-2018-17
The IEEE 802.15.4 dissector could crash. (Bug 14468)
- wnpa-sec-2018-18
The NBAP dissector could crash. (Bug 14471)
- wnpa-sec-2018-19
The VLAN dissector could crash. (Bug 14469)
- wnpa-sec-2018-20
The LWAPP dissector could crash. (Bug 14467)
- wnpa-sec-2018-23
The Kerberos dissector could crash. (Bug 14576)
- wnpa-sec-2018-05
The IEEE 802.11 dissector could crash. Bug 14442, CVE-2018-7335
- wnpa-sec-2018-06
Multiple dissectors could go into large infinite loops. All ASN.1 BER dissectors (Bug 14444), along with the DICOM (Bug 14411), DMP (Bug 14408), LLTD (Bug 14419), OpenFlow (Bug 14420), RELOAD (Bug 14445), RPCoRDMA (Bug 14449), RPKI-Router (Bug 14414), S7COMM (Bug 14423), SCCP (Bug 14413), Thread (Bug 14428), Thrift (Bug 14379), USB (Bug 14421), and WCCP (Bug 14412) dissectors were susceptible.
- wnpa-sec-2018-07
The UMTS MAC dissector could crash. Bug 14339, CVE-2018-7334
- wnpa-sec-2018-09
The FCP dissector could crash. Bug 14374, CVE-2018-7336
- wnpa-sec-2018-10
The SIGCOMP dissector could crash. Bug 14398, CVE-2018-7320
- wnpa-sec-2018-11
The pcapng file parser could crash. Bug 14403, CVE-2018-7420
- wnpa-sec-2018-12
The IPMI dissector could crash. Bug 14409, CVE-2018-7417
- wnpa-sec-2018-13
The SIGCOMP dissector could crash. Bug 14410, CVE-2018-7418
- wnpa-sec-2018-14
The NBAP disssector could crash. Bug 14443, CVE-2018-7419
Full release notes:
https://www.wireshark.org/docs/relnotes/wireshark-2.2.14.html
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c5c87c2bb6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Instead of using the install of sam-ba under host/opt directly, use the symlink
created in host/bin. The side effect of doing this instead allows the correct
sam-ba binary to be used based on the host arch being 32 bit or 64 bit.
Signed-off-by: Joshua Henderson <joshua.henderson@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e1452fe843)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the internal PCRE library of PHP is used, it tries to use a JIT
engine, which is only available on some architectures.
However, the mechanism used to disable JIT has changed in recent PHP
versions, and it now has a proper --without-pcre-jit option. Switch
over to that to properly disable JIT on unsupported platforms.
It has been tested to fix the build of PHP on ARC and Microblaze.
Fixes:
http://autobuild.buildroot.net/results/e1359fcad7bc57e3c5a7ecc37abaa2cf6a6a9ffa/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9850612ea5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The BR2_PACKAGE_POSTGRESQL option depends on BR2_USE_MMU, so the
Config.in comment about the dynamic library dependency should only be
displayed if the BR2_USE_MMU requirement is met.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9fec3eb913)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Setting EGLFS_DEVICE_INTEGRATION at the end of qmake.conf like is done
by commit 0c219ddb8a doesn't work correctly: it has to be set before the
include(../common/linux_device_post.conf)
Instead of appending to the file, change it into a qmake.conf.in
template file that contains a placeholder for the
EGLFS_DEVICE_INTEGRATION assignment and update it with sed. Since the
sed always has to be executed, this removes the need for a separate
QT5BASE_CONFIGURE_QMAKE_CONFIG definition.
Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
[Arnout: simplify the replacement, move sunxi-mali support to a
separate patch]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 81fb33af2a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
No functional change, but upstream has now tagged the release, so use the
tag instead of the sha1.
https://github.com/webpy/webpy/issues/449
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 01320bb9ff)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
>From the changelog:
2018-02-28 0.39
* Fixed a security issue with the form module (tx Orange Tsai)
* Fixed a security issue with the db module (tx Adrián Brav and Orange Tsai)
2016-07-08 0.38
..
* Fixed a potential remote exeution risk in `reparam` (tx Adrián Brav)
License files are still not included on pypi, so continue to use the git
repo. Upstream has unfortunately not tagged 0.39, so use the latest commit
on the 0.39 branch. A request to fix this has been submitted:
https://github.com/webpy/webpy/issues/449
0.39 now uses setuptools, so change the _SETUP_TYPE.
Add hashes for the license files.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ce559162fc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
webpy uses hashlib for session handling, so ensure it is available:
web/session.py: import hashlib
web/session.py: sha1 = hashlib.sha1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 543b0d50fb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
Tested-by: Joseph Kogut <joseph.kogut@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 794d16fcac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The license information in qt5script was just copied from all the other
qt5 modules, but it is different (and complicated).
- libQt5Script itself contains the third-party JavaScriptCore source.
JavaScriptCore has a number of licenses: BSD-2-Clause, BSD-3-Clause,
LGPL-2.0+, LGPL-2.1+. Since it is all linked together, the end
result will be BSD-3-Clause and LGPL-2.1+.
The different BSD licenses are all slightly different (different
authors, which affects the third clause in particular). Only one
separate license file is provided, so let's use that one.
There is an LGPL-2.0 license file, which is slightly different from
the top-level LICENSE.LGPLv21, so let's add that one as well.
- libQt5Script also contains Qt-specific code which is all licensed
under LGPL-2.1 only. This is covered by the LICENSE.LGPLv21 file.
It merges with the LGPL-2.1+ from JavaScriptCore but limits it to
2.1 only.
- libQt5ScriptTools is a separate libary containing just the script
debugger. It is covered by the usual Qt license:
* LGPL-2.1 or LGPL-3.0 with exception for Qt 5.6;
* LGPL-3.0 or GPL-2.0+ for Qt 5.9 (actually it is GPL-2.0 or GPL-3.0
or any later version approved by the KDE Qt foundation, but let's
keep it simple :-). Note that there is no LICENSE.GPLv2 provided,
only LICENSE.GPLv3. Also, there is an LGPL_EXCEPTION.txt file but
no mention of an exception anywhere in the sources.
Update the license information with all of the above. Also add hashes
for the new license files from JavaScriptCore.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit d9ec8526bb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes:
http://autobuild.buildroot.net/results/b18/b187e64a61918f17f69588e2355a03286bc5808e
tar 1.27 subtly changed the tar format when a GNU long link entry is added
(which is done for path elements > 100 characters). The code used to set
the permission mode of the link entry to 0:
header = start_private_header ("././@LongLink", size, time (NULL));
FILL (header->header.mtime, '0');
FILL (header->header.mode, '0');
FILL (header->header.uid, '0');
FILL (header->header.gid, '0');
FILL (header->header.devmajor, 0);
FILL (header->header.devminor, 0);
This got dropped in 1.27 by commit df7b55a8f6354e3 (Fix some problems with
negative and out-of-range integers), so the settings from
start_private_header() are used directly - Which are:
TIME_TO_CHARS (t < 0 ? 0 : min (t, MAX_OCTAL_VAL (header->header.mtime)),
header->header.mtime);
MODE_TO_CHARS (S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH, header->header.mode);
UID_TO_CHARS (0, header->header.uid);
GID_TO_CHARS (0, header->header.gid);
The end result is that tar >= 1.27 sets mode to 644.
The consequence of this is that we create different tar files when long path
names are encountered (which often happens when a package downloads a
specific sha1 from a git repo) depending on the host tar version used,
causing hash mismatches.
As a workaround, bump our minimum tar version to 1.27. It would be nicer to
only do this if we have packages from bzr/git/hg enabled, but that is an
exercise for later.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cdac332d20)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From ReleaseNotes156:
"""
This is a bugfix release, but it primarily disables the UDP protocol by
default.
In the last few days reports of UDP amplification attacks utilizing
inesure memcached instances have surfaced. Attackers are able to set
large values into memcached, then send requests via spoofed UDP packets.
Memcached will then send a very large number of very large UDP packets
back in response.
"""
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f03cf639cf)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Install the motion.config file were the program expects it to be. From
the motion source code:
snprintf(filename, PATH_MAX, "%s/motion/motion.conf", sysconfdir);
Signed-off-by: Christopher McCrory <chrismcc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b773c33bf1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Adds WTF platform support for the 32-bits armv8-a architectures.
Fixes:
In file included from ./config.h:30:0,
from ...
./wtf/Platform.h:323:6: error: #error "Not supported ARM architecture"
# error "Not supported ARM architecture"
^~~~~
from this defconfig:
BR2_arm=y
BR2_cortex_a72=y
BR2_ARM_FPU_VFPV3D16=y
BR2_TOOLCHAIN_EXTERNAL=y
BR2_INIT_NONE=y
BR2_PACKAGE_QT5=y
BR2_PACKAGE_QT5WEBKIT=y
The patch is an adaptation of an upstream fix in version 5.212 of
qtwebkit[1].
Unfortunately, the commit cannot be backported and has to be fixed since
the toolchain does not define __ARM_ARCH_8__ but __ARM_ARCH_8A__.
$ host/bin/arm-buildroot-linux-gnueabihf-g++ -dM -E - < /dev/null | grep ARM_ARCH
#define __ARM_ARCH_ISA_ARM 1
#define __ARM_ARCH_8A__ 1
#define __ARM_ARCH_PROFILE 65
#define __ARM_ARCH_ISA_THUMB 2
#define __ARM_ARCH 8
#define __ARM_ARCH_EXT_IDIV__ 1
[1]: 35655d5f4b/Source/WTF/wtf/Platform.h (L241-L242)
Cc: Arnout Vandecappelle <arnout@mind.be>
Reported-by: Brock Williams <brock@cottonwoodcomputer.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit cea7aa873a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since gcc 4.6, GCC deprecated -mfused-madd, -ffp-contract=off should
be used for the Xburst workaround.
Tested with the MIPS Sourcery 2011.03 toolchain (based on gcc 4.5),
the toolchain wrapper uses -mno-fused-madd, as expected:
$ BR2_DEBUG_WRAPPER=2 ./output/host/bin/mips-linux-gnu-gcc -o toto toto.c
Toolchain wrapper executing:
'/home/thomas/toolchains/mips-2011.03/bin/mips-linux-gnu-gcc'
'--sysroot'
'/home/thomas/projets/buildroot/output/host/mipsel-buildroot-linux-gnu/sysroot'
'-mabi=32'
'-msoft-float'
'-mno-fused-madd'
'-EL'
'-march=mips32r2'
'-o'
'toto'
'toto.c'
And with the MIPS Sourcery 2012.09 toolchain (based on gcc 4.7), the
toolchain wrapper uses -ffp-contract=off, as expected:
$ BR2_DEBUG_WRAPPER=2 ./output/host/bin/mips-linux-gnu-gcc -o toto toto.c
Toolchain wrapper executing:
'/home/thomas/toolchains/mips-2012.09/bin/mips-linux-gnu-gcc'
'--sysroot'
'/home/thomas/projets/buildroot/output/host/mipsel-buildroot-linux-gnu/sysroot'
'-mabi=32'
'-msoft-float'
'-ffp-contract=off'
'-EL'
'-march=mips32r2'
'-o'
'toto'
'toto.c'
Fixes the ci20_defconfig build:
https://gitlab.com/buildroot.org/buildroot/-/jobs/60303132
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
[Thomas: rework to continue supporting pre-gcc-4.6 toolchains, extend
the commit log after doing more testing.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5e58509bfe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In current Buildroot, clashes occur between the variables _NAME and
_BASE_NAME for two packages called foo and foo-base, i.e.
Package foo:
FOO_NAME = foo
FOO_BASE_NAME = foo-1.2.3
Package foo-base:
FOO_BASE_NAME = foo-base
FOO_BASE_BASE_NAME = foo-base-4.5.6
where variable FOO_BASE_NAME is clashing between these two packages.
Specific cases where this clash is already existing are:
- alljoyn-base
- alljoyn-tcl-base
- perl-xml-sax-base
The problem is generic and can occur for a number of variables in Buildroot.
A non-exhaustive list:
<pkg>_BASE and <pkg>_BASE_NAME
<pkg>_BASE_NAME and <pkg>_RAW_BASE_NAME
<pkg>_DIR and <pkg>_DL_DIR
<pkg>_VERSION and <pkg>_DL_VERSION
<pkg>_SOURCE and <pkg>_TARGET_SOURCE
<pkg>_INSTALL_IMAGES and <pkg>_TARGET_INSTALL_IMAGES (same for _STAGING and _TARGET)
<pkg>_LICENSE_FILES and <pkg>_MANIFEST_LICENSE_FILES
<pkg>_DEPENDENCIES and <pkg>_FINAL_DEPENDENCIES
One solution is to use another separator than '_' to separate the
package name from the rest of the variable name. For example, a double
underscore:
FOO__NAME
FOO__BASE_NAME
FOO_BASE__NAME
FOO_BASE__BASE_NAME
However, making that change for only this case means that the variable
naming is no longer consistent. And making the change for all variables has
a large impact, also on certain user scripts.
For now, keep it simple, and rename FOO_BASE_NAME into FOO_BASENAME, so that
the variables become:
FOO_NAME
FOO_BASENAME
FOO_BASE_NAME
FOO_BASE_BASENAME
For consistency, also adapt FOO_RAW_BASE_NAME. Since FOO_RAW_BASENAME would
still pose a conflict with a package called 'foo-raw', take the opportunity
to rename it into FOO_BASENAME_RAW instead, which does not pose a conflict
as we have no variable called FOO_RAW.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 83d2644b11)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
It should be "host gnupg" and not "host-gnupg" to be consistent with
all other Config.in.host options.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 083716cdfb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#10856
The SSE_GENERIC target fails to build with a "sgemm_kernel.o: No such file
or directory" error. Several upstream bug reports exist for this:
https://github.com/xianyi/OpenBLAS/issues/502https://github.com/xianyi/OpenBLAS/issues/685
In both cases, upstream suggests using a different target definition
instead. E.G. from issue 685:
You may use NORTHWOOD on x86: make TARGET=NORTHWOOD that uses SSE2
instructions. It's very hard to find non-SSE2 x86 CPUs today. For x86-64
use the PRESCOTT target
So drop the SSE_GENERIC target. The only x86_64 variant we support not
covered by a more specific openblas target is the default variant, nocona
and jaguar.
Nocona was a Xeon variant of the P4 "Prescott" architecture, so use the
PRESCOTT openblas target:
https://en.wikipedia.org/wiki/Xeon#Nocona_and_Irwindale
Jaguar is from the Bobcat family, so use the BOBCAT openblas target:
https://en.wikipedia.org/wiki/List_of_AMD_microprocessors#Bobcat_core_architecture_(APU)
[Peter: add Jaguar as pointed out by Arnout]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5e6fa93483)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When the OpenCV3 Python support is enabled with Python 3.x, it builds
properly, and the resulting .so file is built for the target
architecture, but its name is wrong:
output/target/usr/lib/python3.6/site-packages/cv2.cpython-36m-x86_64-linux-gnu.so
This prevents Python 3.x from importing the module:
>>> import cv2
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
ModuleNotFoundError: No module named 'cv2'
In order to fix this, we simply need to pass PKG_PYTHON_DISTUTILS_ENV
in the environment. The Python module then gets named:
output/target/usr/lib/python3.6/site-packages/cv2.cpython-36m-arm-linux-gnueabi.so
And can be imported properly:
>>> import cv2
>>>
This solution was suggested by Arnout Vandecappelle in
https://stackoverflow.com/questions/49059035/buildroot-opencv3-python-package-builds-for-the-wrong-target.
With Python 2.x, the module is named just cv2.so so this problem isn't
visible. However, for consistency, we also pass
PKG_PYTHON_DISTUTILS_ENV when building against Python 2.x, by putting
the OPENCV3_CONF_ENV assignment inside the
BR2_PACKAGE_OPENCV3_LIB_PYTHON condition, but outside the
BR2_PACKAGE_PYTHON3/BR2_PACKAGE_PYTHON condition.
Signed-off-by: Sasha Shyrokov <alexander-shyrokov@idexx.com>
[Thomas: extend the commit log, apply the solution to Python 2.x.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8ba80282c3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
https://git.buildroot.net/buildroot/commit/?id=266208972192f1e0869f89d7be941de6294a810a
broke imx support in Kodi because previously the G2D libraries were
part of the imx-gpu-viv package:
CMake Error at /usr/share/cmake-3.7/Modules/FindPackageHandleStandardArgs.cmake:138 (message):
Could NOT find IMX (missing: G2D_LIBRARY)
Adjusting the Kodi package to use the imx-gpu-g2d as well still does
not provide a working build:
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp: In member function 'void CIMX::Deinitialize()':
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp:79:21: error: 'DCIC_IOC_STOP_VSYNC' was not declared in this scope
ioctl(m_fddcic, DCIC_IOC_STOP_VSYNC, 0);
^~~~~~~~~~~~~~~~~~~
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp: In member function 'bool CIMX::UpdateDCIC()':
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp:109:19: error: 'DCIC_IOC_STOP_VSYNC' was not declared in this scope
ioctl(m_fddcic, DCIC_IOC_STOP_VSYNC, 0);
^~~~~~~~~~~~~~~~~~~
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp:115:21: error: 'DCIC_IOC_START_VSYNC' was not declared in this scope
ioctl(m_fddcic, DCIC_IOC_START_VSYNC, 0);
^~~~~~~~~~~~~~~~~~~~
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp: In member function 'virtual void CIMX::Process()':
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp:125:19: error: 'DCIC_IOC_START_VSYNC' was not declared in this scope
ioctl(m_fddcic, DCIC_IOC_START_VSYNC, 0);
^~~~~~~~~~~~~~~~~~~~
/home/buildroot/br4/output/build/kodi-17.6-Krypton/xbmc/linux/imx/IMX.cpp:131:19: error: 'DCIC_IOC_STOP_VSYNC' was not declared in this scope
ioctl(m_fddcic, DCIC_IOC_STOP_VSYNC, 0);
^~~~~~~~~~~~~~~~~~~
Although it might be possible to fix these bugs with something like
#define DCIC_IOC_CONFIG_DCIC _IO('D', 12)
#define DCIC_IOC_START_VSYNC _IO('D', 15)
#define DCIC_IOC_STOP_VSYNC _IO('D', 16)
as done in
https://raw.githubusercontent.com/LibreELEC/LibreELEC.tv/libreelec-7.0/projects/imx6/patches/kodi/imx6-jarvis.patch
we would still try to ride a dead horse. The upcoming Kodi version
18.0-Leia will remove imx support completely, see upstream PR 12990.
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
[Thomas: keep an explicit -DENABLE_IMX=OFF in CONF_OPTS.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 878716830b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
According to imx-vpu-5.4.37/Makefile, line 6:
INCLUDE_LIST:= IMX27ADS IMX51 IMX53 IMX6Q
imx6s is not supported by the imx-vpu package. Its install target,
guarded by
ifeq ($(PLATFORM), $(findstring $(PLATFORM), $(INCLUDE_LIST)))
does nothing, causing a build error later on in the imx-vpuwrap package
checking for vpu_lib.h... no
configure: error: lib_vpu is required, consider installing imx-lib
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Reviewed-by: Gary Bisson <gary.bisson@boundarydevices.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e42a65bdcd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When imake is installed on the host, it tries to include
freetype headers from host, so we must override ac_cv_path_IMAKE
to avoid this.
Extract from config.log:
configure:14803: checking if we should use imake to help
configure:14820: result: yes
configure:14829: checking for xmkmf
configure:14846: found /usr/bin/xmkmf
configure:14857: result: /usr/bin/xmkmf
configure:14920: testing Using /usr/bin/xmkmf ...
configure:15015: testing IMAKE_CFLAGS -I. -I/usr/include/freetype2
Signed-off-by: Valentin Korenblit <valentin.korenblit@smile.fr>
[Thomas: pass ac_cv_path_IMAKE="" as suggested by Romain Naour.]
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6d0316dc7b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
