Add a patch to correct a typo in the Makefile, so -fno-stack-protector /
-fno-stack-protector-all are really used. With this applied, kvm-unit-tests
will always be built without SSP as intented by upstream. This will fix the
build on ppc64 with SSP that started to fail for an unknown reason since
November 27th.
Moreover, the Arch Linux workaround could also be removed in a follow-up
patch.
Fixes:
- http://autobuild.buildroot.org/results/ad689b08173548af21dd1fb0e827fd561de6dfef
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This includes the following changes:
66c8f65 Makefile.am: use BUILT_SOURCES instead of BUILD_SOURCES
f7a354d Generate image headers from their PNG source, while still including them in dist tarball
983837e Import png source for images, extracted from headers
3bd1557 Cleanup poky logo
773a397 Add configure flags for fullscreen logo and no startup message
2913c24 Double buffering support
8188d68 Support --with-font configure option to use other font headers
88c4b71 Add SPDX License information to files, drop boilerplate
904f4aa add systemd support
e94bd11 process consecutive commands
568f28e use /run for communication FIFO
ee053e0 add recovered bar.png
2015f70 Fix text width calculation.
Also:
- remove the 'psplash-quit.service' unit file
- add 'psplash-systemd.service' to use the new systemd support in psplash
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The NVD files that are used to build the list of CVEs affecting
Buildroot packages are quite large (a few hundreds MB of json),
and cause the pkg-stats scripts to have a huge memory footprint
(a few GB with Python 2.7).
However, because we only need to iterate on CVE items one by one,
we can process them in streaming (ie decoding one CVE at a time
from the JSON representation). Because the json module from the
python standard library does not support such a mode of operation,
we switch to the third-party package ijson, which is compatible
with both Python 2 and Python3.
To run the script with these modifications, one should install
the ijson python package. This can be done with pip:
`pip install ijson`. On Debian based distributions, this can
also be done with the apt package manager:
`apt install python-ijson`.
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Reviewed-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Drop second and third patches (already in version)
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This bump also includes:
* Drop upstream security patch which is included in the new version
* Unconditionally disable support for Qt5 [1] (same as Qt3 and Qt4)
* Drop dependency on host-inttool, as avahi switched to host-gettext [2]
* Conditionally enable support for libevent [3]
[1] 5dbb32767a
[2] 3d5a0c6805
[3] 998e20cd76
Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
- systemd optional dependency has been added in version 7.0
- Update indentation of hash file (two spaces)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Currently, the Config.in file has the line:
select BR2_PACKAGE_PYTHON3 if !BR2_PACKAGE_PYTHON
This line is incorrect as gobject-introspection does not support python2.
Instead, remove the select line and make python3 a dependency with a new
message that explains that gobject-introspection requires python3.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- move the explanations from the commit log to the code
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Removed patch that was applied upstream
- Removed AUTORECONF request that came with patch
- Updated library's download name
Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
GObject introspection is a middleware layer between C
libraries (using GObject) and language bindings. The C library
can be scanned at compile time and generate a metadata file,
in addition to the actual native C library. Then at runtime,
language bindings can read this metadata and automatically
provide bindings to call into the C library.
There's an XML format called GIR used by GObject-Introspection.
The purpose of it is to provide a standard structure to access the complete
available API that a library or other unit of code exports. It's
language-agnostic using namespaces to separate core, language, or
library-specific functionality.
Cross-compiling gobject-introspection is not an easy task. The main issue is
that in the process of creating the XML files, gobject-introspection must first
run and scan the binary, which, if the binary is cross-compiled, would not
typically be possible from the host system.
Because of this limitation, we use several wrappers to call instead first out
qemu, which runs the native scanner to create the binaries.
There are seven total patches and four different wrapper files needed to
successfully cross-compile and run this package, many of them are from
open-embedded, but one of them is of my own doing.
1) Revert a previous, incomplete attempt at adding cross-compiling support.
2) Add support for cross-compiling with meson.
3) Disable tests.
4) Add an option to use a binary wrapper; this patch will force giscanner to
use a wrapper executable to run binaries it's producing, instead of
attempting to run them from the host.
5) Add an option to use an LDD wrapper, again, useful for cross-compiled
environments.
6) Add a --lib-dirs-envar option to pass to giscanner. (See patch for details.)
7) Add rpath-links to ccompiler: when passing the PACKAGE_GIR_EXTRA_LIBS_PATH
to the ccompiler.py script, ccompiler.py needs to add -Wl,-rpath-link to the
environment for the package to correctly link against the passed on paths.
8) Ignore error return codes from ldd-wrapper because prelink-rtld returns 127
when it can't find a library, which breaks subprocess.check_output().
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Tested-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- host-prelink-cross has no Kconfig entry
- reorder dependencies for arch deps first
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Many autotools packages call pkg-conf to inquire as to where the following
utilities are:
g_ir_scanner
g_ir_compiler
g_ir_generate
Because gobject uses wrappers to call qemu, prepending the sysroot to the paths
of these compilers is necessary.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Prelink-cross emulates a runtime linker for a given sysroot. This is
necessary to allow gobject-introspection to build its typelib files
during cross-compiling.
We're using a sha1 on the cross_prelink branch, as we need the
RTLD-enabled variant of prelink-cross.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- drop HOST_ prefix for inherited variables
- fix licensing info to "or-later"
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
If present, GDB may use a system installed libiberty. As such, we must ensure
that host-libiberty is installed first.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Some packages, like prelink-cross, want to use libiberty but do not bundle
their own instance (which is good!).
However, libiberty is made for being bundled in packages: all GNU
packages that use libiberty (gcc, Binutils, gdb, et al...) all have their own
bundled variant. This common practice means that there is no official upstream
for libiberty, the closest being as part of the combined Binutils-gdb tree.
So we introduce a new host-only package, that installs just libiberty from a
Binutils released tarball.
Again, as packages usually bundle libiberty, it usually only installs a static
version. Furthermore, it does not obey the usual --enable-shared and
--disable-static flags; it only ever builds a static version.
Furthermore, -fPIC is not used with this library, but some packages may pick it
to build shared objects. This behavior is the case for host-gdb, for example,
which accidentally picks that library instead of its internal one.
So, rather than fix the various gdb versions and variants we can use, we ensure
that the libiberty we install is usable in shared objects, and we always build
before host-gdb.
Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[yann.morin.1998@free.fr:
- fix DL_SUBDIR for a host-only package
- add licensing info
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
openFPGALoader is a tool for programming FPGA.
Signed-off-by: Jean Burgat <jeanburgat33@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This includes the following changes:
ba952d0 BUG: variable lists not released in close()
690f868 Variables are not removed when loading from file
9e3586a Make sure there's no file descriptor leakage in case of error
03647c4 Check config file defines a non-zero Sector size
3b2d4f1 Check environment size from fw_env.config
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This is needed so that building the owfs Python module uses the gcc
from owfs per-package directory, and not the one from the python
per-package directory.
Fixes:
http://autobuild.buildroot.net/results/0d582dda367507991a4c38141db36b0fa8e47e67/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With per-package directory support, Python external modules are
causing a problem: the _sysconfigdata.py module installed by the
Python interpreter contains a number of paths that are relative to the
current package per-package directory, i.e python or python3. For
example:
'BLDSHARED': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-gcc -shared',
'CC': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-gcc',
'CXX': '/home/thomas/projets/buildroot/output/per-package/python/host/bin/arm-linux-g++',
etc.
These paths are problematic, because it means that the wrong compiler
gets used when building external Python modules: instead of using the
compiler from the external Python module per-package host directory,
it uses the one from the 'python' or 'python3' per-package host
directory. Due to this, any native dependency needed by the external
Python module is not found, even though it is properly present in the
current package per-package directory.
Of course, the problem occurs with both target Python modules and host
Python modules.
To fix this, we simply rewrite those paths in _sysconfigdata.py before
building a Python package.
Interestingly, until now, the _sysconfidata.py that was used during
the build was the one from $(TARGET_DIR), which is a bit unusual: it
is more common to use files from $(STAGING_DIR) during the build
process. So this commit changes the PYTHON_PATH and PYTHON3_PATH
variables so that they point to $(STAGING_DIR), which makes the
_sysconfigdata.py fixup in $(STAGING_DIR) effective.
Fixes:
http://autobuild.buildroot.net/results/a24b0555fd4261b50dc3986635c30717d9cbe764/ (python-psycopg2)
http://autobuild.buildroot.net/results/080fa893e1b0e7a8c8a31ac1c98eb8871b97264d/ (python-alsaaudio)
http://autobuild.buildroot.net/results/79bc070f98d6d9d8ef78df12b248cdc7d0e405c3/ (python-lxml)
and many more Python packages that use native code with a native library
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
When APR_INCLUDEDIR and APU_INCLUDEDIR point to the same directory,
Apache builds properly. However, with per-package directory support,
they point to different directories, and APU_INCLUDEDIR contains both
the APR headers and the APU headers.
Due to this, the Apache Makefile logic to generate its exports.c file
leads to duplicate definitions, because the APR headers are considered
twice: once from APR_INCLUDEDIR, once from APU_INCLUDEDIR.
We fix this by introducing a patch to the Apache build system.
In addition, apr provides a special libtool script that gets used by
apr-util and apache. apr-util already had a fixup for this, but apache
did not, which was causing the gcc from apr-util per-package
directories be used during the apache build, causing build failures.
To fix this, we adjust this libtool script to point to the correct
tools in apache's per-package directories.
There are no autobuilder failures for this, because Apache needs
apr-util, and apr-util currently fails to build when
BR2_PER_PACKAGE_DIRECTORIES=y.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
With per-package directories support enabled, the build of apr-util
fails, for two reasons:
- The rules.mk file is generated by the 'apr' package, and then
copied into the 'apr-util' source directory. This is done by the
'apr-util' build process. Unfortunately, this rules.mk file has a
number of hardcoded paths: to the compiler and to the libtool
script.
Due to this, the compiler from the 'apr' per-package directory gets
used. But this compiler uses the 'apr' package sysroot, which does
not have all the dependencies of the 'apr-util' package, causing
the build to fail because <expat.h> is not found.
- Similarly, the libtool script itself has some hardcoded paths,
which make it use the compiler/linker from the 'apr' per-package
directory, so it does not find the expat library.
We fix both issues by doing the necessary replacement in both rules.mk
and libtool.
Fixes:
http://autobuild.buildroot.net/results/2a67b5d58f79348e20a972125e4797eff5585716/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes CVE-2019-20388: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10
allows an xmlSchemaValidateStream memory leak.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues (12.15.0):
- CVE-2019-15606: HTTP header values do not have trailing OWS trimmed
- CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding
header
- CVE-2019-15604: Remotely trigger an assertion on a TLS server with a
malformed certificate string
For more details, see the advisory:
https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/
On top of this, 12.16.0 brings a number of changes and bugfixes.
Update the license hash for an addition of the (MIT) licensing terms for the
uvwsai module:
+
+- uvwasi, located at deps/uvwasi, is licensed as follows:
+ """
+ MIT License
+
+ Copyright (c) 2019 Colin Ihrig and Contributors
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is
+ furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in all
+ copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+ """
While we are at it, adjust the white space in the .hash function to match
the new agreements.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
