utils/check-package complains as follows:
package/rustc/rustc.mk:10: possible typo: RUST_TARGET_NAME -> *RUSTC*
package/rustc/rustc.mk:18: possible typo: RUST_HOST_NAME -> *RUSTC*
As RUST_{HOST,TARGET}_NAME are related to the Rust compiler, it
sounds sensible to rename them to RUSTC_{HOST,TARGET}_NAME.
So update all rust related packages to use the new variables.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
--disable-osmesa option is unconditionally added to CONF_OPTS even if
--enable-osmesa is used latter.
Signed-off-by: Audrey Motheron <audrey.motheron@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While the conversion to meson, this seems to be missed.
Found while trying to build systemd with uClibc toolchain.
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Introduced in PHP7.2, if a host has valgrind headers installed, PHP will detect
them and set HAVE_VALGRIND to 1.
Disable this entry after configuring.
fixes:
http://autobuild.buildroot.net/results/d59/d59b5961890aeddcd6d59ed52243be6554d1fe21
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2018-1000041: information disclosure via a crafted SVG file.
Bump to the latest (maybe last) release in the 2.40.x series. Newer
versions require a Rust compiler.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
While a hash check is being done, it's still better to use a download
URL with HTTPS.
Signed-off-by: Danilo Bargen <mail@dbrgn.ch>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2017-15873: Integer overflow in decompress_bunzip2.c leads to a read
access violation
CVE-2017-15874: Integer overflow in decompress_unlzma.c leads to a read
access violation
Cc: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The QT5TOOLS_SOURCE variable uses mismatch QT5BASE_VERSION variable.
This commit fixes the typo by using the appropriate QT5TOOLS_VERSION
variable.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Qt Enginio has been bumped to 1.6.3 with Qt 5.6.3.
This new version follows the Qt release number and has only one change
since 1.6.2[1].
[1]: e447818458
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The QT53D_SOURCE variable uses mismatch QT5SVG_VERSION variable.
This commit fixes the typo by using the appropriate QT53D_VERSION
variable.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2017-8872: An attackers can cause a denial of service (buffer
over-read) or information disclosure.
Patch from the upstream bug tracker.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
from https://www.postgresql.org/about/news/1829/
[1] CVE-2018-1052: Fix the processing of partition keys containing multiple
expressions
[2] CVE-2018-1053: Ensure that all temporary files made with "pg_upgrade" are
non-world-readable
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This fixes the following check-package warning:
./package/rust-bin/rust-bin.mk:27: expected indent with tabs
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes the following security issues according to NEWS:
CVE-2017-1000408: Incorrect array size computation in _dl_init_paths leads
to the allocation of too much memory. (This is not a security bug per se,
it is mentioned here only because of the CVE assignment.) Reported by
Qualys.
CVE-2017-1000409: Buffer overflow in _dl_init_paths due to miscomputation of
the number of search path components. (This is not a security vulnerability
per se because no trust boundary is crossed if the fix for CVE-2017-1000366
has been applied, but it is mentioned here only because of the CVE
assignment.) Reported by Qualys.
CVE-2017-16997: Incorrect handling of RPATH or RUNPATH containing $ORIGIN
for AT_SECURE or SUID binaries could be used to load libraries from the
current directory.
CVE-2018-1000001: Buffer underflow in realpath function when getcwd function
succeeds without returning an absolute path due to unexpected behaviour of
the Linux kernel getcwd syscall. Reported by halfdog.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Make the detection of libnuma in the configure script consistent when
the numactl package is enabled.
ltp-testsuite does not currently take explicit enable/disable for
libnuma, so none are used. The next ltp-testsuite version will add these
options.
Cc: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes CVE-2017-15107: An attacker can craft an NSEC which wrongly proves
non-existence.
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
When generating a random configuration, also check the host
dependencies for that configuration and error out if it fails.
This is mainly intended for the autobuilders, so they don't try to
build a configuration for which the necessary host packages are not
installed.
Instead of erroring out, we could also generate a different random
config. However:
- When called for the autobuilders, the autobuild-run script will
anyway just attempt another build. The only difference is that a
warning will be printed in this autobuild log now. This warning
is in fact quite useful to hint that the autobuilder could benefit
from intalling this additional host package.
- When called manually, the user may in fact want to install the
missing host package and continue with the saved random config.
Fixes:
http://autobuild.buildroot.net/results/d7c/d7c12e873a71fef1e0b5e19cfad45024050614e1http://autobuild.buildroot.net/results/a0a/a0a105c1ec2d0517112b02932a85831d4b597b9fhttp://autobuild.buildroot.net/results/96c/96cc6cedc64c777e993671204809599a1498472a
and many others...
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Reviewed-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
CVE-2017-10790: NULL pointer dereference and crash when reading crafted
input
CVE-2018-6003: Stack exhaustion due to indefinite recursion during BER
decoding
Add license files hashes.
Cc: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some packages build C++ 32bits host-tools and need the g++-multilib to
be installed on the build machine. As example, qt5webengine builds a C++
host-tool when target is 32bits.
Add the check for g++-multilib to the dependencies script; and update
the Dockerfile to install g++-multilib package.
Signed-off-by: Gaël PORTAY <gael.portay@savoirfairelinux.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The current version of lightning doesn't build with recent versions of
binutils. Since this has been fixed upstream in a dot release, let's
bump to the upstream version that has the fix.
While at it, add a hash for the license file.
Fixes:
http://autobuild.buildroot.net/results/51424c044e11b89544824dbdf1af45b05b499ba4/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fixes [1]:
keytable.c: In function 'test_event':
keytable.c:1351:12: error: 'EVIOCSCLOCKID' undeclared (first use in this function)
ioctl(fd, EVIOCSCLOCKID, &mode);
[1] http://autobuild.buildroot.net/results/8ba380471423bd2491e40103d7b1a45de1bd12ed
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
To test the support for the Rust language, the following tests are added:
- building Rust compiler and Cargo from source.
- installing a pre-built Rust compiler and building Cargo from source.
For each test, a Rust test program is built and installed in the root file
system of a ARM vexpress QEMU system. The test is declared OK if the program can
be run properly from the test system.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Add instructions for adding a package which uses Cargo as build system.
[Peter: fix indentation]
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This new package provides Cargo, the Rust official package manager.
Cargo is written in Rust and uses Cargo as its build system. It also
depends on other Rust packages.
Normally, a previously installed version of Cargo would be used to:
1. Fetch the dependencies.
2. Build the new version of Cargo, using the available Rust compiler.
But the fetching step prevents offline builds. So instead two features
of Cargo are leveraged: vendoring [1] and local registry.
First, a tarball of the build dependencies generated using `cargo
vendor` is fetched along with Cargo source code.
Then, the build process is as follows:
1. The tarball of the build dependencies is uncompressed in a local
registry.
2. A snapshot of Cargo, provided by cargo-bin, builds the final
version of Cargo.
3. A configuration file telling Cargo how to cross-compile programs for
the target is generated and installed.
Currently, only the host variant is provided.
[1] https://github.com/alexcrichton/cargo-vendor
[Peter: use src.fedoraproject.org, fix comment]
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Allow build of host variant of libhttpparser.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Allow build of host variant of libssh2, which depends on host-openssl.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This new package provides rustc, the compiler for the Rust programming
language, built from source.
Currently, only the host variant is built.
The Rust compiler uses LLVM as its backend: a copy of LLVM source code
is provided and CMake is used to build it. It is possible to use a
pre-built external copy. When LLVM/clang will be available in Buildroot,
it would be possible to benefit from this feature and thus decrease
build time.
LLVM is configured to generate code for x86, ARM, PowerPC and MIPS
architectures.
The Rust compiler uses Cargo as its build system and is written in Rust.
Therefore this package depends on cargo-bin and rust-bin.
The internal build process is as follows:
1. stage0 compiler, provided by rust-bin, is used to build stage1
compiler.
2. stage1 compiler builds the final Rust compiler (stage2 compiler)
and the standard library for the host architecture.
3. the standard library for the target architecture is built.
The target architecture to support is given by the GNU/LLVM target
triple. Rust supports some predefined targets [1]. As the build system
expects the triple to be in the form of <arch>-unknown-<system> and
Buildroot toolchain wrapper uses <arch>-buildroot-<system>, the package
Makefile uses $(RUST_TARGET_NAME) defined in the rustc package and uses
it instead of $(GNU_TARGET_NAME).
When compiling Rust code with this compiler, the generated program only
depends on the target C library, as it is statically linked to the Rust
standard library and any other code from Rust packages (a.k.a.
"crates").
If the jemalloc package is selected, support for this memory allocator
will be enabled in the target standard library.
The menuconfig entry for rustc is also updated to expose this provider.
[1] https://forge.rust-lang.org/platform-support.html
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This new package fetches a binary version of Cargo, suitable to
bootstrap the host variants of the Rust compiler and Cargo, the package
manager.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This package provides a pre-built version of rustc, the compiler for the
Rust programming language, fetched from the upstream project.
A pre-built version of the standard library for the host as well as one
for the chosen target are also fetched and installed.
Only the host variant is provided to allow the user to cross-compile
Rust programs and run them on the target.
This package could also be used to provide a bootstrap compiler when building
Rust from source. So, in order to add it as a build dependency, the compiler and
standard libraries are only installed in $(HOST_DIR) if the package is
explicitly selected.
The menuconfig entry for rustc is also updated to expose this provider.
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
The compiler for the Rust programming language is called rustc.
There is only one reference implementation for it, based on LLVM, from
the Rust project [1]. It can generate code for various architectures so
it can be labeled as a cross-compiler. But, as for GCC, building it
from source takes time.
So it would be sensible to have at least one package which provides it
as a pre-built version, fetched from the upstream project. Later another
package can be added, to build it from source code.
In addition to the compiler, the standard library for the host and/or
the target should also be fetched/built.
So, add a virtual package named rustc to enable support for multiple
providers.
Currently, only the host variant will be available to allow the user to
cross-compile Rust programs for the target.
[1] http://rust-lang.org
Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Configure summary without this patch and without alsa-lib built before:
Extra tools required for testing and examples :
[...]
Have ALSA : ................... no
and with this patch
Extra tools required for testing and examples :
[...]
Have ALSA : ................... yes
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Bump U-Boot to 2018.01 version and kernel to 4.15.1.
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
As pointed out by Joel Stanley:
https://patchwork.ozlabs.org/patch/863011/
Github now longer provides the exact same tarball for the or1k musl-5.4.0
tarball, breaking the build. Even more, musl-5.4.0 is the name of a git
branch, not a tag.
Fix both problems by changing to the or1k-musl-5.4.0-20170218 tag, which
points to the exact same git commit.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
