As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.
In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.
So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.
BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y
While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)
With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.
When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"
The test is doing the following command line:
echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]
When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?
When we look at the gcc-initial log file (config.log) we can see an
error with 'as':
configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
.text
.cfi_startproc
.cfi_offset 0, 0
.cfi_same_value 1
.cfi_def_cfa 1, 2
.cfi_escape 1, 2, 3, 4, 5
.cfi_endproc
This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).
"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).
The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.
The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.
This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option
Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.
Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389
[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The download infra now knows to look for per-version hash files, so we
can now drop the unversioned hash files.
Instead of removing them, add a comment that redirects the developper to
update the per-version hash files instead (so they do not re-add a
unversioned one in the future).
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gaël Portay <gael.portay@savoirfairelinux.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The Qt5 packages may have different licensing terms between the two
versions we support, and in some cases, those different terms are
expressed in similarly named files, like files named plain 'LICENSE' for
example.
Similarly, glibc also has different license files, especially since the
arc version still has libidn, which got dropped from upstream.
This is problematic, because, in a .hash file, we can't store two
different hashes for the same file. We've started to handle this case by
moving the licenses hashes to the per-version sub directories.
However, the hashes for the downloads are still stored inside the non-
versioned hash file of the package, which is not totally coherent: if we
have a per-version hash file, it should list all the hases for that
version, downloads included, and there should be no unversioned hash
file.
In preparation for this, we duplicate the downloads hashes from the main
hash files, and into the versioned ones. Once the download infra learns
to look for those hashes in these per-version subdirs, we'll remove the
unversioned hash files.
Note that, now that we have versioned hash files, the main hash files
will not be used to check license files, so we can already drop the
hashes for license files from the main hash files.
Note also that there are a few other packages for which we support
different versions (binutils, gcc, gdb, lua, xserver_xorg-server,
uboot), but none of those have different licensing terms due to the
version. Qt5 and glibc are alone in this case.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gaël Portay <gael.portay@savoirfairelinux.com>
Cc: Peter Seiderer <ps.report@gmx.net>
Cc: Julien Corjon <corjon.j@ecagroup.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Luca Ceresoli <luca@lucaceresoli.net>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The Config.in for glibc is a blind option and not part of the menu for
a user to select (the pkg is used for the Buildroot toolchain build),
however this patch adds the link for completeness of the pkg-stats
report and for future scripting which will generate xml updates of the
package's Common Product Enumeration (used for vunerability checking).
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
On platforms with soft floating point glibc produces a compile time
warning (maybe-uninitialized) that will be regarded as an error.
Add upstream patch fixing this issue.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Configuration that build a glibc toolchain on ARC currently fail to
run "make legal-info", because the hash for the LICENSES file is
different between the ARC glibc version, and glibc 2.28.
To fix this, this commit moves the hashes for the glibc license files
to per-version hash files.
Fixes:
http://autobuild.buildroot.net/results/5a98a801dccaaeb4b5cbc26d9a017726d0953157/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Carlos O'Donell (1):
Fix tst-setcontext9 for optimized small stacks.
DJ Delorie (3):
RISC-V: Fix rounding save/restore bug.
Regen RISC-V rvd ULPs
Improve ChangeLog message.
Florian Weimer (6):
Linux: Rewrite __old_getdents64 [BZ #23497]
error, error_at_line: Add missing va_end calls
nscd: Deallocate existing user names in file parser
nss_files: Fix file stream leak in aliases lookup [BZ #23521]
regex: Add test tst-regcomp-truncated [BZ #23578]
misc: New test misc/tst-gethostid
H.J. Lu (1):
i386: Use ENTRY and END in start.S [BZ #23606]
Martin Kuchta (1):
pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
Mingli Yu (1):
Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679]
Paul Eggert (1):
regex: fix uninitialized memory access
Samuel Thibault (2):
hurd: Add missing symbols for proper libc_get/setspecific
hurd: Avoid PLTs for __pthread_get/setspecific
Stefan Liebler (1):
Fix segfault in maybe_script_execute.
Wilco Dijkstra (1):
Fix strstr bug with huge needles (bug 23637)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This enables a riscv64 system to be built with a Buildroot generated
toolchain (gcc >= 7.x, binutils >= 2.30, glibc only).
This configuration has been used to successfully build a qemu-bootable
riscv-linux-4.15 kernel (https://github.com/riscv/riscv-linux.git).
Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
[Thomas:
- simplify arch.mk.riscv by directly setting GCC_TARGET_ARCH
- simplify glibc.mk changes by using GLIBC_CONF_ENV.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
glibc is not using the autotools-package infrastructure, so we are
calling the ./configure script manually. Currently, the few autoconf
cache variables are passed as arguments to the ./configure script,
while we pass them through the environment in the autotools-package
infrastructure.
So let's pass them in the environment, and use a GLIBC_CONF_ENV
variable to store them. This will allow in a follow-up commit to
conditionally add more autoconf cache variables to the glibc build.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit finally bumps ARC tools to the most recent arc-2018.03
release version.
ARC GNU tools of version arc-2018.03 bring some quite significant
changes like:
* Binutils v2.29.51 with additional ARC patches
* GCC 7.3.1 with additional ARC patches
* GDB 8.0.50 with ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2018.03-release
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixed issues are listed in the 2.27 branch NEWS file:
CVE-2017-18269: An SSE2-based memmove implementation for the i386
architecture could corrupt memory. Reported by Max Horn.
CVE-2018-11236: Very long pathname arguments to realpath function could
result in an integer overflow and buffer overflow. Reported by Alexey
Izbyshev.
CVE-2018-11237: The mempcpy implementation for the Intel Xeon Phi
architecture could write beyond the target buffer, resulting in a buffer
overflow. Reported by Andreas Schwab.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit bumps ARC toolchain to arc-2018.03-rc2, which
includes significant changes since arc-2018.03-rc1.
We want to test how new toolchain-rc2 builds packages,
so we can make fixes before release of toolcain.
This makes us closer to toolchain release which will be in a few weeks.
Please note that it is a release candidate
and it might contain some breakages,
please don't use it for production builds.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7aaabe8fc0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit bumps ARC toolchain to arc-2018.03-rc2, which
includes significant changes since arc-2018.03-rc1.
We want to test how new toolchain-rc2 builds packages,
so we can make fixes before release of toolcain.
This makes us closer to toolchain release which will be in a few weeks.
Please note that it is a release candidate
and it might contain some breakages,
please don't use it for production builds.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
libnsl from Glibc is deprecated and should not be used anymore.
Remove libnsl.so.* from GLIBC_LIBS_LIB.
libnsl is now an separate library that can be packaged later if
necessary [1].
Note: libnsl from Glibc doesn't build with gcc 8 due new warning [2].
[1] https://github.com/thkukuk/libnsl.git
[2] http://patchwork.sourceware.org/patch/26437
This reverts commit 398747f5fa.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This commit bumps ARC toolchain to arc-2018.03-rc1.
We want to test how new toolchain-rc1 builds packages,
so we can make fixes before release of toolcain.
ARC GNU tools of version arc-2018.03-rc1 bring some quite significant changes like:
* Binutils v2.29.51 with additional ARC patches
* GCC 7.3.1 with additional ARC patches
Please note that it is a release candidate
and it might contain some breakages,
please don't use it for production builds.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Since upstream commit 1faaf7035cabda101e1d6653bff7a539f201db91
("plural.c: improve reproducibility"), glibc now requires bison to be
available on the host for its build process. This is needed starting
with glibc 2.27.
Fixes:
http://autobuild.buildroot.net/results/ca4d883793c1674d3a052edd5e56897f79683448/
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
GLIBC_SRC_SUBDIR was needed when Buildroot supported
eglibc which stored all sources in a sub-directory.
It was not removed by the commit removing eglibc support [1].
[1] 500de2598a
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
List of fixes from the 2.26 branch NEWS files:
CVE-2017-15670: The glob function, when invoked with GLOB_TILDE,
suffered from a one-byte overflow during ~ operator processing (either
on the stack or the heap, depending on the length of the user name).
Reported by Tim Rühsen.
CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
would sometimes fail to free memory allocated during ~ operator
processing, leading to a memory leak and, potentially, to a denial
of service.
CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and
without GLOB_NOESCAPE, could write past the end of a buffer while
unescaping user names. Reported by Tim Rühsen.
CVE-2017-17426: The malloc function, when called with an object size near
the value SIZE_MAX, would return a pointer to a buffer which is too small,
instead of NULL. This was a regression introduced with the new malloc
thread cache in glibc 2.26. Reported by Iain Buclaw.
Cc: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, we do a full git clone of the repository, which takes quite
some time, especially on slow networks.
This was done like that because the initial patch was using the official
repository as the source of the download, and that repository did not
offer remotely-generated tarballs.
But now we've switched to using a mirror on github, which does provide
such a tarball, which provides faster downloads.
Use that.
However, the tarball from github differs from the one we were generating
locally, because the paths inside are different. WE used to create a
archive with paths starting with glibc-glibc-2.26-73-g4b692dfb95[...],
while github does away with the git-describe prefix, and generates paths
that start with just glibc-4b692dffb95[...]. The content are exactly
identicall (checked with a diff), though.
Update the hash accordingly.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Waldemar Brodkorb <wbx@openadk.org>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit finally bumps ARC tools to the most recent arc-2017.09 release version.
ARC GNU tools of version arc-2017.09 bring some quite significant changes like:
* Binutils v2.29 with additional ARC patches
* GCC 7.1.1 with additional ARC patches
* glibc 2.26 with additional ARC patches
More information on this release could be found here:
https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.09-release
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
Cc: arc-buildroot@synopsys.com
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
glibc upstream has ruled against doing regular point-releases, but they
do have a lot of interesting and important fixes for regressions and
security.
Backporting each patch, or cherry-picking individual patches is off
limits for us, so we just switch to using the currently-latest HEAD of
the maintenance branch instead.
The version number is obtained with:
$ git describe --match 'glibc-*' --abbrev=40 origin/release/2.26/master
The alternative options were:
- download the tarball from the git tree
--> does not work; not an option
- download the 2.26 tarball, and bundle the individual patches in
Buildroot
--> maintenance of patches is a burden; not an option
- download the 2.26 tarball, maintain the list of patches to download from
the git tree
--> not an option for the same reason
So we end up just doing a git clone. The git tree is today about ten
times the size of the tarball, so a rough estimate makes it at about ten
times the download time.
Also upstream doesn't officially provide an https download location [1].
There is one but it's not reliable, sometimes the connection time out and
end-up with a corrupted git repo:
fatal: unable to access 'https://sourceware.org/git/glibc.git/': Failed to connect to sourceware.org port 443: Connection timed out
So switch to using a git mirror from github which is updated once a day [2].
This allow at the same time to clone the git repository faster.
Note: The glibc 2.26 patches are not kept for the arc toolchain since they
are fixing an issue with the new float128 support introduced in x86, x86_64
and powerpc64le.
[1] https://sourceware.org/git/?p=glibc.git;a=summary
[2] https://github.com/bminor/glibc.git
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Romain Naour <romain.naour@openwide.fr>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Evgeniy Didin <didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
[Romain: bump 4b692dffb95ac4812b161eb6a16113d7e824982e]
Signed-off-by: Romain Naour <romain.naour@gmail.com>
[yann.morin.1998@free.fr: update comment to never decide on the mirror]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Finally there's working ARC port of glibc thanks to Vineet and Cuper!
This port is based on pretty recent glibc's master branch and ARC
changes are being reviewed now in glibc's mailing list.
Thus we again have to use sources from our GitHub but as soon as there's
a glibc release with our patches applied we'll switch to upstream releases
and will drop our glibc GitHub repo alltogether.
Note now we cut tags in glibc repo simultaneously with tags
in Binutils and GCC repos and so to make sure everything works in the best
way we plan to update glibc tag together with Binutils and GCC.
Also note as of today ARCompact (AKA ARCv1 ISA) is not supported in glibc
but we plan to fix it soonish so for now we make glibc intentionally
dependent on archs38.
Also note we are not creating directory "2.26" because all patches for glibc
ver 2.26 applies to arc glibc port.
Signed-off-by: Evgeniy Didin <didin@synopsys.com>
CC: Alexey Brodkin <abrodkin@synopsys.com>
CC: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
CC: Waldemar Brodkorb <wbx@openadk.org>
CC: Romain Naour <romain.naour@gmail.com>
Cc: Cupertino Miranda <cmiranda@synopsys.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Anton Kolesov <akolesov@synopsys.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes:
/tmp/output/build/glibc-2.25/build/libc_pic.a(dl-error.os): In function `__GI__dl_signal_error':
dl-error.c:(.text+0x0): multiple definition of `_dl_signal_error'
/tmp/output/build/glibc-2.25/build/elf/dl-allobjs.os:(.text+0x134d8): first defined here
/tmp/output/build/glibc-2.25/build/libc_pic.a(dl-error.os): In function `__GI__dl_catch_error':
dl-error.c:(.text+0x190): multiple definition of `_dl_catch_error'
/tmp/output/build/glibc-2.25/build/elf/dl-allobjs.os:(.text+0x136fc): first defined here
/tmp/output/build/glibc-2.25/build/libc_pic.a(init-first.os):(.data+0x0): multiple definition of `__libc_multiple_libcs'
/tmp/output/build/glibc-2.25/build/elf/dl-allobjs.os:(.bss+0x6c): first defined here
/tmp/output/build/glibc-2.25/build/libc_pic.a(_itoa.os): In function `_itoa':
_itoa.c:(.text+0xd4): multiple definition of `_itoa'
/tmp/output/build/glibc-2.25/build/elf/dl-allobjs.os:(.text+0x133c8): first defined here
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
This fixes the following build issues:
In file included from ../sysdeps/x86_64/multiarch/varshift.c:19:0,
from ../sysdeps/i386/i686/multiarch/varshift.c:1:
../sysdeps/x86_64/multiarch/varshift.h: In function '__m128i_shift_right':
../sysdeps/x86_64/multiarch/varshift.h:26:1: error: SSE vector return without SSE enabled changes the ABI [-Werror=psabi]
{
[...]
.../lib/gcc/i686-buildroot-linux-gnu/7.1.0/include/tmmintrin.h:136:1: error: inlining failed in call to always_inline '_mm_shuffle_epi8': target specific option mismatch
The patch has been taken from glibc's patchwork at
https://patchwork.sourceware.org/patch/21003/.
Fixes bug #10156.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes the following build failure, which occurs on all architectures:
/tmp/cc6APNmN.s: Assembler messages:
/tmp/cc6APNmN.s: Error: `loc1@GLIBC_2.17' can't be versioned to common symbol 'loc1'
/tmp/cc6APNmN.s: Error: `loc2@GLIBC_2.17' can't be versioned to common symbol 'loc2'
/tmp/cc6APNmN.s: Error: `locs@GLIBC_2.17' can't be versioned to common symbol 'locs'
../o-iterator.mk:9: recipe for target '/tmp/output/build/glibc-2.25/build/misc/regexp.os' failed
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH
values to manipulate the heap/stack, causing them to alias, potentially
resulting in arbitrary code execution. Please note that additional
hardening changes have been made to glibc to prevent manipulation of stack
and heap memory but these issues are not directly exploitable, as such they
have not been given a CVE.
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Patches are identical to upstream, except that the ChangeLog modifications
have been stripped.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
We do not support uClibc-ng/musl C library version choice support,
do the same for GNU C Library.
No legacy handling required as only version choice is removed.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: move 3.2 kernel headers dependency to the libc choice in
toolchain/toolchain-buildroot/Config.in file, and added a Config.in
comment about it.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The input to copy_toolchain_lib_root is not one library, not a list of
libraries, but a library name pattern with glob wildcards.
This pattern is then passed to 'find' to get the actual list of libraries
matching the pattern. Reflect this using an appropriate variable name.
Note: if the root of the buildroot tree contains a file matching one of
these library patterns, the copying of libraries from staging to target will
not be correct. It is not impossible to fix that, e.g. using 'set -f', but
maybe it's not worth it.
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for BSD-3c is BSD-3-Clause.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/BSD-3c/BSD-3-Clause/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We don't want a dozen glibc versions and there's no particular reason to
keep this old version around so drop it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
[Thomas: add entry to Config.in.legacy.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
libanl.so is needed for asynchronous network address and service
translation, declared in netdb.h
Signed-off-by: Jesper Bækdahl <jbb@gamblify.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
On some architectures (namely x86-64), glibc may provide a libmvec
library since glibc 2.22, which programs built with gcc OpenMP support
might get linked to.
In order for these programs to work on the target, we need to copy
this library to the target filesystem.
This commit takes care of this for the glibc package (used for the
internal toolchain backend). Note that libraries listed in
GLIBC_LIBS_LIB are silently ignored if they don't exist. Therefore, we
don't need to have any condition on the architecture or glibc version.
For more details on libmvec, see
https://sourceware.org/glibc/wiki/libmvec.
Fixes bug #9111.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>