Commit 52c5c6050c disabled debuginfod on
target but not on host resulting in the following build failure:
configure: error: dependencies not found, use --disable-libdebuginfod to disable or --enable-libdebuginfod=dummy to build a (bootstrap) dummy library.
Fixes:
- http://autobuild.buildroot.org/results/97713c7e281313826067af559337832f22c3cb09
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Refreshed patch #1 and disable debuginfod.
The debuginfod tools needs to hook into serverinfrastructure,
this currently only exists for Fedora.
Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Now that the infra takes care of removing extraneous spaces before
commas, we can safely append to LICENSE variables.
This removes the only case where we had to use immediate assignment
to append to a variable.
Mechanical change, with:
$ sed -r -i -e 's/\<([^[:space:]]+_LICENSE) := \$\(\1\),/\1 += ,/' \
$(git grep -l -E '\<([^[:space:]]+_LICENSE) := \$\(\1\),')
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Fixes CVE-2018-18310: An invalid memory address dereference was
discovered in dwfl_segment_report_module.c in libdwfl in elfutils
through v0.174. The vulnerability allows attackers to cause a denial of
service (application crash) with a crafted ELF file, as demonstrated by
consider_notes.
Fixes CVE-2018-18520: An Invalid Memory Address Dereference exists in
the function elf_end in libelf in elfutils through v0.174. Although
eu-size is intended to support ar files inside ar files,
handle_ar in size.c closes the outer ar file before handling all inner
entries. The vulnerability allows attackers to cause a denial of service
(application crash) with a crafted ELF file.
Fixes CVE-2018-18521: Divide-by-zero vulnerabilities in the function
arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers
to cause a denial of service (application crash) with a crafted ELF
file, as demonstrated by eu-ranlib, because a zero sh_entsize is
mishandled.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Fixes the following security issues:
CVE-2018-16062: dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils
before 2018-08-18 allows remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted file.
CVE-2018-16402: libelf/elf_end.c in elfutils 0.173 allows remote attackers
to cause a denial of service (double free and application crash) or possibly
have unspecified other impact because it tries to decompress twice.
CVE-2018-16403: libdw in elfutils 0.173 checks the end of the attributes
list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr
in dwarf_hasattr.c, leading to a heap-based buffer over-read and an
application crash.
For more details, see the announcement:
https://sourceware.org/ml/elfutils-devel/2018-q3/msg00116.html
0.172 and 0.173 also included fixes for crashes and hangs found by afl-fuzz
(no CVEs assigned):
https://sourceware.org/ml/elfutils-devel/2018-q2/msg00272.htmlhttps://sourceware.org/ml/elfutils-devel/2018-q2/msg00209.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Drop the po/ disable patch; not needed anymore.
Drop the __mempcpy compatibility patch; __mempcpy is not used anymore.
Refresh the -Werror removal patch; still needed, unfortunately.
Renumber the remaining patches.
Add GPLv3 license file.
Add license files hash.
[Peter: drop security reference, was added post-release]
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit switches to use the new gettext logic, which involves:
- using TARGET_NLS_DEPENDENCIES instead of hand-encoded dependencies
on gettext/host-gettext
- using TARGET_NLS_LIBS to force linking against libintl
- dropping BR2_PACKAGE_GETTEXT selection
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Fixes a number of security issues: CVE-2017-7607, CVE-2017-7608,
CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613.
Rebase patches, and convert to git format.
Remove --disable-werror; unrecognized configure option.
Use upstream provided hash.
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
The check-package script when ran gives warnings on ordering issues
on all of these Config files. This patch cleans up all warnings
related to the ordering in the Config files for packages starting with
the letter e in the package directory.
The appropriate ordering is: type, default, depends on, select, help
See http://nightly.buildroot.org/#_config_files for more information.
Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for LGPLv3/LGPLv3+ is LGPL-3.0/LGPL-3.0+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv3(\+)?/LGPL-3.0\1/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.
This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv3\>/GPL-3.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
fedorahosted.org has been closed on March 1st, 2017, so use a
different upstream location for the elfutils project.
Signed-off-by: Julien BOIBESSOT <julien.boibessot@armadeus.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
elfutils (libelf and libdw) can be used by host-lttng-babeltrace.
Enable all library dependencies, but don't build the programs.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Philippe Proulx <eeppeliteloop@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
elfutils libraries are GPLv2+ or LGPLv3+, standalone programs are GPLv3+
(see the NEWS file).
Make the GPLv3+ license tag/file dependant on the programs being
enabled, and make the GPLv2+/LGPLv3+ tag more descriptive.
Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com>
Reviewed-by: Rahul Bedarkar <rahul.bedarkar@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Elfutils program names collide with binutils' binaries. By default
applications provided by elfutils are prefixed with "eu-", but in
Buildroot that setting is overridden by pkg-autotools.
The option in pkg-autotools rules was added to avoid including a target
triple in some packages as a prefix, so restore elfutils default
behaviour by adding a "eu-" program-prefix.
Signed-off-by: Marcin Nowakowski <marcin.nowakowski@imgtec.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Thomas: add comment in the .mk file explaining why we have a custom
program prefix, as suggested by Arnout.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Following the removal of eglibc support, this commit replaces all
occurences of "(e)glibc" by just "glibc". Most of the occurences are in
package Config.in comments.
In addition, when the form "an (e)glibc ..." was used, it is replaced by
"a glibc ...".
[Peter: add new efi* packages, s/uclibc/uClibc as suggested by Romain,
systemd / liquid-dsp tweaks as suggested by Yann]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Remove 0001-argp-support.patch since it's already included upstream:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=1ab3c2befeedf5bd891cfbe17cfef79c06e5079a
- Tweak patches for this new version:
- 0002-disable-progs.patch
- 0003-fts.patch
- 0004-disable-po.patch
- 0005-really-make-werror-conditional-to-build-werror.patch
- Remove 0007-Allow-disabling-symbol-versioning-at-configure-t since
it's already included upstream:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=bafacacaf7659a4933604662daba26a480b29a8d
- Remove portability patch since it's no longer needed. I have asked
Mark Wielaard regarding this topic given the portability patch looks
been discontinued since 0.163 and he replied the following:
- "I believe it is no longer needed. At least not on any platform I
am actively maintaining. See also this discussion from last year:
https://lists.fedorahosted.org/pipermail/elfutils-devel/2015-May/004825.html"
- Add zlib dependency since it's now mandatory:
configure: error: zlib not found but is required
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
As Thomas puts it:
The comment can only be visible when a toolchain that is *not*
uclibc and *not* glibc is used. I.e, the comment is now only visible
when musl is used. Which is not what we want.
Indeed, I completely borked the conditions. When a glibc or uClibc
toolchain is selected, the comment is entirely hidden, and we don;t get
the extra requirements (wchar, !static).
Fix that with the solution proposed by Thomas.
Reported-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This fixes segfault in xtensa ltrace caused by infinite recursion in the
function dwfl_report_elf calling other version of that function.
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Now that largefile is mandatory removes package dependencies and
conditionals.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
- Bump version to 0.161
- Remove the portability patch. We don't need to have it in Buildroot
since it includes the version number so we can download it safely
without having collisions between versions.
- Adapt the patches that need to be adapted.
- Rename patches to start from 0001.
- Update the hash value and add a new value for the portability patch.
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.
As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.
This also helps preparing the addition of other options to select
shared, shared+static or just static.
Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Download the portability patch into the buildroot tree.
This isn't nice but there really isn't another good solution for it.
The elfutils-portability.patch is version-dependent hence we already
have an older version for an older version of elfutils in the mirrors.
This causes hash check failures when fetching from sources.buildroot.net
But we can't remove (hence replace) the old version with the new one
since this would causee issues with older versions of
buildroot/elfutils for the same scenario.
Fixes:
http://autobuild.buildroot.net/results/26a/26afb92dc14fd0f85c0800dd4e034ea86af19fe2/
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
- Bump version to 0.160
- Add a hash file
- Adapt patches to the new version
- Add a new patch to really make -Werror conditional to BUILD_WERROR
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Tested-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Even when doing static builds, a shared library is built. This causes a
build failure under some circumstances, for instance when building for
MIPS + uClibc + static.
After asking upstream if it would be possible to add a configure option
to not build the shared library, the answer was that doing a static
build is not a good idea. Here is a small snippet of the conversation:
"Note that fully static builds are problematic. elfutils uses dlopen to
open the EBL backends (the CPU-specific support snippets), so even if
you link statically, the final binaries are still considerably dynamic."
Related:
https://lists.fedorahosted.org/pipermail/elfutils-devel/2014-November/004223.html
Fixes:
http://autobuild.buildroot.net/results/691/6913f5af6519463fbed39ef37b6a40ecf6a67b54/
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
elfutils depends on !BR2_avr32, but this dependency was not properly
propagated to the comment about toolchain options. This commit fixes
that.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Disable elfutils for avr32, because:
- elfutils uses canonicalize_file_name, which came after uClibc-0.9.31.
- avr32 uses a toolchain with uClibc-0.9.31
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This patch lines up the comments in Config.in files that clarify which
toolchain options the package depends on.
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Currently, when we need to do a conditional on the type of C library
used, we need to take into account the three toolchain backends. As we
are going to add eglibc support to the Buildroot toolchain backend, it
would become even uglier, so this patch introduces two new hidden
options: BR2_TOOLCHAIN_USES_UCLIBC and BR2_TOOLCHAIN_USES_GLIBC, that
exist regardless of the toolchain backend. The entire Buildroot code
base is converted to use those options.
Note that we have intentionally created only one option
(BR2_TOOLCHAIN_USES_GLIBC) for both glibc and eglibc, since they are
essentially the same, as far as Buildroot is concerned.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>