- epoll supported since linux-2.5.44/glibc-2.3.2 (see [1])
- dup3 supported since linux-2.6.27/glibc-2.9 (see [2])
- SOCK_CLOEXEC supported on linux (see [3])
- accept4 suppported since linux-2.6.28/glibc-2.10 (see [4])
Fixes [5] apache runtime failure (#11576)
[mpm_event:crit] [pid 173:tid 1996214272] (70023)This function has not been
implemented on this platform: AH00495: Couldn't create a Thread Safe Pollset.
Is it supported on your platform?Also check system or user limits!
[:emerg] [pid 173:tid 1996214272] AH00017: Pre-configuration failed, exiting
[1] http://man7.org/linux/man-pages/man7/epoll.7.html
[2] https://linux.die.net/man/2/dup3
[4] https://linux.die.net/man/2/accept4
[5] https://bugs.busybox.net/show_bug.cgi?id=11576
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
While building llvm for the target (x86_64), the build failed due to
path poisoning (-I/usr/include/libxml2) while building NATIVE tools
(i.e for the host). The llvm package tries to build a tool for the host
with the cross-compiler which doesn't work when the paranoid toolchain
wrapper (BR2_COMPILER_PARANOID_UNSAFE_PATH) is enabled.
We know that llvm (target) needs llvm-tablegen and llvm-config built by
host-llvm, but only LLVM_TABLEGEN is provided by llvm.mk. Adding
LLVM_CONFIG_PATH=$(HOST_DIR)/bin/llvm-config for llvm (target)
fixes the path poisoining issue since llvm doesn't build the NATIVE
variant.
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Valentin Korenblit <valentinkorenblit@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since commit b090794926
("package/libva-utils: bump to version 2.3.0"), the LIBVA_UTILS_SOURCE
variable has the default value of the <pkg>_SOURCE variable, so
check-package complains:
package/libva-utils/libva-utils.mk:8: remove default value of _SOURCE variable (http://nightly.buildroot.org/#generic-package-reference)
Let's fix this by dropping the now unneeded variable assignment.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
linux is a bit different than other kconfig-package, because it has
"toolchain" in KCONFIG_DEPENDENCIES. Thanks to this, host-ccache *is*
ready by the time kconfig invocations are made, so we could use
$(HOSTCC) as the host compiler for kconfig related operations.
However, for consistency with other kconfig-package packages, we chose
to use $(HOSTCC_NOCCACHE) as well.
We cannot rely on the default value of HOSTCC passed by the
kconfig-package infrastructure, because $(LINUX_MAKE_FLAGS) also
contains a HOSTCC definition that would override the one passed by the
kconfig-package infrastructure.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
At kconfig time, dependencies are not built, and therefore host-ccache
is not ready. Due to this, using $(HOSTCC) as the host compiler in
KCONFIG_OPTS does not work: a "make uboot-menuconfig" invocation from
a clean tree with ccache enabled fails.
This commit fixes this by using $(HOSTCC_NOCCACHE). We cannot rely on
the default value of HOSTCC passed by the kconfig-package
infrastructure, because $(UBOOT_MAKE_OPTS) also contains a HOSTCC
definition that would override the one passed by the kconfig-package
infrastructure.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The kconfig build logic uses the HOSTCC variable to find the host
compiler. It makes sense to explicitly pass a value to this variable,
pointing to the host compiler used by Buildroot.
During the kconfig step, host-ccache is not ready (host-ccache is only
a dependency to the configure step of packages), so we use
$(HOSTCC_NOCCACHE).
Packages currently using the kconfig-package fell into two categories:
- Those not passing any HOSTCC value. For such packages, it was the
default host compiler detected by the kconfig build logic that was
used. ccache was therefore never used. With this commit, those
packages will now be using the host compiler detected by
Buildroot. Packages in this situation: at91bootstrap3, barebox,
busybox, swupdate, uclibc, xvisor.
- Those passing a HOSTCC value. Such packages were passing $(HOSTCC),
which doesn't work as host-ccache will not be ready. This commit
does not fix them, as they still override HOSTCC. It will be fixed
in followup commits. Packages in this situation: uboot and
linux. Note that linux was a bit special, because it has a
KCONFIG_DEPENDENCIES on the toolchain package, so in fact
host-ccache was ready.
So practically speaking, this commit does not fix anything, as the two
only problematic packages that use $(HOSTCC) are not fixed. However,
it makes things more correct by explicitly telling kconfig which
compiler to use.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 36568732e4, we expanded toolchain.cmake to also define the value for
CMAKE_SYSTEM_VERSION, as the cmake documentation states that it must be
manually defined when doing cross-compilation [0]:
When the CMAKE_SYSTEM_NAME variable is set explicitly to enable
cross compiling then the value of CMAKE_SYSTEM_VERSION must also
be set explicitly to specify the target system version.
However, the fix in 36568732e4 uses the version of the kernel headers,
assuming that would be the oldest kernel we could run on. Yet, this is
not the case, because glibc (for example) has fallbacks to support
running on kernels older than the headers it was built against.
The cmake official wiki [1] additionally states:
* CMAKE_SYSTEM_VERSION : optional, version of your target system, not
used very much.
Folllowed a little bit below, by:
* CMAKE_TOOLCHAIN_FILE : absolute or relative path to a cmake script
which sets up all the toolchain related variables mentioned above
For instance for crosscompiling from Linux to Embedded Linux on PowerPC
this file could look like this:
# this one is important
SET(CMAKE_SYSTEM_NAME Linux)
#this one not so much
SET(CMAKE_SYSTEM_VERSION 1)
[...]
Furthermore, using the kernel headers version can be a bit misleading (as
it really looks like is is the correct version to use when it is not),
while it is obvious that 1 is not really the output of `uname -r` and
thus is definitely not misleading.
Finally, random searches [2] about CMAKE_SYSTEM_VERSION, mostly only
turns up issues related with Windows, Mac-OS, and to a lesser extent,
Android (where it is forcibly set to 1), with issues realted to running
under just Linux (as opposed to Adnroid) mostly non-existent.
Consequently, we revert to using the value that is suggested in the
cmake WiKi, i.e. 1, and which is basically what we also used as a
workaround in the azure-iot-sdk-c paclkage up until d300b1d3b1.
A case were we will need to have a real kernel version, is if we one day
have a cmake-based pacakge that builds and installs a kernel module [3],
because it will need the _running_ kernel version to install it in
/lib/modules/VERSION/, but in that case it will anyway most probably
not be the headers version.
[0] https://cmake.org/cmake/help/v3.8/variable/CMAKE_SYSTEM_VERSION.html
[1] https://gitlab.kitware.com/cmake/community/wikis/doc/cmake/CrossCompiling
[2] https://duckduckgo.com/?q=CMAKE_SYSTEM_VERSION
[3] https://stackoverflow.com/questions/38205745/cmake-system-version-not-updated-for-new-kernel
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Samuel Martin <s.martin49@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This script currently uses "/usr/bin/env python" as shebang but it does
not really support Python3. Instead of limiting the script to Python2,
fix it to support both versions.
So change all imports to absolute imports because Python3 follows PEP328
and dropped implicit relative imports.
In order to avoid errors when decoding files with the default 'utf-8'
codec, use errors="surrogateescape" when opening files, the docs for
open() states: "This is useful for processing files in an unknown
encoding.". This argument is not compatible with Python2 open() so
import 'six' to use it only when running in Python3.
As a consequence the file handler becomes explicit, so use it to close()
the file after it got processed.
This "surrogateescape" is a simple alternative to the complete solution
of opening files with "rb" and changing all functions in the lib*.py
files to use bytes objects instead of strings. The only case we can have
non-ascii/non-utf-8 files being checked by the script are for patch
files when the upstream file to be patched is not ascii or utf-8. There
is currently one case in the tree:
package/urg/0002-urg-gcc6-fix-narrowing-conversion.patch.
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The initial build issue [1] has been fixed upstream but the supertux
fail to link with boost libraries when using gcc 5 (which use C++11 by default):
libsupertux2_lib.a(main.cpp.o): In function `boost::system::error_category::std_category::equivalent(std::error_code const&, int) const':
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x32): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x47): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei[_ZNK5boost6system14error_category12std_category10equivalentERKSt10error_codei]+0x99): undefined reference to `boost::system::detail::generic_category_instance'
libsupertux2_lib.a(main.cpp.o): In function `boost::system::error_category::std_category::equivalent(int, std::error_condition const&) const':
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition[_ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition]+0x33): undefined reference to `boost::system::detail::generic_category_instance'
main.cpp:(.text._ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition[_ZNK5boost6system14error_category12std_category10equivalentEiRKSt15error_condition]+0x48): undefined reference to `boost::system::detail::generic_category_instance'
collect2: error: ld returned 1 exit status
This is a similar issue as the one reported by [2].
With gcc 5, boost libraries are compiled using C++11 but
supertux2_lib.a is using C++14 standard.
To fix the issue, boost libraries should be build using C++14
standard but we currently don't have an option to "force" the
default C++ standard used by the compiler.
So bump the minimum gcc version to gcc 6 since the C++14 is
used by default.
[1] https://github.com/SuperTux/supertux/issues/1014
[2] https://github.com/boostorg/system/issues/26
Fixes:
http://autobuild.buildroot.net/results/5b4/5b452c155917d783b3d8167fde48c2c938a74b95
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Have to add a workaround since upstream didn't package this release
properly.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove patch to fix build without stack-protector support which is upstream.
Add backported patch to fix libva-intel-driver when using wayland.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This is needed by libva-intel-driver when using wayland.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add an option in the menuconfig submenu of linux-firmware package. Install
the firmware binary files to the target directory if the option is selected.
Signed-off-by: David Picard <dplamp@gmx.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
nettle 3.4.1 is a requirement for gnutls 3.6.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
From the release notes:
This release of wolfSSL includes a fix for 1 security vulnerability.
Medium level fix for potential cache attack with a variant of
Bleichenbacher’s attack. Earlier versions of wolfSSL leaked PKCS #1 v1.5
padding information during private key decryption that could lead to a
potential padding oracle attack. It is recommended that users update to the
latest version of wolfSSL if they have RSA cipher suites enabled and have
the potential for malicious software to be ran on the same system that is
performing RSA operations. Users that have only ECC cipher suites enabled
and are not performing RSA PKCS #1 v1.5 Decryption operations are not
vulnerable. Also users with TLS 1.3 only connections are not vulnerable to
this attack. Thanks to Eyal Ronen (Weizmann Institute), Robert Gillham
(University of Adelaide), Daniel Genkin (University of Michigan), Adi Shamir
(Weizmann Institute), David Wong (NCC Group), and Yuval Yarom (University of
Adelaide and Data61) for the report.
The paper for further reading on the attack details can be found at
http://cat.eyalro.net/cat.pdf
Drop now upstreamed patch.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- libbsd is now an optional dependency as HAVE_ARC4RANDOM_BUF is not
always defined since version 2.7.1 and:
c73ef6e69b
- openssl is an optional dependency since version 2.7.0 and:
e5a5617a7c
- libiconv is an optional dependency since version 2.7.1 and:
6209991d6b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
On certain architectures (namely Sparc), the maximum baud rate exposed
by the kernel headers is B2000000. Therefore, the current libserial
code doesn't build for the Sparc and Sparc64 architectures due to
this.
In order to address this problem, this patch tests the value of
__MAX_BAUD. If it's higher than B2000000 then we assume we're on an
architecture that supports all baud rates up to B4000000. Otherwise,
we simply don't support the baud rates above B2000000.
Fixes build failures such as:
SerialPort.cpp: In member function 'int LibSerial::SerialPort::Implementation::GetBitRate(const LibSerial::BaudRate&) const':
SerialPort.cpp:1226:14: error: 'BAUD_2000000' is not a member of 'LibSerial::BaudRate'
case BaudRate::BAUD_2000000:
Fixes:
- http://autobuild.buildroot.org/results/63ba95b6786464fa8e75af64593010df84530079
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The start-stop-daemon invocation to start abrmd was missing the -m (make
pidfile) option, causing stop to fail.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script passes -U FORTIFY_SOURCE -D FORTIFY_SOURCE=2 by
default, which conflicts with BR2_FORTIFY_SOURCE_1 as -Werror is used:
<cross>-gcc .. -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 .. -D_FORTIFY_SOURCE=1
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
Disable this so the FORTIFY_SOURCE flags in TARGET_CFLAGS (if any) is used
instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Stack protection is now controlled Buildroot wide with the BR2_SSP_*
options, so disable the explicit -fstack-protector-all so the SSP logic in
the toolchain wrapper is used instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Building with --enable-hardening (the default), forces -fstack-protector-all
/ FORTIFY_SOURCE=2. These options are now controlled Buildroot wide with
the BR2_SSP_* / BR2_FORTIFY_SOURCE_* options. Disable hardening so the
ssp/fortify settings in the toolchain wrapper / CFLAGS is used instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The configure script passes -U FORTIFY_SOURCE -D FORTIFY_SOURCE=2 by
default, which conflicts with BR2_FORTIFY_SOURCE_1 as -Werror is used:
<cross>-gcc .. -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 .. -D_FORTIFY_SOURCE=1
<command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror]
Disable this so the FORTIFY_SOURCE flags in TARGET_CFLAGS (if any) is used
instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Stack protection is now controlled buildroot wide with the BR2_SSP_*
options, so disable the explicit -fstack-protector-all so the SSP logic in
the toolchain wrapper is used instead.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
In 2.56.1 (when tested in a namespace sandbox that restricted what
the build could see on the host system), it was discovered that the
glib-networking build would check in /etc for the Certificate Authority
files. The newer version of this package no longer tests the build time
location of the Certificate Authority and resolves these build failures.
Fixes:
http://autobuild.buildroot.net/results/8f8/8f83be0c21c21c07d5a7330f3626b739b1970625
(and others http://autobuild.buildroot.net/?reason=glib-networking-2.56.1)
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The build fails because $(TARGET_DIR)/bin folder may not exist if for
example to use the following defconfig:
BR2_x86_64=y
BR2_PACKAGE_HOST_LINUX_HEADERS_CUSTOM_4_16=y
BR2_SYSTEM_BIN_SH_DASH=y
BR2_TARGET_GENERIC_GETTY_PORT="tty1"
BR2_LINUX_KERNEL=y
BR2_LINUX_KERNEL_CUSTOM_VERSION=y
BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="4.16.7"
BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y
BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="board/qemu/x86_64/linux.config"
BR2_PACKAGE_BUSYBOX_SHOW_OTHERS=y
BR2_PACKAGE_S6_LINUX_INIT=y
BR2_TARGET_ROOTFS_EXT2=y
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
[Peter: use install -D]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package contains a set of tools to manipulate RTC devices. They
are written and maintained by the RTC subsystem Linux kernel
maintainer, Alexandre Belloni.
Cc: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As suggested by Arnout, add a comment to indicate that the version of
python-setuptools must be kept in sync with python3-setuptools.
Suggested-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, our commit titles are not very well standardized, and it
would be great to standardize them a little bit more. A number of
people use "<pkg>: " as prefix, others use "package/<pkg>: ". Some
people start the rest of the commit title (after the prefix) with an
upper-case letter, some with a lower-case letter.
In an attempt to standardize this, this commit updates the manual with
some examples of good commit titles.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Carlos Santos <casantos@datacom.com.br>
Acked-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2018-1000858: Cross Site Request Forgery with arbitrary HTTPS
GET requests via HTTP redirect.
https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The syscfg header name is now based on the target triplet, with the
vendor part set to "unknown". The symlink approach no longer works since
we use "buildroot" for the vendor part. Override the target host
configure parameter to match the build system expectation.
The x86 header vendor part has been renamed to "unknown" as well.
Account for that in BR2_PACKAGE_LIBGPG_ERROR_SYSCFG.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Update hash for COPYING because a typo was fixed:
de46ee648a
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Remove upstream patch.
While at it, switch to https.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop statx patch as it's included in this release.
Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>