The 4.10.1 version brings a large number of fixes:
https://www.xenproject.org/downloads/xen-archives/xen-project-410-series/xen-4101.html
Including a number of security fixes:
XSA-252: DoS via non-preemptable L3/L4 pagetable freeing (CVE-2018-7540)
XSA-253: x86: memory leak with MSR emulation (CVE-2018-5244)
XSA-254: Information leak via side effects of speculative execution
(CVE-2017-5753 CVE-2017-5715 CVE-2017-5754)
XSA-255: grant table v2 -> v1 transition may crash Xen (CVE-2018-7541)
XSA-256: x86 PVH guest without LAPIC may DoS the host (CVE-2018-7542)
XSA-258: Information leak via crafted user-supplied CDROM (CVE-2018-10472)
XSA-259: x86: PV guest may crash Xen with XPTI (CVE-2018-10471)
Also add a hash for the license file while we are at it.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
host-nfs-utils provides the host rpcgen utility. This fixes the build on
recent Fedora systems that removed rpcgen from the glibc package.
Fixes:
http://autobuild.buildroot.net/results/e21/e219b8bacb52bb661eb6663b82f549ed941f26fe
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch bumps python-pillow to version 5.1.0.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps python-can to version 2.1.0.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Re-add BR2_TOOLCHAIN_HAS_SSP since the toolchain support SSP.
Tested with qemu_nios2_10m50_defconfig and Qemu 2.10.1-3.fc27 release.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
By default, Meson strips RPATH from the executable it builds [1,2],
unless explicitly set via install_rpath.
This will make support/scripts/check-host-rpath fail when building the
host variant of a Meson-based package.
So add a patch to prevent RPATH from being stripped if install_rpath is
not set and notify user about it.
[1] https://github.com/mesonbuild/meson/issues/2567
[2] https://github.com/mesonbuild/meson/issues/314#issuecomment-157658562
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Update documentation about adding meson-based packages with instructions for
using pkg-meson infrastructure.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Add a new infrastructure to ease the development of packages that use Meson as
their build system.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
[Thomas:
- move global variables definition outside of the inner-meson-package
macro
- for consistency, remove double quote around value passed to meson
in the host configure step.
- minor formatting fixes.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Even if gcc 6 is still maintained for some time (gcc 6.5 is pending),
switch to gcc 7.x since it has been released since 2017-05-02 and
gcc 8.x is available since 2018-05-02.
We have been having toolchains in the autobuilders with gcc
7.x for a while, so the vast majority of the problems should have
already been solved.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch allows to use an external toolchain based on gcc 8.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Remove 0860-cilk-fix-build-without-wchar.patch since cilk has
been removed from gcc.
Rebase 0900-remove-selftests.patch on gcc 8.1.0
Remove upstream patches 0001-m68k-coldfire-pr68467.patch and
0892-microblaze-Revert.patch.
Use bz2 release tarball only for gcc 4.9 since all other version
now use xz tarball.
Runtime tested on x86_64 with binutils 2.30, gcc 8.1.0,
kernel headers 4.14 and glibc 2.27.
Buildtime tested with glibc with all supported architectures.
Buildtime tested on x86_64 with musl and uClibc-ng
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order to add gcc 8 support for internal and external toolchain in
follow-up commits, introduce BR2_TOOLCHAIN_GCC_AT_LEAST_8 symbol.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This new symbol will be used by architectures introduced with gcc 8 and
by external toolchains based on gcc 8.
[1] https://gcc.gnu.org/gcc-8/changes.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- Remove patch (already in version)
- Add three patches (first one sent and merged upstream, second and
third patchs retrieved upstream)
- Move to autotools-package
- Remove workaround for static handling of pthread as it isn't needed
anymore
- Remove deactivation of libnl in static build as it isn't needed
anymore
- Set libnl and zlib dependencies as optional and not mandatory
- Add duma and libgcrypt optional dependencies
- Update workaround for static handling of libpcap
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Also add license hash for "make legal-info".
Signed-off-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bumps mono to version 5.12.0.226 and it's monolite dependency
to version 1051200002, doing so it removes also a couple of upstreamed
patches.
This new mono version requires also a different option for
managing aot, so this patch refactors also the configure options.
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Forward port of security fixes from the 2.13.7 release. The 2.13.7
release notes say this:
* Submodule "names" come from the untrusted .gitmodules file, but we
blindly append them to $GIT_DIR/modules to create our on-disk repo
paths. This means you can do bad things by putting "../" into the
name. We now enforce some rules for submodule names which will cause
Git to ignore these malicious names (CVE-2018-11235).
Credit for finding this vulnerability and the proof of concept from
which the test script was adapted goes to Etienne Stalmans.
* It was possible to trick the code that sanity-checks paths on NTFS
into reading random piece of memory (CVE-2018-11233).
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Use new --with[out]-png option
- Add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
usbutils version 010 converted the lsusb.py script to Python 3. Keep the
lsusb.py script on target only when Python 3.x is enabled.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add GPL-3.0 license for the lsusb.py script.
Update license file location.
The tar archive does not contain the license files from the git tree.
Add a patch adding the license files. This patch is not git formatted
because it only applies to the tar archive.
Upstream fixed tar archive generation for the next release.
Add license files hash.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#11051
Due to runtime issue with the usage of binutils 2.29.x, we need to use the
version 2.28.x
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes#11051
Due to runtime issue with the usage of binutils 2.29.x, we need to use the
version 2.28.x
Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixed issues are listed in the 2.27 branch NEWS file:
CVE-2017-18269: An SSE2-based memmove implementation for the i386
architecture could corrupt memory. Reported by Max Horn.
CVE-2018-11236: Very long pathname arguments to realpath function could
result in an integer overflow and buffer overflow. Reported by Alexey
Izbyshev.
CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
architecture could write beyond the target buffer, resulting in a buffer
overflow. Reported by Andreas Schwab.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Corkscrew is a tool for tunneling SSH through HTTP proxies
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Thomas: add hash for license file, add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
U-Boot SPL for the Xilinx ZynqMP SoCs needs ATF in this format to load
it.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Do for elf2flt what we did for binutils: replace the hardlinks (which
break rpath handling) with copies of the individaul tools.
See previous commit (package/binutils: switch from symlinks to copies
and commit f9cffb6af4 (binutils: replace hard-links with soft-links to
fix rpath) for the complete story.
Fixes: #11031.
Reported-by: Christophe Priouzeau <christophe.priouzeau@st.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The path to the binary images is very long. Since we are about to make
a larger use of it, let's use a variable to make it somewhat shorter.
Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit f9cffb6af4 (binutils: replace hard-links with soft-links to fix
rpath) has a side effect that when we build for a noMMU target, elf2flt
will in turn replace some of the programs installed by binutils, with
its own wrappers.
For example, it will rename host/TUPLE/bin/ld to ld.real, and add its
own wrapper in place of the original. It does the same for
host/bin/TUPLE-ld and host/bin/TUPLE-ld.real.
However, we had already made ld a symlink to ../../bin/TUPLE-ld, so
host/TUPLE/bin/ld.real will still point to host/bin/TUPLE-ld when we
want it to point to ld.real instead...
This ultimately confuses gcc later on.
Of course, the culprit is also elf2flt, which also installs similar
hardlinks that would ultimately exhibit the same rpath issue as the
one fixed by f9cffb6af4. Note: we haven't had an issue so far with
that, because those tools installed by elf2flt only link with libz,
which is most often present on the host system. So, all seem well,
but is nonetheless broken; this will be fixed in a subsequent commit.
But back on topic. If we were to fix elf2flt with similar symlinks,
gcc still gets confused. The underlying reason for this confusion is
not entirely clear, though... It looks like something is trying to
dereference symlinks and gets confused by the result somehow...
So, in an attempt to restore some sanity in all this mess, we try to
restore the previous behaviour, we no longer use symlinks but just copy
the individual tools.
Fixes: #11031.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Christophe Priouzeau <christophe.priouzeau@st.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Since all cyclone5 development changes are upstream, change over to an
upstream release of the Linux kernel and u-boot for buildroot.
Signed-off-by: Florian La Roche <Florian.LaRoche@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This patch bump the Linux CIP kernel to version v4.4.130-cip23
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
